eSummit 3 Cyber-Forensics - an Overview of Intrusion Investigations

Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
- CPE opportunities, member benefits and getting involved
- Updates on (ISC)² news, developments and changes in your region
- Your membership requirements summarized
- Who are the (ISC)² EMEA team and how we can help you
- Focus discussions
- Q&A session

Why is it better to implement data protection by design than just meet the regulatory requirements of GDPR? The answer is simple: if you build privacy and security directly into your technology, design and operations, you will create a secure foundation for the future, improving your security posture and reducing costs going forward. This concept is not new, however we continually see organisations taking the reactive approach, and then being surprised when they are compromised.
In our webinar General Manager EMEA at Netwrix, CISSP Matt Middleton-Leal will discuss, how to create and implement data protection by design strategy:

What are the 7 Foundational Principles of privacy by design?
How can privacy assurance become an organization’s default mode of operation?
What is the risk-based approach for implementation of data protection by design?

Today, 91% of malware uses DNS to carry out campaigns once it has breached the perimeter. In a recent SC Magazine survey, 46% of survey respondents said they experienced DNS-based data exfiltration. DNS traffic is not investigated or filtered by firewalls and thus is a gap that is commonly exploited by malicious actors.

Solving these challenges requires:
•Visibility into DNS traffic
•Plugging the DNS security gap with a multipronged approach to threat detection
•Integration between DNS Security and other security tools that are part of the ecosystem

As part of the continued DNS Security webinar series, please join (ISC)², Infoblox and McAfee for this interactive discussion and learn more on why DNS should be part of your cyber strategy.

For part 1 in this series: paste the following URL into your browser: https://www.isc2.org/News-and-Events/Webinars/EMEA-Webinars/Focused-Webinars?commid=293803&part2

In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format. They provide insight into the path he took to become CISOs and how they are reinventing the role in the face of accelerating industry change.

The demand for machine learning (ML) in security is growing fast. There are countless approaches, but there’s also a lot of hype. This webinar provides a frank assessment of the strengths and weaknesses of static analysis, decompilation, detonation, in-context analysis, artificial intelligence and other emerging approaches, all grounded in real-world examples and specific algorithmic details.

Whatever SIEM solution you operate, it is highly likely that personal information is captured in the log data such as phone numbers, email addresses, cookies, RFID’s, geolocation and more. If it can identify an individual in combination with other data, you must ensure that you’re not in breach of the GDPR. To help give guidance on this, we have conducted detailed analysis on how you should treat your SIEM solution and log data under the GDPR. Join the webinar to:
•Learn the most relevant aspects of GDPR, to understand its impact on log management
•Understand the risk of processing and storing log data in the context of GDPR
•Discover your obligations and the precautions you can take to comply and maintain visibility
•Observe specific compliance guidance and relevant use cases for network and information security logs

As long as Kerberos communication is not being decrypted, attackers get an opportunity to act freely using Kerberos without being detected because the encryption is being handed to them on a silver platter. Because Microsoft’s native software uses Kerberos, once control over a computer in a network is obtained, attackers can hide their activities and easily blend into a detection-less highway.

Attend this webinar presented by the CyberArk Labs team to learn how decrypting the Kerberos protocol can bridge the gap between attackers and the defensive side by providing the defenders a real view over the network.

We’ll discuss:
•Why SIEM solutions are blind to this attack maneuver
•Kerberos basics
•Kerberos attacks overview
•Kerberos attacks detection – considerations and limitations
•Decryption – exposing the attack

Speakers:
Ido Hoorvitch
Lavi Lazarovitz

Join (ISC)² EMEA and PhishMe for a look back at 2017’s threats and a look ahead. We’ll provide an overview of what PhishMe's Intelligence team uncovered, discuss trends in phishing-delivered malware, and analyse how various delivery vectors evolved.

Some of the trends we’ll discuss:
•The implications of last year’s major global cyber-events, such as WannaCry and NotPetya
•The emergence of new ransomware families
•The abuse of legitimate functions built into business-critical software platforms to deliver malware
•The favouring of modularity and plug-in accompaniments to lightweight botnet and stealer malwares
•New ways cyber-criminals are obtaining cryptocurrency

Cyber-crime won’t slow down. Take this opportunity to learn from the recent past as you deal with current threats and prepare for whatever’s next.

Ask a CISO what is keeping them awake at night and all too often, they will mention their organisation’s readiness for the upcoming General Data Protection Regulation (GDPR) legislation. A recent survey showed that only a third of respondents are already compliant or on target to be compliant with the GDPR. But how has the GDPR earned its fearsome reputation?
Supporting this debate is Ardi Kolah, Executive Fellow and Director of the GDPR Transition Programme at Henley Business School who will be discussing the implications of GDPR for business, along with William Richmond-Coggan from Pitmans Law who will be addressing the legal implications of GDPR as well as the opportunities for your business.
The panel will be joined by Mandeep Sandhu, Compliance Technical Director for Carbon Black who will show how the security threat landscape could affect your business's GDPR compliance.
Key Takeaways:
•What you need to do to approach the May 2018 GDPR deadline with confidence.
•How taking data security and privacy seriously is actually a great opportunity for your business
•The security threat landscape, and how current threats could affect GDPR compliance
Moderator: Adrian Davis, MD (ISC)² EMEA

In this webinar, we will explore a new attack vector that CyberArk Labs has discovered and dubbed “golden SAML.” The vector enables an attacker to create a golden SAML, which is basically a forged SAML “authentication object,” and authenticate across every service that uses SAML 2.0 protocol as an SSO mechanism.

The team from CyberArk Labs will discuss how in a golden SAML attack, attackers can gain access to any application that supports SAML authentication (e.g. Azure, AWS, vSphere, etc.) with any privileges they desire and be any user on the targeted application (even one that is non-existent in the application in some cases).

They'll then demonstrate their new tool, shimit, that implements a golden SAML in order to compromise an AWS account from within a Microsoft domain.

Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
- CPE opportunities, member benefits and getting involved
- Updates on (ISC)² news, developments and changes in your region
- Your membership requirements summarized
- Who are the (ISC)² EMEA team and how we can help you
- Focus discussions
- Q&A session

In today’s threat landscape, modern security teams recognise that compromise is inevitable. However, that does not mean that a breach should be inevitable too.
Today’s security leaders must bring together the people, process and technology to enable threat hunting. Detect and alert strategies need to be revamped to shift from reactive forms of incident response to proactive threat hunting.
Join Rick McElroy, Security Strategist for Carbon Black, to learn how better to enable your hunt.
Key takeaways:
1.Understand the role of threat hunting in a resilient cybersecurity strategy
2.Learn how to create a culture of threat hunting and embed it within your security strategy
3.Discover how to mature your threat hunting program
4.Learn how to create an ROI for threat hunting
5.Gain practical insight into the steps to take in order to start threat hunting

Moderator: Adrian Davis, Managing Director, (ISC)² EMEA
Speakers:
Rick McElroy, Security Strategist, Carbon Black
Joe Moles, Director of Detection Operations, Red Canary

Detecting malware, helping to prevent and disrupt command and control communication, ransomware and phishing attacks, being part of a data loss prevention program – DNS can help with this and much more, but are you leveraging it as part of your security controls and processes?

DNS is the perfect choke point to stop not just data exfiltration through it, but also detect and stop malware from spreading and executing

In this webinar you’ll learn:
•The value of DNS as part of your cyber strategy
•How DNS can provide your SIEM with actionable intelligence
•How DNS can add value to other security controls, such as vulnerability scanners and end point protection

Join Infoblox and (ISC)² for a discussion on this often overlooked topic.

Your CEO has just called your mobile because a reporter from the BBC wants to know how many customers are affected by a hack into your payment database.
How should you respond?
What is the one thing you should not say to avoid turning a cyber incident into an event that has to be reported under GDPR?
Why is Crisis Comms so different from all other types of PR?
What things do you need to demonstrate that will limit the damage?
Do you have a tried and tested Crisis Comms plan?
Does everyone know who is on the Crisis Comms team?
What they have to do?
Who they need to inform?
What they can and cannot say, and how they should say it?
What type of skills do you need to manage media communications and prevent a cyber incident becoming a crisis?

In this webinar, we will discuss how utilising artificial intelligence and machine learning addresses risk reduction when dealing with the increasing pace of unknown malware proliferation. We will also discuss how this approach differs from legacy methods and provide a compliance example of how you can remove complexity and liberate resources by leveraging advanced artificial intelligence and machine learning.

In this webinar we will explore new privileged account risks that DevOps, the Cloud and digital transformation projects bring. Examples shown will discuss the privilege risks that have already been exploited to compromise businesses. We will share best practices and guidelines on managing highly privileged secrets used to access cloud consoles, access keys and finally how to manage the privileged secrets bestowed to the new robot-guardians of our infrastructure, CI/CD tools.