eSummit 3 Cyber-Forensics - an Overview of Intrusion Investigations

Organizations are adopting cloud services at a rapid speed and security incidents are spanning across on-premises, multi-cloud platforms, and many unique or interconnected SaaS Apps. Pair this with Gartner's prediction that by 2023 "at least 99% of cloud security failures will be the customer's fault" - this could be a recipe for disaster. With security teams often being too reactive and too slow to adopt and establish visibility in the cloud, important preparation steps for incident response are being missed. And any 'Master Chef' knows that prep is key to any winning dish. Join Splunk and (ISC)2 On December 1, 2020 at 1:00pm GMT for an examination on how to:

· Speed up security team efforts, from understanding the risk surface to operationalization

· Implement the key ingredients of intelligent detection, investigation and response across multiple cloud services

· Find out how to use 'the secret sauce' of intelligent alert prioritization to focus on what matters most

· Use detection of a common risk factor such as API Credential Leakage and bake into end-to-end

The pandemic and its shock to world economies have profoundly altered work environments and cybersecurity priorities. COVID-19 has prompted a massive work-from-home (WFH) movement, increased BYOD policy adoptions, and unfortunately a spike in cyberthreats, ransomware, and data breaches. To help enterprises understand the enormous impact to their IT security teams, (ISC)2 co-sponsored a study that surveyed 600 security professionals from seven countries and 19 industries. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key insights from this study, including:
- Challenges of supporting an expanded remote workforce
- Mid-year changes to IT security budgets and personnel
- Change in preferences for cloud-based security solutions
- Security technologies best suited to address pandemic-fueled challenges
- The positive impact of IT security professional certifications

Join (ISC)² Chief Operating Officer, Wesley Simpson for a lively and informative panel discussion on the many new features and offerings provided at the 2020 virtual Security Congress!

Security Congress veterans and session panelists, Brandon Dunlap, James McQuiggan, & Sharon Smith will share how to leverage many of the unique features of the virtual Security Congress, guide you through the various educational, networking and engaging social activities driving the 2020 (ISC)² Security Congress experience.

Whether it's your first Security Congress or 10th, there's something here for everyone. Key topics discussed:
- What makes Security Congress is the marquee security conference of the year:
- Content quality, notable speakers, & keynotes
- Network with thousands of professionals from around the globe & career coaching opportunities
- Ability to obtain up to 45 CPE

Link to event page in the attachments.

(ISC)² is an international, nonprofit membership association for information security leaders like you. We’re committed to helping our members learn, grow and thrive. More than 150,000 certified members strong, we empower professionals who touch every aspect of information security.

(ISC)² Security Congress brings together industry colleagues, offers educational and thought- leadership sessions, and fosters collaboration with other forward-thinking companies. The goal of our annual global cybersecurity conference is to advance security leaders by arming them with the knowledge, tools and expertise to protect their organizations.

Join thousands of cybersecurity professionals at all levels for three days of industry discussion, continuing education and networking, November 16 – 18. Get your passes at: https://securitycongress.brighttalk.live/passes/

Cybercrime is big business. Recent estimates have stated cybercrime will cost the world $6 trillion annually by 2021. To understand modern attacks and begin to disrupt the ROI for cybercrime one must understand how cybercrime has become a global business. The days of lone wolf hackers are largely gone. As defenders, we must move to maximize our advantages and minimize their return on investment. Join VMware Carbon Black and (ISC)2 on November 3, 2020 at 2:00 p.m. GMT as we discuss how the exploitation and resale of direct access into corporate networks is exploding in popularity and why cyber criminals are leveraging modular and increasingly more capable malware to optimize profits. We’ll also explore:

·Trends with cyber criminals, the underground markets they operate in, and how the playing field has transformed
·We will dig into cyber criminals’ latest techniques and tips for defending against them
·Learn what to expect as these underground markets continue to evolve. We must make their job hard – learn how!

Ransomware continues to be an ongoing threat to organizations of all sizes that must defend against. Successful attacks have caused a large increase in overall ransomware incidents. Join Infoblox and (ISC)2 on October 27, 2020 at 1:00 p.m. GMT for the latest research on the emergence of Qakbot InfoStealer, the Return of Emotet, Vidar InfoStealer, and much more. We’ll also examine how Ransomware as a service continues to grow, the tactics threat actors are using to be successful and what can you do differently to better defend against them. Key takeaways will include:

· New and recently emerged malware variants and trends

· How these differ from other variants we have seen in the past

· What defensive tactics work, and what has failed in the past

· What the state of ransomware looks like

Join (ISC)2 as we celebrate European Cybersecurity Month, the annual campaign dedicated to raising awareness of cybersecurity amongst citizens and organisations across Europe.

This one-hour webinar will introduce you to the free resources developed by our Center for Cyber Safety and Education that you can use to easily teach children, parents and seniors on how to use the internet safely. With no background checks required and all teaching materials available virtually, it has never been easier to help your community stay safe and secure online.

Earn CPEs by adding value to society and helping to tackle issues such as cyber bullying, phishing, online scams and more.

Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:

- CPE opportunities, member benefits and getting involved
- Updates on (ISC)² news, developments and changes in your region
- Your membership requirements summarised
- Who are the (ISC)² EMEA team and how we can help you
- Focus discussions
- Q&A session

National governments are looking for insight into how to manage their cyber risk through security ratings and analytics, which provide visibility and awareness of security performance of critical national infrastructure. These ratings and analytics can used to identify vulnerabilities at scale, model systemic risk, enable close collaboration to reduce the likelihood of a national incident and measure the effectiveness of policy. BitSight and (ISC)2 will examine how organizations like Ministries, National Cybersecurity Centers, National Certs and Telecom Regulators can:

● Increase the Cyber Resiliency of the Country and their Constituents

● Manage the National Digital Footprint

● Identify and measuring Cybersecurity Performance

● Communicate Cybersecurity Performance to boards and stakeholders

A recent trend in the IT Industry has been to encrypt communications with more and more protocols now running over TLS ("SSL"). Major browser vendors are providing a means to not only encrypt the DNS requests being made by clients but also the SNI within a TLS connection. Are we as an industry losing sight of our goals with this approach and are producing a potential issue where we are hindering rather than helping ourselves in this endeavour? Join Gigamon and (ISC)2 October 13, 2020 at 1:00 p.m. BST for a discussion of the pros and cons of encrypting this data, with an emphasis on TLS as a transport. We will also examine the motivations of organisations to provide these services and how a Threat Actor can take (and in fact has taken) advantage of another hole we've inadvertently made in our countermeasures. Also discussed will be the steps we can take to keep ahead of this and the financial ramifications that ubiquitous encryption can have on security countermeasures.

The CrowdStrike Falcon® OverWatchTM 2020 Mid-Year Report provides unique insights into the targeted, state-sponsored and criminal campaigns the OverWatch team has encountered in the first half of 2020. Now, you can get a first look at the findings from the report presented by the expert threat hunters who analyzed some of this year’s most complex and intriguing incidents. Join Crowdstrike and (ISC)2 on October 6, 2020 at 1:00 p.m. BST this webcast and hear from CrowdStrike® VP of OverWatch and Security Response as she shares detailed accounts of real-world incidents her team has observed, including the trends, adversaries and techniques that were most prominent, so far, this year. You will also gain valuable information on the industries and regions most impacted by cyberattacks. The webcast will also focus on:

•How has the threat landscape shifted since the global pandemic emerged, forcing the rapid adoption of remote work and opening new avenues for attack?

•What industries have seen the biggest shifts in attack activity?

•What are the adversary motives behind the attacks and the most prevalent techniques adversaries are using to achieve their objectives?

•What are key steps you can take to protect your organization against today’s most prevalent threats?

Successful ransomware attacks are at an all-time high. And so is the number of organizations paying ransoms to recover their data. But why? And what can smart IT security teams do to mitigate the risks of falling victim? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key findings from CyberEdge’s 2020 Cyberthreat Defense Report. In this webinar, we’ll:

- Examine disturbing ransomware trends, by country and by industry
- Postulate why more organizations are paying ransoms
- Underscore the importance of investing in your company’s “human firewall”
- Review technologies to help give security teams the upper hand

One of the biggest challenges for security teams today is to keep up with modern adversaries. A SOC needs to continuously improve detection capabilities based on the evolving adversary techniques. The time between a new attack seen “in the wild” and deploying a new detection in your SIEM is crucial to success. SOC processes, especially detection development, need modernizing in order to keep up with the advancing threat landscape. This is where the agile DevOps mindset should be adopted within SOCs to reduce the detection development time. Join Splunk and (ISC)2 on September 29, 2020 at 1:00 p.m. BST as we explore:

· DevOps and its advantages in a modern SOC

· What modern detection development looks like using DevOps methods

· How to build an automated workflow for validating and testing detection content

· How to use Splunk open source Attack Range for embedding development and testing of detections

In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format.

In this session Sarah Self, UK CISO at AVIVA will provide insight into the path she took to become a Cybersecurity Leader and how she is reinventing the role in the face of accelerating change.

With data growing exponentially, data sources spread across many areas, including data and multiple clouds. This leads to difficulty in proactively reducing risk and protecting critical and sensitive data. One of the largest sources of risk comes from duplicate and redundant sensitive data migrating across multiple data sources and stores. Blindspots into your derivative data can create unnecessary data exposure risks; stall cloud migration initiatives, data minimization initiatives, and M&A processes; and present an additional layer of compliance challenges across the board. Join BigID and (ISC)2 on September 15, 2020 at 1:00 p.m. BST for a discussion about these risks and how to discover, identify, and minimize duplicate and similar data. Areas covered will include:

· How to identify and tag duplicate, similar, and redundant data
· Map Data migration and identify original data sources
· Best practices for minimizing critical data across data sources and removing duplicate data
· How to apply next-gen ML techniques to reduce risk and increase confidence in your data
· Build a data driven risk profile of your data sources

As security budgets decrease and teams continue to adjust to the “new normal” operating environment, it’s become increasingly critical for security teams to find ways to do more with less. In order to get the most out of the investments in security tools and protect your data, organizations need to rethink traditional methods of mitigating risk and automate wherever possible. In this webcast, Bitsight and (ISC)2 will provide tips and best practices on how to enrich the threat intelligence you’re already collecting to maximize your cybersecurity ROI and prevent a potentially damaging breach or incident. We’ll also examine how to:

● Gain increased visibility and context into your growing attack surface

● Identify and remediate any gaps in your existing cybersecurity controls

● Automate your risk discovery and assessment processes

● Make data-driven decisions about where to focus your efforts for the greatest impact

Security happens where man meets machine (or fails to happen, as we see all too often!) As organizations have shifted from local-only to hybrid and cloud-hosted resources, the principles of zero-trust security have helped define human-friendly secure access regardless of a user’s location. While building a zero-trust strategy can improve security wherever a system must make an access decision, ignoring the behavior of the user and their experience can ground these initiatives before you’ve even taken off. So, organizations need to ask the right questions: what exactly happens where people and technology meet? At the very moment of human/system interaction, what factors in human psychology and industrial design are at play? And if we could pause time for a moment to catalog and identify those factors, could we design a better experience, a better outcome, and a better path to the future? Join Duo Security and (ISC)2 on September 8, 2020 at 1:00 p.m. BST where we will explore how to:

● Improve the success of zero-trust initiatives through industrial design techniques

● Leverage psychology and technology to have people make secure decisions and secure actions.

● Construct the design framework (tactics and metrics) to build and manage a security culture.

Nearly nine in 10 organizations are experiencing a shortfall of skilled IT security personnel, according to CyberEdge’s 2020 Cyberthreat Defense Report. That’s up from eight in 10 organizations just two years ago. This weighs heavily on the minds of IT security professionals as ‘lack of skilled personnel’ is rated as the #1 inhibitor to successfully defending against cyberthreats. So, what can organizations do to mitigate the effects of this crisis? Well, if you’re willing to ‘think outside the box,’ there is hope. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he:

- Examines the shortage of IT security personnel by job role
- Proposes creative ways for recruiting new security talent
- Suggests clever ways for retaining the talent you already have
- Identifies technologies that enable security teams to do more with less