Hi [[ session.user.profile.firstName ]]

IT Security

  • Live Demo: Email Fraud Defense by Proofpoint
    Live Demo: Email Fraud Defense by Proofpoint Neil Hammet, Email Fraud Specialist Jun 19 2018 9:30 am UTC 45 mins
    Email Fraud is one of the oldest yet most successful threats against your organisations. Proofpoint Email Fraud Defense (EFD) can help you protect your organisation and your customers, leveraging the power of email authentication.

    Join this product demo to discover how you can protect your organisation and people by leveraging the power of EFD.


    •Block malicious emails spoofing your domains before they reach your employees and customers
    •Monitor all emails (inbound and outbound) from your domains and those of third parties
    •Accurately distinguish between legitimate emails and fraudulent emails
  • Salesperson - You’re FIRED!
    Salesperson - You’re FIRED! Nigel Dunand, ISM Fellow Jun 19 2018 10:00 am UTC 30 mins
    Here’s why: the three habits you never acquired the three mindsets you never changed and the three techniques you never mastered.
  • GDPR: A regulation, an opportunity, a call to action
    GDPR: A regulation, an opportunity, a call to action Oleg Gorobets, Senior Global Product Marketing Manager, Kaspersky Lab Jun 19 2018 10:00 am UTC 75 mins
    GDPR is an EU regulation that comes into effect on the 25th of May 2018.

    GDPR is designed to uphold the rights of the individual in terms of how their personal data is handled, stored and secured.

    It also places greater responsibility on businesses to observe data security and related processes and practices.

    Kaspersky Lab solutions help companies process personal data by offering effective measures to reduce the risks of a data breach, prevent security incidents and enhance visibility of the monitored infrastructure.

    During the webinar, we’ll look at the following topics:
    •What GDPR is - and isn’t - when it comes to cybersecurity.
    •How cybersecurity fits into GDPR-aligned processes.
    •The endpoint: a good starting point for the cybersecurity aspect of a data protection strategy.
    •The role of storage and the impact of storage security.
    •Guarding the bottlenecks: perimeter defenses to reduce the risks of human influence.
    •Why data in the cloud requires special security.
    •Forewarned is forearmed: the importance of cybersecurity essentials training.
    •Understanding the risks: get more from your Data Protection Impact Assessments.
    •Kaspersky Lab’s GDPR readiness.
  • Using Inline Security Tools to Achieve Your Security Goals
    Using Inline Security Tools to Achieve Your Security Goals Adrian Rowley, Technical Director EMEA, Gigamon, Lindsay Drabwell, Head of Membership Services EMEA, (ISC)² Jun 19 2018 11:00 am UTC 60 mins
    Inline security tools operate by actively preventing threats in your network, but deploying and optimising these tools presents several challenges to both network and security engineers. The downsides can include a potential point of failure, degradation of network and application performance, difficulty to scale and upgrade.
    The use of a next-generation packet broker and its inline bypass functionality can mitigate these challenges.
    Join Gigamon and (ISC)² EMEA in this webinar where we aim to examine how inline bypass can overcome physical deployment obstacles, maximise network availability, increase the scale of inspection and reduce the impact to network performance.
  • GDPR Compliance: Keep it SIEMple
    GDPR Compliance: Keep it SIEMple Rob McGovern & Chris Dutch, LogRhythm Jun 19 2018 2:00 pm UTC 60 mins
    GDPR is live. Whether you are deep into your compliance initiatives or playing catchup, you should know how your SIEM plays a key role in supporting your compliance efforts.

    Join LogRhythm’s compliance experts to learn how we, as a cyber-security vendor, are not only working through our own compliance needs, but also finding ways to make it easier to achieve compliance.

    Discover:

    •How GDPR is playing out in the real world
    •What LogRhythm is doing for our own GDPR compliance
    •How to leverage LogRhythm’s experience and GDPR Compliance Module to simplify your own compliance efforts

    Register today to see how other organisations are handling compliance with GDPR and learn how a SIEM solution like LogRhythm can streamline your compliance with the regulation.
  • The Role of Security Champions in Scaling Application Security
    The Role of Security Champions in Scaling Application Security Ryan O'Boyle, Manager of Product Security at CA Veracode and Ronda Kiser Oakes, Director DevOps Consulting at Perficient Jun 19 2018 3:00 pm UTC 60 mins
    Securing a portfolio of applications can be a practice in extremes. On one hand, you have a small team of security experts trying to help a multitude of developers, testers, and other engineers meet security requirements. At the same time, you have to support all the microservices that the Agile and DevOps teams are building and pushing to production anywhere from once a month to several times a day. Even if you have a fully staffed security team, there still are not enough experts in this area to go around, which means creating a guild of Security Champions is more important than ever.

    Join Ryan O’Boyle, Manager of Product Security at CA Veracode and Ronda Kiser Oakes, Director DevOps Consulting at Perficient, who will examine the value of the Security Champion role within the development team. They will discuss which groups need to commit for the program to succeed, how to find good champions, and the benefits for all stakeholders. Based on lessons learned from building a successful Security Champion program over the past five years, you will come away with detail actionable steps to bootstrap, monitor, and maintain a customized program that fosters these champions in your organization and scales your security program.
  • ForgeRock and Trusona - Simplifying the Multi-factor User Experience
    ForgeRock and Trusona - Simplifying the Multi-factor User Experience Ben Goodman, ForgeRock and Kevin Goldman, Trusona Jun 19 2018 3:00 pm UTC 60 mins
    Authentication and MFA is no longer a one-mode-fits-all experience. Customer-centric companies need flexible intelligence models and simple, consistent login journeys across channels—web, call center, mobile—without being forced to bolt MFA on top of usernames and passwords.

    ForgeRock’s VP, Global Strategy and Innovation, Ben Goodman, and Trusona’s Chief Design Officer, Kevin Goldman, explain how ForgeRock combined with Trusona creates a broad range of multi-factor authentication modalities all with a consistent user experience, including primary MFA without usernames, passwords or typing whatsoever.

    Bonus: Trusona will reveal findings from the first-ever passwordless MFA behavioral research.

    Webcast Overview:
    Learn how to easily configure, measure, and adjust login journeys using digital signals including device, contextual, behavioral, user choice, and risk-based factors

    Learn how Trusona’s range of identity authentication experiences dovetail with ForgeRock’s decision tree authentication approach

    See behavioral research findings that show end-user preference for primary MFA over the comfort of the familiar username and password mode



    *By registering for this webcast you agree ForgeRock will maintain and process your personal information for communicating with you. (https://www.forgerock.com/privacy-policy)

    The following partner(s) of the the above webcast(s) will have access to the list of registrants, including your contact information.

    Trusona (https://www.trusona.com/privacy-policy/))
  • IT Complexity and the New Monitoring Landscape
    IT Complexity and the New Monitoring Landscape Nancy Gohring of 451 Research and cPacket Jun 19 2018 3:00 pm UTC 60 mins
    Businesses across sectors are adopting a host of new technologies – containers, SDN, IoT and many others -- as digital transformation disrupts practically every industry. The result is a significantly more complex IT environment than ever before. These environments present new challenges for professionals tasked with ensuring applications perform perfectly, leading to a re-examination of a once widely accepted monitoring toolset.

    Join as we discuss:
    •Why monitoring has become a big data problem
    •The morphing monitoring tools landscape
    •The value network monitoring tools can bring to APM and security
  • Enforce Continuous Container Security with Black Duck by Synopsys and NeuVector
    Enforce Continuous Container Security with Black Duck by Synopsys and NeuVector Glen Kosaka, VP Marketing & Product Management, Neuvector; Dave Meurer, Alliances Technical Mgr, Black Duck by Synopsys Jun 19 2018 4:00 pm UTC 60 mins
    With the extensive use of open source software in containers, it’s critical to prevent vulnerable software from being deployed into production. But even with protections in place, unknown and new vulnerabilities can be exploited during runtime, compromising sensitive data, revealing secrets, and damaging infrastructure.
    In this webinar, Black Duck by Synopsys and NeuVector will explain:
    - How to protect containers starting from the build
    - How to develop container security policies and procedures around threats
    - Best practices for deploying secure container
  • Kubernetes – How to Prevent Attacks with Admission Controllers
    Kubernetes – How to Prevent Attacks with Admission Controllers Benjy Portnoy, CISSP, CISA, and Rani Osnat, VP Product Marketing at Aqua Security Jun 19 2018 5:00 pm UTC 45 mins
    This is an expanded version of what was presented at the KubeCon Lightning Talk

    An admission controller intercepts requests to the Kubernetes API server prior to persistence of the object. By applying proper admission controls in your Kubernetes cluster, it's possible to generate deployments that adhere to the least privilege model, limiting user and container activity based on their business usage needs.

    In this session, we will review the latest and greatest Kubernetes 1.10 admission controller capabilities. We will demonstrate in a live demo a dynamic admission control webhook that can be customized to limit privileged user access.

    You’ll walk away understanding how to make such standards easier to implement and methods for going beyond them to provide security worthy of critical applications in production.
  • Inside (ISC)²: Virtual Town Hall – Enrich. Enable. Excel
    Inside (ISC)²: Virtual Town Hall – Enrich. Enable. Excel Jessica Hardy, (ISC)² Director of CX, Mirtha Collin, (ISC)² Sr. Ed. & Training Mgr., Michelle Schweitz, (ISC)² Media Mgr. Jun 19 2018 5:00 pm UTC 75 mins
    (ISC)² is committed to delivering value to our members, providing a transparent view of the organization’s developments and plans for the future. To that end, please join (ISC)² for a virtual Town Hall meeting on June 19, 2018 at 1:00PM Eastern to review many of our new member benefits, service offerings and look at what is still to come in 2018, including enriching professional development opportunities, Security Congress and more. Members and non members alike will enjoy the opportunity to learn how (ISC)² is delivering on its value promise.
  • Next-Generation Penetration Testing - Go Beyond Just Compliance
    Next-Generation Penetration Testing - Go Beyond Just Compliance Andy Condliffe, Solution Architect Jun 19 2018 5:00 pm UTC 60 mins
    What’s your standard penetration testing getting you? Compliance and a vague summary report. What could you get with a crowdsourced penetration test from Synack?

    - A crowd of top, trusted researchers
    - Technology that optimizes for testing efficiency, control, and visibility
    - Managed workflow processes
    - Own the IP of all discovered vulnerabilities with none of the liability.

    Stop settling for the ordinary...Try the Next-Gen. See how you can go beyond just compliance by joining our webinar. You will learn:

    - The problems that traditional penetration testing haven’t addressed
    - How Synack’s crowdsourced platform offers a better pen test and better customer experience
    - Specific use cases for a Synack crowdsourced penetration test
  • Alaska Airlines; Lessons from the Trenches in Cloud Security
    Alaska Airlines; Lessons from the Trenches in Cloud Security Brian Talbert, Alaska AIrlines; Enrique Salem, Bain Capital; Ami Hofman, Dimension Data; John Parker, ShieldX Jun 19 2018 6:00 pm UTC 45 mins
    According to ESG, 25 percent of organizations say maintaining strong and consistent security across their own data center and multiple public cloud environments with a centralized command-and-control a top CISO concern. So how do you do it?

    Join Alaska Airlines Director of Network and Connectivity Solutions Brian Talbert, former Symantec CEO Enrique Salem and ShieldX VP of Products John Parker for a discussion on best practices for secure cloud migration. This panel will discuss:
    - How security can help your company adopt a cloud first strategy
    - Key threats security teams should expect.
    - Why micro-segmentation becomes a critical control when your perimeter defenses are defeated
    - How to gain visibility into your data center and cloud environments
    - Overcoming common objections encountered during migration
  • Meet Digital Enterprise Demands with the Latest Edge Security
    Meet Digital Enterprise Demands with the Latest Edge Security Rajoo Nagar, Director Product Marketing Jun 19 2018 6:00 pm UTC 60 mins
    Learn how to address always-evolving cyber threats, the ubiquity of encrypted traffic, and the shortage of security professionals with a smaller, but mightier edge firewall.
  • Best Practices for Outsourcing Your IT Security
    Best Practices for Outsourcing Your IT Security Ryan LaSalle, Global Managing Director, Growth & Strategy - Accenture Security, Narayan Makaram - Arctic Wolf Jun 19 2018 6:00 pm UTC 60 mins
    With the growing IT security skills shortage, many enterprises simply do not have the staff they need to handle new projects or ongoing threats. In addition, many businesses are increasingly relying on network and cloud service providers, taking key security functions out of their hands. How can enterprise security teams work with third-party contractors and service providers to improve overall security? In this Dark Reading & Arctic Wolf webinar, top experts discuss security outsourcing strategies, tools for measuring service provider security, and ways to use third-party services to supplement your in-house cybersecurity skills.

    By attending, you’ll:

    - Understand best practices for working most effectively with third party providers
    - Discover what security functions can be handled by third parties and what should be kept in-house
    - Recognize how to avoid common pitfalls of working with third parties
    - Get a peek into how the market is changing, what type of security functions third parties will be providing in the future, and how to prepare for it

    Save your seat now to learn more!
  • Digging In: Preparing for IoT in Mining
    Digging In: Preparing for IoT in Mining Peter Klement, XMPro and Mikey Kalis, Unearthed Jun 19 2018 11:00 pm UTC 60 mins
    Explore the role of the IoT in the mining industry. From big industry to incubators and startups -- many organizations are engaging globally via innovative ecosystems, testbeds and tech hubs for education, awareness, and best practices.
  • Applying an Effective UEBA Solution: Experiences from the Trenches
    Applying an Effective UEBA Solution: Experiences from the Trenches Stephen Frank, director of technology & security (NHLPA) | Rob McGovern, sr. technical product manager (LogRhythm) Jun 20 2018 12:00 am UTC 60 mins
    Security mature organizations are increasingly utilizing User and Entity Behavior Analytics (UEBA) to quickly surface, prioritize, and respond to anomalous and alarming user behavior.

    Join Stephen Frank, director of technology & security at National Hockey League Players' Association (NHLPA), and Rob McGovern, LogRhythm senior technical product manager, as they discuss how to apply UEBA to meet security use cases. The duo will outline NHLPA’s key use cases and how LogRhythm is supporting their security initiatives.

    During the webinar, we’ll present:
    • Why UEBA is a critical security capability
    • NHLPA’s security environment and key use cases
    • How LogRhythm is advancing their UEBA capabilities
    • A brief demo of LogRhythm’s UEBA solutions

    Register now to get an inside look at how NHLPA is working with LogRhythm to enhance their UEBA capabilities.
  • Ultimate Guide to Building Security into CI/CD
    Ultimate Guide to Building Security into CI/CD Olli Jarva, Managing Consultant and Solution Architect, Synopsys Asia Pacific Jun 20 2018 5:30 am UTC 90 mins
    Security leaders must choose appropriate tools and build a culture that does not inhibit the development pipeline but supports it. In this webinar, Ultimate Guide to Building Security into CI/CD, Olli Jarva, Managing Consultant and Solution Architect, Synopsys Asia Pacific, outlines how security teams can work within a Continuous Delivery or Continuous Deployment model by building security into operational processes and an integrated, Continuous Integration toolchain. This integrated software security strategy is known as “Continuous Security.”
  • Der IT Brennpunkt: GDPR/DSGVO
    Der IT Brennpunkt: GDPR/DSGVO Oliver Stöeckl - Solution Strategist Jun 20 2018 8:00 am UTC 60 mins
    Datenschutz und -absicherung sind für Ihre Organisation von entscheidender Bedeutung und keine Verordnung hat weltweit weiter reichende Anforderungen als die DSGVO. Cherwell ISMS bietet eine einfache Möglichkeit, die DSGVO-Artikel Ihren Sicherheitskontrollen zuzuordnen. Darüber hinaus können Sie mit dem Incident Management die Meldefrist von 72 Stunden einhalten und die betroffenen Personen kontaktieren. Schließlich können Sie unser Self-Service-Portal erweitern, um EU-Bürgern eine einfache Möglichkeit zu bieten, Anfragen in Bezug auf Datenzugriff, Berichtigung, Löschung und Portabilität zu erstellen und zu verfolgen.
  • Ein Ausweg aus dem Daten-Dschungel
    Ein Ausweg aus dem Daten-Dschungel Marco Rossi, Consulting Systems Engineer Jun 20 2018 9:00 am UTC 60 mins
    Mit FireEye Threat Analytics in kürzester Zeit das eigene SIEM realisieren.

    Die Erfahrungen mit klassischen SIEM-Lösungen haben immer wieder gezeigt, dass durch deren Implementierung recht schnell große Datenmengen und gleichzeitig viele Alarme erzeugt werden. Damit werden noch lange nicht alle für die Cyber-Sicherheit relevanten Probleme gelöst
    Wir zeigen Ihnen, wie Sie schnell zu einer SIEM-Lösung kommen, die einen entscheidenden Mehrwert aus dem Daten-Dschungel bietet um:
    •Kostspielige und aufwändige Installation zu vermeiden
    •Die hohe Anzahl an Alarmen und der damit verbundene Aufwand zu priorisieren
    •Angriffe und Aktivitäten in Ihrem Netzwerk sofort zu erkennen

    Ergänzen Sie Ihre bestehende SIEM-Lösung und steigern Sie damit deutlich das Cyber-Security-Niveau Ihrer Organisation.
  • Four IT Challenges of Software Development Teams & How to Manage Them
    Four IT Challenges of Software Development Teams & How to Manage Them Ofir Agasi, Director of Product Marketing, Cato Networks Jun 20 2018 10:00 am UTC 60 mins
    From India to Belarus, organizations are tapping software development talent in emerging markets. These developers often work outside of company offices, leading to four IT challenges that can undermine developer productivity, render cloud-based versioning systems and repositories unusable, complicate onboarding new developers, and increase risk.

    Learn from the experiences of three IT pros supporting distributed development teams, and how Cato Cloud solves those challenges.
  • Verizon Threat Research Advisory Center - Cyber-Espionage and Threat Hunting
    Verizon Threat Research Advisory Center - Cyber-Espionage and Threat Hunting John Grim and David Kennedy, Verizon Enterprise Solutions Jun 20 2018 2:00 pm UTC 90 mins
    Join us—the Verizon Threat Research Advisory Center – for our Monthly Intelligence Briefing (MIB) to discuss the current cybersecurity threat landscape.

    This month's theme: Cyber-Espionage and Threat Hunting

    Our Verizon Threat Research Advisory Center presenters will be:
    •Chris Novak, Director, Investigative Response
    •Jihana Clemetson, Senior Analyst, Threat Intelligence
    •Marcus Cymerman, Senior Analyst, Network Forensics
    •David Kennedy, Managing Principal, Open Source Intelligence
    •John Grim, Senior Manager, Investigative Response – Americas

    For this month's theme of 'Cyber-Espionage and Threat Hunting' we'll here from Chris Novak, Director, Investigative Response on cyber-espionage and threat hunting as seen across the Investigative Response Team caseload. We'll then transition into a Q&A session with Jihana Clemetson, Senior Analyst, Threat Intelligence, and Marcus Cymerman, Senior Analyst, Network Forensics to dig further into our cyber-espionage cases and discuss typical indications of being a victim of cyber-espionage, the components of threat hunting, and the approaches to investigating cyber-espionage incidents.

    Following the cyber-espionage insights, we'll cover the following topics:

    •Current Intelligence
    •Attacks & Threat Indicators
    •Latest Malware Trends
    •Significant Vulnerabilities