Hi [[ session.user.profile.firstName ]]
Sort by:
    • InfoSec Institute & D3 Security: ATM, Card Skimming and Other Fraud
      InfoSec Institute & D3 Security: ATM, Card Skimming and Other Fraud Stan Engelbrecht (D3 Security) and Chris Sienko (InfoSec Institute) Recorded: Dec 7 2018 9:00 pm UTC 35 mins
    • On this episode of the InfoSec Institute's CyberSpeak podcast, Stan Engelbrecht, director of cyber security practice for D3 Security, discusses a scary topic that we’ve been hearing a lot about on the news: the practice of ATM fraud and the implications for other swipe- and chip-based technologies.

      In the podcast, Engelbrecht and host Chris Sienko discuss:

      How did you get started in computers and security? (1:00)

      When did the recent ATM attacks that the U.S. Secret Service has been warning financial institutions about begin? (4:00)

      What warnings signs should ATM users be looking for to ensure they’re not putting their account information at risk? (7:20)

      If you suspect an ATM is compromised, who do you report it to? (10:10)

      Is the technique known as shimming, which uses paper-thin shims containing embedded microchips and flash storage to compromise payment cards, on the rise? (11:40)

      Are there any tips for consumers who will be making additional transactions during the busy holiday season? (15:25)

      Are tap-to-pay systems more or less safe than more traditional methods? (17:50)

      What are the impediments to universal implementation of safer cards? (19:35)

      Are newer ATMs better more secure? (20:55)

      Are their any legislative incentives that could be implemented to make these devices more secure? (24:10)

      Are there any new technologies or methods that can help secure these devices? (25:10)

      Is the firmware/software side of the AMT issue being properly addressed? (28:50)

      Can you tell us a little bit about your company, D3 Security? (31:25)

      Tune in for this engaging, and timely, discussion of ATM and payment fraud.

      Read more >
    • ITSPmagazine chats with Demetrios Lazarikos (Laz), InfoSec Strategist
      ITSPmagazine chats with Demetrios Lazarikos (Laz), InfoSec Strategist Demetrios Lazarikos (Laz), InfoSec Strategist, Thought Leader, and Professor Recorded: Feb 16 2017 1:50 am UTC 7 mins
    • ITSPmagazine chats with Demetrios Lazarikos (Laz), InfoSec Strategist and Founder of BlueLava.

      Here are a few highlights from our conversation with Laz:

      - Laz provides three tips for CISOs as their role changes:
      1/ Start learning how to present your information in business terms to your executive leadership team and/or board. Present in terms they will understand.
      2/ Share & collaborate with other CISOs because threats are leapfrogging each other.
      3/ Attend conferences and read up on different programs & strategies. Stay current with articles and subscriptions. Take a step back and block out time for yourself.

      - Be more engaged & build relationships within your company. Partner with legal or the board. Try creating a security committee.

      - Organizations need to understand that security education is an investment that is going last a long time.

      - As an adjunct professor at Pepperdine University, Laz is coaching and mentoring the next generation of business leaders. He helps them understand IT, security, data analytics and enterprise architecture, not in technical terms but understanding why they should build this as a part of their business or framework.

      Read more >
    • Unite InfoSec and DevOps and Still Achieve Enterprise-wide Security
      Unite InfoSec and DevOps and Still Achieve Enterprise-wide Security Gary Southwell, General Manager, CSPi Recorded: Nov 16 2017 4:00 pm UTC 46 mins
    • As organizations move to an agile DevOps model, they are confronted with one major question: How can they manage existing information-security processes to ensure data privacy?

      Since data breaches are not going to go away, organizations really need to focus on how to make breaches irrelevant so that in the event of a breach the data either will not be accessed, or if it is it won’t be in usable form.

      In this webinar, created for application developers and data security resources, CSPi will not only review best practices but also present a software framework to show how organizations can achieve uncompromised enterprise-wide security. Created for application developers and data-security resources, this webinar will also show you how this new approach complements established InfoSec security requirements and maintains the agile benefits of DevOps – all while providing the automated protection of critical data under any use.

      Don’t miss this webinar! Register today.

      Webinar highlights:
      Join us for this valuable webinar to learn how you can:
      1.Uniformly and automatically apply security policies across the enterprise, including containers and VMs as they spawn.
      2.Offload core-intensive security functions while improving application performance.
      3.Secure critical assets in all cases – in motion, at rest, and in use.

      Read more >
    • Learn Why Manufacturers are Using the Cloud to Deliver Infosec
      Learn Why Manufacturers are Using the Cloud to Deliver Infosec Jack Nichelson and Kevin Merolla, Chart Industries and Barry Fisher, OpenDNS Recorded: Jan 28 2016 7:00 pm UTC 60 mins
    • We all know that security gaps are widening due to technology shifts and advanced threats. Whether you are in finance, energy, tech, or manufacturing, the infosec challenges are much the same.

      Chart Industries — a global manufacturer with 5,000 employees and 45 locations — was facing a huge volume of malicious activity every day resulting in excessive break-fix work for their small security team. They had thousands of unmanaged mobile and guest devices connecting to their networks. And neither web proxies nor endpoint security could fully protect them. They needed a new layer of malware and breach protection. But it also had to be a painless deployment and it needed to be a transparent experience for their employees and guests.

      Hear directly from Jack Nichelson, Chart’s Director of IT Infrastructure and Security to learn:
      -Why they use a layered approach to security and how OpenDNS complements their security stack
      -How long it took to deploy OpenDNS Umbrella globally
      -How his security analyst, Kevin Merolla, quickly responds to incidents or false positives using OpenDNS Investigate

      Read more >
    • InfoSec: Evolve Thyself to Keep Pace in the Age of DevOps
      InfoSec: Evolve Thyself to Keep Pace in the Age of DevOps Fernando Montenegro, 451 Research, Justin Smith and Jared Ruckle, Pivotal Recorded: Apr 26 2018 6:00 pm UTC 60 mins
    • Companies going through digital transformation initiatives need their IT organizations to support an increased business tempo. While DevOps practices have helped IT increase their pace to keep up with market dynamics, security teams still need to follow suit.

      InfoSec practitioners must modernize their practices to realize efficiencies in some of their most burdensome processes, like patching, credential management, and compliance.

      By embracing a ‘secure by default’ posture security teams can position themselves as enabling innovation rather than hindering it.

      Join Pivotal’s Justin Smith and guest speaker, Fernando Montenegro from 451 Research, in a conversation about how security can enable innovation while maintaining best security practices. They will examine best practices and cultural shifts that are required to be secure by default, as well as the role processes and platforms play in this transition.


      SPEAKERS:
      Guest Speaker: Fernando Montenegro, Senior Analyst, Information Security, 451 Research
      Justin Smith, Chief Security Officer for Product, Pivotal
      Jared Ruckle, Product Marketing Manager, Pivotal

      Read more >
    • ISSA Thought Leadership Series: Security Awareness Strategies
      ISSA Thought Leadership Series: Security Awareness Strategies Jack Koziol, InfoSec Institute | Robb Reck, Ping Identity | Marnie Wilking, Orion Health | Michael Towers, Allergan Recorded: Mar 21 2018 5:00 pm UTC 62 mins
    • Beating Hackers at Their Own Game: Security Awareness Strategies That Work

      If 2017’s explosion of cybersecurity breaches taught us anything, it’s that our workforces, more than ever, are one of our most critical defenses. But with as much as 30% of employees unable to spot a phishing email, how do you keep hackers from hijacking your data? The seemingly obvious answer is security awareness training. Unfortunately, many security education programs today fail to sufficiently change employees’ security attitudes, skills and behaviors -- providing a false sense of protection and safety. Even worse, 48% of companies do not have an employee security education program.

      If your New Year’s infosec resolutions include launching a security awareness initiative, or reviving an existing one, what better way to guarantee results than to learn from pros who have been in your shoes. Join our expert panel as they share:

      ● Their most effective security awareness strategies to improve your organization’s security posture

      ● Proven methods to get employees to take security seriously (before a breach occurs)

      ● Security awareness program pitfalls to avoid and biggest lessons learned

      ● Predictions on what will cyber attacks will look like in the next couple years and what you should do in your security awareness program today to prepare

      Read more >
    • The Business Impact of Poor Website Usability, Performance, or Security.
      The Business Impact of Poor Website Usability, Performance, or Security. Tin Zaw, Verizon Digital Media Services | Laz, InfoSec Strategist | Edward Roberts, Distil Networks | Sean Martin, Moderator Recorded: Apr 20 2017 5:00 pm UTC 60 mins
    • E-commerce, partner portals, customer service portals, and other cloud-enabled business services: Websites are the new front door to many businesses, and we expect to gain access whenever we want, from anywhere in the world, and from any device.

      But what happens to the business when the website doesn’t perform as expected? And how do you protect your website(s) from nefarious traffic looking to harm your business by bringing it down, scraping content, changing content? Do you know whether your traffic is a human user - or is it a bot? Does the language (or a lack of communication whatsoever) between the business and the IT personnel leave you wondering what the potential issues might be?

      During this expert panel discussion, we will explore the business impact of an underperforming or compromised website. You will:
      - Learn more about what good website performance look likes
      - Gain a deeper understanding of traffic on websites
      - Understand how your website's performance affects other departments within the business
      - Hear practical recommendations for business leaders on how to protect your website from compromise

      FEATURED EXPERTS
      Tin Zaw, Director Security Solutions, Verizon Digital Media Services
      Laz, InfoSec Strategist and Professor
      Edward Roberts, Director of Product Marketing, Distil Networks

      YOUR MODERATOR
      Sean Martin, CISSP, Founder and Editor-in-Chief, ITSPmagazine

      Read more >
    • Prevailing When Evil Storms Your Network Gates: Infosec Tips I Learned From GoT
      Prevailing When Evil Storms Your Network Gates: Infosec Tips I Learned From GoT Corey Nachreiner, Director of Security Strategy and Research at WatchGuard Technologies Recorded: Jul 17 2014 5:00 pm UTC 53 mins
    • In Westeros - the land of dark knights, backstabbing royals, and a myriad of other characters - even the youngest ones have to learn basic self-defense to have any hope of surviving the cruel world imagined by A Game of Thrones (GOT) author, George R. R. Martin. And so too, must every CISO and security pro learn the latest information security best practices if they’re to survive today’s Internet threat landscape.

      Intrigued? In this fun yet informative webinar, noble Corey Nachreiner, Director of Security Strategy and Research at WatchGuard Technologies, will explore the information security tips you could extract from the morbidly dark, yet inescapably addictive fantasy series. He’ll cover lessons such as:

      · Depending on just “The Wall” for defense isn’t wise. The best defense has layers.

      · Never ignore the warnings of ravens because they may contain hints of potential security breaches.

      · Building a strong castle won’t prevent an attacker from tricking an untrained guard into opening your gates.

      Join us. Advance your training and, much like a GOT warrior, learn how you should always stay vigilant.

      Read more >
    • Live @ InfoSec with ExtraHop Co-Founder Raja Mukerji
      Live @ InfoSec with ExtraHop Co-Founder Raja Mukerji Raja Mukerji, President and co-founder of ExtraHop Networks Recorded: Jun 15 2018 10:25 pm UTC 11 mins
    • Raja Mukerji is the President and co-founder of ExtraHop Networks, where he is responsible for Customer Services, Systems Engineering, and Solutions Architecture. Raja ensures customer success, leveraging his background in the financial-services industry.

      Raja co-founded ExtraHop after a seven-year tenure at F5 Networks where he was a Senior Software Architect and co-inventor of the TMOS platform. He was one of the lead developers behind the BIG-IP v9 product and the major-accounts liaison for critical issues within Product Development. Prior to F5, Raja worked as a Technology Architect at Strong Capital Management.

      Raja is a renowned expert in application delivery and network protocols. He was involved in the FreeBSD project and contributed several enhancements to its TCP stack. Raja holds a bachelor’s degree in Computer Engineering from the Milwaukee School of Engineering.

      Read more >