The Advanced Persistent Threat: How to explain it to your family and what to do
"Advanced Persistent Threat" is a buzzword phrase in the industry, often used along with lots of promises to prevent it if you buy a product. But what is it really, and why is it so powerful? And how can you make sense of the bewildering array of products that all claim to prevent it? While we can't promise to make it understandable for your extended family, we can look at it with less jargon and with that understanding briefly describe what is important to look for when you are trying to build your defences.
RecordedOct 27 201561 mins
Your place is confirmed, we'll send you email reminders
Greg Maudsley, Senior Director, Product Marketing at Menlo Security
Ransomware attacks are globally pervasive, and only getting worse for retailers, hospitals and a number of other businesses. The number of strains of Ransomware is infinite, with more and more advanced versions coming to light every day, but the vectors through which attacks occur remain the same. 90% of malware is delivered via web and email, with dynamic web content dramatically increasing the risk to users. Of the top 50 most visited US sites in 2016, 42% were found to be running vulnerable versions of web-software code. Traditional approaches to cyber security are failing – distinguishing the good from the bad is no longer a reliable option and has a very costly impact on enterprises. One approach that has been developed to tackle the constantly evolving threat landscape is Isolation, which assumes that all active content poses a risk.
Greg Maudsley, Senior Director, Product Marketing at Menlo Security will highlight the steps that must be taken to raise awareness of the reality of the Ransomware threat, and discuss the best ways in which to tackle this.
2016 is turning out to be a landmark year in terms of Ransomware and there’s no sign of these threats slowing down any time soon. Ransomware is not new, it is just getting more sophisticated and is inflicting major damage to companies, organisations and individuals, shaping up to be a frighteningly lucrative year for cybercriminals, where any person with a computer can be exploited and used as a revenue source with the potential for vast profits.
Learn how Cylance have revolutionized the industry by utilizing data science and security experts to provide a next-generation cybersecurity technology that proactively prevents, rather than detects the execution of advanced persistent threats and malware in real time before they ever cause harm.
Bryan Soltis, Technical Evangelist at Kentico Software
Many enterprise applications run on a CMS platform to enable administrators and editors to build and update content quickly. While many of these systems have great built-in security features, there's a lot that can go wrong when a site is left vulnerable to attackers. In this webinar, Kentico Technical Evangelist Bryan Soltis will discuss many of the areas of your CMS that, when left unchecked, can expose your site to hackers, and what to do if you've already been hacked.
The EU General Data Protection Regulation (GDPR) is the biggest change to data protection law in the world since the late 90’s. Every aspect of the old law has been overhauled and modernised. Businesses trading with the EU or handling EU citizens private data will need to comply with the GDPR come 25th May 2018. This mean almost all British organisations will have to adapt to the EU GDPR despite the latest Brexit vote. Accordingly, companies will be fully accountable for implementing a comprehensive data governance policy and appropriate security mechanisms. Non-compliance can result in fines of up to €20 million or 4% of a company's global annual turnover, whichever is greater.
The adaption process to the EU GDPR won’t be simple and easy one. It will take time and energy from businesses, especially SMBs. During this webinar we give the chance to understand the biggest changes to the current law, and learn the essential steps business need to get in place to be ready come May 2018. With the webinar's open and live format, you will have ample opportunity to engage in Q&A with our data privacy and security experts.
Open Source Software is now broadly used in the development of software applications. The ability to reuse components of code already created allows development teams to create more code, with more functionality, faster. It also promotes the adoption of standards and makes applications more interoperable.
Although Open Source Software components typically require no licensing fee, it does come at a cost. This cost is uncertainty – or perceived uncertainty in many cases. Most software developers will be meticulous about what components they use from the perspective of functionality as they want to build code that works.
However those Open Source Software components could have inherent business risks associated with them such as Legal/IP compliance, security vulnerabilities and operational risk. IP Investors, cyber insurance companies and business management are becoming aware of the need for demonstrable controls to be in place to mitigate these risks.
This talk will discuss strategies organisations continuous compliance culture which will manage the risks without impacting technical innovation. These strategies can be leveraged by both organisations implementing open source based solutions or by technical organisations are creating open source based solutions
As more and more internet-enabled devices hit the market, securing these devices and our personal data is becoming an increasingly difficult task. Additionally, as more and more businesses make use of cloud-based services, new opportunities for criminals to exploit these services are appearing at a rapid pace as cybercrime becomes one of the most lucrative forms of crime we have ever seen. What cyberthreats will we start to see more of in the coming years? And what tactics will start to disappear?
In this webinar, Greg Iddon, Security Specialist at Sophos, will explore the future of cybercrime based upon the views and trends observed by members of Sophos and researchers at Sophos Labs, as well as how businesses and consumers can protect themselves from the threats and risks of tomorrow.
Too often security has been hampered by complexity and incomprehensibility. What people don't understand they mistrust and when they become inconvenienced they look for alternatives or switch off. This webinar will explain the workings of complex security solutions in simple terms. It will help unravel the complexities and show how simple yet comprehensive, all-inclusive security systems are the key to a working solution!
In this webinar Paul Williams of Cloudview looks at the three principles of developing effective security products under the theme of mind, body and spirit. The webinar will cover:
•Mind – why security needs to be at the heart of everything that a business does, and how to ensure that it is embedded in all aspects of product design
•Body – ensuring that products fulfil user needs of usability and trustworthiness
•Spirit – why simplicity is the key. This means understanding user needs, designing products to meet them and then getting out of the way i.e. avoiding overdesign or adding unnecessary features.
With all of the hype around security of late, you’d be forgiven for thinking that you’re too small to matter in the grand scheme of cyber security. This complacency, however, is one of the major issues facing the safety of our businesses today. While companies should be responsible for the overall safety of employee and customer data, there are things you can and should be doing to help. When we’re all battling the same criminals with the same end goal, no one is too insignificant to matter.
Cesare Garlati, chief security strategist, prpl Foundation
Cesare Garlati, chief security strategist for the prpl Foundation, will host a webinar discussing the security risks presented by today’s highly-connected smart home, why the IoT is so easy to exploit, and how consumers can protect themselves.
Chris Niggel, Director, Security and Compliance at Okta
Enabling a highly connected and mobile workforce means shifting the attack vectors that organisations must protect from cyber criminals. And although businesses recognise that requires the modernisation of security protocols with best of breed cloud solutions, many are struggling to adapt due to traditional on premise security mind-sets. How can today’s businesses overcome today’s security concerns, and how can doing so enable them to become more agile?
Both information security and compliance are critical to tackling the cyber-challenges facing organisations today. As with a happy marriage open communication, mutual respect and compromise are key to nurturing a security-conscious culture.
Despite working toward a common goal, we regularly see security personnel and employees at loggerheads with one another. This leads to disharmony, which culminates in an ineffective information security awareness program and therefore increased risk.
This webinar will:
•Challenge the notion that compliance and security are mutually exclusive;
•Consider the sweet spot for harmonious co-operation and establishing pragmatic approaches to secure working;
•Suggest a strategy for fostering a real shift in human behavior, which delivers more cyber resilient organisations.
Presenter: Dominic Saunders – CTO, NETconsent
Information security expert and CTO, Dom Saunders, has been at the centre of the information security industry since the late 1990s. He has a genuine enthusiasm for all things technical and a real passion for business process innovation.
With international security experience from systems integration to trusted advisor, he has a treasure trove of real-life security tales, which enrich his presentations. As founder of NETconsent, compliance and communications software vendor, Dom has consistently championed the human factor in securing organisations and is a strong advocate of security as a business enabler rather than barrier. He is on a mission to ensure information security becomes second nature in everything people do.
The rapid expansion of the cyber security market and awareness from businesses of the need for improved protection has driven great demand across the majority of cyber security skill sets. Organisations are struggling not only to attract security personnel in the first place, but to also then keep their teams together.
Ryan will utilise knowledge from his 8 years with Acumin to look at some of the specific areas of demand, how to ensure you don’t miss out on potential hires, and offer advice on retaining your staff.
In the last decade, cybercrime has industrialised. It’s no longer the preserve of a small number of skilled hackers. The webinar will focus on the industrialisation of cybercrime and will highlight how fraud, particularly identity fraud, is on the rise in the UK.
Tools for carrying out sophisticated cyber-attacks are now cheap, mass-produced, and easily accessible. Hacking communities, discussion groups and online walkthroughs are plentiful and easy to find. The raw material for crime - personal information - is available at low cost and neatly packaged for resale in online marketplaces. It really is possible for anyone, aged 8 to 80, to get involved if they want to.
Andy will warn that as more services move online, the opportunities for abusing stolen personal data increase. He will stress the need for greater communication and partnership between major fraud targets - financial institutions, utility companies, online retailers and the like - which can make the UK provide a strong stance against fraudsters and help to win the battle against cybercrime.
The webinar will cover and consider the evolving circumstances of data breach; the link between breaches and identity fraud; and the risks for those whose data is appropriated. Andy will explain why the response to data theft is currently inadequate; and identify some measures which could provide consumers with greater security and peace of mind, as well as the potential business benefits of doing so.
Cyber threats have evolved to evade the detection capabilities of traditional security tools. The malware powering botnets/ransomware/IP theft is also breaching networks and systems in new and innovative ways. In order to find these advanced threats, content inspection must move beyond traditional executable file analysis in virtual environments. Observing malware behaviors on a deeper level and using intelligent file detonation are critical to detection. In this presentation by Christopher Kruegel, CEO at Lastline, you’ll learn how a Full System Emulation (FUSE) approach provides improved visibility and enhanced malware detection. Kernel-level object inspection and machine learning are combined to defeat the evasive techniques of malware hiding in documents, email traffic, HTTP web traffic, SMB traffic, and more.
Chris Pogue, Chief Information Security Officer at Nuix
The complexity of technology seems to be overwhelming society. We have put computer systems a million times more powerful that the systems that put a man on the moon in the pockets of children and teenagers the world over. Quite literally, we have the combined knowledge and learning of the last 70 million years of science, evolution, progress, and development at our fingertips, each and every day. However, in the process of driving this technology to market we completely failed to think about how we are going to keep the information and the people using it, safe.
It's obvious that the way security is being handled now is not working, and it needs to be looked at in a whole new way. In this webinar, Chris Pogue, Chief Information Security Officer at Nuix will describe what the next generation of security needs to look like not only to address the evolving threat landscape, but to also encompass the continued growth of the Internet of Things and the continued evolution of technology into our daily lives.
Sean Newman, Director Product Management for Corero Network Security
The threat landscape is evolving at an unprecedented rate - attackers are better educated, well-funded, and relentless in the pursuit of their goals. But, some things never change, the bad guys will always take the easiest path to the money. Learn how the latest trend could be negatively impacting your network and its profitability.
In an era of high profile security breaches, security compromises and hacks, the science and discipline of First Responder Digital Forensics is essential to enable the investigation of the Digital Scene of Crime in a timely manner, and is an expected element of the in-house Cyber operational portfolio of most large organisations. In this Webinar we will look how such a capability may be built into the operational security mission.
This webinar will look at the security considerations that need to be applied to organisations who are considering or planning to share IT services. In most cases the strategic objective is to reduce costs while retaining levels of performance and security, However, raising standards will mean injecting investment, so a balance needs to be found by agreeing the appetite for risk.
This webinar will look at the governance principles that need to be agreed by the sharing organisations and the considerations that underlie them.
Security monitoring is about more than just pulling all your logs into a SIEM and hoping for the best. An effective security monitoring strategy can help you to gain deep insight into the inner workings of your technology organization. Despite claims to the contrary, to do this, you won’t need an army of staff, or a budget the size of a deathstar.
Our channel is aimed to give you the full picture. We will educate you on current topics of interest with the Editor of IT Security Guru hosting the webcasts, Dan Raywood. Guest speakers will join in on the debates with their own expert view and no intention of keeping it to themselves. Our aim is to give you all the information you need, for you to be able to come to your own conclusion.