ITSPmagazine chats with Demetrios Lazarikos (Laz), InfoSec Strategist and Founder of BlueLava.
Here are a few highlights from our conversation with Laz:
- Laz provides three tips for CISOs as their role changes:
1/ Start learning how to present your information in business terms to your executive leadership team and/or board. Present in terms they will understand.
2/ Share & collaborate with other CISOs because threats are leapfrogging each other.
3/ Attend conferences and read up on different programs & strategies. Stay current with articles and subscriptions. Take a step back and block out time for yourself.
- Be more engaged & build relationships within your company. Partner with legal or the board. Try creating a security committee.
- Organizations need to understand that security education is an investment that is going last a long time.
- As an adjunct professor at Pepperdine University, Laz is coaching and mentoring the next generation of business leaders. He helps them understand IT, security, data analytics and enterprise architecture, not in technical terms but understanding why they should build this as a part of their business or framework.
Join us for a look at Pivotal Cloud Foundry 1.12. This latest version includes many features to help enterprise InfoSec teams to run their modern applications more securely.
We will also discuss small footprint ERT, more tools for Windows operators and Steeltoe.
Thank you in advance for joining us.
The Pivotal Team
As organizations move to an agile DevOps model, they are confronted with one major question: How can they manage existing information-security processes to ensure data privacy?
Since data breaches are not going to go away, organizations really need to focus on how to make breaches irrelevant so that in the event of a breach the data either will not be accessed, or if it is it won’t be in usable form.
In this webinar, created for application developers and data security resources, CSPi will not only review best practices but also present a software framework to show how organizations can achieve uncompromised enterprise-wide security. Created for application developers and data-security resources, this webinar will also show you how this new approach complements established InfoSec security requirements and maintains the agile benefits of DevOps – all while providing the automated protection of critical data under any use.
Don’t miss this webinar! Register today.
Join us for this valuable webinar to learn how you can:
1.Uniformly and automatically apply security policies across the enterprise, including containers and VMs as they spawn.
2.Offload core-intensive security functions while improving application performance.
3.Secure critical assets in all cases – in motion, at rest, and in use.
We all know that security gaps are widening due to technology shifts and advanced threats. Whether you are in finance, energy, tech, or manufacturing, the infosec challenges are much the same.
Chart Industries — a global manufacturer with 5,000 employees and 45 locations — was facing a huge volume of malicious activity every day resulting in excessive break-fix work for their small security team. They had thousands of unmanaged mobile and guest devices connecting to their networks. And neither web proxies nor endpoint security could fully protect them. They needed a new layer of malware and breach protection. But it also had to be a painless deployment and it needed to be a transparent experience for their employees and guests.
Hear directly from Jack Nichelson, Chart’s Director of IT Infrastructure and Security to learn:
-Why they use a layered approach to security and how OpenDNS complements their security stack
-How long it took to deploy OpenDNS Umbrella globally
-How his security analyst, Kevin Merolla, quickly responds to incidents or false positives using OpenDNS Investigate
InfoSec 2016 - What is risk-based security?Read more >
Interview with FortyCloud during InfoSec 2014, the interview talks about the main challenges of IT security in 2014 and where are the best places to start dealing with those challenges.Read more >
E-commerce, partner portals, customer service portals, and other cloud-enabled business services: Websites are the new front door to many businesses, and we expect to gain access whenever we want, from anywhere in the world, and from any device.
But what happens to the business when the website doesn’t perform as expected? And how do you protect your website(s) from nefarious traffic looking to harm your business by bringing it down, scraping content, changing content? Do you know whether your traffic is a human user - or is it a bot? Does the language (or a lack of communication whatsoever) between the business and the IT personnel leave you wondering what the potential issues might be?
During this expert panel discussion, we will explore the business impact of an underperforming or compromised website. You will:
- Learn more about what good website performance look likes
- Gain a deeper understanding of traffic on websites
- Understand how your website's performance affects other departments within the business
- Hear practical recommendations for business leaders on how to protect your website from compromise
Tin Zaw, Director Security Solutions, Verizon Digital Media Services
Laz, InfoSec Strategist and Professor
Edward Roberts, Director of Product Marketing, Distil Networks
Sean Martin, CISSP, Founder and Editor-in-Chief, ITSPmagazine
In Westeros - the land of dark knights, backstabbing royals, and a myriad of other characters - even the youngest ones have to learn basic self-defense to have any hope of surviving the cruel world imagined by A Game of Thrones (GOT) author, George R. R. Martin. And so too, must every CISO and security pro learn the latest information security best practices if they’re to survive today’s Internet threat landscape.
Intrigued? In this fun yet informative webinar, noble Corey Nachreiner, Director of Security Strategy and Research at WatchGuard Technologies, will explore the information security tips you could extract from the morbidly dark, yet inescapably addictive fantasy series. He’ll cover lessons such as:
· Depending on just “The Wall” for defense isn’t wise. The best defense has layers.
· Never ignore the warnings of ravens because they may contain hints of potential security breaches.
· Building a strong castle won’t prevent an attacker from tricking an untrained guard into opening your gates.
Join us. Advance your training and, much like a GOT warrior, learn how you should always stay vigilant.
Analytics--including machine learning and AI--is changing how security professionals approach cybersecurity.
During this webinar we will:
• Showcase the battle-tested strategies of the most successful information security organizations
• Survey the landscape of analytics-based security tools and solutions
• Walk through how to build a strategy based around current (and future) analytics and automation technologies
• Spotlight the critical security operational metrics that analytics can help improve
We look forward to sharing this information with you!
As part of Cyber Management Alliance’s exclusive Insights With Cyber Leaders interview series, Amar Singh, CEO of Cyber Management Alliance, sat down with Tracy Andrew, former Information Security and Compliance Manager at one of the largest law firms in Europe - Fieldfisher, to gather fascinating insights into his career, his thoughts on qualifications and certifications, what attributes he looks for when recruiting, and whether, in his opinion, it is important to have a technical background to succeed in cyber security.Read more >
The Internet of Things (IoT) has us now counting data elements in the trillions. Collecting, storing, and analyzing this data is transforming business intelligence. However, with this new capability, security is also essential. Teradata offers a best-in-class platform for IoT data processing, storage, and analytics. Together with Thales, the solution address the evolving business intelligence needs of enterprises, while protecting data elements and business intelligence. In this webinar, we will examine the key elements necessary to process IoT data, and the security aspects that enterprises need to focus on to safely harness the power of the technology.
• Examine the realities of IoT data processing and analytics
• Describe the architectures needed to support the capability
• Analyze drivers and technique to secure IoT data elements
Physical health comes from both common sense – eat right and exercise – and advanced medicine. Blood pressure, sugar levels, and white cell counts are vital metrics to be monitored and controlled.
What meaningful numbers are available to cyber teams? How can they be used to
understand overall risk posture and prescribe detailed actions to take today?
•Overall health - Which departments need cyber health checks now? Next quarter?
•Regular hygiene - Whose applications are patched quickly? Whose are not?
•Immune systems - How is unusual behavior pertaining to critical assets detected?
•Breakthroughs - Can cyber risk be quantified in financial terms?