Hi [[ session.user.profile.firstName ]]

PAM: The Critical Missing Piece in Your Security Strategy

Industry thought leaders have stated that if you can only tackle one project to improve the security of your organisation it should be Privileged Access Management (PAM). Our own research backs this up with the 2018 Privileged Access Threat Report revealing organizations using automated PAM technology experience far fewer serious breaches than those that did not. Karl Lankford, Lead Solutions Engineer EMEA at Bomgar will discuss what ‘privilege’ means to your business and how implementing a PAM solution can drive significant improvements across the organisation. You will learn:

•Why organisations should make PAM their top 2019 investment
•Why quickly controlling and automating key PAM capabilities is critical to your organisation’s success
•Help you to prepare the business case for your PAM project and to get Executive Leadership buy in
Recorded Nov 22 2018 63 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Brandon Dunlap, Moderator, (ISC)², Karl Lankford, Lead Solutions Engineer EMEA, Bomgar
Presentation preview: PAM: The Critical Missing Piece in Your Security Strategy

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • What Makes a Security Rating? Deep Dive Into Threat Data Feeds Mar 5 2019 1:00 pm UTC 60 mins
    Brandon Dunlop, Moderator, (ISC)², João Gouveia, CTO, BitSight Labs
    Attacks and data breaches are a regular challenge for organisations and their cybersecurity practitioners today. The consequences for a company that falls victim to a hacking attack or other form of data breach can be significant, incurring both financial as well as reputational damage as a result. Measuring and determining the security posture of an organisation is essential to understand the liability and exposure to risk your business faces at any given moment, to reassure staff, shareholders, customers, insurers and suppliers.
    In this webinar, we will explore in more detail how a variety of real-time and historical risk vectors and underlying security data can be used to determine current posture. Furthermore, we will examine some of the current research work being used by the security sector to understand, quantify and measure posture in a uniform way, and how that research as resulted in the creation of specific data sets and risk vectors that are unique to measuring security posture.
  • How to Gain Visibility into Encrypted Threats Feb 26 2019 1:00 pm UTC 60 mins
    Brandon Dunlop, Moderator, (ISC)², David Warburton, Senior Threat Research Evangelist, F5 Labs
    Encrypting data-in-transit with SSL/TLS is standard practice among organisations today. Important security initiatives, such as built-in web browser warnings and stronger legislative GDPR changes, have significantly improved privacy awareness and helped to prevent data breaches. However, cybercriminals commonly hide threats within encrypted payloads and use encrypted channels to propagate malware and exfiltrate data, knowing they can bypass traditional security inspection solutions.

    Join us for this webinar to learn more about:

    • Challenges with encrypted traffic and risks to your business
    • How to efficiently decrypt and orchestrate traffic to reduce latency
    • How to intelligently manage decryption and re-encryption across your entire security inspection solutions (IPS, NGFW, DLP, WAF, Anti-Malware, etc.)
  • New Year, New Phishing Threats: 10 Resolutions To Keep You Safe & Secure Feb 19 2019 1:00 pm UTC 60 mins
    Brandon Dunlap, Moderator, (ISC)², David Mount, Cofense, Mollie MacDougall, Cofense
    New year. New resolutions. Every year we make the pledge to eat healthier and exercise more. What is good for the waistline is also good for your phishing defense posture. With more than 90% of breaches attributed to successful phishing campaigns – now is the time to think about how to prepare and prevent attacks. In this session you’ll hear about 10 resolutions for your phishing defense programs that will make your organisation more secure.
    Some of the topics covered include:
    - How to empower humans to be part of the solution
    - Best practices to balance automation with human intuition
    - How the latest features and technologies can make your life easier
  • 20 SIEM Use Cases in 40 Minutes: Which Ones Have You Mastered? Recorded: Feb 12 2019 62 mins
    Brandon Dunlop, Moderator, (ISC)², Matthias Maier, EMEA, Director of Product, Splunk
    Every organisation can, and at some point will be breached. Gone are the days where investing only in preventive security technologies such as firewalls, endpoint protection and proxy servers were considered ‘state-of-the-art’. Instead, security best practices have evolved to build capabilities that detect attacks early, and to respond if all detection and prevention measures have failed. Today’s modernised approach is essential in helping the business recover quickly after a major attack - and helping the CISO keep their job.

    So, your technologies have evolved, but has your approach to data collection? Do you have the right data for detection and response - or do you need to adapt for the future?

    Join this webinar with Splunker, Matthias Maier to walk through 20 security use cases already used by leading organisations. You’ll hear the most relevant questions for each use case, and discover which device or application within your infrastructure can be used to find the answers. Forty minutes later, you’ll be set to take away your learnings, validate them in your own environment, and identify the most relevant gaps that need to be addressed for your business.
  • How Malware Affects Your Security Rating And What To Do About It Recorded: Feb 5 2019 56 mins
    Brandon Dunlap, Moderator, (ISC)², Tiago Pereira, Team Lead, BitSight Technologies
    Security incidents such as malware infections can cause damage and disruption that propagates far beyond the organisation, affecting its reputation, brand value and customer loyalty.

    Security ratings are impacted by these, giving an independent view into potential areas where security resources could be focused.

    In this webinar, Tiago Pereira from BitSight will explain how and why botnet infections are a key metric of the effectiveness of your security posture, discuss their impact on external security ratings and how to effectively deal with infections affecting your organisation's rating.
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Recorded: Jan 31 2019 61 mins
    (ISC)² EMEA Membership Team
    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarized
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
  • Wide Open: How Firms Are Failing To Protect Their Digital 'Crown Jewels' Recorded: Jan 29 2019 60 mins
    Moderator: Brandon Dunlap, (ISC)², Speakers: Martin Veitch, IDG Connect, David Higgins, CyberArk
    Organisations today rely on their business-critical applications and literally cannot function without these systems. They are the heartbeats and nerve centres of the modern enterprise, the fulcrums on which supply chains, operations, accounting, HR, payroll and e-commerce depend. No wonder then that these tools and the data they generate are also being targeted by attackers keen to bring their targets to a standstill. But most of time companies are failing to protect these ‘crown jewels’ assets and they rely instead on a paradigm from the last century: focusing on perimeter security and generic defences that don’t prioritise or protect the most important tools and services.

    Tune in to this webcast to hear about exclusive new research data on the state of modern security defences and get expert advice on how to protect your most important systems.
  • Infoblox Part 1: Remediating Threats by Bridging Islands of Security Recorded: Jan 22 2019 57 mins
    Brandon Dunlap, Moderator, (ISC)². Chris Marrison, System Engineer, Infoblox
    Most organisations have multiple products and services, from multiple vendors and suppliers to address their cybersecurity needs. The lack of integration and inability to share critical information results in silos of technology that cause inefficiency, lack of agility, limited visibility and a poor security posture. How can an organisation solve and streamline this improve their cybersecurity operations? Join Infoblox and (ISC)² for an examination of how Infoblox and Fortinet have joined together to assist organisations in improving their security operations and reducing time to containment.
  • Stories From the Front Lines of Cybersecurity Recorded: Jan 15 2019 56 mins
    Brandon Dunlap, Moderator, (ISC)², Zeki Turedi, Technology Strategist, EMEA
    CrowdStrike’s latest Cyber Intrusion Services Casebook continues to shine a light on how quickly attackers can gain access into an organisation. This webcast, drawn from real-life engagements from the past 12 months, takes a deep dive into the advanced and ever-evolving tactics, techniques, and procedures (TTPs) used by today’s most dangerous attackers.

    We’ll discuss the following key trends:

    -There is no slowdown in adversaries’ invention and brazenness
    -Attackers operate quickly and at depth — waiting patiently to achieve their objectives
    -Attackers are often hiding in plain sight
  • Is GDPR Working? What We're Learning From Data and Lessons from the Field Recorded: Jan 10 2019 62 mins
    Brandon Dunlap, Moderator, (ISC)², Jacob Olcott, Vice President, BitSight, Julian Parkin Founder, Parcadian
    After years of debate over whether to impose new cybersecurity regulations on companies, the General Data Protection Regulation (GDPR) went into effect in Europe in May 2018. Already we’re seeing data breach victims ordered to pay fines under the new rules, and cookie disclosure notices are popping up on more websites than ever.
    But what about the bigger picture: Is GDPR working? How would we know? We'll explore these and other issues, including an examination of what the data tells us as well as stories from GDPR implementation.
  • Trust No One Part 3 - User Authentication for a Zero Trust Security Model Recorded: Dec 10 2018 59 mins
    Lindsay Drabwell, Head of Membership Services EMEA, (ISC)², Josh Green, Richard Archdeacon, Duo
    During episode 1 in our Trust No One Series, we heard about the origins of Zero Trust. Episode 2 showed us how Banco Santander started their Zero Trust journey.

    In this Part 3, Duo will demonstrate how they deliver Zero Trust models to their customers.
    You’ll leave with a hands-on basic understanding of how to deploy Duo to a cloud-based web-application.

    Duo has been a pioneer in bringing Zero Trust models to the commercial market, allowing organisations to protect themselves quickly and easily.

    Josh Green, Solutions Engineer, Duo Security
    Richard Archdeacon, Advisory CISO, Duo Security
  • Cybersecurity Ratings Part 3: The Third Way Recorded: Dec 6 2018 59 mins
    Brandon Dunlap, Moderator, (ISC)², Nick Trigg, BitSight, Bob Lewis, (former) Barclays
    In the third of the series exploring BitSight Security Ratings, we will be focusing on the challenge of third party supplier risk management:

    - How can we manage suppliers using the dimensions of inherent risk impact and residual risk appetite?
    - How can we place suppliers cyber risk posture into context of our business?
    - How can we continuously monitor and remediate according to sensible risk prioritisation?

    Bob Lewis (former head of External Cyber Assurance and Monitoring, Barclays UK) will be discussing real life examples with Nick Trigg from BitSight.
  • 5 Security Stories of 2018: What Our Customers Have Taught Us Recorded: Dec 4 2018 60 mins
    Lindsay Drabwell, Head of Membership Services EMEA, (ISC)², Matthias Maier, EMEA Director of Product Marketing, Splunk
    Where has the time gone?

    2018 may forever be known as the year of GDPR, but a look back to the last 365 days shows us that those in cybersecurity have been through a year of numerous trends, investments and modernisations of their Security Operations.

    This webinar will share trends and lessons learned from Splunk’s own customers throughout 2018, including

    -Insights into SOC activities at the Bank of England
    -What security life really looks like at Siemens
    -Overcoming the Industrial Internet of Things/Industry 4.0 security challenges at Volkswagen AG
    -The skillsets Telia needed for their SOC to be successful.

    Join us on December 4th, 12pm GMT as Matthias Maier goes through the top tales you need to hear as a security practitioner or manager.
  • Five Steps to Building an Effective Insider Threat Program Recorded: Nov 29 2018 59 mins
    Brandon Dunlap, Moderator, (ISC)², Simon Sharp, VP International, ObserveIT
    The greatest cybersecurity threat an organisation faces is no longer the malicious outsider hacking from beyond network firewalls. It is the insiders - the contractors, third party vendors and privileged users who already have full access to your company's systems and sensitive data.

    According to Ponemon Institute’s report 2018 Cost of Insider Threats, the average cost of an insider threat is $8.76 million annually. Addressing this type of threat requires a different approach to addressing external threats; whether unintentional or malicious, organisations with sensitive customer data need to quickly identify and eliminate insider threat.

    Attend this webinar to learn the top five steps for building and maintaining an effective insider threat program, with best practices and real-life examples, that you can use.

    You will learn:

    - The types of insiders behind these threats
    1.How to determine if your organisation is doing enough to address the threats
    2.Five key elements to building an effective insider threat strategy
    3.How to move beyond IT and think of an insider threat management strategy as a combination of people, processes and technology – in that order.
  • Benefits of Moving Your SOC Into the Cloud Recorded: Nov 27 2018 55 mins
    Lindsay Drabwell, Head of Membership Services EMEA, (ISC)², Ollie Sheridan, Principal Engineer, Gigamon
    In this webcast Ollie Sheridan, Principal Engineer at Gigamon talks about the benefits of moving your SOC into the Cloud and how this differs from the challenges of creating a SOC yourself by combining monitoring tools and integrating them into an onsite SIEM.

    During this presentation you will learn:
    •How the security market is changing
    •The paint points of implementing and managing your own SOC
    •How and why you would put security into the cloud
  • PAM: The Critical Missing Piece in Your Security Strategy Recorded: Nov 22 2018 63 mins
    Brandon Dunlap, Moderator, (ISC)², Karl Lankford, Lead Solutions Engineer EMEA, Bomgar
    Industry thought leaders have stated that if you can only tackle one project to improve the security of your organisation it should be Privileged Access Management (PAM). Our own research backs this up with the 2018 Privileged Access Threat Report revealing organizations using automated PAM technology experience far fewer serious breaches than those that did not. Karl Lankford, Lead Solutions Engineer EMEA at Bomgar will discuss what ‘privilege’ means to your business and how implementing a PAM solution can drive significant improvements across the organisation. You will learn:

    •Why organisations should make PAM their top 2019 investment
    •Why quickly controlling and automating key PAM capabilities is critical to your organisation’s success
    •Help you to prepare the business case for your PAM project and to get Executive Leadership buy in
  • Trust No One Part 2. What Does Zero Trust Mean for You? Recorded: Nov 20 2018 58 mins
    Lindsay Drabwell, Head of Membership, (ISC)² EMEA, Richard Archdeacon, Duo, Daniel Cuthbert, Banco Santander
    As early as 2003 the Jericho Forum was created to tackle "de-perimeterisation" and later in 2014 Google released their "BeyondCorp" paper detailing how they made it happen. However, have Zero-Trust security models been adopted in the enterprise and what challenges do organisations face when considering de-perimeterisation?

    Join the discussion between Richard Archdeacon from Duo Security and Daniel Cuthbert from Banco Santander in Part 2 of the Zero Trust series and learn about Zero Trust deployments within the enterprise.
    Speakers:
    Richard Archdeacon, Advisory CISO, Duo Security
    Daniel Cuthbert, Global Head of Cybersecurity Research, Banco Santander

    For Part 1 in the Zero Trust Series, copy and paste this link into your browser: https://www.isc2.org/News-and-Events/Webinars/EMEA-Webinars?commid=334792&Part2
  • Using Modern Authentication Methods with Legacy Assets Recorded: Nov 15 2018 60 mins
    Brandon Dunlap, Moderator, (ISC)², Jason Garbis, Vice President Cybersecurity Products, Cyxtera
    There are a large proportion of business critical legacy applications unable to accept modern forms of authentication.
    Refactoring legacy applications is costly and sometimes virtually impossible. Yet these applications are accessing highly valuable data across networks and they are a data breach ready to happen.

    Join us as we discuss how to secure legacy applications with modern Zero Trust security.

    Brandon Dunlap, (ISC)² Moderator and Jason Garbis from Cyxtera will discuss:
    -Problems with how legacy applications are secured today
    -Options for security without refactoring these applications
    -Simplicity and speed to security that reduces operational complexity and scope of audits
    -A process for gradual end-of-life legacy assets, while still operating day-to-day normal business
  • What's Your DNS Security Risk? Insights from recent Ponemon Survey Recorded: Nov 13 2018 58 mins
    Lindsay Drabwell, Head of Membership EMEA, (ISC)², Malcolm Murphy, Chief of Staff EMEA, Infoblox
    Have you ever done an assessment on how secure your DNS infrastructure is? Ponemon Institute has recently completed the first DNS Security Risk Survey among global organizations to understand how secure they are when it comes to malware and data exfiltration that uses DNS. The survey also provides insights into:

    •The level of visibility these organizations have, especially in today’s complex network deployments
    •Their use of threat intelligence and the effectiveness of threat intelligence
    •The efficiency of their security operations
  • Cybersecurity Ratings Part 2: Many Use Cases - Some Obvious - Some Less So Recorded: Nov 8 2018 60 mins
    Brandon Dunlap, (ISC)², Nick Trigg, BitSight Technology, Thomas Born, Vodafone Group Services
    In the last (ISC)² and Bitsight webinar we covered good reasons for utilising security ratings, covering the big topics of visibility, collaboration and agility.

    Join us for this session where Nick Trigg, BitSight’s Risk Consultant, will share real life examples and use cases. Alongside Nick, we are pleased to welcome Thomas Born, Chief Security & Privacy Officer from Vodafone Automotive at Vodafone Group Services who will share his topical experiences.

    To catch up on Part 1 in this series, copy and paste the following link in your browser: https://www.isc2.org/News-and-Events/Webinars/EMEA-Webinars?commid=336859
(ISC)² Secure Webinars - EMEA
Forming part of the (ISC)² commitment to Inspiring a Safe and Secure Cyber World, we welcome you to the (ISC)² Secure Webinars - EMEA Channel. Sign up to join us for educational Security Briefings, Roundtables and eSummits aimed at all those vested in the world of information security. We welcome members and non members alike.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: PAM: The Critical Missing Piece in Your Security Strategy
  • Live at: Nov 22 2018 1:00 pm
  • Presented by: Brandon Dunlap, Moderator, (ISC)², Karl Lankford, Lead Solutions Engineer EMEA, Bomgar
  • From:
Your email has been sent.
or close