Browse communities
Browse communities
Presenting a webinar?

Roundtable - Predicting the Direction of Secure Clouds

Andrew Yeomans, Jericho Forum, Randy Barr, Qualys, Ian Osborne, Intellect UK
Roundtable discussion on the direction of secure clouds.

Do you use a cloud platform today?
What is your most important expectation of Cloud providers?
Will further regulation help or hinder security in the Cloud?
What is the greatest factor in deciding what data will be placed in the Cloud?

Andrew Yeomans is Vice President of Global Information Security at Commerzbank (formerly Dresdner Kleinwort investment bank). Andrew is on the management board of the Jericho Forum, which is an international information security thought-leadership group. Andrew is also is a member of the Executive Advisory Board of the ISSA UK chapter and Infosecurity Europe Advisory Council.

As Chief Security Officer (CSO) of Qualys, Randy is responsible for security, risk management and business continuity planning of the QualysGuard platform used by thousands of organisations worldwide. He will also lead the Qualys CSO Advisory Board efforts to collaborate with customers on forging and implementing security and compliance best practices. Randy has over 13 years of information technology and leadership experience. Prior to joining Qualys, he was the Information Security Officer at Yodlee responsible for insuring a high-level security posture of Yodlee's Internet based financial services.

Ian Osborne is Director of the Digital Systems Knowledge Transfer Network, a Technology Strategy Board funded programme operated by a consortium led by Intellect with QinetiQ and National Physical Laboratory. The Digital Systems KTN launched in October 2009 and is initially comprised of three programmes: Cyber-Security, Location & Timing and Scalable Computing. The new KTN is working closely with Digital Communications KTN and leading industry suppliers and innovators with a brief to address the needs for promoting ICT-based innovation in private and public sector organisations.
Mar 11 2010
45 mins
Roundtable - Predicting the Direction of Secure Clouds
  • Channel
  • Channel profile
  • DDoS Attacks: More Dangerous to You; Never Easier to Launch Apr 21 2015 5:00 pm UTC 45 mins
    Christina Richmond, Program Director, IDC and Joe Loveless, Product Marketing, Neustar
    If your organization cannot afford downtime from DDoS attacks, join this timely discussion from Neustar, with special guest perspective from IDC’s Christina Richmond. Explore the complexity and purpose behind today’s attacks and what you can do to defend your Internet presence. You will learn:

    · What the DDoS threat environment looks like today
    · Why “smokescreening” is a particular danger
    · Where attacks can have impact across your organization
    · How you can take steps to thwart DDoS threats
  • Leveraging Risk, Physical and Cyber Security and Continuity Planning Apr 21 2015 4:00 pm UTC 45 mins
    Eric Kretz, Director, Continuity of Operations (COOP) Division, National Continuity Programs (NCP)
    Generally, risks associated with continuity planning, from physical to cyber-security, are part of an ever-evolving threat to our systems and technologies. Continuity planning is simply the good business practice of ensuring the execution of essential functions through all circumstances, and it is a fundamental responsibility of public institutions and private entities responsible to their stakeholders. What are some of the risks associated with continuity planning? Why is managing risk important for continuity? What are some of the methods used to mitigate risks in continuity planning?

    The COOP presentation will provide an understanding of Continuity and Continuity of Operations, explain the importance of a viable Continuity capability, and emphasize the need for a viable Continuity capability in all organizations, to demonstrate some of the linkages between continuity programs and:

    • Risk Management
    • Physical Security
    • Emergency Management
    • Cyber Security/ Information Technology

    Join us on April 21 as NCP’s senior continuity practitioner shares resilient continuity programs and outreach efforts. Hear from Eric Kretz, NCP, as he talks about Information Integration: Leveraging Risk, Physical and Cyber Security and Continuity Planning.
  • Firebreak Cases - Which One Are You? Apr 21 2015 3:00 pm UTC 30 mins
    Tom Clare, Director, Arctic Wolf
    Before tackling a SIEM project to improve detection and response, learn from these case studies as their scenario likely matches yours. To firebreak your network brings together technologies, processes and people in the right balance across four phases. More than a security point solution or another box, you need to turn craft into a discipline to improve detection and response.

    Learn from your peers about the following:
    - Before environment and issues
    - Transition effort, cost and impact
    - After environment and benefits
    - Best practices for managed SIEM
    - Your network and next steps
  • Webroot’s 2014 Threat Brief Apr 16 2015 5:00 pm UTC 45 mins
    Grayson Milbourne, Security Intelligence Director
    This presentation provides an overview of the threats against a wide range of organizations and individuals during 2014. This overview is based on research and analysis conducted by the Webroot Threat Research team. The report includes analysis of IP addresses associated with malicious activity, details on the reputation of URLs by category and location, phishing detection statistics, insights into file reputation and encounter rates with malware and PUAs and information on mobile app security for Android devices. All data presented comes from Webroot’s Intelligence Network and was observed during 2014.
  • Next-Generation Security for Amazon Web Services Apr 16 2015 4:00 pm UTC 60 mins
    Matt Keil, Product Marketing, Palo Alto Networks
    Public cloud computing resources such as Amazon Web Services (AWS) are helping organizations like yours develop and deploy new applications rapidly; expand into geographic regions seamlessly and extend competitive advantages. Cyber criminals are well aware of the rapid expansion into the public cloud and are looking for weaknesses in your security posture. Don’t let them find one. The VM-Series for AWS, allows you to securely extend your corporate datacenter into AWS, using our next-generation firewall and advanced features to protect your data while native management features ensures policies keep pace with the changing to your applications.

    In this webinar, attendees will learn:
    - Common customer use cases for AWS
    - Key security challenges and considerations
    - How the VM-Series can protect your AWS environments
  • Surfacing Critical Cyber Threats Through Security Intelligence Apr 15 2015 4:00 pm UTC 45 mins
    Dr. Sameer Bhalotra, Former White House Director; Chris Petersen, CTO; Robert F. Lentz, Former CISO for the Dept of Defense
    The rapidly expanding supply chain supporting the cybercrime economy is empowering cyber criminals, cyber terrorists and even nation states in ways that put companies, critical infrastructure and governments at increased risk. The fate of an organization whose defenses have been compromised will be determined by the speed with which they can detect and respond to intruders. A mature security intelligence posture boosts an organization’s resiliency amidst these advanced threats. If intruders are detected early in their lifecycle, organizations can respond quickly and potentially avoid loss altogether.

    In this webinar, three cyber security veterans will discuss today’s rapidly evolving cyber threat landscape and LogRhythm’s new Security Intelligence Maturity Model™ (SIMM). They will explore how the SIMM provides organizations with a framework to plan for continuous reduction in their mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR) to high-impact threats.

    Learn about:
    • Emerging cyber threat vectors in 2015.
    • Security Intelligence and the critical role it plays in addressing high-impact threats
    • Using the SIMM to assess your current Security Intelligence Maturity
    • How to move from “greatly exposed” to “highly resilient” via End-to-End Threat Lifecycle Management
  • What You Don't Know about Cryptography and How It Can Hurt You Apr 14 2015 6:00 pm UTC 45 mins
    Chuck Easttom, Computer Scientist, Author, and Inventor
    This presentation describes the gaps in most security professionals knowledge of crypto, why that is a problem, and how you can correct it.
  • The Dark Side of Anonymizers: Protect Your Network from the Unknown Apr 14 2015 5:00 pm UTC 45 mins
    Joanna Burkey, DVLabs Manager, HPSW HPN Security - Tipping Point
    While anonymizers can serve a positive purpose by protecting a user’s personal information by hiding their computer’s identifying information, their use in your network environment can be dangerous. Anonymizers can evade enterprise security devices, and their misuse can make your organization susceptible to malware and unwanted intrusions. Attend this session to learn how you can detect and block elusive anonymizers from wreaking havoc on your network.
  • Industrial Control Systems Cyber Security: It’s Not All About Stuxnet Apr 14 2015 3:00 pm UTC 45 mins
    Dr Damiano Bolzoni, CEO & co-founder, SecurityMatters
    Recently cyber attacks against Industrial Control Systems (ICS) used by
    utilities and other Critical Infrastructure organizations have hit the
    newlines worldwide. Stuxnet is the best known cyber attack against an
    industrial installation, but it's not the only one.

    But what if cyber attacks were not the biggest threat to industrial
    networks and systems? Although malware is still a major point of
    interest, the sword of Damocles for critical industrial networks is
    represented by system misuse performed by disgruntled employees,
    contractors and vendors, as well as unintentional mistakes,
    network and system misconfiguration; all this could lead to the
    divergence or failure of critical processes.

    In this talk we will reshape the concept of ICS cyber security and will present our vision for a comprehensive approach to cyber security for ICS.
  • All About the Thousands of 2014 Vulnerabilities - From Secunia Research Apr 14 2015 3:00 pm UTC 45 mins
    Kasper Lindgaard, Director of Research and Security, Secunia
    Every year, Secunia Research releases a review of the global vulnerability landscape, based on their large vulnerability database and data from the Secunia Personal Software Inspector (PSI) user base.

    The data in this research provides security professionals around the world with perspective on the impact and evolution of the threat landscape and what has trended throughout the year.

    In this webinar, Secunia’s Director of Research and Security Kasper Lindgaard will discuss the data presented in the Secunia Vulnerability Review 2015 and answer questions.

    The review itself was released on March 25.

    You can download a copy of the review on our website:

    www.secunia.com/VR2015

    Key takeaways:

    - The number of vulnerabilities and zero-days detected in 2014

    - How quick vendors are to respond to vulnerabilities

    - Which programs are more vulnerable

    - How products bundled with open source applications and libraries affect security
  • It Wasn't Me, It Was Bennett Arron Apr 14 2015 10:00 am UTC 45 mins
    Bennett Arron, Comedian, Author & Identity Theft Speaker
    Several years ago, award-winning writer and stand-up comedian Bennett Arron was in serious debt. He owed thousands of pounds to mobile phone companies, catalogues and department stores. Only it wasn’t him. Bennett was a victim of Identity Theft, the fastest growing crime in the UK. This theft resulted in Bennett and his pregnant wife becoming penniless and homeless.

    Years later, Bennett wrote a comedy show about his experience. The show was critically acclaimed at the Edinburgh Festival and led to Bennett being asked to direct and present a Documentary for Channel 4. The Documentary, How To Steal An Identity, was Pick of The Week in The Guardian and The Telegraph and was called ‘Fascinating and Disturbing’ by the TV Times. It went on to be shortlisted for a BAFTA.

    In the Documentary, Bennett proved the ease of ID theft, by first stealing the identities of the general public and then stealing the identity of the then Home Secretary, Charles Clarke.This action resulted in Bennett being arrested in a dawn raid by Scotland Yard and given the code-name Operation Hydrogen.

    Bennett has recently written a memoir on the subject. This book, which has received several 5 star reviews, is not only a disturbingly true yet funny account of what it's like to have your identity stolen and but also reveals the devastating consequences of making a documentary ‘in the public interest’.

    He has performed as a speaker at many corporate events around the world and he was the Guest Speaker at the International Fraud Convention in Italy, the International Congress On Anti-Fraud & Anti-Corruption in Poland (twice) and the opening keynote speaker at Auscert in Australia.

    Bennett has been called... 'A Welsh Seinfeld' by The Guardian, 'Genuinely Original and Funny' by The Times and ‘Case Number 2477419’ by The Metropolitan Police.
  • From the Front Lines: The Top 10 DNS Attacks Apr 9 2015 5:00 pm UTC 45 mins
    Srikrupa Srivatsan, Sr. Product Marketing Manager, Infoblox
    More than 75% of organizations in the U.S. and U.K. have experienced at least one DNS attack according to SC Magazine. DNS Attacks are increasing in frequency and evolving constantly. They range from common amplification, reflection, and flood attacks to more sophisticated and stealthier types. These might have fancy names like random subdomain, phantom domain, and domain lock-up, but their effects on DNS are far from pretty. Join this webinar as we reveal the top 10 attacks on external and internal DNS servers; and the impact they have on your operations.
  • Optimize Customer Signup Flows Online and in Your Mobile App Apr 9 2015 4:00 pm UTC 45 mins
    Chris Morton, President, Block Score; Lisa Aguilar, Marketing Manager, Jumio; James Bickers, Senior Editor,Networld Medi
    In today’s online and mobile environment, financial service organizations are struggling to comply with a multitude of regulatory requirements that impede online and mobile customer signups. What is the best way to signup customers while still complying with regulations and mitigating fraud?

    Join us for a live webinar, “Optimizing customer signup flows in your mobile and web channels” and listen in as experts in ID authentication and identity verification discuss various strategies that will help you:

    · Quickly and safely signup customers through your mobile and online channels
    · Remain compliant with regulatory requirements without adding additional operational overhead
    · Reduce customer sign-up abandonment

    Don’t loose another customer because you can’t offer a real-time sign-up process through your online and mobile channels. Join us and learn how to optimize your sign-up flows, and enable anytime, anywhere through any digital channel customer account opening.
  • Looking Forward to HIMSS 2015: What are the latest trends? Apr 8 2015 5:00 pm UTC 60 mins
    Lysa Myers, Security Researcher III, ESET North America
    ESET security researcher Lysa Myers discusses developments in healthcare IT system security that you may see at the HIMSS conference in Chicago next week. Find out what is being done to better protect patient data privacy and more.
  • How Mobile Data Protection Can Accelerate Top CIO Initiatives Apr 8 2015 4:00 pm UTC 60 mins
    Seyi Verma, Sr. Product Marketing Manager
    The proliferation of data on mobile devices has created huge headaches for CIOs as they attempt to protect data, stay in compliance and move workloads to the cloud. How IT approaches data protection for mobile devices can support or hinder these high level efforts. Endpoint backup, traditionally viewed as a functional requirement below the radar of CIOs, is evolving to offer not just data backup and restore, but also a modern way to address costly data governance challenges such as compliance and eDiscovery. This webcast will cover real-world case studies of Fortune 1000 companies leveraging endpoint backup solutions to gain significant business advantages including cost control, compliance and embracing the cloud.
  • ISA 62443 Patch Management Overview and Methods for Zero-Day Threat Protection Apr 8 2015 4:00 pm UTC 75 mins
    Joe Weiss, Managing Director for ISA99; William Cotter, Systems Engineering Specialist; Delfin Rodillas, Sr. Manager of SCADA
    The growing presence of widely known and used Commercial Off-the-Shelf (COTS) systems in Industrial Control Systems (ICS) provides an increased opportunity for cyber attacks against ICS equipment. Such attacks, if successful, could have severe impact to not only process availability but also safety. Patch management is one particular area of cybersecurity which requires special attention when applied to ICS. It is part of a comprehensive cybersecurity strategy that increases cybersecurity through the installation of patches that resolve bugs, operability, reliability, and cyber security vulnerabilities. The ISA-TR62443‑2‑3 technical report, developed by the ISA 99 Working Group 6, addresses the patch management aspect of ICS cyber security. Also part of an effective strategy is the use of compensating cybersecurity controls to protect ICS systems from exploits and malware in between often long patching cycles. Novel network and host based technologies have recently become available to address even zero-day threats which bypass conventional signature-based approaches.

    Attendees of this webinar will leave with a better understanding of:
    -The unique aspects of ICS that entail a different and more rigorous approach to patch management than that used in business networks
    - An overview of the ISA 99 standards efforts with detail review of the main aspects of the ISA-TR62443-2-3 Technical Report on Patch Management in IACS
    - Advancements in compensating cybersecurity controls for protecting systems from zero-day threats
  • Why DDoS Makes for Risky Business – And What You Can Do About It Apr 8 2015 3:00 pm UTC 60 mins
    Dave Shackleford, IANS Lead Faculty and Tom Bienkowski, Director of Product Marketing
    Despite years of headlines, and countless examples, many organizations are still under the impression that DDoS attacks are a problem for somebody else (i.e. their ISP), or that it’s a problem that can be defended using an existing on-premise security solution, such as their firewall or IPS. In a risk obsessed world, these organizations are ignoring the very real likelihood of becoming a target for DDoS attacks, along with the severe operational and business consequences of falling victim to an attack.

    It’s time to debunk some misconceptions about DDoS.

    Attend this webinar to learn:

    - Why a single layer of DDoS protection isn’t enough
    - How the impact of a DDoS attack is significantly more costly than protection options
    - The correlation between DDoS attacks and advanced threats revealed in our latest research and how both are used during multiple phases of an advanced threat campaign.
  • Your organization has been breached, now what? Recorded: Mar 31 2015 32 mins
    Dal Gemmell, Director of Product Management and Steve LaBarbera, Director of Security Solutions, SentinelOne
    Unfortunately, there is a high likelihood that organizations will suffer a breach by advanced malware. Learn how to minimize response time through real-time forensics to understand the scope of compromise including:

    - Identifying attacked endpoints
    - Finding indicators of compromise
    - Analyzing malicious activity
    - Tracing outbound communication, and more
  • UTM + USM: All you need for complete Threat Management Recorded: Mar 31 2015 48 mins
    Patrick Bedwell, AlienVault; Neil Matz, Fortinet
    Did you know the average breach goes undetected for 229 days? The earlier you can detect and respond to a breach, the faster you lower the risk and potential damage. Traditionally, companies have implemented a number of point solutions to for each new threat, an expensive and cumbersome approach. However, by combining threat protection from Fortinet with threat detection and response from AlienVault, companies now have an affordable way to significantly reduce the cost and complexity of complete threat management.

    Join threat experts from AlienVault and Fortinet for this webcast to learn how this integrated solution will provide:

    · Continuous threat prevention, detection and remediation in an easy-to-use solution

    · The ability to identify all critical assets and the potential attack surfaces in your network

    · Advanced analysis of FortiGate logs for threat identification and response through AlienVault USM

    · Simplified protection of your network with ONLY two products, at a price you can afford

    · Continual improvement of your security posture through frequent assessment.

    · Integrated threat intelligence that maximizes the efficiency of your security monitoring program
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Roundtable - Predicting the Direction of Secure Clouds
  • Live at: Mar 11 2010 2:00 pm
  • Presented by: Andrew Yeomans, Jericho Forum, Randy Barr, Qualys, Ian Osborne, Intellect UK
  • From:
Your email has been sent.
or close
You must be logged in to email this