Hi [[ session.user.profile.firstName ]]

Is Enterprise Security Positioned to Succeed?

Two themes emerge from 451 Research's recent study of the organizational dynamics of enterprise information security teams: that security teams are understaffed and potentially incorrectly positioned in organizations. Join us to review the the study's results based on more than 930 online surveys and 20 live interviews with enterprise security leaders.
Recorded Jan 19 2017 62 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Daniel Kennedy, Research Director, 451 Research, Adrian Davis, Managing Director, (ISC)² EMEA
Presentation preview: Is Enterprise Security Positioned to Succeed?

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Maximizing the Value of Threat Intelligence Dec 8 2020 1:00 pm UTC 60 mins
    Bob Hansmann, Sr. Product Marketing Manager – Security, Infoblox; Brandon Dunlap, Moderator
    ‘Threat intelligence’ has become a general term that may refer to many different types of data sets used to meet very different security needs. Threat prevention and detection solutions (i.e. NGFW, SWG, EDR) are only as good as the threat intelligence driving their analytics. Threat investigation and incident response activities are limited and slow without timely access to sufficient event, network, and threat intelligence. This requires defenders to better understand their intelligence needs, how to identify and map appropriate threat feeds to each need, and the tools available to drive maximum value from threat intelligence. Join Infoblox and (ISC)2 on December 8, 2020 at 1:00pm GMT as we review the state of the threat intelligence industry, using public and private research from the last year on the quality and applicability of public, private, and proprietary feeds. We’ll also examine areas such as:

    - Automating multi-feed normalization into a ‘super-feed’ for a more effective defensive security stack

    - Speeding investigation and response through event, metadata, and threat intelligence correlation

    - Leveraging threat intelligence of threat actor objectives, methods, and tactics to drive quick incident resolution
  • Securing Your Expanded Remote Workforce Dec 1 2020 6:00 pm UTC 60 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    The COVID-19 pandemic has caused dramatic increases in remote workforces and BYOD policy adoptions, making it more challenging than ever to secure company applications and data. Now that organizations have increased their remote access capacities, it’s now time to explore ways to help secure these remote managed and unmanaged devices to help mitigate the elevated risks of ransomware, data breaches, and other cyberattacks. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he:

    - Recaps key findings from a recent COVID-19 impact study
    - Examines the challenges facing today’s IT security teams
    - Suggests ways to invest more in your human firewalls
    - Explores current and emerging security technologies
  • Security Master Chef: A Visibility and Response Recipe for Any Cloud Environment Dec 1 2020 1:00 pm UTC 60 mins
    Matthias Maier, Product Marketing Director, Splunk; Brandon Dunlap, Moderator
    Organizations are adopting cloud services at a rapid speed and security incidents are spanning across on-premises, multi-cloud platforms, and many unique or interconnected SaaS Apps. Pair this with Gartner's prediction that by 2023 "at least 99% of cloud security failures will be the customer's fault" - this could be a recipe for disaster. With security teams often being too reactive and too slow to adopt and establish visibility in the cloud, important preparation steps for incident response are being missed. And any 'Master Chef' knows that prep is key to any winning dish. Join Splunk and (ISC)2 On December 1, 2020 at 1:00pm GMT for an examination on how to:

    · Speed up security team efforts, from understanding the risk surface to operationalization

    · Implement the key ingredients of intelligent detection, investigation and response across multiple cloud services

    · Find out how to use 'the secret sauce' of intelligent alert prioritization to focus on what matters most

    · Use detection of a common risk factor such as API Credential Leakage and bake into end-to-end
  • The Impact of COVID-19 on Enterprise IT Security Teams Recorded: Nov 10 2020 60 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    The pandemic and its shock to world economies have profoundly altered work environments and cybersecurity priorities. COVID-19 has prompted a massive work-from-home (WFH) movement, increased BYOD policy adoptions, and unfortunately a spike in cyberthreats, ransomware, and data breaches. To help enterprises understand the enormous impact to their IT security teams, (ISC)2 co-sponsored a study that surveyed 600 security professionals from seven countries and 19 industries. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key insights from this study, including:
    - Challenges of supporting an expanded remote workforce
    - Mid-year changes to IT security budgets and personnel
    - Change in preferences for cloud-based security solutions
    - Security technologies best suited to address pandemic-fueled challenges
    - The positive impact of IT security professional certifications
  • What to Expect at (ISC)² Security Congress 2020 Recorded: Nov 9 2020 25 mins
    Wesley Simpson COO, (ISC)², & Congress attendees: Brandon Dunlap, James McQuiggan, Sharon Smith
    Join (ISC)² Chief Operating Officer, Wesley Simpson for a lively and informative panel discussion on the many new features and offerings provided at the 2020 virtual Security Congress!

    Security Congress veterans and session panelists, Brandon Dunlap, James McQuiggan, & Sharon Smith will share how to leverage many of the unique features of the virtual Security Congress, guide you through the various educational, networking and engaging social activities driving the 2020 (ISC)² Security Congress experience.

    Whether it's your first Security Congress or 10th, there's something here for everyone. Key topics discussed:
    - What makes Security Congress is the marquee security conference of the year:
    - Content quality, notable speakers, & keynotes
    - Network with thousands of professionals from around the globe & career coaching opportunities
    - Ability to obtain up to 45 CPE

    Link to event page in the attachments.

    (ISC)² is an international, nonprofit membership association for information security leaders like you. We’re committed to helping our members learn, grow and thrive. More than 150,000 certified members strong, we empower professionals who touch every aspect of information security.

    (ISC)² Security Congress brings together industry colleagues, offers educational and thought- leadership sessions, and fosters collaboration with other forward-thinking companies. The goal of our annual global cybersecurity conference is to advance security leaders by arming them with the knowledge, tools and expertise to protect their organizations.
  • Don't Miss the BIGGEST (ISC)2 Security Congress Yet! Recorded: Nov 3 2020 1 min
    (ISC)2
    Join thousands of cybersecurity professionals at all levels for three days of industry discussion, continuing education and networking, November 16 – 18. Get your passes at: https://securitycongress.brighttalk.live/passes/
  • The Industrialization of Cybercrime and Evolution of Cybercrime Syndicates Recorded: Nov 3 2020 61 mins
    Greg Foss, Sr. Security Strategist; Rick McElroy, CyberSecurity Strategist VMWare/Carbon Black; Brandon Dunlap, Moderator
    Cybercrime is big business. Recent estimates have stated cybercrime will cost the world $6 trillion annually by 2021. To understand modern attacks and begin to disrupt the ROI for cybercrime one must understand how cybercrime has become a global business. The days of lone wolf hackers are largely gone. As defenders, we must move to maximize our advantages and minimize their return on investment. Join VMware Carbon Black and (ISC)2 on November 3, 2020 at 2:00 p.m. GMT as we discuss how the exploitation and resale of direct access into corporate networks is exploding in popularity and why cyber criminals are leveraging modular and increasingly more capable malware to optimize profits. We’ll also explore:

    ·Trends with cyber criminals, the underground markets they operate in, and how the playing field has transformed
    ·We will dig into cyber criminals’ latest techniques and tips for defending against them
    ·Learn what to expect as these underground markets continue to evolve. We must make their job hard – learn how!
  • Ransomware: New Variants & Better Tactics to Defend & Defeat These Threats Recorded: Oct 27 2020 63 mins
    Mike Zuckerman, Consulting Sr. Product Marketing Manager, Infoblox; Brandon Dunlap, Moderator
    Ransomware continues to be an ongoing threat to organizations of all sizes that must defend against. Successful attacks have caused a large increase in overall ransomware incidents. Join Infoblox and (ISC)2 on October 27, 2020 at 1:00 p.m. GMT for the latest research on the emergence of Qakbot InfoStealer, the Return of Emotet, Vidar InfoStealer, and much more. We’ll also examine how Ransomware as a service continues to grow, the tactics threat actors are using to be successful and what can you do differently to better defend against them. Key takeaways will include:

    · New and recently emerged malware variants and trends

    · How these differ from other variants we have seen in the past

    · What defensive tactics work, and what has failed in the past

    · What the state of ransomware looks like
  • How to Volunteer as a Cybersecurity Professional Recorded: Oct 22 2020 58 mins
    Director, Center for Cyber Safety and Education, (ISC)², Natasha Karelina, Customer Services Manager EMEA, (ISC)²
    Join (ISC)2 as we celebrate European Cybersecurity Month, the annual campaign dedicated to raising awareness of cybersecurity amongst citizens and organisations across Europe.

    This one-hour webinar will introduce you to the free resources developed by our Center for Cyber Safety and Education that you can use to easily teach children, parents and seniors on how to use the internet safely. With no background checks required and all teaching materials available virtually, it has never been easier to help your community stay safe and secure online.

    Earn CPEs by adding value to society and helping to tackle issues such as cyber bullying, phishing, online scams and more.
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Recorded: Oct 20 2020 54 mins
    Natasha Karelina, (ISC)² Customer Service Manager, EMEA
    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:

    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarised
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
  • Increasing the Cyber Resiliency of a Country’s Critical National Infrastructure Recorded: Oct 19 2020 60 mins
    Francisco Fonseca, VP National Cybersecurity, BitSight; Brandon Dunlap, Moderator
    National governments are looking for insight into how to manage their cyber risk through security ratings and analytics, which provide visibility and awareness of security performance of critical national infrastructure. These ratings and analytics can used to identify vulnerabilities at scale, model systemic risk, enable close collaboration to reduce the likelihood of a national incident and measure the effectiveness of policy. BitSight and (ISC)2 will examine how organizations like Ministries, National Cybersecurity Centers, National Certs and Telecom Regulators can:

    ● Increase the Cyber Resiliency of the Country and their Constituents

    ● Manage the National Digital Footprint

    ● Identify and measuring Cybersecurity Performance

    ● Communicate Cybersecurity Performance to boards and stakeholders
  • Is Encrypting Everything A Good Idea? Recorded: Oct 13 2020 63 mins
    Ollie Sheridan, Principal Sales Engineer, Security, Gigamon (EMEA); Brandon Dunlap, Moderator
    A recent trend in the IT Industry has been to encrypt communications with more and more protocols now running over TLS ("SSL"). Major browser vendors are providing a means to not only encrypt the DNS requests being made by clients but also the SNI within a TLS connection. Are we as an industry losing sight of our goals with this approach and are producing a potential issue where we are hindering rather than helping ourselves in this endeavour? Join Gigamon and (ISC)2 October 13, 2020 at 1:00 p.m. BST for a discussion of the pros and cons of encrypting this data, with an emphasis on TLS as a transport. We will also examine the motivations of organisations to provide these services and how a Threat Actor can take (and in fact has taken) advantage of another hole we've inadvertently made in our countermeasures. Also discussed will be the steps we can take to keep ahead of this and the financial ramifications that ubiquitous encryption can have on security countermeasures.
  • 2020 Threat Hunting Report: Insights from the CrowdStrike OverWatch Team Recorded: Oct 6 2020 56 mins
    Jennifer Ayers, VP of OverWatch and Security Response, Crowdstrike; Brandon Dunlap, Moderator
    The CrowdStrike Falcon® OverWatchTM 2020 Mid-Year Report provides unique insights into the targeted, state-sponsored and criminal campaigns the OverWatch team has encountered in the first half of 2020. Now, you can get a first look at the findings from the report presented by the expert threat hunters who analyzed some of this year’s most complex and intriguing incidents. Join Crowdstrike and (ISC)2 on October 6, 2020 at 1:00 p.m. BST this webcast and hear from CrowdStrike® VP of OverWatch and Security Response as she shares detailed accounts of real-world incidents her team has observed, including the trends, adversaries and techniques that were most prominent, so far, this year. You will also gain valuable information on the industries and regions most impacted by cyberattacks. The webcast will also focus on:

    •How has the threat landscape shifted since the global pandemic emerged, forcing the rapid adoption of remote work and opening new avenues for attack?

    •What industries have seen the biggest shifts in attack activity?

    •What are the adversary motives behind the attacks and the most prevalent techniques adversaries are using to achieve their objectives?

    •What are key steps you can take to protect your organization against today’s most prevalent threats?
  • Ransomware Deep Dive: Examining Disturbing Ransomware Trends Recorded: Sep 29 2020 59 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    Successful ransomware attacks are at an all-time high. And so is the number of organizations paying ransoms to recover their data. But why? And what can smart IT security teams do to mitigate the risks of falling victim? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key findings from CyberEdge’s 2020 Cyberthreat Defense Report. In this webinar, we’ll:

    - Examine disturbing ransomware trends, by country and by industry
    - Postulate why more organizations are paying ransoms
    - Underscore the importance of investing in your company’s “human firewall”
    - Review technologies to help give security teams the upper hand
  • Security Secrets: The Art Of Agile Detection Engineering Recorded: Sep 29 2020 56 mins
    Patrick Bareiss, Senior Security Research Engineer, Splunk; Brandon Dunlap, Moderator
    One of the biggest challenges for security teams today is to keep up with modern adversaries. A SOC needs to continuously improve detection capabilities based on the evolving adversary techniques. The time between a new attack seen “in the wild” and deploying a new detection in your SIEM is crucial to success. SOC processes, especially detection development, need modernizing in order to keep up with the advancing threat landscape. This is where the agile DevOps mindset should be adopted within SOCs to reduce the detection development time. Join Splunk and (ISC)2 on September 29, 2020 at 1:00 p.m. BST as we explore:

    · DevOps and its advantages in a modern SOC

    · What modern detection development looks like using DevOps methods

    · How to build an automated workflow for validating and testing detection content

    · How to use Splunk open source Attack Range for embedding development and testing of detections
  • CISO Says with Sarah Self, UK CISO at AVIVA Recorded: Sep 17 2020 63 mins
    Sarah Self, UK CISO, AVIVA, Brandon Dunlap, Moderator, (ISC)²
    In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format.

    In this session Sarah Self, UK CISO at AVIVA will provide insight into the path she took to become a Cybersecurity Leader and how she is reinventing the role in the face of accelerating change.
  • Applying New ML Techniques to Uncover Duplicate & Derivative Data Recorded: Sep 15 2020 61 mins
    Roger Hale, CSO, BigID, Brandon Dunlap, Moderator
    With data growing exponentially, data sources spread across many areas, including data and multiple clouds. This leads to difficulty in proactively reducing risk and protecting critical and sensitive data. One of the largest sources of risk comes from duplicate and redundant sensitive data migrating across multiple data sources and stores. Blindspots into your derivative data can create unnecessary data exposure risks; stall cloud migration initiatives, data minimization initiatives, and M&A processes; and present an additional layer of compliance challenges across the board. Join BigID and (ISC)2 on September 15, 2020 at 1:00 p.m. BST for a discussion about these risks and how to discover, identify, and minimize duplicate and similar data. Areas covered will include:

    · How to identify and tag duplicate, similar, and redundant data
    · Map Data migration and identify original data sources
    · Best practices for minimizing critical data across data sources and removing duplicate data
    · How to apply next-gen ML techniques to reduce risk and increase confidence in your data
    · Build a data driven risk profile of your data sources
  • How to Get the Most Out of Your Security Investments Recorded: Sep 10 2020 63 mins
    Chris Poulin, Principal Consulting Engineer, BitSight; Brandon Dunlap, Moderator
    As security budgets decrease and teams continue to adjust to the “new normal” operating environment, it’s become increasingly critical for security teams to find ways to do more with less. In order to get the most out of the investments in security tools and protect your data, organizations need to rethink traditional methods of mitigating risk and automate wherever possible. In this webcast, Bitsight and (ISC)2 will provide tips and best practices on how to enrich the threat intelligence you’re already collecting to maximize your cybersecurity ROI and prevent a potentially damaging breach or incident. We’ll also examine how to:

    ● Gain increased visibility and context into your growing attack surface

    ● Identify and remediate any gaps in your existing cybersecurity controls

    ● Automate your risk discovery and assessment processes

    ● Make data-driven decisions about where to focus your efforts for the greatest impact
  • Design Thinking for Zero Trust Recorded: Sep 8 2020 60 mins
    J. Wolfgang Goerlich, CISO, Duo Security; Brandon Dunlap, Moderator
    Security happens where man meets machine (or fails to happen, as we see all too often!) As organizations have shifted from local-only to hybrid and cloud-hosted resources, the principles of zero-trust security have helped define human-friendly secure access regardless of a user’s location. While building a zero-trust strategy can improve security wherever a system must make an access decision, ignoring the behavior of the user and their experience can ground these initiatives before you’ve even taken off. So, organizations need to ask the right questions: what exactly happens where people and technology meet? At the very moment of human/system interaction, what factors in human psychology and industrial design are at play? And if we could pause time for a moment to catalog and identify those factors, could we design a better experience, a better outcome, and a better path to the future? Join Duo Security and (ISC)2 on September 8, 2020 at 1:00 p.m. BST where we will explore how to:

    ● Improve the success of zero-trust initiatives through industrial design techniques

    ● Leverage psychology and technology to have people make secure decisions and secure actions.

    ● Construct the design framework (tactics and metrics) to build and manage a security culture.
  • Think Outside the Box: Mitigating the IT Security Skills Shortage Recorded: Aug 25 2020 60 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    Nearly nine in 10 organizations are experiencing a shortfall of skilled IT security personnel, according to CyberEdge’s 2020 Cyberthreat Defense Report. That’s up from eight in 10 organizations just two years ago. This weighs heavily on the minds of IT security professionals as ‘lack of skilled personnel’ is rated as the #1 inhibitor to successfully defending against cyberthreats. So, what can organizations do to mitigate the effects of this crisis? Well, if you’re willing to ‘think outside the box,’ there is hope. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he:

    - Examines the shortage of IT security personnel by job role
    - Proposes creative ways for recruiting new security talent
    - Suggests clever ways for retaining the talent you already have
    - Identifies technologies that enable security teams to do more with less
(ISC)² Secure Webinars - EMEA
Forming part of the (ISC)² commitment to Inspiring a Safe and Secure Cyber World, we welcome you to the (ISC)² Secure Webinars - EMEA Channel. Sign up to join us for educational Security Briefings, Roundtables and eSummits aimed at all those vested in the world of information security. We welcome members and non members alike.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Is Enterprise Security Positioned to Succeed?
  • Live at: Jan 19 2017 2:00 pm
  • Presented by: Daniel Kennedy, Research Director, 451 Research, Adrian Davis, Managing Director, (ISC)² EMEA
  • From:
Your email has been sent.
or close