Hi [[ session.user.profile.firstName ]]

Cyber Security

IBM's Cyber Security Perspective
As we move towards a Smarter Planet, one which is increasingly instrumented, interconnected and intelligent new threats and challenges from a security perspective arise. Increasingly systems and infrastructure we rely on every day are interconnected in this way. We are faced with many new threats which could damage this infrastructure, especially in terms of our critical
infrastructure. Cyber security attacks are increasing and just as with other topical areas such as cloud there is confusion and debate about what Cyber actually is, we will share IBM's thinking and perspective on Cyber Security and approaches organisations can take.
Recorded Oct 25 2011 53 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Chairman: Richard Nealon, (ISC)2 Board Member, Speaker: Martin Borrett – Director of the IBM Institute for Advanced Security
Presentation preview: Cyber Security

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Apr 16 2018 11:00 am UTC 60 mins
    Nathaniel Ford, Moderator (ISC)² EMEA, Membership Services Team, (ISC)² EMEA
    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarized
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
  • GDPR Compliance - Don’t Let Your SIEM Be Your Downfall Mar 13 2018 12:00 pm UTC 60 mins
    Adrian Davis, Director of Cybersecurity Advocacy for EMEA, (ISC)², Matthias Maier, Product Director, Splunk
    Whatever SIEM solution you operate, it is highly likely that personal information is captured in the log data such as phone numbers, email addresses, cookies, RFID’s, geolocation and more. If it can identify an individual in combination with other data, you must ensure that you’re not in breach of the GDPR. To help give guidance on this, we have conducted detailed analysis on how you should treat your SIEM solution and log data under the GDPR. Join the webinar to:
    •Learn the most relevant aspects of GDPR, to understand its impact on log management
    •Understand the risk of processing and storing log data in the context of GDPR
    •Discover your obligations and the precautions you can take to comply and maintain visibility
    •Observe specific compliance guidance and relevant use cases for network and information security logs
  • Detecting the Risk Obscured in Hidden Parts of Kerberos Mar 8 2018 12:00 pm UTC 60 mins
    Nat Ford, Moderator, (ISC)² EMEA, Ido Hoorvitch, Security Research, CyberArk Labs
    As long as Kerberos communication is not being decrypted, attackers get an opportunity to act freely using Kerberos without being detected because the encryption is being handed to them on a silver platter. Because Microsoft’s native software uses Kerberos, once control over a computer in a network is obtained, attackers can hide their activities and easily blend into a detection-less highway.

    Attend this webinar presented by the CyberArk Labs team to learn how decrypting the Kerberos protocol can bridge the gap between attackers and the defensive side by providing the defenders a real view over the network.

    We’ll discuss:
    •Why SIEM solutions are blind to this attack maneuver
    •Kerberos basics
    •Kerberos attacks overview
    •Kerberos attacks detection – considerations and limitations
    •Decryption – exposing the attack

    Speakers:
    Ido Hoorvitch
    Lavi Lazarovitz
  • 2018 Phishing Trends: New year. New threats. Same dark intentions. Feb 20 2018 12:00 pm UTC 60 mins
    Adrian Davis, Managing Director (ISC)² EMEA, Mollie Holleman, Senior Intelligence Specialist, Phishme
    Join (ISC)² EMEA and PhishMe for a look back at 2017’s threats and a look ahead. We’ll provide an overview of what PhishMe's Intelligence team uncovered, discuss trends in phishing-delivered malware, and analyse how various delivery vectors evolved.

    Some of the trends we’ll discuss:
    •The implications of last year’s major global cyber-events, such as WannaCry and NotPetya
    •The emergence of new ransomware families
    •The abuse of legitimate functions built into business-critical software platforms to deliver malware
    •The favouring of modularity and plug-in accompaniments to lightweight botnet and stealer malwares
    •New ways cyber-criminals are obtaining cryptocurrency

    Cyber-crime won’t slow down. Take this opportunity to learn from the recent past as you deal with current threats and prepare for whatever’s next.
  • GDPR - Burden or Benefit? Recorded: Feb 7 2018 62 mins
    Adrian Davis, Ardi Kolah, William Richmond-Coggan, Mandeep Sandhu
    Ask a CISO what is keeping them awake at night and all too often, they will mention their organisation’s readiness for the upcoming General Data Protection Regulation (GDPR) legislation. A recent survey showed that only a third of respondents are already compliant or on target to be compliant with the GDPR. But how has the GDPR earned its fearsome reputation?
    Supporting this debate is Ardi Kolah, Executive Fellow and Director of the GDPR Transition Programme at Henley Business School who will be discussing the implications of GDPR for business, along with William Richmond-Coggan from Pitmans Law who will be addressing the legal implications of GDPR as well as the opportunities for your business.
    The panel will be joined by Mandeep Sandhu, Compliance Technical Director for Carbon Black who will show how the security threat landscape could affect your business's GDPR compliance.
    Key Takeaways:
    •What you need to do to approach the May 2018 GDPR deadline with confidence.
    •How taking data security and privacy seriously is actually a great opportunity for your business
    •The security threat landscape, and how current threats could affect GDPR compliance
    Moderator: Adrian Davis, MD (ISC)² EMEA
  • Golden SAML Are The New Golden Tickets Recorded: Jan 30 2018 59 mins
    Nat Ford, Moderator, (ISC)² EMEA, Shaked Reiner, CyberArk Labs Researcher
    In this webinar, we will explore a new attack vector that CyberArk Labs has discovered and dubbed “golden SAML.” The vector enables an attacker to create a golden SAML, which is basically a forged SAML “authentication object,” and authenticate across every service that uses SAML 2.0 protocol as an SSO mechanism.

    The team from CyberArk Labs will discuss how in a golden SAML attack, attackers can gain access to any application that supports SAML authentication (e.g. Azure, AWS, vSphere, etc.) with any privileges they desire and be any user on the targeted application (even one that is non-existent in the application in some cases).

    They'll then demonstrate their new tool, shimit, that implements a golden SAML in order to compromise an AWS account from within a Microsoft domain.
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Recorded: Jan 29 2018 61 mins
    Nathaniel Ford, (ISC)² EMEA, Membership Services Team, (ISC)² EMEA
    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarized
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
  • Speed Up the Hunt: Make the Bad Guys’ Lives Harder with Threat-hunting Recorded: Jan 24 2018 64 mins
    Adrian Davis (ISC)² EMEA, Rick McElroy Carbon Black, Joe Moles Red Canary
    In today’s threat landscape, modern security teams recognise that compromise is inevitable. However, that does not mean that a breach should be inevitable too.
    Today’s security leaders must bring together the people, process and technology to enable threat hunting. Detect and alert strategies need to be revamped to shift from reactive forms of incident response to proactive threat hunting.
    Join Rick McElroy, Security Strategist for Carbon Black, to learn how better to enable your hunt.
    Key takeaways:
    1.Understand the role of threat hunting in a resilient cybersecurity strategy
    2.Learn how to create a culture of threat hunting and embed it within your security strategy
    3.Discover how to mature your threat hunting program
    4.Learn how to create an ROI for threat hunting
    5.Gain practical insight into the steps to take in order to start threat hunting

    Moderator: Adrian Davis, Managing Director, (ISC)² EMEA
    Speakers:
    Rick McElroy, Security Strategist, Carbon Black
    Joe Moles, Director of Detection Operations, Red Canary
  • Is DNS a Part of Your Cyber Strategy? Recorded: Dec 20 2017 63 mins
    Adrian Davis, Managing Director, (ISC)² EMEA, Gary Cox, Technology Director, Infoblox
    Detecting malware, helping to prevent and disrupt command and control communication, ransomware and phishing attacks, being part of a data loss prevention program – DNS can help with this and much more, but are you leveraging it as part of your security controls and processes?

    DNS is the perfect choke point to stop not just data exfiltration through it, but also detect and stop malware from spreading and executing

    In this webinar you’ll learn:
    •The value of DNS as part of your cyber strategy
    •How DNS can provide your SIEM with actionable intelligence
    •How DNS can add value to other security controls, such as vulnerability scanners and end point protection

    Join Infoblox and (ISC)² for a discussion on this often overlooked topic.
  • How to Stop a Security Breach Becoming a PR Disaster Recorded: Dec 14 2017 62 mins
    Adrian Davis, Managing Director, (ISC)² EMEA, Neil Stinchcombe, Director, Eskenzi PR
    Your CEO has just called your mobile because a reporter from the BBC wants to know how many customers are affected by a hack into your payment database.
    How should you respond?
    What is the one thing you should not say to avoid turning a cyber incident into an event that has to be reported under GDPR?
    Why is Crisis Comms so different from all other types of PR?
    What things do you need to demonstrate that will limit the damage?
    Do you have a tried and tested Crisis Comms plan?
    Does everyone know who is on the Crisis Comms team?
    What they have to do?
    Who they need to inform?
    What they can and cannot say, and how they should say it?
    What type of skills do you need to manage media communications and prevent a cyber incident becoming a crisis?
  • Artificial Intelligence and Its Role in Reducing Risk to Your Organisation Recorded: Dec 11 2017 62 mins
    Adrian Davis, Managing Director, (ISC)² EMEA, Patrick Bayle, EMEA Channel Engineer, Cylance
    In this webinar, we will discuss how utilising artificial intelligence and machine learning addresses risk reduction when dealing with the increasing pace of unknown malware proliferation. We will also discuss how this approach differs from legacy methods and provide a compliance example of how you can remove complexity and liberate resources by leveraging advanced artificial intelligence and machine learning.
  • Securing Privilege in DevOps and in the Cloud Recorded: Dec 6 2017 61 mins
    Alistair Anderson, Technical Advisor, CyberArk, Adrian Davis, Managing Director, (ISC)² EMEA
    In this webinar we will explore new privileged account risks that DevOps, the Cloud and digital transformation projects bring. Examples shown will discuss the privilege risks that have already been exploited to compromise businesses. We will share best practices and guidelines on managing highly privileged secrets used to access cloud consoles, access keys and finally how to manage the privileged secrets bestowed to the new robot-guardians of our infrastructure, CI/CD tools.
  • Part 2: Your 6 Step Journey to GDPR Compliance Recorded: Dec 5 2017 64 mins
    Adrian Davis, Managing Director, (ISC)² EMEA, Jan Smets, Certified DPO, Gemalto
    Following our hugely popular “6 Steps to GDPR Compliance” webinar, part 2 will offer a recap followed by an interactive Q&A moderated by Adrian Davis, (ISC)² EMEA's Managing Director.
    Join Jan Smets, certified DPO at Gemalto who will focus on the steps where our customers are currently actioning.

    1) Understand the GDPR legal framework
    2) Create a Data Register
    3) Classify your data
    4) Start with your top priority
    5) Assess and document additional risks and processes
    6) Revise and repeat
  • Best Practices for Securing Containerised Applications Recorded: Nov 30 2017 61 mins
    Adrian Davis, Managing Director, (ISC)² EMEA, Kumbirai Tanekha, Software Engineer R&D, CyberArk
    In this webinar we will show practical tips on how developers can secure their containerised applications across the DevOps pipeline and solve their secrets management challenges without stifling architectural and software design choices .
    We will show a demo of Conjur from CyberArk, an open source security service that helps to securely store and safely retrieve secrets in high-velocity and widely-scaled IT environments while integrating with popular CI/CD tools to provide machine identity authorisation and more.
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Recorded: Nov 27 2017 52 mins
    Nathaniel Ford, Moderator, (ISC)² EMEA, Membership Services Team, (ISC)² EMEA
    Are you an (ISC)² member with questions about your certification and member benefits, or want to keep in touch with (ISC)² news in EMEA? Are you thinking about joining, and curious to hear more about what membership means and how (ISC)² can help you?

    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarized
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
  • How a Military Concept can Help Build Your Incident Response Framework Recorded: Nov 14 2017 53 mins
    Nathaniel Ford, Moderator, (ISC)² EMEA, Craig Roberts, European Technical Engineer, IBM Resilient
    In the current cyber threat landscape, organisations are looking at ways to respond as effectively as possible. This session will look at the role that can be played by OODA loops, a military concept developed to improve fighter pilots' abilities to respond in combat, it stands for Observe, Orient, Decide & Act. Companies can build these concepts into their Incident Response (IR) process to aid clarity of thinking and improve their ability to respond quickly and effectively to cyber attacks.
  • Form the Future with Secure IoT Recorded: Nov 7 2017 62 mins
    Adrian Davis, (ISC)² EMEA, Mark Wharton, CTO, Iotic Labs, Ali Nicholl, Head of Communication, Iotic Labs
    The Internet of Things (IoT) has the potential to disrupt and enchant services, empower communities and improve efficiency and effectiveness, enhancing our experiences. However, it has so far promised much and failed to deliver. There are many reasons for this, summed up by just two:
    1.Diverse and incompatible solutions
    2.Security concerns
    If we can meet the security challenges that threaten the IoT, then we can unlock potential for businesses to mitigate risks, take advantage of operational efficiencies, and emerge as significant players of the 21st century.
    In collaboration with (ISC)² and network security experts, Iotic Labs has written a self-paced practical course to help businesses understand and overcome the pitfalls of introducing IoT devices into their networks and to “just start”.
    This webinar will discuss the landscape of IoT security, notable challenges, and provide an overview as to how the course and a future-flexible Iotic approach address these challenges.
  • PCI DSS 3.2 - Are You Ready? Recorded: Oct 19 2017 59 mins
    Adrian Davis, Managing Director, (ISC)² EMEA, Mor Ahuvia, IAM Product Marketing Manager, Gemalto
    The February 2018 deadline for complying with PCI DSS 3.2 is fast looming. Most of the new requirements in the latest PCI DSS guidelines are focused on the need to extend multi-factor authentication (MFA) to additional use cases and user groups within organisations who handle Credit Card Data. From February 2018 onwards, all individuals who access systems such as databases, network modules and email servers which hold credit card data will be required to authenticate themselves with MFA.
    Join (ISC)² EMEA and Gemalto to learn:
    - What’s new in PCI DSS 3.2
    - How to effectively map PCI DSS MFA requirements to business use cases and user groups in your organisations
    - Best practices for organisations that need to extend their MFA footprints to additional use cases, and for those that are starting to think about how to comply with PCI DSS’s authentication requirements.
  • Part 2: Security control quick wins that help achieve clarity for GDPR Recorded: Oct 10 2017 63 mins
    Adrian Davis, Jeremy King, Andrew Barrett, Chris Strand
    Organisations apply many cybersecurity controls to help measure and maintain data security and regulatory compliance. Several are purposeful and list requirements that are subjective in how to employ them and how to meet their unique business risk strategy. This can often make it difficult to create a baseline security control strategy that will meet new regulations as they are introduced.

    In this session, the expert panel will discuss specific security controls that can be used to provide clarity, and measure for any data security and protection programme including the GDPR. Considerable focus and examples will be drawn from prescriptive data security standards such as the PCI DSS, (Payment Card Industry Data Security Standard), and how leveraging such standards can help to create a security control strategy to meet and measure continuous data security compliance.

    Webinar attendees will take away many practical examples, solutions, and anecdotes on how their businesses can alleviate the pressures of employing the right security controls to protect GDPR-defined data, meet compliance and prove security control efficacy.

    Panel Experts:
    Jeremy King, ‎International Director, PCI Security Standards Council
    Andrew Barrett, International / Managing Principal Application validation, Coalfire
    Christopher Strand, Sr. Director Compliance Strategy, Carbon Black
    Moderator: Adrian Davis, Managing Director, (ISC)² EMEA

    To listen to Part 1 of this session, paste the following URL into your browser: https://www.isc2.org/News-and-Events/Webinars/EMEA-Webinars/Focused-Webinars?commid=260091
  • Phishing Response: Stop the Chaos Recorded: Oct 3 2017 62 mins
    Adrian Davis, Managing Director, (ISC)² EMEA, John ‘Lex’ Robinson, Marcel Feller, PhishMe
    During a survey recently conducted among security professionals, 90% said phishing is the #1 threat. Yet many acknowledged they’re unprepared to deal with phishing attacks.

    Attend this webinar to learn why responders are drowning in emails instead of hunting real threats. See why they’re betting on automation whilst we know, tech alone won’t stop threats from getting through and wreaking serious havoc. Learn what rapid changes and investments your peers are planning to turn the tide against phishing and protect their organisations.

    You will also find out:
    •How bad is the phishing threat?
    •How confident are companies in their phishing responses?
    •What solutions are companies using—and which ones should they add?
    •How can automation and technology help? Why are humans important, too?
(ISC)² EMEA Secure Webinars
Forming part of the (ISC)² commitment to Inspiring a Safe and Secure Cyber World, we welcome you to the (ISC)² EMEA Secure Webinars Channel. Sign up to join us for educational Security Briefings, Roundtables and eSummits aimed at all those vested in the world of information security. We welcome members and non members alike.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Cyber Security
  • Live at: Oct 25 2011 11:00 am
  • Presented by: Chairman: Richard Nealon, (ISC)2 Board Member, Speaker: Martin Borrett – Director of the IBM Institute for Advanced Security
  • From:
Your email has been sent.
or close