Ryan Jones, Principal Sales Engineer, APAC, Cofense
As the phishing threat landscape continues to evolve at a pace that technology is unable to keep up with, organizations are turning to phishing awareness and simulation programs to plug the gap. Is your phishing awareness program keeping up with this changing landscape?
Join Cofense and (ISC)² on Nov 27, 2019 (Wed) at 14:00 (GMT +8) as we explore the attributes of a modern phishing awareness program and see what our data, based on millions of phishing simulations, shows about awareness programs and simulation exercises.
You will learn:
- The statistical advantage of using an email reporting tool
- The important role the end user plays in active defense
- How often you need to send simulations for maximum resiliency
- The advantages of basing simulations on active threats, not random dangers
- Why ‘phish testing’ is the enemy of true phishing defense
Presenter: Ryan Jones, Principal Sales Engineer, APAC, Cofense
Moderator: Kawin Boonyapredee, CISSP, Chief Cyber Strategist, Booz Allen Hamilton
Ajay Mishra, Senior Enterprise Security Architect; Sid Deshpande, Director of Security Strategy, Akamai Technologies
Enabling consumers to have personalized, meaningful interactions with a brand online is an essential component of digital business. While this unlocks tremendous business value, it also increases the risk surface as attackers are quick to leverage techniques such as credential stuffing to cause financial losses to the business. This session, featuring a technical attack demo, will help highlight key architectural considerations for security practitioners to mitigate these risks and stay ahead of attackers.
Join Akamai Technologies and (ISC)² on Nov 20, 2019 (Wed) at 13:00 (GMT +8) to learn about public authentication system security.
Tony Vizza, CISSP, CCSP, Director of Cyber Security Advocacy - APAC, (ISC)²
Earning the globally recognized CCSP cloud security certification is a proven way to build your career and better secure critical assets in the cloud.
In this info-session, you will learn:
- Trends in cloud security
- Why you should pursue CCSP
- How to earn the CCSP certification: exam and experience requirements
- And, ask any question that will support your certification journey
Each presentation is followed by a Q&A period to answer your questions about your certification journey.
The CCSP shows you have the advanced technical skills and knowledge to design, manage and secure data, applications and infrastructure in the cloud using best practices, policies and procedures established by the cybersecurity experts at (ISC)².
Prove your skills, advance your career, and gain support from a community of cybersecurity leaders here to help you throughout your professional journey. More details>> www.isc2.org/ccsp
Are you ready to prove yourself? Register and begin your certification journey today!
백 용 기, Senior Enterprise Security Executive; 정 덕 진, Security Technical Project Manager, Akamai Technologies
제로 트러스트 보안에는 내부(국내외 지점) 및 외주직원이 온프라미스와 클라우드에 위치한 기업의 애플리케이션을 원격에서 안전하게 액세스하고, 기업내부에서 외부로 나가는 DNS쿼리를 제어하여 데이터 유출을 차단 할 수 있는 활동이 필요합니다. 원격 네트워크 액세스, DNS 기반 보안 및 응용 프로그램 계층 공격 방어 측면에서 가장 성공적인 모범 사례를 살펴보겠습니다.
이 웹 세미나는 두 부분으로 나뉩니다.
첫 번째 부분에서는 원격 네트워크 액세스 및 DNS 기반 보안 측면에서 Zero Trust Security Reference Architect를 통해 기존 경계 기반보안 모델의 문제점과 고려사항 및 해결방안을 살펴 봅니다.
두 번째 부분에서는 금융 서비스의 DDoS 트렌드를 살펴 보겠습니다. 또한 한국에서 발생한 L7 계층 7 볼륨 공격의 실제 사건과DDoS 완화 모범 사례에 대한 권장 사항을 공유 할 것입니다.
발표자: 백 용 기, Senior Enterprise Security Executive, Akamai Technologies
발표자: 정 덕 진, Security Technical Project Manager, Akamai Technologies
진행자: 박 선 영, Senior Business Development Manager, APAC, (ISC)²
Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
The cybersecurity skills shortage is a significant problem for many organisations today. (ISC)² research shows an estimated 2.13 million cybersecurity jobs will go unfilled in the Asia-Pacific region by 2022.
Do you have what it takes to become an information security professional? Do you have the skills, experience and team culture to help keep your organization secure? Plan your next career advancement goal – Become CISSP certified in 2020!
The CISSP is the global gold standard in cyber security certification and has been awarded the top cyber security certification program for 2019 by SC Media magazine. Becoming CISSP certified opens the doors for career and salary advancement.
Join this online info-session hosted by (ISC)² and learn everything you need to know about the globally recognized credential CISSP!
During the online info-session, you will:
• How large the cybersecurity workforce gap is today.
• Why you should consider pursuing the CISSP.
• How to earn the CISSP certification including exam and experience requirements.
• And you can ask any question you may have to help you on your certification journey
Each presentation is followed by a Q&A period to answer your questions about your certification journey.
==================================================================
Earning the CISSP proves you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program. With a CISSP, you validate your expertise and become an (ISC)² member, unlocking a broad array of exclusive resources, educational tools, and peer-to-peer networking opportunities.
Prove your skills, advance your career, and gain the support of a community of cybersecurity leaders here to support you throughout your career. More details >> https://www.isc2.org/cissp
The perimeter has shifted. Your users directly access cloud applications from everywhere and data no longer reside only in data centers. Digital transformations like SD-WAN, IoT and cloud make securing your infrastructure, applications and data complicated. SD-WAN enabled branches directly connect to the Internet, but they don’t have the ability to replicate a full HQ security stack. IoT leads to an explosion of non-standard devices using non-standard protocols, making them harder to secure. Every new change doesn’t equal need for a new security tool.
What’s needed is a scalable, simple, and integrated security solution that leverages existing infrastructure that organizations already own. DNS is critical to the fabric of the internet and any IP based communication (on-premises, cloud, SD-WAN and IoT environments). It serves as the perfect foundation for security because it is simple to deploy, ubiquitous in networks, is needed anyway for connectivity and can scale to the size of the Internet.
Join Infoblox and (ISC)² on Oct 16, 2019 (Wed) at 14:00 (GMT +8) to learn how leveraging DNS as a foundational security architecture for digital transformations can:
• Protect your brand by securing your traditional networks and transformations like SD-WAN, Cloud and IoT
• Reduce time and cost of your enterprise threat defense
• Automate response when it sees things happening and provide data to the rest of the ecosystem
Presenter: Jerry Wong, Systems Engineer, Infoblox
Moderator: Sam Goh, CISSP, GM for Korea and Japan, Ensign InfoSecurity
Michał Kaszuba, Cyber Security Business Unit Consulting Director, Comarch; Maciej Nowak, IT Security Consultant, Comarch
Subtitle: How to Use Your Mobile as a Strong Authorization and Authentication Tool
Tough times call for tough security measures.
And to become secure enough, you need strong authentication mechanisms. But...these are sometimes inconvenient. Uncomfortable. Irritable.
Or are they? The phone in your pocket may just prove that claim wrong.
That's one of the things cyber security experts of Comarch are going to discuss during the webinar. You'll also learn about the history of 2FA, its best use cases, how it compares to 2SV, common security problems with mobile apps, or and GDPR/PSD2 best practices.
We'll be sharing lessons we've learned (sometimes the hard way) throughout two decades of working not only in the banking realm.
Join Comarch and (ISC)² on Sep 25, 2019 (Wed) at 14:00 (GMT +8) to learn about the authentication tool.
Presenter: Michał Kaszuba, Cyber Security Business Unit Consulting Director, Comarch
Presenter: Maciej Nowak, IT Security Consultant, Comarch
Moderator: Tony Vizza, CISSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
(ISC)² recently completed our multi-year Digital End-to-End Transformation (DETE) project, which positions us to deliver a more a seamless and user-friendly experience to all members. In addition to revamping our online presence, we launched a new Learning Management Systems where members can access all the courses developed by our Professional Development Institute. In Part 3 of the (ISC)² Digital End-to-End Transformation (DETE) webcast, we will examine the “new world” of what the project has provided to internal (how we serve the members and visitors), the members (what you as members see and experience) and what’s to come. Join Wes Simpson, COO and Bruce Beam, CIO on September 17, 2019 at 1:00PM Eastern for a discussion on these items and a Q&A with our COO and CIO.
Fernando Serto, Head of Security Technology & Strategy, APJ; Ajay Mishra, Senior Enterprise Security Architect, Akamai
Across the globe, forward-looking enterprises are fundamentally changing their approach to customer identity access management. Many are looking to leverage identity management technologies that enable them to securely store customer data and to provide GDPR-compliant consent management and better customer experience. When sensitive customer data is stored in an identity platform, you also need to make sure that platform is built with strong data protection capabilities and add-ons to protect against vulnerabilities.
The second part of the webinar will cover our technical security research on deserialization attacks – a high severity vulnerability that can lead to remote code execution attacks.
Join Akamai Technologies and (ISC)² on Sep 11, 2019 (Wed) at 13:00 (GMT +8) to know more about:
- Customer identity access management that enables and secures the business
- How a deserialization attack is performed via a demo
- Best practices to mitigate deserialization attacks
Presenter: Fernando Serto, Head of Security Technology and Strategy, Asia Pacific and Japan, Akamai Technologies
Presenter: Ajay Mishra, Senior Enterprise Security Architect, Akamai Technologies
Moderator: Tony Vizza, CISSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
Ryan Jones, Principal Sales Engineer, APAC, Cofense
Mottos like "If you see something, say something" speak to the power of human observation in preventing security disasters. Similarly, valuable human-generated intelligence can be effective in preventing data breaches emanating from phishing attacks. In today’s changing cyber threat landscape, humans need to be conditioned to recognise phishing attacks and security teams need to be armed with actionable threat intelligence to rapidly manage an attack once it hits.
This is where Phishing Threat Intelligence comes into play. By extracting key IOCs from newer phishing threats and making them available to security teams, organisations can detect attacks in progress and respond quickly to reduce the effect of a breach. Plus, by incorporating the same intelligence and tactics in your awareness program, you can train your users to more quickly detect and report an active threat.
Join Cofense and (ISC)² on Sep 4, 2019 (Wed) at 14:00 (GMT +8) to learn about:
- The constantly changing threat landscape
- Turning active, real threats into learning moments for your users
- Speeding up response with timely, actionable intelligence
Presenter: Ryan Jones, Principal Sales Engineer, APAC, Cofense
Moderator: Chuan-Wei Hoo, CISSP, Technical Advisor, Asia-Pacific, (ISC)²
IT automation and orchestration, the key enabler of digitization is the number one IT initiate globally according to our state of application services report 2019. In addition, Zero Trust and Security-By-Design are key imperatives of organizations pursuing digital transformation as these organizations accelerate adoption of cloud technologies to gain speed, scale and accessibility to innovative technologies like AI and blockchains.
In this webinar, we will look at the changing landscape of DevOps and explore the practice of scaling application security, controlling vulnerabilities and controlling advanced threats with the web application firewall in CI/CD environments. We will also take a look at how the technologies enable close collaboration between security teams and development teams on securing APPs without requiring application teams having in-depth knowledge of security.
Join F5 Networks and (ISC)² on Aug 28, 2019 (Wed) at 14:00 (GMT +8) to learn about web application firewall in a CI/CD workflow.
Presenter: Scott Van Kalken, Systems Engineer, F5 Networks
Moderator: Tony Vizza, CISSP, Director, Cybersecurity Advocacy for APAC, (ISC)²
김 현 도, Senior Solution Engineer, Akamai Technologies; 한 준 형, Technical Account Manager, Akamai Technologies
일반적으로 제로트러스트 접근방식에는 접근시도과 신원 확인, 그리고 기기확인이라는 3가지 핵심 축으로 살펴볼 수 있습니다.
이전 웨비나에서는 아이덴티티 기반 접근 방식을 클라우드 프록시와 함께 사용하여 내부 어플리케이션에 보다 안전하게 액세스 하는 방법을 살펴보았습니다.
이번 웨비나는 두가지 파트로 나뉘어 집니다. 첫번째 부분에서는 앞서 언급한 3가지 제로트러스트 접근 핵심축에 대해 좀 더 자세히 알아보고 사용자와 접근 장비에 대한 의미에 대해 더 살펴보는 과정을 통해 제로 트러스트 아키텍처를 구현하는 방안에 대해 알아보겠습니다.
두번째 부분에서는 Web에서 API로 전환되는 보안의 트렌드에 대해 살펴보겠습니다.
여기서 우리는 모바일 어플리케이션의 폭발적인 증가와 함께 웹에서 API로 공격이 이동하는 API의 공격 트랜드와 Credential Fraud의 라이프 사이클을 살펴볼예정입니다.
발표자: 김 현 도, Senior Solution Engineer, Akamai Technologies
발표자: 한 준 형, Technical Account Manager, Akamai Technologies
진행자: 박 선 영, Senior Business Development Manager, APAC, (ISC)²
Bruce Beam, (ISC)²; Beth Paredes, (ISC)²; Sommer Hess, (ISC)²; Brandon Dunlap (Moderator)
(ISC)² recently completed our multi-year Digital End-to-End Transformation (DETE) project, which positions us to deliver a more a seamless and user-friendly experience to all members. In addition to revamping our online presence, we launched a new Learning Management Systems where members can access all the courses developed by our Professional Development Institute. In Part 2 of the (ISC)² Digital End-to-End Transformation (DETE) will examine how (ISC)² executed the plan for the project, following the AGILE Project Management framework and the buy-in and support from other departments and stake holders within the organization. Additionally, there was board governance and oversight to contend with. Join Bruce Beam, CIO; Beth Paredes, Sr. Corporate Member Services Manager; and Sommer Hess, Director PMO, Quality and Training on August 20, 2019 at 1:00PM Eastern for a discussion on these items and the speed bumps that were run into on this project.
Live Webinars for InfoSec Professionals in Asia Pacific Time Zone
Looking for expertise and information to advance your career and tackle your challenges? Subscribe and join us for the educational webinars in APAC time zone. Earn CPEs quickly and at no cost by attending webinars: 1 hour of webinar equals 1 CPE. We welcome members and non members alike.
A Dissection of Recent High Profile特権アカウント乗っ取り事件の事例とその真相Naohiko Yamanouchi 山之内 真彦, マーケティングマネージャー、APJ, CyberArk Software[[ webcastStartDate * 1000 | amDateFormat: 'MMM D YYYY h:mm a' ]]61 mins