Hi [[ session.user.profile.firstName ]]

APTs: Overhyped or Under-managed?

The term ‘advanced persistent threat’ has been used (and perhaps abused) by information security vendors and professionals for years, but has the information security industry reached an accurate consensus on what an APT actually is, and how to manage one? This session will look to define the term and questions whether APTs are overhyped, or indeed under-managed, and what information security professionals should be doing about them.
Recorded Jun 15 2015 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Moderator: Stephen Pritchard - Speakers: Peter Wood, Chris Novak, Matthew Harvey & Stephen Bailey
Presentation preview: APTs: Overhyped or Under-managed?

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Ransomware: How to Avoid Extortion Recorded: Aug 27 2015 63 mins
    Moderator: Joe O'Halloran Speakers: Chris Merritt & John Walker
    The threat of ransomware is very real. Studies have found that it has hit one in three companies. And crypto-ransomware like Cryptolocker and Cryptowall are the scourge of the web – and with new and ever-more sophisticated variants springing up rapidly this year, have become the tool of choice for online blackmail and extortion by cybercriminals.

    The threat of ransomware escalates as its quality improves and becomes ever more difficult to detect, potentially lying dormant on your systems, waiting to strike.

    Security teams, therefore, need to be awake to the threats of extortionate malware.

    Join us for this webinar, where a panel of experts will explore the threat of ransomware and answer your questions. Participate in the discussion as the panel discusses:

    • What varieties of ransomware are being used today?
    • What is crypto-ransomware and how does it work?
    • How does it get onto your systems, your network?
    • What can you do to protect your organization?
  • Addressing the Security Risks of Negligent Insiders Recorded: Jul 30 2015 72 mins
    Moderator: Joe O'Halloran - Speakers: Michael Crouse, Larry Ponemon & Steven Furnell
    All workplaces share the same security threat: the well-meaning but careless employee who may be more focused on productivity than protecting the company’s sensitive or confidential information. Often, without thinking of the potential consequences, they leave confidential documents in plain view, share passwords, circumvent security procedures and transfer sensitive data to the public cloud without company approval – ultimately costing much more to your organization’s bottom line than the employee hoped to save in time. IT professionals agree that more security incidents are caused by negligence than malicious acts.

    In this webinar, Dr Larry Ponemon of the Ponemon Institute and Michael Crouse, Director of Insider Threat Strategies, Raytheon | Websense, will discuss findings of the 2015 survey The Unintentional Insider Risk in the United States and German Organizations.

    Topics for discussion include:
    *How much unintentional security incidents are costing your organization
    *Which employees are most likely to cause an unintentional insider breach
    *What you can do about it
  • How Outsiders Become Insiders: Understanding and Combating Today's Threats Recorded: Jul 9 2015 60 mins
    Moderator: Stephen Pritchard - Speaker: Ed Parsons, Kai Roer, Tas Giakouminakis & Andrew Kellett
    Today's attackers employ a variety of deception tactics allowing them to impersonate legitimate users and bypass existing IT security defences.

    Web applications are often compromised in order to host malware or be turned into a phishing site. Users who visit these sites then become infected or have their credentials stolen, giving attackers access to your network. Once inside, attackers become insiders. They use stealthy techniques to move around the network, looking for targets, while remaining undetected for months.

    In this webinar we will examine:
    · Common tactics used by today’s attackers to target users and web assets;
    · How attackers impersonate legitimate users to become “insiders”;
    · Best practices for preventing, detecting and containing these threats.
  • Secure Your Mobile Workforce, Improve Productivity Recorded: Jul 7 2015 60 mins
    Moderator: Stephen Pritchard - Speakers: Cesare Garlati, Rob Bamforth, Ed Moyle & Jon Fielding
    In 2015 one third* of the global workforce – 1.3 billion people - will work remotely
    Cost reductions and efficiency drives are the order of the day for all businesses but how can your firm carry this out without impacting employee productivity or compromising your data security? This webinar will look at how remote working, BYOD and implementing workspace solutions can help you achieve your efficiency goals without sacrificing data protection.

    By attending the webinar you will:
    •Discover how BYOD and workspace technology go hand-in-hand to save money
    •Understand the role remote working and BYOD play in achieving in-house efficiencies
    •Appreciate how workspace devices simultaneously improve employee productivity and keep confidential data secure
    •Learn how to balance workforce mobility, productivity and security in a busy working environment


    *IDC Forecasts Strong Growth in Mobile Workforce & Runheimer International “Growing Companies Invest More in Their Mobile Workforce” 9/24/13
  • Protecting Data Across Cloud Applications: the Hidden Challenge Recorded: Jul 2 2015 60 mins
    Moderator: Stephen Pritchard - Speakers: Alex Kurz, Alea Fairchild, Matt Lovell & Kai Roer
    The rise of cloud applications in the workplace is driving the need for companies to extend existing security policies to all devices and manage access to cloud applications.

    At the same time, more employees are using personally-owned devices to access, process and store corporate data.

    And the ease of deploying cloud applications has increased the incidence of employees using unauthorised applications to process corporate data.

    This webinar will discuss:
    - the increased adoption of cloud applications;
    - the need to deliver solutions with detailed analytics around cloud application usage;
    - how to provide robust security solutions;
    - and how to protect against web-borne threats.
  • Meeting the New Challenges of Enterprise Security Recorded: Jun 25 2015 61 mins
    Moderator: Michael Hine, Speakers: Ashok Sankar, Jon Oltsik & Rob Sloan
    The job of the infosec professional is becoming ever-more complicated. The effectiveness of legacy methods, tools and attitudes is diminishing, while the sophistication of attackers is on the rise. The problem for security professionals is a complex one – they need to update systems and processes to suit the new threat landscape, while trying to keep up with the threat of specialized and well-resourced cybercrime.

    For a long time security pros have been bombarded with a simple message: It’s not if but when. CISOs need to accept that breaches are, more or less, inevitable. But how does security actually need to adapt to meet the new challenges this situation brings? Join our panel of experts for this webinar to find out. Topics to be discussed include:

    •The diversification of enterprise IT, and the increase in threat vectors
    •Updating legacy processes
    •Reducing attacker ‘dwell time’ on the network
    •Effective monitoring of egress traffic
    •Holistic data collection and processing
  • Creating a Company-Wide Information Security Culture Recorded: Jun 19 2015 61 mins
    Moderator: Joe O'Halloran - Speakers: Jenny Radcliffe & Steven Furnell
    As the subject of information security works its way into the boardroom, the importance of creating a company-wide information security culture is increasingly understood. Staff engagement at every level is required in order for the culture to be truly present and effective. This session will look at what it takes to make each and every user part of the organization’s information security defense, and what training and approaches can be adopted to change the company’s culture.
  • Finding Privacy and Trust in the Cloud Recorded: Jun 18 2015 59 mins
    Moderator: Stephen Pritchard - Speakers: John Skipper, Jeremy Bergsman, Paul Simmonds & Philip Casesa
    As organizations turn to the cloud to improve efficiency and reduce costs, information security professionals struggle to gain assurance that their organization’s data is secure. As sensitivity to privacy heightens following revelations about government surveillance, companies can’t afford to risk their critical information assets. The increased scrutiny has placed pressure on cloud providers to provide assurance around their ability to protect data. This session advises information security professionals about the questions they should be asking in order to find privacy and trust in the cloud.
  • Preparing for the Threat of Data-Stealing Attacks Recorded: Jun 18 2015 61 mins
    Moderator: Michael Hine, Speakers: Colin West, Mark Skilton & Paul Gribbon
    Organizations are increasingly finding themselves the target of cyber-attack, with each breach of network infrastructure increasing the likelihood that vital corporate data could be stolen. Developing a stance of readiness against attacks that seek to steal information is therefore essential.

    The range of security technologies available all claim to offer a solution to different problems – but which do you need to prioritize in order to give you a solid security foundation? How does the move the cloud affect companies’ data-loss prevention planning?

    Ensuring that cybersecurity is high up the company agenda is also crucial – as is a managed approach to patching and vulnerability scanning.
    Security is always a balancing act – requiring that you make the right decisions from the range of options available to you to suit your organization’s needs. To discuss how companies can achieve this, a panel of experts on this webinar will discuss:

    •Research-based intelligence that sets out the state of the problem
    •The tools, technologies and practices that contribute to a solid security program
    •Security’s status within an organization’s hierarchy
  • Strengthening the Weakest Link: Securing the Supply Chain Recorded: Jun 17 2015 60 mins
    Moderator: Stephen Pritchard - Speakers: Simon Viney, Adrian Davis & Konrads Smelkovs
    Although third-party suppliers bring many benefits, the reality is that their systems, data management and even employee training standards may be vastly different to that of the organization receiving the services. Many organizations fail to consider whether their suppliers take the same attitude to cyber-attacks and hacking risks as they do. This session considers the questions that organizations should be asking their suppliers, and where liability lies in the event of a security incident.
  • Monitoring and Logging: That’s Right, We’re Watching You Recorded: Jun 16 2015 62 mins
    Moderator: Mike Hine - Speakers: John Cobb, Ian Glover & Graham Thomson
    Logging and monitoring provides an indication of what unauthorized security-related activities have been attempted or performed on a company’s network or systems, and helps determine what requires follow-up investigation and/or remediation. But to what extent can this process be automated, and when is human analysis required? And when does necessary monitoring become invasive spying? This session will consider the privacy aspects of monitoring and logging – particularly on BYOD – and how to get the most out of this practice.
  • APTs: Overhyped or Under-managed? Recorded: Jun 15 2015 60 mins
    Moderator: Stephen Pritchard - Speakers: Peter Wood, Chris Novak, Matthew Harvey & Stephen Bailey
    The term ‘advanced persistent threat’ has been used (and perhaps abused) by information security vendors and professionals for years, but has the information security industry reached an accurate consensus on what an APT actually is, and how to manage one? This session will look to define the term and questions whether APTs are overhyped, or indeed under-managed, and what information security professionals should be doing about them.
  • Infosecurity Europe 2015: John McAfee Recorded: Jun 3 2015 15 mins
    Mike Hine and John McAfee
    Infosecurity Europe 2015: John McAfee
  • File Transfer Solutions and How to Achieve Compliance Recorded: May 14 2015 62 mins
    Moderator: Michael Hine, Speakers: Paul Castiglione, Derek Brink & James McCloskey
    The ability to move files effectively and securely is integral for organizations, with everything from sensitive personal records to highly confidential financial documents at risk of compromise if insufficient care is taken to security and compliance.

    There is a vast array of systems used within enterprises for transferring files, from email attachments to cloud applications and FTP servers. But in a borderless IT environment, where users often deploy unauthorized methods to access and transfer sensitive business data, the pitfalls are many.

    With significant financial repercussions facing organizations who fail to safeguard data, ensuring compliance and best practice in this area is key. This webinar will examine the essential considerations around file transfer and deliver best practice advice on how to implement the right technology for your organization.

    Talking points will include:
    •Audit visibility
    •Smooth and agile integration of technologies
    •Integrating solutions with existing security approaches
    •Achieving cost-effectiveness, scalability and compliance
  • April Patch Update - Sponsored by Qualys Recorded: Apr 16 2015 60 mins
    Moderator: Stephen Pritchard - Speakers: Wolfgang Kandek, Matt Harvey, Jonathan Trull & Ivan Ristić
    Every month, our Patch webinar gives listeners a chance to stay up to date with the latest security updates and patches, and to look deeper at some of the issues around patch management.

    In each webinar, we start with a look at Microsoft's Patch Tuesday releases and round up the main security updates and patches from other software and operating systems vendors. We then look at the key "out of band" patches, and our expert panel will discuss these and developing issues in the field of security updates and patching.

    And, in each session, we will conclude with audience questions: your chance to quiz our experts on the best ways to keep your infrastructure secure.
  • Crunch Time for Securing Big Data Recorded: Apr 9 2015 60 mins
    Moderator: Stephen Pritchard - Speakers: Sol Cates, Alea Fairchild & Johnny Miller
    The evolution of big data is in high gear. It is an exciting time for marketers, scientists, analysts and others looking for competitive advantages and new discoveries by examining their data sources in new and unique ways. Organisations are only just embracing the advantages that big data can bring to their business.
    However, with few native security controls built into big data platforms, maintaining the confidentiality of an enterprise’s data becomes a significant challenge. Unfortunately, for big data environments the traditional ‘bolt-on’ security measures are not able to properly protect these architecturally different deployment models.

    This webinar will help viewers to

    1. Understand how global organisations are using NoSQL technologies like Apache Cassandra™ to increase competitive advantage

    2. Have learned why traditional security solutions are unable to protect these environments

    3. Discover how to mitigate risks of storing large volumes of intellectual property in a centralised NoSQL repository while adhering to compliance mandates

    4. Understand how encryption in a NoSQL environment ingesting extremely large datasets in real-time can be transparently deployed without having to modify applications or re-architect the storage infrastructure
  • Browsers, Certificates and Trust: What's Changing and What You Need to Know Recorded: Apr 2 2015 60 mins
    Moderator: Stephen Pritchard - Speakers: Bruce Morton, Ken Munro & Jan Camenisch
    Certificates are a key part of the digital transaction value chain, and a key way both to secure transactions, and to establish trust.

    But all browser providers are end of life-ing a set of certificates used to encrypt transactions between consumers and websites. Google, for example, has advised that Chrome will gradually sunset SHA-1 cryptography, which is used in the signing process of SSL certificates, so businesses supporting Chrome will need to upgrade.

    Join us on this webinar to:

    - learn about the background of SHA-1 certificates going end of life;
    - understand the potential impact on business, including the potential negative effects on consumer trust and their willingness to complete transactions;
    - understand how to prepare for a move to SHA-2, including key dates and possible technical challenges;
    - learn how to manage any potential disruption and compliance issues, and how to manage the transition to new certificates
  • Insights into Incident Response – A View from the Front Lines Recorded: Mar 26 2015 61 mins
    Moderator: Michael Hine - Speakers: Roger Francis, Ian Glover & Mark Skilton
    The tools and techniques of advanced persistent threat (APT) actors are constantly evolving, putting pressure on organizations to regularly review and enhance their security posture and defense readiness.

    Organizations can take a range of approaches to improve the way they detect, respond to and contain advanced attacks. Key to the way they organize their defenses and incident response plans is intelligence gleaned from analysts and research reports.

    This webinar will call on a range of industry experts to deliver their findings and best practice advice on the issue of incident response. FireEye will be presenting on the key insights drawn from its M-Trends 2015 report, compiled from hundreds of incident response investigations.

    Topics for discussion include:

    • The length of time typically have access to victims’ environments
    • Third party compromises – how many companies are affected and how to detect
    • The complexity of attribution as the lines blur between tactics used by cyber-criminals and nation-state actors
    • The stealthy new tactics cyber-criminals deploy in order to move laterally and maintain persistence in victim environments.
  • March Patch Update - Sponsored by Qualys Recorded: Mar 12 2015 61 mins
    Moderator: Stephen Pritchard - Speakers: Matt Harvey, Andrew Wild, Brian Honan & Wolfgang Kandek
    Every month, our Patch webinar gives listeners a chance to stay up to date with the latest security updates and patches, and to look deeper at some of the issues around patch management.

    In each webinar, we start with a look at Microsoft's Patch Tuesday releases and round up the main security updates and patches from other software and operating systems vendors. We then look at the key "out of band" patches, and our expert panel will discuss these and developing issues in the field of security updates and patching.

    Superfish and other certificate installers, What is the threat and what is the scope of the problem?

    And, in each session, we will conclude with audience questions: your chance to quiz our experts on the best ways to keep your infrastructure secure.
  • How to Build a Next-generation Security Programme Recorded: Mar 5 2015 60 mins
    Moderator: Stephen Pritchard - Speakers: Brian Honan, Rik Turner & Wim Remes
    Don’t let your security programme fall behind. In a world where executives are asking more questions about security and high-profile breaches and critical vulnerabilities are reported in prime time, rigid policy frameworks and traditionally slow (but cautious) decision making are no longer sufficient.

    Security departments in organisations of all sizes and across all industries must ensure that business critical assets are protected, compliance and regulatory requirements are met, and rapidly changing business goals are supported.

    In this webinar we will discuss:

    • The current state of the art for security programmes
    • How to work with your organisation to ensure that security becomes a business enabler
    • How to build a supportive security programme within an ever-evolving threat landscape
Strategy, Insight, Technology
Infosecurity Magazine webinars are dedicated to bringing together the best in information security strategy, technology & insight. Each webinar includes high level industry speakers and analysts and provides relevant information and advice which our viewers can take away and implement in the workplace or to further personal development. For every session attended viewers can earn CPE credits towards CISSPs, SSCPs and ISACA accreditations.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: APTs: Overhyped or Under-managed?
  • Live at: Jun 15 2015 2:00 pm
  • Presented by: Moderator: Stephen Pritchard - Speakers: Peter Wood, Chris Novak, Matthew Harvey & Stephen Bailey
  • From:
Your email has been sent.
or close