eSummit 2 - Phishing attacks and Forensics – Where did it all go wrong?
Phishing and Spear Phishing attacks are the number one starting point for most large data breaches. However, no traditional security technology is currently able to mitigate the risks associated with these type of threats. Join this webinar to learn why phishing attacks are so successful, what capabilities organizations need to carry out a forensic investigation and what questions you need to be able to answer following an attack to respond effectively.
RecordedOct 26 201646 mins
Your place is confirmed, we'll send you email reminders
Tom Kellermann, Head Security Strategist, Rick McElroy, Security Strategist, Carbon Black, Brandon Dunlap, Moderator, (ISC)²
Get your sneak peek into the mind of a hacker!
Every intelligence industry has a central goal and that is to predict the future. As security professionals, we collect and analyse, dissect and interpret, in order to find those essential nuggets that will give us the edge over our adversaries, enabling us to better understand what they’ll do next.
Join VMware Carbon Black’s Chief Cybersecurity Officer, Tom Kellermann, and Head of Security Strategy, Rick McElroy, who will give their unique insights on the tactics and techniques topping the cyber attacker’s hit list for 2020 including how:
•The act of cloud jacking and island hopping will become commonplace.
•We'll see more mobile root kits allowing people to take full control over someone else’s device.
•Access mining-as-a-service will grow as criminals see the utility in purchasing access to compromised environments.
•Virtual home invasions of public figures (celebrities, CEOs, politicians) will occur.
Matthias Maier, EMEA Director of Product Marketing, Splunk, Brandon Dunlap, Moderator, (ISC)²
Should 2019 be dubbed the year of the SOC? Looking back at the last 365 days, Splunk experts certainly think so! Reminiscing on the stories of SOC modernisation, this webinar will share techniques and lessons learned from Splunk’s own customers throughout 2019, including;
•How Fresenius made cybersecurity easy to understand for the C-Suite by building the “DAX” index for cybersecurity
•Insights from 3 SOC automation playbooks created by Norlys
•Methods used by Dutch Tax and Customs Administration to increase e-mail security, combining Sender Policy Framework (SPF), DNS logging and DMARC
•How DATEV built and demonstrated SOC success, from detection to headcount planning, in just 6 months
•Johnson Matthey’s advice on which people to involve and the roles needed to build and establish a modern SOC
Join us on December 10th, 13:00 GMT as Matthias Maier goes through the top tales you need to hear to modernize your Security Operations Centre.
Brian Johnson, Security Enthusiast / Podcaster, Dan Goater, Solutions Engineer, Netwrix, Brandon Dunlap, Moderator, (ISC)²
Password cracking is no longer rocket science but a handy skill for any penetration tester or system and network defender, or anyone who simply enjoys a good geek project. Join our webinar series by Brian Johnson, a cybersecurity enthusiast from 7 Minute Security, to learn how to set up cracking tools in the cloud (and on the cheap!) and better protect your organisation’s Active Directory environment.
In this session, you will learn how to:
Crack Active Directory and wireless passwords
Make sure your password policy is strong enough to resist password cracking
Download and customise the popular Pwned Passwords list
Incorporate Pwned Passwords into Active Directory for free using the open source PwnedPasswordsDLL project
Build customised lists of additional bad passwords
Privileged access exists in many forms such as Local Administrative Accounts, Domain Administrative Accounts, Service Accounts, Application Credentials and SSH Keys. Privileged accounts, credentials and secrets are found in devices, applications and operating systems.
Experts agree it’s a best practice to ensure they are protected, managed and monitored. Whether your organisation choices an on premises of SaaS for Privileged Access Management (PAM) solution, your program should start with steps that focus on rapid risk reduction for high value assets.
In this session, we’ll review what is considered to be table stakes Privileged Access Management hygiene, and we’ll focus on three key areas for a Privileged Access Management security program:
•Account Discovery and Credential Vaulting
•Session Management and Isolation
Michael Katz, Cybersecurity Specialist, Infoblox, Brandon Dunlap, Moderator, (ISC)²
E-business relies on core network services to function. Name resolution through DNS and IP addresses handling (DHCP, IPAM), specifically.
And yet too many organizations view these crucial services as IT utilities. As a result, they miss out on the substantial cybersecurity benefits that lie hidden in them.
Make plans now to attend this live event where leading experts from Infoblox and (ISC)2 outline how to turn DNS and associated services into foundational cybersecurity assets. Join us and learn how the unique properties of DNS can enhance:
Malware detection, response and containment
Security orchestration and automation
Ollie Sheridan, Principal Engineer Security, Gigamon, Brandon Dunlap, Moderator, (ISC)²
Metadata helps you separate signal from noise, reduce time-to-threat-detection and improve overall security efficacy. And now application metadata helps you monitor user experience, troubleshoot problematic apps, understand “Shadow IT” usage and improve security posture within your organisation.
Join Gigamon as we discuss the growing need for application-aware network operations and how Gigamon Application Metadata Intelligence provides the deep application visibility needed to rapidly pinpoint performance bottlenecks and potential network security risks. You’ll see how next-gen network packet brokers enhance metadata with intelligence and insights from traffic flows so you’ll discover how to understand the performance and have control of hundreds of critical apps.
Roger Grimes, Data-Driven Defense Evangelist, KnowBe4, Computer Security Author, Chris Green, Head of PR and Comms, (ISC)²
We all know that compliance and security aren’t always the same. Attend this session to learn how they differ, how compliance is broken, learn about some common examples, and see how you can modify your compliance plans to be more secure without failing an audit. Taught by 30-year security veteran and former auditor who has passed the CPA and CISA exams.
What you’ll learn:
· Difference Between Compliance and Security
· How Compliance Is Hurting Security
· How to Fix
Dr Rhys W CISSP, Cyber Security Guidance lead, CNI Team, UK National Cyber Security Centre, Brandon Dunlap, Moderator, (ISC)²
Why organisations need a multi-pronged approach, rather than just filtering tools.
Phishing is not new – most organisations receive phishing emails all the time. Despite wide awareness of what phishing is and most organisations having some phishing mitigations, NCSC’s work with cyber victims shows that most cyber compromises still start with phishing emails. There are many tools and services that can detect and block phishing emails, but none are completely effective. NCSC, the UK’s technical authority for cyber security, advocates a multi-pronged approach to dealing with phishing risks, including people-focussed measures and wider network security, as well as phishing detection tools. NCSC’s work has found that many organisations do not follow this multi-pronged advice. This webinar will show that a more holistic approach to managing phishing risks is far more effective than even the most advanced detection tools, if they are used on their own.
As the phishing threat landscape continues to evolve at a pace that technology is unable to keep up with, organisations are turning to phishing awareness and simulation programs to plug the gap. Is your phishing awareness program keeping up with this changing landscape?
Join Cofense as we explore the attributes of a modern phishing awareness program and see what our data, based on millions of phishing simulations, shows about awareness programs and simulation exercises.
You will learn:
-The statistical advantage of using an email reporting tool
-The important role the end user plays in active defense
-How often you need to send simulations for maximum resiliency
-The advantages of basing simulations on active threats, not random dangers
-Why ‘phish testing’ is the enemy of true phishing defense
Defending against modern adversaries requires the ability to detect and understand threats quickly and to respond decisively. CrowdStrike’s experts fight and win these battles every day, and have one of the industry’s most comprehensive pictures of today’s top cyber threats.
Join us for a webcast featuring CrowdStrike’s John Titmus as he explores global observations and trends, and real-world intrusion case studies, delivering deep insights on modern adversaries, and their tactics, techniques, and procedures (TTPs).
-Global trends as seen across 1000s of real-world intrusion attempts, such as the emergence of mobile as a fruitful hunting ground for adversaries
-How organisations are using the MITRE ATT&CK framework to shorten the time to investigate and understand threats
-Why “speed” is the new critical metric in cybersecurity and the key steps you can take to improve your organisation’s ability to detect, investigate and remediate threats
Maria Oliva, Director of Consulting Services EMEA, CyberArk, Brandon Dunlap, Moderator, (ISC)²
Industry analysts and security leaders agree – organisations should prioritise privileged access security programs to maximize risk reduction with respect to the resources required for deployment. “Privileged Access” is what attackers seek, and this access is increasingly available in places organizations overlook including applications.
Join us for a session that will cover the basics of privilege access security. We’ll address how to define a program with respect to people, process and technology. We’ll also review some lessons learned from the field that will facilitate a successful launch.
Natasha Karelina, (ISC)² Customer Service Manager, EMEA
Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
- CPE opportunities, member benefits and getting involved
- Updates on (ISC)² news, developments and changes in your region
- Your membership requirements summarized
- Who are the (ISC)² EMEA team and how we can help you
- Focus discussions
- Q&A session
Nick Trigg, Solution Consultant, BitSight, Eric LeMartret, Risk & Privacy Lead, ServiceNow, Brandon Dunlap, Moderator, (ISC)²
Third-parties can pose a very real risk to an organisation. If the risk results in a breach, it can be costly – costlier even than if it did not include a third-party. In addition, new regulations are recognizing the importance of mitigating third party risk to provide greater protection for an individual’s personal data. In other words, managing your vendor’s risk is not only prudent, it’s required.
This session will showcase how the combined forces of BitSight Security ratings and ServiceNow tackles the unique challenges of:
- Positioning cyber security in context of the business.
- Blending the Bitsight security ratings information with more traditional data sources, such as audits and questionnaires, to provide a fully rounded, up-to-date view of your third parties.
Ollie Sheridan, Principal Engineer Security, Gigamon, Brandon Dunlap, Moderator, (ISC)²
With the second anniversary of the Equifax breach not so long ago and the fact that we now know much more about what happened due to the August 2018 release of the GAO Report. There was a lot of new information that came out of that report that was not well-understood at the time of the breach…. Did you know that while Equifax used a tool for network layer decryption, they had certificates nine months out of date? This lapse gave the threat actors all the time they needed to break in and exfiltrate reams of personal data. As soon as Equifax updated the certs on their decryption tools, they began to realise what had happened.
On the heels of the Equifax breach, we are reminded of the importance of efficient decryption for effective threat detection. That’s more important than ever as today the Ponemon Institute reports that 50% of all malware attacks utilise encryption.
During this webinar, Ollie Sheridan will talk about:
- How TLS encryption has become a threat vector
- Why decryption is essential to security and how to effectively perform detection
- How to make sure your detection tools are working at their greatest capacity without the latency introduced by decryption
(ISC)² recently completed our multi-year Digital End-to-End Transformation (DETE) project, which positions us to deliver a more a seamless and user-friendly experience to all members. In addition to revamping our online presence, we launched a new Learning Management Systems where members can access all the courses developed by our Professional Development Institute. In Part 3 of the (ISC)² Digital End-to-End Transformation (DETE) webcast, we will examine the “new world” of what the project has provided to internal (how we serve the members and visitors), the members (what you as members see and experience) and what’s to come. Join Wes Simpson, COO and Bruce Beam, CIO on September 17, 2019 at 1:00PM Eastern for a discussion on these items and a Q&A with our COO and CIO.
James Hanlon, Director, Splunk, George Panousopoulos, Security Strategist, Splunk, Brandon Dunlap, Moderator, (ISC)²
The problem of alert fatigue is symptomatic of a plague within most SOC environments, regardless of the tools and platforms being used. The general process within the industry for driving and managing security incidents is broken. It’s time to change perspective and build into alert creation processes a better prioritization procedure. This can be done by aligning it to a more intelligent risk scoring approach and frameworks like MITRE ATT&CK and automation. Security teams will be better positioned to make use of their existing toolchain, scale people and processes, and deliver a much more effective security capability. Join this webinar to learn:
•The scale of alert overload and why organisations struggle with this problem. You are not alone
•How to combine risk based alerting, MITRE ATT&CK and automation to optimise security investigation and reduce alert fatigue
•Insights, learnings and benefits from SecOps teams that have already made this shift
•Tricks and tips to help you transform the security investigation process using your existing tools and industry frameworks
Rick McElroy, Head of Security Strategy, David Balcar, Security Strategist, Carbon Black, Brandon Dunlap, Moderator, (ISC)²
Far too often, the cybersecurity industry focuses too heavily on all the advantages attackers have. We’ve all heard the saying: “Defenders have to be right 100% of the time while attackers only have to be right once.” Well, what if we could flip that equation?
As defenders, we have the home field advantage, so why does it seem like we are consistently losing? In order to shift this model and tip the scales back in our favor, we need to be thinking about “Disruption in Depth” rather than just “Defense in Depth.” We need to be making attackers’ lives significantly harder. Attackers make mistakes all the time. Let’s make them have to be 100% right all the time instead of us.
Join Carbon Black’s Head of Security Strategy, Rick McElroy, as he reveals the reality behind the modern threat landscape and uncovers what security teams can do today to tip these scales and make attacking your organization exponentially more difficult for attackers.
Adam Brady, Systems Engineer, Illumio, Brandon Dunlap, Moderator, (ISC)²
The separation of development, staging, test, and production environments using traditional network solutions is a challenge, or even an impossibility, for organizations with significant assets spread dynamically across heterogeneous data centres as well as public and hybrid cloud environments.
Segmentation was first developed to improve network performance, but experts have realised that a ‘perimeter only’ approach to security is not working. As organisations seek to secure the interior of their networks have recognised that they need to be more dynamic and granular than previously - facing the challenges of time and resource head on to secure their critical business applications.
This webinar will highlight:
•The problem of Environmental Separation
•A Network Segmentation 101
•A quick demonstration
Bruce Beam, (ISC)²; Beth Paredes, (ISC)²; Sommer Hess, (ISC)²; Brandon Dunlap (Moderator)
(ISC)² recently completed our multi-year Digital End-to-End Transformation (DETE) project, which positions us to deliver a more a seamless and user-friendly experience to all members. In addition to revamping our online presence, we launched a new Learning Management Systems where members can access all the courses developed by our Professional Development Institute. In Part 2 of the (ISC)² Digital End-to-End Transformation (DETE) will examine how (ISC)² executed the plan for the project, following the AGILE Project Management framework and the buy-in and support from other departments and stake holders within the organization. Additionally, there was board governance and oversight to contend with. Join Bruce Beam, CIO; Beth Paredes, Sr. Corporate Member Services Manager; and Sommer Hess, Director PMO, Quality and Training on August 20, 2019 at 1:00PM Eastern for a discussion on these items and the speed bumps that were run into on this project.
Meera Rao, Senior Principal Consultant, Synopsys, Brandon Dunlap, Moderator, (ISC)²
Demands for more secure software and more rapid application development have led to the emergence of DevSecOps. DevSecOps maturity requires a risk-based approach to adding security activities, increasing depth, and improving testing governance. The best strategy is to shift from a reactive to a proactive security approach that injects security at the right time and place with automated continuous testing. This presentation covers these aspects of automated continuous testing:
1. Practices to avoid
4. When and where to use automated testing
5. Best practices for implementing and improving continuous testing throughout the development life cycle
Forming part of the (ISC)² commitment to Inspiring a Safe and Secure Cyber World, we welcome you to the (ISC)² Secure Webinars - EMEA Channel. Sign up to join us for educational Security Briefings, Roundtables and eSummits aimed at all those vested in the world of information security. We welcome members and non members alike.
eSummit 2 - Phishing attacks and Forensics – Where did it all go wrong?Matthias Maier, Security Evangelist EMEA, Splunk, Christopher Laing, (ISC)2 EMEA Advisory Board Member[[ webcastStartDate * 1000 | amDateFormat: 'MMM D YYYY h:mm a' ]]45 mins