Centralizing Compliance Controls: Achieving Scale and Cutting Costs

Marc Blackmer, Senior Product Marketing Manager, Solutions at HP Enterprise Security
Organizations often approach regulatory compliance with one-off projects, deploying a set of controls for each regulation. This approach to enterprise-wide management of compliance can become expensive and difficult to sustain, let alone develop and expand to meet growing demands. This presentation will address how a centralized system coupled with an IT governance framework may be used to achieve multiple compliance regulations and manage them efficiently with a consolidated view across an entire organization.
May 22 2012
44 mins
Centralizing Compliance Controls: Achieving Scale and Cutting Costs
Join us for this summit:
More from this community:

IT Security

Webinars and videos

  • Live and recorded (4487)
  • Upcoming (156)
  • Date
  • Rating
  • Views
  • As most IT Pros are aware, as of April 8th, 2014, Microsoft will stop releasing security patches for Windows XP. Unfortunately, most folks will not be able to migrate all Windows XP machines by that deadline. How will you limit the security risks posed by these now vulnerable assets? Join us for this webinar outlining practical strategies to help you cover your assets.
    In this session we'll cover:
    The primary attack vectors you need to consider
    Immediate actions you can take to limit the exposure of your XP assets
    Warning signs to watch out for that could signal an attack
    How to closely monitor your vulnerable assets with AlienVault USM
  • Learn from ING how one of the largest financial services corporations implemented ReputationDV (RepDV) from HP TippingPoint to proactively secure their network without compromising performance. RepDV, a security intelligence tool, monitors inbound and outbound communications to identify and block undesirable hosts. Updated every two hours, this robust security intelligence feed searches through hundreds of thousands of known malicious IPv4, IPv6, and DNS names and assigns a threat score of 1 to 100. Rated based on the analysis of the source, category, or threat, this score helps block traffic that poses a potential security risk. ING has had amazing success with HP TippingPoint RepDV:
    - 2 million connections blocked in 15 months
    - 75% decrease in total malware related incidents
    - 0 false positives
    ING will cover how deploying HP TippingPoint security intelligence helped simplify their network security strategy while increasing reliability and effectiveness.
  • Advanced targeted cyber attacks have hit some of the world’s largest businesses. The attacks weren't blocked because they don’t match any known attack signature. Each one is unique, custom created to penetrate the target network and steal data.

    A new video featuring Gartner Distinguished Analyst, Neil MacDonald, and HP’s Eric Schou, explains how Big Data Security Analytics can help find and block targeted cyber attacks. View it to learn:

    How advanced targeted cyber attacks are different from traditional threats
    How Big Data techniques can spot attacks when traditional defenses fall short
    What you should be doing now to take advantage of Big Data Security Analytics
  • Advanced targeted cyber attacks have hit some of the world’s largest businesses. The attacks weren't blocked because they don’t match any known attack signature. Each one is unique, custom created to penetrate the target network and steal data.

    A new video featuring Gartner Distinguished Analyst, Neil MacDonald, and HP’s Eric Schou, explains how Big Data Security Analytics can help find and block targeted cyber attacks. View it to learn:

    How advanced targeted cyber attacks are different from traditional threats
    How Big Data techniques can spot attacks when traditional defenses fall short
    What you should be doing now to take advantage of Big Data Security Analytics
  • Cyberspace is typically the prime mechanism for conducting business. It also plays a key role in the socio-cultural lives of staff, customers and suppliers. By the end of 2013, revelations about how governments had been surrendering commercial and personal privacy in the name of national security left trust very badly shaken. And the timing couldn’t be much worse: many CEOs are ramping up their demands to take even greater advantage of cyberspace. So if this is where things are now, how will all of this look by 2016? How will new threats hurtling over the horizon complicate matters even further? Just what will organisations be able to rely on? And most importantly, are they powerless or can they do something now? This webcast spotlights the threats we'll be dealing with over the coming 24 months along with advice on the best ways of handling them.
  • Take a rule book, throw it away and write a better one.
    In typically disruptive fashion, Dell are Redefining the Economics of Enterprise Storage and you can benefit.

    In this webinar Paul Harrison, UK Storage Sales Director for Dell, will discuss Dell’s storage design philosophy and how our modern storage architectures are helping customers around the world to be more flexible and agile as well as breaking the traditional cycles of rip and replace.
    With our key design tenets around ease of use, full virtualisation, intelligent tiering, high scalability, elimination of forklift upgrades and innovative perpetual licencing models, Dell’s storage solutions are delivering real world benefits to thousands of users around the world and was the platform of choice for the Commonwealth Games, Glasgow2014.

    Join us and learn how Dell’s storage strategy differs from that of others and how it can help you to:
    •Acquire, deploy, and grow Storage on demand
    •Adapt more seamlessly to changing business needs
    •Intelligently manage data assuring business continuity
    •Reliably automate more processes, releasing time to focus on more strategic tasks
    •Strike the perfect balance between performance, capacity and price all while delivering a rich feature set.
  • Join this unique roundtable chat with three InfoSec Professionals who have recently climbed the BYOD mountain and come back down to share their stories. We’ll discuss the industry and regulatory differences, managing user expectations of privacy, legal implications and technical pitfalls in this 60 minute Security Leadership Series webinar, brought to you on April 10, 2014 at 1PM Eastern in partnership with Capella University.
  • Autonomic Software significantly expands the capabilities of McAfee ePO. Autonomic’s three suites are all integrated into ePO with no need for separate console, databases, and reports. They are “As McAfee As McAfee”!

    Autonomic Patch Manager, EndPoint Manager and Power Manager suites provide improved security, and managing of end points, at virtually no charge when incorporating Power Manager.

    Join McAfee and its 2013 MVP Partner of the Year to learn how the integrated solution provides:
    • Increases Scalability – Delivery of patches to both large organizations and small-to-mid-sized organizations
    • Reduces Costs - Using Power & Patch Management Suites
    • Simplifies Complexity - Maintains a secure environment with minimal human intervention using EndPoint Suite
    • Easily Customizable Solutions – For unique requirements
  • The alarming rise of advanced persistent threats (APTs) makes security analytics around Big Data an imperative. In light of the challenges of converting Big Data into actionable information with first generation SIEMs, security professionals have become skeptical about the ability to use SIEM beyond compliance needs. Yet, today’s advanced SIEM technology takes threat detection, understanding and response to a whole new level. Join us to learn how to use next generation SIEM technology to specifically detect security threats within an ocean of Big Data. Discover how the latest technologies in security analytics such as the quad-correlation methods of rules, statistics, risk, and history can help your organization execute SIEM best practices in detection with intelligence, integration, and ease.
  • The alarming rise of advanced persistent threats (APTs) makes security analytics around Big Data an imperative. In light of the challenges of converting Big Data into actionable information with first generation SIEMs, security professionals have become skeptical about the ability to use SIEM beyond compliance needs. Yet, today’s advanced SIEM technology takes threat detection, understanding and response to a whole new level. Join us to learn how to use next generation SIEM technology to specifically detect security threats within an ocean of Big Data. Discover how the latest technologies in security analytics such as the quad-correlation methods of rules, statistics, risk, and history can help your organization execute SIEM best practices in detection with intelligence, integration, and ease.
  • Channel
  • Channel profile
Up Down
  • How do you find a needle in a haystack? Uncover Big Data Security Analytics Recorded: Apr 15 2014 38 mins
    Advanced targeted cyber attacks have hit some of the world’s largest businesses. The attacks weren't blocked because they don’t match any known attack signature. Each one is unique, custom created to penetrate the target network and steal data.

    A new video featuring Gartner Distinguished Analyst, Neil MacDonald, and HP’s Eric Schou, explains how Big Data Security Analytics can help find and block targeted cyber attacks. View it to learn:

    How advanced targeted cyber attacks are different from traditional threats
    How Big Data techniques can spot attacks when traditional defenses fall short
    What you should be doing now to take advantage of Big Data Security Analytics
  • Cybercrime video Recorded: Mar 13 2014 3 mins
    Cyber criminals continue to steal data and interrupt business at alarming rates. The average annualized cost of cyber crime is $7.2 million per company per year, with a range of $375K to a staggering $58 million, according to a global study by the Ponemon Institute. That’s an increase in cost of 30 percent over last year’s global results. The most costly criminal activities come from malicious insiders, denial-of-service and web-based attacks – and no industry is immune. Fortunately, there are ways to fight back.

    In this short video you’ll learn:
    *How proactive security measures can save millions of dollars
    *What seven security technologies are key to winning the cyber crime war
    *Where to get more information and guidance
  • How do you find a needle in a haystack? Uncover Big Data Security Analytics Recorded: Mar 13 2014 31 mins
    "There are no “signatures” for advanced targeted cyber attacks, because each attack is unique. Cyber criminals custom create them to penetrate your network and steal your data, so traditional cyber defenses can fall short and leave you unprotected. Neil McDonald, Gartner Group Distinguished Analyst, explains how Big Data Security Analytics (BDSA) can sift through mountains of information and, by understanding what legitimate activity looks like, identify suspect activity that represents security risk and warrants further investigation. And HP’s Eric Schou tells how HP ArcSight Security Information and Event Management (SIEM) platform applies these techniques to protect HP ArcSight customers.
  • How To Stop Target-Like Breaches In Their Tracks Recorded: Feb 24 2014 54 mins
    Using the Target breach as a case study, this webinar will demonstrate how timely detection and threat intelligence integrated with incident response management could have stopped the attack cold.
  • Top 5 Truths About Big Data Hype and Security Intelligence Recorded: Feb 19 2014 4 mins
    With the explosion in security data, Big Data security analytics (BDSA) is widely acknowledged as the future of security information and event management (SIEM). But BDSA is a specialized application of Big Data. This webinar shows how BDSA is different:
    - There’s more to BDSA than just “big.”
    - BDSA requires real-time processing of security data.
    - BDSA requires more than just Big Data technology.
  • Stay out of the headlines for breaches / non-compliance with security analytics Recorded: Jan 23 2014 62 mins
    Tight alignment between compliance and security capabilities can make each component stronger than it would be by itself. Organizations that blend the two not only more effectively combat targeted attacks and data breaches, but also more easily meet compliance requirements and avoid expensive fines. Learn how leading organizations are leveraging continuous monitoring and incident response management to achieve a more secure and compliant enterprise.
  • How Evolving SIEM Defends Against Advanced Persistent Threats Recorded: Jan 16 2014 61 mins
    The threat landscape is constantly evolving, with Advanced Persistent Threats and zero-day exploits challenging our best abilities to keep systems and data safe and secure. As a result the way we monitor and manage security events is also evolving – and SIEM, which used to be synonymous with log management has evolved to meet today’s threats and prepare for tomorrow’s as well. Join our complimentary webinar sponsored by Dark Reading and HP to hear from Forrester security expert Edward Ferrara who will discuss how SIEM is evolving and how to best take advantage of the new security tools that puts at your disposal.

    Attend this event to learn:

    •How SIEM is evolving in conjunction with the threat landscape
    •Ways application monitoring impacts security management
    •The role of Big Data in correlating security events
    •What do to now to be prepared for the evolution of SIEM
    Register now for this important event and bring your questions for our panel of experts to address during the live Q&A following the presentation.
  • Managed security service provider builds intelligent analysis on HP solution Recorded: Jan 6 2014 4 mins
    TELUS, a leading provider of managed security solutions in Canada, needed to safeguard the internal core network of multiple business units while supporting its managed security solutions business. HP ArcSight is the platform for building out future services from intelligent analysis and forensics capabilities to managed services and malware analysis. HP TippingPoint and HP ArcSight operate synergistically, with the IPS providing a critical log source for the SIEM system.
  • Paychex prioritizes security events to protect their business Recorded: Dec 5 2013 3 mins
    Paychex needed to derive logs from a vast number of devices and create a single, enterprise-wide view of security information and events. The customer has had phenomenal success with obtaining intelligence from different sources, pulling it into HP ArcSight, and making use of it. With HP Fortify SSC integrated into the software development lifecycle, application security has improved greatly.
  • Don't mess it up - here's how to get it right Recorded: Nov 12 2013 54 mins
    Based on an anonymized breach scenario, this webinar will define a framework for the broader incident response (IR) process
  • 2013 4th Annual Cost of Cyber Crime Study Results: Asia Recorded: Oct 31 2013 60 mins
    2013 Cost of Cyber Crime Study: Australia & Japan

    Join us for the 2013 results presentation of the second annual Cost of Cyber Crime study for Australia and Japan. Conducted by Ponemon Institute and sponsored by HP Enterprise Security, a total of 64 Australian and Japanese organizations participated. According to the findings, cyber attacks increased 12 percent in Australia and 32 percent in Japan. The costs associated with this increase in Australia were $772,903 and ¥265 million in Japan. “Findings from the report also show that each week Australian and Japanese organizations experienced on average 1.4 successful attacks per company”
  • 2013 4th Annual Cost of Cyber Crime Study Results: Europe Recorded: Oct 30 2013 62 mins
    2013 Cost of Cyber Crime Study: UK, Germany & France

    Join us for the 2013 results presentation of the second annual Cost of Cyber Crime study for the United Kingdom and Germany. For the first time, the research was conducted in France. Conducted by Ponemon Institute and sponsored by HP Enterprise Security, a total of 110 UK, German and French organizations participated. According to the findings, cyber attacks increased 16 percent in the UK and 21 percent in Germany. The costs associated with this increase in the UK and Germany were £904,886 and €830,169, respectively. For the first time, it was determined that the average cost of a cyber attack in France was €3.89 million. Findings from the report also show that each week UK and German organizations experienced on average 1.3 successful attacks per company. French organizations experienced an average of 1 cyber attack per company.
  • 2013 4th Annual Cost of Cyber Crime Study Results: Americas Recorded: Oct 29 2013 61 mins
    Join us for the 2013 results presentation of the 4th Annual Cost of Cyber Crime Study, conducted by Ponemon Institute and sponsored by HP Enterprise Security. This study, based on a benchmark sample of U.S. organizations, shows that cyber attacks not only increased 12 percent last year, the costs associated with those attacks increased by an average of 26 percent or $2.6 million per organization. Findings from the report also show that each week, an organization can expect two of the many cyber attacks launched against it to succeed.

    Join us for this important webinar and learn how:
    • All industries and all sizes of organizations fall victim to cyber crime, but to different degrees.
    • Denial of service, malicious insiders and web-based attacks comprise the most costly crimes.
    • Attacks can be mitigated by SIEM, enterprise governance, application security testing and other prevention-focused strategies and technologies.
  • Insiders, Outsiders and Big Data Recorded: Sep 11 2013 46 mins
    The challenges you face today in protecting your organization from insiders, outsiders, and hacktivists include incomplete threat intelligence, minimal visibility into unstructured data, and insufficient context. In addition, modern network security systems generate such an enormous volume of events that it is hard to take action on all of them. Learn about techniques and technologies that you can use to handle high volumes of structured and unstructured data to derive true intelligence from today’s modern security systems.
  • Top 5 Truths about Big Data Hype and Security Intelligence Recorded: Jul 17 2013 89 mins
    Big Data security analytics (BDSA) is the subject of exuberant predictions, and some claim it will replace SIEM. However, Gartner analyst, Anton Chuvakin points out that no available BDSA solutions have yet come close to these speculations.

    Hype aside, however, it is clear that the principles of BDSA are the key to advanced security intelligence, and that Big Data requirements are nothing new to SIEM technology.

    Join Sri Karnam of HP for this webinar and learn five important facts about BDSA:

    1. There’s More to Big Data than “Big.”
    2. There’s more to BDSA than technology.
    3. BDSA has to happen in real time.
    4. There’s a risk that data silos will persist in Big Data repositories.
    5. The “3 Vs” of Big Data—volume, velocity, and variety—are not new to SIEM.

    Karman will show you how Enterprise SIEMs have been dealing with the challenges of the 3 Vs in security data for years, and how HP ArcSight SIEM solutions can give you BDSA specialized for event data and can support additional information types that you can use for the detection of real-time threats.
  • Top 5 myths of SIEM Recorded: Jul 9 2013 24 mins
    While security threats continue to mount, many organizations have deployed or have considered deploying security information and event management (SIEM) solutions in order to combat data theft and cyber-attacks across the enterprise. SIEM solutions are essential for helping security analysts perform forensic analysis and detect threats, as well as meet industry compliance requirements.

    In this presentation, we will review some common misperceptions surrounding SIEM technology to help IT Security Professionals separate truth from fiction behind common myths about SIEM. Without proper information, Security Executives sometimes have a hard time justifying SIEM investments to their management. Worse yet, a SIEM solution that is not deployed properly may not produce the desired results. Prevent this from happening by learning the top 5 myths of SIEM.
  • Business Driven Continuous Compliance Recorded: Jun 13 2013 40 mins
    While a key driver for adapting security technologies, compliance is still a huge burden for most organizations. In the presentation we will discuss novel approaches to both lower the cost of compliance and derive relevant business value from the process. Changing the compliance process from a periodical manual process into a continuous automated process ensures real time visibility into your compliance posture as well as the ability to react in real time to compliance issues rather than just after the fact. By overlaying the information collected with your enterprise IT asset model, the real time compliance information can also contribute to business driven risk management and help in making the right investment decisions in information security.
  • Gaining Threat Intelligence and Combating the Four Most Common Attack Vectors Recorded: Jun 12 2013 36 mins
    The HP Security Research team (HPSR) is hard at work monitoring the threat landscape for new campaigns, profiling actors to understand their motivations, identifying the tools they use and determining how credible certain threats might be. It’s part of a long-term strategy for developing a new threat intelligence-sharing model. Why is that important? It will provide real-time info from the larger security community-- enterprises like yours, industry security organizations and security vendors-- that can be used to automate and catch these breaches immediately.

    Learn about HP’s findings, including these culprits: injection flaws, DDoS, various phishing techniques and zero day vulnerabilities. How can you address the inevitable breaches that will occur?
  • PCI DSS 2.0 - Section 10: Creating a successful logging and monitoring program Recorded: May 1 2013 37 mins
    PCI is an ongoing process in which each year should build upon the previous. Too many organizations treat PCI compliance as a box that must be checked, but not the ongoing maturity process it was designed to be. PCI has 12 requirements; we will focus on building a foundation to support Section 10: the requirement to track and monitor all access to cardholder data. This session will provide an overview of the proper way to institute a PCI logging and monitoring program. The topics covered will include policy and standards, proper organizational and team alignment, as well as real world examples of successful PCI logging programs. The intended audience for this session is anyone in charge of or working in a PCI regulated organization. The session will be led by Colin Henderson, Principal Security Consultant with HP.
  • Enhance Your Security Operations with Big Data Recorded: Mar 13 2013 37 mins
    More and more security operations centers are transforming their operations from being reactive, to proactive and even predictive. Hear how big data technologies like Autonomy IDOL can be leveraged with traditional security monitoring tools for Social Network Monitoring and Data Loss Prevention (data in motion) to drive value and empower a “next generation SOC.”
Protect your business with security analytics and compliance solutions
Your organization, regardless of its size, must turn security and log data into actionable intelligence to make smarter, more efficient decisions. This channel features presentations that help answer your security questions. For example, you can learn how to manage business risk, monitor your IT infrastructure and automate compliance. Take your security knowledge a step forward with best practices in the latest security trends like Big Data Security Analytics, combating Advanced Persistent Threats and understanding the costs of cyber crime.
Try a powerful marketing platform for your videos and webinars. Learn more  >

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Centralizing Compliance Controls: Achieving Scale and Cutting Costs
  • Live at: May 22 2012 3:00 pm
  • Presented by: Marc Blackmer, Senior Product Marketing Manager, Solutions at HP Enterprise Security
  • From:
Your email has been sent.
or close
You must be logged in to email this