Creating a Winning Security Strategy for 2019

If you want to kill someone, the easiest way is to attack the heart. When cyber-criminals want to unleash a fatal attack on your organisation, they go for the Active Directory!

During the webinar, we will demonstrate how attackers are using Active Directory misconfigurations to spread ransomware inside the organisation, and ultimately take control of your data. We will expose the most common techniques attackers use to infect the first PC, catch credentials, move laterally to other machines, and take control of Active Directory.

The session will focus on actual demonstration, not just a boring slide deck – you will learn first hand about primo-infection, lateral movement, and privilege escalation. We will reveal the main counter strikes and what accurate defence mechanisms are efficient to deploy inside your organisation.

The new normal, that of working from anywhere, is starting to significantly impact organisations and their governance, compliance and information security postures.

Fact: If you had 10,000 staff working from one office today you have 10,000 remote-offices!
Fact: You still remain 100% responsible and liable for a data-breach or other non-compliance activities!

To say that the size of the threat and resulting risks has grown thousandfold is an understatement with the normal creating the largest ever data-sprawl risk we have ever seen. In addition, the CISO, the compliance and governance officers are going to have to deal with constantly growing threats like

- Cross contamination of corporate data & personal data.
- The decreased ability to manage corporate IT assets with rigour and diligence.
- Data Spillages & Data theft: Accidental or by cyber-criminals.

Join Amar Singh and Fredrik Forslund as they share their experience and knowledge on how to:

- Ensure cyber-criminals are unable to read ANY data from your corporate hard drives
- Ensure you have 100% compliant data sanitisation across the organisation.
- Conduct REMOTE data cleansing across every 'remote-office'

Fredrik Forslund, VP, Enterprise and Cloud Erasure Solutions, is a member of the Blancco global leadership team. With more than 20 years industry experience, he previously founded SafeIT Security in Sweden, a security software company now a part of the Blancco Technology Group.

Amar Singh is the CEO and co-founder of Cyber Management Alliance Ltd and a practising Chief Information Security Officer and creator multiple UK Government certified training courses.

These are the 3 major requirements when designing a WiFi network:

• DESIGN: The WiFi network must be efficient and error-free. At all times.
• MANAGEMENT: The WiFi Access points & network must be super-easy to manage. From
anywhere.
• AUTOMATION: You must be able to automate every aspect of the management and security. No excuses.

Join Paul Melvin from IGXGlobal and Neil Goddard from Juniper Networks as they take you through this educational session on how to transform your network with a modern microservices cloud architecture and inline engine that provides unprecedented scale, agility, insight, and automation.

We’ll cover the following:

- How to design an API based, highly scalable WiFi network.
- How to automate large-scale deployment of APs - create 500 sites in 5 minutes!
- How to apply business logic using APIs - a must see.
- How you can authenticate a user’s IoT device like a Point of Sale machine with secure corporate credentials and create a group pre-shared key - facilitating either a “home from home” experience, or segregation of device types.

In addition to the above, Mist Systems will run a live demos on how to use APIs to interact with your WiFi devices and how to integrate IoT device management directly from your WiFi device.

One of the biggest challenges in building a cyber resilient organisation is the ability to rapidly detect and even more importantly, rapidly respond to a malicious confirmed cyber-attack.

Here is a question? Can your cybersecurity toolset detect a sophisticated attack and take a calculated, automatic and immediate (stress on immediate, say between 0-10 seconds max) mitigating response?

Karsten Desler set out to create just that. He wanted to create a solution based on proven machine learning algorithms that can continuously learn and analyse malicious traffic and automatically take corrective action, with no human interaction.

Is this really possible or hyperbole?

Join Amar Singh as posts this question to the co-founder of Link11 company. Karsten is the chief developer who designed and produced the technology behind Link11.

We will also be joined by Joss Penfold, Regional Director UK & Ireland, Link11.

Cyber Management Alliance and Palo Alto Networks have earlier shed extensive light on SOAR - Security, Orchestration, Automation & Response and their platform that plugs in critical gaps in the incident response lifecycle.

Now, it’s time to pull out the stops and share the unusual, the strange, the unexpected. Because when it comes to security & network operations, there’s always room to reduce the boring, repetitive tasks that sap the life out of your day.

Need some examples? Here's what you can expect:
- How to build a playbook to automate on-boarding and off-boarding of employees;
- Better manage your physical security;
- Semi-automating remediation tasks (with strict workflows)
- Getting married and need to send out invitations? Believe it or not, we can do that too, and much more…


Join Patrick Bayle from Palo Alto and Amar Singh from Cyber Management Alliance Ltd as they review the possibility of Orchestration and how it can help you in increasing your cyber resilience posture.

Patrick Bayle CISM CISSP, Senior Systems Engineer @ Cortex (a Palo Alto Networks company) spent his first ten years of employment working on the security front line for one of the largest financial institutions in the world.

How to Extend your Enterprise to All Staff with one Single Click & other operational strategies to secure your Staff Connectivity.

Large scale and regular remote working poses unique operational and security challenges that need a new and optimised approach. The question is NO longer about remote working. The question is can you

- Safely segregate your corporate data from your staff's personal digital artefacts.
- Protect your corporate data from compromised home wifi
- Proactively troubleshoot and resolve connectivity issues fully remotely. Quick.
- Ensure that your staff can safely work from anywhere NOT just the home.

Join Jan Van de Laer and Amar Singh as they discuss the challenges, the threats and importantly

- Give you a live demo of how the ZERO Touch configuration and remote troubleshooting works.
- How REAL Machine Learning helps in keeping remote staff safe and secure whilst vastly reducing the support burden on technical staff.
- The simple and easy to implement steps to greatly reduce the current risk of remote working.

An Insider's Story on How One Company Created a Treasure Trove of Threat Intelligence.

Join us to hear the details of Mimecast, a company that is synonymous with email security, ended up building one of the world's largest repository of security threat intelligence. Malware, ransomware, word or excel documents. You name the threat vector the chances are they have seen it.

We all know that good and timely threat intelligence is one and very effective way to try to keep up with the cyber criminal. However, there are three major challenges when it comes to good quality threat intel

- Sourcing: You need to have a reliable source
- Scale: Especially when it comes to automated threat-intel, the larger the footprint of the source the better (we will explain more on this during the webinar)
- Credibility: As it implies, you need to know that the provider has credibility and integrity

Join the webinar to listen to Anoop Das who shares how Mimecast built and maintains this treasure trove of threat intelligence.

Despite significant investments in security, many organisations are still grappling with building a strong cyber-resilient business. Amongst their top challenges; How can they can be more effective in building the awareness and employee behaviours required to be more resilient to growing cyber-attacks.

Join us to hear about the awareness training journey a large organisation with 80,000 staff has been on, the challenges they’ve faced and the lessons they’ve learnt. What can we learn from their experience to enhance our own campaigns?

In addition during this webinar we will :
Join us as we

---> Share practical real-world examples and a blueprint for showing how your cyber awareness training could work based on a set of evidence-based principles.

---> Corporate learning in the digital age needs to enable and support behaviour change and we will assess the ways in which immersive training and active employee engagement can form the backbone of your cyber awareness blueprint.

--> Assess ways in which we can start to re-wire our ‘human operating systems’ – helping to ensure we help our employees become our most effective defence rather than just hoping they don’t make simple mistakes. Mistakes that our adversaries are counting on us to make.

The Panellists:

- Stuart Coulson, Director, HiddenText
- Nick Wilding, General Manager, Cyber Resilience, AXELOS and Head of RESILIA
- Amar Singh, Founder and CEO, Cyber Management Alliance

Businesses are facing specific threats that include

- Vastly dispersed offices, across multiple continents
- Increasingly erratic (even called flexible) work patterns
- Ever increasing threats from the wild-west cyberspace

SD-WAN is proposed as a technology that can solve the above and more but there are several obstacles that you need to be aware of before you embrace this technology.

Join us on this educational webinar on SD-WAN as we discuss the challenges and opportunities offered by this technology and what you can do to decrease your risk exposure.

The panelists on this webinar:

Amar Singh, CEO, Cyber Management Alliance
Lee Dolson, Director of Engineering, ZSCALER

The author Maya Angelou has said: “…people will forget what you said, people will forget what you did, but people will never forget how you made them feel.”

The fact is security that doesn’t work for your people, doesn’t work.

We need to understand our own ‘human operating systems’ to ensure we can be effective in designing and managing innovative and collaborative solutions for our own ‘human error’ – the most significant threat to our organisations security and resilience. If, like us, you believe that there is a better way to achieve lasting behaviour change, then join us and share your experiences and insights.

The webinar will:

- Outline and illustrate some of the principles that should underpin an engaging and effective cyber awareness training.
- Highlight the critical questions you should be asking in assessing any awareness training solution.
- Highlight techniques now being used to make cyber awareness training engaging and fun,
- Discuss new research designed to develop real ‘people-centred’ security.

The Panellists

- Nick Wilding, General Manager, Cyber Resilience, AXELOS and Head of RESILIA Frontline
- Amar Singh, Founder and CEO, Cyber Management Alliance
- Lizzie Coles-Kemp, Professor of Information Security, Royal Holloway, University of London

Interesting new research reveals that organisations in India and APJ face a series of cybersecurity shortcomings in the areas of education, company culture, skills, budgeting and operational management.

The attackers are attracted to the "low hanging fruit" and green pastures as companies in India and the region are only just coming to terms with the negative impact of being insecure and not ready for cyber-attacks.

Join Amar Singh & Ben Verschaeren as they discuss why overcoming these challenges won’t be easy and the opportunities available to strengthen these areas in addition to the hardening of the technology platforms and tools used.

Ben, based in Australia, is Sophos' Global Solutions Engineer and threat researcher. Ben is responsible for researching the threat landscape and educating the Sophos team, customers and partners on the latest threats. This includes building demonstration and training tools, focusing on real world exploits and malware.

Amar is based in London, UK and is a globally recognised cyber and privacy specialist and a practising CISO. Amar and his firm Cyber Management Alliance Ltd are trusted advisors in cybersecurity and privacy to global organisations and mentor CISO and C-Level executives on cyber resilience and data-privacy.

What the Industry Tries to Cover Up and What you Need to know.

"This is the most secure solution that you will ever need. It has Machine Learning, advanced Artificial Intelligence, block-chain and blah blah blah."

Yet, cyber-crime is increasing!

Like in other sectors, IT and cyber have their fair share of Snake-oil sellers. However, if you include the blow-out-of-proportionists and aggressive selling tactics, it gets more complicated, dangerous and sometimes leaves you with little more than unadulterated lies.

Join Amar Singh and Chris Eves from Alsid as they separate the wheat from the chaff and filter-out the noise to show you the stuff that really matters when it comes to building a cyber-resilient business.

Amar Singh is an experienced Cyber and Privacy practitioner and is the CEO of Cyber Management Alliance Ltd and the founder of Wisdom of Crowds.

Chris Eves is a Data Protection expert helping to protect enterprise organisations from cyber attacks, both internally and externally. During Chris's 10 years in IT, he has built up knowledge of Networking, Infrastructure, Backup, Data Storage and more recently Data Protection & Governance and Active Directory Cyber Security.

To-the-point webinar that shows you the key technology stack you need to ensure you are able to detect and swiftly respond to the early stages of a cyber-attack. There are enough statistics and figures available to convince anyone - criminals will succeed in breaking-in. The question you have to ask yourself? - Are you prepared for Rapid Detection and Rapid Response.

Furthermore, successful and swift response requires the right technology stack where all the various technology solutions work together. Review this educational webinar to see how a harmonious eco-system works as one to make Rapid Incident Response real and effective.

Discover how email security is moving beyond the gateway, using new techniques such as artificial intelligence and machine learning to protect organizations against the latest emerging threats such as spear phishing and account takeover.

Wow - This is an exciting and busy webinar - with loads of templates and downloads too!

* Live session on how we create an incident playbook from scratch!
* Review of our playbook scratchpad - how we design the initial playbooks.
* Automating incident response - some thoughts.
* Exciting updates on the GCHQ-certified CIPR training

This playbook webinar is taken from our certified Cyber Incident Planning & Response (CIPR) workshop and we will have several past attendees sharing their experience about the workshop and how they implemented the lessons from this training.

Morrisons, the fifth largest super market in UK, will go down in history for all the wrong reasons. The inability to not just prevent but detect a massive data leak has meant that its brand name is being dragged through the mud and dirt, not once, but many times over. Yes Morrisons could have done many things and this webinar is NOT about beating up the brand or pointing a finger.

Experts in this webinar will discuss a better, simpler approach that may reduce or at least make these kind of incidents very difficult to materialise. Join Amar Singh, Barnaby Davies and Jeremy Wittkop as they take a positive and proactive approach to preventing brand-damaging data breaches.

Background: The Court of Appeal (October 2018) upheld a decision of the High Court holding Morrisons vicariously liable for data breaches caused by the actions of its employee, even though the employee’s actions were specifically intended to harm Morrisons.

Do Google: search for morrisons data leak court case for more information.

File storage & sharing should not just be about the size but also privacy and most importantly about maximum security.

* Is your data protected by default?
* Who has access to your data?
* Who can index your data?
* Where is your data stored?

These and many more questions will ensure you select the right type of service that offers NOT only you but your clients the assurance that you take privacy and security seriously - especially when it comes to the cloud.

Join Amar Singh as he discusses the following with Istvan Lam, the founder and CEO of Tresorit:

- How to design an intercept-proof file sync & sharing service?

- What does End-To-End encryption service actually mean?

- How to combine on premise equivalent security with consumer grade simplicity?

- Where is your data actually stored and what would happen in case of a breach of those cloud servers?

- What does ZERO-Knowledge mean in the real world?

Cyber attacks on businesses, organizations and critical infrastructure becoming the norm in 2018. Massive breaches are constantly in the news and consumers are demanding stricter data and privacy protections. Cybersecurity has never been more important to organizations, and the investment in security technology has never been greater.

CISOs are in the spotlight, and are looking to build the best strategy to secure their organizations, customers and users.

Join top security experts for an interactive Q&A panel discussion on:
- The key factors CISOs should consider for their cybersecurity strategy
- The current and future threatscape
- Platform Security for 2019
- Technological solutions that make CISOs' lives easier
- How organizations are coping with the shortage of qualified security workforce
- How CISOs can better communicate their strategy to the board

Panelists:
Israel Barak,CSO, Cybereason
Dario Forte, CEO, DFLabs

Panel moderated by:
Amar Singh, Founder & CEO, Cyber Management Alliance

File storage & sharing should not just be about the size but also privacy and most importantly about maximum security.

* Is your data protected by default?
* Who has access to your data?
* Who can index your data?
* Where is your data stored?

These and many more questions will ensure you select the right type of service that offers NOT only you but your clients the assurance that you take privacy and security seriously - especially when it comes to the cloud.

Join Amar Singh as he discusses the following with Istvan Lam, the founder and CEO of Tresorit:

- How to design an intercept-proof file sync & sharing service?
- What does End-To-End encryption service actually mean?
- How to combine on premise equivalent security with consumer grade simplicity?
- Where is your data actually stored and what would happen in case of a breach of those cloud servers?
- What does ZERO-Knowledge mean in the real world?