Hi [[ session.user.profile.firstName ]]

CISO Says: Interview with Craig Rice, Director of Security, Payments UK

In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format. They provide insight into the path he took to become CISOs and how they are reinventing the role in the face of accelerating industry change.
Recorded Feb 6 2017 61 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Speaker: Craig Rice, Director of Security, Payments UK, Moderator: Adrian Davis, Managing Director (ISC)² EMEA
Presentation preview: CISO Says: Interview with Craig Rice, Director of Security, Payments UK

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Analyzing a Year of Chaos and Courage: CrowdStrike’s 2021 Global Threat Report Apr 13 2021 12:00 pm UTC 60 mins
    Zeki Turedi, Technology Strategist, Crowdstrike; Brandon Dunlap (Moderator)
    In a year when a global pandemic significantly changed how and where we work, the CrowdStrike 2021 Global Threat Report has never been more highly anticipated. This year, the report exposes how cyber adversaries have exploited the situation, accelerating attacks and introducing increasingly damaging tactics, techniques and procedures. On April 13, 2021 at 1:00Pm BST, CrowdStrike Technology Strategist, Zeki Turedi and (ISC)2 will examine the notable threats, events and trends in the report, including pragmatic recommendations to help you better defend against cyberattacks in 2021 and beyond. We'll also examine:

    · How the COVID-19 pandemic has changed cybersecurity

    · How "big game hunters" are targeting the healthcare sector

    · Significant nation-state-based targeted attacks and operations observed from China, Iran, DPRK, Russia and others

    · The CrowdStrike eCrime Index and how it measures the strength of the cybercriminal market over time
  • Global Impressions: Endpoint Security Strategies for the Long-Term Mar 23 2021 1:00 pm UTC 60 mins
    Bob Hansmann, Sr. Product Marketing Manager – Security, Infoblox; Brandon Dunlap, Moderator
    After a painful but relatively successful response to workplace changes driven by the pandemic, how well are those security measures working and what is next for the evolution of the SOC and endpoint security in specific? For most organizations, the future involves a larger remote workforce, of both full and part-time workers, including those in traditional HQ office roles. But many of the measures taken in response to pandemic conditions are proving less-than-ideal as long-term solutions. Join Infoblox and (ISC)2 on March 23, 2021 at 1:00PM GMT for a session that will draw on recent analyst reports and surveys conducted globally, with some EMEA specific call-outs, to help attendees to better understand…

    · Which security alternatives are leaders considering as long-term solutions, and why?

    · What techniques are helping to improve visibility for users and devices regardless of their location?

    · Why are security leaders evolving methods for obtaining and using cyber threat intelligence?

    · How can embracing automation improve response times and overall operational efficiencies?
  • Part 3: How the Pandemic Changed Social Engineering; From Attackers to Defenders Mar 18 2021 1:00 pm UTC 60 mins
    Sarka Pekarova,Security Consultant,Dreamlab Technologies Switzerland; Chris Green, Head of PR and Comms EMEA, (ISC)²
    (ISC)² Cybersecurity Experiences Series: One Year After The COVID-19 Outbreak

    With the pandemic, our personal digital lives changed, but also our work has been catapulted into digital transformation. What role are humans having now? Why do we always say that humans are the weakest link and why we should start saying the opposite? During these difficult times, it is more than ever evident how humans are important to protect our networks. Understanding the human side of cyber security, gives an invaluable insight into understanding not only threat actors but our own colleagues and employees and how to build better strategies with human assets in mind to combat anything from insider threats to external malicious actors.

    Sarka will walk you through some approaches to her engagements and how this knowledge can help you protect yourself, your loved ones as well as how useful it is for your organisation.
  • Time to Containment: Supercharging SOC With a New Approach to Incident Response Mar 16 2021 1:00 pm UTC 60 mins
    Jan Tietze, Director, Security Strategy EMEA, Sentinel One; Brandon Dunlap, Moderator
    How do you shoot down a missile before it hits its target? That's the problem facing today's incident response teams. As cyberattacks increase in volume, velocity and complexity, the security operations center (SOC) handling incident response is the nexus for this challenge. A well-honed incident response operation that combined EPP+EDR, can deliver an impressive return on investment. In many data breach incidents, the cost is more than financial, and it is well known that the time cyber security teams take from the breach to containment is critical. With the stakes so high, how can your cyber security team shrink the time between detecting and handling cyber threats? Join SentinelOne and (ISC)2 on March 16, 2021 at 1:00pm BST as we cover these key questions and other areas such as:
    · Why traditional protective approaches are no longer enough
    · The importance of automation in the response process
    · How to identify and establish key metrics in incident response
    · Technical live demonstration of SentinelOne’s single agent, static AI platform that helps cyber security teams to prevent, detect, respond and hunt threats in real time
  • Part 2: COVID-19's Impact on Cyber-Security - Highs, Lows and Lessons Learnt Mar 11 2021 1:00 pm UTC 60 mins
    Tope S Aladenusi, Chief Strategy Officer Deloitte West Africa; Chris Green Head of PR and Comms – EMEA (ISC)²
    (ISC)² Cybersecurity Experiences Series: One Year After The COVID-19 Outbreak

    It's been a year since the World Health Organisation (WHO) declared the COVID-19 outbreak as a Pandemic and even longer since the first case was recorded in the world. With total lockdowns lasting months in many parts of the word, organisations and individuals were forced to embrace the 'new normal'. Governments are reconsidering ways to ensure that their countries are stable, and businesses are trying to stay afloat. Nevertheless, while the world is focused on the health and economic threats posed by COVID-19, cybercriminals worldwide are undoubtedly capitalising on this crisis.

    In a bid to support and secure a remote workforce, and ensure resiliency, there has been an increased investment in mobility, collaboration, and other remote working technologies and the adoption of cloud services. On the threat landscape, there was a significant shift in the frequency and magnitude of cybersecurity attacks and data breaches on SMEs, health institutions, public, private, financial and non-financial institutions globally.

    In 2021, while the economic and social situation will largely remain the same in most parts of the world, although with a much positive outlook given vaccines' development in different countries, there is likely to be a significant increase in cybercriminals' activities. Therefore, an introspection into the lessons learnt, highs and lows in the past one year will help us develop foresight and adequately prepare as we progress in 2021 and beyond.
  • Celebrating International Women’s Day: Carving a Cybersecurity Career Path Mar 8 2021 4:00 pm UTC 60 mins
    Clar Rosso, CEO, (ISC)2; Aanchal Gupta, CISSP, VP, Azure Security, Microsoft; Lori Ross O'Neil, CISSP; Megan Hargrove, CISSP
    To mark the 46th annual International Women’s Day on March 8, 2021, (ISC)2 is proud to present a panel of accomplished women in the field of cybersecurity for a webinar discussion at 11:00am Eastern. This group will come together to discuss data on the demographics that make up the workforce and how they are shifting. They will also outline their own journeys in the profession that led them to the leadership positions they now hold, including the challenges they encountered and strategies they employed to succeed. The discussion will also look ahead to the evolution of diverse cybersecurity teams and the principles that inform how they are being assembled today. Speakers include:
    Clar Rosso, CEO, (ISC)2

    Aanchal Gupta, CISSP, Vice President, Azure Security at Microsoft

    Lori Ross O’Neil, CISSP, Sr. ICS Cyber Researcher & Project Manager, Pacific Northwest National Laboratory; Vice Chairperson, 2021 (ISC)2 Board of Directors

    Megan Hargrove, CISSP, Cyber Security Incident Response Manager, Tech Data
  • Part 1: COVID-19 Cybersecurity Attacks Mar 4 2021 1:00 pm UTC 60 mins
    Flavio Aggio, CISO, World Health Organization, Chris Green, Head of PR and Comms EMEA, (ISC)²
    (ISC)² Cybersecurity Experiences Series: One Year After The COVID-19 Outbreak

    Cybersecurity technologies are extremely important in identifying, detecting, responding to and recovering from attacks. However, they are not sufficient. A "HumanOS" upgrade is required to safely use the Internet. It is not only about training and awareness, though. It is about the way users must behave online and the IT community must openly acknowledge system vulnerabilities. Humans are the weakest and strongest links in Cybersecurity.
  • What They Do In the Shadows (of IT) Mar 2 2021 1:00 pm UTC 60 mins
    Richard Archdeacon, Advisory CISO, Duo Security, Josh Green, Tech Eng., Duo Security, B. Dunlap, Moderator
    The road to shadow IT is paved with good intentions — when users create unofficial solutions to roadblocks without the oversight or approval of the IT department, they can introduce unknown risks to your environment. Examples of shadow IT may include a user opting for using a personal file-sharing service when they have difficulty collaborating with a teammate or using an unmanaged device to bypass security controls and directly log into a web-accessible cloud service. These workarounds may address the immediate need of the user…but leave a bigger problem for admins to discover later. This not only causes operational issues but introduces greater risk when faced with situations requiring an immediate response. Join Duo Security and (ISC)2 March 2, 2021 at 1:00pm GMT as we discuss solving shadow IT challenges with a focus on usability and preventing risky workarounds by removing the obstacles that invite them. This session will examine the rise of shadow IT through the shift to remote work and best practices you can implement to better defend your users and data. We’ll also focus on:

    · How your shadow IT defense strategy starts with access control

    · The conditions that lead to shadow IT, and how to prevent them

    · How to establish user and device trust without adding friction to user access
  • Cyberthreat Game Changer: A New Look at Insider Threats Recorded: Feb 23 2021 62 mins
    Rob Bolton, Sen Dir, Proofpoint Information Protection; Brandon Dunlap, Moderator
    With the massive shift to remote working in 2020, organisations are racing to rethink their security programs to both guard against external attacks and manage insider risk. Many organisations treat these two issues as equal, when the people-centric nature of insider threats requires an entirely different approach. Modern approaches to insider threat management must account for accidental, compromised and malicious insiders. These trusted insiders can be employees, partners or third-party contractors. A critical challenge is building practical, technology enabled insider threat management programs that account for these different insider threat types, while protecting against potential data and intellectual property loss. Join Proofpoint and (ISC)2 on February 23, 2021 at 13.00 GMT for a live discussion about insider threat management and how best to mitigate insider risk. Rob Bolton, Sr Director at Proofpoint Information Protection and Brandon Dunlap will be discussing:
    · The unique risks of insider threats and how to protect against data loss

    · Practical tips inspired by real-world breaches

    · How to take a people-centric approach to strengthen resilience and reduce insider risk
  • How to Build a Proactive Security Program Leveraging Security Ratings Recorded: Feb 18 2021 61 mins
    Alfonso Hermosillo, Consulting Engineer, BitSight; Brandon Dunlap, Moderator
    As security budgets decrease and teams continue to adjust to the “new normal” operating environment, it’s become increasingly critical for security leaders to find ways to do more with less. In order to get the most out of your investments in security tools and protect your data, you need to rethink traditional methods of mitigating risk and automate wherever possible. Join BitSight and (ISC)2 on February 18, 2021 at 1:00pm GMT as we discuss tips and best practices on how to enrich the threat intelligence you’re already collecting to maximize your cybersecurity ROI and prevent a potentially damaging breach or incident. The webcast will also cover:
    · Building a successful Predictive Security Program leveraging Security Ratings
    · How to gain increased visibility and context into your growing attack surface
    · Identify and remediate any gaps in your existing cybersecurity controls
    · Automating your risk discovery and assessment processes
  • Detecting Tor in Your Network Recorded: Feb 2 2021 61 mins
    Ollie Sheridan, Gigamon Principal Engineer; Brandon Dunlap, Moderator
    Tor, "The Onion Router", is a protocol for anonymously browsing the Internet as well as ".onion" sites that are only accessible via the Tor Network (and is largely seen as bad news for a network). While the origins of Tor were noble, bad actors and criminals have used and abused the Tor network as a means to undertake illegal activities, safe in the knowledge that catching them in the act is, at very best, extremely difficult. Join Gigamon and (ISC)2 on February 2, 2021 at 1:00PM GMT as we explore:

    • The history and origins of Tor


    • How the Tor network is constructed


    • How Tor can be detected on your network


    • Ideas and strategies to capturing the network traffic required to know of Tor's presence


    • Securing your network against Tor usage
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Recorded: Jan 26 2021 59 mins
    Natasha Karelina, (ISC)² Customer Service Manager, EMEA
    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:

    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarised
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
  • 2020 CrowdStrike Global Security Attitude Survey Recorded: Jan 19 2021 61 mins
    Ian McShane, VP, Product Marketing; Brandon Dunlap, Moderator
    CrowdStrike has released its third annual survey report produced by independent research firm Vanson Bourne, which surveyed 2,200 senior IT decision-makers and IT security professionals across major industry sectors in 12 countries. The report reveals the current views of those in charge of their organization’s cybersecurity, and tracks how they see themselves are faring against sophisticated and pervasive cyberattacks.

    This timely survey comes on the heels of a rapid shift toward remote work and the acceleration of digital and security transformation. It provides a pulse check on the most concerning attack types that organizations are currently facing and their ability to effectively respond.

    Join CrowdStrike's head of Product Marketing and former Gartner analyst Ian McShane and (ISC)2 on January 19, 2021 at 1:00pm GMT for this informative webcast. He’ll dive into the results of the survey, compare results by country and year-over-year, and discuss the ramifications for your security going forward.

    See how you stack up against your peers in areas such as:

    · How organizations have adapted to a work-from-anywhere world

    · The cyberattack types and motivations that are keeping your peers up at night

    · The number of organizations that have suffered a ransomware attack and the percentage that paid ransoms

    · How organizations are faring against the 1-10-60 benchmark for effective detection, investigation and remediation
  • From “Adapt” to “Sustain”: Planning Your 2021 Access Strategy Recorded: Jan 12 2021 60 mins
    Richard Archdeacon , Advisory CISO, Duo; Brandon Dunlap, Moderator
    As we reach the end of a tumultuous year that saw a radical shift to remote work, most organizations have made the immediate adjustments necessary to carry on with operations outside the office. However, heading into 2021, security leaders must shift from short-term solutions to long-term strategy while considering nearly every element of the program as they plan for continued remote work — including technology, processes, user education and support, and more. Join Duo and (ISC)2 on January 12, 2021 at 1:00 PM GMT as Duo’s Advisory CISO Richard Archdeacon provides perspective, resources and tools to help you build your access security playbook for 2021. Join us to hit the ground running!
  • Why Managing Third Party Risk is a Vital Part of Your Security Strategy Recorded: Jan 7 2021 62 mins
    Nuno Almeida Silva, Senior Consulting Engineer, BitSight; Brandon Dunlap, Moderator
    Are you managing the risk posed by your third parties are a part of your overall security strategy? If not, creating a third-party risk management (TPRM) program should be at the top of your list for 2021\. Why? Because in an increasingly interconnected world, nation state and sophisticated cyber syndicates have realized that third party vendors are the easiest weak point in even the strongest cybersecurity programs, since organizations typically have very limited insight into the security performance of their vendors. Creating a program that gives you continuous visibility into the current security posture of your vendors is one of the easiest things you can do to dramatically increase the overall security of your organization. Join BitSight and (ISC)2 on January 7, 2021 at 1:00pm GMT for a discussion on third party risk management where we’ll examine:

    · Why third-party risk management is necessary in today’s business world
    · Why you should focus on vendor risk instead of vendor threats

    · How to set up a best-in-class TPRM program

    · Why vendor assessments alone are not enough
  • Maximizing the Value of Threat Intelligence Recorded: Dec 8 2020 61 mins
    Bob Hansmann, Sr. Product Marketing Manager – Security, Infoblox; Brandon Dunlap, Moderator
    ‘Threat intelligence’ has become a general term that may refer to many different types of data sets used to meet very different security needs. Threat prevention and detection solutions (i.e. NGFW, SWG, EDR) are only as good as the threat intelligence driving their analytics. Threat investigation and incident response activities are limited and slow without timely access to sufficient event, network, and threat intelligence. This requires defenders to better understand their intelligence needs, how to identify and map appropriate threat feeds to each need, and the tools available to drive maximum value from threat intelligence. Join Infoblox and (ISC)2 on December 8, 2020 at 1:00pm GMT as we review the state of the threat intelligence industry, using public and private research from the last year on the quality and applicability of public, private, and proprietary feeds. We’ll also examine areas such as:

    - Automating multi-feed normalization into a ‘super-feed’ for a more effective defensive security stack

    - Speeding investigation and response through event, metadata, and threat intelligence correlation

    - Leveraging threat intelligence of threat actor objectives, methods, and tactics to drive quick incident resolution
  • Securing Your Expanded Remote Workforce Recorded: Dec 1 2020 59 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    The COVID-19 pandemic has caused dramatic increases in remote workforces and BYOD policy adoptions, making it more challenging than ever to secure company applications and data. Now that organizations have increased their remote access capacities, it’s now time to explore ways to help secure these remote managed and unmanaged devices to help mitigate the elevated risks of ransomware, data breaches, and other cyberattacks. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he:

    - Recaps key findings from a recent COVID-19 impact study
    - Examines the challenges facing today’s IT security teams
    - Suggests ways to invest more in your human firewalls
    - Explores current and emerging security technologies
  • Security Master Chef: A Visibility and Response Recipe for Any Cloud Environment Recorded: Dec 1 2020 60 mins
    Matthias Maier, Product Marketing Director, Splunk; Brandon Dunlap, Moderator
    Organizations are adopting cloud services at a rapid speed and security incidents are spanning across on-premises, multi-cloud platforms, and many unique or interconnected SaaS Apps. Pair this with Gartner's prediction that by 2023 "at least 99% of cloud security failures will be the customer's fault" - this could be a recipe for disaster. With security teams often being too reactive and too slow to adopt and establish visibility in the cloud, important preparation steps for incident response are being missed. And any 'Master Chef' knows that prep is key to any winning dish. Join Splunk and (ISC)2 On December 1, 2020 at 1:00pm GMT for an examination on how to:

    · Speed up security team efforts, from understanding the risk surface to operationalization

    · Implement the key ingredients of intelligent detection, investigation and response across multiple cloud services

    · Find out how to use 'the secret sauce' of intelligent alert prioritization to focus on what matters most

    · Use detection of a common risk factor such as API Credential Leakage and bake into end-to-end
  • The Impact of COVID-19 on Enterprise IT Security Teams Recorded: Nov 10 2020 60 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    The pandemic and its shock to world economies have profoundly altered work environments and cybersecurity priorities. COVID-19 has prompted a massive work-from-home (WFH) movement, increased BYOD policy adoptions, and unfortunately a spike in cyberthreats, ransomware, and data breaches. To help enterprises understand the enormous impact to their IT security teams, (ISC)2 co-sponsored a study that surveyed 600 security professionals from seven countries and 19 industries. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key insights from this study, including:
    - Challenges of supporting an expanded remote workforce
    - Mid-year changes to IT security budgets and personnel
    - Change in preferences for cloud-based security solutions
    - Security technologies best suited to address pandemic-fueled challenges
    - The positive impact of IT security professional certifications
  • What to Expect at (ISC)² Security Congress 2020 Recorded: Nov 9 2020 25 mins
    Wesley Simpson COO, (ISC)², & Congress attendees: Brandon Dunlap, James McQuiggan, Sharon Smith
    Join (ISC)² Chief Operating Officer, Wesley Simpson for a lively and informative panel discussion on the many new features and offerings provided at the 2020 virtual Security Congress!

    Security Congress veterans and session panelists, Brandon Dunlap, James McQuiggan, & Sharon Smith will share how to leverage many of the unique features of the virtual Security Congress, guide you through the various educational, networking and engaging social activities driving the 2020 (ISC)² Security Congress experience.

    Whether it's your first Security Congress or 10th, there's something here for everyone. Key topics discussed:
    - What makes Security Congress is the marquee security conference of the year:
    - Content quality, notable speakers, & keynotes
    - Network with thousands of professionals from around the globe & career coaching opportunities
    - Ability to obtain up to 45 CPE

    Link to event page in the attachments.

    (ISC)² is an international, nonprofit membership association for information security leaders like you. We’re committed to helping our members learn, grow and thrive. More than 150,000 certified members strong, we empower professionals who touch every aspect of information security.

    (ISC)² Security Congress brings together industry colleagues, offers educational and thought- leadership sessions, and fosters collaboration with other forward-thinking companies. The goal of our annual global cybersecurity conference is to advance security leaders by arming them with the knowledge, tools and expertise to protect their organizations.
(ISC)² Security Briefings - EMEA
(ISC)² Security Briefings EMEA offers members in Europe, the Middle East and Africa a chance to learn about the latest trends, tools and best practices in cyber, information, software and infrastructure security while earning CPEs

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: CISO Says: Interview with Craig Rice, Director of Security, Payments UK
  • Live at: Feb 6 2017 12:00 pm
  • Presented by: Speaker: Craig Rice, Director of Security, Payments UK, Moderator: Adrian Davis, Managing Director (ISC)² EMEA
  • From:
Your email has been sent.
or close