Name: Security Briefing: What’s So Hard About Securing Virtual Workloads?
Start: 2018-09-06T17:00:00Z
End: 2018-09-06T17:00:44.000Z
Location: BrightTALK
Rating: 4.2

ISC2 Security Briefings brings attendees both stand alone webcasts and multi-part series on cutting edge infosecurity topics that gets deeper into the subject matter and technologies presented by subject matter experts.

Join us for this live webinar where we’ll tell you all about two newly enhanced Official ISC2 Online Training options for SSCP — self-paced and instructor-led exam prep. Find out how both options provide a clear-cut and comprehensive review of the SSCP domains for a structured and intuitive learning experience.
You’ll learn about:
• Enhanced ISC2 Online Instructor-Led SSCP Training
• Enhanced ISC2 Online Self-Paced SSCP Training
• New study tools
• Education Guarantee

Save your spot now.

Enhanced! SSCP Official ISC2 Online Training

Generative AI has been in the news since early this year and many organizations are concerned about its use by adversaries in attacks against them.  In this session, we’ll look at hype versus reality of the use of GAI by threat actors and where we are likely to see its use in attacks.  We will also look at how the security industry is utilizing this technology to improve detection and response against attacks.

Join us to hear the discussion with Trend Micro and ISC2!

The Future of Generative AI: Uses and Abuse

The cybersecurity industry continues to face many challenges, including shortages of skilled security personnel, record-level ransomware attacks, and increased risks associated with modern attack surfaces. However, investments in security products and services continue to remain strong, including AI-fueled threat prevention, zero trust security, managed detection and response (MDR), and more. So, what does next year have in store for the cybersecurity industry? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he shares his top five cybersecurity predictions for 2024.

Top Five Cybersecurity Predictions for 2024

With generative AI now ever-present in most organizations, the next frontier for security practitioners is understanding where AI capabilities like machine learning, deep learning and natural language processing can best increase cybersecurity efficiency and effectiveness in their organizations. How can generative AI help your team respond to incidents, discover and patch vulnerabilities, or assist with programming? Or all the above? And what do teams need to consider in order to identify, review, assess risk and develop the use cases before putting them into production?   

Join IANS and ISC2 November 30, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific to hear about strategy toward using generative AI within their security programs. Walk away with insights and tangible recommendations for how to: 

- Identify the use cases where AI can bring value to your security organization  

- Understand the limitations and risks of AI capabilities and where you should proceed with caution  

- Determine the skills, tools and domain experts needed for use case evaluation   

- Develop your AI use case risk assessment framework  

- Recognize where and how AI can enable your security teams, but not replace them

Generative AI: Top Use Cases for Security Practitioners

APIs make the world go round. 58% of dynamic HTTP traffic on the Cloudflare network is API-related. Security and IT leaders have to balance securing their APIs and their customers’ sensitive data, without slowing down innovation while maintaining customer trust.  
On November 28, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific join us as Cloudflare and ISC2 discuss the best practices to automate your API security with a focus on small security teams. In this webinar, you will:  

* Explore today’s complex API ecosystem of new APIs, diverse users, and sophisticated attackers  
* Experience the problems with patchwork and DIY approaches to API security  
* See an example of optimal API security workflow 
* Observe ways an API security tool enables you to automate your API security processes  
* Simplify compliance with ever growing requirements: PCI, HIPAA, FHIR, Open Banking Initiative, Financial Data Exchange etc.

Automate your API Security, Resilience and Compliance

In today's ever-changing landscape, where security, compliance, and providing a seamless visitor experience are top priorities, the adoption of Visitor Management (VM) systems goes beyond being a nice to have to an absolute necessity. However, it is surprising that only 10% of companies using cloud visitor management systems rate theirs as excellent. This raises the question: what is happening with the other 90%?  

A robust visitor management solution should not only serve as an interface for welcoming guests with ease but also act as a stronghold for protecting your valuable data and a driver for enhancing your company's reputation. We invite you to join us on a journey as we explore the crucial role that VM plays in ensuring a warm and secure welcome, complying with regulations, and leaving a lasting impression on your visitors. 

Join ACRE  in collaboration with ISC2 on November 21st, 2023, at 1:00 p.m. Eastern/10:00 a.m. Pacific to discover how technological innovations fortify security, align with regulatory requirements, and harness data for a resilient visitor management system. Do not miss this opportunity to effectively fortify your organization. During this event, you will gain insights into:  

- Augmenting efficiency through the automation of the check-in process with VM systems
- How a cloud VMS can be a means to enable a secure path to standardization along with new technology to embrace a positive customer experience across the organization
- Leveraging the data acquired through a VM system to enhance your processes and achieve cost savings
- Recognizing the importance of compliance with regulations

Securing the Welcome: Innovations, Compliance & Data with Visitor Management

When it comes to network visibility, the truth can be hard to find. Enterprise organizations face enormous obstacles when it comes to gaining 'simple' visibility into their networks, and this lack of clarity can make it easier for cyber attackers to infiltrate those networks by evading endpoint controls or hiding in encrypted traffic. In fact, malware-free activity made up 71% of all detections in 2022 (up from 62% in 2021). 

So, how can your organization defend against threats like these? The answer may lie in leveraging network detection and response (NDR) solutions. Enhancing your XDR workflows with NDR solutions can provide a powerful source of truth and transparency across your enterprise, from on-premises to the cloud and everywhere in between—leaving attackers with nowhere to hide. 

Join experts from CDW, ExtraHop, CrowdStrike andISC2 as they discuss how to enhance XDR workflows with telemetry from NDR solutions.

Your Network Knows the Truth. Are You Listening?

The human factor remains a gateway for cybercriminals as phishing and ransomware attacks continue to increase. Cases like those of Uber and Rockstar Games have also shown how cybercriminals are evolving at a rapid pace, exploiting human psychology and our emotions - and hacking our brains. But how do attackers use behavioral science specifically against us?  What can we do to protect those around us?  

On November 2, 2023 at 1:00 p.m. Eastern/ 10:00 a.m. Pacific, So Safe and ISC2 take a look at social engineering innovations in 2023 to learn more about the latest strategies cybercriminals are using.

Hack the Brain: Social Engineering Innovation in 2023

Last month, CyberEdge's CEO and Chief Analyst, Steve Piper, participated in an ISC2 webinar to share his perspectives on how artificial intelligence (AI) is impacting the cybersecurity industry. As AI is such a hot topic, more participants registered for that webinar than any other in ISC2 Knowledge Vault history! As enthusiasm for this topic remains sky high, ISC2 has invited Steve back to respond to unanswered audience questions from our last webinar and to address your burning questions in this webinar.

The Impact of Artificial Intelligence on the Cybersecurity Industry: Part 2

Changes in how we build, run and secure information systems have also changed how we look at authentication and access control. The emerging concept of identity is transforming the ways that humans and non-human actors alike make use of data and compute power. At the same time, organizations’ focus on identity also means that it has become a focus for attackers. To assess the ways that old and new attacks are targeting digital identities, F5 Labs is presenting findings from our 2023 Identity Threat Report: The Unpatchables. 

In a follow-up to the September session on credential stuffing, this talk will focus on phishing and multi-factor authentication bypass techniques. As phishing has grown over the last several years, its tools and tactics have transformed. We will identify which organizations are most targeted and explore recent developments that make it harder to spot and trickier to mitigate, using a combination of Dark Web intelligence and quantitative methods. 

This talk on October 19, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific will cover recent developments in attacker approaches to circumvent multi-factor authentication, what these developments mean for defenders, and which forms of MFA are able to resist the new approaches.

Findings From the 2023 Identity Threat Report, Pt 2: Phishing & MFA Bypass

Join us for this live webinar where we’ll tell you all about two Official ISC2 Online Training options for Certified Secure Software Lifecycle Professional (CSSLP)  — new self-paced and enhanced instructor-led exam prep. Find out how both options provide a clear-cut and comprehensive review of the CSSLP domains for a structured and intuitive learning experience.

You’ll learn about:
• Enhanced ISC2 Online Instructor-Led Training
• New ISC2 Online Self-Paced CSSLP Training
• Benefits of both training options
• Education Guarantee

Save your spot now!

New and Enhanced CSSLP Official ISC2 Online Training

It’s become more and more evident to organizations that new-school security awareness training is an absolute requirement for managing the ongoing problem of social engineering. But how do you develop a program that will strengthen your human defense layer without doubling your workload or costing an arm and a leg?
 
Join KnowBe4 and ISC2 October 3, 2023 at 1:00 p.m./10:00 a.m. Eastern as we discuss key measures that will help you make an informed security awareness decision for your organization.
You’ll gain insight into:
 
• Current threat landscape and what to watch out for
• Critical components and considerations to make your program successful from the start
• Importance of a new-school security awareness program to better train your users
• Why strengthening your human layer is your best line of defense
 
Find out now how you can not only check the box on security awareness training, but develop sustainable, meaningful change in your organization's security posture and culture.

Using New-School Security Awareness Training to Build Your Human Defense Layer

New to the security industry? Or thinking about transitioning into an information security role? If so, this webinar is for you. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he provides a one-hour ‘crash course’ on the entire security industry, including:

- Size and growth of the security industry
- Useful vocabulary terms and buzz words
- Five types of cyberthreat actors 
- Modern cyberthreats and tactics
- Categories of security defenses
- Common security job roles
- Security industry ecosystem

Security Industry 101: A 'Crash Course' for Security Newbies

The security winds are rapidly shifting from "trust but verify" models to ones that assume that every activity is insecure until proven otherwise. In an age of high-profile security attacks, increasingly sophisticated phishing schemes, and ransomware threats run amok, organizations of all shapes and sizes are urgently seeking new ways to protect their workforce, their finances, their reputations, and their business operations. 

On September 26, 2023 at 1:00 p.m. Eastern/ 10:00 a.m. Pacific, hear how security and networking teams today are avoiding the latest attacks and nullify exploits by choosing the right cloud-delivered technologies that enforce zero trust for global secure access.
In this session you will hear:
• Why organizations around the globe are prioritizing the implementation of a SASE framework, specifically with SSE
• How SSE can enforce zero trust access to help protect access to Private apps, SaaS apps, and the open internet, all in a single solution.

Making Zero Trust Possible with a Security Service Edge (SSE) Approach

Microsoft 365 is a mission critical tool for organizations facilitating global collaboration, remote work, and cloud computing. While Microsoft provides native email security capabilities via Exchange Online Protection (EOP) and through additional security tools like Microsoft Defender for Office 365, organizations needs to augment these defenses in order to protect against modern sophisticated email threats such as business email compromise (BEC), advanced phishing, and account takeover. With over 88% of productivity software market share, Microsoft is the primary target of choice for threat actors. In 2022, cyber criminals sent more than 30 million messages that abused the Microsoft brand and products. 

On September 21, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific join Proofpoint and ISC2 for a live webinar with threat experts and learn how to break the attack chain and stop advanced email threats. 

Join the webinar to hear:
• Why threat actors are targeting your Microsoft 365 environment 
• Why industry analysts recommend supplementing native Microsoft 365 capabilities 
• What key areas you need to augment in your Microsoft 365 platform 
• Best practices for strengthening your Microsoft 365 security.

How to Augment Your Microsoft 365 Security

Governance, risk and compliance (GRC) professionals play a vital role in organizations, aligning IT goals with objectives as they manage cyber risks and achieve regulatory needs. This webinar talks about governance, risk and compliance globally, as well as specific core frameworks in the North American region. 
Get answers to these questions and more:
- What is GRC?
- Why is GRC important for cybersecurity?
- What are the core frameworks for the North American Region?
- How is GRC relevant in every industry?
- What is the pathway to CGRC?

Learn how CGRC certification demonstrates that you have the knowledge and skills to integrate governance, performance management, risk management and regulatory compliance within an organization.

Register today!

Panelists: AJ Yawn, Partner in Charge, Product and Innovation
Mohamed Malki, Director, Enterprise Security Architecture
Chris Stanley, Exam Content Developer

Moderator: Brandon Dunlap

Everything You Need to Know about CGRC in North America

Changes in how we design, build, run and secure information systems have also changed how we look at authentication and access control. The emerging concept of identity is transforming the ways that humans and non-human actors alike make use of data and compute power. At the same time, the emergence of identity as a focus for organizations also means that it has become a focus for attackers. To assess the ways that old and new attacks are targeting digital identities, F5 Labs is presenting findings from our 2023 Identity Threat Report: The Unpatchables. 

On September 19, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific this session will focus on credential stuffing. This will be the first of two sessions. We will quantify its prevalence, explore targeting trends such as attackers’ choice of industries and endpoints, and outline credential stuffing tactics, techniques and procedures (TTPs). We will also take a deeper look into some case studies, with a particular focus on the differences between basic and sophisticated attacks. This talk will also assess the  stolen credentials supply chain before focusing on mitigation strategies for combating credential stuffing.

Findings From the 2023 Identity Threat Report, Pt 1: Credential Stuffing

The ransomware scourge continues to plague the cybersecurity industry. To help ensure you and your company are better prepared, we will share insights and lessons learned from ransomware case studies. 

In this session, on September 12, 2023 at 1:00 p.m./ 10:00 a.m. Pacific IANS and (ISC)2 will lead you through: 

• What went right (and wrong) in these examples and how best to incorporate that experience into your defenses and program 
• Threat actor behavior and how to take advantage of their internal processes to thwart them 
• TTPs used in various ransomware operations  
• Alert monitoring – from investigating to remediating  
• The reality and best practices around backups and recovery

Ransomware in the Wild: Lessons Learned

As organizations build out their infrastructure across public, private and hybrid platforms, security architects need to extend their enterprise security policies and protocols to all workloads, no matter where they reside. Still, security operations teams are challenged with proactively detecting threats, deviations from organizational policies and violations of industry and organizational compliance for mission-critical applications in the cloud. Why is that? Join Gigamon and (ISC)2 on September 6, 2018 at 1:00PM Eastern where we’ll explore ways to assure compliance and decrease time to detect threats in mission-critical applications, reduce risk by leveraging a common platform across your entire IT environment and ensuring SLAs are met by tightly integrating the public cloud provider’s APIs and critical cloud provider services to automatically detect changes in virtual private clouds and virtual networks.

Security Briefing: What’s So Hard About Securing Virtual Workloads?

ISC(2)

Infosecurity

Cyber Security

Virtual Workloads

Gigamon

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Security Briefing: What’s So Hard About Securing Virtual Workloads?

Presented by

About this talk

More from this channel