Cloud adoption is exploding with nearly 1,300 cloud apps in use in an average enterprise. From suites like Office 365 to collaboration tools like Slack, the cloud has enabled new levels of productivity resulting in enterprises gaining strategic advantages. Enterprises are not the only ones benefitting from cloud adoption. Bad actors are using the cloud to bypass legacy defense mechanisms and harvest credentials, deliver malicious payloads, and steal data. In this webcast, we’ll examine a few recent cloud data breaches and dissect how these breaches occurred and best practices to reduce the chance it will happen to your organization. We will dive into new attack scenarios that involve using the cloud to bypass traditional security tools, how the cloud-enabled kill chain forces a rethinking of how to defend against threats such as phishing and data exfiltration and 5 steps to protect against cloud threats.
RecordedDec 20 201963 mins
Your place is confirmed, we'll send you email reminders
Julie Rockett, Sr Prod Marketing Mgr, Swimlane; Jay Spann, Technical Prod Marketing Mgr, Swimlane; Brandon Dunlap, Moderator
A recent study revealed how security orchestration, automation and response (SOAR) can deliver impressive gains in your security operations center's (SOC) efficiency, productivity, and consistency within a relatively short time-frame—11 months or less on average. But, how do you get there, and what SOAR use cases can lead to these remarkable gains? Join Swimlane and (ISC)2 on October 8, 2020 at 1:00 p.m. Eastern for a pragmatic approach to automation and orchestration as we dig into the use cases where organizations are seeing significant impacts in their SOCs. We’ll also examine:
•Typical challenges that SOAR platforms address.
•Five SOAR use cases that can be used immediately to alleviate analyst burnout and provide more effective use of existing tools.
•How to further increase the ROI of a SOAR platform with robust reporting and metrics.
Steve Piper, CISSP, Founder & CEO, CyberEdge Group
Successful ransomware attacks are at an all-time high. And so is the number of organizations paying ransoms to recover their data. But why? And what can smart IT security teams do to mitigate the risks of falling victim? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key findings from CyberEdge’s 2020 Cyberthreat Defense Report. In this webinar, we’ll:
- Examine disturbing ransomware trends, by country and by industry
- Postulate why more organizations are paying ransoms
- Underscore the importance of investing in your company’s “human firewall”
- Review technologies to help give security teams the upper hand
Dan Fein, Director, Email Security Products, Darktrace; Brandon Dunlap, Moderator
The future of work remains unpredictable and uncertain. More than ever before, business leaders need to remain confident that their operations can continue securely. However, 94% of cyber-threats still originate in the inbox, and ‘Impersonation attacks’ that expertly mimic the writing style of trusted contacts and colleagues are on the rise. Humans can no longer distinguish real from fake on their own – businesses are increasingly turning to AI to distinguish friend from foe and fight back with autonomous response. . Join Darktrace and (ISC)² on September 24, 2020, at 1:00 p.m. Eastern for expert insight into how cyber AI is the only tool that can keep pace with the rapidly evolving threat landscape facing organization’s inboxes every day. The webcast will examine:
· Exploration of the most recent email threat trends and statistics
· Overview of Darktrace’s latest developments to secure the email environments of the dynamic workforce
· Case studies and use cases from industry leading customers
Jim Mandlebaum, Senior Security Engineer, Gigamon; Brandon Dunlap, Moderator
Having visibility into your network, what’s on it and how it’s preforming, is critical to any sized organization. The use of network monitoring tools like SPAN and TAP can certainly help, as can Network Aggregation and Packet Brokers. Join Gigamon and (ISC)2 on September 15, 2020 at 1:00 p.m. Eastern as we dive into visibility topics such as Data Deduplication, Slicing, Masking, TLS Decryption, Inline and Out of band… and more. We’ll even include Virtual Environments and Cloud to make it even more interesting.
Jeremy Snyder: Sr Dir, Business Development & Solution Eng, DivvyCloud by Rapid7; Thomas Martin, Frm GE CIO/Founder, Nepho
More than 70% of enterprises today are multi-cloud, either through organic growth, through mergers and acquisitions, or as a corporate strategy. While cloud is a powerful opportunity to unleash innovation within the enterprise, IT and security teams must then devise governance strategies to support that innovation. Join DivvyCloud and (ISC)2 to hear about some real-world experiences, a top 10 list of governance starting points and key takeaways that include:
· Top 3 mistakes made in multi-cloud governance
· A set of related resources, including industry reports on the state of cloud, cloud misconfiguration security and more
Ran Rosin,Director of Product Management, Imperva; Brandon Dunlap, Moderator
The cloud is a popular destination for companies of all sizes. As companies plan their migration to the cloud, there is pressure to use database services from public cloud vendors. What are the compliance and visibility requirements and what does a secure cloud data deployment looks like. Join Imperva and (ISC)2 on August 27, 2020 at 1:00PM Eastern for a discussion on protecting data in the cloud and how to deploy securely and quickly.
Steve Piper, CISSP, Founder & CEO, CyberEdge Group
Nearly nine in 10 organizations are experiencing a shortfall of skilled IT security personnel, according to CyberEdge’s 2020 Cyberthreat Defense Report. That’s up from eight in 10 organizations just two years ago. This weighs heavily on the minds of IT security professionals as ‘lack of skilled personnel’ is rated as the #1 inhibitor to successfully defending against cyberthreats. So, what can organizations do to mitigate the effects of this crisis? Well, if you’re willing to ‘think outside the box,’ there is hope. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he:
- Examines the shortage of IT security personnel by job role
- Proposes creative ways for recruiting new security talent
- Suggests clever ways for retaining the talent you already have
- Identifies technologies that enable security teams to do more with less
Ollie Sheridan, Principal Sales Engineer, Security, (EMEA) Gigamon; Brandon Dunlap, Moderator
There is much talk in the Industry with regards to Zero Trust Networking (ZTN) - but what does it involve and what does this mean for Network Visibility? In this Webinar we will explore the reason for ZTN, some of the current ideas surrounding the implementations of ZTN and where Network Visibility plays a key role in securing such environments. With one of the key concepts of ZTN being the encryption and authentication of data in motion, we will also discuss the need for Metadata and why this can be an advantage over traditional methods of monitoring. Join Gigamon and (ISC)2 on August 13, 2020 at 1:00PM Eastern for an examination of:
- Understanding the ZTN trust model at a high level
- See which components are important within ZTN and why
- Understand why the perimeter is changing and why the need for segementation goes beyond physical devices
- How Metadata can play a key role in understanding the activity of applications on your network
Ian Farquhar, Consulting Sales Engineer, Gigamon; Brandon Dunlap, Moderator
TLS is becoming ubiquitous, but it’s a double-edged sword. On the one side, organizations can mitigate risk vectors using this protocol. On the flipside is the misuse of TLS by threat actors trying to hide their activities and prevent your security monitoring infrastructure from detecting their activities. How do you benefit from TLS, but avoid the risks? Is decrypting everything the right approach? And if so, where? What about non-decrypting approaches to threat detection, like JA3? TLS 1.3 was a significant change, what do I need to know about it? Join Gigamon and (ISC)2 on Thursday, July 30, 2020 at 1:00PM Eastern to get answers to these questions and more.
Steve Piper, CISSP, Founder & CEO, CyberEdge Group; Brandon Dunlap, Moderator
Want to know which IT security technologies are hot and which ones are not? 2020 has thrown many purchasing and deployment plans into a state of flux and your organization has probably been caught up in this. Join Steve Piper, Founder & CEO of CyberEdge (and a proud CISSP) and (ISC)2 on Tuesday, July 28, 2020 at 1:00PM Eastern as Steve reviews key purchase insights from the 2020 Cyberthreat Defense Report. Specifically, this webcast will examine which security technologies are most widely deployed and most planned for acquisition in 2020 so you can benchmark your company’s current and planned investments against your peers. Purchase intent across five key security technology categories will be focused on including:
•Application and data security
•Security management and operations
•Identity and access management
Kim Lambert, Sr. Product Marketing Manager, Imperva; Brandon Dunlap, Moderator
As transformations continue at breakneck speeds, how are these changes impacting security? Specifically, applications are being written in new ways and deployed across clouds. How do you maintain consistent app security in a way that enables agility and speed of deployment? Join Imperva and (ISC)2 on July 9, 2020 at 1:00PM Eastern for a discussion on applications and their addition to the computing infrastructure is impacting organizations both small and large.
Daniel Kennedy, Senior Analyst, 451 Alliance; Brandon Dunlap (Moderator)
A significant percentage of data breaches in the last year came as a result of the targeting of web applications. ‘Software’ continues to eat the world, but not all of the code behind it is being constructed in conditions that ensure security. DevSecOps is oft talked about, but what does implementation mean from a practical standpoint? What’s really meant by ‘shift left’?
Join Daniel Kennedy, Senior Analyst for 451 Alliance and (ISC)² on June 30, 2020 at 1:00PM Eastern for a discussion drawing on multiple years of peer market intelligence around application security, including tool usage within enterprises. We’ll examine what challenges emerge as security and development share responsibility for ensuring application security, and how can the needs of each be met.
Edward Roberts, Director of Product Marketing, Imperva; Brandon Dunlap, Moderator
You are a security professional. The world is changing - there are transformation initiatives being accelerated across your company - What are they, what is the impact on security and how can you ensure that a consistent security profile is maintained as your business transforms? Transformation is driving your company to engage with customers and partners in new ways, but automated attacks can steal your revenue and kill your business. How can the security team stop that happening? Join Imperva and (ISC)2 on June 18, 2020 at 1:00PM Eastern for a discussion on the processes and tools which will help to enable key transformation initiatives while protecting the integrity and security of your company.
Stolen payment card information usually needs to be validated before they can be used to run larger fraudulent transactions or be sold on the black market. Typically, automated bots run these tests or validation through smaller websites that lack anti-bot defenses. Join PerimeterX and (ISC)2 on June 4, 2020 at 1:00PM Eastern as we discuss how to detect and stop fraudulent transactions originating from carding bots and save thousands of dollars in payment processing charges. We’ll also cover :
As IT complexity increases at organizations, gaining visibility into a comprehensive asset inventory becomes progressively difficult for information security teams. The convergence of three trends account for this new era of complexity: the increase in the number and types of devices, rapid public cloud adoption, and the looming IoT explosion. Axonius commissioned a research survey with Enterprise Strategy Group (ESG) to uncover what kinds of visibility gaps, challenges, and strategies are top of mind for information security professionals. Join Axonius and (ISC)2 on May 21, 2020 at 1:00PM Eastern for the third of three webinars focusing on the looming and inevitable IoT explosion. By some reports, there will be 500 billion connected devices by 2030 (Cisco). Organizations are most concerned about visibility into the volume and diversity of devices.
Webinar attendees will learn:
• Detailed research findings on the looming IoT explosion, visibility challenges, and security implications
• An understanding of the key asset inventory challenges and how organizations are addressing these issues
• Best practices when implementing and improving an asset inventory process
• Emerging innovations and approaches to continuous asset discovery and automation
The beauty of the internet is that when users access content, they don’t actually care about the exact physical location of the “hardware” that is ultimately fetching the information. Users primarily care about how quickly they can get the information and how secure they are while doing it. To ensure business continuity, organizations deploy highly distributed but interconnected networks to ensure faster and efficient internet delivery. This webinar highlights some of the challenges you face while deploying distributed infrastructure and validation solutions to ensure high performance and security.
- Overview of technologies like software-defined wide area network (SD-WAN) and contend delivery network (CDN) that leverage distributed topologies
- Common challenges of deploying such technologies
- Performance and security issues during deployment and post deployment of distributed networks
Steve Piper, Co-Founder & CEO, CyberEdge Group; Brandon Dunlap, Moderator
Did you know that 81% of organizations reported that they suffered a successful cyber-attack in 2019? CyberEdge’s 2020 Cyberthreat Defense Report (CDR) has become the de facto standard for assessing organizations’ security posture, for gauging perceptions of IT security professionals, and for ascertaining current and planned investments in IT security infrastructure. The 2020 CDR assesses the views of 1,200 IT security professionals representing 17 countries and 19 industries. It’s the most geographically comprehensive view of IT security perceptions in our industry. Join (ISC)2 (a sponsor of this year’s study) and CyberEdge on May 12, 2020 at 1:00PM Eastern for highlights of the results and get key insights including:
A record 62% of organizations were compromised by ransomware last year
58% of ransomware victims paid ransoms last year, but a third failed to recover their encrypted data
Malware, spear-phishing, and ransomware cause the most headaches while zero-day attacks are of least concern
Lack of skilled personnel and low employee awareness inhibit IT security’s success
85% of organizations are experiencing a shortfall of skilled IT security personnel
George Zecheru, Amritam Putatunda, Sashi Jeyeretnam, Brandon Dunlap (Moderator).
Organizations across the world rely heavily on customer-facing and enterprise web applications to conduct their day-to-day business operations. It is mission-critical to ensure legitimate users are able to access these applications unhindered while malicious actors are kept at bay. This has become even more complicated since web apps have grown from just a few business apps to a multitude of backend web apps, mobile apps, SaaS apps, and other cloud-delivered solutions — all while the number and diversity of threats targeted at web applications continues to increase. Web application firewalls (WAFs) are generally tasked to protect modern websites and applications, but many times policies are based on performance rather than a known risk level. In this webinar we will discuss the following:
1) Techniques to discover security loopholes in existing WAFs that hackers may exploit
2) Continuous validation and remediations that not just help close existing loopholes, but also identify new ones as they arise
3) Performance benchmarking that ensures the WAF continues to deliver expected performance while increasing its security efficacies
Ido Sufruti, Chief Technology Officer & Hadas Weinrib, Bot Defender Security Strategy Lead, PerimeterX; B. Dunlap, Moderator
Account Takeover (ATO) attacks are on the rise. Not only are they hard to detect, they have consequences far beyond compromised PII and stolen goods. Stopping such ATO attacks is critical for any company engaged in online commerce. Join PerimeterX and (ISC)2 on May 7, 2020 at 1:00PM Eastern time as we highlight the top five ways to identify automated bot attacks to your website. We’ll cover:
● Real use cases - attacks that happened in the real world
● Practical strategies for identifying automated attacks
● Best practices for addressing and blocking bot attacks
Kyle Flaherty, B2B Go-to-Market, Keysight; Scott Register, VP Product Management, Keysight; Brandon Dunlap, Moderator
When you hear the words "Threat Intelligence", what's the first thing that comes to mind? Back end research? Threat Hunting? It's easy to categorize threat intelligence as a reactive tool - best suited for things like root-cause analysis - but it's so much more than that. In the first part of a three part series presented by Keysight, we'll explore an array of practical applications for threat intelligence, including traditional defensive strategies and new offensive strategies that will help you maximize your SecOps team.
•Join us to discover how applying threat intelligence can help you:
•Answer the question "Am I more secure today than I was yesterday?"
•Improve the efficiency and effectiveness of Breach and Attack Simulation tools
•Reduce your attack surface by blocking the latest threats
•Prevent DDoS attacks and improve performance with pre-deployment testing
•Maximize your threat hunting capability with real-time insights into botnets, phishing, etc.
•Stay ahead of attackers by researching the latest attack signatures