Defending Against APTs: Understanding Your Enemy’s Plan of Attack
- What are advanced adversaries targeting?
- What are the most commonly exploited vulnerabilities?
- Which threats do organizations need to focus on?
- Where should organizations focus their security spending? What is the value statement and why is it important?
- Jared Pfost, CEO, Third Defense Inc. (Chair)
- Aaron Sheridan, Sr. Systems Security Engineer, FireEye
- Steven F. Fox, CISSP, QSA, Security Architecture and Engineering Advisor, U.S. Department of Treasury
RecordedMar 14 201254 mins
Your place is confirmed, we'll send you email reminders
Cris Thomas (aka Space Rogue), Strategist at Tenable Network Security
Today’s attack surface is expanding and the network is becoming increasingly complex thanks in large part to the ephemeral nature of assets, including mobile devices, cloud, IoT, web apps, containers and virtual machines.
‘Space Rogue’ (aka Cris Thomas), strategist at Tenable Network Security, will look at the findings of the Tenable 2017 Global Cybersecurity Assurance Report Card and discuss strategies for staying ahead of sophisticated cyberattacks in the modern IT landscape.
Michael Brown, CTO & Co-Founder of ISARA Corporation
The rise of Artificial Intelligence (AI) is helping to fuel the fire to build Quantum Computers because they will be a great tool for areas such as Machine Learning (ML).
Public Key Cryptography as we know it today ceases to be effective when the age of quantum computers begins. With practical examples and an emphasis on network technologies like VPNs, this presentation will explore:
- The new quantum safe solutions that will replace and augment your existing security systems
- Where and when you’ll need them
- How to make the transition
About the Presenter:
Michael Brown is the Chief Technology Officer and co-founder of ISARA Corporation. At ISARA, Mike is focused on the technical vision and direction.
Mike was most recently the Vice President of Security Product Management and Research at BlackBerry, where he co-founded the product security practice and was responsible for the vision and execution of security for all BlackBerry products. Mike has spoken at global security events including RSA, CTIA, GTEC, Bloomberg, APECTEL and InfoSec Europe.
Mark Weatherford (vArmour), Ann Barron-DiCamillo (American University), Paul Kurtz (TruSTAR), Leo Taddeo (Cryptzone)
Discover the latest trends in cyber attacks and how they are shaping the security strategy across industries and on a national level.
Join this keynote panel session for an interactive discussion on the emerging technologies and tactics used by attackers, the role of artificial intelligence and machine learning in cyber attacks and cybersecurity, and the best practices for improving security for your organizations.
- Mark Weatherford, Chief Cybersecurity Strategist at vArmour
- Ann Barron-DiCamillo, Adjunct Professor at American University, Cybersecurity Risk Management & Governance
- Paul Kurtz, CEO of TruSTAR
- Leo Taddeo, CSO of Cryptzone
Chris Sherman, Senior Analyst at Forrester Research & Nima Baiati, Senior Director of Product Management at Absolute
Security and risk professionals are dealing with staggering amounts of endpoint-related data loss and risk exposure. To help mitigate these risks, security pros need to rethink their current endpoint security strategies and move past traditional security technologies. Join guest speaker Chris Sherman, Senior Analyst at Forrester Research, as he discusses Forrester’s "Targeted-Attack Hierarchy of Needs”. In this webinar, he will highlight the core endpoint security needs critical to an enterprise security strategy. Attendees will learn how to deal with the multitude of threats targeting their user endpoints through a balance of attack surface reduction and threat detection, with orchestration and automation as key components.
Stolen, weak or default passwords were found across 63 percent of breaches*. With the trend in remote working set to continue upwards, securing remote access has become a universal necessity.
Join us as we discuss how organizations can better protect against identity theft, evolving cyber security threats and how mobile devices can drive adoption. CensorNet’s Adaptive Multi-Factor Authentication improves security without compromising on productivity and uses contextual intelligence to assess the threat level and prevent security breaches.
This webinar is ideal for security professionals who are keen to ensure that the correct devices are accessing the network and no malicious devices are breaching the security protocols to compromise the network. Mobile devices are key to ensuring employee mobility but need to come with the appropriate security checks and balances.
Social Media has come of age. Collectively, social platforms have attracted two-thirds of the world’s internet users with more joining every day. This ubiquity has lead many organisations to make social an integral part of their digital channels strategy, along with their web presence and mobile apps.
For organisations engaging in social media, the importance of having an advanced social media strategy is more critical than ever.
During the session you will learn:
* The attack methods hackers use to exploit social media platforms and profiles.
* Which weaknesses cyber criminals look for so you can protect your company’s social media reputation.
* How to strengthen your security approach to combat social media threats.
* The defense techniques an organization must employ to prevent social phishing attacks, brand impersonation, recruiting scams, customer service impersonations, malware attempts, RDC, and more.
Financial organizations are entrusted with the some of the most sensitive data and face a constant onslaught of attempts by insiders and hackers to steal incredibly valuable and easily monetized data. In this informative webinar, Kim Ellery, Director Product Marketing at Absolute, will discuss the increasing risk from both advanced attacks and insider threats. Attendees will gain actionable insights on how to balance the emphasis between detecting threats and preventing them in the first place, starting with visibility and actionable intelligence, to gain complete visibility and control of every endpoint device … no matter if they’re on or off the network.
Join the Absolute team on January 25th for an informative webinar on improving your visibility, get actionable insights and strategies to help you detect threats faster or prevent them entirely
CEO Richard Hibbert & Head of Products, Oliver Vistisen
The GDPR comes into force 25 May 2018 and this will have a significant impact on the way in which organisations collect, process and share data. Companies that fail to prepare for the GDPR risk incurring hefty fines of 20m euros or 4% of world-wide revenues, whichever is greatest. As such all organisations need a strategy for GDPR. By implementing a structured approach through the use of cloud-based applications, organisations will be able to effectively achieve and maintain compliance.
In this webinar we will: explore the key provisions of GDPR, examine the challenges organisations are facing with the new rules, provide guidance for Risk Managers, Compliance Leaders and other IT Professionals on how to approach these challenges, then demonstrate how our cloud-based GDPR Applications Suite can provide effective solutions that ensure your business can achieve and maintain compliance
Scott Roller 3WP; Yo Delmar, MetricStream, Albert Biketi, HPE Security -Data Security, Russell McGuire, Riskonnect
Growing exposure to IT risks has made organizations across industries volatile. Recent IT vendor incidents like data and security beaches, violation of privacy guidelines, which caused substantial fines, penalties, brand value, highlight that IT vendor risks are business risks and require focus from the leadership. An immature ITVRM programs limits the insights which are necessary for strengthening vendor relationships and building a robust ERM program. Rather than treating each risk in isolation, organizations need to have an integrated approach to manage risks holistically and in line with their business operations and objectives. With the growing dependency on IT and IT vendors, organizations need to align enterprise and IT VRM objectives to build a resilient framework suitable for today’s environment.
During the session, panelists will discuss how organizations can strengthen vendor management in the current landscape and improve business performance.
- Causes of Vendor Risks incidents and the impact on the enterprise
- Best approach to align IT vendor risk to enterprise risk
- Building mature VRM Program
- Role of technology in integrating Vendor risk to Enterprise risk management
Open-minded, collaborative, and engaged, Millennials embrace values that can be effectively directed to reduce risk across an organization. While some may view the Millennial spirit as a security liability, with the right support, their views and priorities can actually help cultivate a stronger security mindset within their teams.
In this talk, MJ Kelly explores how to develop security programs that resonate with Millennials. She presents practical approaches that incorporate deeply held priorities of the new generation, while ensuring that experienced team members remain included and engaged. Strategies include determining appropriate incentives, varying motivational focus, and testing new tactics such as gamification and novel information distribution channels to foster a strong security culture throughout the entire organization.
John Bambenek, Manager, Threat Systems at Fidelis Cybersecurity
The US intelligence community has released their summary of the DNC breach and the election-related hacking and there have been additional disclosures about the attacks.
This webinar will be the latest on what we know, what we don’t know and what many are merely speculating about. We’ll take a look forward for upcoming European elections to get a perspective on what can be expected there in the coming months.
Almost every news story about cyber security today starts with “the Russians did it!” Did the Russians hack the US elections? Do they regularly steal our data? Who is behind of all the hacking? We will take an insider look at the Russian hackers and try to delineate their ill gains and techniques. Most importantly, what will they do next?
Key network infrastructure devices are overlooked yet they provide critical functionality. Exploiting web application weaknesses and service buffer overflows is exciting, but the housekeeping of network infrastructure is not. Issues in network infrastructure devices can lead to network wide problems that would cause system admininstration nightmares. This presentation provides a review of key security devices, often side-lined when looking at security. It covers the value of these devices to "Blue Teams", issues "Red Teams" can highlight, desired outcomes and auditing practices.
Chris Roberts, Chief Security Architect at Acalvio Technologies
With 2016 behind us, is this the last Yahoo breach we’ll hear about? Join Chris Roberts, Chief Security Architect at Acalvio Technologies as he discusses the lessons to be learned from the recently disclosed Yahoo breaches, and the nagging questions infosecurity professionals will try to answer in 2017.
John Smith, Principle Solutions Architect from ExtraHop, Darren Carr, Sr. Technology Architect, from Cerner
Modern Healthcare IT infrastructures are a complex blend of technologies, from mission-critical Electronic Health Record (EHR) applications to the security solutions protecting patient data from ransomware and other threats. Overseeing an entire healthcare system's networks and infrastructure, as well as managing patient data in a private cloud, can be time consuming, costly and pose potential cybersecurity threats and data breaches. That’s why fast, reliable IT is crucial to every step of the patient’s journey through your organization—and why you need a new approach to IT operations and monitoring.
Learn where your visibility gaps lie, and how closing those gaps with real-time performance monitoring will dramatically improve the quality of care and IT security that your organization provides.
Dr. Christopher Pierson, EVP, Chief Security Officer & General Counsel, Viewpost
With over 1 billion user accounts stolen, the recently disclosed Yahoo breach is the biggest one to date. What does this mean for your organization? Join Chris Pierson, General Counsel and Chief Security Officer at Viewpost as he discusses the Yahoo breaches and the cybersecurity and privacy implications for organizations worldwide.
About the presenter:
Dr. Chris Pierson is the EVP, Chief Security Officer & General Counsel for Viewpost - a Fintech payments company. He is a globally recognized cybersecurity expert and entrepreneur who holds several cybersecurity and technology patents. Dr. Pierson serves on the Department of Homeland Security’s Data Privacy and Integrity Advisory Committee and Cybersecurity Subcommittee and is a Distinguished Fellow of the Ponemon Institute. Previously, Chris was the first Chief Privacy Officer, SVP for the Royal Bank of Scotland’s U.S. banking operations leading its privacy and data protection program. Chris was also a corporate attorney for Lewis and Roca where he established its Cybersecurity Practice representing companies on security and data breach matters.
Morey Haber, VP Technology, BeyondTrust | Sean Martin, CISSP, Editor in Chief, ITSPmagazine
It's time to stop pretending this is not going to happen to you. At work, or in your everyday life, we need to learn how to live with cybersecurity. If we want to play in an IoT and Internet-connected world, we need to learn how to play by the rules.
Sure, not all of the rules have been set for every situation, but there are plenty that have been defined that continue to be ignored. Either nobody has taught you what these rules are. Or, it may seem the rules don't apply to you or your business. Either way, it's time to stop being numb to the news of the next new breach and start paying attention. It's time to understand the rules and being to follow them - they apply to everyone.
In this ITSPmagazine Experts Corner interview with Morey Haber, VP of Technology at BeyondTrust, we will explore some of the core questions to ask yourself given the recent announcement of the second Yahoo breach of 1 billion accounts:
- What is the value of password management?
- What are the risks associated with password re-use?
- What are the keys to successfully controlling access to critical assets?
- Why is managing privileged access so important?
- How can two-factor authentication be your best friend?
We look forward to having a great conversation with Morey as he discusses the details of the two Yahoo breaches and what they mean to us as individuals, as businesses, and as a society. We hope you will join us and join in on the conversation.
Chris Matthieu, Director of IoT Engineering, Citrix, John Smith, Principal Solutions Architect, ExtraHop Networks
In the ever-evolving world of persistent threats to your environment the only way to keep up with malicious actors is by utilizing behavior based profiling. In this webinar, we will show how you can rethink the network to detect and remediate threats in real time. When wire data visibility from ExtraHop meets automated response from Citrix Octoblu you're able to protect your environment without having to spend all your time wading through alerts.
This webinar is perfect for any network or security professionals who are keen to maintain optimum visibility accross their entire network, allowing them to neutralise threats and reduce vulnerabilities.
About the presenters:
John Smith is Solutions Architect at ExtraHop and author of the wiredata.net blog. He is a Citrix Technology Professional and 16-year IT veteran specializing in application delivery, event correlation, security, web applications, and application virtualization. John’s background gives him an invaluable perspective on the challenges facing IT, and creating new approaches to deal with them. Follow him on Twitter: @jmsazboy
Chris was the co-founder and CTO of Octoblu, a revolutionary real-time IoT platform recently acquired by Citrix. Octoblu connects things, systems, people and clouds to a global mesh network allowing users to automate and control design flows, processes and sensor data, and analyze/react to real-time events and messages as well as big data trends and anomalies.
Follow him on Twitter: @ChrisMatthieu
In September 2016, Yahoo disclosed that the company lost access control for over 500 million accounts. Turns out the largest breach in history of 500M Yahoo accounts in 2014 is only half as much as the latest and largest hack ever discovered – 1B Yahoo accounts lost in 2013.
Join Chris Webber, Security Strategist at Centrify, as he examines the Yahoo breach incidents, the causes behind them, the damage they caused, and how they could have been avoided.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.
Defending Against APTs: Understanding Your Enemy’s Plan of AttackJared Pfost, Third Defense (Chair); Aaron Sheridan, FireEye; Steven F. Fox; U.S. Dept. of Treasury[[ webcastStartDate * 1000 | amDateFormat: 'MMM D YYYY h:mm a' ]]54 mins