Organizations on the journey to digital transformation are encountering new challenges with managing risk. Not only are complex digital transformation initiatives making it difficult for organizations to fully grasp their entire risk profile but digital transformation is also resulting in new types of risk for the company. Organizations with strong risk aversion are in danger of preventing or stifling innovation and change. How can organizations manage risk and create a strategy that empowers digital transformation? What have organizations learned on the road to digital transformation that can help others early on in the journey?Read more >
Many businesses today are driven to make their mobile apps more convenient and user-friendly, which often comes at the expense of security. Increasingly, cybercriminals exploit this oversight, shifting their focus from PCs to mobile devices and driving up the sophistication and rate of mobile attacks. Mobile malware, jailbroken devices, rogue apps, keylogging, screen capture and other threats are becoming serious disruptors of mobile business.
As an application publisher, you cannot stop these attacks from happening but you can render them ineffective — while also providing the best possible user experience. Join this webcast from VASCO Data Security and learn how to reduce your mobile apps’ vulnerabilities and maintain a frictionless user experience.
Topics of discussion will include:
- The nature and anatomy of mobile attacks
- The most common mobile app vulnerabilities
- The key components of holistic mobile app security
- Using “invisible” security such as behavioral authentication and runtime application self-protection to improve user experience
In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format. They provide insight into the path he took to become CISOs and how they are reinventing the role in the face of accelerating industry change.Read more >
This webcast will look at health care security from the top down, focusing on what the survey tells management in terms of priorities, breach management, controls and budgets. Attendees will learn about:
- Supporting operational priorities and business drivers (including mobile and cloud computing priorities)
- Reducing risk while supporting new business drivers
- Educating leadership and getting them on your team
- Efficacy of controls, desired improvements and wish lists
- Budgets and best practices
The IoT Is Making Status Quo Network Security Obsolete
The number of devices in the Internet of Things (IoT) category is exploding—adding billions of devices to networks every year that lack native security capabilities. Please join us as ZK Research Founder and Principal Analyst Zeus Kerravala discusses the Internet of Things and suggests ways to deal with IoT-related security challenges, including:
• Why traditional perimeter defenses are no longer relevant and how IoT devices can circumvent conventional firewalls
• The lack of IT and OT alignment—a major issue given that the IoT connects everything to a common network
• The role agentless visibility and control play in finding, classifying and securing network-attached IoT devices
The Center for Internet Security has defined required controls for effective cyber defense (CIS Critical Security Controls). How do they relate to your security initiatives? Why is endpoint security and control such a major focal point of SANS security? How does the Internet of Things (IoT) impact you cybersecurity strategy?
Join ForeScout's Darrell Kesti, and Dean Kratzer, ForeScout’s Senior Product Marketing Manager, as they discuss how ForeScout CounterACT® can help you create an effective cyber defense system. Discover how agentless cybersecurity technology and ForeScout’s See, Control and Orchestrate solution can accelerate this process with quick wins in the first 4 steps of this multistep process:
1. Inventory of authorized and unauthorized devices
2. Inventory of authorized and unauthorized software
3. Secure configurations for hardware and software on mobile devices, laptops, workstations and servers
4. Continuous vulnerability assessment and remediation
When a disruptive technology emerges, it is often met with skepticism. A good case in point is ForeScout CounterACT®. It’s gaining a lot of traction in cybersecurity circles, with more than 2,000 large and medium enterprises and government agencies worldwide using the product as of April 2016. But for those IT professionals who might think its capabilities are too good to be true, ForeScout enlisted Miercom, a leading independent testing and consultancy, to provide unbiased, hands-on testing of CounterACT capabilities. Miercom’s findings are what this webinar is all about.
Please join us as Miercom President and CEO Rob Smithers talks about his lab’s findings with regard to CounterACT’s:
• Visibility (discovery, classification and compliance assessment) of network-connected corporate, BYOD, guest and IoT endpoints without use of agents or previous device knowledge
• Detection and full classification of hundreds of endpoints in seconds
• Policy-based control of devices by enabling IT staff to grant the appropriate level of network access to people, applications and devices
• Ability to integrate with leading network infrastructure and endpoint protection technologies
There is an assumption that the more you spend on security technology, the more secure you will be. However, it is evident from the media that even though organisations are spending many on security products they are still being breached. Majority of organisations are falling back on 'historical, layered defence strategies’ with the tendency to think that by merely upgrading software and building up walls, their organisation is safe, but what if the attacker dug underneath the wall?. Does this demonstrate they are spending effectively and keeping their organisation secure?
In this webinar, we will discuss why organisations don't need to spend more on security to be better protected but need to spend wisely with the budget they already have. Organisations continually need to think about how they readjust and refocus on strategies that enable them to be resilient and recover from a cyber-attack. The webinar will cover:
Spend vs Resiliency – is it proportionate?
Strategy for protecting what really matters
Focusing on the 5% of alerts that really matter
Join Richard Turner, FireEye President of EMEA, as he continues his discussion around taking the ‘Risk message of Cyber Secuirty to the board’
With patches, threats and changes to your network taking place on a daily basis it is vital to understand if you are managing risk effectively. Vulnerability scanning is often a useful method to establish a vulnerability baseline across the network which is then tested on a regular basis to understand variance.
Vulnerability Scanning is also required for a number of key regulatory compliance standards in both the public and private sector making it an even more crucial element of an organisation’s security operations.
During this 30 minute webcast, Lee Lawson, Head of Security Testing and Response at Dell SecureWorks, will cover the following topics:
•Vulnerability scanning drivers
•Pros and cons for different vulnerability scanning solutions
•Best fit solution for specific regulatory compliance standards
Lee Lawson is the team leader, lead computer forensic investigator and penetration tester for Dell SecureWorks in EMEA. With a broad range of experience in IT security analysis, systems engineering and network security, Lee leads the penetration testing and digital forensic teams.
Lee has been involved with secure computer systems for over a decade, as a user and later as an engineer and penetration tester of Military networks. Lee holds many professional certifications in his specialised fields such as the EnCase Certified Examiner, Certified Ethical Hacker, Certified Information Systems Security Professional (CISSP) and PCI QSA (Qualified Scanning Assessor). Lee holds UK Government SC clearance and has experience of developing and delivering training courses for Security Testing and Forensic Readiness. In addition, he has been responsible for reporting evidence in several cases of financial fraud, hacker attacks, IP theft and deception.
A recent poll by developer GFI Software found that small business hesitate to use cloud services. The challenge seems to be how to communicate the benefits to this large target group.
What role can the traditional SLA play in this communication, or do we need something new?
In this presentation Hans looks at the traditional SLA according to ITIL and tries to investigate where it should be adapted to suit cloud service description for “the masses”.
As a professional linguist Hans started a career in the ICT industry in the late eighties. With more than 21 years experience in the industry, Hans is an expert in international IT and quality standards like ITIL and ISO. Hans was one of the first to adopt the ITIL method in 1991, and helped its further development by teaching ITIL all over the world. As one of the main authors, he has helped develop ITIL v2 at the turn of the millennium, and more recently he has helped develop the Open Group’s TOGAF 9 certification program. In this international organization Hans was Vice Chair of the Certification Committee and Chair of the Localization Committee.
In 2010 Hans started his own linguistic consultancy business delivering specialized services for the international ICT industry and educational organizations. His focus lies on international quality and IT standards. Hans is also a member of editing board of the new International Best Practice Institute.