2012 Global Security Threats and Trends

Nicholas J. Percoco, Trustwave SVP and Head of SpiderLabs
If the thought of a breach is keeping you up at night, this presentation will give you tangible recommendations on strengthening your information security strategy. Based on the Trustwave 2012 Global Security Report, the presentation will feature data from more than 300 investigations and 2,000 penetration tests conducted in the previous 12 months.

Presented by Nicholas J. Percoco, Trustwave SVP and Head of SpiderLabs, this 60-minute session will:

- Highlight the threats targeting your organization's valuable assets
- Explain state-of the art-attack methods uncovered in our data breaches investigations
- Use real-world security research to put the most common weaknesses under the microscope

In today's cyber world, it's no longer a matter of 'if' a data breach will occur, but 'when." Attend this presentation to gain insight into the vulnerabilities that are affecting businesses today, and the strategic initiatives you can take to better secure data within your organization.
Feb 9 2012
63 mins
2012 Global Security Threats and Trends
security cyber threats
More from this community:

IT Service Management

  • Live and recorded (2352)
  • Upcoming (68)
  • Date
  • Rating
  • Views
  • An AANPM solution should focus on the real-time performance of end users. Instead of making use of 100% synthetic tests into an application environment, real end-user traffic can be used to find slow application response times, changes in network latency, and poorly written application code.

    Attention can be focused on the true root cause of the performance problem, rather than engaging in guesswork network troubleshooting. An AANPM solution aids IT organizations in quickly identifying the component of the network or application that is inducing the delay, enabling engineers to resolve the problem.

    In this third of four webinars we will look at how an AANPM solution is implemented and how it benefits engineers and technicians.
  • Join Kroll’s Indonesia team as they share their experience investigating risk in one of Asia’s most attractive markets.

    Indonesia in 2015 remains one of Asia’s most significant sources of growth, and continues to draw investors from Asia, North America, and Europe. While there is good reason to be hopeful due to a strong new political administration, throughout the economy reputation, corruption, fraud and political risks remain. ​

    Kroll’s team will discuss their views on the changing risk environment around Indonesia’s investment opportunities, as well as share their experience researching integrity issues, infrastructure bottlenecks, and sensitive industries.
  • Tony Fortunato, Sr. Network Performance Analyst with the Tech Firm, will demonstrate the benefits of using an OptiView XG to root out the causes of issues in today's complex network environments.
  • You may not know much about it, but Hadoop is coming in a big way. The list of services you provide and support grows larger by the day and very soon Hadoop related technologies will likely play a critical role in many of those services. Much of the processing that happens in Hadoop is batch related but the built in tools for managing that batch is inferior and will cause delays when trying to deploy the related applications and services. Join us to learn:

    •What Hadoop is and what it is used for
    •The type of processing performed in Hadoop environments
    •How to deliver better Hadoop workload related services
  • A recent analyst study found that 88% of organizations are “doing Project and Portfolio Management (PPM).” This finding could lead many to believe all is well with this critical business process so essential to strategic success. This is hardly the case as studies also show PPM is still generally immature in enterprises today. The lack of maturity is largely due to the fact that most organizations are addressing only a subset of PPM capabilities. So though almost every organization can lay claim to doing PPM, few are actually doing PPM for all its worth. Many of these organizations will continue to miss out on the incredible possibility and promise of this essential business capability until they grasp and appreciate the full scope and potential of PPM.

    One of the greatest barriers to realizing the full potential of PPM is an enterprise-wide awareness of the span of PPM and the likely gap that must be overcome to achieve it. There is a plethora of great PPM insight contained in the numerous books, methodologies, and frameworks available today, but using this volume of information to get everyone on the same page is a daunting challenge. The key is to use a simple approach and model to quickly establish a common understanding of this critical business discipline and to easily foster the conversations and discussions to drive the endeavor to raise PPM proficiency.

    This brief webcast will present a PPM model that is easy to remember, easy to communicate, and proven to quickly illuminate the gap between existing immature PPM processes and the full scope and potential of comprehensive Project and Portfolio Management.
  • A recent analyst study found that 88% of organizations are “doing Project and Portfolio Management (PPM).” This finding could lead many to believe all is well with this critical business process so essential to strategic success. This is hardly the case as studies also show PPM is still generally immature in enterprises today. The lack of maturity is largely due to the fact that most organizations are addressing only a subset of PPM capabilities. So though almost every organization can lay claim to doing PPM, few are actually doing PPM for all its worth. Many of these organizations will continue to miss out on the incredible possibility and promise of this essential business capability until they grasp and appreciate the full scope and potential of PPM.

    One of the greatest barriers to realizing the full potential of PPM is an enterprise-wide awareness of the span of PPM and the likely gap that must be overcome to achieve it. There is a plethora of great PPM insight contained in the numerous books, methodologies, and frameworks available today, but using this volume of information to get everyone on the same page is a daunting challenge. The key is to use a simple approach and model to quickly establish a common understanding of this critical business discipline and to easily foster the conversations and discussions to drive the endeavor to raise PPM proficiency.

    This brief webcast will present a PPM model that is easy to remember, easy to communicate, and proven to quickly illuminate the gap between existing immature PPM processes and the full scope and potential of comprehensive Project and Portfolio Management.
  • Portfolio planning activities have struggled to gain respect in most businesses. Lack of enterprise-wide orchestration arises from a lack of effective involvement and intimate business knowledge – not simply of operations and processes, but of business imperatives, obstacles and desired outcomes. And the information systems aspects continue to be planned in splendid isolation from the business, causing IT people to mistakenly celebrate victory when a new IT system goes live. However a project only really starts when the IT goes live, and so the planning needs to be fully integrated. This can only be accomplished first by building strong relationships with business peers that will result in measurable value creation. The next step is to implement a sophisticated PPM system that can handle the extreme complexity of orchestrating all the business and related technology portfolio of initiatives, capable of optimizing the plans (and the outcomes) as the business environment changes.

    To achieve this, a new PPM model needs to be created to look at portfolio management in a holistic way, enterprise-wide. Planners need a capability that will generate multiple scenarios and real-time decision support. This dimensionality and complexity is well beyond the capacity of the human brain. By implementing such a tool, IT would be positioned as a critical partner with the business – not just in implementing mainstream information systems, but also in helping the business with a much better way to plan and manage all of its key initiatives effectively

    This session focuses on how enterprise leaders and divisional leaders and IT leaders should be working in harmony to orchestrate great business outcomes, rather than looking after their parochial interests.
  • Portfolio planning activities have struggled to gain respect in most businesses. Lack of enterprise-wide orchestration arises from a lack of effective involvement and intimate business knowledge – not simply of operations and processes, but of business imperatives, obstacles and desired outcomes. And the information systems aspects continue to be planned in splendid isolation from the business, causing IT people to mistakenly celebrate victory when a new IT system goes live. However a project only really starts when the IT goes live, and so the planning needs to be fully integrated. This can only be accomplished first by building strong relationships with business peers that will result in measurable value creation. The next step is to implement a sophisticated PPM system that can handle the extreme complexity of orchestrating all the business and related technology portfolio of initiatives, capable of optimizing the plans (and the outcomes) as the business environment changes.

    To achieve this, a new PPM model needs to be created to look at portfolio management in a holistic way, enterprise-wide. Planners need a capability that will generate multiple scenarios and real-time decision support. This dimensionality and complexity is well beyond the capacity of the human brain. By implementing such a tool, IT would be positioned as a critical partner with the business – not just in implementing mainstream information systems, but also in helping the business with a much better way to plan and manage all of its key initiatives effectively

    This session focuses on how enterprise leaders and divisional leaders and IT leaders should be working in harmony to orchestrate great business outcomes, rather than looking after their parochial interests.
  • The development of a solid product innovation strategy is undoubtledly a collaborative effort, and company cultures that support an open and robust dialog will be more able to evolve their strategies to address their changing business environments.

    Attend this webcast featuring Michelle Jones from Stage-Gate International as she discusses how these companies are better equipped to address risk and derive more value from their product innovation efforts. Also hear why aligning your product innovation strategy is an important precursor to making continuous strategic assessments and project prioritization decisions.

    All attendees will gain insight into the 5 key elements that comprise a consensus based innovation strategy, the importance of clearly communicating that strategy to drive strategic portfolio management, and the metrics to measure performance.

    This event is approved for 1 Professional Development Unit (PDU) credit.
  • The development of a solid product innovation strategy is undoubtledly a collaborative effort, and company cultures that support an open and robust dialog will be more able to evolve their strategies to address their changing business environments.

    Attend this webcast featuring Michelle Jones from Stage-Gate International as she discusses how these companies are better equipped to address risk and derive more value from their product innovation efforts. Also hear why aligning your product innovation strategy is an important precursor to making continuous strategic assessments and project prioritization decisions.

    All attendees will gain insight into the 5 key elements that comprise a consensus based innovation strategy, the importance of clearly communicating that strategy to drive strategic portfolio management, and the metrics to measure performance.

    This event is approved for 1 Professional Development Unit (PDU) credit.
  • Channel
  • Channel profile
  • PCI 101: Getting Started with the Payment Card Industry Data Security Standard Mar 18 2015 3:00 pm UTC 60 mins
    The Payment Card Industry Data Security Standard (PCI DSS) was created to help prevent credit card fraud. Any business that process, stores or transmits payment card data must be PCI DSS compliant.

    This webcast will help you understand the basics of PCI, the steps to become compliant, and how compliance can help you protect your business against a security breach.
  • Ask an Analyst: Evolving your security strategy to overcome business challenges Recorded: Mar 4 2015 61 mins
    Organizations are having to cover more ground than ever when it comes to security. Yet businesses often lack the in-house skills and resources, so security leaders are turning to MSSPs to help bear the burden to ensure every area of risk is adequately attended to.

    Join us for an interactive discussion with guest speaker, Forrester Research VP and Principal Analyst, Ed Ferrara, to learn how MSS is changing the conversation for businesses to achieve security goals. Help drive the conversation by submitting a question for Ed in advance so we can tackle your biggest security concerns such as:

    • Overcoming the skills shortage
    • Where to focus the budget – spending trends across industries
    • The value of security – pitching it as an investment not a cost to business leaders
    • Improving business outcomes – leveraging MSSPs as a tactical arm to optimize IT security, efficiency and value
  • Database Security Threats: Risks to Your Data Recorded: Feb 26 2015 55 mins
    Today, businesses leverage confidential and mission critical data that is often stored in traditional, relational databases or more modern, big data platforms. Understanding the key threats to database security and how attackers use vulnerabilities to gain access to your sensitive information is critical to deterring a database attack.

    Join this webinar to learn about the latest threats and how to remediate them.
  • Future proof yourself with SpiderLabs forensic key indicators Recorded: Nov 27 2014 63 mins
    During this event we will look back at Trustwave SpiderLabs forensic cases in order to identify trends that will help you prepare for the future.

    You will also get an inside view of how hackers have ransacked customer networks, giving you insight on how to protect your business from future attacks.

    During this webinar, we will discuss:
    •How to get into the mindset of the attacker
    •How to identify weak points in your network based on real cases
    •Lessons learned from the mistakes of others to get better at detecting compromise
    •How to limit your exposure in the future.
  • PCI 3.0 Is knocking on your door - are you ready? Recorded: Oct 16 2014 53 mins
    With the PCI DSS version 3.0 implementation deadline around the corner, organisations should be thinking about ways to prepare for the new requirements. With an evolving threat landscape, targeted attacks on sensitive data like yours and new technology platforms it may seem overwhelming to think about protecting your business.

    During this webinar, we’ll discuss:

    • Why PCI is so important in protecting your customers sensitive data and your business

    • How to secure your business and prepare for PCI 3.0

    • Tactics that will ensure compliance and security are always top-of-mind for you and your employees
  • Trustwave on Shellshock: What You Need to Know Recorded: Oct 1 2014 70 mins
    Shellshock has made waves through the security community by earning a maximum CVSS score of 10 for overall criticality. As a security practitioner it is important for you to know what Shellshock is, how it works and how to protect your organization from being exploited by it. This Wednesday, October 1st Trustwave will host a webinar featuring Karl Sigler, Threat Intelligence Manager at Trustwave to get you the information you need to mitigate this new vulnerability. During this webinar, Karl Sigler will:

    · Communicate what the Shellshock vulnerability is and how it works
    · Identify the potential impact of Shellshock to your organization
    · Discuss how to detect if your systems are vulnerable to Shellshock
    · Explain best practices for securing your organization from Shellshock and other vulnerabilities
    · Answer your questions regarding this topic
  • Breaking Down the 2014 Trustwave Global Security Report Recorded: Sep 25 2014 56 mins
    You’re invited to this live webcast where you’ll hear unique insights from the 2014 Trustwave Global Security Report – the data is as compelling as ever.

    This webcast will help you connect the insight and actionable advice to your organization’s data security challenges. Amid the key data points, you’ll hear the story behind the average breach and the state of the industry:

    •The volume is getting loud: cybercriminals continue to find new ways to steal data – and new types of data to steal
    •Passwords still plague business of all types: we’ll show you how and why
    •Self-detection shortens the time to detecting breaches, but self-detection isn't easy, find out why
  • PCI 3.0 is Knocking on Your Door: Are you Ready? Presented by Trustwave and ETA Recorded: Sep 23 2014 60 mins
    With the PCI DSS version 3.0 implementation deadline around the corner, organizations should be thinking about ways to prepare for the new requirements. With an evolving threat landscape, targeted attacks on sensitive data like yours and new technology platforms it may seem overwhelming to think about protecting your business.

    During this webinar, we’ll discuss:
    • Why PCI is so important in protecting your customers sensitive data and your business
    • How to secure your business and prepare for PCI 3.0
    • Tactics that will ensure compliance and security are always top-of-mind for you and your employees
  • The cost Implications of POPI aligned to Security Technologies Recorded: Sep 18 2014 63 mins
    In this webinar we will review the technical challenges that arise from the POPI bill and synergies with other standards in order to help align your approach to support compliance. We will take a look at the technologies that help meet compliance with the bill and their impact on organisations as well as how we can learn from other standards when building a technology roadmap to achieve compliance with POPI.
  • Malware Symposium: How to Defeat the Modern Cyber Enemy Recorded: Sep 17 2014 62 mins
    In conjunction with Osterman Research, Trustwave will present a live panel discussion on the challenges of modern malware and how to effectively combat it.

    Trustwave editor Dan Kaplan will facilitate this discussion with Analyst Michael Osterman of Osterman Research, and Steve Brunetto, Director of Anti-Malware Product Management for Trustwave. This deep-dive session will investigate techniques modern malware uses to evade even “zero-day” detection methods, debunk misconceptions, and discuss what the next generation of malware prevention looks like.

    Following the discussion, audience members will be able to ask the panelists questions. Please join us for this interview-format webcast.
  • Recent Threat Discoveries Recorded: Sep 11 2014 63 mins
    Recent Threat Discoveries: New Point of Sale Malware and Insights about Exploit Kits and Weak Passwords

    In this presentation we will discuss:

    * Backoff, a new family of Point of Sale Malware

    * Magnitude, an Exploit Kit that became prevalent after the arrest of “Paunch”, the creator of Blackhole

    * And a recent study that shows that 54% of passwords can be cracked in minutes

    Join Ziv Mador, VP of Security Research and Andy Crail, Senior Security Engineer as they walk through some of the latest finds and intel coming from the elite hacking and research team within Trustwave, SpiderLabs.
  • Stocking up on Data Security: Protecting Retail Grocers from Hackers Recorded: Sep 9 2014 59 mins
    Data breaches are happening every day, and the grocery industry has become a prime target. This Trustwave webinar details how hackers are lining up at the checkout lane to steal valuable data (like credit card information) and what steps you need to take to ward off this threat. What you’ll learn:

    • Why grocery stores are a lucrative target for hackers
    • Think you’ve been breached? The key steps to take
    • How to comply with the PCI standard – and special considerations for grocers

    Trustwave’s senior security engineer Don Brooks will be presenting. We hope to see you there.
  • Data Compliance, Now POPI Recorded: Sep 4 2014 42 mins
    Wondering how the Protection of Personal Information (POPI) Act will affect your organisation? During this webinar Trustwave will provide an overview of POPI, the implications of processing personally identifiable Information (PII) and how to protect your organisation. What will we cover?

    •POPI overview;
    •Roles and responsibilities;
    •Trustwave methodology and approach;
    •Security and privacy overlap;
    •Condition 7, Security Safeguards;
    •Compliance pitfalls to avoid;
    •Compliance quick wins;
    •Privacy enhancing technologies;
    •Next steps to start your POPI program.

    To learn how Trustwave can help your organisation with POPI compliance, register now.
  • Financial Services at Risk: Adapting to new threats and a changing landscape Recorded: Aug 14 2014 54 mins
    Hackers are after the money, and financial services firms certainly have plenty of it. Although these businesses have some of the most mature information security practices of any industry, criminals are evolving their tactics and targeting this vertical with new-found gusto.

    Join Don Brooks, senior enterprise engineer at Trustwave, as he discusses this shifting threat landscape and how you can defend your most prized assets.

    He will cover:

    - Am I really a target?
    - Going mobile: What this means to your security
    - Malware is everywhere: What can you do about it?
    - Top actions to take to reduce your risk

    There will be ample time for your questions at the end of his presentation, so join us, and seek Don’s help in solving your biggest security challenges.
  • Health Care Data Security and HIPAA Compliance: Live Panel Discussion Recorded: Jul 23 2014 64 mins
    This live webcast will take you through the basics of healthcare data security, complying with HIPAA and guidelines for taking action quickly. Our expert panel will cover the basic landscape, and then take your questions in a live Q&A. The session agenda includes:

    - Business considerations for health care data security and compliance
    - Getting ahead of the curve - key activities for compliance with HIPAA
    - Where to get started and how to accelerate your security program

    Please join us!
  • Web Application Security Trends for 2014 Recorded: Jun 26 2014 58 mins
    In this webinar we will take you through the web security attack trends for 2014 and provide some remediation advice and tips for better security.
  • Breaking Down the 2014 Trustwave Global Security Report Recorded: Jun 25 2014 53 mins
    The 2014 Trustwave Global Security Report has just been released – and the findings are more important than ever for your organization. While businesses have improved their time to detection of breaches substantially, cybercriminals continue to find new ways to steal data – and new types of data to steal. A sample of what you'll hear:

    • The volume of data breach investigations increased 54% over 2012
    • Weak passwords open the door in 31% of data compromises
    • We saw a 33% increase in the theft of non-payment card
    • Self-detection can significantly shorten the timeline from detection to containment

    Join us for this live webcast!
  • Breaking Down the 2014 Trustwave Global Security Report Recorded: Jun 25 2014 65 mins
    The 2014 Trustwave Global Security Report has just been released – and the findings are more important than ever for your organization. While businesses have improved their time to detection of breaches substantially, cybercriminals continue to find new ways to steal data – and new types of data to steal. A sample of what you'll hear:

    • The volume of data breach investigations increased 54% over 2012
    • Weak passwords open the door in 31% of data compromises
    • We saw a 33% increase in the theft of non-payment card
    • Self-detection can significantly shorten the timeline from detection to containment

    Join us for this live webcast!
  • Trustwave and ETA Present: Breaking Down the 2014 Global Security Report Recorded: Jun 19 2014 58 mins
    The 2014 Trustwave Global Security Report has just been released - and the findings are more important than ever for your organization. While businesses have improved their time to detection of breaches substantially, cybercriminals continue to find new ways to steal data. A sample of what you'll hear:

    * The volume of data breach investigations increased 54% over 2012
    * Weak passwords open the door in 31% OF DATA COMPROMISES
    * Self-detection can significantly shorten the timeline from detection to containment

    Join us for this live webcast for the Payments Industry!
  • Getting ahead of the EU Data Protection Reform Recorded: Jun 18 2014 63 mins
    The European Commission announced that progress on 'EU Data Protection reform (is) now irreversible' - but what will this mean for the millions of organisations that reside in and do business within the European Union?

    •This webinar will provide some insights on the much debated regulation and what you should be doing to protect personally identifiable information that you are the custodian of.

    •We will highlight potential pain points as well as show you how you can better prepare, using real world data breaches from our own investigations and by providing practical guidance for you on how to store, process or transmit personally identifiable information.
Smart security on demand
Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than 2.7 million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective data protection, risk management and threat intelligence. Trustwave is a privately held company, headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit www.trustwave.com.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: 2012 Global Security Threats and Trends
  • Live at: Feb 9 2012 4:00 pm
  • Presented by: Nicholas J. Percoco, Trustwave SVP and Head of SpiderLabs
  • From:
Your email has been sent.
or close
You must be logged in to email this