Name: Using Targeted Intelligence to Direct Your Technology Policy
Start: 2016-02-16T14:00:00Z
End: 2016-02-16T14:48:07.000Z
Location: BrightTALK
Rating: 4.33

CREST represents the technical information security industry by:

-  Offering a demonstrable level of assurance of processes and procedures of member organisations
-  Validating the competence of their technical security staff
-  Providing guidance, standards and opportunities to share and enhance knowledge
-  Providing technical security staff recognised professional qualifications and those entering or progressing in the industry with support with on-going professional development

Proper implementation and management of Application Security Testing (AST) can reduce costs and boost effectiveness of your application security strategy.

Application Security Testing Lifecycle and ImmuniWeb Discovery

What have we learned from 2017's biggest breaches and how will we deal with 2018's emerging threats? Attempting to look both backward and forward over the cyber landscape, Peter Wood will review lessons learned and apply them to the evolving threatscape.

The 2018 Threatscape: Cyber clairvoyance and divination

If your processing and data is in the cloud, how can you deliver assurance, compliance and governance? How do you find the flaws and soft spots that criminals will exploit? From browser to database, through human factors and end points, this presentation will take a threat-based approach to securing the cloud.

The Future of Cloud Security: Next Generation Threat-based Testing

BrightTALK caught up with CREST president Ian Glover for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

Topics up for discussion:

- GDPR and the preparation that organisations need to implement to remain compliant

- Steps that professionals can take to make sure that they're in-the-know and up-to-date with the legislation and changes that need to be made

- The value of improving security culture in an organisation to increase security stature

- Nationstate attacks and their influence on the cyber security industry

- AI & machine learning systems and their applications to the security industry

[VIDEO] CREST President Ian Glover on GDPR & May 2018

The Internet of Everything affects everyone from multi-nationals to private citizens. The universal adoption of machine to machine communications in every aspect of our lives offers criminals a hugely expanded attack surface. How do we defend ourselves without undermining the benefits of the IoE?

Securing the Internet of Everything: The war of the coffee machines

- BrightTALK at CRESTCON & IISP Congress - 

BrightTALK caught up with IBM Security Europe's Martin Borrett for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

Topics up for discussion:

- AI & machine learning and the influence that the technology will have on the security space

- The ins and outs of AI & machine learning and how it analyses your data looking for security incidents

- How to find a good solution to suit all budgets

- The growth of IoT networks and how we can look to protect them effectively

- V2V security and how to ensure connected cars are protected from cyber threats

- The threatscape in 2017; the threat actors, motives and attack techniques

To find out more about IBM Security, click the link in the attachments tab.

[Video Interview] AI & Machine Learning in Cyber Security: The IBM View

- BrightTALK at CRESTCON & IISP Congress - 

BrightTALK caught up with Titania's Ian Whiting for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

Topics up for discussion:

- How to run a comprehensive pentest to protect your business

- How to get the most from your cyber security budget 

- AI & Machine learning and the influence it'll have on the security industry

- The explosion of connected devices on the IoT and where networks are especially vulnerable

[Video Interview] Pentest Masterclass & Getting the Most of Your Security Spend

- BrightTALK at CRESTCON & IISP Congress - 

BrightTALK caught up with Gotham Digital Science's Justin Clarke-Salt for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

Topics up for discussion:

- The evolution and future of cyber warfare

- How to run a comprehensive and complete pentest

- Where to start when building the ideal security team

- Financial security and how to best protect the banks

- GDPR and preparations to make to ensure full security for 2018

- The growth of the IoT and how to ensure we're protecting the connected devices

[Video Interview] Cyber Warfare, Pentesting & Building a Perfect Security Team

- BrightTALK at CRESTCON & IISP Congress - 

BrightTALK caught up with Obrela Security Industry's George Patsis for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

Topics up for discussion:

- The elements and process to run a really comprehensive pentest

- How banks are still juicy targets for cyber criminals and what they can be doing to ensure they're fully protected.

- How to get the maximum results from a security budget.

- The positive steps that George sees in the cyber security industry

[Video Interview] Financial Security, Maximising Security Budgets & Pentesting

Threat-based testing, accurately simulating criminal attacks, is a critical approach in securing FinTech. Attackers constantly evolve their attack methods and strategies in response to changing technologies, making it essential that security tests match the threat landscape.

Securing FinTech: Threat-based testing along the kill chain

- BrightTALK at CRESTCON & IISP Congress - 

BrightTALK caught up with NCC Group's Matt Lewis for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

Topics up for discussion:

- The steps that professionals should be taking to prepare for GDPR

- How banks and financial institutions can improve their cyber security stature in advance of the GDPR legislation coming into play in May 2018

- The continuing rise of ransomware and whether the trend will continue

- Machine learning and AI and it's role in the cyber security industry

- How to improve on Identity and Access Management Systems (IAM)

[Video Interview] Cyber Security in the Financial Sector in the face of GDPR

- BrightTALK at CRESTCON & IISP Congress - 

BrightTALK caught up with The IISP's Piers Wison for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

Topics up for discussion:

- The findings of the IISP Industry Survey 

- AI & machine learning in the security sphere

- The steps cyber professionals need to take to prepare for GDPR

- What banks can be doing to remain as protected as possible from cyber criminals

- The growth of IoT networks and their subsequent vulnerabilities

- What to look for when assembling a security team

- How to get the most out of your security budget

-

[Video Interview] Piers Wilson and the IISP Industry Survey

- BrightTALK at CRESTCON & IISP Congress - 

BrightTALK caught up with Beta Systems Leslie Parsonson for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

Topics up for discussion:

- The steps that professionals should be taking to prepare for GDPR

- Protective measures that financial institutions should take to improve their security stance

- Methods to strengthen identity and access management

[Video Interview] Beta Systems on the Step-by-Step Process for GDPR Preparation

- BrightTALK at CRESTCON & IISP Congress - 

BrightTALK caught up with The MET's Andrew Gould for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

Topics up for discussion:

- The rise of Ransomware and what we can be doing to protect ourselves

- The steps that businesses should be taking to prepare for GDPR

- Financial cyber security and what the banks can be doing better to defend against malicious hackers

- Cyber security relations and the future of law enforcement post-Brexit

[Video Interview] Andrew Gould on Early Cyber Prevention Techniques

- BrightTALK at CRESTCON & IISP Congress - 

BrightTALK caught up with Symantec's Tarah Wheeler for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

Topics up for discussion:

- The ethics of 'hacking back'

- AI & Machine learning and the influence it'll have on security

- Cyber security in the financial sector

- Cyber warfare and the new tactics coming through

- Vulnerabilities in the IoT and what we can do about them

Enjoy!

[Video Interview] Tarah Wheeler on the Ethics of Hacking Back and AI in Security

BrightTALK will be broadcasting its in-depth interview with CREST President Ian Glover and Nettitude MD Rowland Johnson jointly in conversation.

Topics up for discussion will include:

- The new political climate and it's effect on Cyber Security and global cyber warfare

- The supposed Russian hack on the 2016 US election

- GDPR and what companies need to be doing to prepare for 2018

- Equal opportunities in the information security industry

- The rise of AI & Machine learning and how it'll influence the cyber world

- IoT and how to keep connected devices all safe and secure

- Incident response and steps to take if you've been breached!

- The 2017 threatscape and what you shoud be concentrating on

All this and much more - join us for the broadcast.

[VIDEO] Cyber Security Lessons for the Financial Sector

The majority of internal and external cyber-attacks begin with exploiting vulnerabilities in the network and targeted applications. Over 99% of actual attacks exploit known vulnerabilities listed as known Common Vulnerabilities and Exposures (CVEs). The traditional defence is to probe the system using manual or automatic vulnerability scanning techniques; but this produces a lot of redundant and irrelevant information that does not shed any light as to whether a hacker can use the vulnerability to reach a critical asset. The only solution today is human penetration testing, but infrequent testing does not reflect the network's dynamic nature, especially in today's virtual and cloud based environments.
A fresh approach to support manual penetration testing and enhance cyber resilience is to continuously and automatically test the network, applications and databases by using penetration testing techniques to expose vulnerabilities, establish complex attack path scenarios in real time and provide security and business insights to act on.  
This presentation will look at the technology and role of machine-based penetration testing.

The Future of Machine-Based Penetration Testing

Key network infrastructure devices are overlooked yet they provide critical functionality. Exploiting web application weaknesses and service buffer overflows is exciting, but the housekeeping of network infrastructure is not. Issues in network infrastructure devices can lead to network wide problems that would cause system admininstration nightmares. This presentation provides a review of key security devices, often side-lined when looking at security. It covers the value of these devices to "Blue Teams", issues "Red Teams" can highlight, desired outcomes and auditing practices.

Auditing Neglected Critical Infrastructure

Visibility and Actionable Data Across Millions of IT Assets in Seconds

PowerShell Audit Logging:    Catch Intruders Living off the Land

Data-centric security:  Enabling the new style of business in the Cloud

What MSPs Really Need and Want from an Endpoint Security Vendor

PCI DSS 3.1 Crash Course - Part II

A Practical Guide to Identifying TTPs With Threat Intelligence

(mis)Adventures in Data-driven Security: How to Avoid Tragedy & Engineer Success

Complete Data Lifecycle Protection

Data-Driven Security

Business-lead and Threat-Focused Cyber Risk Management

Smart & Strategic ‘data driven’ decisions

Using Data Analytics to Predict Malicious Intent

100% Cloud by 2016: How ScaleVP Secured its Move to the Cloud.

Using Permaculture to Cultivate a Sustainable Security Program

T Minus and Holding:  Deciding When to Launch Your Defenses

Making Vulnerability Management Sexy, Again!

Designing a GRC Framework

Preview: Data-driven Security

Data-driven Security

The success of cyber threat intelligence is measured by its effectiveness in reducing the impact of malicious actors. It is therefore important to understand the economy of malware in order to break the chains of success of such economy. Such success needs to be materialised by a change in attitude, policies and configurations.
 
Whilst applicable to most organisations, most examples used during this seminar will feature the financial sector and aim to:
 

·         Analyse the core components of the economy of malware

·         Analyse how to gather intelligence to reduce the impact of malicious actors

·         Show how to use the intelligence gathered to improve the security posture of the organisation

Using Targeted Intelligence to Direct Your Technology Policy

Cyber Security

Cyber Intelligence

Malware

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Using Targeted Intelligence to Direct Your Technology Policy

Presented by

About this talk

More from this channel