CA Briefings Part 4: Step 3: Secure and Simplify Cloud Access

Part three will examine how a Zero Trust security strategy built on AI-based security technologies could better prepare you to face the modern threat landscape. We will walk through some current, pervasive threats to gain a better understanding of why and how the unique features of AI-driven technologies are better suited to prevent, detect, and respond to them.

In Part two, we’ll discuss strategies for securing remote workers using Zero Trust. As millions of us have grown accustomed to and continue working from home, the delineation between work and home has become increasingly porous. Devices – no matter the environment in which they are situated – must be secure without any performance trade-offs. We will explore how emerging solutions like continuous authentication and unified endpoint security that leverage AI, machine learning, and automation could play a critical role in deploying a robust Zero Trust security framework to secure all devices – anytime, anywhere.

In this first part, we’ll explore the important preliminary questions about whether Zero Trust should be a priority for your organization and provides guidance on defining trusted users and devices, and how to integrate identity and network. It will address how to build a business case for Zero Trust, addressing business drivers such as cloud environments and business continuity needs.

The future of work remains unpredictable and uncertain. More than ever before, business leaders need to remain confident that their operations can continue securely. However, 94% of cyber-threats still originate in the inbox, and ‘Impersonation attacks’ that expertly mimic the writing style of trusted contacts and colleagues are on the rise. Humans can no longer distinguish real from fake on their own – businesses are increasingly turning to AI to distinguish friend from foe and fight back with autonomous response. . Join Darktrace and (ISC)² on September 24, 2020, at 1:00 p.m. Eastern for expert insight into how cyber AI is the only tool that can keep pace with the rapidly evolving threat landscape facing organization’s inboxes every day. The webcast will examine:

· Exploration of the most recent email threat trends and statistics

· Overview of Darktrace’s latest developments to secure the email environments of the dynamic workforce

· Case studies and use cases from industry leading customers

Having visibility into your network, what’s on it and how it’s preforming, is critical to any sized organization. The use of network monitoring tools like SPAN and TAP can certainly help, as can Network Aggregation and Packet Brokers. Join Gigamon and (ISC)2 on September 15, 2020 at 1:00 p.m. Eastern as we dive into visibility topics such as Data Deduplication, Slicing, Masking, TLS Decryption, Inline and Out of band… and more. We’ll even include Virtual Environments and Cloud to make it even more interesting.

More than 70% of enterprises today are multi-cloud, either through organic growth, through mergers and acquisitions, or as a corporate strategy. While cloud is a powerful opportunity to unleash innovation within the enterprise, IT and security teams must then devise governance strategies to support that innovation. Join DivvyCloud and (ISC)2 to hear about some real-world experiences, a top 10 list of governance starting points and key takeaways that include:

· Top 3 mistakes made in multi-cloud governance
· A set of related resources, including industry reports on the state of cloud, cloud misconfiguration security and more

The cloud is a popular destination for companies of all sizes. As companies plan their migration to the cloud, there is pressure to use database services from public cloud vendors. What are the compliance and visibility requirements and what does a secure cloud data deployment looks like. Join Imperva and (ISC)2 on August 27, 2020 at 1:00PM Eastern for a discussion on protecting data in the cloud and how to deploy securely and quickly.

Nearly nine in 10 organizations are experiencing a shortfall of skilled IT security personnel, according to CyberEdge’s 2020 Cyberthreat Defense Report. That’s up from eight in 10 organizations just two years ago. This weighs heavily on the minds of IT security professionals as ‘lack of skilled personnel’ is rated as the #1 inhibitor to successfully defending against cyberthreats. So, what can organizations do to mitigate the effects of this crisis? Well, if you’re willing to ‘think outside the box,’ there is hope. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he:

- Examines the shortage of IT security personnel by job role
- Proposes creative ways for recruiting new security talent
- Suggests clever ways for retaining the talent you already have
- Identifies technologies that enable security teams to do more with less

There is much talk in the Industry with regards to Zero Trust Networking (ZTN) - but what does it involve and what does this mean for Network Visibility? In this Webinar we will explore the reason for ZTN, some of the current ideas surrounding the implementations of ZTN and where Network Visibility plays a key role in securing such environments. With one of the key concepts of ZTN being the encryption and authentication of data in motion, we will also discuss the need for Metadata and why this can be an advantage over traditional methods of monitoring. Join Gigamon and (ISC)2 on August 13, 2020 at 1:00PM Eastern for an examination of:

- Understanding the ZTN trust model at a high level

- See which components are important within ZTN and why

- Understand why the perimeter is changing and why the need for segementation goes beyond physical devices

- How Metadata can play a key role in understanding the activity of applications on your network

TLS is becoming ubiquitous, but it’s a double-edged sword. On the one side, organizations can mitigate risk vectors using this protocol. On the flipside is the misuse of TLS by threat actors trying to hide their activities and prevent your security monitoring infrastructure from detecting their activities. How do you benefit from TLS, but avoid the risks? Is decrypting everything the right approach? And if so, where? What about non-decrypting approaches to threat detection, like JA3? TLS 1.3 was a significant change, what do I need to know about it? Join Gigamon and (ISC)2 on Thursday, July 30, 2020 at 1:00PM Eastern to get answers to these questions and more.

Want to know which IT security technologies are hot and which ones are not? 2020 has thrown many purchasing and deployment plans into a state of flux and your organization has probably been caught up in this. Join Steve Piper, Founder & CEO of CyberEdge (and a proud CISSP) and (ISC)2 on Tuesday, July 28, 2020 at 1:00PM Eastern as Steve reviews key purchase insights from the 2020 Cyberthreat Defense Report. Specifically, this webcast will examine which security technologies are most widely deployed and most planned for acquisition in 2020 so you can benchmark your company’s current and planned investments against your peers. Purchase intent across five key security technology categories will be focused on including:

•Network security
•Endpoint security
•Application and data security
•Security management and operations
•Identity and access management

As transformations continue at breakneck speeds, how are these changes impacting security? Specifically, applications are being written in new ways and deployed across clouds. How do you maintain consistent app security in a way that enables agility and speed of deployment? Join Imperva and (ISC)2 on July 9, 2020 at 1:00PM Eastern for a discussion on applications and their addition to the computing infrastructure is impacting organizations both small and large.

A significant percentage of data breaches in the last year came as a result of the targeting of web applications. ‘Software’ continues to eat the world, but not all of the code behind it is being constructed in conditions that ensure security. DevSecOps is oft talked about, but what does implementation mean from a practical standpoint? What’s really meant by ‘shift left’?

Join Daniel Kennedy, Senior Analyst for 451 Alliance and (ISC)² on June 30, 2020 at 1:00PM Eastern for a discussion drawing on multiple years of peer market intelligence around application security, including tool usage within enterprises. We’ll examine what challenges emerge as security and development share responsibility for ensuring application security, and how can the needs of each be met.

You are a security professional. The world is changing - there are transformation initiatives being accelerated across your company - What are they, what is the impact on security and how can you ensure that a consistent security profile is maintained as your business transforms? Transformation is driving your company to engage with customers and partners in new ways, but automated attacks can steal your revenue and kill your business. How can the security team stop that happening? Join Imperva and (ISC)2 on June 18, 2020 at 1:00PM Eastern for a discussion on the processes and tools which will help to enable key transformation initiatives while protecting the integrity and security of your company.

Stolen payment card information usually needs to be validated before they can be used to run larger fraudulent transactions or be sold on the black market. Typically, automated bots run these tests or validation through smaller websites that lack anti-bot defenses. Join PerimeterX and (ISC)2 on June 4, 2020 at 1:00PM Eastern as we discuss how to detect and stop fraudulent transactions originating from carding bots and save thousands of dollars in payment processing charges. We’ll also cover :

● Carding attacks from the wild

● How carding attacks evade detection

● Trends leading into the holiday season

As IT complexity increases at organizations, gaining visibility into a comprehensive asset inventory becomes progressively difficult for information security teams. The convergence of three trends account for this new era of complexity: the increase in the number and types of devices, rapid public cloud adoption, and the looming IoT explosion. Axonius commissioned a research survey with Enterprise Strategy Group (ESG) to uncover what kinds of visibility gaps, challenges, and strategies are top of mind for information security professionals. Join Axonius and (ISC)2 on May 21, 2020 at 1:00PM Eastern for the third of three webinars focusing on the looming and inevitable IoT explosion. By some reports, there will be 500 billion connected devices by 2030 (Cisco). Organizations are most concerned about visibility into the volume and diversity of devices.


Webinar attendees will learn:


• Detailed research findings on the looming IoT explosion, visibility challenges, and security implications


• An understanding of the key asset inventory challenges and how organizations are addressing these issues


• Best practices when implementing and improving an asset inventory process


• Emerging innovations and approaches to continuous asset discovery and automation