Solution Summit - Part 1: Cloud App Discovery & Analysis
You can't secure what you can't see. While many organizations are actively embracing cloud apps as a strategic part of their IT infrastructure, many employees or lines of business are adopting additional ad hoc cloud services to aid business productivity or for personal applications. Known as "Shadow IT", these additional cloud apps and services bypass the oversight of IT, and may introduce risk or cost inefficiencies. This session will explore this issue, along with approaches.
RecordedOct 6 201654 mins
Your place is confirmed, we'll send you email reminders
It’s not uncommon for security teams to see upwards of 17,000 malware alerts per week and only investigate a third of them. Each incident detected requires investigation and eventually remediation before it can be laid to rest. Unfortunately, the security talent capable of performing these tasks is scarce, which leaves most security operations teams spread thin, a symptom of sparse coverage compounded by the drain of low fidelity security alerts and false positives. Join Exabeam and (ISC)² on August 3, 2017 at 1:00PM Eastern to learn how SIEM technologies must evolve to include automated playbooks and orchestration for common attacks such as malware and spear-phishing.
Malware and spear-phishing continue to cause the most headaches for IT security teams. Over the years, attackers have become more sophisticated and SIEM systems have failed to keep up. Key indicators of emerging threats include lateral movement, where the attacker silently attempts to access multiple servers on the network, and account management, where the attacker escalates privilege or creates new privileged accounts. Detection of advanced threats like these require real time analytics and the ability to find signals within the very noisy security environment. Join Exabeam and (ISC)² on June 29, 2017 at 1:00PM Eastern to learn how user behavior analytics automatically analyzes and scores activity for escalated risk allowing for quick attack detection.
Rick Caccia, CMO, Exabeam; Brandon Dunlap (Moderator)
Hackers stealing credentials and operating in your corporate network…disgruntled employees collecting customer lists and design materials for a competitor…malware sending identity information back to random domains…these common threats have been with us for years and are only getting worse. Most organizations have invested large amounts in security intelligence, yet these solutions have fallen short. Simply put, security intelligence and management, in the form of legacy SIEM technologies, has failed to keep up with complex threats. Join Exabeam and (ISC)² on June 1, 2017 at 1:00PM Eastern to gain a better understanding of why static correlation rules are no longer a match for today’s threats.
Amish Kohli, Solutions Engineer, Bitglass; Brandon Dunlap, Moderator
Enabling secure BYOD has long been a challenge for IT. Attempts to secure these devices with agents and device management tools like MDM have been met with widespread employee concerns about privacy and usability, and as a result, organizations see low rates of adoption. Requiring that employees use these install these cumbersome device management tools or access data solely from managed devices are solutions fraught with issues. Employees need the flexibility to work from any device, anywhere. Join Bitglass and (ISC)2 for the 3rd part of our 3-part Briefings series on May 4, 2017 at 1:00PM Eastern where n this we discuss the trends driving growth in demand for BYOD, the drawbacks of MDM, and some of alternative solutions used to secure employee-owned devices without agents.
Scott Boda, Solutions Engineer, Bitglass; (ISC)2; Brandon Dunlap, Moderator
Cloud apps offer several advantages over premises-based apps, from lower costs to easy deployment. In fact, 59% of organizations have already deployed apps like Office 365, Box, and Salesforce. As data moves to the cloud, security is of utmost importance. On April 6, 2017 at 1:00PM Eastern, join Bitglass and (ISC)2 for Part 2 of our Briefings series where we will discuss security threats such as external sharing, compromised credentials, lost/stolen devices and how you can best mitigate these threats. Learn how Cloud Access Security Brokers (CASBs) can provide end-to-end data protection, in the cloud and on any device.
John Hawley, VP Security Strategy, CA Technologies; Brandon Dunlap (Moderator)
Controlling the access of all users, especially privileged ones, is essential not only for risk reduction but also for easier compliance. But, controlling access isn't enough. Organizations need to govern all user access to ensure that no user has more access than they need, and that segregation of duties policies are enforced. On March 21, 2017 at 1:00PM Eastern, CA Technologies and (ISC)2 will highlight the steps for strengthening the enterprise and increasing customer engagement as well as key aspects of effective identity governance, including for contractors and partners who might have access to your systems. Included in the discussion will be key capabilities and processes to help create leading-edge identity governance deployments that can improve the security of your critical data and simplify compliance audits.
Karthik Venna, Product Manager, Bitglass; Brandon Dunlap, Moderator
Cloud applications have garnered widespread adoption from enterprises in part due to their advantages such as ease of deployment, lower TCO, and high scalability. These applications are also popular because end-users can rely on these applications to work and collaborate from anywhere and on any device. But should the enterprise trust cloud app providers to protect their data from malware and ransomware? Currently, there are only a handful of enterprise cloud applications that provide native malware protection which, in almost all the cases, does not include zero-day protection. Join Bitglass and (ISC)2 for the first part of our next Security Briefings series on March 9, 2017 at 1:00PM Eastern when we will discuss malware protection solutions offered by various cloud application providers, how malware can penetrate into cloud applications and how Cloud Access Security Brokers (CASB) can protect enterprise cloud applications from malware.
Nick Nikols, Senior VP and Cybersecurity Business CTO, CA; Brandon Dunlap, Moderator
2016 was a blockbuster year for cybersecurity -- from a hacker influenced national election to a landmark breach into the Internet of Things that caused the largest botnet attacks in history. What’s in store for 2017? On January 12, join CA Technologies’ Nick Nickols, Security CTO, as he examines the evidence and trends that predict what you can expect in 2017. In this webcast, Nick will discuss:
·Key areas to focus your attention and investment - from access governance to threat analytics to IDaaS
·The changing landscape of regulations and consumer behavior
·Technology transformations and new innovations that will influence the way you prepare for 2017
The steps for strengthening your enterprise and increasing customer engagement has seen the rise of cloud adoption and a "bring your own app" trend in the workplace which continues to grow. IT and security leaders are hard pressed to keep up with the demands of a seamless user experience while protecting user identities across the cloud environment. On December 8, 2016 at 1:00PM Eastern, CA Technologies and (ISC)2 will examine how to leverage identity-as-a-service to secure access to cloud applications - including provisioning, onboarding and deployment, deliver a seamless user experience without compromising security and how to keep up with the pace of cloud adoption.
By now you are likely familiar with Cloud Access Security Brokers (CASBs) and understand how they fit into your broader security and cloud strategy. What should organizations be looking for in a CASB? What capabilities are here or on the horizon that can provide improved data protection in the cloud? On December 1, 2016 at 1:00PM Eastern, Bitglass and (ISC)2 presents the final episode of the CASB series where we will examine where cloud security is headed, discussing agentless and agent-based solutions, the growing number of cloud apps in use and the importance of easy deployment. Learn why cross-app security will become increasingly valuable as organizations look to third-party solutions for deep visibility, behavior analytics, and more.
The increasing rate of vulnerability reporting, combined with the number of sources producing those reports has made it more difficult than ever to monitor critical issues affecting your organization. While monitoring vulnerabilities has traditionally been most important for IT teams, it is becoming rapidly more relevant for software development teams as well, especially as the use of open source / third-party libraries increases.
Join Cytenna and (ISC)2 on November 22, 2016 at 1:00PM Eastern as we discuss solutions to this problem at both the IT and development level. Among other things, we'll cover Vulnerability Central, a free member benefit for all (ISC)2 members that can help you stay more aware of recent vulnerabilities, especially with its new e-mail notification feature.
Office 365 and other SaaS apps offer a number of advantages over premises-based apps, from easy access and deployment to lower costs. A key advantage of SaaS apps is IT's ability to shift the burden for app and infrastructure security to the cloud vendor while data security remains the responsibility of the enterprise. Migrating to Office 365 introduces several new avenues for data leakage: one-click sharing, desktop sync clients, unmanaged device access, and many more. Bitglass and (ISC)2 presents Episode 2 of our CASB Wars webinar trilogy on November 17, 2016 at 1:00PM Eastern where we explore the security gaps in Office 365 and how a Cloud Access Security Broker (CASB) can help mitigate the threat of data leakage across all SaaS apps. Using real-world use cases, see where native Office 365 security falls short and how a CASB can protect data end-to-end, from cloud to device.
John Hawley, VP of Security Strategy & Trevor Brown, Project Manager, CA Technologies and Brandon Dunlap, Moderator
Identity is the new perimeter for Security in the digital enterprise. According to Forrester, 80% of security breaches involve the use or abuse of privileged credentials. At the same time, compliance mandates (such as PCI) require organizations to focus on how they manage and control privileged users in order to protect these critical resources. Privileged Access Management (PAM) provides a host of capabilities that enable organizations to address these critical challenges. Join CA Technologies and (ISC)2 on November 3, 2016 at 1:00PM Eastern as we continue examining the steps for strengthening your enterprise and increasing customer engagement highlighting emerging requirements in privileged access management and present key capabilities that are important in a comprehensive PAM solution.
For enterprises looking to protect cloud app data, Cloud Access Security Brokers (CASBs) have quickly emerged as the go-to solution. But how have CASBs matured and encompassed critical pieces of the security puzzle, from identity management to data leakage prevention? Join Bitglass and (ISC)2 on October 27, 2016 at 1:00PM Eastern for Episode 1 of the CASB Wars webinar trilogy for a discussion about the evolution of CASBs from app discovery to complete cloud security suites and basic API-based controls to more capable multi-protocol proxies.
Deena Thomchick, Senior Director of Cloud Security, Symantec + Blue Coat; Brandon Dunlap (Moderator)
This session will examine how modern data science and machine learning technologies can be applied to cloud security to address scalability and protection from the increasingly complex threat landscape. Such techniques can be leveraged to continuously monitor cloud activity and identify threats related to compromised accounts or malicious activity. These techniques can also be used to dynamically identify new cloud apps and services, and improve accuracy of automated content inspection - ensuring that sensitive data is properly handled in the cloud. By leveraging these modern tools, enterprise organizations can improve their overall security posture while reducing the amount of time and effort required from their security professionals.
Dr. Aditya Sood, Ph.D., Director of Security and Cloud Threat Labs, Symantec + Blue Coat; Brandon Dunlap (Moderator)
As valuable company data increasingly migrates to cloud apps and services, the risk and expense of data theft and leakage has risen dramatically. Malicious actors are less likely to attack the well-fortified back-end infrastructure of cloud app vendors, preferring to exploit the weakest link – the human element – to get in through the "front door". Compromised credentials via phishing attacks or other means or malware that hijacks a valid user session are some of the key threats that must be addressed in this new cloud landscape. This session will examine recent exploits leveraging cloud apps and services.
Martin Johnson, Sr. Director of Product Marketing of Cloud Security, Symantec + Blue Coat; Brandon Dunlap (Moderator)
Do you know what apps your employees have adopted without IT approval? Do you know whether the apps your employees are using are secure for business use? Do you know how many risky exposures are lurking in these cloud apps? The Shadow Data Report, published by Elastica Cloud Threat Labs, addresses key trends and challenges faced by enterprises securing data stored and shared via cloud apps and services. This report is based on the analysis of over fifteen thousand cloud apps and 108M documents. This session will examine the findings as well as the potential repercussions of data leakage, including compliance and mitigation costs.
Aditya Sood, Blue Coat; Brandon Dunlap, Brightfly (Moderator)
It is said that the bad guys follow the money (why do thief's rob banks? . . .). As valuable assets increasingly migrate to cloud infrastructure, there is a need for diligent protection of these assets. Malicious actors are less likely to attack the well-fortified back-end infrastructure of cloud app vendors, but rather pray on the human element to get in through the "front door". Compromised credentials via phishing attacks or other means or malware that highjacks a valid user session are some of the key threats that must be addressed in this new cloud landscape. This session will examine these and other threats, along with new approaches to address these at scale.
Carol Alexander, Sr. Dir Security, CA Technologies; Rob Marti, Princ, Prod. Mgr, CA.; Brandon Dunlap
Making it easy for your customers to engage with you requires frictionless security. Begin by ensuring you have modern single sign-on and authentication to provide compelling, simple, yet non-intrusive environments for your customers. Continuing the examination of steps for strengthening your enterprise and increasing customer engagement, join CA and (ISC)2 on October 6, 2016 at 1:00PM for Part 2 of our Briefings series where we'll examine how to employ analytics to streamline the path to your applications, address hybrid environments (both SaaS and on premise) and ensure AA and SSO are meeting continually emerging challenges of the digital enterprise.