Hi [[ session.user.profile.firstName ]]

CA Briefings Part 4: Step 3: Secure and Simplify Cloud Access

The steps for strengthening your enterprise and increasing customer engagement has seen the rise of cloud adoption and a "bring your own app" trend in the workplace which continues to grow. IT and security leaders are hard pressed to keep up with the demands of a seamless user experience while protecting user identities across the cloud environment. On December 8, 2016 at 1:00PM Eastern, CA Technologies and (ISC)2 will examine how to leverage identity-as-a-service to secure access to cloud applications - including provisioning, onboarding and deployment, deliver a seamless user experience without compromising security and how to keep up with the pace of cloud adoption.
Recorded Dec 8 2016 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Hadeel Dabbagh, Sr. Principal Product Mgr; Kathy Hickey, VP, Product Mgmt.; Brandon Dunlap (Moderator)
Presentation preview: CA Briefings Part 4: Step 3: Secure and Simplify Cloud Access

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Gigamon #2: Encrypted Things – Finding Threats in an Obscure World Recorded: Feb 13 2020 58 mins
    Ricardo Font, Product Marketing Manager, Gigamon ThreatINSIGHT; Brandon Dunlap, Moderator
    With the release of TLS 1.3 and the continued rise of external and internal encrypted traffic use, security teams are faced with the dilemma of finding threats within traffic streams that are increasingly obscured. Though many organizations decrypt and inspect traffic due to both security and regulatory concerns, there are many that are effectively blind to threats that are communicating via encrypted channels. However, the news is not all grim; join (ISC)² and Gigamon on February 13, 2020 at 1:00PM Eastern as we dive into discovery methodologies that can be used to detect threats within encrypted traffic without the need for decryption.

    Attendees will learn:
    • An overview of threat detection methodologies
    • Detection techniques that are encryption-agnostic
    • Detailed breakdowns of what can be learned from encrypted traffic
    • Best practice setups for use
  • Gigamon #1: Transport Layer Security (TLS) 1.3: A New Private World Recorded: Jan 28 2020 61 mins
    Ricardo Font, Product Marketing Manager, Gigamon ThreatINSIGHT; Brandon Dunlap, Moderator
    Network traffic encryption is the pillar on which the Internet, as we know it today, rests on. E-commerce, banking transactions, private and sensitive communications…all occur based on the implicit assumption that our communications are secured. However, ubiquity also means targetable, and Transport Layer Security (TLS) has undergone changes in an effort to stay ahead of the security game. Join (ISC)2 and Gigamon on Tuesday, January 28, 2020 at 1:00PM Eastern as we dive into TLS 1.3, the newest version of the TLS encryption protocol. Areas covered include an overview of statistics associated with encrypted traffic, what changes are introduced in TLS 1.3, and the advantages and challenges associated with them, implementation caveats and gotchas and best practice deployment strategies.
  • Using AI to Improve Detection, Prevention & Response Recorded: Jan 9 2020 62 mins
    Dave DeWalt; Scott Sawoya; Rich Thompson; Bob Slocum; Brandon Dunlap (Moderator)
    Legacy, signature-based AV isn’t working. It is ineffective in stopping ransomware and zero-day attacks and creates a burden on your staff between patching, updating, reimaging systems, and overall impact to endpoint performance. As former NSA Director Admiral Michael Rogers said, “Without Artificial Intelligence, Cyber ‘is a losing strategy.” AI is all around us, and everyone is claiming to use it, but not all AI is created equal. With 70% of all attacks beginning on the endpoint, with the right AI in place organizations can move to a prevention first approach to end point security. Join BlackBerry Cylance and (ISC)2 on Thursday, January 9, 2020 for our first Security Briefing of the year where we will discuss AI-tools that can provide powerful detection, prevention and response capabilities.
  • Netskope #3: Anatomy of a Cloud Data Breach Recorded: Dec 20 2019 63 mins
    Bob Gilbert, Chief Evangelist, Netskope; Brandon Dunlap, Moderator
    Cloud adoption is exploding with nearly 1,300 cloud apps in use in an average enterprise. From suites like Office 365 to collaboration tools like Slack, the cloud has enabled new levels of productivity resulting in enterprises gaining strategic advantages. Enterprises are not the only ones benefitting from cloud adoption. Bad actors are using the cloud to bypass legacy defense mechanisms and harvest credentials, deliver malicious payloads, and steal data. In this webcast, we’ll examine a few recent cloud data breaches and dissect how these breaches occurred and best practices to reduce the chance it will happen to your organization. We will dive into new attack scenarios that involve using the cloud to bypass traditional security tools, how the cloud-enabled kill chain forces a rethinking of how to defend against threats such as phishing and data exfiltration and 5 steps to protect against cloud threats.
  • Infoblox #3: Stop Attacks Faster - Using the MITRE ATT&CK Framework Recorded: Dec 12 2019 60 mins
    Mike Zuckerman, Consulting Product Maketing Manager, Infoblox; Brandon Dunlap, Moderator
    The MITRE ATT&CK Framework is a comprehensive, up-to-date knowledge base of cyberattacker tactics and techniques gathered from actual observation of attacker behavior. The framework can help anticipate what an attacker will do and how to respond. Join Infoblox and (ISC)2 on December 12, 2019 at 1:00PM Eastern for an examination of how the MITRE ATT&CK can help you make better, faster decisions about assessing risks, deploying new security controls and stopping attacks faster and more efficiently.
  • Netskope #1: A Blueprint for Designing a New Security Perimeter Recorded: Dec 10 2019 60 mins
    Bob Gilbert, Chief Evangelist, Netskope; Brandon Dunlap, Moderator
    Recent research shows that more than 85% of web traffic is comprised of cloud services. The rapid adoption of cloud and mobile is fundamentally changing network traffic patterns and the movement of data, rendering existing network and security models obsolete. This shift is resulting in enterprise security teams supplementing next-gen firewalls (NGFWs), secure web gateways (SWGs), and VPNs with cloud access security brokers (CASBs). While CASBs address a key set of cloud-specific use cases tied to visibility, data security, compliance, and threat protection, your dissolving corporate perimeter is also forcing security teams to rethink their entire legacy security stack. After all, if most of your web traffic is comprised of cloud services, why does most of your security spend on security tools that are not effective in this new world? Join Netskope for Part 1 of this 3-part series to discover new blind spots that exist with legacy security tools, why simply moving legacy security tools to the cloud is not enough, top cloud security use cases driving the need for a new perimeter and the essential requirements for a new, more effective perimeter.
  • Netskope #2: State of Cloud and Threats Recorded: Dec 5 2019 60 mins
    Tom Clare, Senior Product Marketing Manager, Netskope, Brandon Dunlap, Moderator
    The many stages of cyber kill chains are leveraging cloud services in new ways to evade legacy web and email defenses. These trusted domains with valid certificates are a quick path using implicit trust for success. Inline defenses need to understand cloud service account instances, activity, and data to prevent these cloud-enabled threats while enabling business unit and user freedom to adopt cloud services for digital transformation. In Part 2 of this series from Netskope, we’ll examine the average use of cloud services per company, why so few cloud services are managed by IT, what the key indicators are signaling this change, examples of cloud-enabled threats and kill chain stages and what defense updates you should consider to prevent and detect.
  • Keysight #3 - Don’t be a Victim of the Breach: Embrace the Hacker Within & Win! Recorded: Nov 22 2019 55 mins
    Steve McGregory, Sen Dir., Application and Threat Intelligence, Keysight; Brandon Dunlap, Moderator
    The hackers have automated their attacks, which gives them quite an upper hand. You, on the other hand, work at the pace and capability of your team and have to trust the products you’ve installed to defend your network. It’s time you utilize Breach and Attack Simulation and the emerging method of safely automating example attacks being used by the hackers to assess your deployed products, processes, and people. In this webcast you’ll learn how to hack yourself now and gain a new level of insight that will prepare you unlike ever before. We will examine what breach and attack simulation is, how automation and continuous assessment can show the current state of your defenses and how to find existing gaps in your security posture.
  • Bitsight #3 - Experiences in Optimizing Third-Party Risk Management Programs Recorded: Nov 18 2019 59 mins
    Chris Poulin, Princ Consulting Eng; Cushla O'Leary, Customer Success Mgr; Evan Tegethoff, Dir, Consulting & Eng; Pat Puentes,
    When it comes to managing third-party risk, there are different stages on the road to maturity. Many organizations today have a good program in place, but often run into issues with growing and optimizing their program in a scalable way. True optimization requires a confluence of process, policy, automation and cross-functional collaboration with other business leaders. With so many areas to focus on, it can be difficult to know where to even start. Fortunately, there are plenty of examples of companies that have successfully scaled their TPRM programs and offer valuable lessons for those looking to take their program to the next level. Join this discussion on managing third-party risk management to hear about these approaches and lessons learned.
  • Keysight #2 - Six Steps to Optimize Defensive Security Recorded: Nov 15 2019 52 mins
    Keith Bromley, Sr. Mgr, Solution & Product Mktg., Keysight; Brandon Dunlap, Moderator
    The number of exposed consumer records more than doubled in 2018 from 2017, according to the Identity Theft Resource Center, but enterprises don’t have to be a victim. Most attacks can be prevented by deploying the right mixture of products and processes. The primary goal is to coordinate and optimize your security defenses. A simple, but coordinated, security defense strategy allows you to:

    • Validate equipment readiness
    • Prevent access from bad IP addresses
    • Decrypt malicious traffic
    • Analyze traffic in real-time
    • Perform advanced data analytics
    • Enable DPI

    In this webcast, Keysight and (ISC)2 will explore an overview of defensive security, a six step approach to defensive security and examples of visibility and security solutions that make this approach work.
  • Infoblox #2: Threat Intelligence Update - Ransomware Tools Continue to Increase Recorded: Nov 7 2019 60 mins
    Michael Zuckerman, Consulting Product Marketing Manager, Infoblox; Brandon Dunlap, Moderator
    Ransomware continues to be a widespread problem for organizations. Defending against such attacks are paramount for security teams at businesses small and large. Join Infoblox and (ISC)² on November 7, 2019 at 1:00PM Eastern and hear about the latest information concerning many of the leading ransomware threats, as well as updates on the state of the global ransomware assault and overall trends in developing and designing ransomware malware tools. Additionally, there will be details of original research on malware variants to include Shade, Sodinokibi, Megacortex, Cryptomix, Ryuk, Keypass, Hermes and Grandcrab.
  • Keysight #1 - Best Practices for Security Resilience Recorded: Nov 5 2019 54 mins
    Keith Bromley, Sr. Mgr, Solution & Product Mktg., Keysight; Brandon Dunlap, Moderator
    It’s not a question of IF your network will be breached, but WHEN. News broadcasts for the last several years have shown that most enterprise networks will be hacked at some point. In addition, the time it takes for most IT departments to notice the intrusion usually takes months—over six months according to the Ponemon Institute. This gives hackers plenty of time to find what they want and exfiltrate whatever information they want. There are some clear things that you can do to minimize your corporate risk and the potential costs of a breach. One new approach is to create a resilient security architecture model. The intent of this model is to create a solution that gets the network back up and running after a breach has occurred, as fast as possible. While prevention should always be a key security architecture goal, a resilient architecture goal focusses on recognizing the breach, investigating the breach, and then remediating the damage as quickly as possible. Join Keysight and (ISC)2 for an examination of what network security resilience is, the benefits of such and examples of the visibility and security solutions that can be implemented to reduce the time to remediation.
  • Infoblox #1 - Get Encrypted! Examining Emerging DNS Privacy Standard Recorded: Oct 3 2019 58 mins
    Paul Adair, Principal Product Manager, Infoblox; Brandon Dunlap (Moderator)
    DNS has always seemed to have a “last mile” security issue. Communications from a local DNS served to a client are typically unencrypted and not secure, leaving this traffic vulnerable to spoofing, hijacking and more. But privacy standards and protocols are emerging which are helping to encrypt this traffic. Join Infoblox and (ISC)2 on October 3, 2019 at 1:00PM Eastern for an examination of DNS over TLS (DoT) and DNS over HTTPS (DoH). The discussion will include the pros and cons of the two protocols, what option might make sense for your security & risk requirements and simple ways to secure your network and DNS.
  • Un día en la vida de un CISSP Recorded: Sep 27 2019 56 mins
    Ricardo Céspedes y Wilson España, instructores CISSP en Chile y Jefferson Gutierrez, CISSP para KPMG México.
    Más de 130.000 profesionales de la seguridad de la información han invertido tiempo, determinación y recursos para lograr la certificación CISSP. Únase a (ISC)² miembros de diferentes regiones de América Latina para saber cómo la certificación CISSP les ha ayudado con su trabajo y carrera y quales los puntos de dolor, problemas y desafíos que encuentran en su vida laboral diaria, así como soluciones, consejos y mejores prácticas que han desarrollado a lo largo del camino.
  • 2019 Security Congress Preview – Security Automation Recorded: Sep 24 2019 58 mins
    Winn Schwartau, Chief Visionary Officer, The Security Awareness Co; Chuck Easttom, Professor, Capitol Technology Univ
    (ISC)² will hold its 2019 Security Congress in Orlando, Fl Oct 28th – 30th. This conference will bring together a global community of cybersecurity professionals and more than 180 educational sessions. One of the 18 tracks at the conference will focus on Security Automation and the role that Machine Learning and Artificial Intelligence is playing in securing organizations of all sizes. On September 24, 2019 at 1 p.m. Eastern, join (ISC)² and several speakers who’ll be presenting in the Security Automation track on the Impact of Machine Learning on Cyber Security and Ethical Bias in AI-Based Security Systems as they preview their sessions and discuss why security automation is a leading concern for cyber security practitioners to understand.
  • (ISC)²’s Digital Transformation Journey – Part 3 Recorded: Sep 17 2019 59 mins
    Bruce Beam, CIO, (ISC)²; Wes Simpson, COO, (ISC)²; Brandon Dunlap (Moderator)
    (ISC)² recently completed our multi-year Digital End-to-End Transformation (DETE) project, which positions us to deliver a more a seamless and user-friendly experience to all members. In addition to revamping our online presence, we launched a new Learning Management Systems where members can access all the courses developed by our Professional Development Institute. In Part 3 of the (ISC)² Digital End-to-End Transformation (DETE) webcast, we will examine the “new world” of what the project has provided to internal (how we serve the members and visitors), the members (what you as members see and experience) and what’s to come. Join Wes Simpson, COO and Bruce Beam, CIO on September 17, 2019 at 1:00PM Eastern for a discussion on these items and a Q&A with our COO and CIO.
  • Gigamon #3: Network Traffic Decryption: Keeping Secure in a Private World Recorded: Sep 5 2019 56 mins
    Ricardo Font, Senior Product Marketing Manager, Gigamon; Brandon Dunlap (Moderator)
    Today’s network environment can feel like a Cold War-era novel, full of who’s watching whom scenarios and heavily protected intelligence communications. Visibility is critical to an organization’s security posture, and encrypted channel communications can become an obstacle to it when gets to the wrong eyes. Decryption can illuminate what is hidden and restores the advantage you need to see what’s lurking in the shadows. Join Gigamon and (ISC)2 on September 5, 2019 at 1PM Eastern for an examination of decryption best practices, a review of encryption methodologies, the obstacles that impact security, resources and regulatory compliance and what’s changed with TLS 1.3 and how this newer protocol impacts visibility.
  • Bitglass Part 3: Security in the Cloud - CASBs for IaaS Security Recorded: Aug 29 2019 60 mins
    Jacob Serpa, Sr. Product Marketing Manager, Bitglass; Brandon Dunlap (Moderator)
    Infrastructure as a service (IaaS) has quickly risen to prominence because of the way that it provides enhanced flexibility and scalability to organizations around the world. However, using IaaS platforms like AWS, Azure, or GCP does require that organizations take responsibility for an increased amount of security in the cloud. Fortunately, there are tools designed to help with doing this properly. Join Bitglass and (ISC)² on August 29, 2019 at 1:00PM Eastern for a presentation on the various components of leading IaaS platform, what your organization is responsible for when it comes IaaS security and how Cloud Access Security Brokers (CASB) can help.
  • Bitsight #1: How to Set a Solid Foundation for Your Third-Party Risk Management Recorded: Aug 27 2019 56 mins
    Chris Poulin, Principal Consulting Engineer, BitSight Technologies; Brandon Dunlap (Moderator)
    As companies grow, so do their third-party digital ecosystems. This is hardly a new phenomenon, but the dynamic changes and rapid growth often experienced today have made it increasingly difficult for companies to stay on top of their multiplying business relationships. Today, organizations are looking for best practices on how to handle this from a cybersecurity perspective. Given that there are multiple frameworks, approaches, and guidelines, it is hard to figure out which best practices will meet the needs of your organization. In Part 1 of this series, we’ll discuss frameworks, policies, and process to build a successful third-party risk management program; typical roles and responsibilities found in programs across companies of all sizes and best practices for third-party governance and program sponsorship.
  • Bitsight #2: Best Practices to Grow Your Third-Party Risk Management Program Recorded: Aug 22 2019 56 mins
    Evan Tegethoff, Director of Consuting Engineers, BitSight; Brandon Dunlap (Moderator)
    So you’ve established the foundation of your third-party risk management (TPRM) program...now what? For many organizations, growing their TPRM program to scale at the speed of their business can be extremely challenging. This challenge is exacerbated because, in many cases, third-party ecosystem growth occurs with little coordination or oversight. Furthermore, once they establish third-party relationships, companies may not implement centralized processes to continuously monitor and evaluate those relationships, including the cyber risks they may pose. In the second installment of this webinar series, we discuss tips on how to “go beyond” the foundation of third-party risk assessments and drill down further into your vendors’ security posture, best practices for TPRM process improvement, reporting, and dashboard use and how to leverage continuous monitoring to scale your TPRM program at the speed and growth of your business.
(ISC)2 Security Briefings - In-depth examination of infosec topics.
(ISC)2 Security Briefings brings attendees multi-part series on cutting edge infosecurity topics that gets deeper into the subject matter and technologies presented by subject matter experts.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: CA Briefings Part 4: Step 3: Secure and Simplify Cloud Access
  • Live at: Dec 8 2016 6:00 pm
  • Presented by: Hadeel Dabbagh, Sr. Principal Product Mgr; Kathy Hickey, VP, Product Mgmt.; Brandon Dunlap (Moderator)
  • From:
Your email has been sent.
or close