Hi [[ session.user.profile.firstName ]]

Entrust #2: Rethinking Enterprise Security with a Zero Trust Approach

Organizations around the world have transitioned to working from home in past months, and this transition has challenged advanced security models and user behaviors in a COVID-19 world. A significant number of users discovered that poor technology and/or infrastructure was the biggest barrier to effective remote working.

As we speed towards the new normal of hybrid workplaces, organizations are reviewing their business continuity plans and restoring productivity to pre-covid times. Cybercriminals are getting smarter; work from home has expanded the enterprise perimeter; and the digital ecosystem is growing rapidly including new cloud applications. A significant part of IT Security effort is to ensure appropriate infrastructure and tools for their employees as well as top of the line cyber hygiene controls. Therefore, companies need a cyber security strategy that is consistent and crosses their on-premises perimeter. “Never trust, always verify”, is the bedrock of Zero Trust. With a Zero Trust model, every request to access information/data must be authenticated, authorized, and encrypted before permission is granted. It is not a product but an enterprise cybersecurity plan to protect its resources. In this session the participants will learn about:

o Enterprise challenges in Zero Trust implementation

o How Zero Trust responds to different risk factors

o Ways to secure enterprise Hybrid environment

o How Entrust's high assurance IAM solution helps in achieving Zero Trust
Recorded Jan 26 2021 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Rajan Barara, Director, Product Management, Entrust Identity; Sharon Smith, Moderator
Presentation preview: Entrust #2: Rethinking Enterprise Security with a Zero Trust Approach

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • SolarWinds Fallout Has Execs Asking: How Secure is Our Supply Chain? Mar 30 2021 5:00 pm UTC 60 mins
    Brandon Dunlap, Moderator
    The ramifications of the SolarWinds incident continue to evolve as more details emerge about the impact it had on a wide range of organizations. A recent survey of more than 300 cybersecurity practitioners by (ISC)2reveals just how concerning the incident was and what these professionals recommend to shield organizations from similar supply chain threats. Join this panel discussion on March 30, 2021 at 1:00pm Eastern to hear anecdotes and best practices related to third-party technologies in the security stack, and how peers in cybersecurity leadership positions are future-proofing their defenses while planning for worst case scenario.
  • Inside (ISC)²: Unlocking Maximum Member Value Mar 23 2021 5:00 pm UTC 60 mins
    Clar Rosso, (ISC)² CEO; Beth Paredes, (ISC)² Director, Member Services
    In addition to providing cybersecurity exam prep and awarding certifications, a large portion of what the (ISC)² leadership team focuses on is delivering value to its members. From CPE credit opportunities like its Professional Development Institute (PDI), InfoSecurity Professional Magazine and this very webinar channel, to member perks and discounts, volunteer engagements and advocacy, there is a growing ecosystem of value that members can take advantage of. Join (ISC)² CEO Clar Rosso on March 23, 2021 at 1:00pm Eastern as she reveals details of the strategic direction for the association. Special guest Beth Paredes, (ISC)2 director of Member Services will provide an overview of the many recent improvements to the member experience that attendees may not be aware of, and how to unlock all the value that membership has to offer.
  • Global Impressions: Endpoint Security Strategies for the Long-Term Mar 18 2021 5:00 pm UTC 60 mins
    Bob Hansmann, Sr. Product Marketing Manager – Security, Infoblox; Brandon Dunlap, Moderator
    After a painful but relatively successful response to workplace changes driven by the pandemic, how well are those security measures working and what is next for the evolution of the SOC and endpoint security in specific? For most organizations, the future involves a larger remote workforce, of both full and part-time workers, including those in traditional HQ office roles. But many of the measures taken in response to pandemic conditions are proving less-than-ideal as long-term solutions. Join Infoblox and (ISC)2 on March 18, 2021 at 1:00PM Eastern for a session that will draw on recent analyst reports and surveys conducted globally, with some North American specific call-outs, to help attendees to better understand…· Which security alternatives are leaders considering as long-term solutions, and why?

    · What techniques are helping to improve visibility for users and devices regardless of their location?

    · Why are security leaders evolving methods for obtaining and using cyber threat intelligence?

    · How can embracing automation improve response times and overall operational efficiencies?
  • Gigamon #2: Securing the Hybrid Cloud: Optimizing SIEM Mar 9 2021 6:00 pm UTC 60 mins
    Muhammad Durrani, Technical Marketing Engineer, Gigamon; Brandon Dunlap, Moderator
    SIEM systems are pivotal to IT organization’s security operations. Many companies are adopting a hybrid cloud model, and cloud-based SIEMs are becoming common as a result. Regardless of on-prem or cloud deployments, the challenges around SIEM remain the same, from data overload, lack of contextual information, to high costs. Security best practices in deploying SIEMs also remain unchanged, which include establishment of use cases, data ingestion types and development of parsers for various tool vendors. On March 9, 2021 at 1:00pm Eastern, Gigamon and (ISC)2 will present a webinar that will cover solutions to these challenges such as Gigamon’s Application Metadata Intelligence as well as various smart filtering techniques.
  • Gigamon #1: Securing the Hybrid Cloud: Visibility Best Practices Recorded: Feb 25 2021 62 mins
    Jim Mandelbaum, Senior Security Engineer, Gigamon; Brandon Dunlap, Moderator
    With the move to cloud and the multitude of approaches, your ability to effectively monitor and secure workloads gets even more difficult. IT complexity, the rate of change, lack of skills, and organizational silos have made confidently managing security and performance nearly impossible. Visibility is critical. Join Gigamon and (ISC)2 on February 25, 2021 at 1:00pm Eastern for a discussion of the security considerations for on-prem private, public and hybrid clouds. You’ll learn best practices and see how a little planning and design can go a long way. Achieve a secure and viable hybrid cloud implementation and get a high return on your investment. Join our session to learn how.
  • What's This Thing? Solving Asset Management for Security Ops Recorded: Feb 18 2021 59 mins
    Daniel Trauner, Director of Security, Axonius; Brandon Dunlap, Moderator
    SecOps teams struggle to quickly gather useful, accurate and up-to-date asset date to inform investigations. It’s important to correlate datea from multiple sources to understand the intersection of connected devices, cloud instances, user and security controls. Ultimately SecOps teams care most about alerts and investigations, but some of the most basic asset data challenges make getting context a massive pain. Join Axonius and (ISC)2 on February 18, 2021 at 1:00PM Eastern as we look at asset management and its impact for security operations.
  • Engaging Your Line of Business for Cybersecurity Initiatives Recorded: Feb 10 2021 60 mins
    Scott Bridgen, Head of OneTrust GRC; Sharon Smith, CISSP, Moderator
    Security cannot be done in a silo. The extent and nature of data shared across lines of business functions, both internally and externally, fuels instances of system and organizational vulnerabilities. GRC must transcend the traditional lines of defense, specifically risk managers and audit professionals. In this webinar, we’ll discuss roles and responsibilities of effective risk management practices. What can businesses do to better align key stakeholders? How can businesses incorporate Security by Design process and practices and where can technology support with structured data sets and automation? We’ll look at:

    · Aligning organizational goals, and department objectives to translate risk into business impacts.   
    · Automating GRC touchpoints into your line of business functions  
    · Integrating Audit to document and support continuous improvement initiatives
  • Darktrace #3: The Industrial Immune System: Securing IT/OT Converged Ecosystems Recorded: Feb 9 2021 59 mins
    David Masson, Director of Enterprise Security, Darktrace; Brandon Dunlap, Moderator
    The increasing convergence of information technology (IT) and operational technology (OT) in ICS environments creates significant challenges from a security perspective. Attacks originating in the inbox can now more easily disrupt processes on the factory floor. Further, many organizations are unaware of the extent of IT/OT convergence in their own ecosystems. Join Darktrace and (ISC)2 on February 9, 2021 at 1:00pm Eastern as we look at how Darktrace’s Industrial Immune System helps organizations tackle these challenges by providing a unified view of IT and OT networks. The self-learning AI detects threats throughout the ecosystem and the AI analyst also automates the investigation process in both IT and OT-specific contexts in order to augment human teams. The session will also include a discussion on how the system defended against a Serpent ransomware infection in real time.
  • From the Front Lines – Incident Response at Scale Recorded: Feb 4 2021 78 mins
    James Perry, Senior Director and Head of Incident Response, CrowdStrike Services
    In this session from our recent Security Congress event, you hear stories of CrowdStrike incident response engagements and how they have changed the model for how companies respond to a breach. Learn the methods CrowdStrike uses to disrupt and ultimately remove bad actors from networks.
  • Entrust #3: What Type of Passwordless Solution is Right for You? Recorded: Jan 28 2021 60 mins
    Madhur Bhargava, Product Marketing Manager, Entrust Identity; Sharon Smith, Moderator
    Passwords are easily the most irritable thing for securing your digital identity. Be it workforce or consumers, everybody gets bogged down with the task of remembering passwords for multiple websites and applications. They are also the weakest form of security, often hacked by cybercriminals. With the advent of biometrics and their widespread reach (thanks to smartphones), passwordless access became a reality with mobile push authentication. As biometrics are unique to every individual, it is a pretty secure way to access applications and authorize transactions. Passwordless techniques were further modified with the introduction of physical keys (USB devices). But the foremost approach to passwordless access is credential based authentication which works on the principal of securing both your device and identity. Join us for a session where we will talk about all things passwordless. We’ll examine:

    · How security paradigms changed with COVID-19 ?
    · Why is the world moving towards passwordless ?
    · Different types of Passwordless solutions offered by Entrust Identity
    · How to secure your workforce with Entrust Identity's high assurance passwordless solution
  • Darktrace #2: Threats in Focus: Nation-State Cyber Attacks Recorded: Jan 26 2021 61 mins
    Marcus Fowler, Director of Strategic Threat, Darktrace; Brandon Dunlap, Moderator
    Among rapidly evolving global challenges, the escalation of nation-state attacks is making cyber-attacks exponentially more dangerous and harder to identify. Mounted at speed and scale and backed by thorough resources, nation-state cyber-attacks often do damage under great stealth, steal sensitive data, and have even resulted in manipulation and distortion of information. In the face of sophisticated nation-state attacks, organizations are turning to Cyber AI, which detects the subtle signs of targeted, unknown attacks at an early stage, without relying on prior knowledge. Join Darktrace and (ISC)2 on January 26, 2021 at 1:00PM Eastern as we examine:

    · Paradigm shifts in the tide of nation-state cyber threat landscape

    · How Cyber AI singularly detects never before seen threats

    · Real-world examples of nation-state campaigns stopped with Cyber AI
  • Entrust #2: Rethinking Enterprise Security with a Zero Trust Approach Recorded: Jan 26 2021 59 mins
    Rajan Barara, Director, Product Management, Entrust Identity; Sharon Smith, Moderator
    Organizations around the world have transitioned to working from home in past months, and this transition has challenged advanced security models and user behaviors in a COVID-19 world. A significant number of users discovered that poor technology and/or infrastructure was the biggest barrier to effective remote working.

    As we speed towards the new normal of hybrid workplaces, organizations are reviewing their business continuity plans and restoring productivity to pre-covid times. Cybercriminals are getting smarter; work from home has expanded the enterprise perimeter; and the digital ecosystem is growing rapidly including new cloud applications. A significant part of IT Security effort is to ensure appropriate infrastructure and tools for their employees as well as top of the line cyber hygiene controls. Therefore, companies need a cyber security strategy that is consistent and crosses their on-premises perimeter. “Never trust, always verify”, is the bedrock of Zero Trust. With a Zero Trust model, every request to access information/data must be authenticated, authorized, and encrypted before permission is granted. It is not a product but an enterprise cybersecurity plan to protect its resources. In this session the participants will learn about:

    o Enterprise challenges in Zero Trust implementation

    o How Zero Trust responds to different risk factors

    o Ways to secure enterprise Hybrid environment

    o How Entrust's high assurance IAM solution helps in achieving Zero Trust
  • Entrust #1: Quickly and Securely Verify Individual Identities Online Recorded: Jan 25 2021 50 mins
    Jenn Markey, Product Marketing Director, Entrust Identity; Sharon Smith (Moderator)
    2020 has accelerated digital transformation efforts across the board. Projects with multi-year timelines are being executed in a matter of months and, in some cases, weeks. Increasingly, people are being interviewed, hired, and onboarded without ever having an in-person meeting. Customers are transacting online in record numbers out of necessity, convenience, and even safety. This new normal introduces the challenge of securely verifying individual identities, especially when an in-person identity check is not feasible. Modern identity proofing keeps your workers and customers safe and protects your organization. In the first part of this series, join us to learn best practices to:

    o Securely verify personal identities

    o Limit user friction in the verification process

    o Protect workforce and consumer identities

    o Mitigate risk of identity fraud
  • Threat Hunting: A Proactive Approach to Breach Defense Recorded: Jan 21 2021 61 mins
    Adam G. Tomeo, Product Marketing Mgr, Cisco; Eric Howard, Technical Marketing Engineer Mgr Cisco; Brandon Dunlap, Moderator
    Did you know that 1 in 4 companies are at risk for a major breach in the next 24 months? And with nearly half of alerts going uninvestigated at organizations around the globe, it’s no wonder this risk is so high. Reducing your organization’s mean time to detection can minimize the impact of a breach, but without a focused detection capability giving you visibility, breaches can go undetected for months, by which time extensive damage has already been done. Join Cisco and (ISC)2 on January 21, 2021 at 1:00PM Eastern for a discussion to learn about the value of adding threat hunting to your breach defense. We will examine the differences between starting an internal threat hunting team versus acquiring services from a third party and how you can leverage a hybrid model to take a more proactive approach to breach prevention.
  • August 2020 Summit #3: Technical Blue Print for Data Protection Recorded: Jan 13 2021 44 mins
    Ankus Chadda, Brandon Dunlap, Moderator
    This session will lay out the technical blue print to achieve data protection success. Discover why Forcepoint is a 9x Gartner MQ Leader for DLP. Forcepoint Dynamic Data Protection can allow your organization to prioritize high-risk activity and automate policies to protect data in near real-time, providing the highest security & workforce productivity. During this final session to the Path to Smart Data Protection learn how Forcepoint can help your organization:

    • Profile high-risk activity based on data incidents, data models and endpoint collector events
    • Dynamically allocate individual risk scores based on a person’s behavior and the value of the data they access
    • Apply automated controls to any interactions with sensitive data based on individual risk level.
  • August 2020 Summit #2: Explorations in Data Protection Recorded: Jan 13 2021 55 mins
    Jason Kemmerer, Sales Engineer, Forcepoint; Brandon Dunlap, Moderator
    During this session hear from a Forcepoint customer on why they chose Forcepoint as their Data Protection partner. Learn how a healthcare organization leveraged Forcepoint’s solution to span across multiple businesses, ingest and fingerprint data, support regulatory requirements, customize policies, implement across multiple domains, provide OCR and use a single pane of glass for policy configuration and enforcement.
  • August 2020 Summit #1: Data Protection Essentials Recorded: Jan 13 2021 45 mins
    Josh Jordan, Solution Specialist, Forcepoint; Brandon Dunlap, Moderator
    What data does your organization process? What policies exist? Who are your internal stakeholders? What is your organizations risk tolerance? What compliance regulations apply to your organization? This session will walk dig into how to operationalize a successful data protection program from the basics to demonstrating effectiveness.
  • May 2020 Summit #3: SASE for Data - Data Protection with Cloud DLP Recorded: Jan 13 2021 51 mins
    Greg Mayfield, Sr. Director, Product Marketing, Netskope; Brandon Dunlap, Moderator
    Data context is a core principle of SASE architecture and it requires visibility to data-at-rest and data-in-motion for data loss protection (DLP) policies and rules. Intersect these objectives with the overwhelming use of cloud apps freely adopted by business units and users, and you need cloud DLP. Legacy SWG solutions using ICAP for file-based DLP analysis are blind to cloud apps and the majority of data movement and use. While traditional cloud access security broker (CASB) deployments use API protection into several dozen managed cloud apps, it is the inline deployment that provides granular control for thousands of cloud apps in use, plus web traffic. Here are five areas to consider when updating your blueprint for data loss protection.

    1. First, your users are in the cloud and are now working remote. Plus, the majority of your data now resides in the cloud with wide SaaS adoption, so your DLP needs to be in the cloud. SASE involves a single pass design for data and threat protection, meaning your cloud SWG requires strong DLP for cloud and web traffic.

    2. Allow/block faces the same challenges for DLP, it needs to mature to ‘allow’ with granular policy controls for data protection. The cloud brings boundary crossings between company and personal instances, managed and unmanaged cloud apps, activity and context, plus app risk factors to recommend safer alternatives.

    3. While inline cloud SWG provides the foundation for cloud DLP, the benefit of SASE architecture is using the same DLP policies and rules for data-at-rest in managed apps with CASB, public cloud environments with cloud security posture management (CSPM), plus securing private access with ZTNA.
  • May 2020 Summit #2: SASE for Users - Secure Remote Users for Any Device Recorded: Jan 13 2021 50 mins
    Ross Asquith, Product Marketing Manager, Netskope; Brandon Dunlap, Moderator
    In the current environment, many legacy VPN and remote access solutions are being overwhelmed, and organizations are reacting with ‘band aid’ fixes. The goal is to enable business critical users with cloud-based private access as quickly as possible with the least amount of friction. Strategically, this will mean combining a cloud-based Next Gen Secure Web Gateway (providing cloud and web inline security) and a zero trust network access (ZTNA) solution (providing scalable and fast remote access) as part of your SASE architecture. Here are five areas to consider when updating your blueprint for remote access security:

    1. Most legacy VPNs were deployed to handle around a third an organization’s workforce, but they are being pushed to handle two-thirds or more in the current crisis. The poor performance and user experience of overloaded VPNs can be easily replaced with cloud-enabled private access - for critical business use cases.

    2. Shift your remote access strategy from VPNs providing network access, with the opportunity for lateral movement by malicious insiders and compromised accounts, to secure, cloud-enabled, zero trust application access.

    3. ZTNA maintains the traditional remote access features of device posture checking and strong authentication, but improves the security of data centers and public cloud environments by not exposing any IPs, ports or services to the public internet.

    4. The deployment of legacy VPNs to multiple data centers and multi-cloud environments can be complex for IT and users. Cloud-enabled ZTNA seamlessly and transparently provides access to hybrid IT environments with high performance, global scale, and much less complexity.
  • May 2020 Summit #1: SASE at-the-Core - Content and Context with Next Gen SWGs Recorded: Jan 13 2021 56 mins
    Tom Clare, Product Marketing Manager, Netskope; Brandon Dunlap, Moderator
    Transformations are disruptive by nature driving the need to review the challenges for cloud and web use in our organizations. Secure web gateways (SWGs) are also part of the disruptive transformation cycle we are all experiencing and becoming the core of SASE architecture to provide vital content and context for granular policy controls. Here are five areas to consider when updating your blueprint for securing web and cloud use.

    1. The web is no longer just web, over half of secure web gateway (SWG) sessions are now cloud apps where the average organization uses 2,415 cloud apps and 89% of users are active in the cloud. Adding more fuel, over 98% of cloud apps are unmanaged by IT and freely adopted by business units and users.

    2. Web content and filtering needs to advance to decoding cloud app traffic inline, or SWGs will remain blind to cloud content and context for real-time threat and data protection where 44% of threats were cloud-enabled in 2019.

    3. The general allow/block model no longer works for cloud. Allow now requires granular controls such as understanding cloud app instances and activity to detect cloud phishing or cloud-enabled threats using trusted domains and valid certificates to evade legacy defenses.

    4. Appliance limitations are being replaced with cloud native platforms with on-demand performance and global scale. These microservice designed platforms are enabling an integrated SASE architecture with an understanding of data context and expanding capabilities to end appliance sprawl.

    5. SWG control points for main and remote offices now must include a growing base of remote workers. For cloud SWG optimization, they require a hyperscale carrier grade access network providing the fastest round trip time possible. This eliminates the performance versus security trade-off and the uncertainties of the internet.
(ISC)² Security Briefings - In-depth examination of infosec topics.
(ISC)² Security Briefings brings attendees both stand alone webcasts and multi-part series on cutting edge infosecurity topics that gets deeper into the subject matter and technologies presented by subject matter experts.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Entrust #2: Rethinking Enterprise Security with a Zero Trust Approach
  • Live at: Jan 26 2021 3:00 pm
  • Presented by: Rajan Barara, Director, Product Management, Entrust Identity; Sharon Smith, Moderator
  • From:
Your email has been sent.
or close