Hi [[ session.user.profile.firstName ]]

5 Steps to Protecting Your Data in Today's Cloud- and Mobile-First World

The rapid adoption of cloud and mobile in the enterprise is powering the transformation of legacy IT systems to more modern technology and processes. The business benefits of speed and agility for the enterprise can’t be denied, but the challenge is that security is often not considered a part of this digital transformation. The result is new blind spots are introduced in this cloud- and mobile-first world and legacy security tools are ineffective when it comes to protecting your data.

In this session, we will discuss the new blind spots that exist in today's cloud- and mobile-first world and 5 steps you can take to help ensure that your data is protected.

Join this session to learn:

- About new blind spots that exist in today’s cloud- and mobile-first world
- Why legacy security tools are ineffective
- 5 steps to covering these new blind spots
Recorded Jun 13 2019 54 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Bob Gilbert, Chief Evangelist and VP Product Marketing, Netskope
Presentation preview: 5 Steps to Protecting Your Data in Today's Cloud- and Mobile-First World

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Rethinking Threat Intelligence with the LEAD Framework Dec 19 2019 5:00 pm UTC 60 mins
    Filip Stojkovski, Threat Intelligence Manager, Adobe
    Adobe has been using threat intelligence for many years as part of the SOC, Incident Response, and Threat Hunting teams. But how do you start applying threat intelligence techniques and models to security efforts outside of these traditional areas? To help try and accomplish this, Adobe has created the 'LEAD' Treat Intelligence framework. It is based upon a unique maturity model that combines machine learning with automation and security orchestration.

    Join this webcast to learn how Adobe developed the LEAD model and how they are using it to both advance our existing threat intelligence operations as well as help solve a broader set of cloud security problems.
  • The Scary and Honest Truth About Securing the Public Cloud Dec 17 2019 6:00 pm UTC 60 mins
    Bill Prout, Director of Global Public Cloud, Sophos
    Workloads in the public cloud are the new pot of gold for savvy cybercriminals. Often misconfigured and under-secured, they’re an easy way for hackers to steal data and take advantage of your processing power.

    Join this webcast to learn valuable tips to help your organization solve the toughest challenges around public cloud security.
    - Close hidden gaps in cloud security
    - How to automate security at the pace of DevOps
    - Shrink incident response times to prevent cyberattacks and compliance penalties
  • Automating Firewall Change Requests Dec 12 2019 5:00 pm UTC 60 mins
    Ben Chinoy, Security Researcher, Adobe & Jason Joy, Sr. Enterprise Security Engineer, Adobe
    As many companies transform to multi-cloud environments, managing firewall changes at the speed of development teams can be challenging. Teams across Adobe are constantly evolving cloud services to continue to delight our customers. But one of the major challenges is in helping to ensure that the firewall change requests to support their work happen efficiently and securely. They receive hundreds of access requests each month for access to services. However, manually reviewing each one can be a time-consuming process that comes with the risk of human error. Adobe set out to try and mitigate this potential risk by automating as much of the process as possible.

    This webcast Ben Chinoy, Security Researcher at Adobe and Jason Joy, Senior Enterprise Security Engineer at Adobe, will discuss the issues they faced in automating this common process in cloud app development securely and introduce the tooling they developed to assist.
  • Cyber criminals are adopting cloud services just as rapidly as the rest of us! Dec 10 2019 10:00 am UTC 60 mins
    Paolo Passeri - Cyber Intelligence Principal; Neil Thacker - CISO EMEA; & Ross Asquith - Security Transformation Principal
    Join Netskope for a 45 minute webinar, looking at the dark side of cloud - where it’s used not by respectable enterprises like yours, but instead by cyber criminals intent on attacking your respectable enterprise.

    It’s not surprising that cyber criminals are embracing the cloud, they’re after the same benefits that you are, such as scalability, business continuity, reliability, and reduced costs. Your organisation is adopting cloud, and this means opening up access to those same cloud environments used by cyber criminals and hackers. So, how do you make sure you’re not inadvertently opening a backdoor that allows your organisation to be compromised?

    On this webinar Netskope’s expert panel will provide:
    -Insight into the rapidly growing cloud threat landscape, and an overview of the cloud-enabled kill chain.
    -A live demonstration of how cyber criminals are using cloud to successfully deliver threats, and then also remotely control compromised machines using popular cloud services.
    -Guidance on how to ensure your employees are not accessing high risk cloud applications, and that they are only accessing your instances of cloud services.
  • Network Security’s Future is in the Cloud Dec 3 2019 6:00 pm UTC 60 mins
    Jason Georgi, Field Chief Technology Officer for Prisma Access, Palo Alto
    Cloud adoption and user mobility are shifting the locations of applications, data and users. These changes create new vectors for cybersecurity risk. Organizations need a way to securely enable digital business transformation and innovation. We believe that this requires a fundamentally different approach: both security and networking must be delivered in the cloud.

    Join this discussion with Jason Georgi, Field CTO for Prisma Access at Palo Alto Networks, and explore best practices to secure your cloud initiatives with Prisma Access, a Secure Access Service Edge (SASE) platform, by bringing together industry-leading security and SD-WAN capabilities in the cloud.
  • Rethink Infrastructure Access with Zero Trust Nov 21 2019 5:00 pm UTC 57 mins
    Ivan Dwyer, Product Marketing, Okta & Dr. Chase Cunningham, Principal Analyst, Forrester
    As you adopt cloud IaaS to meet business goals, effective security controls can’t be an afterthought. This elastic infrastructure environment requires smart access controls; but how do you adhere to your security policies without limiting automation?

    Join this webinar to learn how to effectively secure server access by applying the core principles of Zero Trust and enforce strict just-in-time, least privilege access in a manner that doesn't get in the way of productivity.

    Featured guest Dr. Chase Cunningham, principal analyst for Forrester Research, and Ivan Dwyer from Okta will discuss:
    - Why you need to re-think your infrastructure access approach
    - Why identity is the cornerstone of securing server access
    - How to put Zero Trust in practice across the infrastructure layer
    - Why secure server access is a strong “tip of the spear” use case for larger Zero Trust initiatives
  • Incorporating Identity in Your Security and Zero Trust Strategies Recorded: Nov 19 2019 54 mins
    Joe Gottlieb, SVP of Strategy and Business Development, SailPoint & Erik Bartholomy, Security Architect, LogRhythm
    Experts predict that total losses related to cybercrime will reach $6 trillion in 2021. The weapon of choice has been compromised identity and yet security teams run for the door when discussing identity and access management. The rapid adoption of cloud and mobile is forcing organizations to rethink their security model, with Zero Trust generating the most noise these days. In this webinar, we’ll explore how the emerging intersection of identity and security can reduce the risk of a breach (and the resulting financial and reputational losses) and enable a modern day Zero Trust approach.

    The Identity Defined Security Alliance is dedicated to helping organizations improve their security posture through identity-centric security strategies, education and frameworks. Join Joe Gottlieb, IDSA Executive Board Member and SailPoint SVP of Strategy and Corporate Business Development and Erik Bartholomy, LogRhythm Security Architect, to learn how:
    - You can make identity and security work better together
    - Identity-centric security is redefining Zero Trust
    - LogRhythm was able to fully transition to the cloud, eliminate infrastructure (VPNs, firewalls and directories) and become more secure
  • Cloud Security Fails of 2019 and Where to Focus in 2020 Recorded: Nov 14 2019 58 mins
    Fernando Montenegro, Principal Analyst, 451 Research and Rachel Pepple, Cloud and Security Marketer, ExtraHop
    Security has become one of the most pressing issues for organizations that are moving to the cloud. In this webinar, industry analyst Fernando Montenegro from 451 Research and Rachel Pepple from ExtraHop will take us through the cloud security journey that many enterprises have been on during the past years, looking at the realities of the high points and low points. Based on this look back, Rachel and Fernando will then pivot to what organizations can expect in 2020, where investments should be made, what trends should be closely monitored, and what best practices security teams should consider for a stronger security posture in the cloud.
  • Reimagine Your Perimeter Recorded: Nov 7 2019 57 mins
    Bob Gilbert, Vice President and Chief Evangelist, Netskope
    Recent research shows that more than 85% of web traffic is comprised of cloud services. The rapid adoption of cloud and mobile is fundamentally changing network traffic patterns and the movement of data, rendering existing network and security models obsolete. This shift is resulting in enterprise security teams supplementing next-gen firewalls (NGFWs), secure web gateways (SWGs), and VPNs with cloud access security brokers (CASBs). 

    While CASBs address a key set of cloud-specific use cases tied to visibility, data security, compliance, and threat protection, your dissolving corporate perimeter is also forcing security teams to rethink their entire legacy security stack. After all, if most of your web traffic is comprised of cloud services, why does a majority of your security spend on security tools that are not effective in this new world?
    Join this session to learn about:
    - New blind spots that exist with legacy security tools
    - Why simply moving legacy security tools to the cloud is not enough
    - Top cloud security use cases driving the need for a new perimeter
    - The essential requirements for a new, more effective perimeter
  • Is Your Business Audit-Ready? 3rd Party Risk Management Best Practices Recorded: Nov 5 2019 59 mins
    Kelsey Naschek, CIPP/E, CIPM, Privacy Engineer at OneTrust
    As the regulatory landscape for data privacy, security, and third-party risk management continues to change rapidly, so do the needs of the businesses that need to comply with the laws. Many organizations are still unsure of how to best tackle their most challenging tasks to not only maintain compliance internally, but across their third and fourth party relationships as well. In this webinar we'll cover the following:
    - How to streamline third-party risk management for compliance with major regulations like GDPR, CCPA, OCC, etc.
    - The key requirements of major third-party risk management regulations and standards
    - What activities should be completed to prepare for third-party risk compliance
  • Transformation of Cybersecurity Risk Recorded: Oct 31 2019 55 mins
    Alex Heid the Chief Research & Development Officer at SecurityScorecard
    The cyber landscape is continuing to evolve, and we're seeing digital trends continue to change. Digital technologies are accelerating the ability to do business, and really digitizing everything. In some ways, it's becoming quite common and helping people grow, fast. But at the same time, it raises incredibly significant challenges about cyber security risk, and challenges the way that we should structure our programs - safely. Join us as we discuss how organizations deal with cyber security risk, how they can influence others - all while evolving and transforming their own programs.
  • How to Stop Cloud Threats by Leveraging CASB With a People-Centric Cybersecurity Recorded: Oct 29 2019 56 mins
    Itir Clarke of Proofpoint & Rich Mogull of CSA
    Once your organization migrates to the cloud, protecting your people and the data they create becomes more challenging and critical than ever. Cybercriminals are launching wide-scale brute force attacks on cloud services to compromise user accounts. 85% of Office 365 and G Suite tenants are targeted. After taking over your trusted accounts, threat actors use social engineering tactics to trick even the most savvy users to install malware, transfer money or hand over sensitive data. That's why a people-centric approach to your cloud security is one of the most effective ways to provide visibility and control over your cloud applications. So what does a people-centric strategy look like and how can you use it to better your overall cloud security?

    Join our experts for a deep dive into how to use a Cloud Access Security Broker (CASB) to protect your organization's IT-approved applications, such as Office 365 and G Suite that contain your most valuable assets: your people and data.

    In this session, we'll examine:
    - What the most prevalent cloud attacks are and how they target your VAPs, or Very Attacked People
    -Why a people-centric approach to cloud security is one of the most effective ways to protect your VAPs
    - The different CASB use cases, features, and architectures
    - What to look for in a CASB solution to mitigate the risks you're likely to face
  • A New Prescription for Cyber Security - Global IT Asset Inventory Recorded: Oct 24 2019 62 mins
    Chris Rodgers, Director of Product Management, Qualys & Jim Reavis, CEO and Co-founder of CSA
    Most people think that a network is a static event. However, with new types of devices, transient workloads, contract and guest participation, the system is fluid. At any given time,15-20% of the network is unseen or unmanaged. This is why the principle of maximum IT asset visibility is a fundamental prerequisite to improving your security posture. Simply put, it is difficult, if not impossible, to secure what we do not know or cannot see.

    During the webinar, Jim Reavis, co-founder and CEO of the Cloud Security Alliance, will discuss the challenges facing today's complex and hyper-connected IT environments. Additionally, Qualys' Chris Rodgers will explore:
    - Why comprehensive visibility is the foundation for your security architecture
    - The importance of visibility as it relates to compliance
    - A demonstration of the role visibility plays in threat hunting
    - Customer success stories highlighting how access to clean, reliable data with visibility and context enabled leads to effective business decisions
  • Why it's Time to Kill Your VPN Recorded: Oct 17 2019 38 mins
    Chris Scheels, Director of Product Marketing, Cyxtera
    VPNs are dangerous and overly complex. So why are we still pretending that VPNs are an effective security technology?

    Join this webinar if you are responsible for implementing Zero Trust or managing complex VPN environments.

    Learn why:
    - VPNs cannot support your move to Zero Trust
    - Managing VPNs is too complex for delivering granular access to a mobile workforce
    - Eliminating VPNs can deliver Zero Trust secure access to the cloud, DevOps and third parties
  • Master the Fundamentals of VM Analysis and Prioritization Recorded: Oct 17 2019 63 mins
    Robert Healey | Senior Director Marketing, Asia Pacific, Tenable
    Learn how you can effectively analyze vulnerability data to prioritize patching and remediation to reduce cyber exposure. Overcome vulnerability overload and gain insight into the following topics:
    1. Recognizing the value and limitations of CVSS scores for prioritization
    2. Identifying vulnerabilities most likely to be exploited in the near term
    3. Incorporating asset criticality into your analysis
    4. How to compare the effectiveness of your internal operations with industry peers and across internal business units
    5. How you can more effectively prioritize your efforts to reduce cyber risks
  • Diversify Defense — Improving Cybersecurity Through Smart Consolidation Recorded: Oct 15 2019 53 mins
    Jeff Costlow, Deputy CISO, ExtraHop & Craig Balding of CSA
    The rush to innovate has resulted in more sophisticated threat defenses, but it has also created a complex web of tools that must be managed by an already overworked and understaffed security team. Heterogeneity of defense systems is itself a defense, so modern security teams need to approach consolidation differently.

    In this session, Jeff Costlow, Deputy CISO at ExtraHop will give an abbreviated version of his keynote presentation at the upcoming CSA Summit at (ISC)² and share insights about how data-first approaches and cross-collaboration improve security posture and help reduce tool sprawl.
  • Zero Trust Application Delivery Pipeline Recorded: Oct 10 2019 44 mins
    Tony Morris, Enterprise Architect-Public Cloud, Hyland
    Zero Trust is a concept that is typically used to describe the security model for a company's infrastructure and data. Application delivery pipelines are typically managed using a perimeter-centric security model. In this session, we will discuss how to apply the core concepts of Zero Trust to the application delivery pipeline, helping to ensure your applications are delivered to production safely and securely.
  • Implementing CAIQ-Lite in a Cloud Vendor Security Assessment Workflow Recorded: Oct 8 2019 56 mins
    Nick Sorensen-CEO, Whistic & Azure Shen-Compliance Analyst, OneLogin & Samantha Cowan-Security Compliance Manager, HackerOne
    Come learn how leading technology companies are optimizing cloud vendor security assessments by leveraging the recently-released CAIQ-Lite in their workflow. Also learn how and why the CAIQ-Lite came to be, as well as best practices from early adopters.

    Takeaways from this webinar include...
    - An introduction of the history/creation of the CAIQ-Lite
    - Best practices for using CAIQ-Lite to perform security assessments of cloud vendors
    - A "behind the scenes" look at how technology companies are using both the CAIQ and CAIQ-Lite in their assessment workflows
  • The Future of Audit and Compliance: Controls Automation Recorded: Oct 3 2019 50 mins
    Prasant Vadlamudi, Director of Tech GRC at Adobe
    Over the past several years, we have developed and implemented Common Controls Framework (CCF) across Adobe, enabling our cloud products, services, platforms and operations to achieve compliance with various security certifications, standards, and regulations such as SOC2, ISO, PCI, HIPAA, FedRAMP and others. CCF is the foundational framework and backbone of our companywide security compliance strategy. It also provides the flexibility to quickly adapt to and tackle new compliance and certification requirements as needed for our business and solutions. We have also open-sourced CCF for other peer industries to leverage it for their compliance goals.

    As the next level of organic maturity for the CCF strategy @ Adobe, we are now developing and implementing a controls automation framework which will help enable near real time monitoring of the controls operating effectiveness. The CCF controls automation framework is intended to change the controls testing strategy from a point in time/reactive mode to near-real time monitoring, tracking and alerting. This mode of controls assessment via automation not only increases the frequency of testing, but also enable quicker remediation to reduce the risk of controls failure. This framework will also enable with scaling the CCF controls framework by making it easier for new services and product teams to onboard the controls as well as help eliminate the compliance fatigue imposed on the operations and engineering teams, and still reducing risk. During this webcast we will share the automation platform that is being built by Adobe and how it aligns with CCF and Adobe’s approach towards faster adoption of controls.
  • Software Defined Perimeter Architecture Guide Recorded: Oct 1 2019 18 mins
    Jason Garbis
    SDP combines well-proven technical and architectural components to protect networked applications and infrastructure, more efficiently and effectively than with traditional network security tools.
    This document serves to explain SDP, educate readers on its benefits, and encourage its adoption.
Educational series on cloud computing, security and privacy.
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. It also allows audience members the opportunity to earn (ISC)2 CPE Credits.

Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa, @CSAResearchGuy

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: 5 Steps to Protecting Your Data in Today's Cloud- and Mobile-First World
  • Live at: Jun 13 2019 5:00 pm
  • Presented by: Bob Gilbert, Chief Evangelist and VP Product Marketing, Netskope
  • From:
Your email has been sent.
or close