Hi [[ session.user.profile.firstName ]]

Managing Shadow IT Realities with A Remote Workforce

Business teams have been enabled by technology solutions effectively so that their reliance on centralized teams such as IT and security has decreased significantly. The cyber threat landscape continues to evolve and organizations need to be prepared to identify vulnerabilities and points for exposure, including unforeseen shadow IT applications. As businesses have been forced to adapt to new working realities, how has the shift to a remote workforce impacted businesses' ability to identify undocumented systems and vulnerabilities? Join One Trust and (ISC)2 on Thursday, July 28, 2020 at 1:00PM BST as we discuss some of the contributing factors to shadow IT, the potential impacts and risk exposure, and some best practices in protecting stakeholders across the business. We’ll also examine:

· Key roles and responsibilities to align an effective defense in your risk management program

· Identify processes that fuel and encourage shadow IT practices

· Best practices to engage line of business employees to educate and promote cyber threat awareness
Recorded Jul 28 2020 61 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Scott Bridgen, GRC Consulting Director, One Trust; Brandon Dunlap, Moderator
Presentation preview: Managing Shadow IT Realities with A Remote Workforce

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • The Cloud Gambit: Advanced Moves for a Cloud Security Career Nov 17 2021 6:00 pm UTC 59 mins
    Keatron Evans, Dave Hatter, Charlie Platt
    Taking the step toward earning the (ISC)² Certified Cloud Security Professional (CCSP) credential puts you on a path to excel as an expert in cloud security. CCSP empowers individuals and organizations with the highest level of mastery in cloud security.

    But how do you get started? How do you prepare? And why…what tangible benefits will you gain? Join (ISC)² for a panel discussion as industry professionals share their stories, experience and tips toward preparing for the Certified Cloud Security Professional certification. Areas for discussion will include:

    - Why you should consider CCSP
    - How to prepare for CCSP
    - How CCSP can accelerate your career progression
  • Hybrid Cloud – Avoiding a Worst of Both Worlds Outcome Oct 14 2021 12:00 pm UTC 60 mins
    Ian Farquhar, Global Field CTO and Director of the Security Architecture Team, Gigamon; Brandon Dunlap, Moderator
    Most organisations plan cloud migrations, but few achieve a full migration to the cloud, ending up with a hybrid deployment. This works for many, but for others it can be a “worst of both worlds” situation, with differing toolsets, increased costs, inconsistent visibility for security, operations and compliance leading to risk and issues. Some organisations are even repatriating workloads back from the cloud: not a good outcome. How can you benefit from a hybrid deployment, and avoid the downsides?

    Join Gigamon and (ISC)2 on October 14, 2021 at 1 p.m., BST when we will discuss how hybrid networks can be architected to deliver operational capabilities, security outcomes and compliance requirements.
  • Keeping Ransomware Attacks at Bay with DNS Oct 12 2021 12:00 pm UTC 60 mins
    Senad Aruc, Lead Technical Solutions Architect; Ivan Berlinson, Consulting Systems Engineer;Brandon Dunlap, Moderator
    Ransomware currently dominates the headlines and is top of mind for many. DNS can be used to improve protection against ransomware campaigns and speed up investigations of such incidents. In this session, we’ll share fresh tactics, techniques, and procedures (TTPs) used by ransomware actors which actively adopt advanced persistent threat (APT)-style tactics and evasion techniques. These actors’ goals have shifted from deploying ransomware on a few vulnerable machines to achieving persistence in the network and causing maximum damage to push victims into paying the ransom.

    On October 12th, 2021 at 1 p.m. BST, join the Cisco Umbrella team and (ISC)2 as they share DNS-based classifiers developed by Cisco and discuss their approach to building them based on changes in the threat landscape.
  • WAAS-up with Web App and API Security? Sep 30 2021 12:00 pm UTC 60 mins
    Scott McAndrew, Cloud Native Security Engineer - Prisma Cloud, Palo Alto Networks; Brandon Dunlap, Moderator
    The very thought of web application security usually elicits strong feelings of dread. This is an area of security which oftentimes requires specialist knowledge and intimate understanding of our business application architecture. In parallel to this conundrum, the long-broken dawn of cloud technologies, and in turn, cloud-native applications has monumentally exploded the number of web applications available to us all today. Web application security as we know it can be difficult to adapt to this paradigm because it has its roots in legacy architectures that were very static in nature. Join Palo Alto Networks and (ISC)2 on September 30, 2021 at 1:00 p.m. BST as we explore how modern microservices-based web applications work and the unique security challenges that arise from this otherwise exciting new world. We will not only discuss the capabilities of Prisma Cloud, but to keep things interesting there will be a live demo of a microservices-based application which we will attack.
  • Mobile Threats: What Can Hide Beneath Your Apps & How to Get Rid of Them Sep 28 2021 12:00 pm UTC 60 mins
    Adrian Korczyński, Cyber Security Business Unit Dir; Michał Olawski, Cyber Security Department Dir; Brandon Dunlap, Mod
    Mobile security threats can affect both Android and iOS devices. In this webinar on September 28, 2021 at 1 p.m, BST, (ISC)2 and Comarch will explore the most dangerous security vulnerabilities on these platforms. We will start from common problems like root and jailbreak which are very often the beginning of attack that leads to serious financial loses.

    Then, we will compare different threats to find the most dangerous for our customers in terms of financial/business loses. The webinar shall provide details of heuristic and AI based solutions in terms of accuracy according to rapid changes of vector attack as well as Android/iOS platform capabilities comparison in terms of security gaps. Finally, we will go through best security practices to detect and prevent such threats on each platform. Described technics and mechanisms will help to choose between most common security solutions on the market.
  • How Can European Organizations Reduce the Risk of Becoming a Ransomware Victim? Sep 23 2021 12:00 pm UTC 60 mins
    Chris Poullin, Bitsight Director, Technology & Strategy / Deputy CTO; Brandon Dunlap, Moderator
    Ransomware is an epidemic. BitSight Research analyzed hundreds of ransomware incidents and billions of security performance observations, creating sector and industry-specific analysis along with security program recommendations that we want to share with you. Join (ISC)2 and Bitsight on September 23, 2021 at 1 p.m., BST when we’ll share:

    How Ransomware in Europe is increasing

    How security professionals in Europe reduce the risk of becoming a ransomware victim and which practices are effective in minimizing risk.

    New sector-specific insights from BitSight’s Data Science team tied to recent ransomware trends.

    Security performance gaps and challenges that lead to successful ransomware incidents.

    Vulnerabilities that indicate heightened risk of ransomware.

    Programmatic areas that security professionals should address to reduce the likelihood that they will be a victim of a ransomware incident.
  • CISSP- Tales of the Unexpected Sep 21 2021 5:00 pm UTC 60 mins
    AJ Yawn, Jerome Leach and Angus Macrae
    When you tell people you’re thinking about CISSP, you’ve probably been told:

    • CISSP is globally renowned - those holding it are highly sought-after.
    • Achieving certification means you get paid more.
    • CISSP is HARD to earn.
    • It’s a LONG exam.

    But what you probably haven’t heard are the unexpected surprises along the way CISSPs never imagined in their certification journey. For example, learning that CISSP is a broad certification that focuses on governance: Do you understand the technology? The people? The management?

    Join us for a panel discussion as CISSP-certified members share their personal stories and the unanticipated ways certification continues to benefit their careers. After all is said, you’ll be amazed at what CISSP can do for you in your professional growth and career.

    Hear expert insights from: AJ Yawn, Jerome Leach and Angus Macrae
  • A Deep Dive into the Operations of the LockBit Ransomware Group Sep 21 2021 12:00 pm UTC 60 mins
    Senad Aruc, Lead Technical Solutions Architect at Advanced Threats, Cisco; Brandon Dunlap, Moderator
    Ransomware has become one of the most disruptive forms cyberattack this year. It was back in 2017 with the global WannaCry outbreak that we first saw the severe disruption the malware could cause, and in 2021, nothing seems to have changed for the better.

    On September 21, 2021 at 1 p.m., BST join Cisco and (ISC)2 as we take an in-depth look at how LockBit, one of the newer ransomware groups on the scene, operates-- from how they select their targets to how many targets did they breach. We’ll also discuss the most accurate metrics and visibility of a well-known ransomware group structure. In addition, we’ll share more about the threat actors and their operations. Several countermeasures will be provided along with the vulnerabilities used in ransomware cases. #DontPanicDontPay
  • How Technology Can Drive Cultural Change in Today’s ‘New HQ’ Recorded: Sep 16 2021 60 mins
    Andrew Rose, Resident CISO, EMEA; Michael Bailey, Senior Product Marketing Manager, Proofpoint; Brandon Dunlap, Moderator
    Culture is an intrinsic part of what makes us human – it encompasses the social behaviour and norms found in human societies and their individuals. And, in an ‘always on’ digital society, that can only mean one thing – We Click! We click to open potentially malicious emails, infected files. We click to share information and then we click to share a bit more – all in a simple click of a button. On September 16, 2021 at 1:00 p.m. BST, join Proofpoint and (ISC)2 as we explore how cultures are formed and influenced by digital, social media, and what role technology has to play in allowing organisations to drive security awareness and cultural change in today’s ‘NEW HQ’.
  • DoD 8570 and Beyond: (ISC)2 Certifications to Get Your Team in Compliance Recorded: Sep 15 2021 50 mins
    Mirtha Collin, Elizabeth Cardona
    The U.S. Department of Defense (DoD) Directive 8570.1 requires every full- and part-time military service member, defense contractor, civilian and foreign employee with "privileged access" to a DoD system — regardless of job series or occupational specialty — to get an approved IA baseline certification. Which certifications are the right fit for your team?

    Government agencies have trusted (ISC)² to train and certify their cybersecurity personnel for more than two decades. With the recent addition of (ISC)2 Certified Cloud Security Professional (CCSP) and HealthCare Information Security and Privacy Practitioner (HCISPP) certifications, the entire portfolio of (ISC)² certifications now meet the requirements for different security workforce categories within the Department, depending on the functional area the role covers. Discussion topics include:

    • How to Become DoD 8570 Compliant
    • (ISC)2 Certifications Overview: IA Baseline Certification Requirements
    • How to Maximize Your Training and Certification Budget
    • Keep Your Team’s Cybersecurity Skills Sharp

    Be prepared for 45 minutes well-spent and discover how (ISC)2 can help you train and certify your team to become DoD 8570 compliant.
  • Go Dox Yourself! Practical Security Awareness Training Recorded: Sep 2 2021 61 mins
    Zoe Lindsey, Security Strategist, Duo Security at Cisco; Brandon Dunlap, Moderator
    News reports on doxxing (the practice of researching private or identifying information about someone online, typically with the intent to publicize it) have increased exponentially over the last several years. While most of these reports focus on exposed individuals involved in high-profile or controversial current events, these same investigative methods are used by bad actors every day when researching targets for tailoring spearphish and other human-based attacks. Since many of the public records and social media resources used for this research fall outside the scope of the workplace, keeping corporate users safe requires arming them with education they can keep using when they leave the office. Join Duo Security and (ISC)2 on September 2, 2021 at 1:00p.m. BST for this webcast as we provide an introduction to doxxing, what tools attackers reach for first, and how researching as an attacker teaches valuable skills to make a harder target.
  • Inside (ISC)2: Updates on Global Events Program Recorded: Aug 31 2021 59 mins
    Clar Rosso, CEO, (ISC)2; Megan Gavin, Director, Events, (ISC)2
    Clar Rosso, CEO of (ISC)2 shares her insights on what’s happening at our association. Join us for this quarterly update in which we cover the latest developments at (ISC)2, ranging from certification to member benefits, continuing education and events, to major milestones and achievements. On August 31, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific, Megan Gavin, Director of Events at (ISC)2 joins Clar to provide an overview of what to expect at this year’s annual Security Congress taking place this October 18-20, as well as the new global (ISC)2-hosted events being planned for 2022.
  • Improve Performance & Minimise Risk of Burnout:Think Consciously About Self-Care Recorded: Aug 24 2021 57 mins
    Megan Sowney, MD, Wrkit, Jason Brennan, Psychotherapist and Director of Leadership, Wrkit
    Brought to you by (ISC)² and your Member Perks provider in EMEA, WrkIt, this session is designed to review the mental challenges of working in Cyber Security, giving you an opportunity to share your own experiences, and to listen to expert Jason Brennan’s advice on the steps you can take to perform better, every time.

    The session is supported technically by POWR, Wrkit’s digital Wellbeing solution, that is available to all (ISC)² members in the EMEA region as part of your Member Benefits. POWR encourages you to take 5 mins a day to score yourself, then set clear objectives on improving – all with guided professional advice, and all with the intention of improving focus, reducing fatigue and maintaining a razor sharp mindset.
  • Inside (ISC)² Quarterly Board Update, 2021 (Q3) Recorded: Aug 20 2021 14 mins
    Zachary Tudor, CISSP, (ISC)² Board of Directors Chairperson and Clar Rosso, CEO, (ISC)²
    (ISC)² Board of Directors Chairperson, Zachary Tudor, CISSP and CEO Clar Rosso update members on accomplishments in Q3 of 2021 including the association’s strategic roadmap, new achievements and milestones, the latest on our certifications, new professional development opportunities, member offers and more. The Q3 2021 update includes membership milestones, association accreditations and new executive leadership focused on member benefits and advocacy. (ISC)² continues to concentrate on global diversity, equity and inclusion initiatives and examining the workforce gap.
  • The 'Hottest' IT Security Technologies in 2021 Recorded: Aug 18 2021 59 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    Want to know which IT security technologies are hot and which ones are not? Join Steve Piper, Founder & CEO of CyberEdge (and a proud CISSP), and (ISC)2 as Steve reviews key purchase insights from the 2021 Cyberthreat Defense Report. Specifically, this webcast will identify those security technologies most widely deployed and most planned for acquisition in 2021 so you can benchmark your company’s current and planned investments against your peers. We'll review adoption rates of emerging technologies, such as ZTNA and SASE, and examine purchase intent across five key security technology categories, including:

    • Network security
    • Endpoint security
    • Application and data security
    • Security management and operations
    • Identity and access management
  • Rise of Machines: Protecting your Machine Identities Recorded: Aug 17 2021 61 mins
    Kevin Bocek, VP, Security Strategy & Threat Intelligence, Venafi; Brandon Dunlap, Moderator
    The number of machines of all types – from Kubernetes, to cloud, to IoT – is on the rise. Every machine requires an identity – SSL/TLS, SSH, and code signing keys and certificates – that control encryption, authentication, and code execution. Too often these powerful security controls are left unprotected. Compromise, misuse, and fraud of machine identities are already prime attack vectors for hackers targeting supply chain weaknesses. And errors create debilitating outages and millions in lost business. For all these reasons and more, Gartner has named Machine Identity Management a top trend for 2021. Join Venafi and (ISC)2 on August 17, 2021 at 1:00 p.m. BST for an examination of how machine identities are the new perimeter.

    Attend this session to learn:

    · The top machine identity attacks targeting your organisation and software supply chain

    · How SSL/TLS, SSH, and code signing keys and certificates are left unprotected

    · How machine identities fail and cost millions in outages

    · Why most organisations are not prepared to use machine identities at speed

    · Three things your organisation can do today to stay #fastsecure with Machine Identity Management
  • The Cloud Gambit: Advanced Moves for a Cloud Security Career Recorded: Aug 3 2021 59 mins
    Keatron Evans, Dave Hatter, Charlie Platt
    Taking the step toward earning the (ISC)² Certified Cloud Security Professional (CCSP) credential puts you on a path to excel as an expert in cloud security. CCSP empowers individuals and organizations with the highest level of mastery in cloud security.

    But how do you get started? How do you prepare? And why…what tangible benefits will you gain? Join (ISC)² for a panel discussion as industry professionals share their stories, experience and tips toward preparing for the Certified Cloud Security Professional certification. Areas for discussion will include:

    - Why you should consider CCSP
    - How to prepare for CCSP
    - How CCSP can accelerate your career progression
  • Micro-Segmentation Should Not Be on an Island Recorded: Jul 29 2021 57 mins
    Raghu Nandukamara, Field CTO, Illumio; Adam Brady, Director, Systems Engineering, Illumio; Brandon Dunlap, Moderator
    Micro-segmentation can allow security architects to divide data centers into unique security segments (as far down as individual workload levels) but requires integration and an understanding of where your applications are located to improve and manage them. Join Illumio and (ISC)2 on July 29, 2021 at 1:00 p.m. BST when Illumio's Field CTO Raghu Nandukamara will join forces with Adam Brady, Director Systems Engineering to discuss areas such as:

    o How to make friends with your CMDB data through visualization

    o The best way to leverage the user context to secure access

    o If you can better support your SOC through event data
  • Someone Else's Computer: On-Prem vs. Cloud Security Recorded: Jul 27 2021 60 mins
    Ell Marques, Linux and Security Advocate, Nicole Fishbein, Researcher, Brandon Dunlap, Moderator
    A common joke in the infosec community is that there is no cloud, only someone else's computer.

    If this is true, then it would stand to reason that security for on-premise and cloud workloads would be the same. But, unfortunately, attempting to lift and shift not only workloads but also security practices has led to over a decade of data breaches.

    Unlike on-premise data centers, cloud resources are disposable with a lifespan of a matter of seconds to minutes, leaving security teams without any visibility to what they should be protecting.

    On July 27th, 2021 at 1:00 p.m, BST, join Intezer Labs and (ISC)2 to discuss how companies can adapt their security postures to the ever-changing cloud landscape.
  • Key Results from the 2021 Cloud Security Report Recorded: Jul 20 2021 59 mins
    Holger Schultze and Steve Prentice
    The 2021 Cloud Security Report, sponsored by (ISC)2, explores current cloud security trends and challenges, how organizations are responding to security threats in the cloud and reveals tools and best practices organizations are considering.

    Based on a comprehensive survey of 783 cybersecurity professionals conducted in early 2021 to uncover how cloud user organizations are responding to security threats in the cloud, and what training, certifications and best practices IT cybersecurity leaders are prioritizing in their move to the cloud.

    Join (ISC)2 on July 21, 2021 at 1:00PM Eastern for highlights of the results and to get key insights including:
    •A majority of cybersecurity professionals (96%) confirm they are at least moderately concerned about public cloud security, a small increase from last year’s survey.
    •For the second year in a row, the key barrier to cloud adoption, organizations mention was a lack of qualified staff (39%) as the biggest impediment to faster adoption.
    •More than half of organizations (57%) expect their cloud budgets to increase over the next 12 months.
    •When asked how organizations rate their overall security readiness, 73% rate their team’s security readiness average or below average. Of those, 78% believe their teams would benefit from cloud security training and/or certification.
(ISC)² Security Briefings - EMEA
(ISC)² Security Briefings EMEA offers members in Europe, the Middle East and Africa a chance to learn about the latest trends, tools and best practices in cyber, information, software and infrastructure security while earning CPEs

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Managing Shadow IT Realities with A Remote Workforce
  • Live at: Jul 28 2020 12:00 pm
  • Presented by: Scott Bridgen, GRC Consulting Director, One Trust; Brandon Dunlap, Moderator
  • From:
Your email has been sent.
or close