Hi [[ session.user.profile.firstName ]]

The Phantom Identity Menace

Attackers are moving away from direct assault, and instead are hijacking and exploiting user credentials to thwart security tools, and gain easy access to business data.  How can you strike back and stop breaches that attack your users far, far away?  
 
• Stop fighting previous battles – Attackers have moved on to a new, more vulnerable target
• Move Security techniques to a new future – Identity must be the core of security
• Re-angle the deflector shields – Legacy perimeter security isn’t enough
 
Join Chris Webber, Security Strategist at Centrify, and Eric Hanselman, Chief Analyst at 451 Research, as they discuss todays’ identity-based security risks, and how to arm yourself against them.
Recorded Feb 18 2016 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Chris Webber, Security Strategist at Centrify; Eric Hanselman, Chief Analyst at 451 Research
Presentation preview: The Phantom Identity Menace

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Industrial Cyber Security: How Much Is Enough? Recorded: May 18 2016 60 mins
    Waterfall Security Solutions
    A cyber incident in a large, complex industrial control system can have serious consequences, and all security technologies have limitations. This means we can always be more secure, or less. How then, should we evaluate security funding requests for industrial sites? How do we know how much is enough?

    The abstract, qualitative models that most of us use for cyber threats are poorly understood by business decision-makers, and are not easily compared to risk models for threats such as earthquakes and flu pandemics. We could force-fit cyber risks into more conventional models by "making up" numbers for the probability of serious incidents, but "made up" numbers yield poor business decisions.

    Most business leaders though, do understand cyber attack scenarios and their consequences, and find them much more useful than qualitative models or "made-up" probabilities. To communicate industrial cyber risks effectively, an assessment process should distill complex risk information into a small, representative set of high-consequence attack scenarios. Business decision-makers can then "draw a line" through the set, selecting which combinations of attacks, consequences and risks to accept, and which to mitigate or transfer.

    Join us to explore using attack scenarios to communicate risks, consequences, and costs to business decision-makers.
  • 2016 Bad Bot Report: Quantifying the Risk and Economic Impact of Bad Bots Recorded: Apr 5 2016 63 mins
    Derek Brink, VP of Research at Aberdeen Group  & Rami Essaid, CEO of Distil Networks
    Distil Networks has produced their third annual Bad Bot Report. It's the IT Security Industry's most in-depth analysis on the sources, types, and sophistication levels of last year's bot attacks -- and there are serious implications for anyone responsible for securing websites and APIs.

    Join Derek Brink, Vice President of Research at Aberdeen Group  and Rami Essaid, CEO of Distil Networks as they dive into the data to reveal:

    • 6 high-risk lessons every IT security pro must know
    • How to quantify the risk and economic impact of bad bots for your organization
    • How bot activity varies across websites based on industry and popularity
    • The worst offending countries, ISPs, mobile operators, and hosting providers

    Bad bots are the key culprits behind web scraping, brute force attacks, competitive data mining, online fraud, account hijacking, unauthorized vulnerability scans, spam, man-in-the-middle attacks, digital ad fraud, and downtime.

    Register today to gain actionable insights on how to defend your websites and APIs for the coming year of threats.

    Bonus: All registrants will receive a copy of Distil Networks’ 2016 Bad Bot Reports and a copy of the presentation slides.
  • The Phantom Identity Menace Recorded: Feb 18 2016 59 mins
    Chris Webber, Security Strategist at Centrify; Eric Hanselman, Chief Analyst at 451 Research
    Attackers are moving away from direct assault, and instead are hijacking and exploiting user credentials to thwart security tools, and gain easy access to business data.  How can you strike back and stop breaches that attack your users far, far away?  
     
    • Stop fighting previous battles – Attackers have moved on to a new, more vulnerable target
    • Move Security techniques to a new future – Identity must be the core of security
    • Re-angle the deflector shields – Legacy perimeter security isn’t enough
     
    Join Chris Webber, Security Strategist at Centrify, and Eric Hanselman, Chief Analyst at 451 Research, as they discuss todays’ identity-based security risks, and how to arm yourself against them.
  • Industrial Control Systems (ICS) Cyber Incidents - Real But Not Being Identified Recorded: Nov 18 2015 63 mins
    Joe Weiss- ICS Cyber Security Expert
    It’s often a challenge to address the ICS cyber security conversation in an organization that has yet to suffer a cyber incident. While the issue of defending against traditional IT cyber breaches goes uncontested ICS owner/operators still struggle to align traditional cyber threat vocabulary and remediation methods to their operational environments. Both malicious and unintentional cyber threats are not confined to data breaches and IT systems but they can be harder to identify in ICS environments. You have to know what you’re looking for.

    Joe Weiss has amassed a database of more than 700 confirmed control system cyber incidents. The database covers ICS cyber from around the globe. A vast majority incidents were not identified in official reports as being cyber-related but a review of the circumstances surrounding the event proves otherwise.

    During this webinar Weiss will discuss:
    • Differences between ICS cyber security and traditional IT security
    • Summaries of actual ICS cyber incidents from his database
    • Recommendations on how to tackle monitoring and protection at your facility
  • Designing Your Industrial Internet Without Sacrificing Security Recorded: Nov 5 2015 52 mins
    Brian Witten, Sr. Director for IoT, Symantec
    Big data analytics and smarter sensors are just two of many technologies leveraged by many companies enhancing their Industrial Control Systems (ICS) to reap the benefits of the Industrial Internet. However, as you design these smarter and increasingly connected systems, security must be built in from early stages, or else you risk others, with malicious intent, using your systems against you. This session will describe a process for helping you frame your security needs and meet them smartly to be sure that you are efficiently and effectively tackling security “end-to-end” and not leaving any weakest links unprotected as you evolve your ICS to capture the opportunities driving the excitement behind the Industrial Internet.

    About the Speaker: Brian Witten is a Senior Director for “Internet of Things” (IoT) at Symantec.
  • Why Cloud Security is No Longer an Option – It's a Necessity Recorded: Sep 30 2015 55 mins
    Zscaler & Forrester Research
    The Necessity of Cloud-Delivered Integrated Security Platforms,

    Cloud security is more secure than traditional appliance based solutions, especially in today’s social and mobile world. This is not just our view - this has been corroborated by several external analysts. New research from Forrester Inc., The Necessity of Cloud-Delivered Integrated Security Platforms, targeting 130 IT decision makers at firms with at least $250 million in revenue, identified that:

    98% of decision makers acknowledge that integrated platforms deliver better security
    Many organizations still have a plethora of legacy point solutions and appliances in their environment
    These organizations suffer from significant volumes of security alerts being triggered without effective response mechanisms

    Join SecurityWeek and Dan Maier, Sr. Director Product Marketing at Zscaler, for a compelling webcast full of key insights and findings from this research.

    Don’t miss this event. Register today!
  • Strategies for Streamlining Cloud App Access and Security Recorded: Sep 23 2015 64 mins
    Centrify & Imperva
    As cloud apps like Salesforce, Office 365, Google for Work, and ServiceNow become the norm, organizations need to enable secure access and maintain compliance. They must also bring under management a growing variety of personal devices, including laptops, smartphones, tablets, and wearables that are being used to access business systems and data.

    How do you manage user identities and cloud app access in real-time, while keeping sensitive data secure? Join experts from Imperva and Centrify as they share best practices on enabling the safe and productive use of cloud apps.

    • Provide secure single sign-on and user-friendly multi-factor authentication (MFA)
    • Secure and monitor SaaS access from login to logout
    • Detect and block cyber threats such as account takeovers
    • Simplify, centralize, and automate access management – across apps and devices
    • Leverage leading security offerings and what you need to consider

    Register now so you’re ahead of the fast-moving intersection of cloud apps, BYOD, and identity management.

    Sponsored by Centrify & Imperva
  • Segmentation Beyond VLANs, Subnets, and Zones Recorded: Sep 2 2015 51 mins
    Illumio
    You already know the power of application segmentation to deliver data center and cloud security—now you can take segmentation to the next level. Nano-segmentation is finally a reality.

    In 15 minutes, we’ll show you how nano-segmentation delivers the most granular, adaptive security across your data centers and public clouds.
    Register to find out how to:

    - Reduce your data center and cloud attack surface by 99%
    - Quarantine compromised servers in seconds
    - Achieve compliance in hours
  • Top 10 Best Practices for Privileged Identity Management Recorded: Jun 30 2015 61 mins
    David McNeely, VP of Product Strategy at Centrify
    Data breaches continue to be top of mind for organizations large and small. Two key dynamics are making that challenge much harder — the cloud and the growing sophistication of attackers.

    In this webinar David Mcneely, VP of Product Strategy at Centrify, explores the modern enterprise — a hybrid organization with infrastructure spread across on-premises data centers as well as hosted in the cloud and one where IT functions are split between internal and 3rd-party administrators. Attend this webinar to learn about:

    - Trends impacting data security and increasing identity-related risks
    - How to reduce the risk of security breach by minimizing your attack surface
    - Best practices for managing and governing privileged identities in the modern enterprise
  • How to Connect Your Server Room and Board Room - Before a Data Breach Occurs Recorded: Apr 28 2015 70 mins
    SurfWatch Labs
    Cybersecurity has become more than a technical problem. A data breach can have a major impact on your business – loss of jobs and customers, reduced brand reputation, stock price drops and more – with recent research placing the average cost of a breach at $2.7 million dollars. Yet too many organizations continue to drown in low-level threat data and individual response tactics, with security teams pouring through hay stacks that may or may not contain that “needle”.

    Join this webcast to learn how to improve the resiliency of your organization’s strategic risk management and business operation. Our panel of expert speakers include a former intelligence analyst, a CISO and a CEO, who will examine the business impact of cyber threats, why the traditional cybersecurity approach no longer applies, and offer tips for:

    · Taking a data-driven approach to cybersecurity – through evaluated intelligence
    · Continuously measuring cybersecurity key performance indicators
    · Facilitating collaboration across key stakeholders for an improved security strategy and cyber defense
  • How to Manage Mac and Mobile Devices Leveraging Your Existing Infrastructure Recorded: Mar 31 2015 63 mins
    Peter Havens, Director of Product Management at Centrify
    In this webcast we will look at how to effectively manage Macs in the enterprise as well as mobile devices leveraging your existing IT infrastructure.

    The growth of Mac in the enterprise is undeniable. Apple’s success with the iPhone and iPad is bleeding over into end user preference for laptops. Where Macs used to account for only low single digit percentages of devices deployed and were therefore largely ignored, they are now growing across all verticals and industries and represent a significant challenge for IT.
  • Breaking Bad: Enterprise Security Trends To Watch For In 2015 Recorded: Feb 18 2015 66 mins
    Virtustream
    Attend this webinar to find out more on how to align, automate and enforce controls to security and compliance policies – while providing visualization, workflow and reporting critical to improving operational efficiency and reducing audit costs.

    In 2015, cloud security, mobile and portable technology/applications (BYOD), data protection, and privacy and regulation will be a top priorities across every industry as businesses look to:

    - Reduce the cost and complexity of managing variety of compliance regulations with shrinking budgets
    -Manage enterprise and cyber risk with point security solution silos
    - Perform continuous monitoring of risk with ever increasing systems and volumes of data
    - Become more proactive rather than reactive regarding their IT risk management
    - Eliminate costly audit disruptions

    Speakers:
    Rick Roach, Senior Vice President, Cyber Security Solutions for Digital Management, Inc.
    Kaus Phaltankar, President, Security Solutions for Virtustream
  • Mitigating Insider Threats and Breaches Recorded: Feb 3 2015 56 mins
    Brad Zehring, Director of Product Management at Centrify
    How To Avoid Being Tomorrow’s Headline: Mitigating Insider Threats and Breaches

    Are your privileged users putting your business at risk? You might be granting your users too much privilege - even unintentionally - and dramatically increasing your potential attack surface. If over-privileged user credentials are compromised - or worse, misused by a disgruntled employee - your data and systems can be put at risk and your sensitive data can be stolen. Making you tomorrow’s headline.

    Brad Zehring, Director of Product Management at Centrify, will discuss how insider threats - both seen and unseen - develop and offer approaches you can use to reduce your attack surface and mitigate the threat.
  • Protecting Against Fraud and Cybercrime from Mobile Devices Recorded: Jan 21 2015 60 mins
    Dean Weinert, Director of Mobile Products at ThreatMetrix
    Mobile devices are becoming the preferred platform for online banking, commerce and accessing business applications. In the recent Black Friday to Cyber Monday weekend, mobile devices accounted for 39 percent of online transactions. This increased reliance on mobile is driving an increase in fraud and cybercrime attacks through mobile devices, with organized cybercriminals deploying sophisticated attacks that exploit mobile technology.

    Cybersecurity and fraud prevention professionals require defenses specifically designed to protect against losses and exposure from mobile attacks. Attend this webinar to understand how to protect transactions from native mobile applications and browsers in real time, without adding friction to the user experience.

    Topics include:
    •How authentication from mobile devices differs from laptops and PCs
    •Indicators of potential fraud from smartphones and tablets
    •What precise geolocation can tell you about a mobile transaction
    •Why global shared intelligence is critical to frictionless protection
  • Exposing Common Myths Around Cyberthreats to SCADA and ICS Recorded: Jan 7 2015 45 mins
    Joe Weiss, Applied Control Solutions and Managing Director for ISA99; Del Rodillas of Palo Alto Networks
    While awareness over the need for improved cybersecurity in SCADA and Industrial Control Systems (ICS) has improved in recent years, several inaccurate and dangerous assumptions about ICS cybersecurity best practices and the nature of cyber threats still persist. If held by organizations as fact, these myths could result in inadequate cyber-defensive measures and a high level of exposure to a range of attacks or even simple accidental cyber incidents both of which could have equally concerning consequences to process availability and safety.

    Join ICS cybersecurity experts, Joe Weiss and Del Rodillas, to learn about:

    - Common myths around cyberthreats to ICS and why they could be significant security gaps when held as truth
    - Select real-world examples that highlight the consequences when malicious actors successfully exploit these gaps
    - The more updated and accurate view to ICS cyberthreats as well as effective technologies which help asset owners build a stronger ICS security posture

    Presenters:
    Joe Weiss, Managing Partner of Applied Control Solutions, Managing Director for ISA99

    Del Rodillas, Sr. Manager for SCADA and Industrial Control Systems Initiative at Palo Alto Networks
  • Using Global Intelligence Data to Prevent Online Fraud and Cybercrime Recorded: Dec 18 2014 54 mins
    Ken Jochims - Director of Product Marketing, ThreatMetrix, Inc.
    Fraud and other forms of cybercrime continue to plague all companies with an online presence, with sophisticated cybercriminals launching attacks on logins, payments, and account origination. Security and fraud prevention professionals are challenged to keep pace with evolving trends and protect against attacks that threaten customers, employees, revenues and data – all without impeding user experience.

    Knowing the latest attack trends can help focus your detection and prevention resources to reduce risk and losses. Attend this webinar to learn how to leverage findings in The ThreatMetrix Cybercrime Report, based on actual cybercrime attacks detected during real-time analysis and interdiction of fraudulent account logins, online payments and registrations. This report gathers data from over 850 million monthly transactions, including findings from this year’s Black Friday – Cyber Monday weekend.

    Topics to be discussed include:
    •Attacks by transaction type and industry
    •Trends in top attack methods
    •Analysis of mobile vs. desktop attacks
    •Why global shared intelligence is essential
  • Gaps In SSH Security Create an Open Door for Attackers Recorded: Oct 30 2014 59 mins
    Gavin Hill – Director of Product Marketing & Threat Intelligence, Venafi
    Almost half of IT security professionals reported they experienced compromised or misused Secure Shell (SSH) keys in the last 24 months. The majority of the survey respondents rely on overburdened system administrators to self-govern their SSH keys. Unfortunately the result is ineffective security practices that leave the organization exposed.

    Forrester Research, analyst, John Kindervag, emphasizes, “Two-thirds of IT security professionals do not perform the necessary checks for unauthorized use of SSH keys.”

    In this webinar, you will be provided with some recommendations how to mitigate the vulnerabilities that exist that exploit SSH keys and the gaps within an organization that leaves SSH keys vulnerable to these attacks.

    LEARNING OBJECTIVES:
    • Review the Forrester Research findings on the state of SSH in the enterprise network
    • Learn what strategies need to be implemented to mitigate trust-based attacks
    • Understand the risks of not mitigating trust-based attacks
  • Expose the Underground: Detecting and Preventing Advanced Persistent Threats Recorded: Jul 9 2014 59 mins
    Scott Simkin, Sr. Manager in the Cybersecurity group at Palo Alto Networks.
    Advanced Persistent Threats (APTs) are being used to compromise organizations around the globe with increasing sophistication, persistence, and evasive attack methods. Join Palo Alto Networks and SecurityWeek for a webcast with live interactive Q&A that will take you straight to the heart of the cyber underground.
  • Managing Heartbleed Fallout Recorded: Jun 12 2014 64 mins
    Gavin Hill, Director of Product Marketing & Threat Research, Venafi
    The Heartbleed vulnerability will be talked about for years to come. Well respected cryptographers like Bruce Schneier have stated that “Heartbleed is Catastrophic. On a 1 to 10 scale this is an 11. The attack leaves no trace, and can be done multiple times. This means that anything in memory -- SSL private keys, user keys, anything -- is vulnerable. And you have to assume that it is all compromised. All of it.”

    By now most organizations have responded to the Heartbleed vulnerability, the question as to whether or not organizations have indeed fully remediated the vulnerability is still open. The reason for this is that many organizations perform ‘lazy’ certificate rotations, and do not create new keys.
    It’s also been proven that the Heartbleed vulnerability impacts mail servers, chat servers, VPN’s, network appliance and client software. Over 50 security vendors have also confirmed that their solutions are vulnerable.

    It is paramount that all keys and certificates be replaced within the enterprise network, patching only publicly facing web servers is not sufficient.

    LEARNING OBJECTIVES:

    • Learn about the impact of the Heartbleed vulnerability has had on organizations
    • Review the Venafi remediation report – understanding if enterprise organizations have indeed remediated the Heartbleed vulnerability
    • Learn about best practices to mitigate trust-based attacks
SecurityWeek
SecurityWeek's Webcast Channel - Join us for information webcasts to help you better defend your organizations from cyber threats.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: The Phantom Identity Menace
  • Live at: Feb 18 2016 6:00 pm
  • Presented by: Chris Webber, Security Strategist at Centrify; Eric Hanselman, Chief Analyst at 451 Research
  • From:
Your email has been sent.
or close