Hi [[ session.user.profile.firstName ]]

IoT Risk and Posture Assessment

IoT devices being deployed by the thousands, they often lack IT oversight and basic security best practices such as strong credentials. A recent industry analysis notes that 81 percent of breaches involve the misuse of stolen, weak or default credentials. Botnets such as Mirai take advantage of weak IoT credentials and harvest millions of IoT devices to cause service disruptions. Hence, IoT assessment is the next logical step after IoT classification for managing risk and reducing your attack surface.
Join us to learn how the ForeScout platform helps organizations assess IoT devices across their extended enterprise. Gain insight into the new capabilities of CounterACT 8, including functionality that lets you:
• Identify IoT devices with factory default and weak credentials
• Create your custom IoT credential assessment library or leverage the ForeScout-provided credential library
• Create policies to automate assessment and initiate mitigation actions (alert, limit, block and segment)
Recorded May 29 2018 43 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Mitesh Shah, Sr. Technical Product Marketing Mgr., ForeScout Technologies, Inc.
Presentation preview: IoT Risk and Posture Assessment

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Yes, IT and OT Are Converging. So How Does This Affect Compliance? Nov 12 2019 5:00 pm UTC 59 mins
    Thomas Nuth, Sr. Director of Solution Marketing Don Weber, SANS Instructor
    Refreshing compliance strategy for the age of IT-OT convergence challenges cybersecurity stakeholders across the functional spectrum, from CISOs to plant managers. In this webinar, we will explore popular frameworks that help reduce cyber risk, as well as how organizations can streamline regulatory and compliance efforts with better processes and the right technology.

    Attendees will walk away with an understanding of key frameworks and standards, and the best practices for implementing them, including:

    - The NIST Cybersecurity Framework
    - NIST 800-53
    - The NERC CIP Regulations
  • Device Visibility and Control: Streamlining IT and OT Security With Forescout Nov 5 2019 5:00 pm UTC 60 mins
    Don Murdoch is a SANS community instructor & Sandeep Kumar, Senior Director of Product and Technical Marketing Forescout
    Recently Forescout updated its multifaceted IT/OT network device visibility and control platform to enhance the product's long-standing reputation for handling network admission controls. In this review, SANS analyst and instructor Don Murdoch digs into the product's capabilities and explores these key areas:

    - Device discovery
    -Auto classification
    -Risk assessment
    -Automating security controls

    Register today to be among the first to receive the associated whitepaper written by security expert Don Murdoch.
  • CEO Speaks: Top 5 Risks That CISOs Need to Quantify Oct 29 2019 1:00 pm UTC 59 mins
    Jack Jones, Chairman of The FAIR Institute & Gaurav Pal, CEO and Founder of stackArmor
    As breaches continue to make headlines, CEOs are now being held personally accountable, often resulting in loss of job and reputation. This accountability extends to both public sector and commercial entities, especially those involved in critical infrastructure. Forescout is pleased to host a frank discussion with two experienced executives in the risk and information security industry who not only run these organizations, but also evangelize the importance of prioritizing risk from third-party and other sources.

    They will provide insight on:
    • Top risks and exposure, especially from the convergence of information technology (IT) and operational technology (OT) infrastructures.
    • How frameworks like NIST RMF and CSF play a role in establishing good risk hygiene.
    • Actionable playbook to consider when creating and presenting a risk plan to the CEO and board.
  • Protecting Today’s Smart City Through Device Visibility & Control Recorded: Oct 17 2019 27 mins
    Jonathan Jesse is a Senior Systems Engineer, State & Local, Forescout Technologies
    The vision of smart cities is bright—automating critical public services, improving community interactions and achieving untold levels of efficiency in a connected, technology-driven society. But along with all of this boundless potential comes untold risk of a cybersecurity breach.

    Join us for this insightful webinar to hear how Forescout Technologies is playing a critical role in securing these technologically advanced communities to mitigate risk, increase visibility across the extended enterprise, and provide the necessary controls needed to secure these smart environments.

    Webinar topics include:

    ·Protecting our Law Enforcement technology – from vehicles to dispatch, and all devices in between
    ·Risks and challenges of new technologies with Smart Transportation and Digital Services
    ·Real case studies of Smart Cities and how they manage the risk of IoT and the connected reality

    Sponsored By Forescout Technologies + ISA Cybersecurity
  • Tearing Down a Building Network Using IoT Devices: A Forescout Labs Case Study Recorded: Sep 5 2019 46 mins
    Daniel dos Santos, Forescout Labs Researcher
    With the advent of the Internet of Things (IoT), devices like surveillance cameras and smart lighting systems are now widely available and rapidly being integrated into new and existing smart buildings. These devices are much cheaper than industrial controllers and far easier to install, but they often lack security features, and vulnerabilities are being discovered with increasing frequency. As the scale of IoT devices grows, so does the need to keep them in check.

    Using a smart building as their case study, Forescout Labs investigated how IoT devices can be leveraged as an entry point to a building’s network, where legacy OT assets, IT systems and IoT devices all intersect. In this webinar, we discuss the key findings from our research, including:

    - How the IoT is impacting the organizational threat landscape
    - The additional risks that IoT devices introduce
    - How to evolve your cybersecurity strategy for the age of IoT
  • BLUEKEEP and Deja Blue: Havoc on the horizon for healthcare Recorded: Aug 28 2019 30 mins
    Liran Chen, Senior Director, System Engineering Forescout
    Despite dire warnings from Microsoft, industry and government agencies, the BlueKeep vulnerability still looms large on the networks of many enterprises with as many as 800,000 Windows devices still remain vulnerable to attackers using Remote Desktop Services in Windows.
    To help mitigate the risk of this potential vulnerability, join Liran Chen, Senior Director, System Engineering Forescout to learn how organizations can take the following actions:

    *Investigate the scope of BlueKeep risk, by identifying the quantity of vulnerable devices
    *Isolate non-compliant devices, and initiate remediation actions on actionable areas
    *Improve overall security posture and patching routines to maintain security compliance
  • Lessons Learned Fighting Modern Cyberthreats in ICS Networks Recorded: Jul 30 2019 57 mins
    Sandeep Lota, Senior Systems Engineer OT at Forescout
    Critical infrastructure organizations are increasingly becoming targets of malware campaigns. This rising tide of cyberthreats, coupled with the increased exposure of OT networks to the Internet is making ICS network protection a strategically important issue. To stay cyber resilient in today’s environment, asset owners need a fresh approach to cybersecurity.
    During this webinar, we will discuss an anonymized investigation conducted by our team to identify a real malware infection on a production network, the tools and techniques used to contain this threat and how to use threat intelligence and visibility to stay ahead of cyber adversaries.

    We will focus on improving security strategy in four key areas, in the context of the SANS Top 20 CIS Controls:
    - Asset visibility and network baselining
    - Continuous network monitoring
    - Threat intelligence ingestion
    - Thorough incident response plans
  • IT Centralization Challenges: M&A within the University Recorded: Jul 30 2019 55 mins
    Shawn Taylor, Sr. Systems Engineer, Forescout Technologies & Mark Runals, Sr. Solutions Architect, Blackwood Associates, Inc
    IT consolidation towards a single infrastructure management organization is an increasing trend within the Higher Education space. As Colleges and Universities move to undertake these centralization activities, concerns are raised by the central IT Operations, Networking, and Security teams over the lack of insight into the systems and environments to be "acquired." With partial asset lists and little to no visibility there is incomplete understanding of how the risk profile of Central IT will change or the lift associated with bringing the onboarded unit to existing organizational or regulatory compliance standards. This webinar will explore various challenges associated with centralization within Higher Ed and how Forescout helps centralized IT organizations achieve complete visibility and a contextual understanding of all assets and devices, ensuring they get a handle on the environments they’ll be onboarding; ultimately mitigating risks they instantly face when they take over operational responsibility.
  • Healthcare Under A Microscope – Understanding and Overcoming Cybersecurity Recorded: Jun 24 2019 28 mins
    LYLE KELLY, Sr. Solutions Engineer – Healthcare Forescout
    The device landscape in the healthcare sector is growing exponentially, adding to the complexity of the network, and making it challenging for IT and security personnel to remain compliant and enforce patient safety and privacy. To better understand the complexity of healthcare networks and potential vulnerabilities, Forescout research analyzed 75 healthcare deployments with over 1.5 million devices.

    Join Lyle Kelly, Sr. Solutions Engineer, to review the research findings and for an interactive discussion on overcoming common cybersecurity challenges by:

    Building a security foundation based on a complete and accurate asset inventory
    Minimizing downtime by containing risk with zone-based segmentation
    Improving security productivity and responsiveness by automating security controls
  • 2019 SANS OT/ICS Cybersecurity Survey Webcast Recorded: Jun 17 2019 61 mins
    SANS experts Doug Wylie and Barb Filkins, with advisor and SANS instructor Jason Dely
    Critical infrastructure organizations are increasingly becoming targets of malware campaigns. This rising tide of cyberthreats, coupled with the increased exposure of OT networks to the Internet is making ICS network protection a strategically important issue. To stay cyber resilient in todays environment, asset owners need a fresh approach to cybersecurity.

    During this webinar, we will discuss an anonymized investigation conducted by our team to identify a real malware infection on a production network, the tools and techniques used to contain this threat and how to use threat intelligence and visibility to stay ahead of cyber adversaries.

    We will focus on improving security strategy in four key areas, in the context of the SANS Top 20 CIS Controls:

    - Asset visibility and network baselining
    - Continuous network monitoring
    - Threat intelligence ingestion
    - Thorough incident response plans
  • Converged IIoT Networks: Gaining Comprehensive Device Visibility & Control Recorded: Jun 13 2019 32 mins
    Forescout Solution Expert
    Can you identify and secure what’s on your network? Do you worry that needed security will impact your operational uptime and will keep your critical infrastructure running 24/7?

    Today’s networks include a broad variety of devices - managed, unmanaged, IoT, medical, OT and HVAC – that aren’t always visible and therefore aren’t secure.

    Expanding the visibility is the first step in reducing the risk. In this session, learn from actual customer experiences that share how deploying a solution for device visibility and control provides the foundational layer needed for risk mitigation and protection.
  • Top Cybersecurity Practices (HICP) to Mitigate Cyber Threats in Healthcare Recorded: Apr 25 2019 59 mins
    Erik Decker, CISO & CPO, University of Chicago Medicine & Ellen Sundra, VP of Engineering at Forescout
    Join Erik Decker, Chief Information Security Officer and Chief Privacy Officer of the University of Chicago Medicine and Ellen Sundra, VP of Engineering at Forescout, to learn how to protect patients by applying the recommended principles and practices from Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP).

    Over the past decade, threats to the health care industry has increased dramatically along with the sophistication of cyber-attacks. As a result, the Healthcare Sector Coordinating Council and the US Department of Health and Human Services collaborated to establish cybersecurity practices that can be used across the healthcare industry. Our guest, Erik Decker, serves as the industry lead on the development of, “Health Industry Cybersecurity Practices (HICP)”, which resulted from insights of the task group and over 150 health IT professionals.

    Ellen Sundra leads this discussion to gain insights into actionable steps that health industry IT and HTM security professionals can establish, implement and maintain in their organizations to thwart cyber-attacks before they occur.

    What you will learn in this webinar:
    - How to reduce risk to the business by implementing solid security practices
    - Which are top security practices to consider when facing some of healthcare’s top issues
    - How using policy-based controls can simplify processes and protect the organization
  • Using Zero Trust to Protect Financial Services Networks Recorded: Apr 15 2019 51 mins
    Tom Dolan VP, Global Financial Services Forescout & John Kindervag Founder of Zero Trust and CTO Palo Alto Networks
    Is Zero Trust really achievable given the complexity in financial service organizations, especially considering limited staff, mergers and acquisitions and compliance pressures?

    With Phil Packman, a CISO at BT, as your host, learn from the founder of Zero Trust & Field CTO at Palo Alto Networks, John Kindervag, and the VP of Global Financial Services at Forescout, Tom Dolan, how your company can more easily embrace Zero Trust to proactively combat today’s high frequency and sophistication of cyberattacks.

    Join us to learn how to:
    - Proactively combat today’s high frequency and sophistication of cyberattacks
    - Gain unparalleled situational awareness of malicious activity
    - Prevent the exfiltration of sensitive data and money
    - Simplify adherence to compliance regulations
  • Automating Security Controls with Confidence Recorded: Apr 10 2019 58 mins
    Forescout Product Team
    IT security teams are inundated with increasing numbers of security and compliance issues reported by security tools that either lack sufficient device context for prioritization or automation capabilities to enforce risk mitigation controls. As a result, highly skilled security teams waste time manually troubleshooting low-impact issues, unable to focus on proactive risk reduction or rapid threat response.

Join us to learn how Forescout 8.1 enables organizations to orchestrate actions and automate controls while minimizing business disruption. Topics include:

    • Orchestration of segmentation controls across Fortinet®, Palo Alto Networks® and Check Point® firewalls
• Incident response automation with ServiceNow® ITSM and Security Operations

    • Automation of controls for network access and device compliance initiatives
  • Unified Device Visibility for IT and OT Environments Recorded: Mar 27 2019 48 mins
    Forescout Product Team
    As digital transformation continues, organizations are using increasing numbers of smart devices on their networks. They are connecting previously separated IT and OT networks to automate business operations and boost efficiency. This convergence of IT and OT is putting new demands on CIOs and CISOs as they are being tasked with protecting the entire business ecosystem, well beyond enterprise IT systems. 

Join us to learn how Forescout 8.1 enables organizations to gain complete situational awareness of all devices in their interconnected environment to understand both their cyber and operational risk. Topics include:
• Visibility and continuous monitoring of all layers of the OT network stack 

    • Auto-classification of medical, industrial, networking and IoT devices
• Multi-cloud and data center visibility into Azure, AWS, VMware and Cisco ACI environments
  • Overcoming Cyberthreats to Critical Infrastructure with IT/OT Cybersecurity Recorded: Mar 21 2019 49 mins
    Thomas Nuth, Sr. Director of Marketing, OT at Forescout
    Many organizations reliant on critical infrastructure networks are striving to reduce risk with cybersecurity strategies that bridge both IT and OT asset domains. However, achieving comprehensive IT/OT cybersecurity is often a more challenging task in practice than it is conceptually.

    Security professionals interested in effectively executing an integrated IT/OT cybersecurity strategy should join this webinar to learn how they can achieve end-to-end visibility into the full spectrum of both IT and OT network devices, as well as unified business risk management for today’s continuously evolving cyberthreat landscape. During this webinar, we will dive into four foundational elements of a comprehensive IT/OT cybersecurity strategy, including asset visibility, asset management, risk & compliance and investigation & response, with use cases of each.
  • Ensuring Healthcare Delivery through Complete Visibility & Threat Defense Recorded: Dec 11 2018 61 mins
    Curt Aubley, VP WW Solution Architecture, CrowdStrike and Matt Hartley, VP Federal Solutions, ForeScout
    The Healthcare industry continues to be targeted by cyber threat actors. In 2018, large scale cybersecurity attacks caused disruptions in healthcare delivery, driving patient care operations to a grinding halt in several hospitals. Multiple breaches also exposed sensitive customer data for many thousands of individuals. Damages like these not only cost healthcare organizations billions of dollars, they can also hurt patient trust in the healthcare system and even risk lives.

    With limited security resources and budget, how should hospitals and healthcare providers approach cybersecurity to protect against current and future cyber threats?

    Join us to learn from Curt Aubley, VP Worldwide Solution Architecture at CrowdStrike and Matt Hartley, VP Commercial East & Federal Civilian at ForeScout as we discuss:

    •The current threat landscape and unique security challenges healthcare organizations face
    •Best practices on mitigating risk by streamlining network and endpoint security while maintaining systems and medical device reliability
    •How to maximize your security investments to provide your organization the greatest protection, security efficacy and operational efficiency
  • Implementing NIST 800-171 with ForeScout Recorded: Dec 6 2018 42 mins
    James John, Systems Engineer, ForeScout Technologies, Inc.
    The ForeScout platform helps with 800-171 preparedness by automating and accelerating your path to compliance, reducing overall risk and maintaining and demonstrating ongoing compliance. James John, Senior Systems Engineer with ForeScout has extensive experience implementing and deploying the ForeScout solution in both public and private sector environments. He will demonstrate and share tips and tricks to help you maximize your existing investment to comply with NIST 800-171. The webinar and interactive demo will show you how to:
    •Effectively identify Controlled Unclassified Information on your
    •Assess devices that store CUI
    •Build policies to effectively segment and protect these devices
    •Implement these policies and plan for remediation
    •Integrate with your existing security solutions
  • Save your contracts! Understand and comply with DFARS & NIST 800-171 Recorded: Nov 29 2018 19 mins
    Michael Correa, Senior Engineer, ForeScout Technologies, Inc.
    The Department of Defense (DoD) wants increased industry accountability for cybersecurity. In fact, the Department views cybersecurity as foundational to doing business with the DoD. What does that mean for your upcoming contracts? ForeScout Senior Engineer, Michael Correa has worked in the federal space for 25 years. Join us as Michael provides seven quick tips for ramping up on NIST 800-171 compliance. In this webinar you will learn:

    • How to effectively identify Controlled Unclassified Information (CUI)
    • How to gain quick wins by focusing on the most fundamental controls
    of NIST 800-171
    • What it takes to solidify your System Security Plan
    • Other quick tips for complying
  • It’s November. How compliant are you with NIST 800-171? Recorded: Nov 15 2018 39 mins
    Leo Sheridan, Executive Liaison for Federal and Systems Integrators, ForeScout Technologies, Inc.
    Ten months after the mandate to comply with NIST 800-171, many prime contractors and subcontractors admit they underestimated the cost of implementation. The U.S. Deputy Secretary of Defense just announced that the Department of Defense (DoD) would bring even more pressure on DoD contractors to meet higher cybersecurity standards, and that they would hold large contractors responsible for demanding that their subcontractors do the same. The DoD plans to begin launching “red team cyberattacks” on industrial partners, in which a cell would test vulnerabilities and try to penetrate the contractors' systems. Leo Sheridan, executive liaison for federal and systems integrators will discuss:

    • How being noncompliant can affect your business revenue next year

    • Why it has been challenging to comply with NIST 800-171

    • How to quickly assess your level of compliance

    • Defining a path to clear up the confusion and focus on the key
    elements to a strong System Security Plan (SSP)
Security at First Sight
Forescout Technologies is the leader in device visibility and control. Our unified security platform enables enterprises and government agencies to gain complete situational awareness of their extended enterprise environments and orchestrate actions to reduce cyber and operational risk

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: IoT Risk and Posture Assessment
  • Live at: May 29 2018 4:00 pm
  • Presented by: Mitesh Shah, Sr. Technical Product Marketing Mgr., ForeScout Technologies, Inc.
  • From:
Your email has been sent.
or close