Name: Lessons from the Trenches: An Electric Utility Discovers the Power of Zero Trust
Start: 2021-04-14T15:00:00Z
End: 2021-04-14T15:00:49.000Z
Location: BrightTALK
Rating: 0

Your organization has become an Enterprise of Things (EoT). PCs, mobile devices, cloud workloads and other traditional IT systems. Agentless IoT and OT devices. Device diversity is thriving at the cost of security as your users connect from all over the map – literally.

Every thing that touches your enterprise network exposes you to potential risk. You must see it and secure it.

Get to know Forescout. Learn more about our products, hear about new cyber security trends and see how Forescout helps you address these.

We offer the only solution that actively defends the Enterprise of Things at scale. Register for our webinars or visit our website for more information: www.forescout.com

Webinar languages include English, German, French, Italian and Spanish.

In diesem informativen Webinar werden unsere Experten in der OT-Sicherheit über aktuelle Bedrohungen und bewährte Sicherheitslösungen sprechen, um Ihre OT-Infrastruktur zu schützen. Erfahren Sie mehr über:

Die Bedeutung der OT-Sicherheit in einer vernetzten Welt.
Aktuelle Einblicke in die Geräte- und Bedrohungslandschaft im DACH Markt (Vedere Labs)
Praktische Lösungen und Strategien zum Schutz Ihrer OT-Systeme.

Schützen Sie Ihre OT - Infrastruktur

Ohio's South Central Power Company (SCP) sought to improve its network security but lacked insight into its device count and data accuracy. Despite recognizing the potential of Zero Trust, they were cautious about adding another standalone solution. Join our "Zero Trust Success: SCP's Network Security Transformation" webinar with SCP's Jeff Haidet, as he shares their journey to a platform providing full visibility and effective Zero Trust policy enforcement. 

Key takeaways include: 

-The benefits of comprehensive device visibility and successful Zero Trust policy enforcement. 

-Continuous enforcement and least-privileged NAC monitoring. 

-Strategies for streamlined network segmentation. 

-Enhancing the overall effectiveness and value of SCP's security infrastructure.

Zero Trust Success: SCP's Network Security Transformation

In this session, we’ll explain how visibility across your entire environment, IT, OT, and IoT/IoMT, can drive your security automation strategy and provide assurance that security frameworks and compliance requirements are continually adhered to. We’ll also look at how visibility can be leveraged to quantify risk and how introducing security policies and controls, like NAC, ZTNA, or segmentation, can enhance your risk posture over time. Lastly, we’ll explain how visibility can underpin Threat Detection and response, complimenting existing SIEM investments and providing security operations teams with actionable incident information.

Speaker: Daniel Trivellato, VP OT & IoMT Solutions, Forescout

Healthcare Cybersecurity: Navigating Compliance & Threats

Partner Update Webinar Nr. 4 - 20. November 2023

Coffeebreak with Forescout

Explore the dynamic landscape of cyber threats with our in-depth analysis of R4IoT ransomware. This sophisticated threat capitalizes on IoT devices for initial access, targets IT infrastructure for ransomware deployment, and exploits OT security weaknesses to physically disrupt business operations. R4IoT redefines the threat landscape by infiltrating assets across IoT, IT, and OT domains. In this webinar, discover how to: 

- Develop and implement a comprehensive security strategy to counter R4IoT and similar multi-device threats 

- Strengthen your organization's defenses in response to evolving cybersecurity challenges 

- Arm your team with the knowledge and strategies required to effectively mitigate the risks posed by R4IoT

Securing IoT and OT Against Ransomware: R4IoT Report Insights

Lo Smart Working, la convergenza degli ambienti IT/OT e l’esplosione dei dispositivi IoT rendono la superficie di attacco più difficile da gestire e introducono punti deboli che gli hacker possono potenzialmente sfruttare.

Partecipa al nostro webinar di giovedì 12 ottobre dove esamineremo le nuove minacce negli ambienti convergenti IT, OT e IoT e come la soluzione Forescout si è evoluta per garantire la completa protezione dei clienti.

Speakers: Elisa Costante, VP Research, Forescout and Stefano Innocenti, Global Solution Architect, Forescout

La superficie di attacco continua a crescere

In diesem Webinar erfahren Sie mehr darüber, wie moderne Netzwerkzugriffskontrolllösungen den Anforderungen des Deutschen Mittelstands gerecht werden können. Unser Partner Pocabar berichtet gemeinsam mit unserem Kunden Winkelmann.

NAC im Deutschen Mittelstand

In unserem Webinar geht es um ein generelles Update der Zuständigkeiten innerhalb der Region, anstehende Veranstaltungen und Events sowie eine Übersicht von Informationsquellen rund um die Forescout Themen. Weiterhin gehen wir nochmal etwas detaillierter auf technische Supporttickets ein und was man in dem Zusammenhang beachten sollte.

Coffeebreak with Forescout – die neuesten Updates für unsere Partner Vol. 2

In this webinar, we unveil our latest research findings on the most high-risk devices found within enterprise networks in 2023. Our investigation adopts a data-centric approach, leveraging Forescout's Device Cloud, and employs Forescout's multifactor risk scoring methodology, as outlined in our recently published report.

To circumvent conventional endpoint security measures, malicious actors have increasingly targeted devices that provide easier initial access. In order to effectively manage risks and exposure in the modern landscape, it is imperative to address devices across all categories, thereby mitigating risks throughout the entire organization.

Discover the most perilous IT, IoT, OT, and IoMT devices of 2023, gain insights into their inherent risks, and learn actionable strategies to effectively mitigate these risks within your own organization.

Riskiest Connected Devices in 2023: IT, IoT, OT, IoMT

For more than two years, Forescout Research - Vedere Labs has been finding, disclosing, and helping to detect and fix critical vulnerabilities that can be used by attackers to take control of IT, IoT and OT devices. Project Memoria revealed a host of problems with TCP/IP stack implementations, while OT:ICEFALL highlighted the insecure-by-design nature of OT equipment.   

On June 20, we concluded OT:ICEFALL after more than one year of research. In this webinar, we will share the insights we have gained into the current state of OT product security and how that affects vulnerability management for asset owners. We will discuss why many device vendors still lack a fundamental understanding of basic security controls, why many OT patches are broken and lead to new vulnerabilities and how threat actors can leverage the current situation in their attacks.  

Learn what insecure by design vulnerabilities mean for asset owners and, most importantly, how to assess and mitigate risk.

Speaker: Daniel dos Santos, Head of Security Research, Forescout Research - Vedere Labs

OT:ICEFALL – A Year-long Dive into Insecure-by-Design Practices and Patching

In der ersten Folge unserer neuen Webinar Serie geht es um die neue Partnerstrategie die die DACH Region verfolgt und wichtige Produktupdates.

Coffeebreak mit Forescout – die neuesten Updates für unsere Partner

Cybercriminals and the threats they pose are becoming more sophisticated than ever, making it crucial to stay updated on the latest trends and techniques employed. Many organizations face a rapidly expanding attack surface that further exacerbates the increased risk as more devices connect to enterprise networks. Managing this growing attack surface requires adopting measures like passive asset discovery, risk-based vulnerability prioritization, and zero-trust network segmentation, to name a few. Join us as we explore the five steps to combating emerging threats with network security. 

Join Joe Thibault, Forescout Solutions Marketing Manager, as he covers: 

◾ How to improve asset discovery and fill in the blind spots of your attack surface.

◾ Going beyond authentication to perform post-connect access control for unmanaged assets. 

◾ How to fight ransomware and extortion with least privileged access controls. 

◾ What your cybersecurity team must do to combat burnout and alert fatigue.  

◾ How to fight fire with fire using automated cybersecurity controls.

5 Steps to Combating Emerging Threats with Network Security

Forescout Vedere Labs recently disclosed three new vulnerabilities on a popular Border Gateway Protocol (BGP) open-source implementation. These vulnerabilities highlight message parsing as an often-overlooked aspect of BGP security and they could be exploited to achieve a denial of service on vulnerable peers, thus dropping all sessions and routing tables.

Recent BGP incidents show that it might take only a malformed packet to cause potentially large disruptions since software suites implementing BGP are used by major networking vendors and found in ISPs and large data centers. Therefore, organizations should not rely only on their ISPs to handle BGP security.

This research shows that modern BGP implementations still have low-hanging fruits that attackers can abuse. Learn how we found the three new vulnerabilities, what their risk is, and what to do to mitigate these risks.

Speaker: Daniel dos Santos, Head of Security Research at Vedere Labs

Finding and mitigating the risk of vulnerabilities in BGP implementations

The year 2022 was quite eventful for cybersecurity. Cyberattacks grew in intensity, sophistication, and frequency, with malicious actors benefitting from growing geopolitical conflicts, economic uncertainty, and rapid digitization. As a result, threat actors have started blurring the lines between traditional IT attacks and emerging OT/IoT threats.

With 2023 bound to accelerate the adoption of new devices into organizations and pose even greater challenges for cybersecurity professionals across the globe, Forescout’s Vedere Labs has analyzed data gathered in 2022 about millions of attacks, hundreds of exploits, and thousands of malware samples to share with the community insights that can help organizations to prepare.

Tune in to understand where attacks are coming from, their top targets, vulnerabilities they exploit, what attackers do after initial access, the most common type of malware dropped, trends in malware evolution, and forecasts for the future.

Most importantly, learn strategies and actions that you can take to prepare for this evolving threat landscape.

2022 Threat Roundup – The Emergence of Mixed IT/IoT Threats

Threat detection and response has become increasingly important, and increasingly difficult, even for seasoned and large SOC teams. Current approaches, including traditional extended detection and response (XDR) solutions, don’t adequately convert the mountain of daily alerts into high-fidelity detections of true threats, nor do they enable SOC teams to automate response processes across the extended enterprise (IT, OT, IoT, IoMT). 

Forescout XDR, combined with other Forescout solutions, uniquely addresses these challenges. In this 30-minute webinar, you will: 

◾Learn how to truly extend detection to every managed and unmanaged connected device across your enterprise 

◾Discover how advanced data science enables 450x better detection 

◾See how you can better respond to threats through real-time control of your network and devices

◾Explore key use cases for improved SOC efficiency, risk reduction, and enhanced visibility

Speakers: Justin Foster, Chief Technology Officer; Virendra Bisht, Director of Data Science; George McTaggart, Chief Marketing Officer

Improving SOC Efficiency by 450x with Forescout XDR

Despite a number of advanced security tools on the market, ransomware, extortion, and other related threats continue to dominate the cybersecurity landscape of 2023. For organizations with siloed security solutions, outdated processes, and ineffective threat detection practices, an expanding attack surface is almost guaranteed – and will leave the door open for attackers to exploit, disrupt, and cost you millions. 

In this exclusive webinar, Forescout’s Rik Ferguson, VP of Security Intelligence, will take a deep dive into:  

▪How the threat landscape of 2023 might be impacted by the developments of 2022 
▪An in-depth analysis of trending threat attacks and how organizations are being targeted 
▪Best practices to avoid falling victim to ransomware, identity-based attacks, extortion, and more.  

 Speaker: Rik Ferguson, VP of Security Intelligence

Threat Intelligence: 5 Cyber Attacks to Watch for

Several events in 2022 shaped the current threat landscape for critical infrastructure, such as the OT:ICEFALL vulnerabilities highlighting how insecurity by design affects critical devices, new OT/ICS-specific malware showing state-sponsored actors' inclination to cause cyber-physical damage via this insecurity, ransomware groups attacking critical infrastructure for financial gain, and several hacktivists attacking unmanaged devices for their own political agenda. 

We expect this threat landscape to continue expanding in 2023, with even more attacks on critical infrastructure, state-sponsored actors expanding their arsenal with new sophisticated malware, ransomware groups diversifying their extortion campaigns, and more hacktivists adopting OT as a target to spread their message.  

How is this all relevant for asset owners? Tune in to understand: 

• What does the current threat landscape for critical infrastructure look like and what could change in 2023 

• Strategies and actions that asset owners should take to prepare for this evolving threat landscape

The Critical Infrastructure Threat Landscape and How to Prepare for 2023

Exploring a Zero Trust Architecture in the Healthcare Industry – How to get started and pitfalls to avoid
 
Digital transformation in the Healthcare industry is causing an explosion of hyper-connected IT, IoT and IoMT devices and, with it, a greatly expanded cyber-attack surface. With constant transformation and the explosion of interconnected devices, how do you even begin to plan for a zero trust architecture beyond the managed users and workstations? 
 
In this session you will learn: 
• How NIST defines Zero Trust and their 7 steps to get there.
• Some of the common pitfalls to avoid.
• Why Zero Trust doesn’t stop at managed users and workstations – IoMT devices must be included in the architecture planning up-front.

Getting Started with Zero Trust in Healthcare

Ohio’s South Central Power Company (SCP) had invested considerable time and money in a multilayered, multivendor security stack. However, SCP officials still had no idea how many devices were on its network or whether their portfolio provided accurate information. They knew a Zero Trust solution could help but weren’t interested in adding another point solution. 
 
In this Lessons from the Trenches webinar, SCP’s Jeff Haidet discusses how he and his team searched for and found the platform that brought complete visibility and effective Zero Trust policy enforcement to South Central Power. 

Discussion highlights include:
·	The benefits of complete device visibility and effective Zero Trust policy enforcement 
·	Applying continuous enforcement and monitoring of least-privileged NAC
·	Simplifying and accelerating design and deployment of network segmentation 
·	Enhancing the overall effectiveness and value of SPC’s security stack

Lessons from the Trenches: An Electric Utility Discovers the Power of Zero Trust

Case Study

Cyber Security

energy

IT Security

Network Access Control

power utilities

Security

Zero Trust

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Lessons from the Trenches: An Electric Utility Discovers the Power of Zero Trust

Presented by

About this talk

More from this channel