Hi [[ session.user.profile.firstName ]]
Sort by:
    • The Future of Cybersecurity Has Arrived – and the Bad Guys are in the Lead
      The Future of Cybersecurity Has Arrived – and the Bad Guys are in the Lead Jonathan Sander, VP of Product Strategy, Lieberman Software Recorded: Oct 4 2016 2:00 pm UTC 45 mins
    • The future of cybersecurity has already begun and the bad guys are in the lead. Automation is the first step to a future where attacks are not sporadic but constant. We’re exiting the musket era of cyberthreats and entering the semi-automatic age. The future will be constant carpet bombing. The only way good guys will keep up is by automating themselves and getting AI involved. The far future of cyberwar will be AIs fighting AIs, and humans will only be brought in when the AI needs help to make choices. Bad guys will get alerts when their AI manages to crack into that juicy target the AI was set after. Good guys will get alerted when the bad guy seems to have slipped through and been detected and choices about what assets to lose need to be made. The AIs will be more than the foot soldiers. Humans will be in the commander in chief role, but in the future just about every other role will be some form of AI which can do the millions of calculations per second to counter the constant bombardment with maximum automated efficiency.

      Read more >
    • Catching "Wire-Bayas": Practical Kung-Fu to Detect Malware Traffic
      Catching "Wire-Bayas": Practical Kung-Fu to Detect Malware Traffic Ismael Valenzuela, Principal Architect - McAfee Foundstone Services EMEA Recorded: Mar 11 2014 11:00 am UTC 49 mins
    • BAYAS (Swahili word for 'badness' aka. malware of any kind, shape or form) continue to grow in number as script kiddies, hacktivists, organised crime and nation-state actors use them to deface websites, steal money, engage on cyber-warfare or "simply" to disrupt large businesses or nation-critical infrastructure.

      However, malicious software don't exist in a vacuum; any piece of malware is designed to call-back home sooner or later: to download additional malware, to report back to a C&C server or to exfiltrate data. How can Incident Responders detect hidden malware on the network using open-source tools and what patterns do they need to look for? In my webinar, I will share lessons learnt from practical traffic analysis in the field (i.e. predominate communication protocols, current trends, etc.) and present some effective techniques used to filter suspicious connections and investigate network data for traces of malware using tools like Wireshark, Snort and Bro.

      About the speaker:
      Ismael Valenzuela 13 years years experience in IT security and currently works as Principal Architect at McAfee Foundstone Services in EMEA. Author of security articles for Hakin9, INSECURE Magazine and the SANS Forensics Blog, Ismael also has experience teaching at BlackHat, serves on the GIAC Advisory Board and is a Community SANS Instructor for the Computer Forensics and Intrusion Detection tracks.

      He holds a bachelor's degree in computer science from the University of Malaga (Spain), is certified in Business Administration, and holds several professional certifications including. He is Lead Auditor from Bureau Veritas UK.

      Some of his articles are freely available at http://blog.ismaelvalenzuela.com.
      Mr. Valenzuela can be followed on twitter at @aboutsecurity

      Read more >
    • The New Paradigm: Advanced Targeted Attacks on Federal Government
      The New Paradigm: Advanced Targeted Attacks on Federal Government Bob Bigman, Former CISO, CIA; Alex Lanstein, Senior Researcher, FireEye Recorded: Jun 6 2012 6:00 pm UTC 60 mins
    • It’s no surprise that cyber security is the #1 concern for federal information executives in 2012. Cyber-attacks on the federal government have increased 680% in the last 6 years. The threat posed by increasing cyber-attacks is only heightened by vulnerabilities in federal systems supporting critical infrastructure.

      To counter cyber incidents such as nation-state sponsored espionage, data breaches and advanced persistent threats (APTs), government agencies must fill the hole left by next-generation firewalls, IPS, antivirus, and Web gateways. These rules and signature-based tools are no match for well-funded adversaries employing a new generation of dynamic, stealthy threats. To strengthen the security and resilience of federal government systems, agencies must adopt tools and techniques to protect them from the next generation of attacks.

      Hear from two cyber security experts, Robert Bigman, former Chief Information Security Officer, Central Intelligence Agency, and Alex Lanstein, Senior Security Researcher, FireEye, as they share their views on the new evolving threat landscape and how budget-constrained agencies can detect, protect and respond to advanced targeted attacks.

      In this session, participants will learn about:
      • Techniques and tactics that make next-generation cyber criminals successful
      • A new hacker alliance model and some concerning technical trends
      • Why conventional security defenses are no longer effective
      • Key criteria when investigating next-generation threat protection

      Read more >
    • Industrial Cyber Security: How Much Is Enough?
      Industrial Cyber Security: How Much Is Enough? Waterfall Security Solutions Recorded: May 18 2016 5:00 pm UTC 60 mins
    • A cyber incident in a large, complex industrial control system can have serious consequences, and all security technologies have limitations. This means we can always be more secure, or less. How then, should we evaluate security funding requests for industrial sites? How do we know how much is enough?

      The abstract, qualitative models that most of us use for cyber threats are poorly understood by business decision-makers, and are not easily compared to risk models for threats such as earthquakes and flu pandemics. We could force-fit cyber risks into more conventional models by "making up" numbers for the probability of serious incidents, but "made up" numbers yield poor business decisions.

      Most business leaders though, do understand cyber attack scenarios and their consequences, and find them much more useful than qualitative models or "made-up" probabilities. To communicate industrial cyber risks effectively, an assessment process should distill complex risk information into a small, representative set of high-consequence attack scenarios. Business decision-makers can then "draw a line" through the set, selecting which combinations of attacks, consequences and risks to accept, and which to mitigate or transfer.

      Join us to explore using attack scenarios to communicate risks, consequences, and costs to business decision-makers.

      Read more >
    • 2016 Bad Bot Report: Quantifying the Risk and Economic Impact of Bad Bots
      2016 Bad Bot Report: Quantifying the Risk and Economic Impact of Bad Bots Derek Brink, VP of Research at Aberdeen Group  & Rami Essaid, CEO of Distil Networks Recorded: Apr 5 2016 5:00 pm UTC 63 mins
    • Distil Networks has produced their third annual Bad Bot Report. It's the IT Security Industry's most in-depth analysis on the sources, types, and sophistication levels of last year's bot attacks -- and there are serious implications for anyone responsible for securing websites and APIs.

      Join Derek Brink, Vice President of Research at Aberdeen Group  and Rami Essaid, CEO of Distil Networks as they dive into the data to reveal:

      • 6 high-risk lessons every IT security pro must know
      • How to quantify the risk and economic impact of bad bots for your organization
      • How bot activity varies across websites based on industry and popularity
      • The worst offending countries, ISPs, mobile operators, and hosting providers

      Bad bots are the key culprits behind web scraping, brute force attacks, competitive data mining, online fraud, account hijacking, unauthorized vulnerability scans, spam, man-in-the-middle attacks, digital ad fraud, and downtime.

      Register today to gain actionable insights on how to defend your websites and APIs for the coming year of threats.

      Bonus: All registrants will receive a copy of Distil Networks’ 2016 Bad Bot Reports and a copy of the presentation slides.

      Read more >
    • Segmentation Beyond VLANs, Subnets, and Zones
      Segmentation Beyond VLANs, Subnets, and Zones Illumio Recorded: Sep 2 2015 5:00 pm UTC 51 mins
    • You already know the power of application segmentation to deliver data center and cloud security—now you can take segmentation to the next level. Nano-segmentation is finally a reality.

      In 15 minutes, we’ll show you how nano-segmentation delivers the most granular, adaptive security across your data centers and public clouds.
      Register to find out how to:

      - Reduce your data center and cloud attack surface by 99%
      - Quarantine compromised servers in seconds
      - Achieve compliance in hours

      Read more >
    • Designing Your Industrial Internet Without Sacrificing Security
      Designing Your Industrial Internet Without Sacrificing Security Brian Witten, Sr. Director for IoT, Symantec Recorded: Nov 5 2015 6:00 pm UTC 52 mins
    • Big data analytics and smarter sensors are just two of many technologies leveraged by many companies enhancing their Industrial Control Systems (ICS) to reap the benefits of the Industrial Internet. However, as you design these smarter and increasingly connected systems, security must be built in from early stages, or else you risk others, with malicious intent, using your systems against you. This session will describe a process for helping you frame your security needs and meet them smartly to be sure that you are efficiently and effectively tackling security “end-to-end” and not leaving any weakest links unprotected as you evolve your ICS to capture the opportunities driving the excitement behind the Industrial Internet.

      About the Speaker: Brian Witten is a Senior Director for “Internet of Things” (IoT) at Symantec.

      Read more >
    • Industrial Control Systems (ICS) Cyber Incidents - Real But Not Being Identified
      Industrial Control Systems (ICS) Cyber Incidents - Real But Not Being Identified Joe Weiss- ICS Cyber Security Expert Recorded: Nov 18 2015 6:00 pm UTC 63 mins
    • It’s often a challenge to address the ICS cyber security conversation in an organization that has yet to suffer a cyber incident. While the issue of defending against traditional IT cyber breaches goes uncontested ICS owner/operators still struggle to align traditional cyber threat vocabulary and remediation methods to their operational environments. Both malicious and unintentional cyber threats are not confined to data breaches and IT systems but they can be harder to identify in ICS environments. You have to know what you’re looking for.

      Joe Weiss has amassed a database of more than 700 confirmed control system cyber incidents. The database covers ICS cyber from around the globe. A vast majority incidents were not identified in official reports as being cyber-related but a review of the circumstances surrounding the event proves otherwise.

      During this webinar Weiss will discuss:
      • Differences between ICS cyber security and traditional IT security
      • Summaries of actual ICS cyber incidents from his database
      • Recommendations on how to tackle monitoring and protection at your facility

      Read more >