Hi [[ session.user.profile.firstName ]]

Overcoming the Challenges of Securing Hybrid Enterprises

It’s become clear that organizations need to overcome the challenges of securing hybrid enterprises. Hybrid IT spans platforms, tenancy and locations, which when using traditional solutions often results in a fractured security architecture without a centralized single policy, view or enforcement point. With this shift to hybrid, organizations need to embrace CSA’s Software-Defined Perimeter (SDP) specification to enable a new, transformational approach. Using SDP results in precise network security, automated network policies, reduced compliance effort and reduced attack surface.

In this session, we’ll summarize the progress that’s been made with the CSA’s Software-Defined Perimeter (SDP) specification over the past two years, and show how and why an SDP approach enables organizations to overcome the challenges of securing hybrid environments. We’ll conclude this session with a case study, showing real-world benefits achieved by enterprises that have deployed an SDP architecture.
Recorded Apr 13 2017 41 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Cryptzone
Presentation preview: Overcoming the Challenges of Securing Hybrid Enterprises

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • How and Why to Build an Insider Threat Program Jun 20 2017 4:00 pm UTC 45 mins
    Jadee Hanson of Code42
    Jadee Hanson, Director of Security at Code42, provides a behind-the-scenes look at what it's really like to run an insider threat program -- a program in which you can take steps to prevent employees from leaking, exfiltrating, and exposing company information. This webinar will provide cloud security professionals with insider threat examples (and why you should care), recommendations for how to get buy-in from key stakeholders, and lessons learned from someone who has experienced it firsthand.

    About the speaker:
    Jadee Hanson, CISSP, CISA, is a security professional with more than 13 years of experience. Jadee’s passion for security was born out of a computer science internship and developed into a profession with her first role at Deloitte. After 5 years and a lot of travel, Jadee’s consulting experience led her to Target Corp. where she spent 8 years on its security team, building many of the security programs and functions that exist today. Currently, Jadee is the Director of Security at Code42. In addition to her day job, Jadee is also the founder and CEO of a nonprofit, Building Without Borders.
  • Security Automation Strategies for Cloud Services Jun 15 2017 4:00 pm UTC 60 mins
    Peleus Uhley of Adobe
    Security automation strategies are a necessity for any cloud-scale enterprise. There are challenges to be met at each phase of developing and deploying security automation including identifying the appropriate automation goals, creating an accurate view of the organization, tool selection, and managing the returned data at scale. This presentation will provide the details of various of open-source materials and methods that can be used to address each of those challenges.

    About the speaker:
    Peleus Uhley has been a part of the security industry for more than 15 years. As the Lead Security Strategist at Adobe, he assists the company with proactive and reactive security. Prior to joining Adobe, Peleus was a senior developer at Anonymizer, and a security consultant for @stake and Symantec.
  • 4 Lessons IT Pros Have Learned From Managing ​Outdated Endpoint Backup Jun 13 2017 4:00 pm UTC 45 mins
    Aimee Simpson of Code42, Shawn Donovan of F5 Networks, and Kurt Levitan of Harvard University
    Today's organizations face complex challenges as a result of exponential data growth and rapidly evolving ​cyberthreats. Furthermore, as companies move to cloud, it's inevitable that technologies will need to be replaced -- and what may have worked five years ago is no longer a viable solution for today's mobile workforce.

    In this session, you'll hear​ from IT professionals at F5 Networks and Harvard University, as well as​ a Code42 expert​ as they ​discuss:
    - Why all endpoint backup isn't created equally
    - How outdated or insufficient backup solutions leave you with gaps ​that put user data at risk
    - ​​What technical capabilities you should ​look for in your next ​backup solution

    About the speakers:
    Aimee Simpson is a Solutions Marketing Manager at Code42 where she helps internal audiences understand what’s happening in the category and influences product decisions through customer and market research. She has always worked in the technology industry, having launched her career at the data storage company Compellent Technologies.

    Shawn Donovan is a Windows System Engineer at F5 Networks where he works with a variety of Microsoft enterprise technologies as well as other products such as Cisco Ironport and Code42 backup solution.

    Kurt Levitan is a Technical Architect at Harvard University where he is responsible for designing and implementing technology solutions, and leading a team of system administrators who provide endpoint management services for the university
  • How Financial Services can Leverage the Cloud Securely to Drive Business Recorded: May 25 2017 32 mins
    Miguel Ramos of Forcepoint
    Though one of the most mature industries in cybersecurity, the Financial Services industry has seen some of the largest explosion of innovation and technology. While startups and innovators are focused on speed to market and leveraging cloud infrastructure and cloud platforms as a service, the need for security in financial technologies is paramount.

    In this session, Miguel Ramos will use case studies and his experience to outline key steps that can be taken to secure financial technology innovators, and explain how traditional, cloud and potentially even blockchain technologies can be used by corporations to ensure the security they need to drive business forward.
  • You can stop shaking if you follow this plan for securing your data Recorded: May 17 2017 60 mins
    Terence Spies of HPE Security-Data Security and Rich Mogull of Securosis
    Data security has a tendency to be intimidating for organizations, users and implementers. Organizations see the value but the challenges of applying a data security solution. Wouldn’t it be great if there were solutions that took the guesswork out of data protection and key management?

    In today’s data driven environment, there are strategies and technologies to protect data that do not have to be the high-risk propositions feared by organizations, users and implementers - IT professionals. By thinking of data security and key management as data t protection enablers instead of obstacles, you can easily protect data across the infrastructure and beyond. Data security and key management need to interact with the data and the users in a seamless way that doesn’t disrupt their processes or destroy the characteristics of the data.

    During this webcast we will discuss some of the findings from the CSA Security Guidance v4 report and how data-centric security can help mitigate and manage many of the risks. Think of security as an enabler instead of an obstacle for cloud adoption.
  • Overcoming the Challenges of Securing Hybrid Enterprises Recorded: Apr 13 2017 41 mins
    Cryptzone
    It’s become clear that organizations need to overcome the challenges of securing hybrid enterprises. Hybrid IT spans platforms, tenancy and locations, which when using traditional solutions often results in a fractured security architecture without a centralized single policy, view or enforcement point. With this shift to hybrid, organizations need to embrace CSA’s Software-Defined Perimeter (SDP) specification to enable a new, transformational approach. Using SDP results in precise network security, automated network policies, reduced compliance effort and reduced attack surface.

    In this session, we’ll summarize the progress that’s been made with the CSA’s Software-Defined Perimeter (SDP) specification over the past two years, and show how and why an SDP approach enables organizations to overcome the challenges of securing hybrid environments. We’ll conclude this session with a case study, showing real-world benefits achieved by enterprises that have deployed an SDP architecture.
  • Leveraging the Power of Threat Intelligence Recorded: Mar 15 2017 56 mins
    Ray Pompon and Sara Boddy of F5
    It's becoming impossible for cyber security to keep up with paradigm-changing technological advancements which provide fertile new hunting ground for the more sophisticated cyber-criminals. You can't enumerate all possible attacks while calculating probabilities and impacts for each. We need to narrow things down. But when we reach for data, we drown in reports, dashboards, and alerts. We don't need more undigested data. We need answers. Enter threat intelligence. Useful threat intelligence is not data feeds of indicators without context, but interpretation that boils things down to provide recommendations so you can operate safely in the new Internet age. Threat intelligence demystifies the swarm of noise and connects the dots into threads that demystify what is really going on. We'll look at what good, actionable threat intelligence looks like and how you can use it to neutralize potential attacks before they strike. We'll look deeper at the threats against and originating from cloud platforms.
  • BrightTALK at RSA - John DiMaria: GDPR, Critical Infrastructure & IoT Security Recorded: Mar 6 2017 6 mins
    John DiMaria, Global Product Champion for Information Security & Business Continuity at BSI Group
    Join this in-depth interview at RSA Conference with John DiMaria, Global Product Champion for Information Security & Business Continuity at BSI Group.

    Viewers will learn John's insights around:
    - Preparing for GDPR
    - Challenges for the new U.S. administration
    - Protecting our critical infrastructure
    - Protecting the IoT: personal accountability, product certifications, regulation
    - The threat landscape
    - The importance of security awareness training
  • Fighting the ‘Gap of Grief’ With Business-Driven Security Recorded: Mar 1 2017 35 mins
    Peter Beardmore of RSA
    Defending against human ingenuity demands a new way of thinking. With countless dollars spent and infinite alerts you still don’t have a true picture of what is going on. So when a breach happens, can you answer THE question: “How bad is it?” The inability to do so is what RSA calls the “gap of grief.” To answer, you must connect your security strategy and business risks.

    RSA’s cybersecurity expert, Peter Beardmore, will provide perspective on this important issue during this pointed webcast designed to help security leaders:
    - Learn how to garner the right visibility, in the right context to defend what matters most – and fast;
    - Discover the 6 steps to take command of your evolving security posture in this uncertain, high risk world; and,
    - Find out what it takes to link your security strategy with your business priorities.
  • Which CASB Deployment Mode is Right for Me? Recorded: Jan 19 2017 56 mins
    Srini Gurrapu and Brandon Cook of Skyhigh
    When kicking off a cloud security project, you'll quickly discover that there are multiple deployment options for a cloud access security broker (CASB) – Log Collection, API, Reverse Proxy, and Forward Proxy – delivered via the cloud, on-premises, or hybrid - and with or without agents. But which CASB deployment mode is right for your organization? It depends on which use cases you need to support across which users and devices.

    In this webinar we’ll share an objective overview of the use cases each CASB deployment option supports. Just as importantly, we’ll detail which use cases each deployment mode does not support and provide case studies explaining how companies like Aetna, AstraZeneca and Western Union leveraged various deployment architectures to cover all their key use cases (visibility, compliance, data security, and threat protection) across O365, Salesforce, Box, and Shadow IT.

    Speakers:
    Srini Gurrapu – VP, Solutions Strategy
    Srini Gurrapu is the VP, Solutions Strategy at Skyhigh Networks, with 20 years of experience in networking, security, virtualization, mobile and cloud security markets. Srini's primary forte is building trusting advisory relationships with customers and delivering innovative solutions that make customers successful in their strategic initiatives.

    Brandon Cook – Sr. Director, Marketing, Skyhigh Networks
    Brandon leads the marketing team at Skyhigh Networks and has over a decade of experience in the tech industry identifying and developing new markets. As a regular contributor to the Cloud Security Alliance (CSA) events and blogs and author of the quarterly Cloud Adoption and Risk Report, he has expertise in “shadow IT”, cloud security, cloud governance, and cloud regulatory compliance.
  • Cloud First, Now What? Recorded: Jan 17 2017 51 mins
    Palo Alto Networks
    Your executive staff has made a strategic decision to move to the cloud, and your team has the seemingly monumental task of executing on this new direction. The journey to the cloud introduces many unknowns, the least of which is determining the applications and data, including precious customer information, that belong in the cloud. Yet your knowledge is limited and you have little time to immerse yourself in this vast topic.

    Join us for the the Cloud First, Now What? webinar hosted by Cloud Security Alliance and sponsored by Palo Alto Networks. In this webinar, we will walk through the process by which your company should implement a cloud first strategy.

    •How to get started
    •Key players and their responsibilities
    •Steps involved in continuous improvement
  • The 2017 Cyberthreat Landscape Recorded: Dec 14 2016 62 mins
    Leo Taddeo, Chief Security Officer, Cryptzone
    2016 was record-setting … and threats aren’t likely to subside in 2017. Let’s reflect on what happened this year and learn about emerging threat landscape trends. A solid understanding of the threat landscape will help you better formulate your defensive strategy and prioritize security initiatives for 2017 and beyond.

    This webinar will feature Leo Taddeo, who is uniquely qualified to present his thoughts on the ever-changing threat landscape. Currently Chief Security Officer (CSO) for Cryptzone, a provider of dynamic, context-aware network, software-defined perimeter based security solutions, Leo is former Special Agent in Charge of the Special Operation/Cyber Division of the FBI’s New York office. Leo is a frequent cybersecurity source for business, IT security and global news outlets, such as: Bloomberg, CNBC, CSO Online, Dark Reading, Fortune, New York Times, Washington Post and more.

    Join the discussion on December 14th!
  • SIEM for the Cloud? The Essentials You Need to Know Recorded: Dec 6 2016 46 mins
    Chris Collard and Mark Campbell of IBM Security
    A cloud-delivered security intelligence platform can help you make sense out of the mountains of data collected from your expanded perimeter of cloud workloads and assets. However, it’s easy to get buried in a data avalanche. Join us as we discuss the essentials for making sense out of cloud data and keeping your workloads secure using Security Information and Event Management delivered from the cloud.

    Speakers:
    Chris Collard
    Chris is an information security professional with over 15 years of experience managing information systems and services. He is a Certified Information Systems Security Professional (CISSP) and holds a Certificate of Cloud Security Knowledge (CCSK) from the Cloud Security Alliance. He is Offering Manager for QRadar on Cloud.

    Mark Campbell
    Mark is the Cloud Security Portfolio Manager for IBM Security. He is a cloud and IT security veteran with more than 15 years of helping clients to adopt security and cloud technologies.
  • Future Proofing the Connected World - 13 Steps to Developing Secure IoT Product Recorded: Nov 29 2016 54 mins
    Brian Russell, Drew Van Duren, Steven Markey, Ron Del Rosario; and Elizabeth Lawler
    The CSA IoT Working Group released guidance in October 2016 focused on providing IoT product developers with recommendations for securing their products. This panel discussion will explore different perspectives on how the guidance can best be used by organizations seeking to secure IoT products. We will also discuss how to prioritize your security engineering efforts based on schedule and funding constraints.

    Speakers:
    Steven Markey, nControl LLC
    Brian Russell, Leidos
    Drew Van Duren, Security Innovation
    Ron Del Rosario, Five9
    Elizabeth Lawler, CEO Conjur
  • CSA SDP for IaaS Initiative: Research Preview Recorded: Nov 15 2016 47 mins
    Jason Garbis of Cryptzone and Puneet Thapliyal of TrustedPassage
    Since March 2016, when the CSA launched this new Software-Defined Perimeter for IaaS initiative, more and more organizations have embraced the Software-Defined Perimeter model and are benefitting from the seamless protection it offers, whether on-premises or in the cloud. SDP can better protect IaaS services for Enterprise usage, and deliver uniform and seamless protection of on-premises and IaaS resources, enabling cost savings and agility, and a more dynamic infrastructure.

    In this webinar, the leaders of the SDP-for-IaaS initiative will provide a preview of the forthcoming research and use cases that this working group has developed. This research focuses on how SDP can uniquely address security, compliance, IT administration and management challenges for cloud service providers and enterprises alike. If you’d like to hear more about securing your IaaS workloads, you’ll want to attend!
  • Conducting Security Investigations in Minutes (or Less) Recorded: Nov 8 2016 55 mins
    Doron Shiloach, Senior Product Manager at IBM
    Learn how to use threat intelligence to shorten investigation time and improve security decision making. From the right content to the best delivery format, learn the top considerations for picking a threat intelligence source and making it work with your security practice. Join the session to learn how to make the most of threat intelligence, what to look for in a threat intelligence feed, and best practices for integrating feeds into your existing solutions.
  • Developing a Proactive Approach to GDPR Compliance Recorded: Nov 3 2016 49 mins
    Yael Nishry and Doug Lane of Vaultive
    As the May 25, 2018 deadline for compliance with the new General Data Protection Regulation (GDPR) rapidly approaches, enterprise IT organizations must implement a cloud data security strategy that supports compliance and minimizes their organization’s exposure to new breach notification requirements and financial penalties as high as 20 million Euros or 4 percent of total annual turnover.

    Yael Nishry and Doug Lane from the Vaultive team have extensive backgrounds in risk management and enterprise security technologies. Join them for this event as they discuss what organizations should be doing to prepare for this new regulation.

    During this webinar you'll learn:

    · The key cloud data security takeaways from GDPR

    · What steps can you take to mitigate risk and reduce the notifications required in the event of a data breach

    · The challenges of data transfers under the new regulation and how to overcome them

    · What is the role and expectation of your cloud provider when it comes to GDPR

    · How your company can enforce best-practice segregation of duties between your data and the cloud service provider processing it
  • Defeating the Insider Threat: Don't Have Your Head in the Clouds Recorded: Oct 19 2016 44 mins
    Evelyn De Souza and Mary Beth Borgwing
    Everything we know about defeating the Insider Threat seems not be solving the problem. That's why the Cloud Security Alliance with special commentary from LemonFish Technologies undertook new research to understand the extent of this issue.

    Join the Cloud Security Alliance Strategy Advisor, Evelyn de Souza, Mary Beth Borgwing, President of LemonFish Technologies...
    -Uncover the extent of insider threats
    -Learn what happens to data after its being exfiltrated
    -Tools to mitigate insider threats going forward.
  • IT Security & Privacy Governance in the Cloud Recorded: Oct 18 2016 61 mins
    Moderated by Rebecca Herold, The Privacy Professor; Jacqueline Cooney, BAH, Daniel Catteddu, CSA, Chris Griffith from HPE
    After multiple newsworthy data breaches in recent times, IT security and privacy governance has gained importance across the globe. Most organizations have established security and compliance policies and procedures to protect their intellectual property and corporate assets, especially in the IT space. As companies transition their applications and data to the cloud, it is critical for them to maintain, or preferably surpass, the level of security they had in their traditional IT environment. Leaders are also responsible for defining policies to address privacy concerns and raise awareness of data protection within their organization, and for ensuring that their cloud providers adhere to the defined privacy policies. Failure to ensure IT Security when using cloud services could ultimately result in higher costs and potential loss of business, thus eliminating any of the potential benefits of the cloud.

    While security and privacy are related, they are also distinct. IT security is primarily concerned with defending against attacks, not all of which are aimed at stealing data, while privacy is specifically related to personal data held by an organization, which may be endangered by negligence or software bugs, not necessarily by malevolent persons. On this webinar our panel of experts will address some of the key distinctions, and discuss some best practices for managing IT security and implementing privacy governance for the cloud.
Education on the uses of Cloud Computing, Security and Privacy.
To promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing.

Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa, @CSAResearchGuy

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Overcoming the Challenges of Securing Hybrid Enterprises
  • Live at: Apr 13 2017 4:00 pm
  • Presented by: Cryptzone
  • From:
Your email has been sent.
or close