Faster time-to-market and business value driven application functionality are the biggest drivers for DevOps. With DevOps, more frequent releases require shorter development and test cycles creating a higher risk of breaches exploiting the application layer. The last couple of years have shown business value can take a significant hit with security breaches. Building security features at the speed of DevOps, and reducing risk with the right security architecture, processes, and collaboration is key to staying in business. This is the genesis of DevSecOps.
In this Webinar, Derek Brink from Aberdeen Research describes how the shift towards rapid application delivery methods creates new opportunities for improving application security and reducing risk. MicroFocus’ James Rabon (Product Manager, Fortify Software Security Center and Tools) and Paladion's Vinod Vasudevan (Co-founder and CTO) discuss how MicroFocus and Paladion are helping customers integrate security and compliance into DevOps processes.
Key Takeaways from the Webinar:
- Trends in application delivery: from waterfall, to Agile and DevOps
- How characteristics of Agile, DevOps provide a high-level blueprint for what application security in that environment should look like
- Capabilities you should be looking for to improve application security at the speed of DevOps
- How to adopt non-disruptive and continuous application security processes
- Bringing in around-the-clock security monitoring for cloud assets
VMware transforms security by providing a ubiquitous software layer across application infrastructure and endpoints, maximizing visibility and context of the interaction between users and applications, aligning security controls and policies to the applications they are protecting, and enabling the insertion of third-party security services for additional intelligent protection.Read more >
When planning a go-to-market strategy, it’s common practice to build detailed marketing and sales personas for key security individuals such as the CISO, the IT administrator, the developer, and the end user. Each of these roles has different needs and priorities when considering a security tool, and sales strategy recognizes the need to address each of them. Organizations have different types of business drivers, priorities, constraints, and capabilities as well: for example, an 80-year-old manufacturing company may not care what cute new IoT ideas you might have.
These organizational personas must be considered when searching out peers for benchmarking. Security decisions made only by looking at other companies in the same industry doesn’t provide enough data, because there are many other variables that come into play. Building a security anthropology model for comparing organizations provides more context to better design products and services to align with their needs, while helping the security community speak the language of the users it’s serving. Join us for a discussion on how we can excavate a better approach with Wendy Nather, Principal Security Strategist at Duo Security.
Wendy Nather is a former CISO in the public and private sectors, and past Research Director at the Retail ISAC (R-CISC) as well as at the analyst firm 451 Research. She enjoys extreme weather changes while shuttling between Austin and Ann Arbor.
Join 451 Research and SecureAuth+Core Security for a peek into the emerging trends in cyber security and identity in 2018. Register today and learn how these trends will impact your strategy, organization, and job in the coming year.
Security experts Garrett Bekker, 451 Research and Chris Sullivan, SecureAuth+Core Security will share insight on these trends and more:
•Why network-based approaches to security are no longer sufficient in the age of cloud and IoT
•Why identity is the new gating factor for access to sensitive resources
•How various methods for securing cloud resources – CASB and IDaaS - need to converge
•The need for risk-based approaches to authenticating users – and machines
Steve Bongardt, retired FBI agent, took time out recently to talk to Amar Singh from Cyber Management Alliance as part of their exclusive Insights With Cyber Leaders series. Steve opened up about his early career in the Navy and multiple applications to become an FBI agent, the impact of cyber security on his time as an agent, and one of his favourite interview tactics that he likes to use on potential employees.Read more >
Asia Pacific has recently seen numerous changes to legislation and regulations as governments attempt to come to grips with the risks posed by cyber security breaches. In particular, the strengthening of data privacy laws which are increasingly requiring organizations to disclose, within a short time-frame, when they become aware that personally identifiable information belonging to customers or employees has been exposed. The associated heavy penalties are driving more and more companies to take proactive measures. Then there are the regulators (notably in the financial world) who are driving requirements for self-testing of cyber security with a focus on the ability to quickly recover from and remediate a cyber incident. Join Paul Jackson as he discusses the latest development of the privacy and cyber security field in Asia, and the best approach to mitigate these risks.Read more >
Offering organizations of all sizes the benefits of agility and scalability, the adoption of public cloud continues at a pace rivalled only by that of the early days of the Internet era. As was the case then, the speed of adoption often means that “good enough” security is viewed as acceptable. With the underlying premise that the public cloud is someone else’s computer, and an extension of your network this session will cover public cloud security concerns, what the shared security responsibility model really means and recommendations for protecting your public cloud workloads and data.Read more >
Data breaches, cyber-attacks, security lapses and new regulations have made IT security more challenging than ever now that every organization has gone digital. IT teams are struggling with points solutions, as the traditional security approach no longer works. Explore how VMware makes cyber security intrinsic with a footprint throughout IT organizations with a security solution that includes products such as Workspace ONE, AirWatch, Horizon, NSX, AppDefense, vSphere, vSAN and vRNI that simplifies and consolidates IT security. Also, learn about what’s new with NSX and our newest security solution AppDefense.
Technical Demo’s will include looks into the Horizon with NSX solution, and how it interacts with 3rd party solutions such as Trend Micro’s Deep Security to automate security processes. You will also get a look into the vRealize Network Insight tool, and how it is helping our customers operationalize these new security models, maintain operational visibility into the network, and ensure best practices and health of the networking and security services.
The systems that connect our lives like financial institutions, and transportation - are all dependent upon the internet. Building resilience in critical infrastructure is crucial to our national security. Join us as we examine cyber security in relation to keeping our traffic lights, running water, phone lines, and other critical infrastructure secure. It also facilitates the transition to November's Critical Infrastructure Security and Resilience Month (CISR), highlighting the tie between cybersecurity and our nation's critical infrastructure.Read more >
The new 2017 Gartner Magic Quadrant for Web Application Firewalls (WAF) is based on detailed responses to questionnaires from experienced Web App Firewall customers. Attend the webinar and hear the experiences of major customers who participated in the Gartner MQ for WAF research and how they implemented web app firewall to protect their applications and critical data.
This webinar will cover:
* Detailed results and considerations of the report
* Effective deployment options to meet enterprise demands
* Success stories and implementation options you can leverage within your own environment
Join us to hear Morgan Gerhart, Vice President of Product Marketing at Imperva, discuss the Gartner MQ for WAF with:
*Rob McCurdy, CIO of Michigan State University
*Darío Eduardo Herrera Yáñez, CTO of Sm4rt Security Services
2017 was the year of cyber attacks and high profile data breaches. Discover what cyber security professionals should be focusing on in order to secure their organizations in 2018.
This interactive Q&A panel will discuss:
- The trends shaping the cyber threat landscape in 2018
- Lessons from the biggest cyber events of the year
- Recommendations for CISOs on securing the enterprise in an age of frequent and persistent attacks
- The technological advancements in the fight against cyber criminals and the processes organizations need to have in place to enable their security teams
- Amar Singh, Cyber Management Alliance
- Stuart Davis, Director, Global Services & Intelligence Europe, Middle East & Africa at Mandiant
- Edward Tucker, CIO, DP Governance
- Dharminder Debisarun, Industry Security Architect, Palo Alto Networks
This session will look at the changing threat landscape and share intelligence insights and practical approaches to combat threats and help your organisation stay safe.
Nick Coleman is the Global Head of Cyber Security Intelligence Services at IBM. Previously he was National Reviewer of Security for the UK Government. He is an appointed advisor to the Executive Director of the EU Cyber Security Agency ENISA serving on the Permanent Stakeholders Group. He is an Honorary Professor at Lancaster University. He is a Fellow of the Institution of Engineering and Technology and a Fellow of the British Computer Society. He also holds an MBA with Distinction.
Aside from breaches, ransomware attacks, and insider threats, another large issue faced by the cyber security industry is diversity, or lack thereof.
Making the industry more appealing to women and then eventually retaining female talent are both challenges that are still affecting the cyber workforce.
Join this panel where we'll hear from experts who have made successful careers out of their time in the cyber security sector. They will discuss:
-How did they make their first break?
-Why does the industry have such a hard time retaining talent?
-What are some of their favourite parts about their job?
-Their advice to women in the industry
-Their advice to cyber security execs looking to create more diverse teams
According to a study by the Center for Cyber Safety and Education, by 2022, there will be a shortage of 1.8 million information security workers. Key influencers like teachers, parents, state and local officials are encouraged to join this webinar to learn more about this growing field and how to engage youth in pursuing cybersecurity careers.Read more >
BrightTALK caught up with Menlo Security's Jason Steer for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.
Topics up for discussion:
- The Russian hack of the US election
- AI & Machine learning in Cyber Security
- The Yahoo breach and steps to take to avoid it happening to other companies
- The leading prevention technologies currently and how to adopt them
- Cyber warfare in today's political spectrum
These days it's not a matter of if you'll be breached, but when. Security teams in the modern enterprise must accept that as well as efforts to protect their perimeter, they must also focus on understanding their east-west traffic.
This panel discussion will look at the trends and technologies influencing cyber security strategy in 2017, in particular those that deal with effectively monitoring your network to ensure your organisation handles vulnerabilities and stays breach free.
- Josh Downs, Community Manager - Information Security, BrightTALK (moderator)
- Jeff Costlow, Director of Security, ExtraHop Networks
- Rami Mizrahi, VP of R&D, TopSpin Security
- Francois Raynaud, Founder, DevSecCon
Tune into this panel conversation if you're a network or security professional looking to hear the latest trends and security best-practices to defend against a constantly evolving opponent.
Cyber security attackers become more innovative each year with threat activities progressing on a global scale. Coverage of cyber attacks by major media outlets continues to rise year after year, and 2017 seems to have done nothing to buck that trend.
In the last 12 months, we’ve seen reports of compromises at government entities, cable companies, automobile manufacturers, law firms, insurers, delivery companies, and more. Looking back at these headlines leaves us asking two questions above all: What didn’t work in cyber defense in 2017 and what can be done to be better prepared for future attacks?
We will address those questions and many others during our webinar, “Cyber Defense Lessons Learned in 2017 for a More Secure 2018,” presented by Jeff Groman, Mandiant Senior Manager and Chris Porter, Chief Intelligence Strategist. Tune in to learn about:
• The more disruptive opportunistic attacks in 2017
• More advanced and increasingly frequent attacks being carried out by nation-states
It wouldn’t be a proper discussion if we didn’t also cover the lessons learned from these successful attacks so that organizations will be better prepared in the future.
What have we learned from 2017's biggest breaches and how will we deal with 2018's emerging threats? Attempting to look both backward and forward over the cyber landscape, Peter Wood will review lessons learned and apply them to the evolving threatscape.Read more >
See Richard Hollis in action as he delivers an informative brief of the essential elements needed in designing an effective information security awareness program for your business.
The session covers the four pathways that need to be taken and includes the way to identify the KPIs required to actually measure the success of the program and verify the real change in your business culture.
As cyber threats in the business world evolve, so do the skill requirements on Cyber Security specialists. In 2017, 55% of enterprises required at least three months to fill open Cyber Security positions and 37% reported that less than 1 in 4 candidates have the qualifications they need (1). Building and maintaining a capable Cyber Security team today is a challenge.
A fundamental shortage of Cyber Security professionals, coupled with high attrition rates, can lead to organisations failing to acquire or retain the expertise necessary to respond to an ever-evolving threat landscape.
To better help you prepare against this situation, we have arranged for a webinar session, where we will explore the skills gap in the different stages of a Cyber Security programme, and provide recommendations on how to:
•Create and operationalise a robust cyber security team
•Build and upskill existing talent
•Address the skills gap in different stages of your Cyber Security programme
•Source skilled security professionals differently
(1) Source: ISACA’s State of Cyber Security 2017: Current Trends in Workforce Development