Hi [[ session.user.profile.firstName ]]

Combining Least Privilege + App Control to Protect from Malware and Ransomware

Privilege is at the centre of the attack lifecycle, yet removing Windows users’ local administration rights has a negative impact on the user experience and creates a desktop support headache.

Join this webinar to learn how least privilege, combined with the right application control technologies, can enable you to remove local administrator rights to reduce your attack surface, while keeping your users and support teams happy. The session will cover the technologies required to achieve this and demonstrate how their unique combination can protect you from ransomware.
Recorded Sep 29 2016 62 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Gil Rapaport, CyberArk, Adrian Davis, (ISC)² EMEA
Presentation preview: Combining Least Privilege + App Control to Protect from Malware and Ransomware

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Part 2: Security control quick wins that help achieve clarity for the GDPR Oct 10 2017 11:00 am UTC 60 mins
    Adrian Davis, Jeremy King, Andrew Barrett, Chris Strand
    Organisations apply many cybersecurity controls to help measure and maintain data security and regulatory compliance. Several are purposeful and list requirements that are subjective in how to employ them and how to meet their unique business risk strategy. This can often make it difficult to create a baseline security control strategy that will meet new regulations as they are introduced.

    In this session, the expert panel will discuss specific security controls that can be used to provide clarity, and measure for any data security and protection programme including the GDPR. Considerable focus and examples will be drawn from prescriptive data security standards such as the PCI DSS, (Payment Card Industry Data Security Standard), and how leveraging such standards can help to create a security control strategy to meet and measure continuous data security compliance.

    Webinar attendees will take away many practical examples, solutions, and anecdotes on how their businesses can alleviate the pressures of employing the right security controls to protect GDPR-defined data, meet compliance and prove security control efficacy.

    Panel Experts:
    Jeremy King, ‎International Director, PCI Security Standards Council
    Andrew Barrett, International / Managing Principal Application validation, Coalfire
    Christopher Strand, Sr. Director Compliance Strategy, Carbon Black
    Moderator: Adrian Davis, Managing Director, (ISC)² EMEA

    To listen to Part 1 of this session, paste the following URL into your browser: https://www.isc2.org/News-and-Events/Webinars/EMEA-Webinars/Focused-Webinars?commid=260091
  • A day in the life of a GDPR breach Sep 21 2017 11:00 am UTC 60 mins
    Adrian Davis, (ISC)² EMEA, Matthias Maier, Elizabeth Davies, Splunk
    You’re a CIO, CISO or DPO - and you’ve been woken up in the middle of the night because personal data held by your organisation has been discovered for sale on the dark web. This disclosure puts the privacy of your customers at risk. What do you do next?

    Join this session to learn about the impact of GDPR and go through a breach investigation and response scenario as it would be after GDPR comes into effect in May 2018. You’ll hear from Splunk’s Data Privacy Officer Elizabeth Davies and Splunk’s Security Ninja Matthias Maier.

    What you will learn:
    - What breach response will look like under the GDPR
    - What tools and processes a data privacy officer will rely on in case of a breach
    - What departments and entities will be involved beyond IT
    - What activities are currently happening within organisations to prepare for the GDPR
    - What the consequences of the breach could be
  • The Next Generation CISO: How to Find and Train Tomorrow's Security Executives Sep 7 2017 1:00 pm UTC 60 mins
    Adrian Davis, (ISC)² EMEA, Sam Curry Chief Security Officer, Cybereason
    Somewhere out there, in a market crowded by over-qualified workers deluged by job offers, the next generation of CISOs is maturing. But how can CISOs train tomorrow’s security executives when today’s well-known security talent deficit makes it difficult to fill even the most basic roles?
    Retaining cyber professionals isn’t just a matter of offering the biggest salary — it requires getting creative with cross-training, hands-on experience and developing collaborative solutions with fellow CISOs.
    Watch the webinar with Sam Curry, Cybereason Chief Security Officer, to explore strategies for identifying and developing the next generation — including your own replacement.
  • Guarding Against Mobile Malware, How to Avoid the Next Big Threat Sep 5 2017 10:00 am UTC 60 mins
    Adrian Davis, Managing Director, (ISC)² EMEA, Stephen McCormack, Mobile Security Leader, IBM MaaS360
    In the wake of global ransomware attacks targeted mainly at Windows desktop and laptop devices, this webinar will discuss an often-overlooked threat: the mobilization of malware and ransomware. Whether through malign apps, poorly written code, corrupt e-mail profiles or disreputable websites, there are a range of avenues of attack open to hackers who might choose to target smart devices.
    To date, attacks on mobile devices have been mostly on a small scale, targeting individual user devices and data. But is a big attack waiting in the long grass? Will the next WannaCry or Petya target mobiles, and how can you protect yourself?
  • The IR Boost: How Cyber Hunting Enhances Incident Response Aug 31 2017 12:00 pm UTC 60 mins
    Nathaniel Ford, (ISC)² EMEA, Israel Barak, Lital Asher-Dotan, Cybereason
    Incident response has become increasingly complicated. According to a recent report, 67% of security professionals believe that incident response is more difficult today than it was two years ago. This is due to the numbers of IT activities and security alerts, and the need for advanced IR skills.
    This webinar will explore a new and unexpected boost to incident response, coming from the integration of threat hunting methodologies.
    Israel Barak, Cybereason CISO and an Incident Response expert, will chat with Lital Asher-Dotan, Senior Director of Content, about:
    - The latest challenges faced by IR professionals
    - Threat hunting and its benefits for IR
    - Specific examples in which threat hunting leveled up IR practices
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Recorded: Aug 21 2017 49 mins
    Nathaniel Ford, Moderator (ISC)² EMEA, Membership Services, (ISC)² EMEA
    Are you an (ISC)² member with questions about your certification and member benefits, or want to keep in touch with (ISC)² news in EMEA? Are you thinking about joining, and curious to hear more about what membership means and how (ISC)² can help you?

    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarized
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
  • Reduce Security Vulnerabilities in Enterprise Applications Recorded: Aug 17 2017 61 mins
    Mike Pittenger, VP of Security Strategy, Black Duck Software, Adrian Davis, Managing Director, (ISC)² EMEA
    Would you leave sensitive data out in the open making yourself a target to thieves looking for a victim? That is exactly what your business is doing if it fails to identify vulnerabilities in their business applications. Cyber attackers are looking at your business applications for security vulnerabilities so they can get access and wreak havoc. It’s time to find and fix security vulnerabilities before the hackers do. Wondering where to start and what to do? This webinar will help you build a comprehensive plan to minimize threats and protect your company. Join this webinar to hear application security experts: Discuss methods for scanning & evaluating potential security vulnerabilities in out-of-the box and home grown business applications Teach methods for quickly detecting and eradicating software flaws Make recommendations for how to choose and implement vulnerability scanning tools Explain how to reduce security vulnerabilities during internal application development Examine the widespread use of open-source code and how it may expose your business to security threats
  • 6 steps to GDPR compliance Recorded: Aug 1 2017 61 mins
    Adrian Davis, Managing Director, (ISC)² EMEA, Jan Smets, Certified Data Protection Officer, Gemalto
    The introduction of GDPR is set to bring data protection to the top of businesses’ priority lists. So how can businesses ensure they are compliant and what steps do they need to take?
    In this webinar, certified DPO Jan Smets with provide a six-step overview to help achieve compliance:

    1) Understand the GDPR legal framework
    2) Create a Data Register
    3) Classify your data
    4) Start with your top priority
    5) Assess and document additional risks and processes
    6) Revise and repeat
  • Developing Security Behaviours – 8 Practical Principles for Effective Change Recorded: Jul 19 2017 44 mins
    Sarah Janes, Managing Director, Layer8, Adrian Davis, Managing Director, (ISC)² EMEA
    Overwhelming evidence consistently shows that people are at the heart most data breaches. A new approach is needed, not so long ago technical attacks by hackers required technical solutions, but, as hackers find it more lucrative to target human vulnerabilities attention needs to be refocused on people.

    Discourse is shifting from awareness to culture change, however, early in its maturity, culture change lacks a universally accepted approach, and therefore people struggle to make change happen or to convince the business to invest.

    This webinar will provide 8 practical principles for effective change from auditing your current security culture through to embedding security as business as usual. It will provide a cohesive approach to behavioural change that can be measured. You will gain knowledge to help build a business case for culture change and techniques to use when your program launches.
  • The Role of Orchestration in Incident Response Recorded: Jun 29 2017 53 mins
    Chris Neely, CISSP, Director of Technical Sales, EMEA, IBM Resilient, Adrian Davis, Managing Director, (ISC)² EMEA
    Faced with an avalanche of alerts, insufficient staffing, and a bewildering regulatory environment it's no wonder that most organizations struggle to respond effectively to cyber attacks. Successfully resolving attacks requires fast, intelligent, and decisive action - organizations need to have an orchestrated plan in place before an attack occurs. Indeed, the best orgaizations leverage an orchestrated response capability to achieve cyber resilience, the ability to weather the inevitable cyber attacks as just another part of doing business.

    Join IBM Resilient’s Chris Neely, Director of Technical Sales, EMEA to explore the latest incident response methodology and technology. Can automation really save the day? From instant escalation, to automatic enrichment, to guided mitigation, Chris will explore the latest incident response techniques and share what works and what doesn't. Attendees will gain a framework for understanding their incident response capability and a maturity model for evaluating opportunities for orchestration / automation.
  • Part 1: Change Liability for Accountability - GDPR with CS Risk Measurement Recorded: Jun 22 2017 63 mins
    Christopher Strand, Carbon Black, Andrew Barratt, Coalfire, Adrian Davis, (ISC)² EMEA
    This webcast will introduce a discussion of several threat models that help to illustrate how organizations can look to strengthen their security posture while supporting their GDPR strategy. Areas of concentration will include:

    • How to reduce the potential risk and liability associated with the GDPR data residency and data protection accountability requirements.
    • Focus on specific controls used to provide clarity and measure to any GDPR strategy within the enterprise.
    • An introduction of cybersecurity control measure that can help reduce threats to the enterprise, while ensuring acceleration of data and security regulatory accountability for any GDPR program.

    Session attendees will take away many practical examples, solutions, and anecdotes on how their businesses can alleviate the pressures of balancing the confluence of security risks and the GDPR mandate. They will have some starting points on how they can create a plan to step beyond static regulatory alignment and apply collective intelligence, industry baseline initiatives and mandates, as well as shared industry intelligence, to better measure what’s most important to their cyber policy and regulatory GDPR requirements.
  • Investigation or Exasperation? The State of Security Operations Recorded: Jun 20 2017 58 mins
    Duncan Brown, IDC, Matthias Maier, Splunk, Nathaniel Ford, (ISC)² EMEA
    Cyberattacks are top of mind for organizations across the globe. In fact, 62 percent of firms are being attacked at least weekly and 145 percent are experiencing a rise in the number of security threats. But do organizations have the processes in place to investigate and effectively respond to these incidents? IDC recently surveyed security decision makers at 600 organizations to understand the state of security operations today.

    Join this webinar to hear from guest speaker Duncan Brown, Associate Vice President, Security Practice, IDC, and Matthias Maier, Security Product Marketing Manager, Splunk, and discover:

    ●The time and associated cost security teams spend on incident response and how you compare to your peers
    ●How organizations are coping with an average of 40 actionable security incidents per week
    ●Where teams are focusing their security efforts
    ●Why an analytics-driven approach can make security investigation more efficient and effective, reducing costs and improving security posture
  • Attribution: When Technical Information is Not Enough Recorded: Jun 13 2017 57 mins
    Ross Rustici, Senior Manager, Cybereason, Nathaniel Ford, (ISC)² EMEA
    After every major data breach, the security community engages in a game of whodunit. It's human nature to want a resolution and to see the perpetrators brought to justice. The problems with attribution are starting to be discussed more openly within the security community, with many firms questioning the utility of technical attribution. At the same time, all are in agreement that the model they continue to use is failing.

    Recent research proves that threat actors use a variety of techniques to create misattribution of the attacks. In our upcoming webinar, Cybereason's Ross Rustici, Sr. Manager Threat Intel, will discuss examples of attack misattribution and discuss whether correct attribution is still possible.

    Join us to learn:
    • Why attack attribution is a complex mission
    • The variety of techniques used by nation-state and criminal actors to disguise their involvement
    • An approach to help organizations better harness the power of attribution
  • Latest Malware Trends & Attack Vectors Recorded: Jun 2 2017 62 mins
    Richard Cassidy, Technical Director EMEA, Cybereason, Adrian Davis, Managing Director, (ISC)² EMEA
    In this webinar, Richard Cassidy, Technical Director EMEA, and (ISC)² EMEA Managing Director, Adrian Davis will discuss the latest malware trends and attack vectors. The most reported cyber-criminal groups, the latest attack trends (like WannaCry), and best practices for fighting the adversary will be explored. Join us for an up-to-date deep dive into adversary TTPS and how to prevent and respond to attacks using techniques like proactive hunting and SOC analysis and response.
  • Turning the Table on Hackers through Situational Awareness Recorded: May 25 2017 61 mins
    Jason Hart, CTO Data Protection, Gemalto, Adrian Davis, Managing Director, (ISC)² EMEA
    Data breaches in 2016 got even more personal with big hacks of adult entertainment sites and social media databases. Hackers mined these for gold, in other words, valuable data to create social engineering attacks, ransom operations, and identity theft. According to Gemalto's Breach Level Index, the number of stolen, compromised, or lost records increased by 86% in 2016, while the number of breaches decreased by 4%. Hackers are going after more data than ever before, and they are finding it in large databases that are left relatively insecure.

    Whether consciously or not, hackers have grasped the idea of situational awareness. They have figured out how to exploit these golden opportunities by keeping a finger on the pulse of what is going on. It seems too simple to be true, but it goes back to the age-old principle "information is power". Getting the information comes from being aware of one's surroundings. To become situationally aware, companies need to change their mindset—building a walled garden isn't an option anymore. During the webinar, we will look at the major data breach trends and findings from 2016 and discuss how this information can help develop your situational awareness. Join us as we cover topics like:

    •What we can learn from Jason Bourne about knowing one's surroundings
    •What we can learn from hackers to better protect valuable data
    •What we as security professionals can do by going back to the basics of accountability, integrity, auditability, availability, and confidentiality
    •How to change our mindset in a new era of a hacker-driven gold rush
  • GDPR: Countdown to Day0 Recorded: May 24 2017 60 mins
    Neil Thacker, Forcepoint, Moyn Uddin, Cyber Counsel, Jonathan Armstrong, Cordery, Adrian Davis, (ISC)² EMEA
    With the EU General Data Protection Regulation entering into force and becoming applicable from the 25th May 2018, this webcast, featuring an expert panel, will focus on key milestones to become ready for the new regulation and what we have learned to date with 1 year to go.

    Topics for discussion will include obligations to:

    · Maintain a personal data inventory
    · Map Data flow vs. Data Transfer Agreements
    · Incident Response and obligations for mandatory data breach notification
  • Don’t Be the Next Victim of a Ransomware Attack Recorded: May 16 2017 62 mins
    Oliver Stimpson, Endpoint Product Specialist, CyberArk, Adrian Davis, Managing Director, (ISC)2 EMEA
    Last year ransomware attacks targeting businesses grew exponentially, with 638 million reported attacks – that’s 167 times the number reported in 2016*. There’s no indication of the trend shifting in 2017. Attackers are continuing to target organizations and individuals for financial gain, and the attacks are escalating to potentially impact civilians if ransoms are not paid.

    Attend this webinar for an in-depth, expert examination of ransomware – how it’s evolving, what you need to know to protect your organization as well as a demo of a simulated ransomware attack.

    We’ll discuss:
    •Findings from the research and analysis of hundreds of thousands of samples by the CyberArk Labs team
    •Strategies on how to limit the damage that can be done by ransomware
    •Recommendations on protecting you and your organization from falling victim to an attack
  • CISO Says: Interview with Darron Gibbard, CTSO, Qualys Recorded: Apr 27 2017 61 mins
    Darron Gibbard, CTSO, Qualys, Adrian Davis, Managing Director (ISC)² EMEA
    In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format. They provide insight into the path he took to become CISOs and how they are reinventing the role in the face of accelerating industry change.
  • Part II – How to get started with GDPR & Applying Appropriate Security Controls Recorded: Apr 25 2017 62 mins
    Jason Hart, Gemalto, Lisa Bentall, DQM GRC, Adrian Davis, (ISC)² EMEA, Nathaniel Ford, (ISC)² EMEA
    As a follow-up to our previous webinar, this panel discussion will dive into further detail about the GDPR. Presented by compliance experts Lisa Bentall (DQM GRC) and Jason Hart (Gemalto) we will answer some of the big questions raised in the previous webinar and open up to the live audience for an interactive Q&A.
  • Mission Possible: Executing a 30-Day Sprint to Protect Privileged Credentials Recorded: Apr 11 2017 49 mins
    Bryan Murphy, Consulting Services Manager, CyberArk, Nathaniel Ford, Morderator, (ISC)² EMEA
    To avoid a data breach you ultimately need to understand the techniques attackers are using and what security controls can stop them. Organisations that have already been breached are the best source of information.

    Join us for a live webinar where we will provide an inside look into the lessons learned from several high-profile data breaches. We will discuss lessons learned from security professionals and technical experts who have been on the front lines of breach remediation and outline a proven framework for an intensive sprint of approximately 30 days to implement a set of key controls around privileged credentials.
(ISC)² EMEA Secure Webinars
Forming part of the (ISC)² commitment to Inspiring a Safe and Secure Cyber World, we welcome you to the (ISC)² EMEA Secure Webinars Channel. Sign up to join us for educational Security Briefings, Roundtables and eSummits aimed at all those vested in the world of information security. We welcome members and non members alike.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Combining Least Privilege + App Control to Protect from Malware and Ransomware
  • Live at: Sep 29 2016 11:00 am
  • Presented by: Gil Rapaport, CyberArk, Adrian Davis, (ISC)² EMEA
  • From:
Your email has been sent.
or close