Cyberthreat Game Changer: A New Look at Insider Threats

Criminal operations who operate advanced botnets have their own rules and secrets they don’t want reveled. They like to infect, hack and control victims without getting caught by law enforcements. Endpoint security is not enough to prevent zero-day malware attacks, so the research we do at Cisco has always been focused on the command and control centers. Having this aim, we managed to expose more than 20 unique C&C/Botnet servers dirty secrets in past years. These research articles are published in various cyber security magazines in Europe and Asia and have also been presented at cybersecurity conferences. Join Cisco and (ISC)2 on April 15, 2021 at 1:00PM BST as we reveal the busted famous botnets from inside and outside, with all the original source code, files, and logic behind those criminals. By revealing these busted C&C servers we will see and learn how serious they take this illegal business and have a chance to peek inside them. A list of the busted botnets we will reveal in this presentation includes:

*SilverFish Group Threat Actor Report

*Revealing Unique MitB Builder C&C Server

*NAS Botnet Revealed

It’s difficult to prescribe a one-size-fits-all approach to training your cybersecurity team. While cybersecurity training needs to be structured and adhere to industry standards, it also must be purposeful and tailored to your organization’s needs. No one organization has precisely the same security needs as another. However, many of the fundamentals of a training and education program apply across different organizations and sectors. Join (ISC)2 for a panel discussion on Tuesday, April 13, 2021 at 1:00PM Eastern as industry leaders share tips they’ve learned and strategies they’re working towards to conquer a secure and compliant cybersecurity training program. Areas for discussion will include:

· Who needs training

· Who is responsible for training

· Determining the curriculum

· Training and certification

· Ensuring training effectiveness

Be prepared for an hour well-spent and discover how to create a cybersecurity training plan that maps to your organization’s specific needs.

The ramifications of the SolarWinds incident continue to evolve as more details emerge about the impact it had on a wide range of organizations. A recent survey of more than 300 cybersecurity practitioners by (ISC)2reveals just how concerning the incident was and what these professionals recommend to shield organizations from similar supply chain threats. Join this panel discussion on March 30, 2021 at 1:00pm Eastern to hear anecdotes and best practices related to third-party technologies in the security stack, and how peers in cybersecurity leadership positions are future-proofing their defenses while planning for worst case scenario.

Cloud Security Posture Management (CSPM) is a bit of a hot topic right now, especially for anyone trying to meet the security requirements in a multi-cloud environment. Alarmingly, more than 30 billion customer records have been exposed due to cloud misconfigurations. Simply understanding what you need to worry about when developing a security plan for your infrastructure can be a real challenge. Join Aqua Security and (ISC)2 on March 30, 2021 at 1:00PM BST as we discuss common public-cloud challenges and what you need to do to address them:

· Working with complex cloud environments

· Avoiding misconfiguration of services

· Minimizing human error and how to stop configuration drift on cloud accounts

Clar Rosso, CEO of (ISC)2 shares the latest insights on what’s happening at our association. Join us for this quarterly update where we cover the latest developments at (ISC)2, ranging from certification to member benefits, continuing education and events, to major milestones and achievements.



Joining Clar this quarter is Dr. Casey Marks, chief product officer and VP of (ISC)2, to discuss the latest in Exams and certifications.

After a painful but relatively successful response to workplace changes driven by the pandemic, how well are those security measures working and what is next for the evolution of the SOC and endpoint security in specific? For most organizations, the future involves a larger remote workforce, of both full and part-time workers, including those in traditional HQ office roles. But many of the measures taken in response to pandemic conditions are proving less-than-ideal as long-term solutions. Join Infoblox and (ISC)2 on March 23, 2021 at 1:00PM GMT for a session that will draw on recent analyst reports and surveys conducted globally, with some EMEA specific call-outs, to help attendees to better understand…

· Which security alternatives are leaders considering as long-term solutions, and why?

· What techniques are helping to improve visibility for users and devices regardless of their location?

· Why are security leaders evolving methods for obtaining and using cyber threat intelligence?

· How can embracing automation improve response times and overall operational efficiencies?

(ISC)² Cybersecurity Experiences Series: One Year After The COVID-19 Outbreak

With the pandemic, our personal digital lives changed, but also our work has been catapulted into digital transformation. What role are humans having now? Why do we always say that humans are the weakest link and why we should start saying the opposite? During these difficult times, it is more than ever evident how humans are important to protect our networks. Understanding the human side of cyber security, gives an invaluable insight into understanding not only threat actors but our own colleagues and employees and how to build better strategies with human assets in mind to combat anything from insider threats to external malicious actors.

Sarka will walk you through some approaches to her engagements and how this knowledge can help you protect yourself, your loved ones as well as how useful it is for your organisation.

How do you shoot down a missile before it hits its target? That's the problem facing today's incident response teams. As cyberattacks increase in volume, velocity and complexity, the security operations center (SOC) handling incident response is the nexus for this challenge. A well-honed incident response operation that combined EPP+EDR, can deliver an impressive return on investment. In many data breach incidents, the cost is more than financial, and it is well known that the time cyber security teams take from the breach to containment is critical. With the stakes so high, how can your cyber security team shrink the time between detecting and handling cyber threats? Join SentinelOne and (ISC)2 on March 16, 2021 at 1:00pm BST as we cover these key questions and other areas such as:
· Why traditional protective approaches are no longer enough
· The importance of automation in the response process
· How to identify and establish key metrics in incident response
· Technical live demonstration of SentinelOne’s single agent, AI platform that helps cyber security teams to prevent, detect, respond and hunt threats in real time

Join us for (ISC)² Insights, a quarterly review of our association’s latest accomplishments. Each quarter, the (ISC)² Board of Directors Chairperson and CEO will update members on the association’s strategic roadmap, new achievements and milestones, the latest on our certifications, new professional development opportunities, member offers and more.

(ISC)² Cybersecurity Experiences Series: One Year After The COVID-19 Outbreak

It's been a year since the World Health Organisation (WHO) declared the COVID-19 outbreak as a Pandemic and even longer since the first case was recorded in the world. With total lockdowns lasting months in many parts of the word, organisations and individuals were forced to embrace the 'new normal'. Governments are reconsidering ways to ensure that their countries are stable, and businesses are trying to stay afloat. Nevertheless, while the world is focused on the health and economic threats posed by COVID-19, cybercriminals worldwide are undoubtedly capitalising on this crisis.

In a bid to support and secure a remote workforce, and ensure resiliency, there has been an increased investment in mobility, collaboration, and other remote working technologies and the adoption of cloud services. On the threat landscape, there was a significant shift in the frequency and magnitude of cybersecurity attacks and data breaches on SMEs, health institutions, public, private, financial and non-financial institutions globally.

In 2021, while the economic and social situation will largely remain the same in most parts of the world, although with a much positive outlook given vaccines' development in different countries, there is likely to be a significant increase in cybercriminals' activities. Therefore, an introspection into the lessons learnt, highs and lows in the past one year will help us develop foresight and adequately prepare as we progress in 2021 and beyond.