Hi [[ session.user.profile.firstName ]]

Inside (ISC)² Quarterly Board Update, 2021 (Q2)

(ISC)² Board of Directors Chairperson, Zachary Tudor, CISSP and CEO Clar Rosso update members on accomplishments in Q2 of 2021 including a significant increase in professional development opportunities, record numbers of exam offerings, and sharing new research findings to help fill the cybersecurity profession pipeline. Tune in to hear what the organization has planned for the rest of 2021, including an update on this year’s (ISC)² Security Congress event.
Recorded May 6 2021 15 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Zachary Tudor, CISSP, (ISC)² Board of Directors Chairperson and Clar Rosso, CEO, (ISC)²
Presentation preview: Inside (ISC)² Quarterly Board Update, 2021 (Q2)

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Key Insights from the 2021 Cloud Security Report Jul 20 2021 5:00 pm UTC 60 mins
    Holger Schultz and Steve Prentice
    The 2021 Cloud Security Report, sponsored by (ISC)2, explores current cloud security trends and challenges, how organizations are responding to security threats in the cloud and reveals tools and best practices organizations are considering.

    Based on a comprehensive survey of 783 cybersecurity professionals conducted in early 2021 to uncover how cloud user organizations are responding to security threats in the cloud, and what training, certifications and best practices IT cybersecurity leaders are prioritizing in their move to the cloud.

    Join (ISC)2 on July 21, 2021 at 1:00PM Eastern for highlights of the results and to get key insights including:
    •A majority of cybersecurity professionals (96%) confirm they are at least moderately concerned about public cloud security, a small increase from last year’s survey.
    •For the second year in a row, the key barrier to cloud adoption, organizations mention was a lack of qualified staff (39%) as the biggest impediment to faster adoption.
    •More than half of organizations (57%) expect their cloud budgets to increase over the next 12 months.
    •When asked how organizations rate their overall security readiness, 73% rate their team’s security readiness average or below average. Of those, 78% believe their teams would benefit from cloud security training and/or certification.
  • Cybersecurity Risk for SMB - Defending your Business from Big Threats Jul 13 2021 12:00 pm UTC 60 mins
    Patrick Magat, Services Director EMEA, CrowdStrike; Brandon Dunlap, Moderator
    In a small or medium-sized business, you probably wear many different hats: VP of logistics one day, head of social media the next, and IT trouble-shooter the day after that. Are you comfortable wearing the Chief Information Security Officer hat for your business? While most reporting on cyberattacks focuses on the impacts to large companies, the truth is that small businesses are not immune. eCrime groups know that small businesses rarely have the resources to defend themselves in the same way as large enterprises, which can make them lucrative targets for ransomware and cyber extortion. Join CrowdStrike and (ISC)2 on July 13, 2021 at 1:00 p.m. BST as CrowdStrike’s Patrick Magat examines the cyber threats that target small businesses, sharing real-world examples plucked from the CrowdStrike case files. This will set the stage for a discussion of the building blocks of a successful cyber defence, and practical guidance for defending your business. We’ll also cover:

    · Common cybersecurity misconceptions for small business

    · Real-world case studies of cyber intrusions and what could have been done to stop them

    · The basic structure of a successful cybersecurity program, including next-generation prevention, threat hunting, investigation and real-time response

    · How small businesses are using managed services to see, stop and prevent determined attackers, skipping the burden of building and managing a program themselves
  • 10 Essential Steps to Rethinking Risk Assessments Jul 8 2021 12:00 pm UTC 60 mins
    Charles Allen, CIPP/E, InfoSec Consulting Manager, OneTrust GRC; Brandon Dunlap, Moderator
    Do you spend countless hours assessing businesses risk, stuck in spreadsheets, sift through emails to find the most up-to-date information? After gathering all the necessary information from your line of business, you still need to review, validate, analyze, and assigned a risk score. All of this must be done before actionable insights can be drawn or mitigation efforts can take place. There is a significant gap in how risk is assessed and rate at which your business operates today. As your program evolves, the need to simplify the risk assessment process becomes unavoidable. But a common reality is that as your business continues to develop, risk assessment practices and resources have largely remained the same. It’s not as simple as getting a risk management tool; it’s about finding the right technology to adapt your processes in line with your current risk landscape and business objectives. On July 8, 2021 at 1:00 pm BST. OneTrust GRC and (ISC)2 will review risk assessment best practices businesses should consider based on leading industry standards from ISO 31000, NIST CSF, and the latest DOJ Corporate Compliance Guidance. We will also share how to:

    · Familiarize yourself with proven best practices and new perspectives on risk assessments

    · Identify opportunities to collect risk insights in context through an automated questionnaire process

    · Streamline risk identification with automation rules tied to your risk methodology
  • Unit 42 Cloud Threat Report: The Covid Conundrum Jun 29 2021 12:00 pm UTC 60 mins
    Ashley Ward, Technical Director, Office of the CTO, Palo Alto Networks; Brandon Dunlap, Moderator
    In the latest edition of the biannual Unit 42 Cloud Threat Report, researchers analyzed data from hundreds of cloud accounts around the world between October 2019 and February 2021 to understand the global impact of COVID-19 on the security posture of organizations. In response to the global pandemic, organizations globally increased their cloud workloads by more than 20%, leading to an explosion of security incidents. This led to the conclusion that rapid cloud scale and complexity without automated security controls embedded across the entire development pipeline are a toxic combination. Join Palo Alto Networks and (ISC)2 on June 29, 2021 at 1:00p.m. BST for a discussion that provides a deep dive into the findings. Topics covered will include:

    - How the latest cloud threats may be affecting your organization

    - Which industries suffered a spike in security incidents in light of the pandemic

    - Best practices your organization can apply today to stay protected
  • Igniting Passion for Diversity, Equity and Inclusion (DEI) Jun 23 2021 5:00 pm UTC 60 mins
    Clar Rosso, CEO, (ISC)2; Dr. Kevin Charest and Samara Moore, (ISC)2 Board Members
    With the onset of social justice movements and awareness of racial and gender inequality around the globe, many organizations and leaders are recognizing the need to dig deeper and lead the charge for their stakeholders and communities for lasting transformation. Yet, what makes diversity and inclusion—seemingly so simple—so complicated and difficult to achieve? What are some of the key challenges and tensions that often arise throughout the inclusion journey? And, how can leaders ignite the passion needed to face these challenges? Join (ISC)2 on June 23, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as Clar Rosso, (ISC)2 CEO joins with cyber industry leaders to explore these paradoxes, challenges and high-impact solutions and what it takes to achieve a truly diverse and inclusive cyber profession; one that weaves inclusion into everything it does.
  • Countering Threat Evasion: You Cannot Stop What You Cannot See! Jun 22 2021 12:00 pm UTC 60 mins
    Bob Hansmann, Sr. Product Marketing Manager - Security, Infoblox; Brandon Dunlap, Moderator
    Cybercriminals must become masters of evasion if they are to be successful. Many threats, such as APT’s, are designed to remain hidden for weeks or longer as they slowly monitor their victim, compromising select information in a way that is also intended to go unnoticed. Others, like ransomware, may only need to hide their malicious intentions long enough to infect and begin encryption processes. And even when these attacks trip some defensive sensor, it can take analysts days to investigate and launch an effective incident response, often too late to prevent significant damage. Join Infoblox and (ISC)2 on June 22, 2021 at 1:00 p.m. BST as we assess evasion methodologies and the value of DNS, with some unique EMEA callouts, to counter them across the kill chain including:

    • Why does DNS visibility expose threat activity other solutions miss?

    • How can DNS visibility be used to make other solutions more effective?

    • What role does DNS play in investigation and response?
  • PAM: Foundational Security for Business Transformation Jun 15 2021 12:00 pm UTC 60 mins
    Morey J. Haber, CTO & CISO, BeyondTrust; Brandon Dunlap, Moderator
    As businesses constantly evolve and grow, so does an organization's attack surface. The pace and velocity of technology transformation in enterprises has created a difficult environment for security teams to defend against complex threats. Join BeyondTrust and (ISC)2 on June 15, 2021 at 1:00 p.m. BST for a webinar where will examine how Privileged Access Management (PAM) can support the security team as an enabler to digital transformation, while providing one of the most effective ways to stop lateral movement by threat actors.

    Key topics to be covered include:

    · What Is Digital Transformation and why should we care about it?
    · Why automation isn’t just for the business
    · How to mitigate identity risk with Privilege Access Management
  • Rage Alongside the Machines - Advice for Automating Investigation and Response Recorded: Jun 10 2021 63 mins
    Sam Humphries, Exabeam; Jessica Cholerton, Exabeam; Brandon Dunlap, Moderator
    If the idea of automating breach response fills you with a sense of uneasiness, you’re definitely not alone. But the flipside of doing everything manually isn’t ideal either…and can actually bring more risk to a situation, especially during a major incident. On June 10, 2021 at 1:00 p.m. BST, Join Sam and Jess (aka The Real Housewives of Automation) of Exabeam and (ISC)2 for a session where we will explain where, how and when automation can help you investigate and respond quickly, accurately, and without creating a LinkedIn profile updating moment. We’ll also examine:

    · End to end automated vs manual response – a look into a real breach through two different lenses
    · The machines are our friends – how automation will help your team thrive
    · Raging alongside the machines – how to get the right balance
    · Investigation and response automation – where to start and how to finish
  • Securing Trust – How the Security Leader Enables Business Outcomes Recorded: Jun 8 2021 59 mins
    Helen Patton, Advisory CISO, Duo Security at Cisco; Brandon Dunlap, Moderator
    What is the value of trust for a company, and what role does a security leader play in order to enable it? On June 8, 2021, at 1:00 p.m. BST, Duo Security Advisory CISO Helen Patton and (ISC)2 will discuss the factors that make a company trustworthy, and how a security team builds trust within an organization. We will review the Cisco Security Outcomes Study and consider the trust-based activities that enable positive security outcomes. Attendees will be provided with actionable suggestions for improving security and trust in their organization.
  • 5 Steps to Overcome Data Overload: Using Data Discovery to Standardize Risk Recorded: Jun 3 2021 58 mins
    Scott Bridgen, Head of GRC, OneTrust GRC; Brandon Dunlap, Moderator
    Every organization is working to reduce the delay between issuing a risk assessment, receiving a response, gaining risk insight, and making a risk-based decision. Risk insights quickly lose value as time elapses from the initial assessment request. Businesses should leverage the digital workstreams to collect information as updates occur using data discovery tools to find, document, and classify in real-time. Join OneTrust GRC and (ISC)2 on June 3, 2021 at 1:00 pm BST as we explore how to quickly connect enterprise data through automated data discovery and translate the data into meaningful risk insights. We’ll also examine how to:

    · Identify data across business applications for the latest risk insights.

    · Automatically categorize information to deliver meaningful insights across risk, compliance, and your executive teams

    · Explore a new way to quantify risk using risk formulas to aggregate and standardize risk using real-time data points
  • Analyzing a Year of Chaos and Courage: CrowdStrike’s 2021 Global Threat Report Recorded: Jun 1 2021 61 mins
    Zeki Turedi, CTO for Europe, Middle East & Africa, Crowdstrike; Brandon Dunlap (Moderator)
    In a year when a global pandemic significantly changed how and where we work, the CrowdStrike 2021 Global Threat Report has never been more highly anticipated. This year, the report exposes how cyber adversaries have exploited the situation, accelerating attacks and introducing increasingly damaging tactics, techniques and procedures. On April 13, 2021 at 1:00Pm BST, CrowdStrike Technology Strategist, Zeki Turedi and (ISC)2 will examine the notable threats, events and trends in the report, including pragmatic recommendations to help you better defend against cyberattacks in 2021 and beyond. We'll also examine:

    · How the COVID-19 pandemic has changed cybersecurity

    · How "big game hunters" are targeting the healthcare sector

    · Significant nation-state-based targeted attacks and operations observed from China, Iran, DPRK, Russia and others

    · The CrowdStrike eCrime Index and how it measures the strength of the cybercriminal market over time
  • 5 Key Takeaways from Cisco Live Recorded: May 27 2021 56 mins
    Senad Aruc, Lead Technical Solutions Architect at Advanced Threats, Cisco; Brandon Dunlap, Moderator
    This year, Cisco hosted the first global, virtual Cisco Live 2021 event. Customers from all around the world converged virtually to experience the latest technology innovations, network with peers and colleagues, and find out what Cisco has in store for 2021. We will cover the latest hot topics within cybersecurity including how companies are protecting their workforce remotely; what the future of work looks like and how companies are shifting towards a cloud security which including trends that we have seen emerging with SASE. Join Cisco and (ISC)2 on May 27, 2021 at 1:00 p.m. BST as we discuss the key takeaways on Cloud Security arrived at during the Cisco Live 2021 event.
  • Without a Trace: The Dangers of Fileless Malware in the Cloud Recorded: May 25 2021 58 mins
    Ell Marquez, Linux and Security Advocate, Intezer Labs; Brandon Dunlap, Moderator
    Every day, wars are being waged on invisible battlefields. The enemy is hiding and stealthily leveling its attacks from within. This formidable foe isn’t an opposing army. It may very well be a single malicious actor, or a state-sponsored group of hackers. Without a trace of their tools left on the disk, attackers are storing the code in memory–resulting in infamous Fileless Malware. If successful, the best case scenario outcome is a tarnished reputation; the worst, significant (and potentially irreparable) damage to a brand and its business. Join Intezer Labs and (ISC)2 on May 25, 2021 at 1:00 pm BST for a discussion on how attacks like these can cripple an organization without its security team ever knowing it.
  • A Risk Based Approach to Security Performance Recorded: May 20 2021 60 mins
    Nuno Almeida, Consulting Engineer, EMEA, BitSight; Brandon Dunlap, Moderator
    Communicating Cybersecurity for non-technical users is a common challenge across organizations, who commonly perceive cybersecurity as a needed expense and cost center. Leveraging a Risk Based approach, such as the one provided by Security Ratings, allows you to better understand and communicate risks coming from gaps in your Security Program, prioritize and justify investments to the business, bridging the gap to technical stakeholders acting upon the cybersecurity issues and incidents. Join BitSight and (ISC)2 on May 20, 2021 at 1:00 p.m. BST as we look at how Security Ratings can provide an unbiased metric to your external security performance, while complementing your operational tools with both an operational view, and a strategic perspective to prioritize your greatest risks, measure performance, and communicate to stakeholders.
  • Building Your Cybersecurity Bench: (ISC)2’s Cybersecurity Career Pursuers Study Recorded: May 18 2021 59 mins
    Clar Rosso,(ISC)2 CEO;Emilie McLaughlin,VP,HR Centers of Excellence;John Carnes,Information Security Pro;Brandon Dunlap,Mod
    As organizations continue to struggle to find trained cybersecurity professionals to build out their teams, recruiters and hiring managers may need to adjust the tactics they use to proactively identify internal and external candidates. Developing bench strength by targeting candidates who have transferable skills can lead to long term depth and stability on security teams. Understanding who to look for and managing their expectations of what cybersecurity roles entail is critical to success. Join Clar Rosso, CEO of (ISC)2 on May 18, 2021 at 1:00 p.m, Eastern/10:00 a.m. Pacific as she provides an overview of the 2021 (ISC)2 Cybersecurity Career Pursuers Study, which surveyed both experienced cybersecurity professionals as well as jobseekers considering a career in the field. The study examines such topics as which tasks and experiences make a cybersecurity professional successful, the value of mentorship, at what point in their careers pursuers seem likely to seek a cybersecurity path, what attracts people to the profession and which qualities rank as strong indicators of future success for team members.
  • MITRE ATT&CK Mania: A Guide to Understanding Vendor Positioning & Why it Matters Recorded: May 18 2021 55 mins
    Lloyd Webb, VP Sales Engineering, EMEA & APJ, SentinelOne; Brandon Dunlap, Moderator
    The MITRE Engenuity ATT&CK Framework has become an integral part of IT security. Every year, MITRE Engenuity tests the most important Endpoint Detection & Response (EDR) manufacturers and checks how well they perform in a real attack scenario (the ATT&CK Evaluations). Every year the results are eagerly awaited as they are an important decision-making tool for companies when determining their security strategy. On May 18, 2021 at 1:00 p.m. BST, SentinelOne and (ISC)2 will provide detailed insight into the criteria used for the evaluation, the latest results and how they should be interpreted. We’ll also examine:

    · Why the ATT&CK evaluation is relevant for your company

    · How the ATT&CK evaluation is tested

    · How to evaluate the results most effectively

    · How SentinelOne compares to other manufacturers
  • Practical steps to Privileged Access Management: Beyond Password Managers Recorded: May 13 2021 61 mins
    Joseph Carson, Chief Security Scientist & Advisory CISO, Thycotic; Brandon Dunlap, Moderator
    With up to 80% of cyber security breaches due to compromised credentials, more organisations than ever are prioritising privileged access security. This is reflected by Gartner as they have ranked Privileged Access Management (PAM) as the #1 security project for organisations for two years in a row. With the added challenge of cloud applications and services accelerating, organisations across the globe must understand and manage the challenges posed by privileged access from remote employees, third parties, and contractors. Join Thycotic chief security scientist and author Joseph Carson and (ISC)2 on May 13, 2021 at 1:00PM BST as he examines the key differences between Password Managers and Privileged Access Management and explaining why Password Managers are not enough to protect your privileged access. But we won’t stop there, Joseph will then guide you through the practical approach on how to define and implement privileged access cloud security best practices. We’ll also look at:

    · The importance of protecting privileges not just user passwords

    · Why Password Managers are not sufficient to protect your privileged accounts

    · Key difference between Password Managers and Privileged Access Management

    · Best practices for securing cloud privileged access

    · Proven approach to implementing secure privileged access for remote workers and third parties
  • Key Insights from CyberEdge’s 2021 Cyberthreat Defense Report Recorded: May 11 2021 60 mins
    Steve Piper, Co-Founder & CEO, CyberEdge Group; Brandon Dunlap, Moderator
    Did you know that 86% of organizations experienced a successful attack in 2021? Up from 81% the prior year, the largest year-over-year increase in six years. CyberEdge’s 2021 Cyberthreat Defense Report (CDR) has become the de facto standard for assessing organizations’ security posture, for gauging perceptions of IT security professionals, and for ascertaining current and planned investments in IT security infrastructure. Now in its eighth year, the 2021 CDR assesses the views of 1,200 IT security professionals representing 17 countries and 19 industries. It’s the most geographically comprehensive view of IT security perceptions in our industry. Join (ISC)2 (a sponsor of this year’s study) and CyberEdge on May 11, 2021 at 1:00 pm ET/10 am PT for highlights of the results and get key insights including:

    - The chronic shortage of IT security skilled staff is still prevalent; hiring gaps exist across all major IT security roles
    - Lack of skilled personnel is the #2 obstacle to effective defense against cyberthreats
    - The fastest and most economical solution is to train existing IT members to fill security positions
    - IT security professionals see personal and organization-wide benefits of cybersecurity certifications, especially for cloud security, software security, security administration, and management
    - And more!
  • Inside (ISC)² Quarterly Board Update, 2021 (Q2) Recorded: May 6 2021 15 mins
    Zachary Tudor, CISSP, (ISC)² Board of Directors Chairperson and Clar Rosso, CEO, (ISC)²
    (ISC)² Board of Directors Chairperson, Zachary Tudor, CISSP and CEO Clar Rosso update members on accomplishments in Q2 of 2021 including a significant increase in professional development opportunities, record numbers of exam offerings, and sharing new research findings to help fill the cybersecurity profession pipeline. Tune in to hear what the organization has planned for the rest of 2021, including an update on this year’s (ISC)² Security Congress event.
  • Will SASE Transform IT Security for Businesses? Recorded: May 6 2021 60 mins
    Chris Frost, Technical Solutions Architect, Cloud Security, Cisco; Brandon Dunlap, Moderator
    The global pandemic has accelerated the move of edge security controls to a cloud-delivered model. But it hasn’t changed the need for effective threat detection and reliable, fast secure access. The best way for security teams to meet these new challenges head-on is through a secure access service edge (SASE) service. Join Cisco and (ISC)2 on May 6, 2021 at 1:00PM BST as we explore the following:

    • Networking and security solutions that are designed to work together

    • Efficient and effective cloud-delivered security

    • Vendor consolidation and ease of deployment

    • Management that will scale with the needs of your business.
(ISC)² Security Briefings - EMEA
(ISC)² Security Briefings EMEA offers members in Europe, the Middle East and Africa a chance to learn about the latest trends, tools and best practices in cyber, information, software and infrastructure security while earning CPEs

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Inside (ISC)² Quarterly Board Update, 2021 (Q2)
  • Live at: May 6 2021 1:42 pm
  • Presented by: Zachary Tudor, CISSP, (ISC)² Board of Directors Chairperson and Clar Rosso, CEO, (ISC)²
  • From:
Your email has been sent.
or close