Hi [[ session.user.profile.firstName ]]

IT Security

  • The Role of Orchestration in Incident Response
    The Role of Orchestration in Incident Response Chris Neely, CISSP, Director of Technical Sales, EMEA, IBM Resilient, Adrian Davis, Managing Director, (ISC)² EMEA Live 60 mins
    Faced with an avalanche of alerts, insufficient staffing, and a bewildering regulatory environment it's no wonder that most organizations struggle to respond effectively to cyber attacks. Successfully resolving attacks requires fast, intelligent, and decisive action - organizations need to have an orchestrated plan in place before an attack occurs. Indeed, the best orgaizations leverage an orchestrated response capability to achieve cyber resilience, the ability to weather the inevitable cyber attacks as just another part of doing business.

    Join IBM Resilient’s Chris Neely, Director of Technical Sales, EMEA to explore the latest incident response methodology and technology. Can automation really save the day? From instant escalation, to automatic enrichment, to guided mitigation, Chris will explore the latest incident response techniques and share what works and what doesn't. Attendees will gain a framework for understanding their incident response capability and a maturity model for evaluating opportunities for orchestration / automation.
  • [VIDEO] Machine Learning in Cyber, Ransomware & the Threat Landscape
    [VIDEO] Machine Learning in Cyber, Ransomware & the Threat Landscape Carl Leonard, Principal Security Analyst, Forecpoint Recorded: Jun 29 2017 8 mins
    BrightTALK caught up with Forcepoint's Carl Leonard for a chat
    on the current state of information security, today's threatscape and a discussion on the cyber industry.

    Topics up for discussion:

    - Why AI and Machine Learning aren't the latest buzzwords and have actually been around in the security industry for a while

    - Steps to take to prepare for the GDPR regulations

    - The threats that you need to be worrying about in 2017

    - Why WannaCry was such a signficant batch of ransomware
  • Digital Transformation: How APAC businesses turn disruption into differentiation
    Digital Transformation: How APAC businesses turn disruption into differentiation Agatha Poon 451 Research, Gery Messer Managing Director, Asia Pacific CenturyLink Recorded: Jun 29 2017 55 mins
    How enterprises are choosing and using digitization initiatives for business gain.

    Organizations of all sizes and in every sector are busy redefining their IT priorities for a digital future, identifying the goals of enhanced customer experience, operational efficiency, business agility and improved risk management as four key pillars for their digital transformation strategies.

    Digital transformation is playing out differently depending on a company’s maturity, the vertical sector in which it operates, its employees, its infrastructure, and its ability to innovate. Knowing where to start, and how to maintain momentum is critical.

    Join 451 Research and Centurylink to learn how some global enterprises are making assured first steps, and hear the following:

    •Understand how companies with more progressive Digital Transformation strategies are prioritizing their efforts for competitive differentiation, changing the nature of their business with innovative technologies that are becoming more easily accessible with a lower barrier to entry.

    •Insights and recommendations from a major survey of enterprises worldwide about IT priorities and how to make service provider choices to accelerate digital transformation mandates such as the role of cloud and other IT infrastructure options that are built for availability, speed, and resilience.

    •Identification of key shifts in business context that will continue to shape digitization efforts, and how these need to be reflected in a digital transformation roadmap for IT organizations.
  • Getting Ready for Australia’s Privacy Act Amendment (Notifiable Data Breaches)
    Getting Ready for Australia’s Privacy Act Amendment (Notifiable Data Breaches) Helaine Leggat, an legal expert in data protection regulations and Graeme Pyper, Regional Director at Gemalto Recorded: Jun 29 2017 58 mins
    The Gemalto’s Breach Level Index reported 1.4 billion data records compromised worldwide in 2016, up 86% from 2015. Closer to home, there were 44 & 16 voluntarily reported breaches in Australia and New Zealand respectively. With the new Privacy Amendment (Notifiable Data Breaches) Act 2017 in Australia, these numbers are expected to increase dramatically as organisations are required to declare any “eligible data breaches”.

    Navigating these regulations such as the Australian Privacy Act and European General Data Protection Regulation (GDPR) and the impact they will have can be daunting. Organisations must start planning ahead to mitigate the potential risks of being non-compliant. The implications of a data breach can go beyond compliance. In 2014, the Target breach had a massive impact on the company’s brand reputation, while last year’s announcement of the Yahoo! data breach cost the company nearly $1.7 billion in stock market value.

    During this webinar, Helaine Leggat, an legal expert in data protection regulations will discuss the Australian Privacy Act Amendment in detail, what it means for businesses in Australia and internationally. Graeme Pyper, Regional Director at Gemalto will provide recommendations to help prepare for the 2018 deadline. We will share industry best practices and methodologies companies can evaluate to simplify a government audit process. Join our experts to ask questions and learn more about:

    •The local and global government data privacy regulations (Australia and Europe)
    •Gauging the true cost of a data breach and how to reduce the scope of risk
    •Understanding privacy by design throughout business
    •Strategies for simplifying operations for regulation and internal audits
    •Determining current industry compliance, which may be applicable to the APA and GDPR
  • SSL Best Practices: Keys, Certificates and Advanced Certificates
    SSL Best Practices: Keys, Certificates and Advanced Certificates Mark Giannotii, Entrust Recorded: Jun 28 2017 66 mins
    Phishing attacks are dangerous to your customers and could be detrimental to your brand. Securing your website and protecting your business are the cornerstone of Entrust SSL Best Practices. Join us for a complimentary webinar that covers key best practices for protecting your domain phishing attacks against the customer’s clientele and unsuspecting internet users.

    We will discuss:

    •The Definition of a Trusted CA: Learn what controls a trusted Certificate Authority (CA) has in place to ensure that unauthorized administrator cannot acquire a certificate for your organization’s brand name.
    •Domain Protection: Discuss how you can prevent another CA from issuing certificates for your domain and detect previously issued certificates.
    •Domain and Brand Reputation: Explore subjects such as certificate aSSL certificates secure ecommerce, communications and private information passed from browser to Web server and between servers. Join us for a complimentary webinar that covers key best practices for securely deploying SSL certificates for your specific environment. We will discuss:
    •Private Keys for Quality Protection: Learn how to use private keys, a key factor in determining the quality of protection provided by SSL.
    •Cater SSL For Your Environment: Discuss importance of selecting the appropriate Certification Authority (CA) and certificate type.
    •Troubleshoot Your SSL Problems: Explore how advanced certificates can be used to help solve problems in your SSL applications.
    transparency, Microsoft’s certificate reputation, HTTP public key pinning and certification authority authorization.
  • Year in Review: Financial Sector Threat Activity
    Year in Review: Financial Sector Threat Activity Candid Wueest, Threat Researcher, Symantec Security Response & Vikram Thakur, Researcher Security Response, Symantec Recorded: Jun 28 2017 61 mins
    Financial institutions are increasingly facing attacks on multiple fronts. Cyber criminals continue to target online banking using malware to hijack customer transactions and banking sessions.

    While there has been an overall drop in infections related to these consumer threats, financial institutions are now facing a new type of attack in the form of large-scale financial heists. Attack groups such as Fin7 and Lazarus are deliberately targeting financial institutions in audacious attacks that are reaping large rewards.

    In its annual review of the financial threat landscape Symantec takes a look at the most prevalent and significant financial threats.

    In the webcast we will review:

    -The top threats facing financial institutions

    -Explore the most common techniques employed in financial attacks

    -Provide case studies of the most high-profile financial attacks of the past 12 months

    Register today
  • Leveraging Automation for Self-Healing Clouds
    Leveraging Automation for Self-Healing Clouds Todd Bernhard, CloudCheckr Product Marketing Manager Recorded: Jun 28 2017 24 mins
    When it works, the cloud runs itself, but too often humans get involved and mess things up. Users can spin up and forget about instances, or create password policies that are insecure or make typos that can cause downtime. It is important to be alerted to such events but there’s only so much one administrator can do. This is where automation comes in. The ability for your infrastructure to “self-heal” makes it possible to run a large cloud infrastructure at scale.

    Join us Wednesday, June 28 at 2pm EST for Leveraging Automation for Self-Healing Clouds. During this interactive webcast, CloudCheckr Product Marketing Manager Todd Bernhard will present attendees with an overview of CloudCheckr’s Automation capabilities, including:

    - 450 automated Best Practice Checks to detect anomalies and security problems
    - “Fix Now” functionality for Best Practice Checks
    - Auto-Fix functionality to eliminate steps and delays
  • Your Secret’s Safe with Me: Using and Managing Secrets in Containers
    Your Secret’s Safe with Me: Using and Managing Secrets in Containers Liz Rice, Technology Evangelist, Aqua Security, and Sagie Dulce, Senior Researcher, Aqua Security Recorded: Jun 28 2017 45 mins
    As organizations adopt containers and prepare to use them in production environments, the issue of managing secrets becomes a major concern:
    How do you assign and deploy secrets to containers while keeping them secure?
    How do you avoid secrets being visible on the network and host, and ensure they do not persist on disk?
    How do update, rotate and revoke secrets without interrupting the containers that use them?
    How do you leverage existing secrets stores (KMSs) and extend their use to containers?

    Join our webinar as we take a closer look into the ‘secrets’ of managing secrets and:
    · Learn some of the “do's and don'ts” of securing secrets
    · Learn the cardinal security requirements of secrets management
    · Watch a live demonstration to learn how secrets can be stolen from a node and how to extract secrets from an encrypted storage.
  • SSL Best Practices: Domain Protection
    SSL Best Practices: Domain Protection Mark Giannotii, Entrust Recorded: Jun 28 2017 56 mins
    Phishing attacks are dangerous to your customers and could be detrimental to your brand. Securing your website and protecting your business are the cornerstone of Entrust SSL Best Practices. Join us for a complimentary webinar that covers key best practices for protecting your domain phishing attacks against the customer’s clientele and unsuspecting internet users.

    We will discuss:

    •The Definition of a Trusted CA: Learn what controls a trusted Certificate Authority (CA) has in place to ensure that unauthorized administrator cannot acquire a certificate for your organization’s brand name.
    •Domain Protection: Discuss how you can prevent another CA from issuing certificates for your domain and detect previously issued certificates.
    •Domain and Brand Reputation: Explore subjects such as certificate transparency, Microsoft’s certificate reputation, HTTP public key pinning and certification authority authorization.
  • SSL Best Practices: Server Configuration & Enhanced Security
    SSL Best Practices: Server Configuration & Enhanced Security Mark Giannotii, Entrust Recorded: Jun 28 2017 61 mins
    The best way to mitigate security vulnerabilities on your web server is to configure that server in the most reliable way. Join us for our SSL Best Practices webinar and learn to stop threats from the start. This complimentary webinar will explore server configuration and server enhancement. We will discuss how secure server configuration for SSL protects your sites from online threats and:

    •Implement the Proper Configuration: Learn which SSL server configuration options mitigate against known problems
    •Enhanced Security Features: Discuss enhanced security features and the benefits they provide
    •Tools For Configuration: Get a demonstration of available services that will help administrators assess the security configuration of their SSL web server
  • SHA-1 Deprecation SHA-2 Deprecation
    SHA-1 Deprecation SHA-2 Deprecation Mark Giannotti Recorded: Jun 28 2017 59 mins
    Starting January 1, 2017, Chrome stopped supporting SHA-1 certificates. Now sites that have a SHA-1-based signature as part of the certificate chain (not including the self-signature on the root certificate) will trigger a fatal network error.

    Join us for a complimentary webinar to discuss how the deprecation of SHA-1 will affect your SSL enabled web sites.

    - Discuss the timing of the forthcoming updates to Google Chrome and the impact on certificates signed with SHA-1.
    - Discover which tools are available to identify certificates that are currently issued using SHA-1.
    - Learn how Certificate Authorities are helping SSL subscribers make the transition to SHA-2 signed certificates.
  • HospitalGown: The Backend Exposure Putting Enterprise Data at Risk
    HospitalGown: The Backend Exposure Putting Enterprise Data at Risk Appthority's Domingo Guerra, Co-Founder and President and Seth Hardy, Director of Security Research Recorded: Jun 28 2017 30 mins
    Domingo Guerra and Seth Hardy discuss Appthority's Q2 2017 MTR's findings and the potential HospitalGown repercussions for your enterprise.
  • Advanced Threats - Why you still need to worry about email security
    Advanced Threats - Why you still need to worry about email security Ganesh Umapathy, Product Marketing Manager SonicWall Recorded: Jun 28 2017 42 mins
    Email-based communications are a fundamental cornerstone for effective business. That’s why email is a popular vector for sabotage across your network and a launch pad for malware – including ransomware and zero-day threats.

    This webcast discusses the current threat landscape and customer pain points, and examines how SonicWall Email Security – now integrated with Capture Advanced Threat Protection – delivers cloud-based, multi-engine sandbox protection for your email.
  • Tech Demo - Detecting Suspicious File Access
    Tech Demo - Detecting Suspicious File Access Morgan Gerhart - VP Product Marketing; Jim Hanson - Sr. Sales Engineer Recorded: Jun 28 2017 49 mins
    Our security experts walk through dynamic peer group analysis in CounterBreach 2.0. Tune in to see how to use machine learning to define dynamic peer groups, detect suspicious file access behavior, and dynamically manage access permissions.
  • Protect & Respond to Ransomware and Business Email Compromise
    Protect & Respond to Ransomware and Business Email Compromise Mark Guntrip, Director Product Marketing, Proofpoint Recorded: Jun 28 2017 54 mins
    Cyber threats have changed dramatically in the last year.

    Last week, Symantec released patches for several critical SMG vulnerabilities that enabled attackers to (1) compromise the email gateway and (2) fully bypass gateway inspection and deliver malware via email.

    Short term, have you patched the vulnerability?

    Long term, have you evaluated email security solutions that handle all threats, with and without malware?

    Join this webinar for an overview of how modern email protection should dynamically analyze and identify malware. Learn:

    • What’s happening in the threat landscape—new vectors, new criminal techniques
    • How our solution can help you strengthen your defense, detecting and blocking email threats and enabling rapid, automated response
    • How Advanced Email Security compares to your current solution
  • TITUS and Symantec DLP FlexResponse
    TITUS and Symantec DLP FlexResponse TITUS Recorded: Jun 28 2017 4 mins
    Learn how to apply TITUS classification metadata via integration with Symantec DLP FlexResponse. This video shows automatic classification as well as administrator-applied classification within Symantec DLP.
  • How a Reliable CA Can Help with the Certificate Lifecycle
    How a Reliable CA Can Help with the Certificate Lifecycle Mark Giannotti Recorded: Jun 28 2017 58 mins
    Managing your SSL certificates doesn’t have to be difficult. Join us for a complimentary webinar that covers, in-depth, how a reliable CA helps with the certificate lifecycle.

    - Learn the importance of selecting a reliable Certificate Authority for all your digital certificate needs.
    - Discuss what to look for when choosing your certificate provider.
    - Explore the components of a good certificate management solution and how it implements a Secure Service Lifecycle.
  • How to Safely & Reliably Enable Office 365
    How to Safely & Reliably Enable Office 365 Keith Steller, System Engineer at Palo Alto Networks Recorded: Jun 28 2017 32 mins
    As enterprises continue adopting Microsoft® Office 365™, there is continued focus on safely and reliably enabling it. Join this webinar to learn how you can leverage Palo Alto Networks Next-Generation Security Platform to transform your security stack and achieve the following goals:
     
    1.Enhanced network traffic visibility and context.
    2.Address security concerns around dynamic nature of O365 changing IPs, ports, and URLs.
    3.Allow granular control within an application including controlling enterprise vs consumer access.
     
    We will discuss how you can use Palo Alto Networks App-ID in combination with application signatures and URL filtering to achieve all of the above-mentioned objectives.
  • Getting Rid of Risky Business: How contextual info is securing cloud app access
    Getting Rid of Risky Business: How contextual info is securing cloud app access Ella Segura, Identity and Access Management Expert at Gemalto Recorded: Jun 28 2017 56 mins
    Organizations are working across more cloud environments from CSPs to on premise. Just this year, enterprises are expected to utilize an average of 17 cloud applications to support IT, operations and business strategies. The cloud’s benefits are well-known, but for security teams managing multi-cloud ecosystems has its challenges, especially when it comes to access management.

    Behavioral and contextual analytics are helping companies mitigate risk and better secure access to cloud applications and data. Using data-driven insights to develop internal security policies takes a more preventative identity and access management strategy.

    During this webinar, we will discuss what security professionals need to assess and understand when moving towards or updating a risk-based authentication model for IAM. The presentation will outline access management policies can be identified, templated, updated and monitored to improve security around data in the cloud.

    Join us for a deep dive into:
    -Current implications of multi-cloud environments on IAM
    -Proactively using analytics to define access policies
    -Avoiding security fatigue through scenario-based authentication
    -Preparing for audits using policy implementations
    -A live demonstration of how this all fits together in a multi-cloud environment
  • The Inside Story of the Petya/ExPetr Ransomware: Learn how to protect your data
    The Inside Story of the Petya/ExPetr Ransomware: Learn how to protect your data Juan Andres Guerrero-Saade, Kaspersky Lab, Matt Suiche, Comae Technologies Jun 29 2017 2:00 pm UTC 120 mins
    On Thursday, 29 June, Kaspersky Lab is teaming up with Comae Technologies to present an emergency webinar for businesses to help them understand and defend against the Petya/ExPetr ransomware. The malware has affected companies in a range of industry sectors across the world, with Ukraine, Russia and number of Western European countries most affected.

    Juan Andres Guerrero-Saade, senior security researcher in Kaspersky Lab’s Global Research and Analysis Team, will be joined by Matt Suiche from Comae Technologies to present the very latest information on the ransomware’s attack vectors, the infection process and how it spreads through company networks. They will provide mitigation guidance and explain the actions organizations need to take to secure their computers and networks against this threat.
  • The CIO's Guide to Digital Transformation Strategy
    The CIO's Guide to Digital Transformation Strategy Davinder Gautam, Managing Director, Accenture; Ross Mason, Founder and VP Product Strategy, MuleSoft Jun 29 2017 3:00 pm UTC 60 mins
    Digital transformation is something that everybody wants to achieve, but not everyone can define. In this webinar, Accenture managing director Davinder Gautam and MuleSoft founder Ross Mason will discuss the problems CIOs are facing in planning and executing their digital transformation strategies as well as solutions to closing the IT delivery gap and achieving their goals.

    Attendees will learn:

    - What are the obstacles getting in the way of achieving digital transformation?
    - Strategies to end the misalignment of business and IT on digital initiatives
    - A roadmap to closing the IT delivery gap
  • Symantec Monthly Threat Webinar - June update
    Symantec Monthly Threat Webinar - June update Jeff Barto, Trust Evangelist at Symantec Jun 29 2017 3:30 pm UTC 60 mins
    Hear the latest on the current website security threats for June 2017 from Symantec.
  • Shorter, Faster Threat Detection and Response with AlienVault and Cisco Umbrella
    Shorter, Faster Threat Detection and Response with AlienVault and Cisco Umbrella Jeff Olen, Product Manager at AlienVault and Kate MacLean, Product Manager at Cisco Umbrella Jun 29 2017 4:00 pm UTC 45 mins
    Threats continue to increase in sophistication and frequency, your environment is getting more complex with the addition of cloud infrastructure, and your siloed security tools leave you struggling to get a unified view of your security posture. How can you reduce the time to detect and defend against malware in today’s environment? It’s not enough to wait for malware to reach your network or endpoints before you try to detect and stop it. What if you could identify and block threats earlier? With Cisco Umbrella and AlienVault USM Anywhere, you can.

    Join us for a 45-minute webcast to learn how you can quickly improve your threat detection and response time with AlienVault USM Anywhere and Cisco Umbrella. During this session, you’ll learn about each product and see how the integration enables you to:

    - Focus on threat response and not writing complex security analytics rules
    - Get prioritized, contextual alarms leveraging threat intelligence from both Cisco Umbrella and AlienVault
    - Automate policy enforcement between the platforms for rapid response
    - Enhance threat visibility and reduce mean time to detection & response
  • IoT Tests and Trends: Key Findings from the Threat Lab
    IoT Tests and Trends: Key Findings from the Threat Lab Marc Laliberte, Information Security Threat Analyst, and Ben Brobak, Technical Product Manager Jun 29 2017 4:00 pm UTC 60 mins
    With everything from children’s toys to thermostats connecting to the Internet, it should come as no surprise that the average home has no less than seven IoT devices in use every day. But as pressure grows to release new products faster and faster, we’re all left to wonder: is security really a priority? Needing an answer, WatchGuard’s Threat Lab launched an ongoing project to test some of these connected devices and determine for ourselves how secure they really are.

    Join Marc Laliberte, information security threat analyst, and Ben Brobak, technical product manager, on June 29 as they analyze the surprising results of this project and share their best tips for defense.
  • Part 2: Future of SIEM—Sniff Out Malware & Spear-Phishing w/Behavioral Analytics
    Part 2: Future of SIEM—Sniff Out Malware & Spear-Phishing w/Behavioral Analytics Orion Cassetto, Sr. Product Marketing Manager, Exabeam. Anne Saita (Moderator) Jun 29 2017 5:00 pm UTC 75 mins
    Malware and spear-phishing continue to cause the most headaches for IT security teams. Over the years, attackers have become more sophisticated and SIEM systems have failed to keep up. Key indicators of emerging threats include lateral movement, where the attacker silently attempts to access multiple servers on the network, and account management, where the attacker escalates privilege or creates new privileged accounts. Detection of advanced threats like these require real time analytics and the ability to find signals within the very noisy security environment. Join Exabeam and (ISC)² on June 29, 2017 at 1:00PM Eastern to learn how user behavior analytics automatically analyzes and scores activity for escalated risk allowing for quick attack detection.
  • Advanced Threat Protection for Messaging Gateway
    Advanced Threat Protection for Messaging Gateway Zachary Sivertson, Director Content & Malware Analysis, Symantec & Tobias Pischl, Product Manager, Email Security, Symantec Jun 29 2017 5:00 pm UTC 60 mins
    Symantec has just released new advanced threat protection capabilities for Messaging Gateway 10.6 based on integration with Symantec’s Content & Malware Analysis platform. This new advanced threat defense option for Messaging Gateway provides offloading of messages to Content & Malware Analysis for further inspection and comprehensive malware detonation.

    Join Symantec product managers from Messaging Gateway and Content & Malware Analysis to see demos of this integration in action, and learn more about how this solution addresses today’s latest advanced threats through:

    •Advanced scanning and sandboxing to detect and block malicious files and URLs
    •In-depth threat analysis and summary dashboard-level visibility
    •Threat correlation analysis across Symantec Endpoint Protection, Proxy SG and Messaging Gateway

    Don't miss this great opportunity to speak with the product experts of this combined solution and get your questions answered!
  • How today’s threats prey on the human factor | 2017 Human Factor Report
    How today’s threats prey on the human factor | 2017 Human Factor Report Patrick Wheeler, Director, Threat Intelligence, Proofpoint Jun 29 2017 5:00 pm UTC 60 mins
    Ransomware. Business email compromise (BEC). Social media phishing. Counterfeit mobile apps. Today’s advanced attacks use different tactics and vectors, but they all have one thing in common: they target people, not just infrastructure.

    In this webinar, we use original research and data collected from real-world Proofpoint deployments around the world to explore who is being targeted, how attackers are getting people to click, and what you can do about it.

    Register now to learn about:
    •The latest social engineering targeting trends and techniques
    •Top email fraud tactics, including business email compromise (BEC) and social media account phishing
    •The rise of fraudulent mobile apps and how criminals target users on the go
  • 3 Reasons to Swap Your Next Pen Test for a Bug Bounty
    3 Reasons to Swap Your Next Pen Test for a Bug Bounty Jason Haddix, Head of Trust and Security & Wade Billings, VP, Technology Services, Canvas by Instructure Jun 29 2017 6:00 pm UTC 60 mins
    In the past several years, bug bounty programs have disrupted the pen test norm, and provide organizations with a robust and all-encompassing security assessment solution. Instructure, the company behind Canvas Learning Management System (LMS), made the switch three years ago and have never looked back.

    In this webinar, we will explore...
    • Why Instructure replaced their last three penetration tests and the results they’ve found
    • The three fundamental differences between the penetration testing model and the bug bounty model
    • How organizations running bug bounty programs have seen improved results in both volume and quality in vulnerability submissions
  • SOC of the Future -- How to Run an Effective SOC
    SOC of the Future -- How to Run an Effective SOC Siemplify’s Miguel Carrero (EVP Strategy) & Meny Har (VP Product) Jun 29 2017 6:00 pm UTC 30 mins
    The Security Operations Center (SOC) is the backbone of an effective cyber strategy. With the ever expanding digital footprint and heavy investment in detection, effective response to today’s cyber challenges run through Security Operations. Running an effective SOC is way more than tuning a SIEM or hiring more analysts. The building blocks of a SOC require thoughtful convergence of people, process, and technology;

    Executed effectively, a SOC brings visibility, confidence and efficiency throughout security operations and incident response. A properly implemented SOC can enable analysts to triage the tsunami of alerts flooding the organization, provide contextual data which allows analysts to appropriately prioritize incidents based on the severity of the threat, and ultimately greatly reduce time to remediate security issues by consistently executing processes.

    In this webcast, Siemplify’s Miguel Carrero (EVP Strategy) & Meny Har (VP Product), will introduce how to drive efficiency and effectiveness across security operations and how SOC Managers are taking back control to spot what’s important and act on it fast.
  • Success Factors in Threat Intelligence: Part 2 - Starting a Program
    Success Factors in Threat Intelligence: Part 2 - Starting a Program Allan Thomson, Chief Technical Officer Jun 29 2017 6:00 pm UTC 45 mins
    This series describes a comprehensive “business technical approach” to the justification, definition, design and execution of Threat Intelligence Programs.

    What do we mean by “business technical approach’ to Threat Intelligence?

    Much in the industry is focused solely on one technical aspect or another of threat intelligence data that indicates information about a specific malware family, a set of indicators that can be used to block malicious sites, campaign information that highlights a threat actors profile, their tactic, techniques and procedures. But much of the technically focused content do not discuss how organizations can gather or construct that information themselves, and even more so, how an organization would organize themselves to respond to such data. Much of the output of the industry is providing the fish to organizations rather than teaching the organizations how to fish themselves.

    A ‘business technical approach’ is one where we define an approach focused on the business needs, the organization personnel, organizational roles & responsibilities, team structure and those elements’ interaction with technology to address the challenge of successful threat intelligence operations. Our goal is to help organizations build effective Threat Intelligence programs.

    In Part 1 of the CSO Series we introduced the key business and technical requirements of TI programs. In Part 2 webinar we will examine some important definitions to consider in TI and how to start building the program based on the requirements identified in Part 1 of the series. We will introduce to the audience the overall vision of the TI program execution, doing gap analysis on existing security programs and identifying where the TI program can complement and enhance existing investments.
  • 4 Ways Identity Can Improve Your Security Posture
    4 Ways Identity Can Improve Your Security Posture Krystal Wang Sr. Manager, Security Solutions at Okta Jun 29 2017 7:00 pm UTC 60 mins
    Most organizations understand strong authentication is a necessary part of a good security practice. But because organizations have much less control over the devices, services, and people in their environment today, identity not only becomes the critical control point, but the information stemmed from it can be leveraged to strengthen existing processes as well as integrate with other security investments.

    Join this webinar to learn why identity must not simply be a "first step" but the foundation for the future of security as well as 4 ways to leverage identity to enhance your security posture.
  • Using AI Cybersecurity in M&A Due Diligence
    Using AI Cybersecurity in M&A Due Diligence Nicole Eagan, CEO Jun 29 2017 8:00 pm UTC 30 mins
    Join special guest speaker, Darktrace CEO Nicole Eagan, as she discusses the challenges of ensuring cyber hygiene during M&As, and how Darktrace’s self-learning technologies can help firms incorporate cyber risk into the due diligence process and ensure the health of their networks.

    Mergers and acquisitions present a unique cyber challenge: it has become critical for companies to add cyber assessment both to the pre-acquisition checklist and during the merging of the two companies’ networks. Today, companies are leveraging new breakthroughs in AI and machine learning to ensure the health of their networks before, during, and after the merger or acquisition.
  • Mega Breaches: How To Mitigate Your Risks Using Data-Centric Security
    Mega Breaches: How To Mitigate Your Risks Using Data-Centric Security Heidi Shey (Senior Analyst at Forrester) and Nico Popp (SVP Engineering, Information Protection at Symantec) Jun 30 2017 10:00 am UTC 75 mins
    Keeping data safe pays dividends for protecting your reputation and retaining trust. No-one wants to suffer a breach, let alone a mega breach, but how should you invest time and resources to prevent this?

    In this webinar, guest speaker Heidi Shey (Senior Analyst at Forrester) will join Nico Popp (SVP Engineering, Information Protection at Symantec) as they guide you through the evolving world of data protection and explain how a holistic approach to data security and identity puts you back in control.

    Such a data centric approach combines data discovery, protection and identity and delivers two key benefits:

    •Ensures data is only available to the right users, irrespective of location (including cloud), organization or device

    •Provides protection throughout the data lifecycle

    The webcast will include a review of best practices to help you understand how a proactive, data-centric approach makes best use of your resources, and safeguards your – and your customers’ – critical data.
  • “NotPetya” Ransomware Webcast – from SecureWorks® Threat Intelligence
    “NotPetya” Ransomware Webcast – from SecureWorks® Threat Intelligence Aaron Shelmire and Mike McLellan, Security Researchers, Counter Threat Unit Jun 30 2017 6:00 pm UTC 60 mins
    SecureWorks Counter Threat Unit™ (CTU) researchers will discuss details of the “NotPetya” Ransomware attack. Our experts will discuss this and similar attacks, help organizations explain the importance of avoiding malicious attempts and discuss the value of recommended mitigation tactics.

    In this webcast we will discuss:
    • History and timeline of this attack and how it began
    • What is this ransomware, how is it different from others and how it operates
    • Why this is not Petya or Goldeneye
    • How to be vigilant of misinformation
    • SecureWorks recommended actions to protect yourself
    • Interactive Q&A session
  • Using Windows Security Events to Detect Intruders in Your Network
    Using Windows Security Events to Detect Intruders in Your Network Randy Franklin Smith (Windows Security expert), Chris Martin (Security Engineer), Caitlin NoePayne (LogRhythm Sr. TPM) Jul 4 2017 9:00 am UTC 90 mins
    Over time, any given computer on your network will establish a pattern of systems it does and doesn’t talk to. If you can properly baseline that behaviour and detect when the computer deviates from normal activity you can produce critical early warnings of a potential incident.

    In this webcast, LogRhythm’s senior technical product manager, Caitlin NoePayne, and principal sales engineer, Chris Martin, join Randy Franklin Smith, Windows Security subject matter expert, to discuss detecting computers on your network talking for the first time using Windows Security Events. They will also demonstrate LogRhythm behavioural analytics rules and case management features that help analysts follow up on suspicious activity alerts.

    Learn how to:

    • Configure your audit policy to generate relevant security events
    • Establish baseline behaviour of the machines on your environment
    • Monitor and detect traffic patterns to detect an attacker embedded in your network using Windows Security Events
    • Speed up investigation and response with Security Automation and Orchestration

    Watch now to learn how to use Windows Security Events and LogRhythm to detect when two computers on your network talk to each other for the first time.
  • Systemhärtung: Schutz Ihrer Systeme auch wenn Patch Management keine Option ist!
    Systemhärtung: Schutz Ihrer Systeme auch wenn Patch Management keine Option ist! Olaf Mischkovsky; Alexander Peters Jul 4 2017 12:00 pm UTC 60 mins
    Wie der jüngste WannaCry Cyber Angriff gezeigt hat sind nicht gepatchte Systeme ein beliebtes Einfalltor für Schadcode unterschiedlichster Art und ein aktives Patch Management ist unbestritten eine der kritischsten Maßnahmen zum Schutz ihrer IT-Landschaft und sollte somit auf keinen Fall vernachlässigt werden.

    Allerdings gibt es in der Praxis in unterschiedlichsten Umgebungen (Produktion, Embedded Systeme, ältere oder statische Applikationsumgebungen um nur einige wenige zu nennen) valide und vielfältige Gründe warum Systeme nicht auf dem aktuellen Stand gehalten werden können.
    An dieser Stelle gibt es auch immer wieder Schwachstellen für die keine oder zumindest zum Zeitpunkt des Bekanntwerdens noch keine Updates zur Verfügung stehen und wir möchten in diesem Webcast aufzeigen wie mit Hilfe einer aktiven Systemhärtung Ihre System trotzdem geschützt werden können.

    Des Weiteren werden wir Ihn aufzeigen wie mit Hilfe einer solchen Lösung auch aktuelle und gepatchte Systeme auf einen höheres Schutzniveau gebracht werden können.
  • Think small with Optimised Internet
    Think small with Optimised Internet Hoo Shu Yee, Singtel Sr. Product Director and Nick Hawkins, Akamai Sr. Director Product Management Jul 5 2017 6:00 am UTC 60 mins
    Internet is a convenient, cost-efficient means to connect your branch offices and to access public cloud applications. It is also an integral part of any enterprise’s hybrid WAN architecture. However, its unreliable and unpredictable performance may hamper employee productivity.

    Join us in this webinar to learn about:
    • Some of the challenges enterprises face with Internet connectivity
    • How Internet connectivity can be optimised to improve branch offices’ connectivity and to access cloud applications

    So, think small, because a branch office could bring you closer to market domination when it is well connected to the rest of the world by reliable, business-grade Internet.
  • Intelligente Endpunktsicherheit: mehr als nur Vorbeugung
    Intelligente Endpunktsicherheit: mehr als nur Vorbeugung Ruediger Weyrauch, Director, Central Europe System Engineering bei FireEye Jul 5 2017 12:00 pm UTC 45 mins
    Moderne Lösungen für die Endpunktsicherheit erfüllen zwar die Aufgaben, für die sie entwickelt wurden, bieten jedoch keine lückenlose Sicherheit.
    Umfassender Endpunktschutz erfordert vorbeugende Maßnahmen, Virenschutz, Tools zur Bedrohungserkennung und -abwehr am Endpunkt und weitere Funktionen.
    Selbst wenn ein Unternehmen dazu mehrere Punktlösungen einsetzt, werden dadurch höchstwahrscheinlich nicht alle Sicherheitslücken geschlossen.
    Manche Anbieter werben mit „Endpunktsicherheit der nächsten Generation“. Doch was genau meinen sie damit?

    Ruediger Weyrauch, Director, Central Europe System Engineering bei FireEye, erläutert in einem Webinar, worauf Sie achten sollten, damit Ihre Endpunktsicherheitslösung der nächsten Generation Ihre Endpunkte lückenlos schützt.

    Die Themen:
    - Der aktuelle Stand der Endpunktsicherheit und die damit verbundenen Herausforderungen
    - Die Vorteile von Lösungen für die Angriffserkennung und -abwehr an Endpunkten (EDR)
    - Die Vorteile von Bedrohungsdaten und ihre Rolle bei der EDR
    - Warum ein Endpunkt-Agent die folgenden Merkmale aufweisen sollte:
    •Mehrere Engines für die Bedrohungserkennung und -abwehr
    •Integrierte Prozessabläufe von der Erkennung über die Untersuchung bis hin zur Abwehr
    •Skalierbarkeit, mehrere verfügbare Formfaktoren, Unterstützung für verschiedene Betriebssysteme
  • Power of The Proxy
    Power of The Proxy Timothy Chiu, Senior Director, Product Marketing Jul 6 2017 5:00 am UTC 30 mins
    The reality & one of the biggest challenges for IT today is that there’s a complex user definition – there are now many options for connectivity via multiple types of devices, and the truth is, there is a lack of security for many of these new devices both on premise and in the cloud.

    The traditional security perimeter that your IT team used to be able to define surrounding cloud security is now dissolving. So if you are adopting more cloud services, putting more employees in remote or distributed offices, or are concerned about the increasing number of cyber threats you are reading about in the headlines, join us for this session to better understand what it means to be a proxy, why that’s so important today, and how that plays against what our competitors are saying about us.

    Register for our webinar ‘Power of The Proxy’ today!
  • How to Prevent Breaches through Application Controls
    How to Prevent Breaches through Application Controls Navneet Singh, Director, Product Marketing Jul 6 2017 8:00 am UTC 60 mins
    Employees are accessing any application they want, using work or personal devices, regardless of the business and security risks involved.

    What are you doing to protect your organization’s data?

    Join the webinar and discover:
    • How attackers use apps to infect and exfiltrate data
    • How to use app control the right way to prevent breaches
    • How to extend visibility and control to SaaS apps
  • IT Sicherheitsbedrohungen in Deutschland 2017
    IT Sicherheitsbedrohungen in Deutschland 2017 Mario Galatovic, Business Development Manager, and Bernd Stamp, Technical Lead DACH, Thales e-Security Jul 6 2017 12:00 pm UTC 60 mins
    Datensicherheitsvorfälle. DSGVO Risiken. Daten in der Cloud, Big Data und das Internet der Dinge (IoT).

    95% aller deutschen Unternehmen glauben, dass sie nicht ausreichend gegen Cyberangriffe geschützt sind

    Was erleben Unternehmen in Deutschland und wie gehen sie mit den Herausforderungen um?

    Basierend auf der Forschung des renommierten IT-Marktforschungs- und Beratungsunternehmen 451 Research zeigen die Ergebnisse des Thales Data Threat Reports 2017 wie Unternehmen in Deutschland auf die Herausforderungen in Bezug auf ihre Daten reagieren. Diese beziehen sich auf die gestiegenen Anforderungen an Daten um das Geschäftswachstum zu unterstützen, und gehen bis hin zu regulatorischen Anforderungen, die Implementierung fortschrittlicher Technologien sowie Datensicherheitsvorfälle. Die Risiken für vertrauliche persönliche Informationen, Finanzdaten und kritische Unternehmensdaten steigen.
    Dieses Webinar behandelt die Sicherheitsbedrohungen in Bezug auf Daten für Unternehmen, was Organisationen machen um Daten zu schützen, und praktische Empfehlungen für die Sicherheit von vertraulichen und sensitiven Daten.

    Nehmen Sie an unserem Webinar teil und erfahren Sie mehr zu folgenden Punkten:
    • Die Auswirkungen von fortschrittlichen Technologien wie Container, IoT, Big Data und die Cloud und welche Herangehensweisen gebraucht werden um dort kritische und sensitive Daten zu schützen.
    • Die Art und Weise, wie neue Datenschutzregelungen die Strategie für Datensicherheit beeinflussen.
    • Auf welche Herausforderungen Unternehmen treffen, wenn sie Datensicherheitsinstrumente einsetzen und nutzen – und wie man diese Herausforderungen bewältigen kann
    • Die Ausgaben für IT Sicherheit steigen, Antreiber hier sind Compliance und Bedenken in Bezug auf Datensicherheit