Cognitive Security: A Game Changer?

The 2021 Cloud Security Report, sponsored by (ISC)2, explores current cloud security trends and challenges, how organizations are responding to security threats in the cloud and reveals tools and best practices organizations are considering.

Based on a comprehensive survey of 783 cybersecurity professionals conducted in early 2021 to uncover how cloud user organizations are responding to security threats in the cloud, and what training, certifications and best practices IT cybersecurity leaders are prioritizing in their move to the cloud.

Join (ISC)2 on July 21, 2021 at 1:00PM Eastern for highlights of the results and to get key insights including:
•A majority of cybersecurity professionals (96%) confirm they are at least moderately concerned about public cloud security, a small increase from last year’s survey.
•For the second year in a row, the key barrier to cloud adoption, organizations mention was a lack of qualified staff (39%) as the biggest impediment to faster adoption.
•More than half of organizations (57%) expect their cloud budgets to increase over the next 12 months.
•When asked how organizations rate their overall security readiness, 73% rate their team’s security readiness average or below average. Of those, 78% believe their teams would benefit from cloud security training and/or certification.

Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:

- CPE opportunities, member benefits and getting involved
- Updates on (ISC)² news, developments and changes in your region
- Your membership requirements summarised
- Who are the (ISC)² EMEA team and how we can help you
- Focus discussions
- Q&A session

With Network Traffic increasing as Bandwidth costs decrease and the delivery of Applications changing in favour of Cloud environments, monitoring Networks at scale is becoming an increasing challenge. One of the approaches which is gaining popularity is the use of Metadata - but what is Metadata exactly? If you elect to employ Metadata as your method for monitoring your Network what format should you choose? On July 15, 2021 at 1:00 p.m. BST, join Gigamon and (ISC)2 as we discuss the rise in popularity of Metadata, what problem it's trying to solve along with the pros and cons of its use. We'll also investigate how it can be implemented, examining the various formats that can be used to generate this Metadata. Lastly, will be the other uses of Metadata beyond 'traditional' Security, to ultimately lower the costs of implementation and better understand our environments. Join Ollie Sheridan as he raises these questions and gain a better understanding of Metadata in the context of Security.

In a small or medium-sized business, you probably wear many different hats: VP of logistics one day, head of social media the next, and IT trouble-shooter the day after that. Are you comfortable wearing the Chief Information Security Officer hat for your business? While most reporting on cyberattacks focuses on the impacts to large companies, the truth is that small businesses are not immune. eCrime groups know that small businesses rarely have the resources to defend themselves in the same way as large enterprises, which can make them lucrative targets for ransomware and cyber extortion. Join CrowdStrike and (ISC)2 on July 13, 2021 at 1:00 p.m. BST as CrowdStrike’s Patrick Magat examines the cyber threats that target small businesses, sharing real-world examples plucked from the CrowdStrike case files. This will set the stage for a discussion of the building blocks of a successful cyber defence, and practical guidance for defending your business. We’ll also cover:

· Common cybersecurity misconceptions for small business

· Real-world case studies of cyber intrusions and what could have been done to stop them

· The basic structure of a successful cybersecurity program, including next-generation prevention, threat hunting, investigation and real-time response

· How small businesses are using managed services to see, stop and prevent determined attackers, skipping the burden of building and managing a program themselves

Do you spend countless hours assessing businesses risk, stuck in spreadsheets, sift through emails to find the most up-to-date information? After gathering all the necessary information from your line of business, you still need to review, validate, analyze, and assigned a risk score. All of this must be done before actionable insights can be drawn or mitigation efforts can take place. There is a significant gap in how risk is assessed and rate at which your business operates today. As your program evolves, the need to simplify the risk assessment process becomes unavoidable. But a common reality is that as your business continues to develop, risk assessment practices and resources have largely remained the same. It’s not as simple as getting a risk management tool; it’s about finding the right technology to adapt your processes in line with your current risk landscape and business objectives. On July 8, 2021 at 1:00 pm BST. OneTrust GRC and (ISC)2 will review risk assessment best practices businesses should consider based on leading industry standards from ISO 31000, NIST CSF, and the latest DOJ Corporate Compliance Guidance. We will also share how to:

· Familiarize yourself with proven best practices and new perspectives on risk assessments

· Identify opportunities to collect risk insights in context through an automated questionnaire process

· Streamline risk identification with automation rules tied to your risk methodology

Clar Rosso, CEO of (ISC)2 shares the latest insights on what’s happening at our association. Join us for this quarterly update where we cover the latest developments at (ISC)2, ranging from certification to member benefits, continuing education and events, to major milestones and achievements. On July 1, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as Beth Paredes, Director of Member Services at (ISC)2 join Clar to provide an overview of the wealth of benefits and services available to members and associates.

In the latest edition of the biannual Unit 42 Cloud Threat Report, researchers analyzed data from hundreds of cloud accounts around the world between October 2019 and February 2021 to understand the global impact of COVID-19 on the security posture of organizations. In response to the global pandemic, organizations globally increased their cloud workloads by more than 20%, leading to an explosion of security incidents. This led to the conclusion that rapid cloud scale and complexity without automated security controls embedded across the entire development pipeline are a toxic combination. Join Palo Alto Networks and (ISC)2 on June 29, 2021 at 1:00p.m. BST for a discussion that provides a deep dive into the findings. Topics covered will include:

- How the latest cloud threats may be affecting your organization

- Which industries suffered a spike in security incidents in light of the pandemic

- Best practices your organization can apply today to stay protected

With the onset of social justice movements and awareness of racial and gender inequality around the globe, many organizations and leaders are recognizing the need to dig deeper and lead the charge for their stakeholders and communities for lasting transformation. Yet, what makes diversity and inclusion—seemingly so simple—so complicated and difficult to achieve? What are some of the key challenges and tensions that often arise throughout the inclusion journey? And, how can leaders ignite the passion needed to face these challenges? Join (ISC)2 on June 23, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as Clar Rosso, (ISC)2 CEO joins with cyber industry leaders to explore these paradoxes, challenges and high-impact solutions and what it takes to achieve a truly diverse and inclusive cyber profession; one that weaves inclusion into everything it does.

Cybercriminals must become masters of evasion if they are to be successful. Many threats, such as APT’s, are designed to remain hidden for weeks or longer as they slowly monitor their victim, compromising select information in a way that is also intended to go unnoticed. Others, like ransomware, may only need to hide their malicious intentions long enough to infect and begin encryption processes. And even when these attacks trip some defensive sensor, it can take analysts days to investigate and launch an effective incident response, often too late to prevent significant damage. Join Infoblox and (ISC)2 on June 22, 2021 at 1:00 p.m. BST as we assess evasion methodologies and the value of DNS, with some unique EMEA callouts, to counter them across the kill chain including:

• Why does DNS visibility expose threat activity other solutions miss?

• How can DNS visibility be used to make other solutions more effective?

• What role does DNS play in investigation and response?

As businesses constantly evolve and grow, so does an organization's attack surface. The pace and velocity of technology transformation in enterprises has created a difficult environment for security teams to defend against complex threats. Join BeyondTrust and (ISC)2 on June 15, 2021 at 1:00 p.m. BST for a webinar where will examine how Privileged Access Management (PAM) can support the security team as an enabler to digital transformation, while providing one of the most effective ways to stop lateral movement by threat actors.

Key topics to be covered include:

· What Is Digital Transformation and why should we care about it?
· Why automation isn’t just for the business
· How to mitigate identity risk with Privilege Access Management

If the idea of automating breach response fills you with a sense of uneasiness, you’re definitely not alone. But the flipside of doing everything manually isn’t ideal either…and can actually bring more risk to a situation, especially during a major incident. On June 10, 2021 at 1:00 p.m. BST, Join Sam and Jess (aka The Real Housewives of Automation) of Exabeam and (ISC)2 for a session where we will explain where, how and when automation can help you investigate and respond quickly, accurately, and without creating a LinkedIn profile updating moment. We’ll also examine:

· End to end automated vs manual response – a look into a real breach through two different lenses
· The machines are our friends – how automation will help your team thrive
· Raging alongside the machines – how to get the right balance
· Investigation and response automation – where to start and how to finish

What is the value of trust for a company, and what role does a security leader play in order to enable it? On June 8, 2021, at 1:00 p.m. BST, Duo Security Advisory CISO Helen Patton and (ISC)2 will discuss the factors that make a company trustworthy, and how a security team builds trust within an organization. We will review the Cisco Security Outcomes Study and consider the trust-based activities that enable positive security outcomes. Attendees will be provided with actionable suggestions for improving security and trust in their organization.

Every organization is working to reduce the delay between issuing a risk assessment, receiving a response, gaining risk insight, and making a risk-based decision. Risk insights quickly lose value as time elapses from the initial assessment request. Businesses should leverage the digital workstreams to collect information as updates occur using data discovery tools to find, document, and classify in real-time. Join OneTrust GRC and (ISC)2 on June 3, 2021 at 1:00 pm BST as we explore how to quickly connect enterprise data through automated data discovery and translate the data into meaningful risk insights. We’ll also examine how to:

· Identify data across business applications for the latest risk insights.

· Automatically categorize information to deliver meaningful insights across risk, compliance, and your executive teams

· Explore a new way to quantify risk using risk formulas to aggregate and standardize risk using real-time data points

In a year when a global pandemic significantly changed how and where we work, the CrowdStrike 2021 Global Threat Report has never been more highly anticipated. This year, the report exposes how cyber adversaries have exploited the situation, accelerating attacks and introducing increasingly damaging tactics, techniques and procedures. On April 13, 2021 at 1:00Pm BST, CrowdStrike Technology Strategist, Zeki Turedi and (ISC)2 will examine the notable threats, events and trends in the report, including pragmatic recommendations to help you better defend against cyberattacks in 2021 and beyond. We'll also examine:

· How the COVID-19 pandemic has changed cybersecurity

· How "big game hunters" are targeting the healthcare sector

· Significant nation-state-based targeted attacks and operations observed from China, Iran, DPRK, Russia and others

· The CrowdStrike eCrime Index and how it measures the strength of the cybercriminal market over time

This year, Cisco hosted the first global, virtual Cisco Live 2021 event. Customers from all around the world converged virtually to experience the latest technology innovations, network with peers and colleagues, and find out what Cisco has in store for 2021. We will cover the latest hot topics within cybersecurity including how companies are protecting their workforce remotely; what the future of work looks like and how companies are shifting towards a cloud security which including trends that we have seen emerging with SASE. Join Cisco and (ISC)2 on May 27, 2021 at 1:00 p.m. BST as we discuss the key takeaways on Cloud Security arrived at during the Cisco Live 2021 event.

Every day, wars are being waged on invisible battlefields. The enemy is hiding and stealthily leveling its attacks from within. This formidable foe isn’t an opposing army. It may very well be a single malicious actor, or a state-sponsored group of hackers. Without a trace of their tools left on the disk, attackers are storing the code in memory–resulting in infamous Fileless Malware. If successful, the best case scenario outcome is a tarnished reputation; the worst, significant (and potentially irreparable) damage to a brand and its business. Join Intezer Labs and (ISC)2 on May 25, 2021 at 1:00 pm BST for a discussion on how attacks like these can cripple an organization without its security team ever knowing it.