Hi [[ session.user.profile.firstName ]]

Security Briefings Part 1: Cloud Apps and Protecting Against Malware

Cloud applications have garnered widespread adoption from enterprises in part due to their advantages such as ease of deployment, lower TCO, and high scalability. These applications are also popular because end-users can rely on these applications to work and collaborate from anywhere and on any device. But should the enterprise trust cloud app providers to protect their data from malware and ransomware? Currently, there are only a handful of enterprise cloud applications that provide native malware protection which, in almost all the cases, does not include zero-day protection. Join Bitglass and (ISC)2 for the first part of our next Security Briefings series on March 9, 2017 at 1:00PM Eastern when we will discuss malware protection solutions offered by various cloud application providers, how malware can penetrate into cloud applications and how Cloud Access Security Brokers (CASB) can protect enterprise cloud applications from malware.
Recorded Mar 9 2017 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Karthik Venna, Product Manager, Bitglass; Brandon Dunlap, Moderator
Presentation preview: Security Briefings Part 1: Cloud Apps and Protecting Against Malware

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Swimlane #3: Reactive to Proactive Threat Hunting: Changing the SOC w/Automation Dec 17 2020 6:00 pm UTC 60 mins
    Nick Tausek, Security Research Engr, Swimlane; Abe Johnson, Professional Services Engr, Swimlane; Brandon Dunlap, Moderator
    Are your analysts drowning in low-value, high-noise alerts and constantly playing catch-up? Is this hurting your mean time to detect (MTTD) and mean time to resolution (MTTR)? A security orchestration, automation and response (SOAR) solution can help in this area. A SOAR solution can enable an organization to realize some time and resource savings which can result in more research and active threat hunting for a more proactive approach to cybersecurity. On December 17, 2020 at 1:00 p.m. Eastern, Swimlane and (ISC)2 will explore how automation can help you dedicate your limited security resources to proactive threat hunting. We’ll also discuss how to:

    · Integrate your threat intelligence sources with a SOAR platform for faster and more accurate threat identification and verification.

    Use information from analyst research or automated feed ingestion to facilitate threat hunting across your security toolset and environments.

    · Reduce MTTD/MTTR by automating repetitive, manual tasks.
  • Darktrace #3: Mimicking Human Intuition: The Cyber AI Analyst Dec 10 2020 6:00 pm UTC 60 mins
    Brianna Leddy, Director of Analysis, Darktrace; Brandon Dunlap, Moderator
    Alongside the rise of today’s dynamic workforce, the speed and scale of sophisticated cyber-attacks is rapidly increasing. As the cybersecurity industry continues to endure an ongoing skills shortage, over-worked and under-resourced teams urgently need augmentation in order to defend against evolving, sophisticated threats. AI technology can help augment an overworked and understaffed security team. But can AI be programmed to think like a living breathing cybersecurity analyst? Join Darktrace and (ISC)2 on December 10, 2020 at 1:00pm for an examination of Darktrace’s Cyber AI Analyst and how this capability detected and prevented a large-scale worming attack in real-time.
  • Digging Into the 2020 (ISC)2 Cybersecurity Workforce Study Dec 9 2020 6:00 pm UTC 66 mins
    Marinda Hamann, (ISC)2; Sanjana Mehta, (ISC)2 EMEA; Chris Green, (ISC)2 EMEA Brian Alberti, (ISC)2
    The (ISC)2 Cybersecurity Workforce Study is one of the most highly-anticipated annual research reports each year. Not only has it come to be considered the industry standard for measurement of the global “skills gap” in cybersecurity, but it offers nuanced insights into subjects like job satisfaction rates, salaries, role alignment, the profile of the cybersecurity professional, diversity and how to strengthen teams and improve hiring practices. The 2020 edition of the study was released in early November and also includes data on the cybersecurity community’s response to COVID-19 and the transition to remote work environments. This panel discussion brings together several of the (ISC)2 architects behind the research to provide a deeper look beyond the numbers and explore some of the key themes of this year’s findings.
  • Securing Your Expanded Remote Workforce Recorded: Dec 1 2020 59 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    The COVID-19 pandemic has caused dramatic increases in remote workforces and BYOD policy adoptions, making it more challenging than ever to secure company applications and data. Now that organizations have increased their remote access capacities, it’s now time to explore ways to help secure these remote managed and unmanaged devices to help mitigate the elevated risks of ransomware, data breaches, and other cyberattacks. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he:

    - Recaps key findings from a recent COVID-19 impact study
    - Examines the challenges facing today’s IT security teams
    - Suggests ways to invest more in your human firewalls
    - Explores current and emerging security technologies
  • Maximizing the Value of Threat Intelligence Recorded: Nov 30 2020 61 mins
    Bob Hansmann, Sr. Product Marketing Manager – Security, Infoblox; Brandon Dunlap, Moderator
    ‘Threat intelligence’ has become a general term that may refer to many different types of data sets used to meet very different security needs. Threat prevention and detection solutions (i.e. NGFW, SWG, EDR) are only as good as the threat intelligence driving their analytics. Threat investigation and incident response activities are limited and slow without timely access to sufficient event, network, and threat intelligence. This requires defenders to better understand their intelligence needs, how to identify and map appropriate threat feeds to each need, and the tools available to drive maximum value from threat intelligence. Join Infoblox and (ISC)2 as we review the state of the threat intelligence industry, using public and private research from the last year on the quality and applicability of public, private, and proprietary feeds. We’ll also examine areas such as:

    - Automating multi-feed normalization into a ‘super-feed’ for a more effective defensive security stack

    - Speeding investigation and response through event, metadata, and threat intelligence correlation

    - Leveraging threat intelligence of threat actor objectives, methods, and tactics to drive quick incident resolution
  • What is a Cryptographic Center of Excellence and Why is it Important? Recorded: Nov 23 2020 53 mins
    Jay Schiavo, Entrust; Neal Fuerst, Entrust; Brandon Dunlap, Moderator
    An overall explosion in cryptographic dependencies has given way to an urgent need for enterprises to define their crypto strategies and gain visibility into the many new cryptographic instances that are hidden across their IT environment. As enterprises adopt new IT practices such as DevOps, Internet of Things (IoT), cloud and multi-cloud environments, their cryptographic footprint expands exponentially increasing the risk for business disruption and security threats. This presents an urgent need for enterprises to define new strategies for both crypto and PKI environments in order to balance that risk.

    A Cryptographic Center of Excellences (CryptoCOE) prepares security, compliance and risk teams for crypto agility and methods for mitigating crypto related threats. Join this session as we discuss important insights on how to protect your digital business with strong digital trust protocols that support the expanding use cases for cryptographical instance.
  • The Impact of COVID-19 on Enterprise IT Security Teams Recorded: Nov 10 2020 60 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    The pandemic and its shock to world economies have profoundly altered work environments and cybersecurity priorities. COVID-19 has prompted a massive work-from-home (WFH) movement, increased BYOD policy adoptions, and unfortunately a spike in cyberthreats, ransomware, and data breaches. To help enterprises understand the enormous impact to their IT security teams, (ISC)2 co-sponsored a study that surveyed 600 security professionals from seven countries and 19 industries. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key insights from this study, including:
    - Challenges of supporting an expanded remote workforce
    - Mid-year changes to IT security budgets and personnel
    - Change in preferences for cloud-based security solutions
    - Security technologies best suited to address pandemic-fueled challenges
    - The positive impact of IT security professional certifications
  • What to Expect at (ISC)² Security Congress 2020 Recorded: Nov 9 2020 25 mins
    Wesley Simpson COO, (ISC)², & Congress attendees: Brandon Dunlap, James McQuiggan, Sharon Smith
    Join (ISC)² Chief Operating Officer, Wesley Simpson for a lively and informative panel discussion on the many new features and offerings provided at the 2020 virtual Security Congress!

    Security Congress veterans and session panelists, Brandon Dunlap, James McQuiggan, & Sharon Smith will share how to leverage many of the unique features of the virtual Security Congress, guide you through the various educational, networking and engaging social activities driving the 2020 (ISC)² Security Congress experience.

    Whether it's your first Security Congress or 10th, there's something here for everyone. Key topics discussed:
    - What makes Security Congress is the marquee security conference of the year:
    - Content quality, notable speakers, & keynotes
    - Network with thousands of professionals from around the globe & career coaching opportunities
    - Ability to obtain up to 45 CPE

    Link to event page in the attachments.

    (ISC)² is an international, nonprofit membership association for information security leaders like you. We’re committed to helping our members learn, grow and thrive. More than 150,000 certified members strong, we empower professionals who touch every aspect of information security.

    (ISC)² Security Congress brings together industry colleagues, offers educational and thought- leadership sessions, and fosters collaboration with other forward-thinking companies. The goal of our annual global cybersecurity conference is to advance security leaders by arming them with the knowledge, tools and expertise to protect their organizations.
  • Swimlane #2: SOARing Beyond Expectations - Automating Atomic Red Team Testing Recorded: Nov 5 2020 60 mins
    Julie Rockett, Sr Prod Marketing Mgr, Swimlane; Jay Spann, Technical Prod Marketing Mgr, Swimlane; Brandon Dunlap, Moderator
    Organizations around the world struggle protecting their environments and determining where vulnerabilities exist. Open-source projects, such as Red Canary’s Atomic Red Team, can help by providing methods for evaluating defensive security controls and identifying areas of vulnerability. Additionally, a framework like MITRE ATT&CK can give the organization a full security view, ensuring a comprehensive strategy is in place. Such resources provide useful information for security teams, but the manual processes still needed to execute tests and map them to active detections from existing SIEM, EDR or other tools is too time consuming for many security operations centers (SOCs) to conduct effectively. Join Swimlane and (ISC)2 on November 5, 2020 at 1:00 p.m. Eastern as we examine how to do automate testing with a security orchestration, automation and response (SOAR) solution.

    In this session you will:

    · Learn how to automate the testing of your security controls

    · See how SOAR can help you visualize areas of concern with the MITRE ATT&CK dashboard

    · Get an overview of a helpful open-source tool recently developed by the Swimlane Deep Dive Research Team
  • Don't Miss the BIGGEST (ISC)2 Security Congress Yet! Recorded: Nov 3 2020 1 min
    Join thousands of cybersecurity professionals at all levels for three days of industry discussion, continuing education and networking, November 16 – 18. Get your passes at: https://securitycongress.brighttalk.live/passes/
  • Darktrace #2: Securing the New Normal: Immune System Technology for Cloud & SaaS Recorded: Oct 22 2020 62 mins
    Nabil Zoldjalali, Director of Cloud Security, Darktrace; Brandon Dunlap, Moderator
    As workforces look to remain remote for the long term, the cloud has become ubiquitous. Yet human security professionals relying only on conventional security tools continue to struggle to secure the complexity of today’s hybrid and multi-cloud topologies - in fact, only 22% of organizations feel they have adequate visibility into their cloud applications and infrastructure. Join Darktrace and (ISC)2 on October 22, 2020 at 1:00 p.m. Eastern for a an examination of businesses as they increasingly turn to AI as a uniquely dynamic solution to detect and defend from novel threats that emerge on cloud and SaaS environments – which the global workforce continues to rely on in today’s remote working landscape. The webcast will also explore:

    · Exploration of the latest cloud and SaaS real-world threat trends
    · How Darktrace’s groundbreaking AI Immune System technology keeps pace with the dynamic workforce

    · Case studies and unique threat finds from industry leading customers
  • Netskope 3 - SASE for Data - Data Protection with Cloud DLP Recorded: Oct 21 2020 64 mins
    Greg Mayfield, Sr. Director PMM, Netskope; Brandon Dunlap, Moderator
    Data context is a core principle of SASE and requires visibility of data-at-rest and data-in-motion making Cloud DLP a requirement for thousands of cloud apps freely adopted by business units and users. Here are five areas to consider for your blueprint for data protection.

    •Users and data are increasingly in the cloud and working remote.
    •Data protection focuses on boundary crossings for apps, instances, and activity.
    •Unintentional and unapproved data movement is a leading use case for SASE.
    •DLP is compute intensive and SaaS architecture provides cloud performance and scale.
    •One solution applies DLP to data-at-rest and in-motion with SASE.
  • Netskope 2 - SASE for Users - Securing Remote Workers for Any Device or Location Recorded: Oct 21 2020 53 mins
    Ross Asquith, Product Marketing Manager, Netskope; Brandon Dunlap, Moderator
    Today, many legacy VPN solutions are overwhelmed. The solution is SASE: enabling employees to work from anywhere with a cloud-based combination of Zero Trust Network Access (scalable and fast remote access) and NG SWG (inline cloud and web security). Here are five areas to consider when transforming security to enable working from anywhere:

    •Fixing the poor user experience caused by overloaded VPNs.
    •Preventing lateral movement of malicious actors over VPNs.
    •Using ZTNA to avoid exposing private servers to the Internet.
    •Reducing the complexity of remote access to hybrid cloud.
    •Combining NG SWG with ZTNA to deliver SASE for remote workers.
  • Netskope #1 - SASE at-the-Core - Content and Context with Next Gen SWGs Recorded: Oct 21 2020 56 mins
    Tom Clare, Sr. Product Marketing Manager, Netskope; Brandon Dunlap, Moderator
    Digital transformation is driving the need to review cloud and web use in our organizations. Secure web gateways (SWGs) are now the core of SASE architecture to provide content and context for granular policy controls for apps and web. Here are five areas to consider for your SASE blueprint. Over half of SWG sessions are now cloud apps and services.

    •Web filtering needs to advance to decoding cloud app traffic inline.
    •The allow/block model no longer works for cloud, you need to manage risk.
    •Appliance limitations are being replaced with cloud native platforms.
    •Performance matters to avoid security trade-offs.
  • Ransomware: New Variants & Better Tactics to Defend & Defeat These Threats Recorded: Oct 20 2020 58 mins
    Mike Zuckerman, Consulting Sr. Product Marketing Manager, Infoblox; Brandon Dunlap, Moderator
    Ransomware continues to be an ongoing threat to organizations of all sizes that must defend against. Successful attacks have caused a large increase in overall ransomware incidents. Join Infoblox and (ISC)2 for the latest research on the emergence of Qakbot InfoStealer, the Return of Emotet, Vidar InfoStealer, and much more. We’ll also examine how Ransomware as a service continues to grow, the tactics threat actors are using to be successful and what can you do differently to better defend against them. Key takeaways will include:

    · New and recently emerged malware variants and trends

    · How these differ from other variants we have seen in the past

    · What defensive tactics work, and what has failed in the past

    · What the state of ransomware looks like
  • Swimlane #1: Five SOAR Use Cases to Address Analyst Burnout Recorded: Oct 8 2020 61 mins
    Julie Rockett, Sr Prod Marketing Mgr, Swimlane; Jay Spann, Technical Prod Marketing Mgr, Swimlane; Brandon Dunlap, Moderator
    A recent study revealed how security orchestration, automation and response (SOAR) can deliver impressive gains in your security operations center's (SOC) efficiency, productivity, and consistency within a relatively short time-frame—11 months or less on average. But, how do you get there, and what SOAR use cases can lead to these remarkable gains? Join Swimlane and (ISC)2 on October 8, 2020 at 1:00 p.m. Eastern for a pragmatic approach to automation and orchestration as we dig into the use cases where organizations are seeing significant impacts in their SOCs. We’ll also examine:

    •Typical challenges that SOAR platforms address.

    •Five SOAR use cases that can be used immediately to alleviate analyst burnout and provide more effective use of existing tools.

    •How to further increase the ROI of a SOAR platform with robust reporting and metrics.
  • Chronicle #2: From EDR to XDR: Evolving Security Analytics to Keep Pace Recorded: Oct 1 2020 60 mins
    Ansh Patnaik, Product Marketing; John McGovern, Customer Experience Engineer; Brandon Dunlap, Moderator
    The XDR technology ecosystem promises a new level of cyber security visibility, improved detection and active protection against modern threats. The full telemetric value of XDR platforms, however, may not be realized without rethinking security analytics. Join the Google Cloud Security team for this webcast to learn more about the dimensions of modern security analytics that will enable you to fully unleash your XDR investment.
  • Ransomware Deep Dive: Examining Disturbing Ransomware Trends Recorded: Sep 29 2020 59 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    Successful ransomware attacks are at an all-time high. And so is the number of organizations paying ransoms to recover their data. But why? And what can smart IT security teams do to mitigate the risks of falling victim? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key findings from CyberEdge’s 2020 Cyberthreat Defense Report. In this webinar, we’ll:

    - Examine disturbing ransomware trends, by country and by industry
    - Postulate why more organizations are paying ransoms
    - Underscore the importance of investing in your company’s “human firewall”
    - Review technologies to help give security teams the upper hand
  • Chronicle 3:Detect Everything: Bringing Google Scale Threat Detection to the SOC Recorded: Sep 28 2020 63 mins
    Ansh Patnaik, Product Marketing; Svetla Yankova, Head of Customer Experience Engineering; Brandon Dunlap, Moderator
    Skillful threat detection and investigation starts with a diverse hub of security telemetry to draw from. The Chronicle platform allows security teams to cost effectively store and analyze petabytes of security data in one place and perform investigations in seconds. Now, Chronicle brings Google-scale threat analysis to your SOC with the debut of its detection engine, Chronicle Detect, fully equipped with ATT&CK reference rules, an integrated detection-based rules language, and intelligence from Chronicle’s elite threat research team. In this webcast, we’ll examine what’s new in Chronicle and see the detection engine in action with a live demo.
  • Blackberry #3: Preparing for the Future of Work Recorded: Sep 25 2020 55 mins
    Ebudo Osime, BlackBerry, Threat Intelligence Analyst
    Part three will examine how a Zero Trust security strategy built on AI-based security technologies could better prepare you to face the modern threat landscape. We will walk through some current, pervasive threats to gain a better understanding of why and how the unique features of AI-driven technologies are better suited to prevent, detect, and respond to them.
(ISC)2 Security Briefings - In-depth examination of infosec topics.
(ISC)2 Security Briefings brings attendees multi-part series on cutting edge infosecurity topics that gets deeper into the subject matter and technologies presented by subject matter experts.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Security Briefings Part 1: Cloud Apps and Protecting Against Malware
  • Live at: Mar 9 2017 6:00 pm
  • Presented by: Karthik Venna, Product Manager, Bitglass; Brandon Dunlap, Moderator
  • From:
Your email has been sent.
or close