eSummit 2 - Phishing attacks and Forensics – Where did it all go wrong?

Traditional methods of filtering traffic have relied upon a knowledge of the network and transport behaviours of the applications running across the network. Whilst most applications being run across the network use standard ports, many threat actors will use methods to obfuscate their communications by abusing these standards, with port spoofing being one such example. This represents a challenge when gathering traffic to ensure that this simple evasion method does not create a blind spot to your security countermeasures.

Join us for this webinar to learn more about how you can:

•Ensure that the Application traffic regardless of port spoofing gets to the right tool
•Improve tool efficiency by discarding irrelevant Application traffic
•Filter the traffic based on the application rather than the IP & Port

DNS is a ubiquitous network service which has a front row seat when it comes to malware activities. Most organizations neglect to consider the scale and simplicity of using DNS as a visibility and control point. DNS servers are also home to a wealth of essential operational data that can accelerate incident investigation.
This session will discuss the role that DNS could and should play in security architecture and operations as well as identify how DNS itself is increasingly used as an attack vector by malicious actors.

Encrypting data-in-transit with SSL/TLS is standard practice among organisations today. Important security initiatives, such as built-in web browser warnings and stronger legislative GDPR changes, have significantly improved privacy awareness and helped to prevent data breaches. However, cybercriminals commonly hide threats within encrypted payloads and use encrypted channels to propagate malware and exfiltrate data, knowing they can bypass traditional security inspection solutions.

Join us for this webinar to learn more about:

• Challenges with encrypted traffic and risks to your business
• How to efficiently decrypt and orchestrate traffic to reduce latency
• How to intelligently manage decryption and re-encryption across your entire security inspection solutions (IPS, NGFW, DLP, WAF, Anti-Malware, etc.)

New year. New resolutions. Every year we make the pledge to eat healthier and exercise more. What is good for the waistline is also good for your phishing defense posture. With more than 90% of breaches attributed to successful phishing campaigns – now is the time to think about how to prepare and prevent attacks. In this session you’ll hear about 10 resolutions for your phishing defense programs that will make your organisation more secure.
Some of the topics covered include:
- How to empower humans to be part of the solution
- Best practices to balance automation with human intuition
- How the latest features and technologies can make your life easier

Every organisation can, and at some point will be breached. Gone are the days where investing only in preventive security technologies such as firewalls, endpoint protection and proxy servers were considered ‘state-of-the-art’. Instead, security best practices have evolved to build capabilities that detect attacks early, and to respond if all detection and prevention measures have failed. Today’s modernised approach is essential in helping the business recover quickly after a major attack - and helping the CISO keep their job.

So, your technologies have evolved, but has your approach to data collection? Do you have the right data for detection and response - or do you need to adapt for the future?

Join this webinar with Splunker, Matthias Maier to walk through 20 security use cases already used by leading organisations. You’ll hear the most relevant questions for each use case, and discover which device or application within your infrastructure can be used to find the answers. Forty minutes later, you’ll be set to take away your learnings, validate them in your own environment, and identify the most relevant gaps that need to be addressed for your business.

Security incidents such as malware infections can cause damage and disruption that propagates far beyond the organisation, affecting its reputation, brand value and customer loyalty.

Security ratings are impacted by these, giving an independent view into potential areas where security resources could be focused.

In this webinar, Tiago Pereira from BitSight will explain how and why botnet infections are a key metric of the effectiveness of your security posture, discuss their impact on external security ratings and how to effectively deal with infections affecting your organisation's rating.

Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
- CPE opportunities, member benefits and getting involved
- Updates on (ISC)² news, developments and changes in your region
- Your membership requirements summarized
- Who are the (ISC)² EMEA team and how we can help you
- Focus discussions
- Q&A session

Organisations today rely on their business-critical applications and literally cannot function without these systems. They are the heartbeats and nerve centres of the modern enterprise, the fulcrums on which supply chains, operations, accounting, HR, payroll and e-commerce depend. No wonder then that these tools and the data they generate are also being targeted by attackers keen to bring their targets to a standstill. But most of time companies are failing to protect these ‘crown jewels’ assets and they rely instead on a paradigm from the last century: focusing on perimeter security and generic defences that don’t prioritise or protect the most important tools and services.

Tune in to this webcast to hear about exclusive new research data on the state of modern security defences and get expert advice on how to protect your most important systems.

Most organisations have multiple products and services, from multiple vendors and suppliers to address their cybersecurity needs. The lack of integration and inability to share critical information results in silos of technology that cause inefficiency, lack of agility, limited visibility and a poor security posture. How can an organisation solve and streamline this improve their cybersecurity operations? Join Infoblox and (ISC)² for an examination of how Infoblox and Fortinet have joined together to assist organisations in improving their security operations and reducing time to containment.

CrowdStrike’s latest Cyber Intrusion Services Casebook continues to shine a light on how quickly attackers can gain access into an organisation. This webcast, drawn from real-life engagements from the past 12 months, takes a deep dive into the advanced and ever-evolving tactics, techniques, and procedures (TTPs) used by today’s most dangerous attackers.

We’ll discuss the following key trends:

-There is no slowdown in adversaries’ invention and brazenness
-Attackers operate quickly and at depth — waiting patiently to achieve their objectives
-Attackers are often hiding in plain sight

After years of debate over whether to impose new cybersecurity regulations on companies, the General Data Protection Regulation (GDPR) went into effect in Europe in May 2018. Already we’re seeing data breach victims ordered to pay fines under the new rules, and cookie disclosure notices are popping up on more websites than ever.
But what about the bigger picture: Is GDPR working? How would we know? We'll explore these and other issues, including an examination of what the data tells us as well as stories from GDPR implementation.

During episode 1 in our Trust No One Series, we heard about the origins of Zero Trust. Episode 2 showed us how Banco Santander started their Zero Trust journey.

In this Part 3, Duo will demonstrate how they deliver Zero Trust models to their customers.
You’ll leave with a hands-on basic understanding of how to deploy Duo to a cloud-based web-application.

Duo has been a pioneer in bringing Zero Trust models to the commercial market, allowing organisations to protect themselves quickly and easily.

Josh Green, Solutions Engineer, Duo Security
Richard Archdeacon, Advisory CISO, Duo Security

In the third of the series exploring BitSight Security Ratings, we will be focusing on the challenge of third party supplier risk management:

- How can we manage suppliers using the dimensions of inherent risk impact and residual risk appetite?
- How can we place suppliers cyber risk posture into context of our business?
- How can we continuously monitor and remediate according to sensible risk prioritisation?

Bob Lewis (former head of External Cyber Assurance and Monitoring, Barclays UK) will be discussing real life examples with Nick Trigg from BitSight.

Where has the time gone?

2018 may forever be known as the year of GDPR, but a look back to the last 365 days shows us that those in cybersecurity have been through a year of numerous trends, investments and modernisations of their Security Operations.

This webinar will share trends and lessons learned from Splunk’s own customers throughout 2018, including

-Insights into SOC activities at the Bank of England
-What security life really looks like at Siemens
-Overcoming the Industrial Internet of Things/Industry 4.0 security challenges at Volkswagen AG
-The skillsets Telia needed for their SOC to be successful.

Join us on December 4th, 12pm GMT as Matthias Maier goes through the top tales you need to hear as a security practitioner or manager.

The greatest cybersecurity threat an organisation faces is no longer the malicious outsider hacking from beyond network firewalls. It is the insiders - the contractors, third party vendors and privileged users who already have full access to your company's systems and sensitive data.

According to Ponemon Institute’s report 2018 Cost of Insider Threats, the average cost of an insider threat is $8.76 million annually. Addressing this type of threat requires a different approach to addressing external threats; whether unintentional or malicious, organisations with sensitive customer data need to quickly identify and eliminate insider threat.

Attend this webinar to learn the top five steps for building and maintaining an effective insider threat program, with best practices and real-life examples, that you can use.

You will learn:

- The types of insiders behind these threats
1.How to determine if your organisation is doing enough to address the threats
2.Five key elements to building an effective insider threat strategy
3.How to move beyond IT and think of an insider threat management strategy as a combination of people, processes and technology – in that order.

In this webcast Ollie Sheridan, Principal Engineer at Gigamon talks about the benefits of moving your SOC into the Cloud and how this differs from the challenges of creating a SOC yourself by combining monitoring tools and integrating them into an onsite SIEM.

During this presentation you will learn:
•How the security market is changing
•The paint points of implementing and managing your own SOC
•How and why you would put security into the cloud

Industry thought leaders have stated that if you can only tackle one project to improve the security of your organisation it should be Privileged Access Management (PAM). Our own research backs this up with the 2018 Privileged Access Threat Report revealing organizations using automated PAM technology experience far fewer serious breaches than those that did not. Karl Lankford, Lead Solutions Engineer EMEA at Bomgar will discuss what ‘privilege’ means to your business and how implementing a PAM solution can drive significant improvements across the organisation. You will learn:

•Why organisations should make PAM their top 2019 investment
•Why quickly controlling and automating key PAM capabilities is critical to your organisation’s success
•Help you to prepare the business case for your PAM project and to get Executive Leadership buy in