Hi [[ session.user.profile.firstName ]]

Cybersecurity Risk for SMB - Defending your Business from Big Threats

In a small or medium-sized business, you probably wear many different hats: VP of logistics one day, head of social media the next, and IT trouble-shooter the day after that. Are you comfortable wearing the Chief Information Security Officer hat for your business? While most reporting on cyberattacks focuses on the impacts to large companies, the truth is that small businesses are not immune. eCrime groups know that small businesses rarely have the resources to defend themselves in the same way as large enterprises, which can make them lucrative targets for ransomware and cyber extortion. Join CrowdStrike and (ISC)2 on July 13, 2021 at 1:00 p.m. BST as CrowdStrike’s Patrick Magat examines the cyber threats that target small businesses, sharing real-world examples plucked from the CrowdStrike case files. This will set the stage for a discussion of the building blocks of a successful cyber defence, and practical guidance for defending your business. We’ll also cover:

· Common cybersecurity misconceptions for small business

· Real-world case studies of cyber intrusions and what could have been done to stop them

· The basic structure of a successful cybersecurity program, including next-generation prevention, threat hunting, investigation and real-time response

· How small businesses are using managed services to see, stop and prevent determined attackers, skipping the burden of building and managing a program themselves
Recorded Jul 13 2021 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Patrick Magat, Services Director EMEA, CrowdStrike; Brandon Dunlap, Moderator
Presentation preview: Cybersecurity Risk for SMB - Defending your Business from Big Threats

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Keeping Ransomware Attacks at Bay with DNS Oct 12 2021 12:00 pm UTC 60 mins
    Senad Aruc, Lead Technical Solutions Architect; Ivan Berlinson, Consulting Systems Engineer;Brandon Dunlap, Moderator
    Ransomware currently dominates the headlines and is top of mind for many. DNS can be used to improve protection against ransomware campaigns and speed up investigations of such incidents. In this session, we’ll share fresh tactics, techniques, and procedures (TTPs) used by ransomware actors which actively adopt advanced persistent threat (APT)-style tactics and evasion techniques. These actors’ goals have shifted from deploying ransomware on a few vulnerable machines to achieving persistence in the network and causing maximum damage to push victims into paying the ransom.

    On October 12th, 2021 at 1 p.m. BST, join the Cisco Umbrella team and (ISC)2 as they share DNS-based classifiers developed by Cisco and discuss their approach to building them based on changes in the threat landscape.
  • Go Dox Yourself! Practical Security Awareness Training Sep 2 2021 12:00 pm UTC 60 mins
    Zoe Lindsey, Security Strategist, Duo Security at Cisco; Brandon Dunlap, Moderator
    News reports on doxxing (the practice of researching private or identifying information about someone online, typically with the intent to publicize it) have increased exponentially over the last several years. While most of these reports focus on exposed individuals involved in high-profile or controversial current events, these same investigative methods are used by bad actors every day when researching targets for tailoring spearphish and other human-based attacks. Since many of the public records and social media resources used for this research fall outside the scope of the workplace, keeping corporate users safe requires arming them with education they can keep using when they leave the office. Join Duo Security and (ISC)2 on September 2, 2021 at 1:00p.m. BST for this webcast as we provide an introduction to doxxing, what tools attackers reach for first, and how researching as an attacker teaches valuable skills to make a harder target.
  • Improve Performance & Minimise Risk of Burnout:Think Consciously About Self-Care Aug 24 2021 12:00 pm UTC 60 mins
    Megan Sowney, MD, Wrkit, Jason Brennan, Psychotherapist and Director of Leadership, Wrkit
    Brought to you by (ISC)² and your Member Perks provider in EMEA, WrkIt, this session is designed to review the mental challenges of working in Cyber Security, giving you an opportunity to share your own experiences, and to listen to expert Jason Brennan’s advice on the steps you can take to perform better, every time.

    The session is supported technically by POWR, Wrkit’s digital Wellbeing solution, that is available to all (ISC)² members in the EMEA region as part of your Member Benefits. POWR encourages you to take 5 mins a day to score yourself, then set clear objectives on improving – all with guided professional advice, and all with the intention of improving focus, reducing fatigue and maintaining a razor sharp mindset.
  • Rise of Machines: Protecting your Machine Identities Aug 17 2021 12:00 pm UTC 60 mins
    Kevin Bocek, VP, Security Strategy & Threat Intelligence, Venafi; Brandon Dunlap, Moderator
    The number of machines of all types – from Kubernetes, to cloud, to IoT – is on the rise. Every machine requires an identity – SSL/TLS, SSH, and code signing keys and certificates – that control encryption, authentication, and code execution. Too often these powerful security controls are left unprotected. Compromise, misuse, and fraud of machine identities are already prime attack vectors for hackers targeting supply chain weaknesses. And errors create debilitating outages and millions in lost business. For all these reasons and more, Gartner has named Machine Identity Management a top trend for 2021. Join Venafi and (ISC)2 on August 17, 2021 at 1:00 p.m. BST for an examination of how machine identities are the new perimeter.

    Attend this session to learn:

    · The top machine identity attacks targeting your organisation and software supply chain

    · How SSL/TLS, SSH, and code signing keys and certificates are left unprotected

    · How machine identities fail and cost millions in outages

    · Why most organisations are not prepared to use machine identities at speed

    · Three things your organisation can do today to stay #fastsecure with Machine Identity Management
  • The Cloud Gambit: Advanced Moves for a Cloud Security Career Aug 3 2021 5:00 pm UTC 60 mins
    Keatron Evans, Dave Hatter, Charlie Platt
    Taking the step toward earning the (ISC)² Certified Cloud Security Professional (CCSP) credential puts you on a path to excel as an expert in cloud security. CCSP empowers individuals and organizations with the highest level of mastery in cloud security.

    But how do you get started? How do you prepare? And why…what tangible benefits will you gain? Join (ISC)² for a panel discussion as industry professionals share their stories, experience and tips toward preparing for the Certified Cloud Security Professional certification. Areas for discussion will include:

    - Why you should consider CCSP
    - How to prepare for CCSP
    - How CCSP can accelerate your career progression
  • Micro-Segmentation Should Not Be on an Island Recorded: Jul 29 2021 57 mins
    Raghu Nandukamara, Field CTO, Illumio; Adam Brady, Director, Systems Engineering, Illumio; Brandon Dunlap, Moderator
    Micro-segmentation can allow security architects to divide data centers into unique security segments (as far down as individual workload levels) but requires integration and an understanding of where your applications are located to improve and manage them. Join Illumio and (ISC)2 on July 29, 2021 at 1:00 p.m. BST when Illumio's Field CTO Raghu Nandukamara will join forces with Adam Brady, Director Systems Engineering to discuss areas such as:

    o How to make friends with your CMDB data through visualization

    o The best way to leverage the user context to secure access

    o If you can better support your SOC through event data
  • Someone Else's Computer: On-Prem vs. Cloud Security Recorded: Jul 27 2021 60 mins
    Ell Marques, Linux and Security Advocate, Nicole Fishbein, Researcher, Brandon Dunlap, Moderator
    A common joke in the infosec community is that there is no cloud, only someone else's computer.

    If this is true, then it would stand to reason that security for on-premise and cloud workloads would be the same. But, unfortunately, attempting to lift and shift not only workloads but also security practices has led to over a decade of data breaches.

    Unlike on-premise data centers, cloud resources are disposable with a lifespan of a matter of seconds to minutes, leaving security teams without any visibility to what they should be protecting.

    On July 27th, 2021 at 1:00 p.m, BST, join Intezer Labs and (ISC)2 to discuss how companies can adapt their security postures to the ever-changing cloud landscape.
  • Key Results from the 2021 Cloud Security Report Recorded: Jul 20 2021 59 mins
    Holger Schultze and Steve Prentice
    The 2021 Cloud Security Report, sponsored by (ISC)2, explores current cloud security trends and challenges, how organizations are responding to security threats in the cloud and reveals tools and best practices organizations are considering.

    Based on a comprehensive survey of 783 cybersecurity professionals conducted in early 2021 to uncover how cloud user organizations are responding to security threats in the cloud, and what training, certifications and best practices IT cybersecurity leaders are prioritizing in their move to the cloud.

    Join (ISC)2 on July 21, 2021 at 1:00PM Eastern for highlights of the results and to get key insights including:
    •A majority of cybersecurity professionals (96%) confirm they are at least moderately concerned about public cloud security, a small increase from last year’s survey.
    •For the second year in a row, the key barrier to cloud adoption, organizations mention was a lack of qualified staff (39%) as the biggest impediment to faster adoption.
    •More than half of organizations (57%) expect their cloud budgets to increase over the next 12 months.
    •When asked how organizations rate their overall security readiness, 73% rate their team’s security readiness average or below average. Of those, 78% believe their teams would benefit from cloud security training and/or certification.
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Recorded: Jul 20 2021 59 mins
    Natasha Karelina, (ISC)² Customer Service Manager, EMEA
    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:

    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarised
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
  • Metadata Formats and their uses in a Security Context Recorded: Jul 15 2021 59 mins
    Ollie Sheridan, Principal Sales Engineer, Security, (EMEA) Gigamon; Brandon Dunlap, Moderator
    With Network Traffic increasing as Bandwidth costs decrease and the delivery of Applications changing in favour of Cloud environments, monitoring Networks at scale is becoming an increasing challenge. One of the approaches which is gaining popularity is the use of Metadata - but what is Metadata exactly? If you elect to employ Metadata as your method for monitoring your Network what format should you choose? On July 15, 2021 at 1:00 p.m. BST, join Gigamon and (ISC)2 as we discuss the rise in popularity of Metadata, what problem it's trying to solve along with the pros and cons of its use. We'll also investigate how it can be implemented, examining the various formats that can be used to generate this Metadata. Lastly, will be the other uses of Metadata beyond 'traditional' Security, to ultimately lower the costs of implementation and better understand our environments. Join Ollie Sheridan as he raises these questions and gain a better understanding of Metadata in the context of Security.
  • Cybersecurity Risk for SMB - Defending your Business from Big Threats Recorded: Jul 13 2021 60 mins
    Patrick Magat, Services Director EMEA, CrowdStrike; Brandon Dunlap, Moderator
    In a small or medium-sized business, you probably wear many different hats: VP of logistics one day, head of social media the next, and IT trouble-shooter the day after that. Are you comfortable wearing the Chief Information Security Officer hat for your business? While most reporting on cyberattacks focuses on the impacts to large companies, the truth is that small businesses are not immune. eCrime groups know that small businesses rarely have the resources to defend themselves in the same way as large enterprises, which can make them lucrative targets for ransomware and cyber extortion. Join CrowdStrike and (ISC)2 on July 13, 2021 at 1:00 p.m. BST as CrowdStrike’s Patrick Magat examines the cyber threats that target small businesses, sharing real-world examples plucked from the CrowdStrike case files. This will set the stage for a discussion of the building blocks of a successful cyber defence, and practical guidance for defending your business. We’ll also cover:

    · Common cybersecurity misconceptions for small business

    · Real-world case studies of cyber intrusions and what could have been done to stop them

    · The basic structure of a successful cybersecurity program, including next-generation prevention, threat hunting, investigation and real-time response

    · How small businesses are using managed services to see, stop and prevent determined attackers, skipping the burden of building and managing a program themselves
  • 10 Essential Steps to Rethinking Risk Assessments Recorded: Jul 8 2021 59 mins
    Charles Allen, CIPP/E, InfoSec Consulting Manager, OneTrust GRC; Brandon Dunlap, Moderator
    Do you spend countless hours assessing businesses risk, stuck in spreadsheets, sift through emails to find the most up-to-date information? After gathering all the necessary information from your line of business, you still need to review, validate, analyze, and assigned a risk score. All of this must be done before actionable insights can be drawn or mitigation efforts can take place. There is a significant gap in how risk is assessed and rate at which your business operates today. As your program evolves, the need to simplify the risk assessment process becomes unavoidable. But a common reality is that as your business continues to develop, risk assessment practices and resources have largely remained the same. It’s not as simple as getting a risk management tool; it’s about finding the right technology to adapt your processes in line with your current risk landscape and business objectives. On July 8, 2021 at 1:00 pm BST. OneTrust GRC and (ISC)2 will review risk assessment best practices businesses should consider based on leading industry standards from ISO 31000, NIST CSF, and the latest DOJ Corporate Compliance Guidance. We will also share how to:

    · Familiarize yourself with proven best practices and new perspectives on risk assessments

    · Identify opportunities to collect risk insights in context through an automated questionnaire process

    · Streamline risk identification with automation rules tied to your risk methodology
  • Inside (ISC)2: Updates on Member Services, Benefits and Experience Recorded: Jul 1 2021 59 mins
    Clar Rosso, CEO, (ISC)2; Beth Paredes, Director of Member Services, (ISC)2
    Clar Rosso, CEO of (ISC)2 shares the latest insights on what’s happening at our association. Join us for this quarterly update where we cover the latest developments at (ISC)2, ranging from certification to member benefits, continuing education and events, to major milestones and achievements. On July 1, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as Beth Paredes, Director of Member Services at (ISC)2 join Clar to provide an overview of the wealth of benefits and services available to members and associates.
  • Unit 42 Cloud Threat Report: The Covid Conundrum Recorded: Jun 29 2021 55 mins
    Ashley Ward, Technical Director, Office of the CTO, Palo Alto Networks; Brandon Dunlap, Moderator
    In the latest edition of the biannual Unit 42 Cloud Threat Report, researchers analyzed data from hundreds of cloud accounts around the world between October 2019 and February 2021 to understand the global impact of COVID-19 on the security posture of organizations. In response to the global pandemic, organizations globally increased their cloud workloads by more than 20%, leading to an explosion of security incidents. This led to the conclusion that rapid cloud scale and complexity without automated security controls embedded across the entire development pipeline are a toxic combination. Join Palo Alto Networks and (ISC)2 on June 29, 2021 at 1:00p.m. BST for a discussion that provides a deep dive into the findings. Topics covered will include:

    - How the latest cloud threats may be affecting your organization

    - Which industries suffered a spike in security incidents in light of the pandemic

    - Best practices your organization can apply today to stay protected
  • Igniting Passion for Diversity, Equity and Inclusion (DEI) Recorded: Jun 23 2021 59 mins
    Clar Rosso, CEO, (ISC)2; Dr. Kevin Charest and Samara Moore, (ISC)2 Board Members
    With the onset of social justice movements and awareness of racial and gender inequality around the globe, many organizations and leaders are recognizing the need to dig deeper and lead the charge for their stakeholders and communities for lasting transformation. Yet, what makes diversity and inclusion—seemingly so simple—so complicated and difficult to achieve? What are some of the key challenges and tensions that often arise throughout the inclusion journey? And, how can leaders ignite the passion needed to face these challenges? Join (ISC)2 on June 23, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as Clar Rosso, (ISC)2 CEO joins with cyber industry leaders to explore these paradoxes, challenges and high-impact solutions and what it takes to achieve a truly diverse and inclusive cyber profession; one that weaves inclusion into everything it does.
  • Countering Threat Evasion: You Cannot Stop What You Cannot See! Recorded: Jun 22 2021 59 mins
    Bob Hansmann, Sr. Product Marketing Manager - Security, Infoblox; Brandon Dunlap, Moderator
    Cybercriminals must become masters of evasion if they are to be successful. Many threats, such as APT’s, are designed to remain hidden for weeks or longer as they slowly monitor their victim, compromising select information in a way that is also intended to go unnoticed. Others, like ransomware, may only need to hide their malicious intentions long enough to infect and begin encryption processes. And even when these attacks trip some defensive sensor, it can take analysts days to investigate and launch an effective incident response, often too late to prevent significant damage. Join Infoblox and (ISC)2 on June 22, 2021 at 1:00 p.m. BST as we assess evasion methodologies and the value of DNS, with some unique EMEA callouts, to counter them across the kill chain including:

    • Why does DNS visibility expose threat activity other solutions miss?

    • How can DNS visibility be used to make other solutions more effective?

    • What role does DNS play in investigation and response?
  • PAM: Foundational Security for Business Transformation Recorded: Jun 15 2021 58 mins
    Morey J. Haber, CTO & CISO, BeyondTrust; Brandon Dunlap, Moderator
    As businesses constantly evolve and grow, so does an organization's attack surface. The pace and velocity of technology transformation in enterprises has created a difficult environment for security teams to defend against complex threats. Join BeyondTrust and (ISC)2 on June 15, 2021 at 1:00 p.m. BST for a webinar where will examine how Privileged Access Management (PAM) can support the security team as an enabler to digital transformation, while providing one of the most effective ways to stop lateral movement by threat actors.

    Key topics to be covered include:

    · What Is Digital Transformation and why should we care about it?
    · Why automation isn’t just for the business
    · How to mitigate identity risk with Privilege Access Management
  • Rage Alongside the Machines - Advice for Automating Investigation and Response Recorded: Jun 10 2021 63 mins
    Sam Humphries, Exabeam; Jessica Cholerton, Exabeam; Brandon Dunlap, Moderator
    If the idea of automating breach response fills you with a sense of uneasiness, you’re definitely not alone. But the flipside of doing everything manually isn’t ideal either…and can actually bring more risk to a situation, especially during a major incident. On June 10, 2021 at 1:00 p.m. BST, Join Sam and Jess (aka The Real Housewives of Automation) of Exabeam and (ISC)2 for a session where we will explain where, how and when automation can help you investigate and respond quickly, accurately, and without creating a LinkedIn profile updating moment. We’ll also examine:

    · End to end automated vs manual response – a look into a real breach through two different lenses
    · The machines are our friends – how automation will help your team thrive
    · Raging alongside the machines – how to get the right balance
    · Investigation and response automation – where to start and how to finish
  • Securing Trust – How the Security Leader Enables Business Outcomes Recorded: Jun 8 2021 59 mins
    Helen Patton, Advisory CISO, Duo Security at Cisco; Brandon Dunlap, Moderator
    What is the value of trust for a company, and what role does a security leader play in order to enable it? On June 8, 2021, at 1:00 p.m. BST, Duo Security Advisory CISO Helen Patton and (ISC)2 will discuss the factors that make a company trustworthy, and how a security team builds trust within an organization. We will review the Cisco Security Outcomes Study and consider the trust-based activities that enable positive security outcomes. Attendees will be provided with actionable suggestions for improving security and trust in their organization.
  • 5 Steps to Overcome Data Overload: Using Data Discovery to Standardize Risk Recorded: Jun 3 2021 58 mins
    Scott Bridgen, Head of GRC, OneTrust GRC; Brandon Dunlap, Moderator
    Every organization is working to reduce the delay between issuing a risk assessment, receiving a response, gaining risk insight, and making a risk-based decision. Risk insights quickly lose value as time elapses from the initial assessment request. Businesses should leverage the digital workstreams to collect information as updates occur using data discovery tools to find, document, and classify in real-time. Join OneTrust GRC and (ISC)2 on June 3, 2021 at 1:00 pm BST as we explore how to quickly connect enterprise data through automated data discovery and translate the data into meaningful risk insights. We’ll also examine how to:

    · Identify data across business applications for the latest risk insights.

    · Automatically categorize information to deliver meaningful insights across risk, compliance, and your executive teams

    · Explore a new way to quantify risk using risk formulas to aggregate and standardize risk using real-time data points
(ISC)² Security Briefings - EMEA
(ISC)² Security Briefings EMEA offers members in Europe, the Middle East and Africa a chance to learn about the latest trends, tools and best practices in cyber, information, software and infrastructure security while earning CPEs

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Cybersecurity Risk for SMB - Defending your Business from Big Threats
  • Live at: Jul 13 2021 12:00 pm
  • Presented by: Patrick Magat, Services Director EMEA, CrowdStrike; Brandon Dunlap, Moderator
  • From:
Your email has been sent.
or close