Name: Curing Alert Fatigue with Risk Based Alerting, MITRE ATT&CK and Automation
Start: 2019-09-17T12:00:00Z
End: 2019-09-17T12:00:58.000Z
Location: BrightTALK
Rating: 4.4

ISC2 Security Briefings EMEA offers members in Europe, the Middle East and Africa a chance to learn about the latest trends, tools and best practices in cyber, information, software and infrastructure security while earning CPEs

Embark on a foresight journey into the future of cybersecurity, highlighting key trends and innovations that are set to redefine the digital defense landscape in the year ahead. Discover how advancements in artificial intelligence will revolutionize the way security teams reduce cybersecurity risks and improve their abilities to defend against modern threats. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he shares his top five cybersecurity predictions for 2025.

Top Five Cybersecurity Predictions for 2025

New to the security industry? Or thinking about transitioning into an information security role? If so, this webinar is for you. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he provides a one-hour ‘crash course’ on the entire security industry, including:

- Size and growth of the security industry
- Useful vocabulary terms and buzz words
- Five types of cyberthreat actors 
- Modern cyberthreats and tactics
- Categories of security defenses
- Common security job roles
- Security industry ecosystem

Security Industry 101: A ‘Crash Course’ For Security Newbies

Artificial intelligence (AI) has bolstered cybersecurity solutions across the board. Security teams have more ways to detect advanced threats than ever before, and organizations are much better equipped to measure and reduce their attack surfaces. However, AI also benefits cyber adversaries with improved phishing and spear phishing techniques and new methods for tricking unsuspecting victims using deepfake content spawned by generative AI. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he provides a comprehensive analysis of AI's dual role in both fortifying and challenging modern cyber defenses. Discover who's winning the AI arms race in cybersecurity.

Impact of AI on the Cybersecurity Industry: Who's Got the Upper Hand?

Compromising end user computing devices through spear phishing attacks is frequently cited as the initial step of advanced persistent threats, often leading to data breaches. Year after year, IT security professionals cite “low security awareness among employees” as a top inhibitor to IT security’s success in CyberEdge’s annual Cyberthreat Defense Report. So, why aren’t more security teams adequately addressing this challenge? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he details five ways to invest in your company’s human firewalls.

Five Smart Ways to Invest in Your Human Firewalls

Want to know which IT security technologies are hot and which ones are not? Join Steve Piper, Founder & CEO of CyberEdge (and a proud CISSP), as he reviews key purchase insights from the 2024 Cyberthreat Defense Report. Specifically, Steve will examine which security technologies are most widely deployed and most planned for acquisition in 2024 so you can benchmark your company’s current and planned investments against your peers. Steve will review purchase intent across five key security technology categories, including:

- Network security
- Endpoint security
- Application and data security
- Security management and operations
- Emerging security technologies

The ‘Hottest’ IT Security Technologies in 2024

Colonial Pipeline, CNA Financial, JBS Foods, Garmin, and Travelex. All victimized by high-profile ransomware attacks. All paid ransoms. Did these companies do the right thing by paying ransoms to accelerate data and system recovery? Or are they merely funding the ransomware industry and prompting even more attacks? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key findings from CyberEdge’s 2024 Cyberthreat Defense Report. In this webinar, Steve will:

- Examine disturbing ransomware trends, by country and by industry
- Evaluate key factors that go into deciding whether to pay ransoms
- Outline ways to be prepared for a successful ransomware attack
- Review technologies to help give security teams the upper hand

Ransomware Deep Dive: To Pay or Not to Pay?

CyberEdge’s annual Cyberthreat Defense Report (CDR) has become a staple for assessing organizations’ security postures, for gauging perceptions of IT security professionals, and for ascertaining current and planned investments in IT security infrastructure. It incorporates dozens of insights from 1,200 security professionals from 17 countries and 19 industries. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key findings from CyberEdge’s tenth-annual 2024 CDR, including:

- The percentage of organizations victimized by cyber attacks 
- The percentage of organizations victimized by ransomware attacks
- How AI helps both cybersecurity teams and cyber adversaries
- Factors that improve overall job satisfaction among security professionals
- The health of IT security budgets
- The hottest security technologies planned for acquisition

Key Insights From the 2024 Cyberthreat Defense Report

Gemäß der ISC2-Workforce-Studie arbeiten weltweit etwa 5,5 Millionen Menschen im Bereich Cybersicherheit – ein Anstieg um 9 % im Jahr 2022. Trotzdem wächst die globale Fachkräftelücke weiter: Ab 2022 stieg die Lücke um 13 % an, was 2023 zu rund 4 Millionen offenen Stellen für Cybersicherheitsexperten führte.
Diese entscheidende Berufsgruppe müsste sich nahezu verdoppeln, um alle offenen Stellen zu besetzen. Diese Zahlen verdeutlichen, dass mehr Vielfalt und Integration im Cyberbereich notwendig sind, um den Pool potenzieller Fachkräfte zu erweitern und so dem steigenden Bedarf an Cybersicherheit weltweit gerecht zu werden.
Nehmen Sie an unserer Veranstaltung teil und diskutieren Sie mit Experten und Expertinnen über die Bedeutung von Vielfalt beim Aufbau von Cyber-Resilienz:
• Entwicklung von Karrierewegen
• Herausforderungen bei der Schaffung von mehr Raum Vielfalt und damit Deckung des Bedarfs an qualifizierten Fachkräften unterschiedlichster Hintergründe
• Einfluss künstlicher Intelligenz 
• und vieles mehr

Cybersicherheit: Fachkräftemangel mit Hilfe von DEI beseitigen

Geared towards security leaders and threat analysts alike, this session focuses on the evolving threat landscape as exemplified by Pikabot – a malware/loader adept at circumventing the latest endpoint protection strategies. Our session will shed light on Pikabot's sophisticated use of indirect system calls and other evasion tactics that challenge traditional detection methods. Attendees will gain strategic insights into enhancing their security posture and staying ahead of similar threats. Commonly delivered via phishing, and used by threat actors like TA577 to provide initial access to ransomware groups, this specific malware family is worth peeling back the layers.  

 On 14 May 2024 at 1:00 p.m. BST, join VMRay and ISC2 to learn about:  

-Pikabot’s Evasion Methods: Dive into how Pikabot’s use of obfuscation complicates detection, and what this means for ongoing security operations.  

-Strategic Implications of Evasion Techniques: Understand the broader impact of Pikabot’s evasion tactics on organizational security strategies and how these can undermine significant investments in endpoint protection.  

-Future-Proofing Your Security Measures: Explore how cutting-edge, behavior-based detection systems can provide a robust defense against sophisticated malware and discuss strategies for integrating these technologies into existing security frameworks.

Catch 'Em All: Defeating Pikabot's Advanced Evasion Attempts

In the world of cybersecurity defenses, the only constant is change. More than 3,500 cybersecurity vendors are continuously innovating, finding new ways to mitigate risks and secure modern computing environments. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews five emerging cybersecurity defenses, including:

- SaaS security posture management (SSPM)
- Cloud-native application protection platform (CNAPP)
- Cloud infrastructure entitlement management (CIEM)
- Identity threat detection and response (ITDR)
- Passwordless authentication

Exploring Five Emerging Cybersecurity Defenses

April is National Stress Awareness month, and let’s face it – cybersecurity can be a stressful career.  The 2023 Cybersecurity Workforce Study revealed a concerning reality of increasingly stressed workforce teams. Jobs are more challenging than ever, and workforce gaps only add to the burden. So, what is the key to conquering stress and avoiding wellness fallouts and burnout? Self-care. We’ve all heard it before, but it’s hard to keep the pressures of work from toppling the precarious work/life balance so many of us tread. 
Join us on April 30, 2024 at 1:00 p.m. Eastern, 10:00 a.m. Pacific to hear from experts on how they achieved success in managing their stress! Small steps that can be easily implemented and allow you the time and space needed to thrive in this fast-paced profession.

National Stress Awareness Month | Tips to Keep Your Stress at Bay

Join us for a deep dive into Certified Information Systems Security Professional (CISSP), the cybersecurity leadership credential from ISC2.

Earning the CISSP is an investment in your future and an important next step in your career. Consistently recognized globally as the gold standard cybersecurity certification, it distinguishes you as a leader committed to excellence.

CISSP certification demonstrates that you have the advanced knowledge and technical skills to design, develop and manage an organization’s overall security posture. If you’re vendor-certified, it expands the depth and breadth of your knowledge and positions your skills as more versatile.

In this 60-minute live virtual session, you’ll learn:
- If CISSP is right for you
- How Official ISC2 Training flexes with your learning style
- What to expect on exam day
- How to become endorsed and maintain your certification
- Plus, more!

Plus! Get answers to your CISSP questions during the Q&A section.

Register now and begin your CISSP certification journey today!

Certified Information Systems Security Professional (CISSP) Info Session

In an era where digital threats are evolving at an unprecedented pace, Artificial Intelligence (AI) has emerged as a game-changer in cybersecurity. This webinar delves into the transformative impact of AI across the broader business landscape. 

On 27 March 2024 at 1:00 p.m. GMT join Censys and ISC2 to discover how AI-enhanced cybersecurity is reshaping threat detection, response, and predictive analytics, driving enhanced security postures worldwide.
Key Highlights:
 
• Learn how AI is equipping Security Operations Centers (SOCs) with smarter, more adaptive threat detection and response mechanisms.
•Dive into a real-world application of AI in a customer's security infrastructure, detailing the challenges, solutions, and outcomes of AI integration.
• Discover how to leverage AI for predictive analytics, transforming cybersecurity from a reactive to a proactive stance.

AI-Powered Cyber Defense: Transforming Cybersecurity in the Digital Age

Vulnerability management has been a staple of security teams for decades. But if you haven’t noticed, this space has evolved considerably in recent years. Long gone are the days of lengthy, hard-to-digest vulnerability scanning reports often created to check the PCI compliance checkbox. These days, smart IT security teams are investing in exposure management platforms and embracing best practices to help prioritize which vulnerabilities to remediate first based on a variety of internal and external factors. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he:

- Recaps the evolution from VA, to VM, to RBVM, to exposure management
- Defines key elements of modern-day exposure management platforms
- Reviews internal and external factors to help prioritize vulnerability remediation
- Summarizes the extraordinary benefits derived from exposure management deployments
- Describes what to look for when evaluating best-of-breed exposure management offerings

From Vulnerability Management to Exposure Management: Evolution or Revolution?

Artificial intelligence (AI) is transforming the way cybersecurity vendors and service providers empower their customers to mitigate the risks of today’s evolving threat landscape. Security teams have more ways than ever to work smarter, rather than harder, to detect and block advanced threats, automate response and remediation, and reduce modern attack surfaces. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he describes five ways that AI is already improving today’s cybersecurity defenses. This webinar is ideal for cybersecurity professionals keen to leverage AI's transformative power in safeguarding digital assets.

Five Ways AI Improves Cybersecurity Defenses Today

Most security teams routinely leverage external threat intelligence, such as open-source feeds and commercial threat information from cyberthreat intelligence (CTI)  providers. However, intelligence may not always be relevant and applicable in the organization’s specific environment since the intelligence source may not align with the organisation’s own threat model. These challenges must be addressed to unlock the full potential of CTI programmes. Organisations must utilize threat information from both external and internal sources, e.g., commercial and open-source CTI in combination with self-generated intelligence based on own data.  

On 8 February 2024 join VMRay and ISC2 at 1:00 p.m. GMT as we delve into proven methods for customizing threat intelligence to bolster your organization's defenses. In this session, we will: 
- Explore how to tailor threat intelligence, making it more relevant to your organization’s specific challenges 
- Underscore the importance of in-house threat analysis in fortifying CTI capabilities 
- Examine how to effectively harness external resources, such as threat feeds and repositories, to gain a comprehensive understanding of the threat landscape 
- Provide insights on the relationship between threat actors and malware families, and how this knowledge can be leveraged to anticipate and mitigate potential threats

The Art of Threat Intelligence: How to Craft Custom CTI for Your Organisation

Join us for this live webinar where we’ll tell you all about newly enhanced Official ISC2 Online Self-Paced Training for ISSEP. Find out how it provides a clear-cut and comprehensive review of the domains for a more structured and intuitive learning experience. We’ll also share details about the new second path to earning the ISSEP.
We’ll cover:
• New Path to ISSEP Certification
• Enhanced ISSEP training benefits
• New study tools
• Education Guarantee
• And more!

Save your spot now.

ENHANCED! ISSEP Official ISC2 Online Self-Paced Training

Recruiting and retaining qualified IT security talent is a never-ending challenge. Seven in eight organizations are experiencing a shortfall, according to CyberEdge’s annual Cyberthreat Defense Report. This weighs heavily on the minds of IT security managers as ‘lack of skilled personnel’ is consistently rated as one of the top inhibitors to successfully defending networks against cyberthreats. So, what can smart security organizations do to mitigate the effects of this talent shortage? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he:

- Examines the shortage of IT security personnel by job role
- Proposes creative ways for recruiting new security talent
- Suggests clever ways for retaining the talent you already have
- Identifies technologies and services that enable security teams to do more with less

Strategies for Recruiting and Retaining Top IT Security Talent

The problem of alert fatigue is symptomatic of a plague within most SOC environments, regardless of the tools and platforms being used. The general process within the industry for driving and managing security incidents is broken. It’s time to change perspective and build into alert creation processes a better prioritization procedure. This can be done by aligning it to a more intelligent risk scoring approach and frameworks like MITRE ATT&CK and automation. Security teams will be better positioned to make use of their existing toolchain, scale people and processes, and deliver a much more effective security capability. Join this webinar to learn:
 
•The scale of alert overload and why organisations struggle with this problem. You are not alone
•How to combine risk based alerting, MITRE ATT&CK and automation to optimise security investigation and reduce alert fatigue
•Insights, learnings and benefits from SecOps teams that have already made this shift
•Tricks and tips to help you transform the security investigation process using your existing tools and industry frameworks

Curing Alert Fatigue with Risk Based Alerting, MITRE ATT&CK and Automation

MITRE ATT&CK

SecOps

Welcome to the virtualization community on BrightTALK! Whether it affects servers, storage, networks, desktops or other parts of the data center, virtualization provides real benefits by reducing the resources needed for your
infrastructure and creating software-defined data center components. However, it can also complicate your infrastructure. Join this active community to learn best
practices for avoiding virtual machine sprawl and other common virtualization pitfalls as well as how you can make the most of your virtualization environment.

Virtualization

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Curing Alert Fatigue with Risk Based Alerting, MITRE ATT&CK and Automation

Presented by

About this talk

More from this channel