Hi [[ session.user.profile.firstName ]]

Securing Privilege Accounts: A new approach to Stopping Advanced Attacks

Research has shown that organisations typically have 3-4 times as many privileged accounts as employees. What all of these accounts have in common is that they act as a gateway to an organisation's most sensitive data. Unfortunately, the management and monitoring of privileged accounts is not a key priority in many organisations due to their other seemingly more critical aspects of running an organisation.

Join CyberArk and (ISC)2 on Thursday, Nov 26, 2015 at 2:00PM (GMT+8) as Mr Z. H. Tan will deconstruct recent attacks to demonstrate how the commonly traveled "privileged pathway" is a fast pass to your organisation's most sensitive data or operations, whether on-premise or in the cloud. Traditionally thought of as a vulnerability for insider-based attacks only, privileged accounts are increasingly being used by cyber attackers to perpetrate some of the most devastating advanced attacks.
Recorded Nov 26 2015 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Zhihao Tan, Regional Professional Services Manager - ASEAN, CyberArk; Chau Wei Hoo, CISSP, Technical Advisor, APAC, (ISC)2
Presentation preview: Securing Privilege Accounts: A new approach to Stopping Advanced Attacks

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • CA Briefings Part I: Privileged Access Management in a DevOps environment Dec 7 2017 6:00 pm UTC 60 mins
    Access to and within DevOps environments have proliferated over the past few years, with both users and scripts (with embedded credentials). This privileged identity sprawl poses significant risks that need to be addressed.Join CA Technologies and (ISC)2 on December 7, 2017 at 1:00PM Eastern. In this session, we'll look at the technology and approach that CA takes to secure such environments.
  • Security Briefings Part 3: Compliance Checkup - HIPAA & the Cloud Nov 2 2017 5:00 pm UTC 75 mins
    Salim Hafid, Product Marketing Manager, Bitglass; Brandon Dunlap, Brightfly
    Organizations in the healthcare industry handle data more sensitive (and valuable) than that of companies in perhaps any other sector. Because of this, those organizations need to demonstrate a heightened standard of data security and privacy. To ensure this, the U.S. has enacted the Health Insurance Portability and Accountability Act of 1996 (HIPAA). While use of the cloud affords organizations greater efficiency, it also complicates issues of security and regulatory compliance. But the good news is that solutions that enable cloud and security are available. Join Bitglass and (ISC)2 on November 2, 2017 at 1:00PM Eastern to learn about the requirements of HIPAA and the specific security capabilities that healthcare firms need in order to meet compliance requirements.
  • Briefing On Demand Part 1 - Rethinking Security for Hybrid Environments Recorded: Oct 17 2017 58 mins
    Bo Kim, Sr. Director of Information Security, Imperva; Brandon Dunlap (Moderator)
    As more workloads are moved to cloud infrastructure, unique security challenges arise. Join Imperva and (ISC)2 for this webinar where we'll discuss some of the tradeoffs for on-prem and cloud app security, strategies for approaching security in hybrid environments, and the importance of flexible deployment models.
  • Security Briefings Part 2: Compliance Checkup - GLBA & the Cloud Recorded: Oct 5 2017 60 mins
    Jacob Serpa, Product Marketing Manager, Bitglass; Brandon Dunlap (Moderator)
    Financial services firms face a unique set of challenges. Not only do they store large amounts of sensitive personal data, but they also face heavier regulations than many other verticals. In particular, these organizations must reach compliance with regulations like the Gramm-Leach-Bliley Act (GLBA). As cloud adoption continues to spread within the industry, financial firms must be particularly focused on achieving cybersecurity in ways that ensures compliance. Join Bitglass and (ISC)2 on October 5, 2017 at 1:00PM Eastern as we discuss the different aspects of GLBA that financial services organizations need to know and how different tools that can help with compliance.
  • Security Briefings Part 1: GDPR - Using Technology for Compliance Recorded: Aug 31 2017 63 mins
    Jacob Serpa, Product Marketing Manager, Bitglass; Brandon Dunlap, Moderator
    The General Data Protection Regulation (GDPR) is designed to ensure the privacy and security of European citizens’ personal data. The regulation takes a comprehensive approach to guaranteeing that organizations protect personal data completely and consistently as it is collected, stored, and used. As GDPR comes into effect May 2018, organizations are scrambling to reach compliance with its many requirements - particularly as they relate to the cloud. Fortunately, there are technology solutions that can address a breadth of GDPR-related concerns. Join Bitglass and (ISC)2 on August 31, 2017 at 1:00PM Eastern for the first in a three part Security Briefings series where we will discuss how the components of a cloud access security broker (CASB) can help organizations meet the regulation’s various requirements.
  • Prepping for May 2018: A Guide to Complying with GDPR’s Data Security Regs Recorded: Aug 28 2017 62 mins
    Alexander Hanway, Product Marketing Mgr, Encryption, Gemalto; Brandon Dunlap (Moderator)
    With less than a year to go before it takes effect, GDPR is everywhere in security and privacy news. Much of that coverage treats GDPR at a high-level, addressing topics such as implementation timeline, potential fines and catchy articles like the ‘right to be forgotten’. While important, these topics just scratch the surface of a mandate that is so broad in scope it affects everything from corporate governance to consent rights. Those that fall under GDPR’s scope, find it can be daunting to know where to start and what is really of concern. And, with so much high-level information out there, administrators and compliance teams may find it hard to get the more detailed guidance they need to map their path forward. We aim to fix that.

    This webcast will examine the privacy legislations’ security mandates, the core themes that span articles, and offer constructive, practical ways to comply using encryption and key management. Right now, organizations are spread widely across the readiness spectrum from basic awareness to the advanced stages of meeting their compliance obligations. Wherever you are on your compliance journey, we’ll help you understand GDPR’s security themes as they relate to you, and we’ll lay out solutions to put you in full control of your data and your compliance destiny.

    Join us to learn more about how encryption and key management can get you ready for May 2018 when GDPR takes effect.
  • Part 3: Future of SIEM—Remediate Malware & Spear Phishing w/Automated Playbooks Recorded: Aug 3 2017 59 mins
    Barry Shteiman, Director of Research and Innovation, Exabeam; Brandon Dunlap (Moderator)
    It’s not uncommon for security teams to see upwards of 17,000 malware alerts per week and only investigate a third of them. Each incident detected requires investigation and eventually remediation before it can be laid to rest. Unfortunately, the security talent capable of performing these tasks is scarce, which leaves most security operations teams spread thin, a symptom of sparse coverage compounded by the drain of low fidelity security alerts and false positives. Join Exabeam and (ISC)² on August 3, 2017 at 1:00PM Eastern to learn how SIEM technologies must evolve to include automated playbooks and orchestration for common attacks such as malware and spear-phishing.
  • Part 2: Future of SIEM—Sniff Out Malware & Spear-Phishing w/Behavioral Analytics Recorded: Jun 29 2017 50 mins
    Orion Cassetto, Sr. Product Marketing Manager, Exabeam. Anne Saita (Moderator)
    Malware and spear-phishing continue to cause the most headaches for IT security teams. Over the years, attackers have become more sophisticated and SIEM systems have failed to keep up. Key indicators of emerging threats include lateral movement, where the attacker silently attempts to access multiple servers on the network, and account management, where the attacker escalates privilege or creates new privileged accounts. Detection of advanced threats like these require real time analytics and the ability to find signals within the very noisy security environment. Join Exabeam and (ISC)² on June 29, 2017 at 1:00PM Eastern to learn how user behavior analytics automatically analyzes and scores activity for escalated risk allowing for quick attack detection.
  • Data Security Briefings Part 2: Securing Innovation - Big Data, Cloud and IoT Recorded: Jun 6 2017 59 mins
    Reiner Kappenberger, Product Management Director, HPE; Brandon Dunlap, Moderator
    Big data, Hadoop, Cloud and Internet of Things (IoT), promise to revolutionize the business of governments and enterprises alike. But they not only create opportunity, but also more data flows to be attacked and surface area for attacks, including more devices, connections, and networks. Government and enterprises must protect the data that flows across new initiatives and innovations while preserving business processes and protecting business-critical legacy systems. This presentation will cover how data-centric security and Format-Preserving Encryption can enable safe innovation and business transformation. Come along with HPE and (ISC)2 as we explore Big Data, Cloud and IoT.
  • Data Security Briefings Part 3: Protecting Sensitive Data-at-Rest Recorded: Jun 2 2017 38 mins
    Sheryl Wharff, Global Product Marketing Manager, HPE; Brandon Dunlap, Moderator
    In the final part of this Security Briefings series, we’ll examine why protecting data-at-rest is so important. We’ll discuss problems of the “perform storm”, what analysts have concluded, and discuss how Enterprise Secure Key Manager technology helps protect data, eliminate risk, and reduce your operational and capital costs.
  • Part 1: Future of SIEM–Why Static Correlation Fails Insider Threat Detection Recorded: Jun 1 2017 60 mins
    Rick Caccia, CMO, Exabeam; Brandon Dunlap (Moderator)
    Hackers stealing credentials and operating in your corporate network…disgruntled employees collecting customer lists and design materials for a competitor…malware sending identity information back to random domains…these common threats have been with us for years and are only getting worse. Most organizations have invested large amounts in security intelligence, yet these solutions have fallen short. Simply put, security intelligence and management, in the form of legacy SIEM technologies, has failed to keep up with complex threats. Join Exabeam and (ISC)² on June 1, 2017 at 1:00PM Eastern to gain a better understanding of why static correlation rules are no longer a match for today’s threats.
  • Briefings On Demand: Getting it Right - Security & the Internet of Things Recorded: May 24 2017 58 mins
    Dave Madden – Sr Director of Business Development & Brandon Dunlap
    The Internet of Things (IoT) is the interconnection of uniquely identifiable embedded computing devices within the existing Internet infrastructure. However, securing it can be difficult. Join Gemalto and (ISC)2 for a discussion on the Internet of Things and how it will play a role in your future and what changes will be happening in security.
  • Briefing On Demand - Authentication in Healthcare - Six Ways to Improve Security Recorded: May 22 2017 58 mins
    Mor Ahuvia, Product Marketing Mgr, Authentication; Brandon Dunlap, Moderator
    Healthcare organizations are entrusted with securing sensitive patient records, which also happen to be high-worth targets for hackers and fraudsters. Suffering the highest cost per-breached-record across industries, the healthcare sector also contends with maintaining compliance with mandates such as HIPAA, EPCS, eIDAS, and HITECH (aka EHR Incentive programs). How can strong authentication help comply with these mandates, and what use cases does it address?
    Join Gemalto and (ISC)2 to learn:
    · Why electronic healthcare records are a prime target for both compliance fines and fraudsters
    · How do healthcare organizations comply with mandates such as HIPAA, HITECH, EPCS and eIDAS?
    · Who in the healthcare business chain has to comply with these mandates?
    · Six strong authentication use cases for improving security and compliance in healthcare organizations and their business associates
  • Dark Web AI is bringing Dark Web Intelligence to your desktop Recorded: May 18 2017 60 mins
    Ross Everett and Larry Lafferty
    Come join a discussion with two industry leaders in the converging worlds of Dark Web Scanning and Artificial Intelligence. Learn how Intelligent agents can work from your desktop to scan the dark web for your stolen data.
  • Data Security Briefings Part 1: Neutralizing Data Breach and Insider Threat Recorded: May 11 2017 57 mins
    Terence Spies, CTO, HPE: Brandon Dunlap, Moderator
    Governments and enterprises are more challenged than ever to protect their most valuable data, from a citizen’s social security number to highly classified data. But endpoint or network security can’t stop attackers, and much less a malevolent insider. The solution lies in protecting the data itself. Recent NIST and FIPS validations make groundbreaking Format-Preserving Encryption (FPE) technology available to government and enterprises. FPE “de-identifies” sensitive data, rendering it useless to attackers, while maintaining its usability and referential integrity for data processes and applications, and easily layering protection into decades-old legacy systems. Join HPE and (ISC)2 for an exploration of this topic in the 1st part of a three part series.
  • Briefings Part 3: The Future of BYOD Security Recorded: May 4 2017 58 mins
    Amish Kohli, Solutions Engineer, Bitglass; Brandon Dunlap, Moderator
    Enabling secure BYOD has long been a challenge for IT. Attempts to secure these devices with agents and device management tools like MDM have been met with widespread employee concerns about privacy and usability, and as a result, organizations see low rates of adoption. Requiring that employees use these install these cumbersome device management tools or access data solely from managed devices are solutions fraught with issues. Employees need the flexibility to work from any device, anywhere. Join Bitglass and (ISC)2 for the 3rd part of our 3-part Briefings series on May 4, 2017 at 1:00PM Eastern where n this we discuss the trends driving growth in demand for BYOD, the drawbacks of MDM, and some of alternative solutions used to secure employee-owned devices without agents.
  • Security Briefings Part 2: Top 5 Cloud Security Threats Recorded: Apr 6 2017 59 mins
    Scott Boda, Solutions Engineer, Bitglass; (ISC)2; Brandon Dunlap, Moderator
    Cloud apps offer several advantages over premises-based apps, from lower costs to easy deployment. In fact, 59% of organizations have already deployed apps like Office 365, Box, and Salesforce. As data moves to the cloud, security is of utmost importance. On April 6, 2017 at 1:00PM Eastern, join Bitglass and (ISC)2 for Part 2 of our Briefings series where we will discuss security threats such as external sharing, compromised credentials, lost/stolen devices and how you can best mitigate these threats. Learn how Cloud Access Security Brokers (CASBs) can provide end-to-end data protection, in the cloud and on any device.
  • Building Your New York State Financial Services Cyber Compliance Plan Recorded: Apr 6 2017 48 mins
    David Kim. ITPG Secure Compliance: Principal Consultant, Governance Risk and Compliance
    The most critical first steps for mid-size banks, financial and insurance firms
  • CA Briefings Part 6: Step 4: Governance and Tying it all Together Recorded: Mar 21 2017 60 mins
    John Hawley, VP Security Strategy, CA Technologies; Brandon Dunlap (Moderator)
    Controlling the access of all users, especially privileged ones, is essential not only for risk reduction but also for easier compliance. But, controlling access isn't enough. Organizations need to govern all user access to ensure that no user has more access than they need, and that segregation of duties policies are enforced. On March 21, 2017 at 1:00PM Eastern, CA Technologies and (ISC)2 will highlight the steps for strengthening the enterprise and increasing customer engagement as well as key aspects of effective identity governance, including for contractors and partners who might have access to your systems. Included in the discussion will be key capabilities and processes to help create leading-edge identity governance deployments that can improve the security of your critical data and simplify compliance audits.
  • Security Briefings Part 1: Cloud Apps and Protecting Against Malware Recorded: Mar 9 2017 59 mins
    Karthik Venna, Product Manager, Bitglass; Brandon Dunlap, Moderator
    Cloud applications have garnered widespread adoption from enterprises in part due to their advantages such as ease of deployment, lower TCO, and high scalability. These applications are also popular because end-users can rely on these applications to work and collaborate from anywhere and on any device. But should the enterprise trust cloud app providers to protect their data from malware and ransomware? Currently, there are only a handful of enterprise cloud applications that provide native malware protection which, in almost all the cases, does not include zero-day protection. Join Bitglass and (ISC)2 for the first part of our next Security Briefings series on March 9, 2017 at 1:00PM Eastern when we will discuss malware protection solutions offered by various cloud application providers, how malware can penetrate into cloud applications and how Cloud Access Security Brokers (CASB) can protect enterprise cloud applications from malware.
(ISC)2 Security Briefings - Deep dive in infosecurity topics
(ISC)2 Security Briefings brings attendees multi-part series on cutting edge infosecurity topics that gets deeper into the subject matter and technologies presented by subject matter experts.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Securing Privilege Accounts: A new approach to Stopping Advanced Attacks
  • Live at: Nov 26 2015 6:00 am
  • Presented by: Zhihao Tan, Regional Professional Services Manager - ASEAN, CyberArk; Chau Wei Hoo, CISSP, Technical Advisor, APAC, (ISC)2
  • From:
Your email has been sent.
or close