Cyber Security in 2012 - Top Threat Predictions

Head of Attack Monitoring, Barclays; Founder and Industry Analyst, QuoCirca;Senior Security Engineer, FireEye
Cyber Security in 2012 - Top Threat Predictions

With the tremendous growth of workforce mobility, telecommuting, and enterprise social networking, 2012 is again likely to pose some complex cyber security challenges for businesses worldwide.

SC's upcoming webcast will help ensure you stay one step ahead of cyber-criminals and out of the headlines:

- Learn about the top (internal and external) security predictions of 2012 (from mobile threats, to targeted APT attacks, to spear phishing)

- Understand the impact of social networking's impact on enterprise security in 2012 to help you prioritise your response

- Develop ideas for a 360 degree cyber security strategy that keeps up with the sophistication of attacks in the year ahead

Speakers:
Aaron Sheridan, Senior Security Engineer, FireEye
Clive Longbottom, Founder and Industry Analyst, QuoCirca
Joerg Weber, Head of Attack Monitoring, Barclays Global Information Security
Jan 26 2012
45 mins
Cyber Security in 2012 - Top Threat Predictions
More from this community:

IT Security

  • Live and recorded (5250)
  • Upcoming (143)
  • Date
  • Rating
  • Views
  • We all want our families and homes to be safe with the convenience of remote monitoring, but do these smart home security devices really make our families safer or put them at more risk by inviting easier access to our homes electronically via insecure Internet of Things? In a follow-up to HP’s 2014 report on the Internet of (Insecure) Things we explore the security of popular off-the-shelf connected Home Security Systems and discuss various testing techniques we used in our study along with recommendations for manufacturers, developers and consumers.
  • From unobtrusive advanced malware detection technologies to automated threat response and actionable mobile-friendly dashboard – manage security from any device, any time, ESET will present new solutions for securing your endpoints and new ways to manage them.
  • From unobtrusive advanced malware detection technologies to automated threat response and actionable mobile-friendly dashboard – manage security from any device, any time, ESET will present new solutions for securing your endpoints and new ways to manage them.
  • The game has changed. Due to cost savings, and the privacy and mobility needs of employees, in just a few short years companies have loosened the mobile device leash. Enterprises are now shifting from traditional “company owned” devices, to allowing “Bring Your Own Device” in the workplace. According to Gartner, by 2017 fifty percent of companies will actually force employee to bring their own device to work.

    But if you’re tasked with securing devices, how do you accommodate BYOD? Where do you start and what kinds of security solutions should you be looking for?

    In this webinar, Chris Hines, Product Manager at Bitglass will teach you how to balance the needs of IT admins and employees when it comes to securing your mobile world.
  • The game has changed. Due to cost savings, and the privacy and mobility needs of employees, in just a few short years companies have loosened the mobile device leash. Enterprises are now shifting from traditional “company owned” devices, to allowing “Bring Your Own Device” in the workplace. According to Gartner, by 2017 fifty percent of companies will actually force employee to bring their own device to work.

    But if you’re tasked with securing devices, how do you accommodate BYOD? Where do you start and what kinds of security solutions should you be looking for?

    In this webinar, Chris Hines, Product Manager at Bitglass will teach you how to balance the needs of IT admins and employees when it comes to securing your mobile world.
  • The game has changed. Due to cost savings, and the privacy and mobility needs of employees, in just a few short years companies have loosened the mobile device leash. Enterprises are now shifting from traditional “company owned” devices, to allowing “Bring Your Own Device” in the workplace. According to Gartner, by 2017 fifty percent of companies will actually force employee to bring their own device to work.

    But if you’re tasked with securing devices, how do you accommodate BYOD? Where do you start and what kinds of security solutions should you be looking for?

    In this webinar, Chris Hines, Product Manager at Bitglass will teach you how to balance the needs of IT admins and employees when it comes to securing your mobile world.
  • Organizations are having to cover more ground than ever when it comes to security. Yet businesses often lack the in-house skills and resources, so security leaders are turning to MSSPs to help bear the burden to ensure every area of risk is adequately attended to.

    Join us for an interactive discussion with guest speaker, Forrester Research VP and Principal Analyst, Ed Ferrara, to learn how MSS is changing the conversation for businesses to achieve security goals. Help drive the conversation by submitting a question for Ed in advance so we can tackle your biggest security concerns such as:

    • Overcoming the skills shortage
    • Where to focus the budget – spending trends across industries
    • The value of security – pitching it as an investment not a cost to business leaders
    • Improving business outcomes – leveraging MSSPs as a tactical arm to optimize IT security, efficiency and value
  • Most IT providers have offers related to big data, cloud, mobility and security, and companies are looking at IT as the way to reduce costs and be competitive during an economic crisis. Investments in IT trends such as cloud computing and big data will rise thanks to a new player in the game: the business departments. This analyst briefing will show why companies are investing in IT, and what will change in 2015.

    Why you should attend:

    - Discover how many companies will adopt big data, cloud, mobility and security in 2015
    - Understand the current scenario of these trends in Latin America
    - Learn what will be different in 2015 regarding each trend
  • Providing a seamless user experience from browsing to purchase requires consistent uptime and performance, and seasonal traffic spikes require elastic scalability. In this webinar, we'll explore these and other big data challenges faced by e-commerce businesses and how the cloud can provide a winning solution. We’ll review mobile shops login data analysis, dynamic content, affiliate programs, infrastructure reference architecture, mobile plate- form integration with social media, and network integration and built-in instant messaging uses cases.
  • For any developer, choosing the right compute infrastructure and back-end database is a critically important decision. In this webinar, we'll explore specific challenges that mobile app and game developers face and how the cloud can provide a winning solution. We’ll also explore cloud solutions for big data challenges for MMOG, built-in analytics, online and offline MOG online modes, infrastructure reference architecture, and social network and cross-platform game use cases.
  • Channel
  • Channel profile
  • Enhancing a Security Posture with Network Forensics Mar 12 2015 5:00 pm UTC 45 mins
    Well-maintained perimeter defenses are a key part of any security strategy. Organizations increasingly recognize that they must also complement their perimeter defenses with strong forensics capabilities to investigate and analyze attacks. When attacked, an enterprise needs to be able to rapidly investigate and determine the scope and impact of the incident so they can effectively contain the threat and secure their network.
    In interactive this session, you will learn about:
    • The key use cases for network forensics
    • The typical organization that acquires network forensics technologies
    • How FireEye Enterprise Forensics enables the proper response to today’s cyber attacks
  • Protecting Government Assets in an Era of Cyber Warfare Mar 5 2015 4:00 pm UTC 60 mins
    FireEye recently released a new report that documents how and why governments around the world are turning to the cyber domain as a cost-effective way to spy on other countries, steal technology, and even wage war.

    Whether it’s sensitive military, diplomatic, or economic information, governments depend on the integrity of their data. If that data falls into the wrong hands, the consequences could be severe.

    In the wake of two apparent state- and government-sponsored attacks, APT1 and APT28, government agencies must understand why they are in attackers’ crosshairs, what attackers might be seeking, and how they can protect themselves.

    Join us for a dynamic discussion with subject matter experts where you will learn:

    •What makes your government-related organization an appealing target – whether you’re a political opponent, business, agency or vendor
    •Why it’s important to determine who could be planning an attack, their motives, and how they might carry out their goals
    •How to assess your level of preparedness and how to protect yourself if you are not ready for this new era of cyber warfare
  • Behind the Syrian Conflict's Digital Front Lines Recorded: Feb 19 2015 59 mins
    FireEye recently released a new report “Behind the Syrian Conflict’s Digital Frontlines” that documents a well-executed hacking operation that successfully breached the Syrian opposition.

    Between at least November 2013 and January 2014, the hackers stole a cache of critical documents and Skype conversations revealing the Syrian opposition’s strategy, tactical battle plans, supply needs, and troves of personal information and chat sessions. This data belonged to the men fighting against Syrian President Bashar al-Assad’s forces as well as media activists, humanitarian aid workers, and others within the opposition located in Syria, the region and beyond.

    We have only limited indications about the origins of this threat activity. Our research revealed multiple references to Lebanon both in the course of examining the malware and in the avatar’s social media use. While we do not know who conducted this hacking operation, if this data was acquired by Assad’s forces or their allies it could confer a distinct battlefield advantage.

    Join us for a roundtable discussion with subject matter experts where we’ll talk about the details of the report and explore surrounding topics, to include:

    • An overview of the conflict in Syria and why cyber-espionage is an increasingly important factor
    • An in-depth analysis of a critical breach of the Syrian opposition including an overview of the tools and techniques used by the threat actors

    All webinar attendees will receive a free copy of the new Syrian report. Register today!
  • Top Predictions for Security in 2015 Recorded: Dec 12 2014 40 mins
    From Cryptolocker to the Apple iOS vulnerability, there have been numerous high-profile breaches in 2014. With the ever-changing threat landscape and advanced cyber attacks showing no sign of slowing down, organizations need to be prepared as we head into 2015.

    Join our live webinar where Bryce Boland, CTO for Asia Pacific at FireEye, will share top, global security predictions and challenges for 2015. In this webinar:
    •Find out the top 10 security predictions for 2015 and how they impacts organizations
    •Discover the data that drove these predictions
    •Learn about key strategies to take a proactive stance against advanced attacks
  • Hacking the Street? FIN4 Likely Playing the Market Recorded: Dec 5 2014 58 mins
    This week FireEye released a new report called Hacking the Street? FIN4 Likely Playing the Market. This report focuses on a targeted threat group that we call FIN4 (Financially Motivated Group 4), whose tactics are surprisingly low-tech yet insidiously effective at obtaining access to confidential discussions at the highest levels of targeted companies. Our research suggests that FIN4 is likely targeting these companies in order to obtain advance knowledge of “market catalysts,” or events that cause the price of stocks to rise or fall dramatically.

    Join us for a roundtable discussion with subject matter experts where we’ll talk about the details of the report and explore surrounding topics, to include:

    • A deep dive into FIN4’s tactics and why they are simple yet surprisingly effective
    • How FIN4 may be monitoring insider communications for a trading advantage
    • Why FIN4 is different from other threat groups FireEye tracks
    • A profile of organizations at risk, and what they can do to protect themselves.

    All webinar attendees will receive a complimentary copy of the Hacking the Street? report.
  • APT 28: Cyber Espionage and the Russian Government? Recorded: Nov 4 2014 49 mins
    FireEye just released a report called APT28: A Window Into Russia's Cyber Espionage Operations? The report focuses on a targeted threat group that we call APT28 (Advanced Persistent Threat group 28) and details ongoing, focused operations that we believe indicate a government sponsor - most likely the Russian government.

    Join us for a roundtable discussion with Russian security expert, Edward Lucas of The Economist, and Jen Weedon, Manager of Threat Intelligence at FireEye.

    Discussion topics will include:

    •Russia's intentions and motivations in cyberspace
    •Whether APT28's activity supports Russia's geopolitical strategy
    •How Russian and Chinese network operations compare
    •Which organizations and agencies are most at risk
  • Building a Better Budget for Advanced Threat Detection and Prevention Recorded: Oct 28 2014 57 mins
    The cyber threat landscape is dramatically evolving, but one thing is certain – attackers are becoming more and more sophisticated, and most organizations are struggling to keep pace. In a recent IANS and FireEye survey, security practitioners and decision makers share their perspective on the type of attackers they’re dealing with, how they’re responding to the growing threat, and the effect on organizations that have experienced a breach.

    Join FireEye’s Chief Security Strategist (Forensics Group) Josh Goldfarb, and Dave Shackleford, IANS Lead Faculty, as they discuss:
    •The kinds of products and controls most organizations are implementing
    •What new technologies security teams are focusing on, and
    •How security budgets are changing to align with security’s growing importance to the enterprise

    This is one hour you will not want to miss!
  • Sidewinder Targeted Attack Against Android Recorded: Oct 14 2014 43 mins
    In this webinar, our experts will present one practical case of such attacks called "Sidewinder Targeted Attack." It targets victims by intercepting location information reported from ad libs, which can be used to locate targeted areas such as a CEO's office or some specific conference rooms. When the target is identified, "Sidewinder Targeted Attack" exploits popular vulnerabilities in ad libs, such as JavaScript-binding-over-HTTP or dynamic-loading-over-HTTP.

    Join us for this for this live session to learn:
    •How a Sidewinder Targeted Attack can disrupt and hijack the network where targeted victims reside
    •The risks of remote attacks on Android devices through apps downloaded from Google Play
    •Different forms of attacks to Android vulnerabilities
    •Current trends and best practices around mobile security
  • New Employee Success Tips: How to Drive Security Maturity Recorded: Sep 23 2014 45 mins
    Taking on security needs at a new organization can be complicated as you learn what’s currently in place, where the gaps are and the best way to drive change in your new organization. Get helpful guidance, beyond the technical details, from an experienced change agent.

    This talk will discuss some of the ways in which security can be approached as a business process, rather than as an enigma, including:

    •Your first 30 days: fame and foibles when taking over a new
    security program
    •Gauging your business executives: how to talk with senior
    business leaders and classify their responses to security in order
    to make your relationship more effective
    •Show me the money: how to review a security budget and quickly
    match it up against your new organization's risk profile
    •Finding strategic partners: a litmus test for discussions with key
    vendors to figure out who to trust and who is selling you a bridge
  • Reimagining Security – Adaptive Defense Strategy to Keep Pace with Attackers Recorded: Sep 19 2014 56 mins
    Threat actors’ tactics and motivations are evolving. Successful security teams continuously adapt to anticipate new tactics. That means adopting new approaches. Join us for this webinar, where we share FireEye’s point of view about how organizations can implement adaptive defense strategies that position them to detect, analyze and respond to security incidents of all kinds.

    FireEye’s CTO, Dave Merkel, will discuss how security teams can reduce the time to detect and resolve security incidents.

    Register for this webinar here.
  • A New Approach to IPS – Reduce Your Exposure and Costs Recorded: Sep 4 2014 35 mins
    Current IPS products are deficient for lots of reasons—they’re signature-based, unable to detect modern threats, and, they create excessive alerts that require additional resources to manage. Using an outdated protection model results in distracting false positives and a lack of actionable threat intelligence. Organizations need a holistic view of multi-vector attacks that goes well beyond what conventional IPS tools offer.

    In just 30 minutes, you’ll learn how to:

    * Confirm attacks via timely and validated threat notifications
    * Minimize time and resource investments resulting from false alerts
    * Consolidate known and unknown threats on a single platform
    * Create actionable insights by correlating threats to derive richer intelligence and speed incident response times

    Join FireEye for this brief webinar and discover a new approach to IPS. You’ll quickly realize how you can save your organization time, money, and reduce your exposure to the threats lurking out there.
  • State of the Hack: Spotlight on Healthcare Recorded: Aug 28 2014 34 mins
    Join us for this webinar where we’ll share our latest intelligence and recommend how healthcare, pharmaceutical and medical device manufacturers can protect themselves from attackers that target these industries.

    In this webinar we will cover:
    • Which threat actors target these industries?
    • What information do they typically steal?
    • What type of tools and tactics do attackers use to gain access?
    • What can we expect from these threat actors in the coming year?
    • How can organizations protect themselves from the attackers that
    are targeting them?
  • FLARE on Fire: Reverse Engineering with the FLARE Team Recorded: Aug 26 2014 58 mins
    Join us for this exciting webinar as we introduce the FireEye Labs Advanced Reverse Engineering (F.L.A.R.E.) and learn about:

    * FLARE's background, mission and industry-leading team members
    * Reversing Agent .BTZ (Case Study)
    * Reversing .NET samples (Case Study)
    * Proactive assessment of security software via RE (Case Study)

    You'll also get an in-depth look at two prevalent malware families and learn how to combat against these targeted attacks.
  • Speed Dating for Security Teams: Finding Alerts that Lead to Compromise Recorded: Aug 12 2014 46 mins
    This webinar will address the following topics:

    - How to quickly triage and validate the seemingly overwhelming volume
    of daily alerts
    - Strategies for prioritizing and throttling your workflow
    - Tools for querying intel and obtaining context
    - Approaches for creating an indicator management process
  • DeCryptoLocker: Relief for CryptoLocker Victims Recorded: Aug 6 2014 14 mins
    Join Uttang Dawda, FireEye's resident Malware Researcher, as he gives us a comprehensive overview of CryptoLocker and the FireEye and Fox-IT decryption solution for victims.
  • Understanding the Adversary: The Role of Intelligence in Your Security Strategy Recorded: Jul 22 2014 61 mins
    • What is an intelligence-led defense?
    • What is “adversary intel”? Where do you get it and how can you
    act on it?
    • What is “attribution” and how important is it?
    • What intel should a security organization maintain internally? How
    should it supplement this with 3rd party intel?
    • What is the right balance between detection-based intel and
    adversary intel
  • Cybersecurity’s Maginot Line: A Real-World Assessment of Defense-in-Depth Recorded: Jun 25 2014 60 mins
    Are you building another Maginot Line? France’s famed border defense was hailed as a military marvel in the run-up to World War II — and quickly rendered useless by new blitzkrieg-style warfare. In much the same way, many common cybersecurity tools are not stopping today’s attacks.
    In a first-of-its-kind study, we analyzed data from 1,216 organizations in 63 countries across more than 20 industries. FireEye sits behind other layers in the typical defense-in-depth architecture. That placement offers a unique vantage point to observe them in action.

    Here’s what we found:
    •97% of organizations were breached, even with multiple security layers.
    •More than one-fourth of all organizations experienced events consistent with advance persistent threat (APT) attacks.
    •Three fourths of organizations had active command-and-control communications.
    •Even after an organization was breached, attackers attempted to compromise the typical organization more than once per week (1.6 times) on average.

    Join us in a live briefing to discuss these findings and what they mean for your cyber defense plan.
  • Cover Your Assets: How to Keep Your Data Safe Recorded: Jun 12 2014 34 mins
    Cyber security experts suggest that it’s likely your organization’s data has already been breached. So rather than asking “what if?”, it’s time to ask “now what?”. Hackers use spear phishing and malware to target your trusted insiders, and then leverage stolen credentials to navigate the company network and gain access to the data center. Your data center is the ultimate goal for these attacks because it contains a concentration of sensitive data, as well as critical business applications.

    This session will discuss a risk-based approach to protecting critical files, databases, and sensitive applications from compromised users. Join us to learn how to minimize downtime, save time, and keep your employees productive during the remediation process. We will also discuss how to track and analyze user activity once malware is detected.
  • How to Use War-Gaming to Improve Response Capabilities Across Business Functions Recorded: Jun 12 2014 42 mins
    In this presentation we will cover how to use war-gaming to improve capabilities to respond to an attack across business functions. Too often, organizations leave response planning until a serious attack has occurred. With serious cyber breaches occurring more frequently and now impacting almost every major business function, a lack of effective planning can severely impact the ability of the business to respond.

    We will cover how cyber-security operating models will need to evolve, what best practice war gaming and incident response looks like, as well as approaches for developing a war gaming program.
  • Experts Panel - Beyond SIEM: Enterprise Security Monitoring Recorded: Jun 12 2014 59 mins
    Moderated by Richard Bejtlich, Chief Security Strategist, FireEye.

    When you think of “event data”, chances are good that you think of SIEM. If so, you may be missing out on much of the value of your logs for detecting, investigating and responding to security events.

    Based on extensive real-world experience with large organizations, the Enterprise Security Monitoring (ESM) philosophy extends current host-, network- and event-based collection strategies, bringing data from all three domains under one roof for a unified view of what’s going on inside your organization.

    In this session, our panelists will discuss key aspects of the ESM approach, including:
    • Data collection priorities based on your organization’s security goals
    • Enterprise-scale collection strategies
    • Deriving context from events
    • Integrating threat intelligence to improve detection and speed response
    • Increasing your adversaries’ costs using the “Pyramid of Pain” and “Detection Maturity Level” models

    This will be a very interactive session, with plenty of audience interaction. We welcome the tough questions. Come learn about a better way of fully leveraging the data you are already collecting to better protect your organization!
The leading provider of next generation threat protection
FireEye is the world leader in combating advanced malware, zero-day and targeted attacks that bypass traditional defenses, such as firewalls, IPS and antivirus.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Cyber Security in 2012 - Top Threat Predictions
  • Live at: Jan 26 2012 3:00 pm
  • Presented by: Head of Attack Monitoring, Barclays; Founder and Industry Analyst, QuoCirca;Senior Security Engineer, FireEye
  • From:
Your email has been sent.
or close
You must be logged in to email this