With patches, threats and changes to your network taking place on a daily basis it is vital to understand if you are managing risk effectively. Vulnerability scanning is often a useful method to establish a vulnerability baseline across the network which is then tested on a regular basis to understa
With patches, threats and changes to your network taking place on a daily basis it is vital to understand if you are managing risk effectively. Vulnerability scanning is often a useful method to establish a vulnerability baseline across the network which is then tested on a regular basis to understand variance.
Vulnerability Scanning is also required for a number of key regulatory compliance standards in both the public and private sector making it an even more crucial element of an organisation’s security operations.
During this 30 minute webcast, Lee Lawson, Head of Security Testing and Response at Dell SecureWorks, will cover the following topics:
•Vulnerability scanning drivers
•Pros and cons for different vulnerability scanning solutions
•Best fit solution for specific regulatory compliance standards
Lee Lawson is the team leader, lead computer forensic investigator and penetration tester for Dell SecureWorks in EMEA. With a broad range of experience in IT security analysis, systems engineering and network security, Lee leads the penetration testing and digital forensic teams.
Lee has been involved with secure computer systems for over a decade, as a user and later as an engineer and penetration tester of Military networks. Lee holds many professional certifications in his specialised fields such as the EnCase Certified Examiner, Certified Ethical Hacker, Certified Information Systems Security Professional (CISSP) and PCI QSA (Qualified Scanning Assessor). Lee holds UK Government SC clearance and has experience of developing and delivering training courses for Security Testing and Forensic Readiness. In addition, he has been responsible for reporting evidence in several cases of financial fraud, hacker attacks, IP theft and deception.
Cloud adoption in higher education is greater than in any other industry, with 83% using Google Apps or Office 365. As universities move from on-premise to public cloud apps to meet the need for modern collaboration tools and the increasing demand for BYOD, IT leaders are increasingly aware of the security risk to sensitive research data and student personal information.
In this webinar will discuss the unique security issues of higher education including faculty file sharing and employee BYOD.
Intune is the Microsoft Mobile Device Management platform. It is the only MDM solution that can integrate with System Center Configuration Manager. Administrators can manage their on premise and mobile devices using a single console. In this webinar Enterprise Client Management MVP Gerry Hampson will be discussing his favourite features of the solution
A major company has been hacked, suffering a data breach. How do companies the size of Sony handle such situations? Various departments, including legal, tech and PR come together to meet with the management and workout a plan on how to handle the crisis. This presentation will focus on both -- companies with a data breach response plan and those without one. We'll shed some light on what the first 24 hours post-breach looks like for a major company.
Understanding the cybersecurity posture of vendors, suppliers, and third-parties is now a necessity for businesses in all industries. Yet, many businesses do not have a formalized vendor risk management program. There are multiple components needed to create a comprehensive vendor risk management program. These span governance and control, as well as security controls and technology.
Join Jake Olcott, VP at BitSight on February 9 as he highlights best practices and industry standards for vendor risk management programs. Attendees will learn:
- Which frameworks and methodologies can help get you started
- Vital questions you should be asking your vendors
- Why continuous monitoring and verifying vendor security is crucial to mitigate cyber risk
Do you want to learn about new disaster recovery options from Microsoft experts? Have you been putting off trying new technology due to time pressures or not knowing where to start? Do you think your disaster recovery strategy would benefit from a refresh?
If you answered yes to any of these questions, you need to register for this webcast. You will learn:
•How to replicate any workloads to Microsoft's global datacenters
•How to back up data and protect workloads with nearly infinite scalability
•How to implement a hybrid replication using both cloud and on-premises solutions
•How to create a backup without needing to buy more tape
•How to back up your Windows clients (including Windows 10) to remote storage
Register now to watch live or receive notification when this program is available on-demand.
NRF 16 attracted over 33,000 attendees and focused on retail technology, trends, and areas of focus for the coming fiscal year. Hortonworks and Microsoft were visible booth presences, hosting large volumes of visitors. Together, the partnership is uniquely qualified to accelerate retail data collection and management.
Join Hortonworks VP of Industry Solutions, Eric Thorsen, and Microsoft’s Retail Industry Solutions Director, Shish Shridhar, to learn how Data-Centric Retail Trends can impact your business and how Hadoop can help you gain actionable insight from your data. Understand how your peers are using data to drive new levels of customer centricity, real-time inventory predictions, and personalized marketing. Learn about how consumer goods companies are using Hadoop to gain insight from demand signals and analyze data flow.
Tom Finney and Matthew Webster, Counter Threat Unit security researchers at Dell SecureWorks
Observations of Geopolitical Conflicts Transitioning to Cyberattacks
Geopolitical conflicts are more publicly transitioning into the cyber realm. With current conflicts, a cyber-component is almost always included – and the outcome can be observed in the physical world. What is the impact of these events? Can it expose trade secrets? Shut down financial markets? Or worse?
During this interactive webinar, Tom Finney and Matthew Webster, Counter Threat Unit security researchers at Dell SecureWorks, will cover known events, discuss the actors behind them and generally talk about the potential impacts from these threats.
In addition you will:
- Understand the relationship between specific geopolitical events and cyberattacks
- Learn about the actors behind these cyberattacks and the impact to your businesses
- Get insight into the latest attack trends
- Receive recommendations on security solutions and threat intelligence to help protect your network
Information Security continues to evolve, with cybercriminals busier than ever. Targeted attacks like the recent TalkTalk breach continue to make headlines and increase the fear factor among senior executives at organisations.
As executives keep asking new questions of their teams, so those teams continue to ask new questions of Dell SecureWorks.
In this webcast Chris Yule, Senior Principal Consultant at Dell SecureWorks, will discuss the top 5 trends identified over the past few months which we have identified from these discussion and expect to continue throughout 2016.
These are the topics security professionals should be prepared to talk about this year, and will include 5 different perspectives on security:
1. Organisation: How are enterprises organising and preparing themselves to respond to the latest threats?
2. Intelligence: What’s being done to utilise Threat Intelligence effectively?
3. Expansion: Key areas to focus on as information security expands to cover suppliers and cloud services
4. Control: What new technologies and services are emerging to better control your information and environment?
5. Testing: How can all of the above be combined to effectively test the security you have in place?
The increased complexity and frequency of attacks, combined with reduced effectiveness of detective or preventative control frameworks, elevate the need for organisations to roll out enterprise wide incident response initiatives to ensure rapid containment and eradication of threats.
In this webcast, Don Smith, Technology Director at Dell SecureWorks, describes three organisation’s experience with “APT” actors, examining techniques deployed for intrusion, persistence, lateral expansion and exfiltration.
Don will highlight where changes to the detective or preventative control frameworks could have prevented the attackers from achieving their objectives and outline key steps to building a robust incident response plan.
Webcast takeaways include:
· Real-world examples of APT attacks from the coalface
· The latest tools and techniques that advanced threat actors are using
· Recommendations for preventing and responding to APTs
Chris Carlis, Principal Consultant, Dell SecureWorks Red Team
Every day your organisation is under attack. External adversaries are probing your defences, malicious insiders are looking to exploit their trusted positions and users are fighting to correctly identify the latest phishing attack.
Your adversaries are not going to play by the rules. They will use whatever methods are available to compromise your security and hit you where it hurts the most. Red Team testing can identify gaps in your defences, show how minor vulnerabilities can result in large compromises and demonstrate the need for solid planning and preparation.
Red Team testing simulates a real-world attack by combining intelligence gathering, network and physical testing with social engineering to target your organisation’s critical assets. This goal-based testing provides a depth of findings that vulnerability scanning and conventional penetration testing can’t achieve.
1.Learn How Red Team testing complements your existing security program.
2.Hear real-world examples of Red Team engagements.
3.Find out if a Red Team test is right for your organisation.
Justin Turner, Delivery Team Manager, Targeted Threat Hunting & Response
How Targeted Threat Hunting Inspects Your Network for Cyber Attacker Presence.
Many organisations have some form of information security protection in place but also wonder "Have I already been compromised?" A cyber threat such as malware or even a large scale Advanced Persistent Threat could be hiding in file systems and several other areas of your network that may go unnoticed by the untrained eye. A deep inspection of your networks is an excellent way to identify the presence of compromises and entrenched threat actors operating in your environment.
During this interactive webinar, Justin Turner, Delivery Team Manager from the Targeted Threat Hunting & Response Team, will share why it is critical to identify targeted threat indicators of attacker presence and leverage threat intelligence to provide context to determine how to engage and resist the adversary.
In addition you will:
- Learn what Targeted Threat Hunting is and why it is important.
- Hear real-world examples of previous incidents and how targeted threat hunting was used to remove entrenched adversaries.
- Receive a standard list of questions that should be answered during an engagement.
With the threat environment growing more complex, and the rise in advanced and targeted attacks, how does your response plan hold up? Threat actors have changed their tactics; so must you.
During this webcast, Rafe Pilling, Senior Security Researcher for Dell SecureWorrks Counter Threat Unit (CTU), will share advice based on real-world examples to help ensure your organisation is infinitely better prepared to respond to a security breach.
Key topics covered include:
· A view of the evolving threat landscape and how this could impact you
· Examples of critical mistakes Dell SecureWorks has viewed in real-world cases
· Developing a robust incident response plan
· Maximising the value of current controls and improving your overall security posture
Hadi Hosn, Managing Principal Consultant, Dell SecureWorks
Information security is becoming more and more vital to organisations in an ever changing landscape with the role of the Chief Information Security Officer (CISO) growing in magnitude with hacker based activity, cloud computing, and work-from-anywhere initiative adding to the complexity. New privacy regulations, social media and BYOD have added further challenges and put additional strains on compliance…
In this webcast, Hadi Hosn, Managing Principal Consultant at Dell SecureWorks, will discuss the five key areas we believe a CISO should focus today to help shape and drive a security programme. Hadi will focus on the most important areas that are applicable in all market sectors and centre in on those activities that, in his experience, deliver the most value, security improvement and return on investment.
Key topics covered include:
•Understanding your organisation’s extended enterprise
•How to improve visibility into what’s going on in your environment
•Building a culture of security in your organisation
Information is a business critical asset, forming the backbone of organisation globally, and driving growth. However, the security of information is often overlooked, which is why most security breaches actually come from within the organisation – a result of poor policy, procedures, staff training and their awareness of security risks.
In response, organisations are now exploring the benefits of certifying to ISO27001 – the industry standard for information security.
In this latest webcast, Hadi Hosn, Managing Principal consultant at Dell Secureworks, will discuss how certifying to ISO27001 provides a framework for implementing security controls and resolving security issues and can offer the business a competitive advantage and business enablement.
This webcast will cover the following key topics:
•Benefits of ISO27001 – Information Security Management System (ISMS)
•Defining the ISMS scope
•ISMS implementation and certification process overview
The webcast will take you on a journey through the threat landscape, taking in sights such as the latest activity on trojans and viruses, how the ‘bad guys’ are stealing intellectual property through the use of malware and the future of cyber warfare.
During this webcast, Technology Director, Don Smith, will present intelligence gleaned from the Dell SecureWorks Counter Threat Unit (CTU). He will discuss the rise of advanced persistent threats, and how the security threat landscape is evolving and what you can do to keep pace.
What are the motives of the threat actors, and what could make your organisation a target? Don will provide pragmatic advice on what you can do to protect your critical information assets and reduce the risk.
Key webcast topics include:
•Evolution and revolution in the cyber landscape
•War stories and examples from the coalface - An analysis of threat intelligence we have gathered
•Inferences, conclusions, and the road ahead: what are the qualitative outcomes of our findings and how can these help inform your security strategy
Dell SecureWorks processes more than 70 billion security events across thousands of networks around the globe on a daily basis, leveraging the Counter Threat Unit (CTU) research team who perform in-depth analysis of emerging threats and vulnerabilities.
This global visibility and unmatched expertise enables early warnings and actionable security intelligence to customers to protect against threats and vulnerabilities before they impact their organisation.
In this webcast we look at one of the most crucial elements of security leadership: building security awareness throughout an organisation. End users will often be the weakest link in the security stack; building an understanding amongst your users of why security is important and what their responsibilities are is a crucial component of protecting your organisation’s information and ensuring you stay out of the headlines.
Chris Yule, Senior Security Consultant at Dell SecureWorks, will discuss the need to educate employees on proper safeguards in today's climate of social engineering malware scams and targeted attacks.
Key webcast topics covered:
•How to approach an awareness campaign, target training at those who need it most and measure effectiveness.
•The different of domains of training which are appropriate and necessary for different user groups.
•How to target education at all levels of the organisation, from informing end users about password security and phishing risks, to educating board members on the threats and risks faced by the business and the typical approach taken by your industry peers.
Florian Malecki, Product Marketing & Solution Director for EMEA at Dell Software
Each and every day you face the risk of your network being hacked by the newest zero-day threat. Not long ago, it was the HeartBleed bug and then the IE vulnerability. And, while you’re still working to defend your infrastructure from these two critical threats, the cybercriminal community is working just as hard trying to exploit the weaknesses of your network. So how well are you prepared for the next attack?
Florian Malecki, Product Marketing & Solution Director for EMEA at Dell Software discusses the threat landscape and suggests ways that you can take advantage and achieve ongoing protection.
Hadi Hosn, Security and Risk Consulting Managing Principal
The role of the Chief Information Security Officer (CISO) has grown in complexity and magnitude with hacker based activity, cloud computing, and work-from-anywhere initiative only adding to the dilemma. New privacy regulations, social media and BYOD have added further challenges and put additional strains on compliance…
Information security is becoming more and more vital to organisations in this ever changing landscape, with the role of the CISO now more important than ever. The education and preparation of the cyber security leaders of today must keep pace with this change.
During the webcast, Hadi Hosn, Senior Solutions Architect at Dell SecureWorks, will provide expertise and practical advice as well as real world examples from those that have lived and breathed the role of the CISO.
Key topics discussed:
•Succeed as an effective CISO/Director of Security/Head of Information Security
•Improve and validate your skills
•Be recognised as an industry leader and stand out from the crowd
The remit of information security has grown to encompass all aspects of an organisation. It is no longer just a question of IT security. CISOs now need to understand the risks faced by their organisation, where security fits into every business process, and bridge the gap between technical and business stakeholders.
As the remit has broadened, the need for insightful assistance has deepened, from help defining organisation-wide security strategy and metrics down to monitoring of individual log events, with policy, compliance, architecture, intelligence, incident response and end user security training in between.
Chris Yule, Senior Security Consultant at Dell SecureWorks, will discuss how a security partner that can deliver at all levels of the security stack allows for a greater understanding of your organisation, which ultimately delivers better intelligence-led security.
Key topic outlined:
•Evolving from a traditional MSS-focused client/vendor approach to a security partnership
•Examples of successful operating and engagement models
•Delivering value and results to your organisation
Malware targeting Point of Sale (POS) terminals has been exploited by eCrime operators for a number of years but has recently been catapulted to the forefront of industry attention with a number of high-profile breaches. Properly executed, a malware attack on POS terminals can reap huge volumes of credit card numbers in a short space of time without resorting to low-rate of return strategies involving large phishing campaigns. Due to its low risk/ high reward nature, this type of attack is only likely to become more popular with eCrime operators.
In the session Rafe Pilling, Counter Threat Unit Special Operations, will look at the nature of the POS malware threat and how it can be defeated through proper application of threat intelligence.
What will attendees learn:
* A potted history of POS malware
* What does the POS malware threat landscape look like?
* Effective use of threat intelligence to detect and prevent POS malware attacks.
Sandip Wadje, Practice Leader SOC Consulting at Dell SecureWorks
Security Operation Centres (SOCs) act as the nerve centre of an organisation providing real-time alerts, security intelligence and reports to act against internal and external threats. SOCs often use multiple event monitoring tools, ticketing systems and workflow solutions and as a result, building an effective SOC still remains a challenge for most organisations.
How do organisations choose a security monitoring solution that gives optimal asset coverage and at the same time address the evolving threat landscape and compliance requirements? How can organisations demonstrate the value of SOC investment to board level stakeholders? How do organisations choose the correct operating model (outsource, in-source, and hybrid) to run and maintain a SOC?
Sandip Wadje, Practice Leader for SOC Consulting at Dell SecureWorks, will help answer these questions and provide pragmatic next steps to rolling out an effective SOC.
Key Webcast Topics and Takeaways:
•The blueprint for an effective SOC
•SOC tools and integration
•Metrics and reporting
•Choosing the right operating model
Join the latest Dell SecureWorks webcast to learn more on how to effectively secure the extended enterprise.
The modern enterprise is operating in a hybrid world with data residing inside and outside the organisation; blurring boundaries of responsibility and challenging traditional security strategies. Whilst the complexity of the IT environment is increasing, so is the hostility of the cyber threat landscape.
How do organisations remain agile and embrace innovation whilst dealing with increasingly sophisticated threats that are looking to exploit any weak points in the extended enterprise?
This webcast will cover:
•The latest intelligence from cyber threat researchers in the Counter Threat Unit
•Security strategy considerations for the move to cloud computing
•Practical steps for retaining control and reducing risk across the extended enterprise
E-banking trojans are a core component of a sophisticated and distributed criminal enterprise that routinely and efficiently targets online banking clients. Dell SecureWorks are an industry leader in e-Banking malware research and work with our clients on a daily basis to help them address this threat. In this workshop we will explore:
•The threats posed by e-Banking malware; both to financial services organisations and their customers
•The e-Crime “Cloud Services” model
•Some of the advanced mechanisms employed to perpetuate online fraud
•Effective mitigation strategies and countermeasures that work in the real world
Ron Kiss, Senior Security Consultant, Dell SecureWorks
The new Payment Card Industry Data Security Standards (PCI DSS) guidelines encourage organisations to focus on security rather than compliance in order to mitigate some of the most frequently seen risks that have precipitated cardholder-data compromise.
Our latest webcast, delivered by Dell SecureWorks PCI expert, Ron Kiss, focuses on the proposed changes to the standard and how it could affect your organisation when they come into play on 1st January 2014.
Key webcast topics include:
•Version 2.0 to 3.0 – what are the changes?
•A security approach to compliance rather than compliance approach to security
•Pragmatic advice on what the next steps should be for your organisation
Dell SecureWorks is relentlessly driven to protect the integrity of the world's digital assets against cyberthreats. We do that with intelligent defences that combine our proprietary technology, global threat visibility and deep expertise. We are 100% focused on information security – it's all we do. That's why we are trusted by thousands of customers. Dell SecureWorks offers a full suite of Managed Security, Threat Intelligence and Security and Risk Consulting services.
Dell SecureWorks is positioned in the Leaders Quadrant of Gartner's Magic Quadrant for MSSPs and has been recognised by SC Magazine’s readers with the “Best Managed Security Service” award for 2006, 2007, 2008, 2009, 2011 (U.S. and Europe) and 2012. Additionally, our experts frequently provide authoritative information security commentary in major media outlets including the New York Times, The Wall Street Journal, The Financial Times, USA Today, The Guardian and many others.