“I just write the code and throw it over the wall. It’s up to Ops to make it work” -- when Devs care only about coding, Ops and customers suffer.
“It’s not my job to test code. If there’s a problem, talk to QA.” -- when Ops care only about stability, innovation and customers suffer.
DevOps represents cultural change. Whether it’s the change of resistant engineers that don’t want to be on-call or the change of Operations teams to have more empathy towards their counterparts writing code, to the willingness of executives to embrace a culture of automation, measurement and sharing. Organizations must overcome the culture war to be able to approach the agility and productivity that organizations following a DevOps model gain. The faster they can get there, the faster these organizations can take the competitive edge away from traditional enterprises.
In this webinar, featuring guest Forrester Research principal analyst Kurt Bittner, we will look at:
- The current state of organizations - a separation of Devs and Ops
- The how of DevOps - DevOps is a culture, not a product
- The benefits of DevOps - happier customers
As part of our panel discussion, we will answer the following questions to help you get started building a DevOps culture within your organization:
- Why change the status quo?
- How do I align two disparate groups?
- How do I remove the obstacles that separate Dev and Ops teams?
- Will customers see a difference if devs are on call?
- Can IT start to think differently?
Stephen Boyer, CTO & Co-Founder, BitSight Technologies; Featuring Renee Murphy, Senior Analyst, Forrester Research
While many companies focus their effort on reducing cybersecurity risk, more threats are being discovered daily. Point-in-time, subjective questionnaires are not in line with the new regulations requiring continuous monitoring of vendors, partners and other third parties.
In “Continuous Third Party Monitoring Powers Business Objectives,” BitSight CTO and Co-founder Stephen Boyer and guest speaker, Forrester Research Senior Analyst Renee Murphy will discuss the value businesses are finding in using a solution that has a constant eye on third party cyber threats.
Boyer and Murphy will also discuss:
- The results of the study BitSight commissioned Forrester Consulting to undertake, examining how IT decision-makers feel about objective, reliable and continuous monitoring.
- What can be done beyond compliance to increase security performance.
- Which industries stand to benefit most from using automated, objective information security data.
- Specific use cases for continuous monitoring and how they help companies improve information security performance.
- Britain's Leading Ethical Hacker, Jamie Woodruff -
Jamie will be showing the dangers of not updating plugins while using Wordpress in a corporate environment. He will perform a live hack on a website to show how easy it is to gain access to the wordpress installation through outdated plugins. He will then proceed to password crack the administrator account and then gain access to the Content Management System. He will then proceed to shell the website and gain control over the server. He'll then show if other services are running on there server we can see there configuration files and proceed to export the relevant data and input new administrator accounts within the database.
Nick Coleman, Global Head Cyber Security Intelligence, IBM
This session will look at the changing threat landscape and share intelligence insights and practical approaches to combat threats and help your organisation stay safe.
Nick delivers advisory, response, threat intelligence and managed services to global organisations around the world. Previously, he was Global Cloud Security Program Director in IBM Delivery and Engineering responsible for overseeing delivery and compliance including ISO27001 and SSAE16 around the world for IBM delivered clouds. Prior to this, Nick worked in the UK Government as The National Reviewer of Security and Authored the Coleman Report responsible for determining if the UK Government Departments Information and Infrastructure was adequately protected. The work was reported to Parliament and contributed to the development of the Cyber Security Program for Government. Personal appointments include appointed to serve on the EU Cyber Security Agency (ENISA) Permanent Stakeholders Group. Honorary Professor at Lancaster University. Awards and Honours include a Fellowship of the Institution of Engineering and Technology (IET) and a Fellow of the British Computer Society (BCS) and was awarded an M.IST IISP as well as an MBA with Distinction.
Patrick Grillo, Senior Director, Security Solutions, Fortinet
This session will look into the factors why major data breaches continue to be a recurring theme, in spite of the wealth of information over the past two years that should be helping enterprises to avoid being the next victim.
Dr Branden Williams (Moderator); Terence Spies, HP Security Voltage; Chris White, Booz Allen Hamilton; Erez Schwarz, Imperva
Inadequate security and dedicated cyber attackers have led enterprise data breaches to increase at an alarming pace. Staggering numbers of affected customers - and financial losses - are sending shock waves through the business world, and creating a sense of urgency around identifying solutions. Finding a way to ward off cyber intruders has become a critical challenge.
There is a need to create value around company data. One way to do this is to ensure that the workforce knows and understands the threats that are out there and the measures that are in place to protect against them. Data security is not one size fits all, nor is a data security communication plan. Finding the ideal fit for any company may take trial and error, but an educated and mindful workforce will serve to support the mission of IT security teams tasked with keeping confidential information secure. Join this educational panel webinar to hear experts discuss how to realize data security potential across an enterprise.
Lemuel Williams - Channel Development Manager, Identity & Data Protection - Gemalto
IT security risks are changing, and undoubtingly increasing in complexity and frequency. Enterprises across the globe are struggling to not only keep up, but to maintain a secure network environment. From a recent breach by hackers to gain sensitive information of more than 100,000 taxpayers, to the breach of 110 million consumer records, the cyber threat landscape is getting worse every year. Hackers are faster, and organizations are taking longer to discover the breaches, giving thieves hours, days, and even weeks to explore the most private and sensitive company data.
Gemalto has identified key steps to help secure your enterprise network, certainly one of the first areas fraudsters attempt to infiltrate.
Join us on September 15th for an informative presentation that will help you plan a strategy to protect your most critical assets.
Kelley Mak, Researcher, Forrester Research & Santeri Kangas, CTO, Secunia
Cybersecurity incident disclosures and vulnerability warnings continue to be released at an alarming and fatiguing rate, and there aren’t any signs of breach activity slowing down. Vulnerability management is more important than ever, yet staying on top of vulnerabilities poses a major challenge for security and risk (S&R) professionals.
In this webinar, guest speaker, Forrester Research’s Kelley Mak, will provide insight on how S&R pros can repair their strained or broken vulnerability management processes and move past low impact checkbox scanning to proactive, risk-based assessments.
Following Kelley Mak’s presentation on the changes in vulnerability management, Secunia’s CTO Santeri Kangas will present Secunia’s take on the challenges of vulnerability management and how the new release of the Secunia VIM 5.0, Secunia’s Vulnerability Intelligence Manager, helps organizations address those challenges.
Haider Pasha - Security Strategy Director for Emerging at Symantec
We live in a world where cyber attacks are no longer a question of if, but when. This sessions starts with a discussion around how attackers have evolved their techniques using Advanced Evasion methodologies bypassing traditional security layers such as Network-based Firewalls and signature-based Intrusion Detection. The rise of targeted Advanced Persistent Threats (APTs) has finally enabled companies to understand that traditional security solutions are no longer enough. During the session, we will cover the rise of Advanced Threat Protection solutions, where they fit in the Network, and how companies should use correlation and integration of Endpoints, Networks, Incident Response and Simulation to protect against APTs. Finally, we will discuss how you can successfully utilise Big Data Analytics to go beyond simply using a log correlation solution and proactively get ahead of attacks (or BANG) before they occur.
Valter Santos, Threat Intelligence Researcher, AnubisNetworks
Threat intelligence could mean different things to different people, but for AnubisNetworks it is defined as stopping cyber threats by providing actionable threat intelligence from the moment a breach is detected until it is solved.
By combining Cyberfeed technology, the excellence and expertise of AnubisNetworks security team, this webinar will help you understand the roadmap your organization needs to follow to keep safe against cyber threats.
In this webcast we will describe how to use Cyberfeed capabilities to leverage incident response inside an organization. With real-time alerting we will drive you on tracking a malware infection with network and host based indicators of compromise, traveling along the way with memory forensic analysis.
John Haren, Head of Information Security Governance, Risk & Compliance, Diageo
Since 2013 we have created a Security Champions network in Diageo across our 21 markets globally.Given limited resources, we had a clear vision of what we wanted to achieve and we took a top-down approach to gain support for the initiative. We developed SMART objectives with a view to slowly and demonstrably driving value for Diageo employees and management over time. This is the story of how we achieved mutual benefit both for us in the central Security team and for the market Security Champions & their colleagues. Key takeaways will include;
1: Aim for a Win-Win situation;
2: Gain support from senior management first;
3: Empower your champions;
4: Build the program into champions’ annual targets or development plans;
5: Actively drive network continuous improvement.
Peter Wood has analysed the results of all the network penetration tests conducted by the First Base team over the past year. This annual review covers clients in a variety of sectors including banking, insurance and retail. This presentation identifies the most common vulnerabilities, how they can be exploited and the consequences for each business.
Learn in detail how criminals can take advantage of these weaknesses and how you can secure your networks using straightforward techniques.
Martin McKeay, Security Advocate, Akamai Technologies
They say old protocols never die. Okay, no one really says that, but it’s what happens in reality. If you look around a little, you can still find organisations with token ring networks while dial-up modems still account for a small, but significant part of Internet usage worldwide. And then there are the current protocols that simply never get updated. DNS and NTP are staples of the Internet that are absolutely necessary.
Martin McKeay, Akamai’s Security Advocate for EMEA, will explore the dangers of some of the outdated and unpatched protocols on the Internet today. These antiquated communication methods are being used and abused by malicious actors to send traffic and attacks against your network. Explore how to protect yourself, and learn good network hygiene practices to make sure your organisation is not part of the problem.
Traditionally, Unified Threat Management was a network appliance with additional security functions layered on top of it- giving smaller organizations or locations a single, plug and play device that made layered security affordable, quick to deploy and simple to manage. While that value proposition is just as valuable today as it was 5 years ago, it is increasingly being extended to include additional security and networking components such as endpoint protection, wired switching, wireless access points and more.
With a recent survey reminding us that the most critical priorities of SMB owners today are top line revenue growth and increase in bottom line profitability, with an overwhelming desire for trusted IT/Security partners to manage the entirety of security and IT for them, it makes perfect sense to demand more of today’s UTM.
In this webcast we will explore:
•The results of the recent SMB owner survey
•Ways the simplicity of the traditional UTM can be extended more broadly
•Key questions to ask your trusted IT/Security provider
There is a reason Gartner views Fortinet as “Fortinet as setting the cadence in the UTM market.” Join this webcast to understand why. And why it’s important for today’s growing business.
Organisations worldwide continue to struggle to attract and retain skilled information and cybersecurity professionals. Overcoming this challenge requires a more imaginative, business and people-centric approach to the recruitment of security professionals. However, once you have the right people in place, it is imperative to retain them and use their skills to embed positive-information security behaviours throughout the organisation.
So in an era where cyber security is a C-suite business challenge, how can board colleagues work with security professionals and others within the enterprise to address these issues?
Join Steve Durbin, Managing Director of ISF Ltd, for a 45 minute webcast, where he will discuss how organisations can develop and implement an information security awareness culture that will engage with employees at all levels.
Angela Bazigos, Chief Compliance Officer of Morf Media
Any data breach is costly and disruptive, but for pharmaceutical businesses, medical device companies, and others in the life sciences field, the need to protect and manage sensitive data (PHI, PII, and IP) make these challenges even more complex. The real world costs of compromised data can be staggering, not just in fines, but in employment and business reputation loss as well.
Join FDA IT compliance expert Angela Bazigos, Chief Compliance Officer of Morf Media, and Performance Works on this deep-dive to learn how life sciences companies are managing their sensitive data in an environment of increasing risk and regulation. You’ll discover how to protect and manage this data to meet compliance regulations and significantly decrease the risk of data exposure, including that of highly-regulated HIPAA data.
Register for this webinar to learn about the:
* Increasing risk to PII, PHI, and IP data in an age of breaches and growing data dispersion
* Changing regulatory landscape that adds greater complexity to corporate workflow
* Best practices to monitor and respond to compliance and legal requirements for dispersed sensitive data, including mobile technologies and cloud services
* Proactive approach to compliance to help your business avoid data risks and better address compliance and legal requirements
Angela Bazigos, is the Chief Compliance Officer of Morf Media. She has 40 years of experience in Life Sciences spanning GLP, GCP, GMP, Medical Devices & 21 CFR 11 and has a patent aimed at speeding up Software Compliance.
Ken Rosen, Co-Founder of Performance Works
Ron Weismann, CMO of Performance Works
Grady Boggs, Principal Security Specialist, Microsoft
The consumerization of IT, bring your own device (BYOD), and software-as-a-service (SaaS) provide organizations with impressive productivity gains, but bring with them the challenge of secure management. Grady Boggs, Principal Security Specialist, illustrates the Microsoft comprehensive cloud solution, the Enterprise Mobility Suite (EMS), and details how users can stay productive while keeping corporate information safe and secure.
Identity Access Management is a complex matrix of requirements meant to assure that only the right people have access to your data. This requires the creation of a rules, roles, and a method for preserving information about access rights. In other words, we create 'big data' that then must be mined to find the most risky individuals and risky behaviors. By starting with a risk-based approach, finding those behaviors and individuals is easier. Explore with us as we examine how risk values can be assigned as you build the database so that analyzing and reporting become easier.
Debbie Umbach, Director of Product Marketing at BitSight
As mitigating third party risk becomes an essential business function across many industries, business relationships will be tested. Organizations must now subscribe to a “trust, but verify” philosophy to ensure their third parties are secure. To verify vendor security, organizations now use BitSight Security Ratings, which are gathered externally and don’t rely on any vendor input.
On August 27 at 1:00 pm EST join Debbie Umbach, Director of Product Marketing at BitSight as she discusses the best practices for implementing vendor security ratings. Viewers will learn:
- different approaches for incorporating BitSight Security Ratings into vendor risk management (VRM) programs, whether your program is just getting started or is well underway
- how companies have used BitSight Security Ratings to notify key vendors of security incidents
- how vendor ratings can allow for more effective communication and thus greater transparency
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.