Identity Management, Enabling Global Business Via Mobile
The vast majority of human interaction is no longer face-to-face, leaving communication challenges to be resolved by inadequate authentication mechanisms like usernames and passwords and biometrics. The mobile devices of today are an enormous opportunity to bring the ‘who-of-you’ into the equation and build what’s missing; trust.
RecordedOct 21 201528 mins
Your place is confirmed, we'll send you email reminders
Kevin Bocek, VP, Security Strategy & Threat Intelligence, Venafi; Brandon Dunlap, Moderator
The number of machines of all types – from Kubernetes, to cloud, to IoT – is on the rise. Every machine requires an identity – SSL/TLS, SSH, and code signing keys and certificates – that control encryption, authentication, and code execution. Too often these powerful security controls are left unprotected. Compromise, misuse, and fraud of machine identities are already prime attack vectors for hackers targeting supply chain weaknesses. And errors create debilitating outages and millions in lost business. For all these reasons and more, Gartner has named Machine Identity Management a top trend for 2021. Join Venafi and (ISC)2 on August 17, 2021 at 1:00 p.m. BST for an examination of how machine identities are the new perimeter.
Attend this session to learn:
· The top machine identity attacks targeting your organisation and software supply chain
· How SSL/TLS, SSH, and code signing keys and certificates are left unprotected
· How machine identities fail and cost millions in outages
· Why most organisations are not prepared to use machine identities at speed
· Three things your organisation can do today to stay #fastsecure with Machine Identity Management
Taking the step toward earning the (ISC)² Certified Cloud Security Professional (CCSP) credential puts you on a path to excel as an expert in cloud security. CCSP empowers individuals and organizations with the highest level of mastery in cloud security.
But how do you get started? How do you prepare? And why…what tangible benefits will you gain? Join (ISC)² for a panel discussion as industry professionals share their stories, experience and tips toward preparing for the Certified Cloud Security Professional certification. Areas for discussion will include:
- Why you should consider CCSP
- How to prepare for CCSP
- How CCSP can accelerate your career progression
Raghu Nandukamara, Field CTO, Illumio; Adam Brady, Director, Systems Engineering, Illumio; Brandon Dunlap, Moderator
Micro-segmentation can allow security architects to divide data centers into unique security segments (as far down as individual workload levels) but requires integration and an understanding of where your applications are located to improve and manage them. Join Illumio and (ISC)2 on July 29, 2021 at 1:00 p.m. BST when Illumio's Field CTO Raghu Nandukamara will join forces with Adam Brady, Director Systems Engineering to discuss areas such as:
o How to make friends with your CMDB data through visualization
o The best way to leverage the user context to secure access
o If you can better support your SOC through event data
Ell Marques, Linux and Security Advocate, Nicole Fishbein, Researcher, Brandon Dunlap, Moderator
A common joke in the infosec community is that there is no cloud, only someone else's computer.
If this is true, then it would stand to reason that security for on-premise and cloud workloads would be the same. But, unfortunately, attempting to lift and shift not only workloads but also security practices has led to over a decade of data breaches.
Unlike on-premise data centers, cloud resources are disposable with a lifespan of a matter of seconds to minutes, leaving security teams without any visibility to what they should be protecting.
On July 27th, 2021 at 1:00 p.m, BST, join Intezer Labs and (ISC)2 to discuss how companies can adapt their security postures to the ever-changing cloud landscape.
The 2021 Cloud Security Report, sponsored by (ISC)2, explores current cloud security trends and challenges, how organizations are responding to security threats in the cloud and reveals tools and best practices organizations are considering.
Based on a comprehensive survey of 783 cybersecurity professionals conducted in early 2021 to uncover how cloud user organizations are responding to security threats in the cloud, and what training, certifications and best practices IT cybersecurity leaders are prioritizing in their move to the cloud.
Join (ISC)2 on July 21, 2021 at 1:00PM Eastern for highlights of the results and to get key insights including:
•A majority of cybersecurity professionals (96%) confirm they are at least moderately concerned about public cloud security, a small increase from last year’s survey.
•For the second year in a row, the key barrier to cloud adoption, organizations mention was a lack of qualified staff (39%) as the biggest impediment to faster adoption.
•More than half of organizations (57%) expect their cloud budgets to increase over the next 12 months.
•When asked how organizations rate their overall security readiness, 73% rate their team’s security readiness average or below average. Of those, 78% believe their teams would benefit from cloud security training and/or certification.
Natasha Karelina, (ISC)² Customer Service Manager, EMEA
Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
- CPE opportunities, member benefits and getting involved
- Updates on (ISC)² news, developments and changes in your region
- Your membership requirements summarised
- Who are the (ISC)² EMEA team and how we can help you
- Focus discussions
- Q&A session
Ollie Sheridan, Principal Sales Engineer, Security, (EMEA) Gigamon; Brandon Dunlap, Moderator
With Network Traffic increasing as Bandwidth costs decrease and the delivery of Applications changing in favour of Cloud environments, monitoring Networks at scale is becoming an increasing challenge. One of the approaches which is gaining popularity is the use of Metadata - but what is Metadata exactly? If you elect to employ Metadata as your method for monitoring your Network what format should you choose? On July 15, 2021 at 1:00 p.m. BST, join Gigamon and (ISC)2 as we discuss the rise in popularity of Metadata, what problem it's trying to solve along with the pros and cons of its use. We'll also investigate how it can be implemented, examining the various formats that can be used to generate this Metadata. Lastly, will be the other uses of Metadata beyond 'traditional' Security, to ultimately lower the costs of implementation and better understand our environments. Join Ollie Sheridan as he raises these questions and gain a better understanding of Metadata in the context of Security.
Patrick Magat, Services Director EMEA, CrowdStrike; Brandon Dunlap, Moderator
In a small or medium-sized business, you probably wear many different hats: VP of logistics one day, head of social media the next, and IT trouble-shooter the day after that. Are you comfortable wearing the Chief Information Security Officer hat for your business? While most reporting on cyberattacks focuses on the impacts to large companies, the truth is that small businesses are not immune. eCrime groups know that small businesses rarely have the resources to defend themselves in the same way as large enterprises, which can make them lucrative targets for ransomware and cyber extortion. Join CrowdStrike and (ISC)2 on July 13, 2021 at 1:00 p.m. BST as CrowdStrike’s Patrick Magat examines the cyber threats that target small businesses, sharing real-world examples plucked from the CrowdStrike case files. This will set the stage for a discussion of the building blocks of a successful cyber defence, and practical guidance for defending your business. We’ll also cover:
· Common cybersecurity misconceptions for small business
· Real-world case studies of cyber intrusions and what could have been done to stop them
· The basic structure of a successful cybersecurity program, including next-generation prevention, threat hunting, investigation and real-time response
· How small businesses are using managed services to see, stop and prevent determined attackers, skipping the burden of building and managing a program themselves
Charles Allen, CIPP/E, InfoSec Consulting Manager, OneTrust GRC; Brandon Dunlap, Moderator
Do you spend countless hours assessing businesses risk, stuck in spreadsheets, sift through emails to find the most up-to-date information? After gathering all the necessary information from your line of business, you still need to review, validate, analyze, and assigned a risk score. All of this must be done before actionable insights can be drawn or mitigation efforts can take place. There is a significant gap in how risk is assessed and rate at which your business operates today. As your program evolves, the need to simplify the risk assessment process becomes unavoidable. But a common reality is that as your business continues to develop, risk assessment practices and resources have largely remained the same. It’s not as simple as getting a risk management tool; it’s about finding the right technology to adapt your processes in line with your current risk landscape and business objectives. On July 8, 2021 at 1:00 pm BST. OneTrust GRC and (ISC)2 will review risk assessment best practices businesses should consider based on leading industry standards from ISO 31000, NIST CSF, and the latest DOJ Corporate Compliance Guidance. We will also share how to:
· Familiarize yourself with proven best practices and new perspectives on risk assessments
· Identify opportunities to collect risk insights in context through an automated questionnaire process
· Streamline risk identification with automation rules tied to your risk methodology
Clar Rosso, CEO, (ISC)2; Beth Paredes, Director of Member Services, (ISC)2
Clar Rosso, CEO of (ISC)2 shares the latest insights on what’s happening at our association. Join us for this quarterly update where we cover the latest developments at (ISC)2, ranging from certification to member benefits, continuing education and events, to major milestones and achievements. On July 1, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as Beth Paredes, Director of Member Services at (ISC)2 join Clar to provide an overview of the wealth of benefits and services available to members and associates.
Ashley Ward, Technical Director, Office of the CTO, Palo Alto Networks; Brandon Dunlap, Moderator
In the latest edition of the biannual Unit 42 Cloud Threat Report, researchers analyzed data from hundreds of cloud accounts around the world between October 2019 and February 2021 to understand the global impact of COVID-19 on the security posture of organizations. In response to the global pandemic, organizations globally increased their cloud workloads by more than 20%, leading to an explosion of security incidents. This led to the conclusion that rapid cloud scale and complexity without automated security controls embedded across the entire development pipeline are a toxic combination. Join Palo Alto Networks and (ISC)2 on June 29, 2021 at 1:00p.m. BST for a discussion that provides a deep dive into the findings. Topics covered will include:
- How the latest cloud threats may be affecting your organization
- Which industries suffered a spike in security incidents in light of the pandemic
- Best practices your organization can apply today to stay protected
Clar Rosso, CEO, (ISC)2; Dr. Kevin Charest and Samara Moore, (ISC)2 Board Members
With the onset of social justice movements and awareness of racial and gender inequality around the globe, many organizations and leaders are recognizing the need to dig deeper and lead the charge for their stakeholders and communities for lasting transformation. Yet, what makes diversity and inclusion—seemingly so simple—so complicated and difficult to achieve? What are some of the key challenges and tensions that often arise throughout the inclusion journey? And, how can leaders ignite the passion needed to face these challenges? Join (ISC)2 on June 23, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as Clar Rosso, (ISC)2 CEO joins with cyber industry leaders to explore these paradoxes, challenges and high-impact solutions and what it takes to achieve a truly diverse and inclusive cyber profession; one that weaves inclusion into everything it does.
Bob Hansmann, Sr. Product Marketing Manager - Security, Infoblox; Brandon Dunlap, Moderator
Cybercriminals must become masters of evasion if they are to be successful. Many threats, such as APT’s, are designed to remain hidden for weeks or longer as they slowly monitor their victim, compromising select information in a way that is also intended to go unnoticed. Others, like ransomware, may only need to hide their malicious intentions long enough to infect and begin encryption processes. And even when these attacks trip some defensive sensor, it can take analysts days to investigate and launch an effective incident response, often too late to prevent significant damage. Join Infoblox and (ISC)2 on June 22, 2021 at 1:00 p.m. BST as we assess evasion methodologies and the value of DNS, with some unique EMEA callouts, to counter them across the kill chain including:
• Why does DNS visibility expose threat activity other solutions miss?
• How can DNS visibility be used to make other solutions more effective?
• What role does DNS play in investigation and response?
Morey J. Haber, CTO & CISO, BeyondTrust; Brandon Dunlap, Moderator
As businesses constantly evolve and grow, so does an organization's attack surface. The pace and velocity of technology transformation in enterprises has created a difficult environment for security teams to defend against complex threats. Join BeyondTrust and (ISC)2 on June 15, 2021 at 1:00 p.m. BST for a webinar where will examine how Privileged Access Management (PAM) can support the security team as an enabler to digital transformation, while providing one of the most effective ways to stop lateral movement by threat actors.
Key topics to be covered include:
· What Is Digital Transformation and why should we care about it?
· Why automation isn’t just for the business
· How to mitigate identity risk with Privilege Access Management
Sam Humphries, Exabeam; Jessica Cholerton, Exabeam; Brandon Dunlap, Moderator
If the idea of automating breach response fills you with a sense of uneasiness, you’re definitely not alone. But the flipside of doing everything manually isn’t ideal either…and can actually bring more risk to a situation, especially during a major incident. On June 10, 2021 at 1:00 p.m. BST, Join Sam and Jess (aka The Real Housewives of Automation) of Exabeam and (ISC)2 for a session where we will explain where, how and when automation can help you investigate and respond quickly, accurately, and without creating a LinkedIn profile updating moment. We’ll also examine:
· End to end automated vs manual response – a look into a real breach through two different lenses
· The machines are our friends – how automation will help your team thrive
· Raging alongside the machines – how to get the right balance
· Investigation and response automation – where to start and how to finish
Helen Patton, Advisory CISO, Duo Security at Cisco; Brandon Dunlap, Moderator
What is the value of trust for a company, and what role does a security leader play in order to enable it? On June 8, 2021, at 1:00 p.m. BST, Duo Security Advisory CISO Helen Patton and (ISC)2 will discuss the factors that make a company trustworthy, and how a security team builds trust within an organization. We will review the Cisco Security Outcomes Study and consider the trust-based activities that enable positive security outcomes. Attendees will be provided with actionable suggestions for improving security and trust in their organization.
Scott Bridgen, Head of GRC, OneTrust GRC; Brandon Dunlap, Moderator
Every organization is working to reduce the delay between issuing a risk assessment, receiving a response, gaining risk insight, and making a risk-based decision. Risk insights quickly lose value as time elapses from the initial assessment request. Businesses should leverage the digital workstreams to collect information as updates occur using data discovery tools to find, document, and classify in real-time. Join OneTrust GRC and (ISC)2 on June 3, 2021 at 1:00 pm BST as we explore how to quickly connect enterprise data through automated data discovery and translate the data into meaningful risk insights. We’ll also examine how to:
· Identify data across business applications for the latest risk insights.
· Automatically categorize information to deliver meaningful insights across risk, compliance, and your executive teams
· Explore a new way to quantify risk using risk formulas to aggregate and standardize risk using real-time data points
Zeki Turedi, CTO for Europe, Middle East & Africa, Crowdstrike; Brandon Dunlap (Moderator)
In a year when a global pandemic significantly changed how and where we work, the CrowdStrike 2021 Global Threat Report has never been more highly anticipated. This year, the report exposes how cyber adversaries have exploited the situation, accelerating attacks and introducing increasingly damaging tactics, techniques and procedures. On April 13, 2021 at 1:00Pm BST, CrowdStrike Technology Strategist, Zeki Turedi and (ISC)2 will examine the notable threats, events and trends in the report, including pragmatic recommendations to help you better defend against cyberattacks in 2021 and beyond. We'll also examine:
· How the COVID-19 pandemic has changed cybersecurity
· How "big game hunters" are targeting the healthcare sector
· Significant nation-state-based targeted attacks and operations observed from China, Iran, DPRK, Russia and others
· The CrowdStrike eCrime Index and how it measures the strength of the cybercriminal market over time
Senad Aruc, Lead Technical Solutions Architect at Advanced Threats, Cisco; Brandon Dunlap, Moderator
This year, Cisco hosted the first global, virtual Cisco Live 2021 event. Customers from all around the world converged virtually to experience the latest technology innovations, network with peers and colleagues, and find out what Cisco has in store for 2021. We will cover the latest hot topics within cybersecurity including how companies are protecting their workforce remotely; what the future of work looks like and how companies are shifting towards a cloud security which including trends that we have seen emerging with SASE. Join Cisco and (ISC)2 on May 27, 2021 at 1:00 p.m. BST as we discuss the key takeaways on Cloud Security arrived at during the Cisco Live 2021 event.
Ell Marquez, Linux and Security Advocate, Intezer Labs; Brandon Dunlap, Moderator
Every day, wars are being waged on invisible battlefields. The enemy is hiding and stealthily leveling its attacks from within. This formidable foe isn’t an opposing army. It may very well be a single malicious actor, or a state-sponsored group of hackers. Without a trace of their tools left on the disk, attackers are storing the code in memory–resulting in infamous Fileless Malware. If successful, the best case scenario outcome is a tarnished reputation; the worst, significant (and potentially irreparable) damage to a brand and its business. Join Intezer Labs and (ISC)2 on May 25, 2021 at 1:00 pm BST for a discussion on how attacks like these can cripple an organization without its security team ever knowing it.
(ISC)² Security Briefings EMEA offers members in Europe, the Middle East and Africa a chance to learn about the latest trends, tools and best practices in cyber, information, software and infrastructure security while earning CPEs