Name: CA Briefings Part 4: Step 3: Secure and Simplify Cloud Access
Start: 2016-12-08T18:00:00Z
End: 2016-12-08T18:59:10.000Z
Location: BrightTALK
Rating: 4.14

(ISC)² Security Briefings brings attendees both stand alone webcasts and multi-part series on cutting edge infosecurity topics that gets deeper into the subject matter and technologies presented by subject matter experts.

Cybersecurity professionals have endured many challenges this year, including record-setting ransomware attacks, expanded attack surfaces, and shortages of skilled IT security personnel. However, we’ve seen security budgets rebound, increased reliance on cloud security deployments, and increased adoption of promising security technologies, such as zero trust network access (ZTNA), API security, and network/endpoint deception.

So, what does next year have in store for the cybersecurity industry? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he shares his top five cybersecurity predictions for 2023.

Top Five Cybersecurity Predictions for 2023

Many professions value and leverage pattern recognition and informed judgment based on limited information. While this is a huge strength for our employees, managers and practitioners, it could also lead to unconscious biases in our decisions making when it comes to day-to-day issues like hiring, mentoring, promoting, staffing, developing people, and engaging with clients. 

On October 24th at 1:00 p.m. Eastern/10:00 a.m. Pacific Cyversity and (ISC)² discuss Managing Bias, as part 3 of this 3-part Unconscious Bias Series. This webinar will share an engaging mix of insights, exercises, illustrations, activities, polls, and videos, will enable participants to understand their unconscious biases in a constructive manner to help obtain the highest level of inclusiveness and performance.

Unconscious Bias Series (Part 3): Managing Bias

Recruiting and retaining qualified IT security talent has never been more challenging. Seven in eight organizations are experiencing a shortfall, according to CyberEdge’s 2022 Cyberthreat Defense Report. This weighs heavily on the minds of IT security managers as ‘lack of skilled personnel’ is consistently rated as one of the top inhibitors to successfully defending networks against cyberthreats. So, what can smart security organizations do to mitigate the effects of this talent shortage? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he:

- Examines the shortage of IT security personnel by job role
- Proposes creative ways for recruiting new security talent
- Suggests clever ways for retaining the talent you already have
- Identifies technologies and services that enable security teams to do more with less

Strategies for Recruiting and Retaining Top IT Security Talent

Many professions value and leverage pattern recognition and informed judgment based on limited information. While this is a huge strength for our employees, managers and practitioners, it could also lead to unconscious biases in our decisions making when it comes to day-to-day issues like hiring, mentoring, promoting, staffing, developing people, and engaging with clients. 

On September 21, 2022 at 1:00p.m. Eastern/10:00 a.m Pacific, Cyversity and (ISC)² present part 2 of this 3-part Unconscious Bias Series.  this webinar will share an engaging mix of insights, exercises, illustrations, activities, polls, and videos, will enable participants to identify their unconscious biases. Session participants will leave with specific understanding of the various types of biases we all have and how to diagnose them.

Unconscious Bias Series (Part 2): Identifying Bias

Vulnerability management has been a staple of security teams for decades. But if you haven’t noticed, this space has evolved considerably over the last half decade. Long gone are the days of lengthy, hard-to-digest vulnerability scanning reports often created to check the PCI compliance checkbox. These days, smart IT security teams are investing in risk-based vulnerability management (RBVM) technologies and best practices to help prioritize which vulnerabilities to remediate first based on a variety of internal and external factors. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he:

 - Recaps the evolution from VA, to VM, to RBVM
 - Defines key elements of modern-day RBVM solutions
 - Reviews internal and external factors to help prioritize vulnerability remediation
 - Describes what to look for when evaluating best-of-breed RBVM offerings
 - Summarizes the extraordinary benefits derived from RBVM deployments

The Evolution of Risk-based Vulnerability Management

When entire workforces went remote in 2020 because of the global pandemic, organizations pivoted quickly to new business models by migrating apps and services to the cloud to enable the anywhere, everywhere workforce. Many business users are spending a majority of their workday in a browser which accesses unmanaged sites, too. These same digital enhancements, also ushered in widespread transformation that expanded attack surfaces and created new opportunities for cyber miscreants, giving rise to Highly Evasive Adaptive Threats (HEAT), which are used as entry points for initiating ransomware, data theft, and account takeovers.
 
During this insightful session taking place on Tuesday, August 30, 2022 at 1:00 p.m. Eastern / 10:00 a.m. Pacific, (ISC)² and Menlo Security will discuss why HEAT attacks are the next-class of browser-based attacks taking advantage of today’s remote and hybrid workforce.

The Reason Why Ransomware is Really HEATing Up

72% of enterprises are actively prioritizing zero trust. Unfortunately, many companies still rely on traditional castle-and-moat network infrastructure. Deploying zero trust with legacy parts is a daunting task. The cloud-first world requires a fundamentally different approach to zero trust which is decoupled from the underlying network, allowing a direct, fast, and secure connection from users to applications regardless of location.

Join us for this live replay session as Zscaler and (ISC)² discuss:
- Identifying clear signs that your firewalls are unfit for zero trust
- Making your case to break free from legacy approaches and adopt zero trust
- Learning how Zscaler Cloud-gen firewall can help you get there faster

Why Legacy Network Firewalls Are Unfit To Deliver Zero Trust Security

“How can we implement a zero trust strategy?” is a question asked by nearly every security team that wants to avoid increasing their attack surface and being the victim of a high-profile breach. A zero trust strategy is rooted in the principle of “never trust, always verify” — which minimizes risk by securing sensitive data, systems, and services. However, all too often security teams discover that they don't have the visibility they need to do this. The first step to implementing a zero trust strategy and achieving exceptional security hygiene? Building and maintaining an inventory of your critical assets.

Please join Axonius and (ISC)² on August 23 at 1:00pm Eastern as we share how teams can approach zero trust principles and how keeping an asset inventory can help answer the toughest zero trust questions:
What device is trying to access corporate assets?
What vulnerabilities exist on my applications and services?
Which users have access to critical resources?
Is my zero trust application managed or unmanaged?

The First Step to Zero Trust: Cybersecurity Asset Management

No doubt, you’ve seen it, the threat landscape is evolving year over year.  How do you fine tune your defenses against an ever-changing adversary?

On August 18, 2022 at 1:00 p.m. Eastern/10:00 a.m. Pacific join F5 Labs and (ISC)²
for a multifaceted analysis of the application security threat landscape based on F5 Labs’ 2022 Application Protection Report. The report analyzes nearly 1,000 data breaches from 2021, focusing on three specific threats: ransomware, which played a role in nearly half of the successful attacks in 2021; formjacking attacks like Magecart; and data exfiltration, which was featured in nearly 80% of breaches. 

 F5 Labs and will share additional perspectives of the threat landscape, with a look at cloud risks, cryptocurrency theft, and some case studies about well-resourced attackers. The session will conclude with recommended best practices using prioritization methods for different scenarios.

2022 Application Protection Report: Data Breaches, Cloud Incidents, & APTs

More than seven in 10 organizations were victimized by successful ransomware attacks last year. These days, it’s more of a question of “when” than “if” your organization will be next. Are you ready? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews the latest ransomware statistics from the 2022 Cyberthreat Defense Report and describes what it takes to be prepared for the inevitable. Specifically, Steve will:

- Examine disturbing ransomware trends, by country and by industry
- Evaluate key factors that go into deciding whether to pay ransoms
- Outline ways to be prepared for a successful ransomware attack
- Review technologies to help give security teams the upper hand

Ransomware Deep Dive: Preparing for the Inevitable

As organizations move more workloads to the cloud, security teams need to adapt their workflows to keep up.  On August 11, 2022 at 1:00 p.m. Eastern/10:00 a.m. Pacific IANS and (ISC)2 discuss:
• Best practices for securing containers, serverless and SaaS/PaaS/IaaS applications
• How best to insert security into the software development life-cycle
• How to ensure every app in production is as secure as it can be

Securing Modern Applications: Serverless, Containers and Cloud

It feels like we hear about a new devastating cyberattack in the news every day. And attack methods seem to be proliferating at an exponential rate. So, which tactics should you be aware of beyond standard “click and infect” attack vectors?
 
Join Roger Grimes KnowBe4's Data-Driven Defense Evangelist and popular cybersecurity author for this eye-opening webinar. He will share his take on several significant, advanced, and yes, crazy cyberattacks he’s seen in the wild. Plus, he’ll share defensive strategies you’ll want to implement to prevent them from affecting your network.
 
You’ll see examples of some amazing hacks showing how:
 
Your users’ passwords can be cracked in mere minutes
Cybercriminals easily bypass Multi-Factor Authentication
Automated malware can devastate your network
Hackers can completely take over your network with a few simple steps
And more!
 
Find out what you can do to mitigate these advanced hacking techniques instead of becoming the next unknowing victim.

Craziest Cyberattacks Seen In the Wild and How You Can Avoid Them

This session will focus on methods for security teams to better monitor and secure hybrid cloud environments while logging compliance data. Learn best practices to analyze, prioritize, and investigate security alerts within cloud resources faster and more accurately through a variety of cloud-agnostic security strategies while reducing downtime and security incidents. 

On July 28, 2022 at 1:00 p.m. Eastern/10:00 am. Pacific Sumo Logic and (ISC)² will:

• Discuss business motivations for cloud migration.
• Identify common challenges while monitoring applications throughout the migration.
• Explore solutions for typical security operations constraints during the migration.

Securing Your Cloud Migration

Having a strongly aligned and integrated ecosystem of cyber tech and tools is required to protect and preserve the business in today’s digital infrastructures.  Over the last several years, more and more traffic has migrated from plaintext protocols to encrypted protocols.  While this provides better privacy and security, it also makes it more difficult to troubleshoot this traffic when problems inevitably arise.  Although security and network monitoring tools can still analyze some encrypted traffic without decryption, lots of details cannot be analyzed adequately.  

This session, sponsored by Netscout and hosted by (ISC)² on July 26, 2022 at 1:00 p.m. Eastern/10:00 a.m. Pacific, will show how integrating decryption with NDR solutions can provide an even more robust monitoring experience.  To further the dialogue regarding a healthy cybersecurity solution ecosystem, this session will also explore the critical aspects to integrating NDR with EDR, SIEM and SOAR technologies.

Stop Threats Earlier by Integrating NDR and Other Cybersecurity Solutions

“SMS-based phishing attempts doubled in the U.S. year over year”-- that is just one key finding in Proofpoint’s 2022 Human Factor Threat Report.  

The report is the culmination of a year’s worth of threat research and insights drawn from more than 5 billion email messages, 35 billion URLs, 200 million attachments, 35 million cloud accounts and 1.7 billion suspicious SMS messages. It reveals surprising trends and offers actionable insight that sheds light on the nature of today’s cyber threats. 
 
Join us July 21, 2022 at 1:00 p.m. Eastern/10:00 a.m. Pacific as Proofpoint and (ISC)²  take a deep dive into: 
• The developing relationship between cyber-criminal groups and what it means for the rest of us 
• How the most critical variable, people, can help mitigate attacks and manage privilege 
• The threats detected, mitigated and resolved during 2021 and our deployments

Use a People-Centric Defense to Build Resilience to Today's Cyber Threats

With the current push for digital business transformation, organizations are increasingly dependent on external parties, increasing their vulnerability to vendor cyber risk. Because many vendor risk management programs are developed as tactical responses to ensure compliance with a growing list of data privacy and cybersecurity regulations, they often result in labor-intensive and inefficient processes that deliver marginal value.
 
Industry best practices for effective Third-Party Cyber Risk Management can improve your program and may provide cyber defense for your third parties.

In this webinar, July 20, 2022 at 1:00 p.m. Eastern/10:00 a.m. Pacific, BlueVoyant and (ISC)²  will discuss:
• Industry recognized best practices for an effective TPRM program
• How to transform your TPRM program with continuous monitoring and active risk identification and mitigation
• Ways to solve your toughest TPRM challenges

Accelerate Your Third-Party Risk Management (TPRM) Program

Ransomware continues to hit organizations of all sizes, and with the latest iterations, a more holistic approach is warranted.  On July 14, 2022 at 1:00 p.m Eastern/10:00 a.m. Pacific join IANS and (ISC)² to learn ways to improve overall resilience, including:
• Unpacking different backup strategies (offline, immutable storage, data-only) and the advantages and drawbacks of each
• How to use multiple methods (e.g., DLP, app-native auditing, etc.) to monitor and alert on data theft
• Ways to minimize attacker lateral movement

Ransomware Resilience: Build a Holistic Data Protection Strategy

72% of enterprises are actively prioritizing zero trust. Unfortunately, many companies still rely on traditional castle-and-moat network infrastructure. Deploying zero trust with legacy parts is a daunting task. The cloud-first world requires a fundamentally different approach to zero trust which is decoupled from the underlying network, allowing a direct, fast, and secure connection from users to applications regardless of location.

Join us July 12, 2022 at 1:00 p.m., Eastern/10:00 a.m. Pacific when Zscaler and (ISC)² 's webinar session will discuss:
- Identifying clear signs that your firewalls are unfit for zero trust
- Making your case to break free from legacy approaches and adopt zero trust
- Learning how Zscaler Cloud-gen firewall can help you get there faster

The steps for strengthening your enterprise and increasing customer engagement has seen the rise of cloud adoption and a "bring your own app" trend in the workplace which continues to grow. IT and security leaders are hard pressed to keep up with the demands of a seamless user experience while protecting user identities across the cloud environment. On December 8, 2016 at 1:00PM Eastern, CA Technologies and (ISC)2 will examine how to leverage identity-as-a-service to secure access to cloud applications - including provisioning, onboarding and deployment, deliver a seamless user experience without compromising security and how to keep up with the pace of cloud adoption.

CA Briefings Part 4: Step 3: Secure and Simplify Cloud Access

(ISC)2

Infosecurity

Cloud

Security

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Health IT

The research and development community on BrightTALK brings together leading professionals in healthcare, technology and manufacturing to present on current topics in their fields. From big data in healthcare to online forensics training and medical research practices, the community is an exceptional resource for those looking to expand their knowledge. Be part of the conversation by joining the community and participating in interactive live webinars.

CA Briefings Part 4: Step 3: Secure and Simplify Cloud Access

Presented by

About this talk

More from this channel