CA Briefings Part 4: Step 3: Secure and Simplify Cloud Access

With the move to cloud and the multitude of approaches, your ability to effectively monitor and secure workloads gets even more difficult. IT complexity, the rate of change, lack of skills, and organizational silos have made confidently managing security and performance nearly impossible. Visibility is critical. Join Gigamon and (ISC)2 on February 25, 2021 at 1:00pm Eastern for a discussion of the security considerations for on-prem private, public and hybrid clouds. You’ll learn best practices and see how a little planning and design can go a long way. Achieve a secure and viable hybrid cloud implementation and get a high return on your investment. Join our session to learn how.

SecOps teams struggle to quickly gather useful, accurate and up-to-date asset date to inform investigations. It’s important to correlate datea from multiple sources to understand the intersection of connected devices, cloud instances, user and security controls. Ultimately SecOps teams care most about alerts and investigations, but some of the most basic asset data challenges make getting context a massive pain. Join Axonius and (ISC)2 on February 18, 2021 at 1:00PM Eastern as we look at asset management and its impact for security operations.

Security cannot be done in a silo. The extent and nature of data shared across lines of business functions, both internally and externally, fuels instances of system and organizational vulnerabilities. GRC must transcend the traditional lines of defense, specifically risk managers and audit professionals. In this webinar, we’ll discuss roles and responsibilities of effective risk management practices. What can businesses do to better align key stakeholders? How can businesses incorporate Security by Design process and practices and where can technology support with structured data sets and automation? We’ll look at:

· Aligning organizational goals, and department objectives to translate risk into business impacts.   
· Automating GRC touchpoints into your line of business functions  
· Integrating Audit to document and support continuous improvement initiatives

The increasing convergence of information technology (IT) and operational technology (OT) in ICS environments creates significant challenges from a security perspective. Attacks originating in the inbox can now more easily disrupt processes on the factory floor. Further, many organizations are unaware of the extent of IT/OT convergence in their own ecosystems. Join Darktrace and (ISC)2 on February 9, 2021 at 1:00pm Eastern as we look at how Darktrace’s Industrial Immune System helps organizations tackle these challenges by providing a unified view of IT and OT networks. The self-learning AI detects threats throughout the ecosystem and the AI analyst also automates the investigation process in both IT and OT-specific contexts in order to augment human teams. The session will also include a discussion on how the system defended against a Serpent ransomware infection in real time.

In this session from our recent Security Congress event, you hear stories of CrowdStrike incident response engagements and how they have changed the model for how companies respond to a breach. Learn the methods CrowdStrike uses to disrupt and ultimately remove bad actors from networks.

Passwords are easily the most irritable thing for securing your digital identity. Be it workforce or consumers, everybody gets bogged down with the task of remembering passwords for multiple websites and applications. They are also the weakest form of security, often hacked by cybercriminals. With the advent of biometrics and their widespread reach (thanks to smartphones), passwordless access became a reality with mobile push authentication. As biometrics are unique to every individual, it is a pretty secure way to access applications and authorize transactions. Passwordless techniques were further modified with the introduction of physical keys (USB devices). But the foremost approach to passwordless access is credential based authentication which works on the principal of securing both your device and identity. Join us for a session where we will talk about all things passwordless. We’ll examine:

· How security paradigms changed with COVID-19 ?
· Why is the world moving towards passwordless ?
· Different types of Passwordless solutions offered by Entrust Identity
· How to secure your workforce with Entrust Identity's high assurance passwordless solution

Among rapidly evolving global challenges, the escalation of nation-state attacks is making cyber-attacks exponentially more dangerous and harder to identify. Mounted at speed and scale and backed by thorough resources, nation-state cyber-attacks often do damage under great stealth, steal sensitive data, and have even resulted in manipulation and distortion of information. In the face of sophisticated nation-state attacks, organizations are turning to Cyber AI, which detects the subtle signs of targeted, unknown attacks at an early stage, without relying on prior knowledge. Join Darktrace and (ISC)2 on January 26, 2021 at 1:00PM Eastern as we examine:

· Paradigm shifts in the tide of nation-state cyber threat landscape

· How Cyber AI singularly detects never before seen threats

· Real-world examples of nation-state campaigns stopped with Cyber AI

Organizations around the world have transitioned to working from home in past months, and this transition has challenged advanced security models and user behaviors in a COVID-19 world. A significant number of users discovered that poor technology and/or infrastructure was the biggest barrier to effective remote working.

As we speed towards the new normal of hybrid workplaces, organizations are reviewing their business continuity plans and restoring productivity to pre-covid times. Cybercriminals are getting smarter; work from home has expanded the enterprise perimeter; and the digital ecosystem is growing rapidly including new cloud applications. A significant part of IT Security effort is to ensure appropriate infrastructure and tools for their employees as well as top of the line cyber hygiene controls. Therefore, companies need a cyber security strategy that is consistent and crosses their on-premises perimeter. “Never trust, always verify”, is the bedrock of Zero Trust. With a Zero Trust model, every request to access information/data must be authenticated, authorized, and encrypted before permission is granted. It is not a product but an enterprise cybersecurity plan to protect its resources. In this session the participants will learn about:

o Enterprise challenges in Zero Trust implementation

o How Zero Trust responds to different risk factors

o Ways to secure enterprise Hybrid environment

o How Entrust's high assurance IAM solution helps in achieving Zero Trust

2020 has accelerated digital transformation efforts across the board. Projects with multi-year timelines are being executed in a matter of months and, in some cases, weeks. Increasingly, people are being interviewed, hired, and onboarded without ever having an in-person meeting. Customers are transacting online in record numbers out of necessity, convenience, and even safety. This new normal introduces the challenge of securely verifying individual identities, especially when an in-person identity check is not feasible. Modern identity proofing keeps your workers and customers safe and protects your organization. In the first part of this series, join us to learn best practices to:

o Securely verify personal identities

o Limit user friction in the verification process

o Protect workforce and consumer identities

o Mitigate risk of identity fraud

Did you know that 1 in 4 companies are at risk for a major breach in the next 24 months? And with nearly half of alerts going uninvestigated at organizations around the globe, it’s no wonder this risk is so high. Reducing your organization’s mean time to detection can minimize the impact of a breach, but without a focused detection capability giving you visibility, breaches can go undetected for months, by which time extensive damage has already been done. Join Cisco and (ISC)2 on January 21, 2021 at 1:00PM Eastern for a discussion to learn about the value of adding threat hunting to your breach defense. We will examine the differences between starting an internal threat hunting team versus acquiring services from a third party and how you can leverage a hybrid model to take a more proactive approach to breach prevention.

This session will lay out the technical blue print to achieve data protection success. Discover why Forcepoint is a 9x Gartner MQ Leader for DLP. Forcepoint Dynamic Data Protection can allow your organization to prioritize high-risk activity and automate policies to protect data in near real-time, providing the highest security & workforce productivity. During this final session to the Path to Smart Data Protection learn how Forcepoint can help your organization:

• Profile high-risk activity based on data incidents, data models and endpoint collector events
• Dynamically allocate individual risk scores based on a person’s behavior and the value of the data they access
• Apply automated controls to any interactions with sensitive data based on individual risk level.

During this session hear from a Forcepoint customer on why they chose Forcepoint as their Data Protection partner. Learn how a healthcare organization leveraged Forcepoint’s solution to span across multiple businesses, ingest and fingerprint data, support regulatory requirements, customize policies, implement across multiple domains, provide OCR and use a single pane of glass for policy configuration and enforcement.

What data does your organization process? What policies exist? Who are your internal stakeholders? What is your organizations risk tolerance? What compliance regulations apply to your organization? This session will walk dig into how to operationalize a successful data protection program from the basics to demonstrating effectiveness.

Data context is a core principle of SASE architecture and it requires visibility to data-at-rest and data-in-motion for data loss protection (DLP) policies and rules. Intersect these objectives with the overwhelming use of cloud apps freely adopted by business units and users, and you need cloud DLP. Legacy SWG solutions using ICAP for file-based DLP analysis are blind to cloud apps and the majority of data movement and use. While traditional cloud access security broker (CASB) deployments use API protection into several dozen managed cloud apps, it is the inline deployment that provides granular control for thousands of cloud apps in use, plus web traffic. Here are five areas to consider when updating your blueprint for data loss protection.

1. First, your users are in the cloud and are now working remote. Plus, the majority of your data now resides in the cloud with wide SaaS adoption, so your DLP needs to be in the cloud. SASE involves a single pass design for data and threat protection, meaning your cloud SWG requires strong DLP for cloud and web traffic.

2. Allow/block faces the same challenges for DLP, it needs to mature to ‘allow’ with granular policy controls for data protection. The cloud brings boundary crossings between company and personal instances, managed and unmanaged cloud apps, activity and context, plus app risk factors to recommend safer alternatives.

3. While inline cloud SWG provides the foundation for cloud DLP, the benefit of SASE architecture is using the same DLP policies and rules for data-at-rest in managed apps with CASB, public cloud environments with cloud security posture management (CSPM), plus securing private access with ZTNA.