Hi [[ session.user.profile.firstName ]]

Building a Security Strategy to Encompass the Internet of Vulnerable Things

With IoT expanding into every corner of our world it becomes critical to create a strategy to successfully secure your organization. But, where should you start when creating an IoT strategy for your organization?

Join Rapid7’s IoT research lead, Deral Heiland, to learn how to protect your organization in today’s IoT-centric world. Some of the topics Deral will discuss include:

1. IoT guidelines that have been created or are currently under construction by civilian and government standards organizations
2. What these guidelines mean for citizens and organizations
3. How these various recommendation can be effectively used to build a robust IoT security strategy for your organization
Recorded Jun 10 2019 24 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Deral Heiland, IoT Research Lead, Rapid7
Presentation preview: Building a Security Strategy to Encompass the Internet of Vulnerable Things

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • How to Prove the ROI of Your Detection and Response Program Jun 11 2020 1:00 am UTC 48 mins
    Meaghan Donlon, Senior Product Marketing Manager, Rapid7
    Articulating the return on investment (ROI) of your security program can be a challenge - especially when you’re communicating to stakeholders outside of your core team. While security professionals might know “good” when they see it, understanding the ROI of your program is still a worthwhile exercise. Insight on your ROI is valuable for communicating with stakeholders, influencing company culture and behavior around security, and evaluating investments. In this webcast we’ll talk about how to evaluate the ROI of your detection and response program, and also explore strategies on how to leverage this data to shift perception around security at your business.
  • Is Your Organization Ready for Automation? Jun 10 2020 6:00 pm UTC 59 mins
    Cindy Jones, Kevin Gilstrap, Scott King, and Michael Clark
    Today’s security and IT teams are struggling to keep up. The digital landscape is constantly changing and between disparate, unintegrated systems and repetitive, manual processes, security teams are having a difficult time getting ahead. There are too many alerts, not enough time to investigate them all, and staff are on the verge of burnout.

    Security orchestration and automation (SOAR) tools introduce ways for security teams to streamline and improve their everyday processes. But, is your organization ready for automation?

    Join us for an engaging discussion where you’ll learn:

    Key considerations that should be in place before implementing automation
    When is the right time to add automation (and when it isn’t)
    Which common security tasks are ideal to automate
    How to prepare your organization for SOAR


    Cindy Jones, Principal Advisory Services Consultant
    Kevin Gilstrap, Mgr, Security Consulting
    Scott King, Sr. Director, Advisory Services
    Michael Clark, Principal Incident Response Consultant
  • 5 Reasons to Outsource Detection & Response Operations Jun 9 2020 1:00 am UTC 38 mins
    Chris Hartley - Regional Director for UK & Ireland, Rapid7, and Warwick Webb - Security Practitioner, Rapid7
    Security has played a positive role in enabling business over the recent weeks. This has been demonstrated by allowing remote workforces to remain productive and the hard work of security teams to keep operations running. However all this is putting a strain on the internal resources trying to protect their critical business assets from both external attackers and insider threats.

    At Rapid7 we are taking a practical role in helping ensure security advice and guidance is available for all, and we will be running a series of talk tracks to help provide a measured perspective on how to remain secure and operational with the resources you have.

    Join us for this live talk where Chris Hartley, Director at Rapid7 UK & Ireland, and Warwick Webb, Security Practitioner, will discuss the top 5 reasons why some organisations are looking to augment or outsource their threat detection and response operations including:

    · Talent shortage in cybersecurity and why specialisation is key
    · Business continuity and the impact of ‘always on’
    · Threat intelligence and global visibility of the threat landscape
    · Role of threat hunters in incident response

    We’ll also be joined by customer, Simon Parry from the Development Bank of Wales to reveal how they are using managed services in their own environment and which elements of managed detection and response are most important the success of their security program.
  • [Panel Talk] Navigating the New Normal: Cyber & Cloud Best Practices Jun 5 2020 9:00 am UTC 32 mins
    Cindy Stanton,VP Product Marketing; Scott King, Director Security Advisory Services; Derek Abdine, Director Security Research
    As communities around the world start to discuss reopening, it poses a lot of questions for organizations:
    Is the virtual workforce here to stay, and what does it mean for your security posture? Which of the emergency security practices you enacted are working, and which are not? What role does the cloud play in all of this? Should you be accelerating migration plans, what immediate threats do you need to watch for, and the list goes on.
    These are all equally important and valid questions, but knowing where to start can feel daunting.
    Join Rapid7’s Vice President of Product Marketing, Cindy Stanton; Senior Director, Security Advisory Services, Scott King; Senior Director, Security Research, Derek Abdine; and series moderator, Vice President Global Growth Marketing and Operations, Tom Rogers as they discuss industry trends and research they’ve been collecting, how they’re approaching security as it relates to reopening Rapid7, cloud best practices, and more.
  • 2020 Threat Report Jun 3 2020 1:00 am UTC 54 mins
    Wade Woolwine, Prin. Threat Intelligence Researcher; Kwan Lin, Prin. Data Scientist; Tod Beardsley, Research Director
    At Rapid7, we’re obsessed with giving our customers, prospects, and the industry as a whole the knowledge, tools, and telemetry to achieve positive outcomes within their security programs.

    In our latest threat telemetry data analysis we look at how internet-exposed systems and valid accounts are being targeted by attackers and provide recommendations to mitigate and remediate these threats.

    We also cover how to measure and improve how external attackers see your organization with respect to what systems and services are available on the internet, discuss the importance of account security through multi-factor authentication, password complexity requirements and more.

    Tune in as our research team provides you with the insight needed to help you prioritize these threats and safeguard your employees and business.
  • Have no Fear, Security Automation is Here Recorded: May 28 2020 25 mins
    Sydney Coffaro, InsightConnect Product Specialist
    Security automation is a hot topic today, as security teams are looking to effectively leverage technology to make their security operations run more smoothly. With automation all the rage, comments like “we should be automating more” are becoming an ongoing theme. Dedicating time and resources to implement automation is often viewed as a huge level of effort, but adding automation to your most time-intensive security processes doesn’t have to be an intimidating undertaking. Did you know that with a small investment, you can realize tremendous ROI and value from automation, faster than ever before?

    In this demo of InsightConnect, you will learn about:
    1. Overview of automation workflow building blocks
    2. Real use cases teams struggle with today, including phishing, SIEM investigation and response, patching, and more
    3. How you can integrate security automation and orchestration into your existing SecOps programs
    4. How automation will improve efficiency across the processes and tools you’re executing manually today
  • Behind the Scenes of Managed Detection & Response Service Recorded: May 26 2020 47 mins
    Marcus Eaton, Lead Security Solutions Engineer, Jason Prescott, Manager Threat Detection, Douglas Wainer, Threat Analyst
    You might think of a security operations center like a stereotypical movie war room: a dark room filled with complex maps, fancy monitors, and analysts on headsets. However, most SOCs aren't really a physical presence or room; more accurately, they're a formally organised team that's dedicated to a specific set of security roles and responsibilities for detecting and validating threats within your environment.
    No matter a company's size or purpose, it’s valuable to have a dedicated organisational-level team whose job is to constantly monitor security operations and incidents and respond to any issues that may arise. The various responsibilities within a cybersecurity team can be extremely complex, and a SOC can not only serve as the tactical console to empower team members in performing their day-to-day tasks, but also as a strategic center to keep the team aware of bigger, longer-term security trends.

    In this webcast, our threat detection specialists will reveal;
    · How known and unknown threats are identified in our customer environments
    · The intelligence behind threat hunting
    · How our SOC uses threat intelligence to detect, investigate and respond to incidents
    · What a typical day in the life of a SOC Analyst looks like
  • It's time to get cirrus about the cloud Recorded: May 22 2020 49 mins
    Graeme McMillan, Sr. Security Solutions Engineer & Justin Buchanan, Senior Manager of VM Offerings
    Find yourself gazing towards the cloud with roughly the same intrepidation as the Wright brothers did when they looked to the clouds? Although somewhat daunting,the public cloud has sparked an IT migration worth billions.

    Many organizations have turned to the agility of the cloud as a means of accelerating growth and streamlining operations. However, with the somewhat endless list of services and options now available, some companies could certainly find themselves straying from a well architected solution.

    Join Rapid7 as we explore the shift and share how to ensure you're formulating a secure cloud approach.
  • Behind the Scenes of Managed Detection & Response Service Recorded: May 22 2020 48 mins
    Marcus Eaton, Lead Security Solutions Engineer, Jason Prescott, Manager Threat Detection, Douglas Wainer, Threat Analyst
    You might think of a security operations center like a stereotypical movie war room: a dark room filled with complex maps, fancy monitors, and analysts on headsets. However, most SOCs aren't really a physical presence or room; more accurately, they're a formally organised team that's dedicated to a specific set of security roles and responsibilities for detecting and validating threats within your environment.
    No matter a company's size or purpose, it’s valuable to have a dedicated organisational-level team whose job is to constantly monitor security operations and incidents and respond to any issues that may arise. The various responsibilities within a cybersecurity team can be extremely complex, and a SOC can not only serve as the tactical console to empower team members in performing their day-to-day tasks, but also as a strategic center to keep the team aware of bigger, longer-term security trends.

    In this webcast, our threat detection specialists will reveal;
    · How known and unknown threats are identified in our customer environments
    · The intelligence behind threat hunting
    · How our SOC uses threat intelligence to detect, investigate and respond to incidents
    · What a typical day in the life of a SOC Analyst looks like
  • Developing Strategies for Healthcare Cybersecurity Recorded: May 21 2020 58 mins
    Scott King, Xavia Hennessy, Patrick Noyes, Rick Bremer
    The healthcare industry struggles like many other industries to keep tabs on their IT landscape, which is what the cybersecurity teams depend on as a source of truth. Asset inventories, accurate network diagrams, system to business function mappings, and sensitive data inventories (among others) are critical to the protection of healthcare systems and data.

    Rapid7 has broad exposure to the cybersecurity challenges operational systems (patient life support), IoT and general business systems (patient data), and SaaS and cloud encounter and the risks that can easily be left unmanaged. From our experience breaking into, monitoring and intrusion response, and customer advisory we have seen a lot.

    Join us to hear from a panel of Rapid7 security experts on the challenges we see and the recommendation we offer to the healthcare industry.
  • [Panel Talk] Remote Work Readiness: How Customers are Securing Remote Workforces Recorded: May 20 2020 27 mins
    Richard Kaufmann - Director, Amedisys, Alex Burinskiy, Manager - Sec Engineering, Cengage, Ryan Fried - Sec Analyst, Coverys
    As organizations virtually transform their workforces, employees are becoming more dependent than ever on digital infrastructures to stay connected and productive. Critical security measures must be in place to ensure secure access to critical data, systems, and services. Organizations have to be vigilant about maintaining high cyber hygiene standards to prevent the rise of attacks capitalizing on uncertainty and fear.
    Every organization is navigating these challenges differently, with their own perspective and expertise. We’re bringing a few of our customers to share their stories and experiences navigating business continuity during this time of crisis.
    Join Richard Kaufmann, Director, Amedisys, Alex Burinskiy, Manager of Security Engineering, Cengage, and Ryan Fried, Security Analyst, Coverys, to learn how they are navigating the challenges of maintaining business continuity.
  • [Panel Talk] Remote Work Readiness: How Customers are Securing Remote Workforces Recorded: May 19 2020 26 mins
    Richard Kaufmann - Director, Amedisys, Alex Burinskiy, Manager - Sec Engineering, Cengage, Ryan Fried - Sec Analyst, Coverys
    As organizations virtually transform their workforces, employees are becoming more dependent than ever on digital infrastructures to stay connected and productive. Critical security measures must be in place to ensure secure access to critical data, systems, and services. Organizations have to be vigilant about maintaining high cyber hygiene standards to prevent the rise of attacks capitalizing on uncertainty and fear.
    Every organization is navigating these challenges differently, with their own perspective and expertise. We’re bringing a few of our customers to share their stories and experiences navigating business continuity during this time of crisis.
    Join Richard Kaufmann, Director, Amedisys, Alex Burinskiy, Manager of Security Engineering, Cengage, and Ryan Fried, Security Analyst, Coverys, to learn how they are navigating the challenges of maintaining business continuity.
  • Angriffserkennung und -abwehr: Aufbauen oder kaufen? (German) Recorded: May 19 2020 56 mins
    Daniel Prauser Manager, Solutions Engineering
    Die IT Landschaften der Unternehmen unterziehen sich aktuell einer starken Veränderung. Security-Teams stehen vor der Herausforderung die Sicherheit und Sichtbarkeit trotz der steigenden Anzahl an Remote Arbeitsplätzen zu gewährleisten.

    Wenn ein Mitarbeiter remote arbeitet, kann es für Sicherheitsteams eine Herausforderung werden, zu definieren, welches Verhalten für den Benutzeraccount “normal” ist. Wie unterscheidet man nun zwischen einem legitimen und einem verdächtigen Standortwechsel? Wie erkennt man schnell ungewöhnliches Nutzerverhalten, und was passiert dann?

    Wer sich auf die Suche nach einer technologischen Lösung begibt, stößt schnell auf eine ganze Reihe an Abkürzungen: SIEM, IDR, MDR, SOC, UBA, ABA, EDR, IDS und viele andere.

    Ein SIEM-System ist womöglich das bekannteste Tool. Doch ist das für Sie das richtige? Nach welchen Kriterien entscheiden Sie sich? Wann ist es sinnvoll, sich mit dem Aufbau eines eigenen SOC zu beschäftigen? Wann sollte man lieber outsourcen?

    Im Webinar besprechen wir folgende Punkte:

    • Was ist was: Begriffe und deren Einordnung
    • Angriffserkennung und -abwehr: Lösung im Haus vs. Managed Service
    • Anforderungen an das eigene Programm zur Angriffserkennung und -abwehr
    • Wie ausgereift ist IT-Sicherheit in Ihrem Unternehmen?
    • Wann ist es sinnvoll auf Managed Service zu setzen?
    • Was ist für Sie das Richtige?
  • Developing Strategies for Healthcare Cybersecurity Recorded: May 19 2020 58 mins
    Scott King, Xavia Hennessy, Patrick Noyes, Rick Bremer
    The healthcare industry struggles like many other industries to keep tabs on their IT landscape, which is what the cybersecurity teams depend on as a source of truth. Asset inventories, accurate network diagrams, system to business function mappings, and sensitive data inventories (among others) are critical to the protection of healthcare systems and data.

    Rapid7 has broad exposure to the cybersecurity challenges operational systems (patient life support), IoT and general business systems (patient data), and SaaS and cloud encounter and the risks that can easily be left unmanaged. From our experience breaking into, monitoring and intrusion response, and customer advisory we have seen a lot.

    Join us to hear from a panel of Rapid7 security experts on the challenges we see and the recommendation we offer to the healthcare industry.
  • Live Dragons and Incident Response Plans Recorded: May 17 2020 54 mins
    Jeremiah Dewey, Senior Director, Global Consulting, Rapid7
    J. R. R. Tolkien may not be the obvious starting point for incident response planning, but he definitely had a good deal to say about the perils of dragons. As his character, Gandalf correctly states in the story of the Hobbit “It does not do to leave a live dragon out of your calculations, if you live near him.” – very wise words indeed. Unless you’re reading this from Middle Earth, we’re pretty sure there aren’t any actual dragons living in your neighborhood, so during this webcast we’ll be focussing on how you can be well prepared in case of analogous ones by having a solid and relevant incident response plan. Join Jeremiah Dewey, seasoned incident response wizard (not his actual job title, although it probably should be), to ensure your organization’s IR plans are analogous-dragon-ready.

    In this session, you’ll hear about:

    1. What your incident response plans should cover (and what they should not)
    2. Who you should involve in the IR planning process
    3. How you can use threat modeling and business impact as your guide
    4. When you should review and update your IR plans
    5. Why you should put your IR plans through their paces outside of a real incident
  • Collaborating with IT/DevOps Teams and Reducing Risk Recorded: May 13 2020 30 mins
    JC Polanycia, Jonny Beggs, Kolby Allen, Kurt Hazel
    As modern ecosystems evolve, your risk exposure changes by the minute. Each year you see the amount of data grow exponentially, the threat of attacks become more sophisticated, and the challenges of minimizing risk and optimizing operations are becoming more challenging. It sometimes feels like a never-ending battle, but reducing risk is possible.

    Join our panel of security professionals as they talk through:

    Their experiences and challenges faced when reducing risk in their environments
    Best practices and lessons learned from working with technical teams to drive remediation
    InsightVM’s collaborative capabilities used to make progress in reducing risk

    JC Polanycia, Security Engineer, Infor
    Jonny Beggs, Security Operations Lead, Rapid7
    Kolby Allen, Platform Operations Architect, Zipwhip
    Kurt Hazel, IT Security Manager, Security Finance
  • Live Dragons and Incident Response Plans Recorded: May 13 2020 54 mins
    Jeremiah Dewey, Senior Director, Global Consulting, Rapid7
    J. R. R. Tolkien may not be the obvious starting point for incident response planning, but he definitely had a good deal to say about the perils of dragons. As his character, Gandalf correctly states in the story of the Hobbit “It does not do to leave a live dragon out of your calculations, if you live near him.” – very wise words indeed. Unless you’re reading this from Middle Earth, we’re pretty sure there aren’t any actual dragons living in your neighborhood, so during this webcast we’ll be focussing on how you can be well prepared in case of analogous ones by having a solid and relevant incident response plan. Join Jeremiah Dewey, seasoned incident response wizard (not his actual job title, although it probably should be), to ensure your organization’s IR plans are analogous-dragon-ready.

    In this session, you’ll hear about:

    1. What your incident response plans should cover (and what they should not)
    2. Who you should involve in the IR planning process
    3. How you can use threat modeling and business impact as your guide
    4. When you should review and update your IR plans
    5. Why you should put your IR plans through their paces outside of a real incident
  • 2020 Threat Report Recorded: May 7 2020 54 mins
    Wade Woolwine, Prin. Threat Intelligence Researcher; Kwan Lin, Prin. Data Scientist; Tod Beardsley, Research Director
    At Rapid7, we’re obsessed with giving our customers, prospects, and the industry as a whole the knowledge, tools, and telemetry to achieve positive outcomes within their security programs.

    In our latest threat telemetry data analysis we look at how internet-exposed systems and valid accounts are being targeted by attackers and provide recommendations to mitigate and remediate these threats.

    We also cover how to measure and improve how external attackers see your organization with respect to what systems and services are available on the internet, discuss the importance of account security through multi-factor authentication, password complexity requirements and more.

    Tune in as our research team provides you with the insight needed to help you prioritize these threats and safeguard your employees and business.
  • Improving Patching Efficiency with Automation Recorded: May 6 2020 46 mins
    Justin Buchanan, Senior Product Marketing Manager Nick McKee, Technical Product Manager
    You have a good process down when it comes to understanding risk in your environment, but how do you go about working with others teams and implementing processes to actually reduce the risk? This can be quite challenging, especially if you’re reducing all risk manually. Join us as we dive into the most common challenges faced when it comes to risk reduction, how to overcome these challenges in tactical ways, and the automation capabilities available in Rapid7 InsightVM that help you reduce risk in a big way.

    During this webcast, you’ll learn about:

    Top challenges that prevent the acceleration of remediation and risk reduction
    Actionable ways to overcome top remediation challenges that you can start implementing today
    InsightVM’s risk reduction capabilities that save you a lot of time and headaches
  • [Panel Talk] Remote Work Readiness: Leveraging Your Security Partners Recorded: May 6 2020 34 mins
    Rapid7’s VP - EMEA Sales David Howorth, VP - Managed Services Jeremiah Dewey, Mimecast's Director Enterprise Matthew Gardiner
    Companies have been taking major steps to manage their rapidly evolving environments - particularly around protecting their workforces, stabilising their supply chains, and focusing on their customer experience.
    If your business has been disrupted, your supply chain and partner vendors may have experienced some changes to their business continuity. What questions should you be asking them? What can you expect during this period of disruption?
    Rapid7’s Vice President of EMEA Sales David Howorth, and Vice President of Managed Services Jeremiah Dewey, will be joined by Mimecast's Director Enterprise Security Campaigns Matthew Gardiner to discuss how they are ensuring business continuity for their customers.
Powering the Practice of SecOps
Organizations around the globe trust Rapid7 technology, services, and research to help them securely advance. The visibility, analytics, and automation delivered through our Insight cloud simplifies the complex and helps security teams reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks. Learn more at www.rapid7.com

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Building a Security Strategy to Encompass the Internet of Vulnerable Things
  • Live at: Jun 10 2019 4:00 pm
  • Presented by: Deral Heiland, IoT Research Lead, Rapid7
  • From:
Your email has been sent.
or close