The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
More and more enterprises are moving their applications into public and private cloud infrastructure. The cloud is becoming more appealing for enterprises as it facilitates business growth due its agility, resiliency and scalability. The advent of a variety of technologies and processes such as containers, micro-services, and DevOps has made rolling out new applications into the cloud very quick and desirable for development teams. Join Imperva and (ISC)2 for an examination of how enterprises move applications to the cloud without forgetting to put security first.
With the proliferation of cloud deployment options and platforms, management of application security across platforms has become a major problem for security teams. In this webinar, we address challenges posed by cloud proliferation, and how to approach development of a consistent security posture across platforms to better manage risks.
You've heard about the many ways CloudCheckr can help keep your cloud in check. Now you can see CloudCheckr in action, including demos of our 500+ Best Practice Checks, our Cost Savings Reports and Right Sizing tools, and our security & compliance features.
In this webinar, you can view and ask questions as Tim Twarog demonstrates popular features of this award-winning platform.
Security operations center (SOC) teams are continually faced with new alerts and events. Security information and event management (SIEM) solutions such as Splunk help by making it easier to collect and analyze data generated by your technology infrastructure, security systems, and business applications. However, working with this volume of data risks SOCs being overloaded and rapidly available and readable information is vital to prioritize how you respond.
See how a pre-integrated solution between Recorded Future and Splunk gives you full context of emerging threats from the widest breadth of open, technical, and dark web sources. Join this webinar to:
• Alleviate alert fatigue and speed decision making with machine and human-analyzed threat context.
• Identify threats already in your system by correlating network traffic with known bad from outside your network.
• Get a live walkthrough of how to utilize real-time threat intelligence in Splunk Enterprise.
By now, the majority of us have likely been inundated with stories about third party data breaches and how one vendor’s vulnerability can cost your organization millions. But how do you know if you’re doing enough to stop third party risk?
As we enter 2018, new U.S. and European cyber regulations are going into effect, and organizations can no longer check the box when it comes to their vendors’ cybersecurity. You are not only liable for knowing where you are most at-risk, but now you must also understand how that risk affects your organization and identify a solution for mitigating that risk.
This webinar features guest speaker Nick Hayes, Senior Analyst at Forrester and LookingGlass VP of Intelligence Operations Eric Olson. They will delve into the third party risk landscape: our current state of affairs, and where the industry is moving, as well as how you can take a different approach to third party risk prevention, including:
• How to see where your vendors are already compromised
• The importance of actionable intelligence for real-time mitigation
• Why a continuous monitoring solution is the future of third party risk
The main benefits of containers vary from speed of development and deployment to scalability, flexibility, and cost-effectiveness – which is what made containers so popular today. But the ability to move containerized applications among different environments, from a public to private cloud for example, is one of the most important benefits of containers, making them enterprise favorites for cloud migration and hybrid cloud architectures.
In this webinar, we will talk about how to use containers in a hybrid cloud, specifically:
1.How containers make it easy to migrate and move applications between clouds
2.What architectural considerations and tooling you need to achieve portability
3.How to ensure consistency of control, security, and compliance across container cloud deployments
With so many users and devices on the network at any given time, universities and colleges struggle to keep up with the demand for always-on connectivity. What can you do to optimize your network infrastructure to tackle these challenges?
Join our networking experts for a webinar that will discuss how Aruba solutions:
* Provide always-on connectivity with features including RF optimization and controller hitless failover
* Secure the network and identify risk with with IoT devices pre-authentication and user and entity behavior analytics (UEBA)
* Provide deeper and predictive network insights
* Address campus wired pain points with a unified wired AND wireless solution
Michael Dickman, VP of Global PLM Campus Networking
Peter Lane, Aruba WLAN PLM
Danny Jump, Aruba ClearPass PLM
Dan Comfort, Aruba Cloud PLM
Alongside an expanding attack surface resulting from the growth of cloud, mobile and IoT, organizations are now increasingly faced by internal threats. Insider threats, compromised accounts, administrator abuse and other user-based threats are some of the most damaging vulnerabilities and the hardest to detect. This has led to the evolution of user and entity-based analytics (UEBA) solutions, designed to address user based threats, and through the use of artificial intelligence (AI) and machine learning these solutions are advancing threat detection capabilities in modern security operation centers.
In this webinar, Mark Settle, LogRhythm Product Marketing Manager, and Samir Jain, Senior Product Manager, UEBA, will discuss the evolving UEBA market, and advancements in the technology fueling these solutions.
Webinar attendees will learn:
•How advancements in AI and machine learning technology are enabling security analytics and in particular UEBA.
•Why security analytics solutions are moving to cloud infrastructure, and the security implications compared to on premise platforms.
•What security mature organizations are asking for versus what is being delivered
•Whether UEBA solutions are better delivered via security analytics/SIEM platforms, or via stand alone solutions
Large corporations aren’t the only targets for sophisticated advanced attacks. In fact, cyber criminals find that small and midsize enterprise (SME) companies are easier targets because their security is not as advanced and they don’t have proper cyber defenses.
FireEye SME customers are more prepared to defend their company’s digital assets. Join us for a live problem-solving webinar based on real-world examples from your peers and learn:
•What best practices will increase cyber awareness
•How to conduct a security assessment to identify gaps and a
•How to align security needs and reduce vulnerabilities
Register today to gain insights into SME cyber warfare and more effectively protect your business from advanced attacks.
Join Rick Howard, CSO at Palo Alto Networks to learn about must-read books for all cybersecurity practitioners – be they from industry, government or academia — where the content is timeless, genuinely represents an aspect of the community that is true and precise, reflects the highest quality and, if not read, will leave a hole in the cybersecurity professional’s education that will make the practitioner incomplete.
Enterprises are seeking ways to reduce the scope and complexity of securing their Network’s Edge. Data breaches can cost companies millions of dollars in reduced revenue, shareholder value, fines, and diminished brand loyalty.
IT managers concerned about their connected-network systems have turned to Parallel Networking to create application-specific networks to protect cardholder data while enabling customer engagement and improving operations.
Parallel Networking enables organizations with hundreds or thousands of distributed locations to enhance security and PCI Compliance at the Network’s Edge.
Join Cradlepoint for a webinar to learn about the benefits of Parallel Networking, real customer success examples, and best practices for greater security at the Elastic EdgeSM.
Join Jack Hamm and Simon Gibson from the Gigamon SecOps as they demonstrate how to use automation and visibility to take the boredom out of repetitive tasks. One of the featured use case will be how to automate tasks to find and block Kaspersky in government organizations.
Security practitioners use a variety of tools and information sources to spot potential threats, evaluate each event and then act to mitigate. They are challenged by little interoperability between security tools, plus the cost of these tools across the network and cloud can be prohibitive.
During this lively webinar, hosted by Security Solutions leader, Graham Melville, you will see how Gigamon and the Phantom security automation and orchestration platform can help you reduce mean time to resolution. The team will show how you can provide wider visibility and automate the tasks your security staff repeats on a frequent basis.
Simon and Jack will demonstrate:
•How to generate indicators of compromise to trigger Phantom to execute customized playbooks with specific actions.
•How to automate tasks to find and block the use of Kaspersky in government organizations.
•How to streamline dozens of sources to gain insight into security events.
•How to gain visibility to the necessary traffic from all segments of your networks without buying more security tools.
•How you can reduce the load and turn on more features on your security tools such as Next Gen Firewalls.
Today 34% of enterprises are running applications within Azure Cloud. That's up 14% from last year! The problem is that Enterprise Networking and Security teams still rely on the VPN to provide remote access to the network for their mobile users. The VPN, famous for giving users a poor user experience, breaks the cloud experience, exposes the network to employees while driving costs and complexity when migrating apps to Azure.
It's time for enterprises to rethink the way they provide remote access. It's time for them to retire their VPN.
Please join Patrick Foxhoven, CIO and VP of Emerging Technologies, Zscaler, Inc., as he explains how enterprises use Zscaler Private Access (ZPA) for Azure solution provide faster, secure remote access to internal applications for their remote employees. We'll discuss how ZPA:
- Provides direct to cloud access for a better user experience
- Provides secure remote access without the use of VPN
- Reduces costs and complexity due to no need for inbound VPN gateways
Join our guest, Dr. Ted Marra as he introduces his new strategic leadership course in Global Risk Academy.
During the webinar we will cover:
How does a truly strategic organization think? What is strategic thinking versus strategic planning? What are the vital few factors that will determine your organisation’s long-term success or failure and are they on your radar screen?
Who should attend.
People with 10 years management experience minimum up to and including C-Level in all disciplines responsible for strategic decisions or large scale operational issues - so they have large budget and many people reporting to them.
Managers and senior management from all areas of the organisation having responsibility for planning and achievement of key business objectives.
Why you should attend.
- Reflect on how you got where you are as an organisation;
- What factors were critical to your success? What factors were the basis for your success?
- What held you back – prevented you from being even more successful?
- What could you have done differently
Understand what are the most critical factors that will better ensure your organisation is a “winner” in the future (e.g., next 3-5 years).
Find out which ones you may be missing and what to do about it before it’s too late and you become just an “average or good” organisation when, with a little effort and the right strategic thinking and creativity, you could take the organisation to the next level of performance and move toward “greatness”.
How to build exceptional stakeholder relationships and why doing this is critical in especially in turbulent times.
How much visibility do you have via Secure Access end-points – from the Data Center, to the Cloud, to Devices and Applications hitting your network?
Join Pulse Secure for a compelling Webinar Centered on Pulse One – its’ leading edge Monitoring-Visibility Solution. Configured correctly, Pulse One also enhances compliance alliance, segmentation and pro-active management and consolidation for Secure Access at the front-edge of your network.
With sensitive data residing everywhere, organizations becoming more mobile, and the breach epidemic growing, the need for advanced identity and data protection solutions has become even more critical.
This session will discuss Identity and Data Protection solutions for enterprise security, organizations can take a data-centric approach to their security posture, all while controlling access to the infrastructure and applications they rely upon — both on-premises, and in public and private clouds.
Join ecommerce and cybersecurity experts from BigCommerce, Coalition Technologies and Signifyd for an in-depth discussion on the opportunities and pitfalls associated with various methods of growing your business.
As more workloads are moved to cloud infrastructure, unique security challenges arise. Join Imperva and (ISC)2 for this webinar where we'll discuss some of the tradeoffs for on-prem and cloud app security, strategies for approaching security in hybrid environments, and the importance of flexible deployment models.
SIEM solutions have been widely adopted to help IT teams collect and correlate data from a variety of security point products. However, traditional SIEM deployments require a great deal of time, money & expertise to properly normalize data feeds, create correlation rules to detect threats & continuously tune those rules to limit false positives. And, after all that work is done, it has to be continuously re-done as the network & threat landscape changes.
AlienVault takes a different approach to SIEM. Join this webcast to learn how AlienVault Unified Security Management (USM) overcomes the most common SIEM challenges with:
Built-in capabilities like asset discovery, vulnerability assessment, intrusion detection, orchestrated incident response, and log management
Continuously updated correlation directives, vulnerability signatures, incident response guidance, and more
Fully integrated, real-time threat intelligence from the AlienVault Labs Security Research Team and the AlienVault Open Threat Exchange (OTX)
The ability to monitor on-premises and cloud environments including AWS and Azure, as well as cloud applications like Office 365
Part 6 of 7: NIST Cybersecurity Framework for Healthcare Webinar Series
The final piece to the puzzle is the RECOVER function, which is arguably the most important area of the NIST CSF. How quickly can you return to business and clinical operations after a cyberattack occured?
This webinar will focus on the measures required for a timely recovery and return to normal operations to reduce the impact from a cybersecurity event, with a focus on:
• Recovery Planning: Processes and procedures are executed and maintained to ensure timely restoration of systems or assets.
• Improvements: Planning and processes are improved by incorporating lessons learned.
• Communications: Restoration activities are coordinated with internal and external parties.
To view upcoming NIST Cybersecurity Framework for Healthcare Series Part 7 https://resource.elq.symantec.com/LP=4235
The modern science of securing applications to a broad range of devices.
Do you want people accessing your data from that device? Do you know where that device has been? Would you trust that device to protect your personal data? While cloud applications offer tremendous benefits over traditional on-premise, IT Executives face many challenges involving data security and compliance. Unmanaged devices, unauthorized access, and unsanctioned apps are all significant threats, increasing the risk of data leakage and being the next organization in the headlines. Cloud access security brokers, or “CASBs” are the tools technology leaders have turned to, protecting data across applications, and mitigating other malicious threats.
In this webinar, Benjamin Massin, CEO of The SCE Group, and Gleb EvfaresTov, Solutions Engineer at Bitglass, will discuss how to balance the benefits of moving to the cloud, while implementing a security solution, protecting identities and data end-to-end.
Introduced in 2016, the General Data Protection Regulation (2016/679)—or GDPR—was created for the purpose of strengthening the European Union’s (EU) procedures and practices related to data protection. GDPR will impact organisations worldwide and implement maximum fines of up to €20,000,000 (or 4% of global turnover) if they fail to ensure compliance. Join BitSight’s Philip East and Metro Bank’s Julian Parkin as they discuss:
- The checklist organisations should review to align their business with GDPR.
- Noteworthy articles within GDPR and how they affect data governance/usage.
- BitSight’s recommendations for monitoring the GDPR alignment of third parties.
The February 2018 deadline for complying with PCI DSS 3.2 is fast looming. Most of the new requirements in the latest PCI DSS guidelines are focused on the need to extend multi-factor authentication (MFA) to additional use cases and user groups within organisations who handle Credit Card Data. From February 2018 onwards, all individuals who access systems such as databases, network modules and email servers which hold credit card data will be required to authenticate themselves with MFA.
Join (ISC)² EMEA and Gemalto to learn:
- What’s new in PCI DSS 3.2
- How to effectively map PCI DSS MFA requirements to business use cases and user groups in your organisations
- Best practices for organisations that need to extend their MFA footprints to additional use cases, and for those that are starting to think about how to comply with PCI DSS’s authentication requirements.
The care and handling of personal information is a top concern for consumers and governments alike. Unlike many issues which gain public attention and struggle to keep it, an endless stream of publicised data breaches serves to keep data privacy in the public eye. As a result we’re seeing increasingly onerous regulation coming into effect in an effort to improve the data management practices of organisations and protect the confidential information of citizens. Major Internet players are also weighing in in an effort to make the user experience more secure.
For organisations with a large digital presence, identifying all the places that personal information, or in the case of GDPR, personally identifiable information, is collected can be a daunting task. Are those forms collecting data securely? Are they accompanied by compliant statements and controls? Research carried out by RiskIQ suggests that there is much more to do in this area.
Join us for a closer look at the security and compliance issues surrounding the collection of personal information on the Internet and learn how you can automatically discover and assess all forms and persistent cookies across your web presence.
With the greatest shake-up of data protection regulation in a generation looming, CISOs, DPOs and IT Administrators are busy planning for the changes needed for their organisations to be compliant. But with 60% of IT executives suggesting staff as their biggest threat to adherence (Bluesource, 2017) and 90% of staff admitting to violating policies designed to prevent security incidents (BSI, 2017), have they really addressed the issue of friendly fire?
In this live, informative and interactive webinar led by Amar Singh, Global CISO & CEO of Cyber Management Alliance. A panel of data security and policy experts will discuss, why staff remain such an active threat to GDPR compliance, why policies are being ignored and how to ensure that your staff are on-board with the GDPR before May 2018.
Amar Singh, Global CISO & CEO, Cyber Management Alliance
Chris Payne, Data Privacy Expert & Managing Director, Advanced Cyber Solutions
Dominic Saunders, CTO and Co-Founder, NETconsent
Joe Lee – UK and Ireland Commercial Manager, NETconsent
The cloud provides organizations with elasticity and speed and by 2018 60% of an enterprises’ workloads will run in the cloud says 451 Research. The amount of business operations running in the cloud means organizations have more cloud computing service providers, with a typical enterprise having roughly six. This requires companies to develop and implement a multi-cloud strategy, especially when it comes to security. But each CSP has its own security offerings and integrations sometimes making the process confusing and complex. Even prior to the cloud, encryption and key management have presented challenges for many organizations, but with encryption becoming ubiquitous – a strong key management strategy is key. This is especially important with industry mandates and government regulations like European General Data Protection Regulation (GDPR) and U.S state data breach disclosure laws.
In this joint webinar with 451 Research, we will cover topics including:
-Building a multi-cloud security strategy for encryption and key management
-Best practices, benefits and pitfalls of managing your own security
-Impact of regulations on data protection in the next few years
-Understanding the different CSP requirements for key management:
oCustomer-Supplied Encryption Key (CSEK)
oBring Your Own Key (BYOK)
oHold Your own Key (HYOK)
oGeneral cloud service provider key management services overview
Brought to you by Entrust Datacard and IDG Research
As organizations expand on legacy infrastructures and build new digital business models, what is the role of trusted identity? This webinar will illustrate how trusted identity technologies — including authentication and PKI — are essential as organizations capitalize on the full potential of cloud and mobile technologies. We will also discuss how to avoid the pitfalls of misaligned identity strategies.
DevOps teams are building applications faster than ever before, and utilizing large amounts of open-source software to increase agility. However, that introduces the possibility of open-source security risk. The landscape of attacks has changed in recent years, with cyber-attacks increasingly happening on the application layer. This means DevOps teams need to be involved in the security process.
This task is made more daunting as modern applications are a mix of custom code and open source in their applications. How do you protect your DevOps? Register for this webinar where security experts from Micro Focus Fortify and Black Duck discuss:
- Understanding the mindset of an attacker
- Ways to automate the process of risk identification
- The ability to gate builds when finding risk elements
The Gartner 2017 Market Guide for Privileged Access Management (PAM) reviews 24 vendors across various categories. This comprehensive information can help you find an ideal solution for your unique business needs. Yet, selecting the right PAM solution is a pivotal decision; it is critical to weigh your options.
Make an informed decision. Join Suresh Sridharan, Director Privileged Access Management at CA Technologies, as he guides you through report recommendations, evaluates the latest tools and technologies, and compares and contrasts industry choices.
Creating a culture of cybersecurity is critical for all organizations. Join the conversation with our own security pros to learn how they keep employees ahead of phishing attacks, share best practices for phishing education and explain how to use innovative technologies to strengthen cyber resilience.
From attacks that abuse PowerShell to attacks that live exclusively in memory, “fileless” threats have become increasingly common and dangerous. They’re built to evade detection from even the most advanced defenses, but that doesn’t mean they can’t be stopped — or that they have to be difficult to understand.
Join us to learn how attackers are using fileless techniques to gain execution, persistence, and lateral movement, and what you can do to keep your company protected.
Solving the most sophisticated security challenges requires an advanced approach that is built upon a proxy-based architecture. This approach allows you to leverage best of breed security technologies to provide a safe and confident cloud and network experience.
Symantec secure web gateway solutions deliver strong proxy-based security in the form factor your organization needs: on-premises appliance, virtual appliance, in the cloud, or in a unified hybrid combination of these solutions.
The solution’s unique proxy architecture allows it to effectively monitor, control, and secure traffic to ensure a safe web and cloud experience.
In this webinar learn:
• Why Proxy architecture is more important than ever as a critical security component of your network
• How a web proxy can serve as a platform for advanced threat detection and data protection
• Why pre-filtering your sandbox with proxy architecture is a smart move for both your SOC and your bottom line.
Over the past few years, malware authors have developed increasingly sophisticated and creative ways to infect endpoints. Encrypting ransomware is no longer merely an annoyance. It's a highly persistent and organized criminal "business model" in full deployment, with new abilities to move laterally through networks and infect machines previously thought not possible to infect. The damage from becoming a ransomware victim is considerable, and can even put organizations out of business.
At Webroot, we believe it's possible to effectively protect businesses and users, but only by understanding your adversary and the techniques they use for their attacks. In this webinar, Webroot's own Senior Threat Research Analyst, Tyler Moffitt, will offer expert insights into emerging encrypting ransomware variants--and how you can stay ahead.
Cloud Security Protection is improving, but how can we protect against Evolving Security Threats? How can we win?
In this session we will delve into some of the security risks associated with cloud environments and what can be done to protect your applications and data that reside in the cloud by utilizing a new technology known as Software-Defined Perimeter (SDP) as well as encryption and tokenization.
Join Ulf Mattsson, CTO of Atlantic BT, and his special guests David Morris, Security Scorecard, and Juanita Koilpillai, CEO, Waverley Labs, in this dynamic panel discussion and live Q&A.
A current increasingly uncertain and complex regulatory environment has made it challenging for firms tasked with creating and maintaining a “culture of compliance”. The business demands access to new forms of communications to increase engagement with employees, partners and customers, only increasing the quantity and complexity of the data you manage. Join Proofpoint to gain an understanding of the challenges that compliance faces and the consequences of not meeting the expectations of the regulators
Join us to
•Develop insight into the rapidly changing regulatory environment
•Hear how new forms of communications are bringing about the digital revolution
•Discover how to protect your organization from reputational risk and stay out of the cross hairs of the regulators
Are your users tired of having to login to the corporate network via VPN? Do you wish you could manage at-home devices remotely? In our latest release of PCoIP Management Console, we’ve added the ability to manage both office-based and at-home PCoIP Zero Clients.
During this 30-minute webinar you’ll learn the best ways how to set up PCoIP Zero Clients so your employees or external consultants can be productive from wherever they happen to be.
The demonstration will cover how to:
•Configure PCoIP Zero Clients for off-site employees or contractors
•Determine the best WAN settings to recognize out-of-office devices
In the new enterprise network reality, boundaries have blurred: the internet is central and out of your control. A modern approach to network analytics is now more important than ever. The good news is that it’s possible to get vastly better insights from network traffic data than ever before, due to the power of cloud and big data systems. The key is to link that network traffic data and show the benefit to the broader business. In this webinar guest speaker Forrester analyst Andre Kindness and Kentik Co-founder and CEO Avi Freedman will help you understand:
- The changes in enterprise networks that make modern network analytics a must-have
- Why it’s so important to combine network data with business context
- Examples of business intelligence driven by network data in IT organizations today
- How you can gain the business advantage that modern network analytics offers
The move to requiring encryption on all websites is picking up speed, with browsers starting to show UI warnings for unencrypted websites. Roughly 60% of internet page loads already "https", and the number of sites switching to encryption grows every month. This trend is helped by the availability of anonymous, free Domain Validated (DV) SSL certificates from several Certification Authorities (CAs), which include no identity information about the website owner.
While increased encryption is good for connection security and combating “man-in-the-middle” (MITM) attacks, many phishing and malware fraudsters are using DV certificates to imitate login pages for top sites such as PayPal.com, banking sites, etc. and steal user information. Unfortunately, these fake DV login pages receive a favorable green padlock “Secure” security indicator in the Chrome UI, causing some users to believe Chrome is vouching for the phishing website as safe or trustworthy.
Join Entrust Datacard's Chris Bailey and Kirk Hall as they discuss:
• The difference between DV, OV, and EV
• The issues with current browser UIs to do with certificate information
• A proposed new UI security indicator to help users and enhance security
Join us at our next Career Conversations with Women in Cyber Security session. This webinar gives WSC members the opportunity to connect with female career professionals. We'll discuss topics such as: what made them decide on IT or Cyber Security, what were some of their work/life challenges, and what skills and education do they see as essential to success?
Whether you are an experienced professional or just contemplating a future in Cyber Security, WSC's Career Conversations allows you to have a conversation with women making a difference. Join us and share in Career Conversations with successful women in cyber security!
Featured Guest: Leslie Taylor, Recruiter Lead for ICF International
Jessica Gulick, VP of the Women's Society of Cyberjutsu board will moderate discussions.
About the Speaker:
Leslie Taylor is the Recruiting Lead at ICF and Recruiting lead for their Enterprise Cyber Security Division. She is a member of Leadership Fairfax and has a master’s degree in Human Resources. She has spoken at numerous Cyber and Recruiting conferences to include Cyber Montgomery, CyberMD, and numerous Recruiting events. Leslie Taylor has more than 15 years of experience in IT, cleared, cybersecurity and military recruiting. She is an active member in several professional associations and leverages participation in a variety of IT/cyber, university/college, association and military career fairs and networking events. Leslie primarily recruits for opportunities on a national scale. She plays an integral role in recruiting for a wide range of skills and talent to include Software Developers, Network Analysts, Programmers, Cyber Specialists, Homeland Security, Emergency Management and Program Managers that provide the following services to our clients.
Wer sich mit der Frage beschäftigt, wie man ein effektives und effizientes Security Operations Center (SOC) aufbauen sollte, steht vor einer großen Herausforderung, denn neben den Investitionen der physischen Sicherheitsmaßnahmen, Hard- und Software ist besonderes Augenmerk auf die Analysten zu setzen, die hochkonzentriert – einem Mitarbeiter der Flugüberwachung ähnlich – das Geschehen beobachten und auf den „Ernstfall“ eines Angriffs vorbereitet sind.
Diese Mitarbeiter befinden sich persönlich als auch technisch kontinuierlich im "Alarmzustand", denn jede Anomalie ist für geübte IT-Sicherheitsspezialisten bereits eine potenzielle Cyberbedrohung, die es zu analysieren und abzuwehren gilt. Damit ein SOC wirksam sein kann, bedarf es eines soliden Fundaments aus:
• Schlanke Prozessabläufe und eindeutig festgelegte und vernünftige Befugnisse der Beteiligten
• Hocheffiziente und moderne Technologien und Technologiepartnerschaften mit eingespielten Eskalationsstufen
• Hochmotivierte und vertrauensvolle Mitarbeiter und vertraute Partner, die in Engpässen das eigene SOC Team unterstützen können
In diesem Seminar zum Thema SOC, wird der SOC grundlegend erläutert und diese Grundsäulen eines schlanken SOC beschrieben. Außerdem gibt das Webinar einen Ausblick darauf, was auf die Unternehmen zukommt und welche Herausforderungen die einzelnen (n>1) Phasen begleiten und welche Services man outsourcen kann.
In the new world of IoT, smart cities, smart cars and home, our personal devices are more connected than ever before. Learn about predicting the future by looking at the past with insights on how to improve the world of IoT that is coming into our homes.
From the first time that criminal charges were files against a known state actor for hacking in 2014 to the recent US Senate Intelligence Committee hearing on Russian influence on the 2016 US Election, FireEye has been integral to investigations where cyber attacks resulted in the most significant impact on governments around the world. We will highlight some of the most public investigations, look to key government leaders to understand their perspective on the impact of cyber, and lastly review the top strategic mistakes that organizations make when trying to address cyber risk.