Hi [[ session.user.profile.firstName ]]

Using CyberSecurity Analytics to Secure the Enterprise

Over the last decade, the problem of CyberSecurity has become the most pressing and challenging security problem of our time. As CyberSecurity threats and attacks grow in frequency and the enterprise risk escalates rapidly, businesses and governments are searching for innovative technologies to combat the problem more effectively. Enterprise customers today have deployed numerous security controls including security sensors such as intrusion prevention and detection systems as well as security tooling for identity, access and audit management. These systems enable enterprises to manage their security posture, generating a multitude of event alert streams as well as logs and audit records that contain potentially actionable intelligence that today is typically not fully mined nor available in real-time. The inability to consolidate and correlate these events and data automatically at line speeds and present them to the security analyst in a semantically-meaningful manner robs security analysts and administrators of a valuable tool to defend enterprise networks.
Recorded Nov 8 2011 62 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Chairman: John Colley, Managing Director, (ISC)2 EMEA, Speaker: Josyula Rao, Senior Manager, Security Research Scientist
Presentation preview: Using CyberSecurity Analytics to Secure the Enterprise

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Security Secrets: Why Leading SOC Teams Have Cloud-y Vision Aug 18 2020 12:00 pm UTC 60 mins
    Matthias Maier, Product Marketing Director, Splunk; Brandon Dunlap, Moderator
    Security teams need to plan and prepare for a consistent security and compliance posture across a larger, more fluid ecosystem in the cloud. To cover the additional attack surface, it’s important to know all the nooks and crannies, and what operates within them. One of these operators are the App Dev teams that increasingly move toward DevOps. Code is being built and released at a level of speed and complexity that leads to high interdependencies - causing unpredictability and risk. Now more than ever, a strategy needs to balance Security Operations’ costs with the growing list of responsibilities that come as part of the package with cloud. Join Splunk and (ISC)2 on August 18, 2020 at 1:00PM BST and learn the secrets of leading security teams, including:

    •What the future of security operations centres (SOCs) and job roles will look like
    •How the SOC Team needs to be strategically embedded in DevOps
    •How to ensure and monitor compliance with an organization's security policy across multi-cloud services
    •How DevOps’ principles can be practiced in the SOC operating model
    •What it looks like to plan and establish a SOC in the cloud
    •Starting your plan and how to communicate it to management
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Jul 21 2020 12:00 pm UTC 60 mins
    Natasha Karelina, (ISC)² Customer Service Manager, EMEA
    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarized
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session

    Viewing this webinar for at least 45 minutes will earn you 1 group B CPE.
  • Network Visibility in a Kubernetes Environment Jul 14 2020 12:00 pm UTC 60 mins
    Ollie Sheridan, Principal Sales Engineer, Security, (EMEA); Brandon Dunlap, Moderator
    IT, cloud and security architects are responsible for addressing the following questions before they can successfully deploy applications in containers with Kubernetes-based orchestration and ensure the resultant traffic is optimally processed and distributed:

    · How can I get visibility into inter-container traffic as containers are ephemeral and constantly in-motion?
    · Can I ensure scalable visibility as deployed apps grow and can span hundreds of microservices each?

    · What if the underlying network architecture changes with a different virtual switch methodology?

    · Is there a way to automate the configured policies across thousands of containers in real-time?

    Not addressing these considerations slows down the transition to container-based applications, limits the use of datacenter automation and leaves the organization vulnerable to potential security breaches, with potential impact to reputation and brand. Join Gigamon and (ISC)2 on July 14, 2020 at 1:00PM BST for answers to these and other questions as we dive into containers and network visibility.
  • ECRIME PAY$! - The New Reality of Ransomware Attacks Jul 7 2020 12:00 pm UTC 60 mins
    Zeki Turedi, Technology Strategist, Crowdstrike; Brandon Dunlap (Moderator)
    There’s no question that ransomware is a growing threat. In what may be the biggest attack against a commercial business in history, ZDNet reported that a European manufacturer was forced to pay around $95 million following a ransomware attack. And in a separate incident, BBC reported a large renewable energy company lost access to 22,000 computers in 40 countries, reducing its workforce to using pen and paper until the ransomware infection was resolved. However, these attacks reflect only the public side of a much larger cybercriminal industry that is constantly innovating its capabilities. In fact, ransomware is one of the fastest-growing threats in cybersecurity, with damages predicted to crest $20 billion globally by 2021, up from “only” $345 million* in 2015. Join Crowdstrike and (ISC)2 on July 7, 2020 at 1:00PM BST as we explore:

    - The increase in state-sponsored ransomware seen within the last 12 months where focused attacks promise greater financial payoffs

    - The tactics, techniques and procedures observed by today’s ransomware attackers and how they’re getting more sophisticated

    - What you can do to stop ransomware in its tracks
  • Cyber Criminals Leave Their Fingerprints on the Internet Too Recorded: Jun 23 2020 47 mins
    Oliver Tonge, Cyber Security Consultant, DomainTools; Brandon Dunlap, Moderator
    Everyone leaves breadcrumb trails on the internet, including threat actors. In a post GDPR world, DNS intelligence and analytics become ever more valuable assets for threat hunters and analysts alike. Actionable verdicts on deceitful websites and malign infrastructure along with protective monitoring mechanisms are just a few clicks away. Join DomainTools and (ISC)2 for an examination of the DomainTools threat intelligence suite - and unparalleled data repository – that can be used to profile a network of fraudulent websites. The session will include real-world investigations with practical applications of domain and infrastructure intelligence.
  • OpenSource Security Tools for Cloud Native Environments Recorded: Jun 23 2020 61 mins
    Steve Giguere, CSSLP, Senior Solution Architect, Aqua Security; Brandon Dunlap, Moderator
    Securing production workloads used to be the responsibility of information security specialists. In a DevOps culture, security becomes part of everyone's responsibility as security shifts left of boom. Join Aqua Security and (ISC)2 on June 23, 2020 at 1:00PM BST for a discussion on the cloud native threat landscape and some recent high profile attacks. We will review how security can be embedded at every stage of the CI/CD pipeline and demonstrate opensource tools that can be used to assess the security posture of your kubernetes cluster and container images.
  • Improving the Cybersecurity Value of Your DNS and IPAM System Recorded: Jun 16 2020 61 mins
    Michael Katz, Security Sales Specialist, Infoblox; Brandon Dunlap, Moderator
    Even in 2020, many organizations overlook the DNS and IP Address Management systems in their cyber security strategy. Many DNS and IPAM systems are afterthoughts in cyber policy and relegated to unmanaged freeware. This approach misses the benefits DNS and IPAM can bring to your security practice. Join Infoblox and (ISC)2 on June 16, 2020 at 1:00PM BST for a discussion that will examine concrete ideas you can implement in your organization to maximize the cyber-benefit from DNS and IPAM services.
  • Engaging End Users in Phishing Defence – Are your Teams Combat Ready? Recorded: Jun 9 2020 60 mins
    David Mount, Sr. Dir. Sales Engineering, Cofense; Andy Spencer, VP Sales Engineering, Cofense; Brandon Dunlap (Moderator)
    As the world locks down to mitigate the risks of COVID-19, many employees are still adjusting to working from home, and companies like yours are working hard to support it. However, organizations cannot completely lock down their networks. For example, phishing emails continue to evade Secure Email Gateways, with threat actors adapting their tactics to exploit the ongoing crisis. Businesses are threatened by a surge of phish related to COVID-19 and remote work. Join Cofense and (ISC)2 on June 9, 2020 at 1:00PM BST as Cofense security experts David Mount and Andy Spencer provide an in-depth review of the current phishing threat landscape, as seen through the inboxes and eyes of those on the front line – your end users, the new face of your front-line phishing defence. Highlights will include:

    · Insights of various phishing campaigns that evaded SEGs and reached enterprise end users, delivering credential phish and malware.

    · How threat actors are using trusted services, such as online business surveys and document sharing platforms, to evade SEGs.

    · Expert predictions of what we will continue to see through the end of Q2 and the remainder of 2020.
  • Continuing the Conversation: What We’ve Learned From the COVID-19 Outbreak Recorded: May 19 2020 62 mins
    John Carnes, Erik von Geldern, Kris Rosson, Brandon Dunlap, Moderator
    On April 28, 2020, (ISC)2 hosted a diverse panel of cybersecurity professionals who discussed the impact the COVID-19 pandemic has had on their IT operations and cybersecurity teams. The first webcast, in this series, generated a great deal of interest, discussion and questions from the audience. We will continue the conversation on May 19, 2020 to tackle the questions and discussions that continue to be raised during this ongoing crisis. This second webcast will be devoted to the economic impact (budgets slashed with no revenue coming in) due to the shutdown caused by COVID-19. In addition, we’ll discuss what re-opening an office may look like and how the current situation affects individuals both physically and emotionally. Join the conversation to share your thoughts and gain insight into how your team can continue to handle this changing situation.
  • TLS1.3: Two Years On Recorded: May 19 2020 62 mins
    Ollie Sheridan, Principal Sales Engineer, Security, (EMEA) Gigamon; Brandon Dunlap, Moderator
    After being released in August 2018, what does TLS1.3 look like today and how many organisations are using it? There are many claims that TLS1.3 is the one-stop-shop solution to all encryption requirements; but is that the case? Join Gigamon and (ISC)2 on May 19, 2020 at 1:00PM BST for a discussion about organisations using TLS1.3, why they are using it and why in some situations it’s not a suitable fit for encryption requirements. We'll also explore what this means for visibility in terms of decryption and for the generation of Metadata, such as IPFIX (Internet Protocol Flow Information Export) and CEF (Common Event Format). We’ll also examine:

    - Understand how many people are using TLS1.3 and why

    - See what makes TLS1.3 different to TLS1.2 and why TLS1.3 not always the best choice

    - Understand what is required to decrypt TLS1.3 in order to present decrypted traffic to Security Countermeasures

    - How Metadata fits into TLS1.3
  • Paving a Path to a Passwordless Future Recorded: May 12 2020 60 mins
    J. Wolfgang Goerlich, Advisory CISO, Duo Security; Brandon Dunlap, Moderator
    Passwords don’t have a great reputation: between user complaints of friction adhering to complex password policies and admin complaints about how frequently lost or stolen passwords pose a risk of attack, the use of passwords have few fans With these password problems and more, it raises the question: why would we still use passwords at all? Join Duo Security and (ISC)2 on May 12, 2020 at 1:00PM BST Duo Advisory CISO J. Wolfgang Goerlich provides a walkthrough of why security leaders want to move past passwords, and the challenges of a truly universal passwordless future. The session will also show how Duo Security is supporting this initiative, both championing modern authentication standards like WebAuthn and building partnerships with industry leaders including Microsoft to reduce reliance on passwords.
  • CISO Says With Kevin Fielder, Chief Information Security Officer at Just Eat Recorded: May 5 2020 60 mins
    Kevin Fielder, CISO, Just Eat, Brandon Dunlap, Moderator, (ISC)²
    In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format.

    In this session Kevin Fielder, CISO at the Just Eat will provide insight into the path he took to become a Cybersecurity Leader and how he is reinventing the role in the face of accelerating change.
  • Gamechanger! What We’ve Learned (So Far) from the COVID-19 Outbreak Recorded: Apr 28 2020 62 mins
    John Carnes, Erik von Geldern, Kris Rosson, Brandon Dunlap, Moderator
    The world seemingly changed overnight. Offices and business shut down. Stay-at-home orders. A remote workforce appearing out of nowhere needing equipment and support. Cybersecurity professionals are facing challenges and situations none would have dreamed about even 90 days ago. Join (ISC)2 on Tuesday, April 28, 2020 at 1:00PM Eastern for a panel discussion examining what security practitioners are experiencing during the COVID-19 health crisis. The webcast will include results from an (ISC)2 pulse survey that asked cybersecurity professionals to share how their jobs have been impacted, issues faced securing a "work from home" workforce and more. Panelists will share the challenges they face, what lessons have been learned and the “sliver-lining” they may have discovered as they and their teams jumped into the unknown and transformed their operations in response.
  • Minimizing Security Impacts of a Growing Remote Workforce Recorded: Apr 28 2020 61 mins
    Karl Lankford, Director of Solutions Engineering, EMEIA, BeyondTrust; Brandon Dunlap, Moderator
    Many organisations are implementing remote working policies and need to quickly support an unprecedented increase in the number of remote employees. However, an expanding remote workforce can significantly increase the attack surface and has changed the threat model of organisations overnight. Many remote access options are quick to implement but are not secure and organisations are trying to navigate the challenges of quickly, but securely, operationalising their remote employees. On April 28, 2020 at 1:00PM BST, BeyondTrust and (ISC)2 will explore the risks unsecure remote access presents and discuss how the secure remote access and endpoint privilege management pillars of a PAM solution can securely and efficiently connect remote employees to corporate resources.
  • Identify, Classify, and Protect Corporate Crown Jewels with Discovery-in-Depth Recorded: Apr 21 2020 59 mins
    Roger Hale, CSO, BigID; Brandon Dunlap, Moderator.
    With recent data protection regulations and an increase in breaches, companies need to be able to not only find the Crown Jewels in their data, but also secure it. Traditional data discovery tools, however, lack the data source coverage to give organizations a way to identify and contextualize the sensitive Crown Jewels across any data store, any pipeline – in a data center or in the cloud. Join BigID and (ISC)2 on April 21, 2020 at 1:00PM GMT as we discuss how deeper data intelligence can help identify Crown Jewels and reduce liability risk across data sources. We’ll look at how to leverage next-generation classification to better enforce policy, how to reduce risk on your most valuable data, and how to implement advanced ML techniques to get more insight into your data.
  • Office Shutdown: Securing an Increased Remote Workforce Recorded: Apr 16 2020 64 mins
    John Smith, ExtraHop; Glenn Leifheit, Microsoft; Tim Campo, (ISC)2; Diane Brown, Ulta; Brandon Dunlap (Moderator)
    The COVID-19 virus outbreak has put immense pressure on IT organizations who now need to scale remote access quickly to thousands of users working from home. Many organizations did not have a plan in place for this and are doing the best they can. Many remote workers haven’t been issued laptops or are using unmanaged devices that may not have adequate protections. Some companies are running into licensing issues for things like their VPN connections. Join ExtraHop and (ISC)2 on April 16, 2020 at 1:00PM Eastern for a timely discussion on how you can deal with performance and security implications of this shift and receive tips and best practices on how to deal with the situation we find ourselves in.
  • Key Attributes of a Modern Phishing Awareness Program Recorded: Apr 15 2020 62 mins
    David Mount, Senior Director, Solutions Marketing, Cofense, Brandon Dunlap, Moderator, (ISC)²
    As the phishing threat landscape continues to evolve at a pace that technology is unable to keep up with, organisations are turning to phishing awareness and simulation programs to plug the gap. Is your phishing awareness program keeping up with this changing landscape?

    Join Cofense as we explore the attributes of a modern phishing awareness program and see what our data, based on millions of phishing simulations, shows about awareness programs and simulation exercises.

    You will learn:
    -The statistical advantage of using an email reporting tool
    -The important role the end user plays in active defense
    -How often you need to send simulations for maximum resiliency
    -The advantages of basing simulations on active threats, not random dangers
    -Why ‘phish testing’ is the enemy of true phishing defense
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Recorded: Apr 14 2020 59 mins
    Natasha Karelina, (ISC)² Customer Service Manager, EMEA
    Update 15 Apr 2020: to confirm, viewing this webinar for at least 45 minutes will earn you 1 group B CPE.

    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarized
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
  • Encrypted DNS: Friend or Frenemy? Recorded: Mar 24 2020 59 mins
    Michael Katz, Cyber Security Sales Specialist, Infoblox; Brandon Dunlap, Moderator
    DNS is the last critical service on the Internet and in your organization that runs unencrypted or 'in the clear'. Competing consortiums of standards bodies, IT security associations and internet behemoths are trying to close the DNS encryption gap with varied approaches. Some advocate browser-based extensions, others opt for infrastructure and OS upgrades and others propose measures to block encrypted DNS traffic.

    Even if a web session is encrypted, unencrypted DNS provides important behavioral metadata that can be used to track network activity. Used properly, encrypted DNS can close privacy and security gaps that leaves DNS queries open to surveillance data miners like Internet behemoths, law enforcement, ISPs, business competitors and advertisers. However, with zero sophistication, any user in your organization can use encrypted DNS, which is now embedded in the world’s most popular web browsers, to completely bypass IT security policies, steal data and run unauthorized applications – all undetectable by most security tools. In many ways, encrypted DNS poses the same risks to information security as the TOR network. However, in areas where accessing the wrong web content can lead to severe consequences, encrypted DNS can literally save lives. Join Infoblox and (ISC)2 on Tuesday, March 24, 2020 at 1:00PM GMT for a discussion examining the rationale and tech behind encrypted DNS, the risks and benefits and it can bring, and strategies information security teams can use to approach this rapidly emerging technology.
  • Security Secrets: Defining Success for Security Teams Recorded: Mar 17 2020 59 mins
    Matthias Maier, Product Marketing Director, Splunk; Brandon Dunlap, Moderator
    The security industry is constantly changing and there’s always a new technology to learn how to defend or a new threat to fight against. However, with a rapid and constantly changing landscape of technologies, threats, frameworks, techniques and legislations - it’s easy to get lost in the day-to-day of cyber security and neglect progression at a personal, team and organizational level. Working across the full spectrum of security teams, from newly formed to the well-established; both Splunk and (ISC)2 are constantly observing the patterns for success in cyber security at every level. Spoiler alert - those who get the promotions or pay rises don’t do so for successfully configuring a firewall or by being lucky enough that their company hasn’t been breached (yet). Join us on March 17, 2020 at 1:00PM (GMT) for a discussion on what success looks like in security, how success is defined by an organization and its board, what personal and team success looks like for individual contributors and the top six observations of what makes a security professional stand out.
(ISC)² Secure Webinars - EMEA
Forming part of the (ISC)² commitment to Inspiring a Safe and Secure Cyber World, we welcome you to the (ISC)² Secure Webinars - EMEA Channel. Sign up to join us for educational Security Briefings, Roundtables and eSummits aimed at all those vested in the world of information security. We welcome members and non members alike.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Using CyberSecurity Analytics to Secure the Enterprise
  • Live at: Nov 8 2011 2:00 pm
  • Presented by: Chairman: John Colley, Managing Director, (ISC)2 EMEA, Speaker: Josyula Rao, Senior Manager, Security Research Scientist
  • From:
Your email has been sent.
or close