If you and your on-call team feel overwhelmed or exhausted by the volume of alerts, this is for you. In it, we explore methods to not only identify and deal with alert fatigue but reduce it over time by fine-tuning your monitoring and alerting services. We'll also discuss the iterative process of identifying which data sets really represent actionable issues, which ones are redundant or overlap, and which ones are valuable only for information, and are never actionable. Join us to hear how you can make on-call suck less.Read more >
Recent controversies such as Apple vs FBI have highlighted that often strong security is a prerequisite for privacy, and that upholding privacy can ensure stronger security is built into software. As consumers become more aware of privacy issues, can the argument still be made that security must be sacrificed in place of privacy? How do new technologies confirm or deny this notion?Read more >
In 2008, a US district court said that expired patent numbers fall within the scope of “unpatented articles”, as defined by the section of the US statute relating to the standards for bringing lawsuits for false patent marking. Then, in December last year, the Federal Circuit ruled in Forest Group v Bon Tool that false marking defendants are subject to potentially much greater fines than had been previously awarded.
These two cases have arguably incited a false marking frenzy in the US, with hundreds of suits having been filed this year alone. This webinar will discuss how we got here, proposals to curb the problem, and strategies for companies to both avoid and successfully navigate such actions.
Eileen McDermott, Managing IP (moderator)
Lawrence M. Sung, University of Maryland School of Law
Robert Krebs, Nixon Peabody
Maia Harris, Nixon Peabody
First instalment of security Q&A sessions on whether organisations are operating under a false sense of security with the current measures they have in place.Read more >
• How to distinguish between statements that might be subject to false advertising claims and mere "puffery"
• What types of evidence might be needed to refute a claim of false advertising, and where to find that evidence
• How to use false advertising law as a weapon against a competitor's advertising campaign
Data Loss Prevention (DLP) is a computer security term referring to systems that enable organizations to reduce the corporate risk of the unintentional disclosure of confidential information. Data-loss prevention of stored data typically involves a Data Security Software installed on your computer to prevent unauthorized access to the data stored on your hard drive and USB/External drives. These systems identify, monitor, and protect confidential data while in use (e.g. endpoint actions), in motion (e.g. network actions), and at rest (e.g. data storage) through deep content inspection, contextual security analysis of transaction (attributes of originator, data object, medium, timing, recipient/destination and so on) and with a centralized management framework.
The purpose of this talk is to provide an overview of DLP tools/software and why it is generally ineffective in preventing data loss. Organizations need to establish best practices in addition to (possibly?) deploying DLP to reduce risk of data loss. This talk will include a discussion of these best practices.
Noise is the enemy of breach detection and response. After a major data breach it is often the case that signs of an attacker existed, but were buried in thousands of other security alerts that were mainly false positives.
With machine learning, meaningful signs of an attack are more easily detected and isolated, so a security operator can focus on precisely the right issue.
This session will examine:
- The problem of noise
- The role of machine learning in sifting through vast amounts of data to get to the fidelity needed to detect an attacker
- Best practices for including machine learning in your security operations
Acalvio provides Advanced Threat Defense (ATD) solutions to detect, engage and respond to malicious activity inside the perimeter. The solutions are anchored on patented innovations in Deception and Data Science. This enables a DevOps approach to ATD, enabling ease of deployment, monitoring and management. Acalvio enriches its threat intelligence by data obtained from internal and partner eco-systems, enabling customers to benefit from defense in depth, reduce false positives, and derive actionable intelligence for remediation.Read more >
As a cybersecurity pro, you already know that users are both an organization’s greatest asset and its greatest vulnerability. Users can do great damage—and they’re notoriously difficult to catch.
If you’re focused on addressing user threats, User Behavior Analytics (UBA) can be a powerful tool in your kit. In this webcast David Gorton and Mark Settle from LogRhythm, discuss the elements of an effective user threat detection program. You’ll learn:
- Why detecting user threats is so important—and so difficult
- Different approaches to UBA
- The value of data from across your enterprise
- How to maximize the efficiency of your security analysts
Watch the webcast to learn how UBA can help you discover hidden user threats, reduce false-positives, and properly prioritize the most concerning threats.
Whether operating in the region or conducting business through third parties, the shifting risk and regulatory landscape in Latin America poses many challenges. With local nuances, a one-size-fits-all approach to compliance and due diligence might do little more than provide a false sense of security.
Join Kroll's experts as they discuss the changing risk environment in Latin America and the potential implications on your risk mitigation and due diligence programs in the region.
- Corruption risks and trends in Latin America
- Understanding local nuances: What you need to know when conducting business with third parties in the region
- Best practices for risk mitigation and due diligence
We look to ITIL processes like Change, Release and Configuration Management to give us more control, insight and improved performance just find massive resistance to change.
Time and again our IT improvementS eludes us because of ‘Resistance to change’.
However ‘Resistance to change’ puts the blame on the ‘Resistor’ and absolves our own ineffective and outdated way we implement change
To gain the benefits of next generation Service Management, we need next generation Organizational Change practices to get us there
Join Paul Vos as he challenges your thinking by presenting proven Organizational Change (OCM) best practices and learn how to prevent false starts and change fatigue.
Change does not have to be a frustrating tug of war, learn how to get change right in one go!
The effectiveness of a security system depends on how quickly it detects and responds to threats. Is your security system able to tackle security challenges in near real time, while reducing false positives so analysts can focus on critical events and Indicators of Compromise (IOC’s)?
HPE Security ArcSight ingests large volumes of security events and correlates against IOC’s in real time to identify potential threats. Hexadite Automated Incident Response Solution (AIRS) takes these security alerts in real time and performs investigation and remediation at scale.
Learn how the combination of these two systems gives you the ability to:
• Gain visibility across the entire IT footprint
• Detect security threats in real-time
• Automate incident investigation
• Perform automated or semi-automated remediation actions
Today’s criminals and terrorist organizations are outpacing the performance of anti-money laundering (AML) programs by using new and unconventional ways to hide illicit transactions. While financial services firms have taken measures to improve programs, such as fine-tuning alert systems to reduce false positives, and investing in human capital to manage the growing number of investigations, they must look to Big Data to take their AML programs to the next level.
In this one-hour webinar, we’ll discuss how Big Data can be used today to bring AML programs into the new frontier, including how to:
· Improve transaction monitoring and reduce false positives
· Reduce the handle time for AML investigations
· Provide more sophisticated and automated customer risk-scoring
The collection of performance, usage, and error/crash data is a critical first step in building an application or infrastructure based analytics engine. Once collected, the normalization of this data into a proficient repository, that makes the data available to be analyzed, becomes the foundation of your Analytics initiatives.
In this interactive webcast, experts from CA Technologies will facilitate some key topics related to using the ELK stack as a basis for their Analytics engine, sharing their lessons learned and best practices. The ELK stack is a set of products (Elasticsearch, Logstash, and Kibana) provided by Elastic used to log, store, and visualize both structured and unstructured data. We’ll answer these questions, and more in this webcast:
•Why leverage the ELK Stack as part of your analytics strategy?
•Lessons learned in running Elasticsearch at scale (Master Nodes + Client Nodes + Hot Nodes + Warm Nodes)
•How to best support multi-tenant SaaS solutions with ELK
•Elasticsearch is just one component of a Lambda Architecture, what else can/should be used?
•How you can leverage CA’s new Agile Ops analytics platform to predict performance anomalies, end alert storms and false positives and leverage machine learning for faster root cause analysis.
According to 2016 research from the Ponemon Institute, companies are spending an average of $16M annually on cyber security tools and technologies, and yet they still struggle to detect and block advanced threats intent on doing damage to their organizations. Too many alerts, too many false positives, and too many days go by before a threat is finally discovered inside the network.
Join us as Larry Ponemon, Chairman and President of the Ponemon Institute, takes a closer look at key findings from research data collected from nearly 600 organizations. From there, Franklyn Jones, Vice President at Cyphort will show you how the company’s innovative Adaptive Detection Fabric can help you extract more value from your existing investments, and gain visibility and control over advanced targeted attacks before they can do damage to your business.
Traditional antivirus (AV) is not the solution to breach prevention on the endpoint – it is the problem. At best, traditional AV gives organizations a false sense of security.
To prevent security breaches, you must protect yourself not only from known and unknown cyberthreats but also from the failures of traditional antivirus solutions deployed in your environment.
In this webinar, you will learn:
· How to determine the true value of your endpoint security solutions
· What hidden costs traditional AV imposes on your organization
· Which five capabilities are critical to effective endpoint protection
· How the new Traps v3.4 prevents security breaches in your organization
Third-party tests can be extremely caluable for evaluating anti-malware products. In-fact, more tests are available than most people realize, covering not only detection rates and scanning speeds, but also factors like number of false positives and ability to block zero-day attacks. But an educated evaluator can both avoid the snares of misleading tests and find a surprising number of useful third party tests.Read more >
More and more solutions are crowding into the market but data breaches are still happening and there’s no end in sight. Is an over reliance of technology creating a false sense of “everything’s okay”? This session will focus on the three key aspects of comprehensive advanced threat protection; technology, awareness and in particular the role of threat intelligence.Read more >