Name: Briefings Part 2: PCI, HIPAA & More - Closing the Compliance & Security Gap
Start: 2014-07-24T17:00:00Z
End: 2014-07-24T17:59:29.000Z
Location: BrightTALK
Rating: 4.5

(ISC)² Security Briefings brings attendees both stand alone webcasts and multi-part series on cutting edge infosecurity topics that gets deeper into the subject matter and technologies presented by subject matter experts.

Join us for a live Q&A where our panel of experts will answer your questions about CCSP before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training strategies, career paths and more to help you build confidence so you’re ready on exam day.

You’ll learn:
• Why vendor-neutral certification is in demand
• How CCSP complements vendor certifications
• What training tools are available
• And much more

Bring your questions and join us on Friday, April 28, 2023, at 1:00 p.m. ET

Save your spot now.

CCSP EXAM READY: Ask the Experts Before You Sit

The CISA Zero Trust Maturity Model is filled with concepts and language appropriate for federal agencies, but it doesn’t always translate to the private sector, and certainly not to smaller, less-mature mid-market organizations. 

In this live session on April 18, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific IANS and ISC2 host a webinar to explain:

• Which metrics to consider and which to avoid
• Ways to use metrics to communicate with nontechnical stakeholders and/or the board
• Examples of maturity models to track the long-term progress of a zero trust program

Zero Trust Metrics: Track Progress and Program Maturity

Join us for a live Q&A where our panel of experts will answer your questions about CISSP before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training strategies, career paths and more to help you build confidence so you’re ready on exam day. 

You’ll learn:
• How CISSP builds your end-to-end foundational understanding of cybersecurity
• Why vendor-neutral certification is in demand
• What training tools are available
• And much more

Bring your questions and join us on Friday, April 14, 2023, at 1:00 p.m. ET

Save your spot now.

CISSP EXAM READY: Ask the Experts Before You Sit

Maintaining cybersecurity compliance and building reliable risk management practices isn’t a simple to-do item you check off anymore. The livelihood (and ultimately the growth) of your business depends on resilient security and compliance programs. Add in changing regulatory requirements, and the challenge becomes exponentially more complex. 

Join Hyperproof and (ISC)2 on April 11, 2023  at 1:00 p.m. Eastern/10:00 a.m. Pacific to hear more about: 
• The value of connecting compliance and risk 
• Optimizing stakeholder visibility and communication 
• Using GRC tools to scale your business
• Long-term impacts of streamlining compliance, security, and risk management workflows

Level Up Your Security: How to Build Compliance and Risk Mgmt Programs to Scale

Join us for this live Q&A where our panel of experts will answer all of your questions about the Certified Information Systems Security Professional (CISSP) Concentrations in architecture, engineering and management before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training options and more to help you build confidence so you’re ready on exam day.

You’ll learn:
• How the ISSAP, ISSEP and ISSMP concentrations build upon the CISSP
• Why vendor-neutral certification is in demand
• What training tools are available
• And much more

Save your spot now.

CISSP Concentrations (ISSAP, ISSEP, ISSMP) EXAM READY: Ask the Experts

Ransomware continues to dominate the headlines with a wide range of organizations impacted. Part of its staying power is that ransomware threat actors tackle the attack chain with the specialization and organization of a business, with different groups tasked with different roles and responsibilities. 

Join us for this Proofpoint and (ISC)2 webinar March 28, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific to learn how threat actors are adapting to maintain their business model, and what organizations can do in response. 

We’ll discuss best practices to:
- Minimize the probability and impact of ransomware incidents by focusing on the entire attack chain
- Minimize the damage when ransomware incidents do occur by detecting and limiting the action of compromised identities
- Minimize recovery time by protecting the primary target of ransomware attacks, your data

Disrupt the Ransomware Threat Actors: Focus on Attack Chains

Join us for a live Q&A where our panel of experts will answer your questions about CCSP before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training strategies, career paths and more to help you build confidence so you’re ready on exam day.

You’ll learn:
• Why vendor-neutral certification is in demand
• How CCSP complements vendor certifications
• What training tools are available
• And much more

Bring your questions and join us on Friday, March 24, 2023, at 1:00 p.m. ET

The 2022 cyber threat landscape was one of persistence, increased scope, and relentless determination. As businesses began to ease pandemic-driven operating environments and adjust to geopolitical shifts—as well as growing economic hardships—adversaries supporting nation-state, eCrime, and hacktivist motivations started the year with a relentless show of effort that ultimately defined 2022.

Join CrowdStrike and (ISC)2 March 23, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific for an in-depth review of how the cyber threat landscape has evolved over the last year, including notable threats, events and trends outlined and explained in the CrowdStrike 2023 Global Threat Report.

 In this session, we’ll discuss:
• The most relevant threat issues that organizations face today
• New adversaries uncovered in 2022 and their growing speed and sophistication
• Useful best practices in how you can combat the modern-day threat

Understanding the Modern Threat Landscape

Join us for this live Q&A where our panel of experts will answer all of your questions about Certified Secure Software Lifecycle Professional (CSSLP) certification before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training options and more to help you build confidence so you’re ready on exam day.

You’ll learn:
• How CSSLP prepares you to incorporate best security practices into each phase of the SDLC
• Why vendor-neutral certification is in demand
• What training tools are available
• And much more

Save your spot now.

CSSLP EXAM READY: Ask the Experts Before You Sit

Global survey spotlights industry vitals and actionable insights. The State of Cloud-Native Security Report 2023 is the result of a months-long survey traversing seven countries and five sectors of industry to consult with cloud security and DevOps professionals — from chief executives to developers to security technicians — with the goal of identifying pivotal decisions affecting cloud-native development and security outcomes.

This webinar will be hosted by Prisma Cloud/Palo Alto and (ISC)2 on March 16, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific.  Join us to hear the results of this year’s survey, presenting a fresh look at the top challenges and best practices in cloud-native security, including these outstanding findings:
• New deployment frequency has increased by 67% in the past 12 months.
• 76% of respondents deploy new or updated code to production weekly.
• 72% of organizations report an above average turnover rate in cloud security roles.
• 78% of respondents want better Day-1 security from tools.
• 77% of organizations say aligning security tools with security goals is challenging.
You do not want to miss this session!

The State of Cloud-Native Security 2023

A well-managed multi-cloud deployment can increase reliability, reduce the risk of vendor lock-in and add essential business capabilities. But the more cloud services an enterprise employs, the more complex the solution is to manage. 
On March 14, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific IANS and ISC2 discuss:
• The most common pitfalls of multi-cloud adoption and recommendations to navigate them
• What you need from your CSPs to enable success
• Types of tools best suited for multi-cloud

Get a Handle on Multi-Cloud Management

Join us for this live Q&A where our panel of experts will answer all of your questions about CC before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training options and more to help you build confidence so you’re ready on exam day.

You’ll learn about: 

• Career opportunities in cybersecurity 
• Why vendor-neutral certification is in demand
• What training tools are available
• What to expect on exam day 
• And much more

SAVE YOUR SPOT NOW.

CC EXAM READY: Ask the Experts Before You Sit

"You can't protect what you can't see" and "it takes a village" are familiar expressions within security and risk teams. Visibility and policy enforcement are fundamental pillars in cybersecurity and critical components within a holistic API security strategy. But the existing landscape complicates those efforts.  Why? 

Architecture is becoming de-centralized and distributed, transforming apps into a digital fabric of business logic interconnected by APIs. Yet the enterprise catalog continues to be powered by a mix of legacy and modern apps across data centers, clouds, and at the edge. This hybrid, multi-cloud digital world introduces major risks driven by third-party integrations, inconsistent security controls across cloud providers, and continuous code updates across complex software supply chains and CI/CD pipelines.
  
So how can you secure APIs in this modern digital fabric? Well, it takes a village.
  
Join this webinar March 9, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific to hear:
• The challenges of API security in a hybrid, multi-cloud digital world 
• How to get a handle on API and tool sprawl 
• Insights on trends and solutions for API security

API Security Best Practices in the Hybrid, Multi-Cloud Digital World

Join us for this live Q&A where our panel of experts will answer all of your questions about SSCP before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training options and more to help you build confidence so you’re ready on exam day. 

You’ll learn: 
• How SSCP proves your knowledge, skills and experience as an ISO-accredited certification 
• Why vendor-neutral certification is in demand 
• What training tools are available 
• And much more 

SAVE YOUR SPOT NOW.

SSCP EXAM READY: Ask the Experts Before You Sit

The Domain Name System (DNS) is essentially the central nervous system of the internet—everyone needs it to work because without DNS services, digital business could come to a halt. Cybercriminals know this too, and exploit DNS services to launch their attacks while simultaneously attacking the DNS services of their targets.

Therefore, it’s not only important to protect your organization’s DNS service, but also to use the data available from DNS services to more rapidly detect and surgically block threat activity such as phishing, DNS tunneling-based data exfiltration, and ransomware.

On March 2, 2023 join Infoblox and ISC2 at 1:00 p.m. Eastern/10:00 a.m. Pacific to hear best practices for an effective DNS security architecture.

A DNS Security Architecture as SecOps Force Multiplier

The speed of application development has increased exponentially in recent years, in line with a dramatic acceleration of digital transformation across all industries. In a recently published application security report by AppDynamics, organizations in all sectors reported feeling more exposed to security threats, including lack of visibility while prioritizing speed of application development & keeping pace with the evolving threat landscape. A few key findings from the research include:
 
• 93% of technologists believe that it’s important to be able to contextualize security so that they can correlate risk in relation to other key areas such as application performance, end user experience, and business metrics, and in doing so prioritize vulnerability fixes based on potential business impact. 
• 89% of technologists report that their organization has experienced an expansion in its attack surfaces over the last two years.
• 58% of respondents admitted that their organization often ends up in ‘security limbo’ because they don’t know what to prioritize.
 
IT teams are battling to stay ahead of an ever-expanding attack surface. However, current efforts to bolster application security are being hampered by information and activity silos. This means application and security teams lack the visibility and tools required to work together to address new risks. The potential implications of this are profound. Is your organization exposed to catastrophic service disruption which could damage customer experience, destroy brand credibility and shrink revenues and market share?


Join AppDynamics and ISC2 February 28, 2023 at 1:00 pm Eastern/10:00 a.m. Pacific for a discussion surrounding the importance of developing a security centric approach for the full application stack throughout the lifecycle from development to production and breaking down silos between IT operations & security teams.

Security Essentials for Modern Application Stacks

Is your security team being hindered by a lack of visibility into security issues across development environments, lack of context to effectively prioritize and remediate security issues, and a scant forensic trail  to investigate issues when they occur? 
  
As development processes evolve in a cloud-first world, it’s clear that traditional security tools and processes are no longer sufficient to secure software supply chains and provide secure application delivery. Organizations must change their AppSec approach or risk getting caught in an accelerating cycle of vulnerabilities and threats. 
  
On February 23, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific join Legit Security and ISC2 to learn: 
 
• Why traditional AppSec is insufficient to secure modern, cloud-first development 
• How CISOs and security teams can work better with their development counterparts to enable secure application delivery 
• How to collect data and context to effectively drive security accountability across both Dev and AppSec teams 
• Real-world examples of companies that have successfully adopted a new AppSec approach

The Future of AppSec: Adopting a Modern Approach for a Cloud-First World

API security has been gaining a lot of attention in recent years due to the move of modern applications to cloud-native environments and microservice-based architectures. Securing the APIs that underpin these architectures can be a challenge for security teams due to their ever-changing nature and the lack of visibility in existing web security solutions. APIs are sprawling across your organization and increasing risk.
 
You cannot protect what you don’t know.
 
Join Prisma Cloud/Palo Alto and (ISC)2 February 21, 2023 at 1:00 p.m. Eastern, 10:00 a.m. Pacific as they discuss best practices all organizations should adopt to secure APIs. Get actionable insight into discovering and cataloging APIs, understanding attack surface, to applying protection and evaluating your security posture. A live simulation to follow. Take your API security to the next level.

API Security 101: Best Practices for Securing APIs

There’s no denying it; malicious data breaches are accelerating. Our personal and payment card data is for sale on black market card shops.  We all know that compliance to security and privacy regulations, such as PCI and HIPAA, is more important than ever before. But, many breached organizations ARE compliant. In today’s environment, there are no guarantees: compliance does not equal security.  Insiders, malware, and other threats exploit the gaps.  Join (ISC)2, Voltage Security and Booz Allen Hamilton on July 24, 2014 at 1:00PM Eastern to find out how you can close the gaps between compliance and security within your organization.

Briefings Part 2: PCI, HIPAA & More -  Closing the Compliance & Security Gap

(ISC)2;

Compliance

HIPAA

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Health IT

The research and development community on BrightTALK brings together leading professionals in healthcare, technology and manufacturing to present on current topics in their fields. From big data in healthcare to online forensics training and medical research practices, the community is an exceptional resource for those looking to expand their knowledge. Be part of the conversation by joining the community and participating in interactive live webinars.

Briefings Part 2: PCI, HIPAA & More - Closing the Compliance & Security Gap

Presented by

About this talk

More from this channel