Get Rid of the Fear: A Practical Approach for Using DLP to Manage Risk

Andrew Forgie, CISSP Websense Director of Product Marketing – Data Security
CIOs don’t need to be convinced about data loss protection. Compliance, financial implications, brand reputation are all factors that drive this need. The real problem is that people are afraid of failure and wasting time, money, resources. They've heard about the operational nightmares, the complexity and failed deployments over the last several years. In addition, RSA and Symantec both had data stolen publically, implying the integrity of the solutions’ value is uncertain.

During this interactive session attendees will receive valuable insight on how security works and learn the secret of understanding and communicating risk. Equipped with this knowledge, Andrew will provide a practical and measurable framework for managing risk to information assets using Data Loss Prevention.

What attendees will learn:
Guiding Principles of Security and Risk Management
Data Breach Trends from the Last 6 Years
DLP Methodology and Execution Strategy
Success Factors in Addressing the Web DLP Challenge
Apr 5 2012
45 mins
Get Rid of the Fear: A Practical Approach for Using DLP to Manage Risk
More from this community:

IT Security

  • Live and recorded (5260)
  • Upcoming (142)
  • Date
  • Rating
  • Views
  • Join Tom Kellerman, Chief Cyber Security Officer for Trend Micro, in an informative webinar specifically tailored for corporate executives and directors who need to develop and implement a comprehensive cyber security strategy. Tom will highlight critical information including 2015 cyber threat trends and how risk management strategies have changed.

    During this live webinar, you’ll learn:
    • How to identify, classify, and protect your valuable data assets
    • How to assess your organization’s vulnerability to attack
    • How to measure and mitigate cyber risks cost-effectively
    • And more...
  • A new category of threat is emerging – a threat designed to evade traditional signature-based technologies such as Anti-Virus and Intrusion Detection. Attempting to meet the challenge is a new class of technology, “Advanced Malware Protection” or “AMP,” which is an industry term for technology designed to continuously monitor for, offload and detonate files in a sandbox - safely away from the main environment - to observe and detect malicious objects.

    If a security device produces an alert in the forest, who’s there to hear it?

    The challenge is these next generation advanced malware detection solutions produce so much detail about the suspicious activity that most organizations do not have the resources to thoroughly investigate/analyze. The best technology means nothing if you don’t have the right expertise to react to the alert, quickly decipher complex reports, investigate the threat, and determine the right response. And meanwhile, the threat actors aren’t standing still – they’re developing measures to circumvent controls in some traditional sandbox environments.

    You will learn:
    1.How the threat is evolving and how actors are employing evasive practices to overcome traditional and even some more sophisticated security defenses
    2.Why next generation sandboxing and full-system emulation are the keys to combatting evasive malware threats
    3.The expertise needed to accurately identify and diagnose the threat once the alert is received
    4.How to ensure your organization has the ability to respond effectively to the incident and close all the backdoors a threat actor may have opened
  • 2014 could have easily been called, “The year of the biggest security breaches since the beginning of forever.” But given current security practices and technologies, many of the breaches could have been prevented. So why weren’t they?

    Many of the affected companies fell into a very common trap, thinking that if a company goes to the trouble to be legally compliant then it will be effectively “secure.” Unfortunately, as with many kinds of regulations, legal compliance really represents the absolute least amount of effort required. If companies want to give themselves the best chance to avoid the very severe consequences that come with a major breach, there are five practices they need to put in place now.

    Join Adrian Sanabria, Senior Security Analyst at 451 Research, and Amrit Williams, CTO of CloudPassage, on this webinar to learn
    · Possible gaps left by the compliance-first approach to security
    · How to limit vulnerabilities across traditional, virtual and cloud infrastructures
    · Five best practices to avoid a major security breach in 2015
  • The bring-your-own-device (BYOD) movement has been a huge boon for businesses that put a premium on productivity. File sync and share solutions have emerged to help employees work from anywhere, at any time, on any device. In this BrightTALK exclusive, eFolder explores the top seven features that business should consider when adopting a file sync and share solution. Learn what is required for a file sync and share solution to improve collaboration, maximize productivity, and ensure security.
  • Join Tom Kellermann, Chief Cyber Security Officer for Trend Micro, in an informative webinar specifically tailored for corporate executives and directors who are ready to take the reins of a real and effective plan to secure their organization, their data, and their careers against targeted attacks.

    During this live webinar, you’ll learn:
    • How to identify, classify, and protect your valuable data assets
    • How to assess your organization’s vulnerability to attack
    • How to measure and mitigate cyber risks cost-effectively
  • The Internet of Things (the new buzzword for the tech industry) is increasing the connectedness of people and things on a scale that was once beyond imagination. Connected devices outnumber the world's population by 1.5 to 1.It is expected to eventually touch some 200 billion cars, appliances, machinery and devices globally, handling things like remote operation, monitoring and interaction among Internet-connected products.

    In combination with the fact that there are almost as many cell-phone subscriptions (6.8 billion) as there are people on this earth (seven billion), we have all the ingredients for a Perfect Cyber Storm.

    Join me for an informal discussion of the challenges for our profession, and some possible solutions.
  • Do you feel alone? No resources? No help? If you are like many security practitioners faced with a mountain of tasks each day and a small (or non-existent) team to help, prioritization and efficiency are key. Join Joe Schreiber, Solutions Architect for AlienVault for this practical session outlining habits to get the most out of your limited resources.

    In this session, you'll learn how to develop routines to efficiently manage your environment, avoid time-sucks, and determine what you can do by yourself and where you need help.

    In this practical session, Joe will cover:
    - How to work around the limitations of a small (or one person) team
    - Tips for establishing a daily routine
    - Strategies to effectively prioritize daily tasks
    - Benefits of threat intelligence sharing
    - Critical investigation & response steps when the inevitable incident occurs
  • Do you feel alone? No resources? No help? If you are like many security practitioners faced with a mountain of tasks each day and a small (or non-existent) team to help, prioritization and efficiency are key. Join Joe Schreiber, Solutions Architect for AlienVault for this practical session outlining habits to get the most out of your limited resources.

    In this session, you'll learn how to develop routines to efficiently manage your environment, avoid time-sucks, and determine what you can do by yourself and where you need help.

    In this practical session, Joe will cover:
    - How to work around the limitations of a small (or one person) team
    - Tips for establishing a daily routine
    - Strategies to effectively prioritize daily tasks
    - Benefits of threat intelligence sharing
    - Critical investigation & response steps when the inevitable incident occurs
  • Cutting down on the time taken to complete complex document review cycles allows the modern lawyer to operate at the pace required by their industry.

    Join our webinar to learn top tips for shortening these review cycles without losing document integrity and risking corruption. We’ll also cover what technologies are available to provide a quick and accurate way to improve document review efficiency.
  • FireEye recently released a new report that documents how and why governments around the world are turning to the cyber domain as a cost-effective way to spy on other countries, steal technology, and even wage war.

    Whether it’s sensitive military, diplomatic, or economic information, governments depend on the integrity of their data. If that data falls into the wrong hands, the consequences could be severe.

    In the wake of two apparent state- and government-sponsored attacks, APT1 and APT28, government agencies must understand why they are in attackers’ crosshairs, what attackers might be seeking, and how they can protect themselves.

    Join us for a dynamic discussion with subject matter experts where you will learn:

    •What makes your government-related organization an appealing target – whether you’re a political opponent, business, agency or vendor
    •Why it’s important to determine who could be planning an attack, their motives, and how they might carry out their goals
    •How to assess your level of preparedness and how to protect yourself if you are not ready for this new era of cyber warfare
  • Channel
  • Channel profile
  • Threat defenses: Before, during and after the point of click Recorded: Jul 8 2013 48 mins
    Produced by SC Magazine and Websense, this webcast explains how to protect against malware, advanced threats and data theft with continuous defenses before, during and after the point of click.

    This webcast outlines advanced threat stages and explains how protection in early stages can quickly block attacks, and how real-time, inline threat analysis protects against threats, data loss and data theft at the point of click. And learn how containment defenses are using sandboxing and traffic analysis to identify, profile and protect after the click. Combined, security administrators and teams are better armed to protect users, data and resources.

    Learn how threat defenses have evolved to include:

    - Global threat awareness and analysis to protect before the point of click.
    - Inline, real-time defenses during the point-of-click for protection against threats and data theft.
    - Sandboxing of malware and traffic analysis to identify and protect after the click.
    - Equal protection from both web and email attacks for office workers and remote workers.
  • Hit “Like” and Keep your Data Secure: Safe Social Media Use for Business Recorded: Mar 12 2013 45 mins
    When you consider the abundant security risks, many companies are still wary about broadly enabling social media. After all, nowadays your social media identity may be more valuable to cybercriminals than your credits cards. However, with the right tools, it is possible to be safe while being social. In this webcast, we’ll examine the latest tactics cybercriminals are using within social media to target individuals and get access to information. We’ll also discuss the importance of real-time defenses at the gateway and review Websense social controls and video categories. Other topics will include: - Seven stages of advanced threats and how social networking plays into early stages - Websense defenses for social media threats (inline, real-time, etc.) - Benefits of the Websense/Facebook partnership.
  • Seven Stages of Advanced Threats & Data Theft Recorded: Sep 27 2012 52 mins
    Targeted attacks are now well beyond traditional URL+AV defenses, and forward facing defenses do not provide containment against data theft and cybercrime call-home communications. In addition, cloud apps, mobility and remote users are increasing SSL use that is often a blind spot for many defenses. Change is the only constant in the IT security world and being educated on threat stages, defenses, and effectiveness is paramount.
  • A Proactive Approach to Modern Malware using Forensics & Sandboxing Recorded: Sep 6 2012 48 mins
    CISOs around the world are telling analysts that the majority of today’s emerging threats are bypassing their anti-virus, firewalls, and intrusion prevention solutions. In response, analysts suggest that IT needs to assume a more proactive stance. Such a shift can involve more tightly integrated defenses, strengthening in-house IT resources, and leveraging appropriate outside resources. In this webinar, Websense will discuss ways to begin this shift today including:

    - Expanding ‘inbound’ defenses to include ‘outbound’ controls
    - Options for enhancing in-house IT security expertise
    - Leveraging research-grade forensic tools such as Websense ThreatScope™

    Real-world context will be provided as an actual malware sample undergoes forensic dissection and the Websense CyberSecurity Intelligence™ service is reviewed as a concrete example of the capabilities of today’s threat intelligence marketplace.
  • Why Mobile Device Management Needs Mobile Security Recorded: Jul 11 2012 32 mins
    The consumerization of IT is hitting hard and Mobile Device Managment (MDM) needs mobile security. Personal and corporate-owned devices are flooding the workplace. Companies need to secure these devices, and they are turning to Mobile Device Management (MDM).

    But an MDM solution will not address your primary concerns around securing your data. Learn how to safely allow mobile devices in the workplace while protecting against mobile threats and data loss.
    Key topics in the session will include:

    · Mobility trends including consumerization of IT
    · Profile of a mobile user
    · Current approaches to Mobile Security
    · The Websense approach
  • A Practical Guide for Managing Today’s Targeted Phishing Attacks Recorded: Jun 20 2012 41 mins
    Phish or no phish? That’s the question that employees—and executives in particular—have been asking themselves more frequently. They’ve heard about how high profile organizations and even government agencies have fallen prey to attacks that stemmed from seemingly harmless emails. Has the door been left wide open?

    Join Websense on June 20th as we provide guidance on how you can recognize advanced threats and protect yourself from them. Attendees will gain practical insights into:

    · Recent Email Phishing Schemes

    · Telltale Signs of Advanced Targeted Attacks

    · Best Practice Principles to Educate Users

    · Technology Capabilities to Minimize Risk of Compromise
  • Get Rid of the Fear: A Practical Approach for Using DLP to Manage Risk Recorded: Apr 5 2012 45 mins
    CIOs don’t need to be convinced about data loss protection. Compliance, financial implications, brand reputation are all factors that drive this need. The real problem is that people are afraid of failure and wasting time, money, resources. They've heard about the operational nightmares, the complexity and failed deployments over the last several years. In addition, RSA and Symantec both had data stolen publically, implying the integrity of the solutions’ value is uncertain.

    During this interactive session attendees will receive valuable insight on how security works and learn the secret of understanding and communicating risk. Equipped with this knowledge, Andrew will provide a practical and measurable framework for managing risk to information assets using Data Loss Prevention.

    What attendees will learn:
    Guiding Principles of Security and Risk Management
    Data Breach Trends from the Last 6 Years
    DLP Methodology and Execution Strategy
    Success Factors in Addressing the Web DLP Challenge
  • 2012 Threat Update Recorded: Feb 27 2012 48 mins
    2011 was arguably the most surprising year in IT security history, with groundbreaking breaches at many of the world's top organizations. In this webinar we will analyze the threats and trends of 2011 while offering guidance for dealing with the evolving security landscape of the future. Key topics will include:
    Significant discoveries and events from 2011 and lessons to take away
    Detailed threat analysis by threat type, delivery, region, and more
    Statistical roll-up of top spam topics by category and email type
    Data theft and loss events and how containment defenses continue to evolve

    Websense Threat Report findings are fueled by the Websense Advance Classification Engine (ACE) and the Websense ThreatSeeker™ Network, one of the world's largest security intelligence networks with over 850 million end users providing 3-5 billion requests per day for security, data and content analysis.
  • Contextual Defenses for Web 2.0 Recorded: Feb 8 2012 36 mins
    Today’s ever-evolving Web and age of advanced persistent threats are spelling an end to static defenses focused on inbound known threats. In addition, surging trends such as consumer apps and cloud computing, social networking, plus mobility are redefining the perimeter and making real-time contextual defenses a requirement. Join Websense on February 8th as we discuss Contextual Defenses for Web 2.0 and offer guidance for how you can protect today’s empowered users from advanced malware while containing data theft. This webinar will discuss key requirements for defenses in the modern day including:

    · Inline real-time contextual defenses providing composite assessments

    · HTTPS/SSL traffic inspection at various levels depending on context

    · User and destination awareness by security zone, category, app or specific site
Webcasts for Content Security Professionals
Websense, Inc., a global leader in unified Web, data, and email content security, delivers the best security for modern threats at the lowest total cost of ownership. Our channel will include frequent webinars aimed at helping companies protect themselves against modern threats.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Get Rid of the Fear: A Practical Approach for Using DLP to Manage Risk
  • Live at: Apr 5 2012 5:00 pm
  • Presented by: Andrew Forgie, CISSP Websense Director of Product Marketing – Data Security
  • From:
Your email has been sent.
or close
You must be logged in to email this