Hi [[ session.user.profile.firstName ]]

Securing Cisco with Splunk - Lessons from One of the World’s Most Mature CSIRTs

The Cisco Computer Security Incident Response Team (CSIRT) is a global team of information security professionals responsible for the 24/7 monitoring, investigation and incident response at one of the world’s largest and leading technology companies.
Learn how Imran Islam, leader of Cisco’s EMEA/APAC CSIRT team relies on Splunk to help his team drive best practices in threat assessment, mitigation planning, incident detection and response, incident trend analysis, and the development of future security architecture.
Join this webinar to hear Imran Islam discuss how Cisco drives CSIRT best practices:
- CSIRT playbooks and automation methods
- The importance of timely CSIRT data access, correlation & visualisation
- CSIRT staffing approaches
- CSIRT threat intelligence management
- Driving CSIRT operational efficiency
- The importance of CSIRT collaboration across the business during investigations
- How CSIRT functions can increase business relevance
- Learn about the importance of understanding your environment
- Learn about the importance of having the right data
- Learn the critical success factors for building a CSIRT Team and capabilities
- Learn how to enable your security team to scale its ability to handle incidents and quickly find, validate, and resolve issues
- Learn how to justify adding more resources to an incident response team
- Learn how to introduce consistency into your security team for approaching and solving security problems.
Recorded Mar 20 2017 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Imran Islam, CISCO, Matthias Maier, Splunk, Adrian Davis, (ISC)² EMEA
Presentation preview: Securing Cisco with Splunk - Lessons from One of the World’s Most Mature CSIRTs

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Detecting Tor in Your Network Feb 2 2021 1:00 pm UTC 60 mins
    Ollie Sheridan, Gigamon Principal Engineer; Brandon Dunlap, Moderator
    Tor, "The Onion Router", is a protocol for anonymously browsing the Internet as well as ".onion" sites that are only accessible via the Tor Network (and is largely seen as bad news for a network). While the origins of Tor were noble, bad actors and criminals have used and abused the Tor network as a means to undertake illegal activities, safe in the knowledge that catching them in the act is, at very best, extremely difficult. Join Gigamon and (ISC)2 on February 2, 2021 at 1:00PM GMT as we explore:

    • The history and origins of Tor

    • How the Tor network is constructed

    • How Tor can be detected on your network

    • Ideas and strategies to capturing the network traffic required to know of Tor's presence

    • Securing your network against Tor usage
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Jan 26 2021 1:00 pm UTC 60 mins
    Natasha Karelina, (ISC)² Customer Service Manager, EMEA
    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:

    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarised
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
  • 2020 CrowdStrike Global Security Attitude Survey Recorded: Jan 19 2021 61 mins
    Ian McShane, VP, Product Marketing; Brandon Dunlap, Moderator
    CrowdStrike has released its third annual survey report produced by independent research firm Vanson Bourne, which surveyed 2,200 senior IT decision-makers and IT security professionals across major industry sectors in 12 countries. The report reveals the current views of those in charge of their organization’s cybersecurity, and tracks how they see themselves are faring against sophisticated and pervasive cyberattacks.

    This timely survey comes on the heels of a rapid shift toward remote work and the acceleration of digital and security transformation. It provides a pulse check on the most concerning attack types that organizations are currently facing and their ability to effectively respond.

    Join CrowdStrike's head of Product Marketing and former Gartner analyst Ian McShane and (ISC)2 on January 19, 2021 at 1:00pm GMT for this informative webcast. He’ll dive into the results of the survey, compare results by country and year-over-year, and discuss the ramifications for your security going forward.

    See how you stack up against your peers in areas such as:

    · How organizations have adapted to a work-from-anywhere world

    · The cyberattack types and motivations that are keeping your peers up at night

    · The number of organizations that have suffered a ransomware attack and the percentage that paid ransoms

    · How organizations are faring against the 1-10-60 benchmark for effective detection, investigation and remediation
  • From “Adapt” to “Sustain”: Planning Your 2021 Access Strategy Recorded: Jan 12 2021 60 mins
    Richard Archdeacon , Advisory CISO, Duo; Brandon Dunlap, Moderator
    As we reach the end of a tumultuous year that saw a radical shift to remote work, most organizations have made the immediate adjustments necessary to carry on with operations outside the office. However, heading into 2021, security leaders must shift from short-term solutions to long-term strategy while considering nearly every element of the program as they plan for continued remote work — including technology, processes, user education and support, and more. Join Duo and (ISC)2 on January 12, 2021 at 1:00 PM GMT as Duo’s Advisory CISO Richard Archdeacon provides perspective, resources and tools to help you build your access security playbook for 2021. Join us to hit the ground running!
  • Why Managing Third Party Risk is a Vital Part of Your Security Strategy Recorded: Jan 7 2021 62 mins
    Nuno Almeida Silva, Senior Consulting Engineer, BitSight; Brandon Dunlap, Moderator
    Are you managing the risk posed by your third parties are a part of your overall security strategy? If not, creating a third-party risk management (TPRM) program should be at the top of your list for 2021\. Why? Because in an increasingly interconnected world, nation state and sophisticated cyber syndicates have realized that third party vendors are the easiest weak point in even the strongest cybersecurity programs, since organizations typically have very limited insight into the security performance of their vendors. Creating a program that gives you continuous visibility into the current security posture of your vendors is one of the easiest things you can do to dramatically increase the overall security of your organization. Join BitSight and (ISC)2 on January 7, 2021 at 1:00pm GMT for a discussion on third party risk management where we’ll examine:

    · Why third-party risk management is necessary in today’s business world
    · Why you should focus on vendor risk instead of vendor threats

    · How to set up a best-in-class TPRM program

    · Why vendor assessments alone are not enough
  • Maximizing the Value of Threat Intelligence Recorded: Dec 8 2020 61 mins
    Bob Hansmann, Sr. Product Marketing Manager – Security, Infoblox; Brandon Dunlap, Moderator
    ‘Threat intelligence’ has become a general term that may refer to many different types of data sets used to meet very different security needs. Threat prevention and detection solutions (i.e. NGFW, SWG, EDR) are only as good as the threat intelligence driving their analytics. Threat investigation and incident response activities are limited and slow without timely access to sufficient event, network, and threat intelligence. This requires defenders to better understand their intelligence needs, how to identify and map appropriate threat feeds to each need, and the tools available to drive maximum value from threat intelligence. Join Infoblox and (ISC)2 on December 8, 2020 at 1:00pm GMT as we review the state of the threat intelligence industry, using public and private research from the last year on the quality and applicability of public, private, and proprietary feeds. We’ll also examine areas such as:

    - Automating multi-feed normalization into a ‘super-feed’ for a more effective defensive security stack

    - Speeding investigation and response through event, metadata, and threat intelligence correlation

    - Leveraging threat intelligence of threat actor objectives, methods, and tactics to drive quick incident resolution
  • Securing Your Expanded Remote Workforce Recorded: Dec 1 2020 59 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    The COVID-19 pandemic has caused dramatic increases in remote workforces and BYOD policy adoptions, making it more challenging than ever to secure company applications and data. Now that organizations have increased their remote access capacities, it’s now time to explore ways to help secure these remote managed and unmanaged devices to help mitigate the elevated risks of ransomware, data breaches, and other cyberattacks. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he:

    - Recaps key findings from a recent COVID-19 impact study
    - Examines the challenges facing today’s IT security teams
    - Suggests ways to invest more in your human firewalls
    - Explores current and emerging security technologies
  • Security Master Chef: A Visibility and Response Recipe for Any Cloud Environment Recorded: Dec 1 2020 60 mins
    Matthias Maier, Product Marketing Director, Splunk; Brandon Dunlap, Moderator
    Organizations are adopting cloud services at a rapid speed and security incidents are spanning across on-premises, multi-cloud platforms, and many unique or interconnected SaaS Apps. Pair this with Gartner's prediction that by 2023 "at least 99% of cloud security failures will be the customer's fault" - this could be a recipe for disaster. With security teams often being too reactive and too slow to adopt and establish visibility in the cloud, important preparation steps for incident response are being missed. And any 'Master Chef' knows that prep is key to any winning dish. Join Splunk and (ISC)2 On December 1, 2020 at 1:00pm GMT for an examination on how to:

    · Speed up security team efforts, from understanding the risk surface to operationalization

    · Implement the key ingredients of intelligent detection, investigation and response across multiple cloud services

    · Find out how to use 'the secret sauce' of intelligent alert prioritization to focus on what matters most

    · Use detection of a common risk factor such as API Credential Leakage and bake into end-to-end
  • The Impact of COVID-19 on Enterprise IT Security Teams Recorded: Nov 10 2020 60 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    The pandemic and its shock to world economies have profoundly altered work environments and cybersecurity priorities. COVID-19 has prompted a massive work-from-home (WFH) movement, increased BYOD policy adoptions, and unfortunately a spike in cyberthreats, ransomware, and data breaches. To help enterprises understand the enormous impact to their IT security teams, (ISC)2 co-sponsored a study that surveyed 600 security professionals from seven countries and 19 industries. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key insights from this study, including:
    - Challenges of supporting an expanded remote workforce
    - Mid-year changes to IT security budgets and personnel
    - Change in preferences for cloud-based security solutions
    - Security technologies best suited to address pandemic-fueled challenges
    - The positive impact of IT security professional certifications
  • What to Expect at (ISC)² Security Congress 2020 Recorded: Nov 9 2020 25 mins
    Wesley Simpson COO, (ISC)², & Congress attendees: Brandon Dunlap, James McQuiggan, Sharon Smith
    Join (ISC)² Chief Operating Officer, Wesley Simpson for a lively and informative panel discussion on the many new features and offerings provided at the 2020 virtual Security Congress!

    Security Congress veterans and session panelists, Brandon Dunlap, James McQuiggan, & Sharon Smith will share how to leverage many of the unique features of the virtual Security Congress, guide you through the various educational, networking and engaging social activities driving the 2020 (ISC)² Security Congress experience.

    Whether it's your first Security Congress or 10th, there's something here for everyone. Key topics discussed:
    - What makes Security Congress is the marquee security conference of the year:
    - Content quality, notable speakers, & keynotes
    - Network with thousands of professionals from around the globe & career coaching opportunities
    - Ability to obtain up to 45 CPE

    Link to event page in the attachments.

    (ISC)² is an international, nonprofit membership association for information security leaders like you. We’re committed to helping our members learn, grow and thrive. More than 150,000 certified members strong, we empower professionals who touch every aspect of information security.

    (ISC)² Security Congress brings together industry colleagues, offers educational and thought- leadership sessions, and fosters collaboration with other forward-thinking companies. The goal of our annual global cybersecurity conference is to advance security leaders by arming them with the knowledge, tools and expertise to protect their organizations.
  • Don't Miss the BIGGEST (ISC)2 Security Congress Yet! Recorded: Nov 3 2020 1 min
    Join thousands of cybersecurity professionals at all levels for three days of industry discussion, continuing education and networking, November 16 – 18. Get your passes at: https://securitycongress.brighttalk.live/passes/
  • The Industrialization of Cybercrime and Evolution of Cybercrime Syndicates Recorded: Nov 3 2020 61 mins
    Greg Foss, Sr. Security Strategist; Rick McElroy, CyberSecurity Strategist VMWare/Carbon Black; Brandon Dunlap, Moderator
    Cybercrime is big business. Recent estimates have stated cybercrime will cost the world $6 trillion annually by 2021. To understand modern attacks and begin to disrupt the ROI for cybercrime one must understand how cybercrime has become a global business. The days of lone wolf hackers are largely gone. As defenders, we must move to maximize our advantages and minimize their return on investment. Join VMware Carbon Black and (ISC)2 on November 3, 2020 at 2:00 p.m. GMT as we discuss how the exploitation and resale of direct access into corporate networks is exploding in popularity and why cyber criminals are leveraging modular and increasingly more capable malware to optimize profits. We’ll also explore:

    ·Trends with cyber criminals, the underground markets they operate in, and how the playing field has transformed
    ·We will dig into cyber criminals’ latest techniques and tips for defending against them
    ·Learn what to expect as these underground markets continue to evolve. We must make their job hard – learn how!
  • Ransomware: New Variants & Better Tactics to Defend & Defeat These Threats Recorded: Oct 27 2020 63 mins
    Mike Zuckerman, Consulting Sr. Product Marketing Manager, Infoblox; Brandon Dunlap, Moderator
    Ransomware continues to be an ongoing threat to organizations of all sizes that must defend against. Successful attacks have caused a large increase in overall ransomware incidents. Join Infoblox and (ISC)2 on October 27, 2020 at 1:00 p.m. GMT for the latest research on the emergence of Qakbot InfoStealer, the Return of Emotet, Vidar InfoStealer, and much more. We’ll also examine how Ransomware as a service continues to grow, the tactics threat actors are using to be successful and what can you do differently to better defend against them. Key takeaways will include:

    · New and recently emerged malware variants and trends

    · How these differ from other variants we have seen in the past

    · What defensive tactics work, and what has failed in the past

    · What the state of ransomware looks like
  • How to Volunteer as a Cybersecurity Professional Recorded: Oct 22 2020 58 mins
    Director, Center for Cyber Safety and Education, (ISC)², Natasha Karelina, Customer Services Manager EMEA, (ISC)²
    Join (ISC)2 as we celebrate European Cybersecurity Month, the annual campaign dedicated to raising awareness of cybersecurity amongst citizens and organisations across Europe.

    This one-hour webinar will introduce you to the free resources developed by our Center for Cyber Safety and Education that you can use to easily teach children, parents and seniors on how to use the internet safely. With no background checks required and all teaching materials available virtually, it has never been easier to help your community stay safe and secure online.

    Earn CPEs by adding value to society and helping to tackle issues such as cyber bullying, phishing, online scams and more.
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Recorded: Oct 20 2020 54 mins
    Natasha Karelina, (ISC)² Customer Service Manager, EMEA
    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:

    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarised
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
  • Increasing the Cyber Resiliency of a Country’s Critical National Infrastructure Recorded: Oct 19 2020 60 mins
    Francisco Fonseca, VP National Cybersecurity, BitSight; Brandon Dunlap, Moderator
    National governments are looking for insight into how to manage their cyber risk through security ratings and analytics, which provide visibility and awareness of security performance of critical national infrastructure. These ratings and analytics can used to identify vulnerabilities at scale, model systemic risk, enable close collaboration to reduce the likelihood of a national incident and measure the effectiveness of policy. BitSight and (ISC)2 will examine how organizations like Ministries, National Cybersecurity Centers, National Certs and Telecom Regulators can:

    ● Increase the Cyber Resiliency of the Country and their Constituents

    ● Manage the National Digital Footprint

    ● Identify and measuring Cybersecurity Performance

    ● Communicate Cybersecurity Performance to boards and stakeholders
  • Is Encrypting Everything A Good Idea? Recorded: Oct 13 2020 63 mins
    Ollie Sheridan, Principal Sales Engineer, Security, Gigamon (EMEA); Brandon Dunlap, Moderator
    A recent trend in the IT Industry has been to encrypt communications with more and more protocols now running over TLS ("SSL"). Major browser vendors are providing a means to not only encrypt the DNS requests being made by clients but also the SNI within a TLS connection. Are we as an industry losing sight of our goals with this approach and are producing a potential issue where we are hindering rather than helping ourselves in this endeavour? Join Gigamon and (ISC)2 October 13, 2020 at 1:00 p.m. BST for a discussion of the pros and cons of encrypting this data, with an emphasis on TLS as a transport. We will also examine the motivations of organisations to provide these services and how a Threat Actor can take (and in fact has taken) advantage of another hole we've inadvertently made in our countermeasures. Also discussed will be the steps we can take to keep ahead of this and the financial ramifications that ubiquitous encryption can have on security countermeasures.
  • 2020 Threat Hunting Report: Insights from the CrowdStrike OverWatch Team Recorded: Oct 6 2020 56 mins
    Jennifer Ayers, VP of OverWatch and Security Response, Crowdstrike; Brandon Dunlap, Moderator
    The CrowdStrike Falcon® OverWatchTM 2020 Mid-Year Report provides unique insights into the targeted, state-sponsored and criminal campaigns the OverWatch team has encountered in the first half of 2020. Now, you can get a first look at the findings from the report presented by the expert threat hunters who analyzed some of this year’s most complex and intriguing incidents. Join Crowdstrike and (ISC)2 on October 6, 2020 at 1:00 p.m. BST this webcast and hear from CrowdStrike® VP of OverWatch and Security Response as she shares detailed accounts of real-world incidents her team has observed, including the trends, adversaries and techniques that were most prominent, so far, this year. You will also gain valuable information on the industries and regions most impacted by cyberattacks. The webcast will also focus on:

    •How has the threat landscape shifted since the global pandemic emerged, forcing the rapid adoption of remote work and opening new avenues for attack?

    •What industries have seen the biggest shifts in attack activity?

    •What are the adversary motives behind the attacks and the most prevalent techniques adversaries are using to achieve their objectives?

    •What are key steps you can take to protect your organization against today’s most prevalent threats?
  • Ransomware Deep Dive: Examining Disturbing Ransomware Trends Recorded: Sep 29 2020 59 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    Successful ransomware attacks are at an all-time high. And so is the number of organizations paying ransoms to recover their data. But why? And what can smart IT security teams do to mitigate the risks of falling victim? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key findings from CyberEdge’s 2020 Cyberthreat Defense Report. In this webinar, we’ll:

    - Examine disturbing ransomware trends, by country and by industry
    - Postulate why more organizations are paying ransoms
    - Underscore the importance of investing in your company’s “human firewall”
    - Review technologies to help give security teams the upper hand
  • Security Secrets: The Art Of Agile Detection Engineering Recorded: Sep 29 2020 56 mins
    Patrick Bareiss, Senior Security Research Engineer, Splunk; Brandon Dunlap, Moderator
    One of the biggest challenges for security teams today is to keep up with modern adversaries. A SOC needs to continuously improve detection capabilities based on the evolving adversary techniques. The time between a new attack seen “in the wild” and deploying a new detection in your SIEM is crucial to success. SOC processes, especially detection development, need modernizing in order to keep up with the advancing threat landscape. This is where the agile DevOps mindset should be adopted within SOCs to reduce the detection development time. Join Splunk and (ISC)2 on September 29, 2020 at 1:00 p.m. BST as we explore:

    · DevOps and its advantages in a modern SOC

    · What modern detection development looks like using DevOps methods

    · How to build an automated workflow for validating and testing detection content

    · How to use Splunk open source Attack Range for embedding development and testing of detections
(ISC)² Security Briefings - EMEA
(ISC)² Security Briefings EMEA offers members in Europe, the Middle East and Africa a chance to learn about the latest trends, tools and best practices in cyber, information, software and infrastructure security while earning CPEs

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Securing Cisco with Splunk - Lessons from One of the World’s Most Mature CSIRTs
  • Live at: Mar 20 2017 12:00 pm
  • Presented by: Imran Islam, CISCO, Matthias Maier, Splunk, Adrian Davis, (ISC)² EMEA
  • From:
Your email has been sent.
or close