eSummit 2 - Phishing attacks and Forensics – Where did it all go wrong?

Password cracking is no longer rocket science but a handy skill for any penetration tester or system and network defender, or anyone who simply enjoys a good geek project. Join our webinar series by Brian Johnson, a cybersecurity enthusiast from 7 Minute Security, to learn how to set up cracking tools in the cloud (and on the cheap!) and better protect your organisation’s Active Directory environment.

In this session, you will learn how to:

Crack Active Directory and wireless passwords
Make sure your password policy is strong enough to resist password cracking
Download and customise the popular Pwned Passwords list
Incorporate Pwned Passwords into Active Directory for free using the open source PwnedPasswordsDLL project
Build customised lists of additional bad passwords

Privileged access exists in many forms such as Local Administrative Accounts, Domain Administrative Accounts, Service Accounts, Application Credentials and SSH Keys. Privileged accounts, credentials and secrets are found in devices, applications and operating systems.

Experts agree it’s a best practice to ensure they are protected, managed and monitored. Whether your organisation choices an on premises of SaaS for Privileged Access Management (PAM) solution, your program should start with steps that focus on rapid risk reduction for high value assets.

In this session, we’ll review what is considered to be table stakes Privileged Access Management hygiene, and we’ll focus on three key areas for a Privileged Access Management security program:

•Account Discovery and Credential Vaulting
•Session Management and Isolation

E-business relies on core network services to function. Name resolution through DNS and IP addresses handling (DHCP, IPAM), specifically.

And yet too many organizations view these crucial services as IT utilities. As a result, they miss out on the substantial cybersecurity benefits that lie hidden in them.

Make plans now to attend this live event where leading experts from Infoblox and (ISC)2 outline how to turn DNS and associated services into foundational cybersecurity assets. Join us and learn how the unique properties of DNS can enhance:
Security analytics
Malware detection, response and containment
Security orchestration and automation

Metadata helps you separate signal from noise, reduce time-to-threat-detection and improve overall security efficacy. And now application metadata helps you monitor user experience, troubleshoot problematic apps, understand “Shadow IT” usage and improve security posture within your organisation.

Join Gigamon as we discuss the growing need for application-aware network operations and how Gigamon Application Metadata Intelligence provides the deep application visibility needed to rapidly pinpoint performance bottlenecks and potential network security risks. You’ll see how next-gen network packet brokers enhance metadata with intelligence and insights from traffic flows so you’ll discover how to understand the performance and have control of hundreds of critical apps.

We all know that compliance and security aren’t always the same. Attend this session to learn how they differ, how compliance is broken, learn about some common examples, and see how you can modify your compliance plans to be more secure without failing an audit. Taught by 30-year security veteran and former auditor who has passed the CPA and CISA exams.

What you’ll learn:
· Difference Between Compliance and Security
· How Compliance Is Hurting Security
· How to Fix

Why organisations need a multi-pronged approach, rather than just filtering tools.
Phishing is not new – most organisations receive phishing emails all the time. Despite wide awareness of what phishing is and most organisations having some phishing mitigations, NCSC’s work with cyber victims shows that most cyber compromises still start with phishing emails. There are many tools and services that can detect and block phishing emails, but none are completely effective. NCSC, the UK’s technical authority for cyber security, advocates a multi-pronged approach to dealing with phishing risks, including people-focussed measures and wider network security, as well as phishing detection tools. NCSC’s work has found that many organisations do not follow this multi-pronged advice. This webinar will show that a more holistic approach to managing phishing risks is far more effective than even the most advanced detection tools, if they are used on their own.

As the phishing threat landscape continues to evolve at a pace that technology is unable to keep up with, organisations are turning to phishing awareness and simulation programs to plug the gap. Is your phishing awareness program keeping up with this changing landscape?

Join Cofense as we explore the attributes of a modern phishing awareness program and see what our data, based on millions of phishing simulations, shows about awareness programs and simulation exercises.

You will learn:
-The statistical advantage of using an email reporting tool
-The important role the end user plays in active defense
-How often you need to send simulations for maximum resiliency
-The advantages of basing simulations on active threats, not random dangers
-Why ‘phish testing’ is the enemy of true phishing defense

Defending against modern adversaries requires the ability to detect and understand threats quickly and to respond decisively. CrowdStrike’s experts fight and win these battles every day, and have one of the industry’s most comprehensive pictures of today’s top cyber threats.

Join us for a webcast featuring CrowdStrike’s John Titmus as he explores global observations and trends, and real-world intrusion case studies, delivering deep insights on modern adversaries, and their tactics, techniques, and procedures (TTPs).

Key takeaways:

-Global trends as seen across 1000s of real-world intrusion attempts, such as the emergence of mobile as a fruitful hunting ground for adversaries
-How organisations are using the MITRE ATT&CK framework to shorten the time to investigate and understand threats
-Why “speed” is the new critical metric in cybersecurity and the key steps you can take to improve your organisation’s ability to detect, investigate and remediate threats

Industry analysts and security leaders agree – organisations should prioritise privileged access security programs to maximize risk reduction with respect to the resources required for deployment. “Privileged Access” is what attackers seek, and this access is increasingly available in places organizations overlook including applications.
Join us for a session that will cover the basics of privilege access security. We’ll address how to define a program with respect to people, process and technology. We’ll also review some lessons learned from the field that will facilitate a successful launch.

Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
- CPE opportunities, member benefits and getting involved
- Updates on (ISC)² news, developments and changes in your region
- Your membership requirements summarized
- Who are the (ISC)² EMEA team and how we can help you
- Focus discussions
- Q&A session

Third-parties can pose a very real risk to an organisation. If the risk results in a breach, it can be costly – costlier even than if it did not include a third-party. In addition, new regulations are recognizing the importance of mitigating third party risk to provide greater protection for an individual’s personal data. In other words, managing your vendor’s risk is not only prudent, it’s required.

This session will showcase how the combined forces of BitSight Security ratings and ServiceNow tackles the unique challenges of:

- Positioning cyber security in context of the business.

- Blending the Bitsight security ratings information with more traditional data sources, such as audits and questionnaires, to provide a fully rounded, up-to-date view of your third parties.

With the second anniversary of the Equifax breach not so long ago and the fact that we now know much more about what happened due to the August 2018 release of the GAO Report. There was a lot of new information that came out of that report that was not well-understood at the time of the breach…. Did you know that while Equifax used a tool for network layer decryption, they had certificates nine months out of date? This lapse gave the threat actors all the time they needed to break in and exfiltrate reams of personal data. As soon as Equifax updated the certs on their decryption tools, they began to realise what had happened.

On the heels of the Equifax breach, we are reminded of the importance of efficient decryption for effective threat detection. That’s more important than ever as today the Ponemon Institute reports that 50% of all malware attacks utilise encryption.

During this webinar, Ollie Sheridan will talk about:
- How TLS encryption has become a threat vector
- Why decryption is essential to security and how to effectively perform detection
- How to make sure your detection tools are working at their greatest capacity without the latency introduced by decryption

(ISC)² recently completed our multi-year Digital End-to-End Transformation (DETE) project, which positions us to deliver a more a seamless and user-friendly experience to all members. In addition to revamping our online presence, we launched a new Learning Management Systems where members can access all the courses developed by our Professional Development Institute. In Part 3 of the (ISC)² Digital End-to-End Transformation (DETE) webcast, we will examine the “new world” of what the project has provided to internal (how we serve the members and visitors), the members (what you as members see and experience) and what’s to come. Join Wes Simpson, COO and Bruce Beam, CIO on September 17, 2019 at 1:00PM Eastern for a discussion on these items and a Q&A with our COO and CIO.

The problem of alert fatigue is symptomatic of a plague within most SOC environments, regardless of the tools and platforms being used. The general process within the industry for driving and managing security incidents is broken. It’s time to change perspective and build into alert creation processes a better prioritization procedure. This can be done by aligning it to a more intelligent risk scoring approach and frameworks like MITRE ATT&CK and automation. Security teams will be better positioned to make use of their existing toolchain, scale people and processes, and deliver a much more effective security capability. Join this webinar to learn:

•The scale of alert overload and why organisations struggle with this problem. You are not alone
•How to combine risk based alerting, MITRE ATT&CK and automation to optimise security investigation and reduce alert fatigue
•Insights, learnings and benefits from SecOps teams that have already made this shift
•Tricks and tips to help you transform the security investigation process using your existing tools and industry frameworks

Far too often, the cybersecurity industry focuses too heavily on all the advantages attackers have. We’ve all heard the saying: “Defenders have to be right 100% of the time while attackers only have to be right once.” Well, what if we could flip that equation?

As defenders, we have the home field advantage, so why does it seem like we are consistently losing? In order to shift this model and tip the scales back in our favor, we need to be thinking about “Disruption in Depth” rather than just “Defense in Depth.” We need to be making attackers’ lives significantly harder. Attackers make mistakes all the time. Let’s make them have to be 100% right all the time instead of us.

Join Carbon Black’s Head of Security Strategy, Rick McElroy, as he reveals the reality behind the modern threat landscape and uncovers what security teams can do today to tip these scales and make attacking your organization exponentially more difficult for attackers.

The separation of development, staging, test, and production environments using traditional network solutions is a challenge, or even an impossibility, for organizations with significant assets spread dynamically across heterogeneous data centres as well as public and hybrid cloud environments.

Segmentation was first developed to improve network performance, but experts have realised that a ‘perimeter only’ approach to security is not working. As organisations seek to secure the interior of their networks have recognised that they need to be more dynamic and granular than previously - facing the challenges of time and resource head on to secure their critical business applications.

This webinar will highlight:
•The problem of Environmental Separation
•A Network Segmentation 101
•Segmentation Strategies
•Industry Examples
•A quick demonstration
•Illumio

(ISC)² recently completed our multi-year Digital End-to-End Transformation (DETE) project, which positions us to deliver a more a seamless and user-friendly experience to all members. In addition to revamping our online presence, we launched a new Learning Management Systems where members can access all the courses developed by our Professional Development Institute. In Part 2 of the (ISC)² Digital End-to-End Transformation (DETE) will examine how (ISC)² executed the plan for the project, following the AGILE Project Management framework and the buy-in and support from other departments and stake holders within the organization. Additionally, there was board governance and oversight to contend with. Join Bruce Beam, CIO; Beth Paredes, Sr. Corporate Member Services Manager; and Sommer Hess, Director PMO, Quality and Training on August 20, 2019 at 1:00PM Eastern for a discussion on these items and the speed bumps that were run into on this project.

Demands for more secure software and more rapid application development have led to the emergence of DevSecOps. DevSecOps maturity requires a risk-based approach to adding security activities, increasing depth, and improving testing governance. The best strategy is to shift from a reactive to a proactive security approach that injects security at the right time and place with automated continuous testing. This presentation covers these aspects of automated continuous testing:

1. Practices to avoid
2. Drawbacks
3. Prerequisites
4. When and where to use automated testing
5. Best practices for implementing and improving continuous testing throughout the development life cycle