Hi [[ session.user.profile.firstName ]]

CISO Says: Interview with Istvan Rabai, CISO Signalhorn

In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format. They provide insight into the path he took to become CISOs and how they are reinventing the role in the face of accelerating industry change.
Recorded Sep 26 2016 61 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Speaker: Istvan Rabai, Chief Information Security Officer, Signalhorn, Moderator: Adrian Davis, Managing Director (ISC)² EMEA
Presentation preview: CISO Says: Interview with Istvan Rabai, CISO Signalhorn

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • PAM: The Critical Missing Piece in Your Security Strategy Nov 22 2018 1:00 pm UTC 60 mins
    Brandon Dunlap, Moderator, (ISC)², Karl Lankford, Lead Solutions Engineer EMEA, Bomgar
    Industry thought leaders have stated that if you can only tackle one project to improve the security of your organisation it should be Privileged Access Management (PAM). Our own research backs this up with the 2018 Privileged Access Threat Report revealing organizations using automated PAM technology experience far fewer serious breaches than those that did not. Karl Lankford, Lead Solutions Engineer EMEA at Bomgar will discuss what ‘privilege’ means to your business and how implementing a PAM solution can drive significant improvements across the organisation. You will learn:

    •Why organisations should make PAM their top 2019 investment
    •Why quickly controlling and automating key PAM capabilities is critical to your organisation’s success
    •Help you to prepare the business case for your PAM project and to get Executive Leadership buy in
  • Trust No One Part 2. What Does Zero Trust Mean for You? Nov 20 2018 2:00 pm UTC 60 mins
    Lindsay Drabwell, Head of Membership, (ISC)² EMEA, Richard Archdeacon, Duo, Daniel Cuthbert, Banco Santander
    As early as 2003 the Jericho Forum was created to tackle "de-perimeterisation" and later in 2014 Google released their "BeyondCorp" paper detailing how they made it happen. However, have Zero-Trust security models been adopted in the enterprise and what challenges do organisations face when considering de-perimeterisation?

    Join the discussion between Richard Archdeacon from Duo Security and Daniel Cuthbert from Banco Santander in Part 2 of the Zero Trust series and learn about Zero Trust deployments within the enterprise.
    Speakers:
    Richard Archdeacon, Advisory CISO, Duo Security
    Daniel Cuthbert, Global Head of Cybersecurity Research, Banco Santander

    For Part 1 in the Zero Trust Series, copy and paste this link into your browser: https://www.isc2.org/News-and-Events/Webinars/EMEA-Webinars?commid=334792&Part2
  • Using Modern Authentication Methods with Legacy Assets Nov 15 2018 1:00 pm UTC 60 mins
    Brandon Dunlap, Moderator, (ISC)², Chris Steffen, Technical Director, Cyxtera
    There are a large proportion of business critical legacy applications unable to accept modern forms of authentication.
    Refactoring legacy applications is costly and sometimes virtually impossible. Yet these applications are accessing highly valuable data across networks and they are a data breach ready to happen.

    Join us as we discuss how to secure legacy applications with modern Zero Trust security.

    Brandon Dunlap, (ISC)² Moderator and Chris Steffen (CISSP, CISA), Technical Director for Cyxtera will discuss:
    -Problems with how legacy applications are secured today
    -Options for security without refactoring these applications
    -Simplicity and speed to security that reduces operational complexity and scope of audits
    -A process for gradual end-of-life legacy assets, while still operating day-to-day normal business
  • What's Your DNS Security Risk? Insights from recent Ponemon Survey Nov 13 2018 1:00 pm UTC 60 mins
    Lindsay Drabwell, Head of Membership EMEA, (ISC)², Rainer Singer, Technical Engineer, Infoblox
    Have you ever done an assessment on how secure your DNS infrastructure is? Ponemon Institute has recently completed the first DNS Security Risk Survey among global organizations to understand how secure they are when it comes to malware and data exfiltration that uses DNS. The survey also provides insights into:

    •The level of visibility these organizations have, especially in today’s complex network deployments
    •Their use of threat intelligence and the effectiveness of threat intelligence
    •The efficiency of their security operations
  • The Orchestration Journey Nov 6 2018 12:00 pm UTC 60 mins
    Brandon Dunlap, Moderator, (ISC)², Andrew Yeates, UK&I Solutions Architect, Resilient | IBM Security
    Organisations today need to be agile, and dynamic in responding to the most advanced cyber threats, and although automation has it's place in improving SOC efficiencies, human intelligence is still one of the most important aspects in effective incident response, in this session learn how more about the journey to Intelligent orchestration and how leveraging it in an uncertain world can empower your organisation.
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Nov 1 2018 12:00 pm UTC 60 mins
    Lindsay Drabwell, Head of Membership Services, (ISC)² EMEA, Membership Services Team, (ISC)² EMEA
    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarized
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
  • The SecOps Imperative: How to Bridge the Security and Operations Gap Oct 30 2018 2:00 pm UTC 60 mins
    Lindsay Drabwell (ISC)², Tristan Morris, Stacia Tympanick Carbon Black
    According to ESG research, 72% of organizations believe that security operations are more difficult now than they were two years earlier.
    This stems from security and IT operations teams lacking a reliable way to assess the current state of endpoints across their enterprise and leads to an increased risk of breaches, an inability to make informed remediation decisions, and unnecessary spending on infrastructure maintenance.
    On this webinar we look at the current need to bridge the gap between Security and IT Operations with shared toolsets and shared goals, why IT hygiene and proactive vulnerability assessments are now vital aspects of any successful endpoint security program and how to leverage real-time query and remediation tools to better understand the state of endpoints.

    Key takeaways:

    •How businesses can understand and adopt a SecOps strategy
    •How you can leverage real-time query and remediation tools to get a better understanding of the current state of your endpoints
    •The need to bridge the gap between security and IT operations and with shared toolsets, shared goals and shared priorities

    Tristan Morris – Security Strategist, Carbon Black
    Stacia Tympanick – Solution Engineer, Carbon Black
  • Trust No One Part 1: Exploring Zero Trust Security Models Oct 25 2018 1:00 pm UTC 60 mins
    Lindsay Drabwell, Head of Membership, (ISC)² EMEA, Wendy Nather, Director, Advisory CISO, Richard Archdeacon, Advisory CISO
    Although “zero trust” is a popular term for the alternative security model that everyone’s talking about, it’s not always clear what it means, or whether it describes what policy changes you may want to make in your organisation.
    Join Wendy Nather and Richard Archdeacon to find out more about Zero Trust Security models, implemented by Google in their BeyondCorp initiative.

    Register for Part 2 in the Zero Trust Series: https://www.isc2.org/News-and-Events/Webinars/EMEA-Webinars?commid=334792&Part1
  • Enriching Your Security Product Stack With The Power of IPAM and DNS Oct 23 2018 11:00 am UTC 60 mins
    Lindsay Drabwell, (ISC)² EMEA, Gary Cox, Infoblox, Alastair Broom, Logicalis
    Today’s enterprise network has a vast number of network and security devices – all generating their own incidents, but they don’t always share information. According to the ESG research report on Security Operations Challenges, Priorities and Strategies in 2017, keeping up with the volume of security alerts and lack of integration between different security tools are the biggest challenges related to security. Organizations are investing heavily in automation/orchestration of incident response to improve collaboration, prioritize alerts and shorten time for incident response.

    This webinar will discuss how integration of different network and security tools can:
    •Provide better visibility across your entire network and remove silos
    •Improve agility and automate IT workflows
    •Enable faster remediation to threats

    Please join Infoblox and Logicalis for this key discussion on the integrated ecosystem -- taking your organization to the next level of security.
  • The 1/10/60 Challenge: Stopping Breaches Faster Recorded: Oct 18 2018 58 mins
    Brandon Dunlap, Moderator, (ISC)², Zeki Turedi, Technology Strategist EMEA, CrowdStrike
    Breakout time, the time that it takes an intruder to jump from the machine that’s initially compromised and move laterally through your network, on average is 1h and 58m*. This is your critical window to take action and stop the breach. When an attack is in progress, we’re seeing world leading security teams take one minute to detect it, 10 minutes to understand it and one hour to contain it. Is your organisation ready to meet the 1/10/60 minute challenge?

    Attend this webcast to learn:

    -What breakout time is and what it means for defenders that are responding to attacks in real time
    -How the incident response process unfolds and the barriers that keep organisations from mounting a rapid and efficient response
    -The key steps you can take to improve your organisation’s ability to rapidly detect, investigate and remediate threats
  • The Power and Potential of Robotic Process Automation (And the Security Risks) Recorded: Oct 16 2018 53 mins
    Adam Bosnian, EVP Global Business Development, CyberArk
    Robotic process automation (RPA) is a powerful and emerging technology that streamlines and standardizes many human user processes as well as harmonizes different systems across an organization’s environment. So what do IT security professionals need to know about RPA platforms and the connection to privileged credentials? Very simply, it is a new attack vector and organizations need to protect these accounts with the RPA platform.

    Because RPA software interacts directly with business applications and mimics the way applications use and mirror human credentials and entitlements, this can introduce risks when the software robots automate and perform routine business processes across multiple systems.
    Learn about the vulnerabilities attackers seek out in RPA and the methods you can employ to proactively secure, protect and monitor privileged credentials in RPA non-human user entities that mirror human entitlements.
  • Making Compliance the Outcome of Your Security Strategy, Not a Goal Recorded: Oct 11 2018 57 mins
    Lindsay Drabwell, Moderator & Head of Membership EMEA, (ISC)², Matt Middleton-Leal, Kennet Johansen, Netwrix
    While compliance is close to security, being compliant doesn’t necessarily mean that you’re protected from a security breach.

    Malicious actors don’t care if you passed a regulatory audit, and there are many companies that are fully compliant on paper but that have suffered a data breach.

    That’s why it’s essential to take a “go beyond compliance” approach.

    In this webinar, we’ll share some insights into the biggest IT security disasters and explain how you can avoid such failures by not just working towards compliance, but building a robust security culture in your organisation.

    Join Matt Middleton-Leal (CISSP), General Manager at Netwrix and Kennet Johansen, Security and Infrastructure Solution Architect, to learn:

    •Why going beyond compliance is good for business
    •Practical tips for improving your IT security posture
    •How the right security investments help you save money in the long term
    •How to establish a strong security culture in your organisation
  • Continuous Cyber Risk Monitoring - Adapting to the New Normal Recorded: Oct 9 2018 59 mins
    Lindsay Drabwell, Head of Membership Services, (ISC)² EMEA, Nick Trigg, Risk Consultant, BitSight Technology
    Security Ratings are the relatively new kid on the block when it comes to externally derived Cyber posture analysis.

    According to one of the most reputable research bodies, ‘continuous monitoring of systems and behaviours is the only way to reliably detect threats before it's too late’.

    The three big topics are VISIBILITY - across my whole cyber risk landscape , COLLABORATION - in order to remediate against risk appetite and AGILITY - How can I react in a timely manner to rapidly changing risk factors

    Given these challenges can you afford NOT to utilise Security Ratings?

    In this session Nick Trigg - Risk Consultant for BitSight Technology - will address these points along with

    •Do security ratings threaten or compliment traditional methods of questionnaires and audits
    •Why security ratings should be treated as a risk position rather than a vulnerability checklist.
    •Data: sources, accuracy, coverage, currency
    •Context : stakeholders, business impact
    •Time to value : best approach to implementation
  • Fighting back with AI: Tapping the power of AI to elevate cybersecurity posture Recorded: Sep 27 2018 57 mins
    Lindsay Drabwell, Head of Membership Services (ISC)² EMEA, Mike Spradbery, Neil Jones, IBM
    How can AI help overworked, understaffed and overwhelmed security analyst teams? How can the use of an AI platform help reduce the cost of a data breach? Mike Spradbery, IBM's UK&I Security Technical Leader, will explore these and other questions as he talks live to the experts behind a new Ponemon Institute study on the use of Artificial Intelligence in Cyber Security. Mike will also share case studies of AI in action in Cyber Security and explore how AI is helping organisations elevate their cybersecurity posture and reduce response times.
  • TLS Decryption: Critical to Detecting Threats Recorded: Sep 20 2018 59 mins
    Lindsay Drabwell, Head of Membership, (ISC)² EMEA, Ollie Sheridan, Principal Engineer, Gigamon
    As the volume of encrypted traffic continues to grow, organisations become even more vulnerable to encrypted attacks, threats and exploits that go undetected. Learn how to create a centralised “decryption zone” to decrypt traffic once and give security tools newfound visibility into encrypted traffic.
    Join Ollie Sheridan (CISSP), Principal Engineer at Gigamon to learn:
    •How the TLS 1.3 draft 28 proposal removes visibility which was widely deployed for threat identification in TLS 1.2.
    •How to acknowledge and address critical management, troubleshooting, legal, regulatory, ethical and technical concerns.
    •Why deploying TLS decryption in the core of networks is critical to detecting threats.
    •How to deploy innovative architectures for TLS decryption while maintaining availability and reliability.
    •How to manage growing SSL/TLS traffic volumes by creating a centralized “decryption zone” to decrypt traffic once and give security tools newfound visibility into formerly encrypted traffic and threats.
  • Machine Learning in Infosec: Debunking Buzz and Demystifying Use Cases Recorded: Sep 12 2018 58 mins
    Lindsay Drabwell, Head of Membership Services, (ISC)² EMEA, David Gamer, Philipp Drieger, Splunk
    A growing use of the terms ‘AI’ and ‘Machine Learning’ being used in the descriptions of vendors’ products and capabilities can cause some confusion. With all the buzz around these latest trends, security professionals are left with some important questions: What can these technologies do in Infosec? How they can be implemented to improve everyday security processes? Where can’t AI and ML improve security tools? In this Splunk webinar, a machine learning expert will;
    •Demystify what machine learning is as well as what it can and cannot do in InfoSec
    •Walk through three of the most common use cases of where these technologies can be implemented
    •Explore the latest innovations in ML & AI, and where this will take cybersecurity professionals next
  • Don’t Break the Bank: Achieving Compliance in Financial Institutions at Scale Recorded: Sep 6 2018 60 mins
    Lindsay Drabwell, Head of Membership Services, (ISC)² EMEA, Faraz Aladin, Director Product Marketing, Illumio
    Compliance regulations such as SWIFT and GDPR can be challenging to understand and implement. Many of these regulations have cybersecurity requirements that are focused on protecting critical banking infrastructure with aggressive timelines - and without disrupting the very business-critical systems you're trying to protect. Jumping from one set of requirements to another, and to subsequent internal and external audits, can feel like a never-ending cycle.

    In this webinar, Faraz Aladin, will share thoughts on different approaches to handling the unique challenges a security practitioner in financial services can expect. He’ll highlight Illumio's unique position helping the largest financial institutions in the world solve regulatory and compliance challenges quickly and at scale. Register now to learn:

    •Top challenges facing global banking
    •Approaches to protecting your "digital crown jewels"
    •Pros and cons of different approaches
    •How to future-proof for evolving requirements
  • Secrets to Strengthening and Preventing Unauthorized Access to Sensitive Data Recorded: Aug 14 2018 59 mins
    Lindsay Drabwell, Head of Membership Services, (ISC)² EMEA, Daniel Harris of Okta and Przemek Dybowski, CyberArk
    Unauthorised access is the leading cause of breaches today, whether it comes from external threat actors or insider activity. To mitigate this risk, Okta and CyberArk have integrated technologies to provide a comprehensive solution for unauthorised access protection. In this webinar, Daniel Harris of Okta and Przemek Dybowski of CyberArk will discuss how to:

    •eliminate identity sprawl and prevent privileged access abuse
    •enable strong authentication and reduce the attack surface
    •identify and respond to account compromise.
  • Anatomy of a BGP Hijack on Amazon’s Route 53 DNS Service Recorded: Jul 31 2018 54 mins
    Lindsay Drabwell, Head of Membership Services, (ISC)² EMEA, Tim Hale, Director of Solutions Marketing, ThousandEyes
    How does one steal cryptocurrency? By hacking DNS and BGP—the two cornerstone protocols governing the Internet. Join us ThousandEyes and (ISC)² EMEA while we walk through this and other examples of how network security in the cloud and public internet can be a serious blind-spot in your security strategy.
  • Building a Collaborative Phishing Defense Recorded: Jul 24 2018 60 mins
    Lindsay Drabwell, Head of Membership Services EMEA, (ISC)², Darrel Rendell, Mollie Holleman,
    What’s keeping you up at night? Ransomware? Phishing? Spyware? Malware? Data Breaches? A malicious email typically opens the door to those threats. Organizations spend great energy (and budget) preventing users from falling prey, but threat actors continue to find ways to get past automated controls, staying one step ahead of artificial intelligence tools. Cofense believes solving the phishing problem is more than just awareness: it’s about empowering humans to become instinctual nodes on the cyber defense network and feeding their real-time intelligence to security teams for immediate action.
    Speakers:
    Darrel Rendell, Principal Intelligence Analyst, Cofense
    Mollie Holleman, Senior Intelligence Specialist, Cofense
(ISC)² Secure Webinars - EMEA
Forming part of the (ISC)² commitment to Inspiring a Safe and Secure Cyber World, we welcome you to the (ISC)² Secure Webinars - EMEA Channel. Sign up to join us for educational Security Briefings, Roundtables and eSummits aimed at all those vested in the world of information security. We welcome members and non members alike.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: CISO Says: Interview with Istvan Rabai, CISO Signalhorn
  • Live at: Sep 26 2016 11:00 am
  • Presented by: Speaker: Istvan Rabai, Chief Information Security Officer, Signalhorn, Moderator: Adrian Davis, Managing Director (ISC)² EMEA
  • From:
Your email has been sent.
or close