Hi [[ session.user.profile.firstName ]]

CISSPチャレンジセミナー③

CISOに必要な情報セキュリティの知識と考え方

CISOにはどのような知識が必要なのか、CSIRTのメンバーの教育はどうしようか、情報セキュリティに関する製品やサービス開発はどのように行えばよいのかなど、ユーザ企業もベンダー企業も人材育成の悩みは尽きません。セキュリティ事故をベースにした教育はわかりやすい一方で、応用が効かないためにその他の脅威や攻撃に対応する力が付きにくいのが現状です。

CISSPの8ドメインは情報セキュリティ活動のあり方について基盤づくりから学び、実践的な対策を行うための考えかたを構築するために必要な情報が集約されています。セミナーでは「CISSPならこう考える」ということで、経営陣やCISO、CSIRTのメンバーが知っておくべき情報セキュリティの知識をわかりやすくお教えします。通常は5日間で行っているオフィシャルセミナーの中から、CISOに大きく関係するセキュリティとリスクマネジメント、アイデンティティとアクセスの管理、資産のセキュリティを中心に8ドメインのトピックをご理解いただくためのショートセミナーです。

CISSPを受験させてみたいけど、どのような内容になっているのかわからないという経営層の皆さんにも理解しやすい内容で提供させていただきます。情報セキュリティベンダーで製品・サービス企画を行っている皆さんにも効果的な内容となっています。

本セミナーは2019年4月4日に収録されました。
Recorded Aug 2 2019 86 mins
Your place is confirmed,
we'll send you email reminders
Presented by
講師:日本マイクロソフト株式会社 技術統括室Chief Security Officer 河野省二, CISSP
Presentation preview: CISSPチャレンジセミナー③

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Top Five Cybersecurity Predictions for 2022 Dec 15 2021 6:00 pm UTC 60 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    This year was particularly challenging for IT security professionals. For a short while, we thought we finally had this pandemic kicked. Then the Delta variant came along, further extending the work-from-home movement and its associated cybersecurity risks. Meanwhile, we saw record-setting ransomware attacks, including high-profile attacks on critical infrastructure, while the shortage of IT security talent worsened. On a brighter note, we saw increased adoption of promising security technologies, such as zero trust network access (ZTNA) and secure access service edge (SASE).

    So, what does next year have in store for the cybersecurity industry? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he shares his top five cybersecurity predictions for 2022.
  • Open Doors with CCSP- How to Start Your Career in Cloud Security Dec 8 2021 6:00 pm UTC 60 mins
    James Packer, Joe South, Angus Macrae
    Cloud is an intrinsic part of our everyday lives both personally and professionally. With more organizations running vital business functions in the cloud, the demand for cloud security professionals has never been higher.

    (ISC)2 interviewed about 50 Certified Cloud Security Professionals (CCSPs) who achieved this credential mid or later in their careers and asked them why they chose to add the CCSP to their skillset and the benefits they experienced as a result. And we want to share their answers with YOU!

    Join our live panel of distinguished CCSPs and host Brandon Dunlap on Wednesday, December 8th at 1pm EST to find out why our panelists and thousands of others have pursued the CCSP credential.

    Accelerate Your Career in Cloud Security – with CCSP

    Save your spot today!
  • Lighting a Path to Zero Trust: 6 Steps to Implementing a Zero Trust Model Dec 8 2021 6:00 am UTC 60 mins
    Raghu Nandukamara, Field CTO, EMEA and APAC, Illumio; Andrew Kay, Regional Sales Engineer, APAC, Illumio
    Despite acknowledging its security benefits, many organizations hesitate to implement a Zero Trust model.

    An "all or nothing" approach to Zero Trust is a tall and unsustainable task. What if you took a more incremental, agile approach that allows your organization to make realistic steps toward achieving Zero Trust?

    Join Illumio and (ISC)2 when Illumio's Field CTO Raghu Nandukamara will join forces with Andrew Kay, Director Systems Engineering to discuss areas such as:

    • Why taking a waterfall approach to rolling out Zero Trust is fraught with risk of failure
    • How adopting an agile mindset significantly improves the chances of success of achieving the Zero Trust security goals
    • The six steps to pragmatically build your Zero Trust security program using a repeatable process
    • How security controls like segmentation can help tackle focus areas such as workload protection
    • A demonstration of each of the six steps in action in the context of segmentation – see how an application is taken through the full cycle
    • Understand the importance of context-based visibility and continuous monitoring to facilitate and continuously improve the security posture

    Presenter: Raghu Nandukamara, Field CTO, EMEA and APAC, Illumio
    Presenter: Andrew Kay, Regional Sales Engineer, APAC, Illumio
  • The Cloud Gambit: Advanced Moves for a Cloud Security Career Nov 17 2021 6:00 pm UTC 59 mins
    Keatron Evans, Dave Hatter, Charlie Platt
    Taking the step toward earning the (ISC)² Certified Cloud Security Professional (CCSP) credential puts you on a path to excel as an expert in cloud security. CCSP empowers individuals and organizations with the highest level of mastery in cloud security.

    But how do you get started? How do you prepare? And why…what tangible benefits will you gain? Join (ISC)² for a panel discussion as industry professionals share their stories, experience and tips toward preparing for the Certified Cloud Security Professional certification. Areas for discussion will include:

    - Why you should consider CCSP
    - How to prepare for CCSP
    - How CCSP can accelerate your career progression
  • Strategies for Recruiting and Retaining Top IT Security Talent Nov 10 2021 6:00 pm UTC 60 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    Recruiting and retaining qualified IT security talent has never been more challenging. Nearly nine in 10 organizations are experiencing a shortfall, according to CyberEdge’s 2021 Cyberthreat Defense Report. That’s up from eight in 10 organizations just three years ago. This weighs heavily on the minds of IT security managers as ‘lack of skilled personnel’ is consistently rated as one of the top inhibitors to successfully defending networks against cyberthreats. So, what can organizations do to mitigate the effects of this talent shortage? Well, if you’re willing to ‘think outside the box,’ there is hope. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he:

    Examines the shortage of IT security personnel by job role
    Proposes creative ways for recruiting new security talent
    Suggests clever ways for retaining the talent you already have
    Identifies technologies that enable security teams to do more with less
  • クラウド利用時の多要素認証再考 MFAバイパスを許さないFIDO2ベースの技術 Nov 10 2021 7:00 am UTC 60 mins
    金子 春信, CISSP, シニア プロダクトマーケティングマネージャー, Akamai Technologies
    昨今、SaaSを多用するIT環境では、インターネット経由でどこからでも企業システムへアクセス可能になりました。そこで、IDを管理、保護する事がより一層セキュリティ上の重要性を帯びています。 多要素認証(MFA)を、従業員、パートナー、および顧客の保護のために利用する機会が増えていますが、そこには多くの選択肢があります。ですが、MFAに対するバイパス手法が使われる現在、認証方式を再考する必要があります。

    この45分間のセッションでは、市場に出回っているさまざまなタイプのMFAソリューションを確認し、FIDOAllianceによって概説されているような業界のベストプラクティスに基づいてそれらを選定する方法を示します。 また、ビジネスモデルに合わせた最新の認証フレームワークを選択して、安全で費用効果が高く、摩擦の少ないソリューションを開発するためのヒントも紹介します。

    本セッションでは以下をカバーします。
    -SaaS利用に伴うフィッシング攻撃対するMFAの役割
    -様々な種類のMFA方式と、一部が失敗する理由
    -FIDO2:重要視されるMFAの技術標準
    -費用効果を高めるベストプラクティス

    Presenter: 金子 春信, CISSP, シニア プロダクトマーケティングマネージャー, Akamai Technologies
    Moderator: 小熊 慶一郎, CISSP, Director of Business Development, Japan, (ISC)²
  • #fastsecure: security in the age of Kubernetes Nov 10 2021 3:00 am UTC 60 mins
    Kevin Bocek, Vice President, Security Strategy & Threat Intelligence, Venafi; Matt Barker, President / Co-founder, Jetstack
    Security teams need new approaches to work with the super fast development cycles that are inevitable when using Kubernetes and OpenShift. New research found 96% of enterprises using Kubernetes or OpenShift recently experienced a security related issue from a workload misconfiguration. One example: developers use non-enterprise approved Certificate Authorities CA(CAs) for TLS machine identities with Kubernetes, OpenShift, Istio and more making initiatives like Zero Trust impossible.

    These gaps won’t be fix with more controls pushed down from security teams. Developers today decide cloud-native security tooling. Security and developers need to operate in a #fastsecure mode: going as fast as possible while staying safe.

    Join this conversation between open source innovator, Matt Barker, and security leader, Kevin Bocek, to learn what #fastsecure means and how you can get started. The developer-led, cloud-native world doesn’t mean that security teams are any less important; just the opposite. Going faster means security teams bring their experience with threat protection, machine identity, risk and compliance to help developers stay safe at highest speeds.

    Presenter: Kevin Bocek, Vice President, Security Strategy & Threat Intelligence, Venafi
    Presenter: Matt Barker, President / Co-founder, Jetstack
  • CISSP: The Time Is Now Nov 9 2021 6:00 pm UTC 60 mins
    Adesoji Ogunjobii, CISSP-ISSAP, CCSP, Chris Clinton, CISSP, Samana Haider, CISSP, Tiffany Temple, CISSP, SSCP
    The future is created by what you do today. Oftentimes we don’t feel we are ready to take what seems like a big step forward. But we want to show you why now is the best time to make that first step on your CISSP journey.

    People from all walks of life, of various generation, from every industry and with different lifestyles have all succeeded in their mission to achieve the CISSP. Through this webinar our panel of CISSPs want to share the different paths you can take to achieve the CISSP and the benefits that the CISSP brings to your career.

    Join our live panel of distinguished CISSPs and host Brandon Dunlap on Tuesday, November 9th at 1pm ET to take that first step on the ladder to harnessing the CISSP credential. Stronger cybersecurity starts with CISSP!

    Save your spot today!
  • 클라우드 보안 – 빌드부터 런타임까지 Nov 3 2021 6:00 am UTC 60 mins
    윤재탁 부장, 프리즈마 클라우드 솔루션 아키텍트, 팔로알토 네트웍스 코리아, Palo Alto Networks
    클라우드 네이티브 기술은 애플리케이션의 개발 및 구축 방식을 급격히 변화시켜 왔지만, 여전히 많은 기업들은 전통의 엔터프라이즈 네트워크 보안 솔루션을 클라우드 환경에서 운영하고 있습니다.
    더불어, 여전히 많은 기업들은 클라우드 환경에서 빠른 속도로 구현된 애플리케이션을 보호하는데 어려워하고 있을 뿐 아니라, 클라우드 네이티브 환경에서의 너무 많은 선택사양으로 인해, 어떤 옵션이 자사에 적합한지 선택하는데 어려움을 겪고 있습니다.

    이번 세션은 사용자 사례를 통해 자사의 클라우드 환경 및 클라우드 네이티브 애플리케이션의 보안을 보장하는 데 필요한 것이 무엇인지 이해하는 데 도움을 드리고자 마련되었습니다.
    이 라이브 웨비나에 참여하셔서 귀사의 클라우드 네이티브 기술을 최적화하는 방법을 찾아보시기 바랍니다.

    이번 웨비나에서는 다음의 내용을 다루고자 합니다.
    - 다양한 클라우드 네이티브 선택 사양들
    - 각각의 장단점
    - 어떠한 조합이 자사에 적합지에 대한 기술

    발표자: 윤재탁 부장, 프리즈마 클라우드 솔루션 아키텍트, 팔로알토 네트웍스 코리아, Palo Alto Networks
    진행자: 박 선 영, Senior Business Development Manager, APAC, (ISC)²
  • Cyber Insurance: Optimizing Costs While Minimizing Risk Nov 3 2021 2:00 am UTC 60 mins
    Srikrupa Srivatsan, Director, Product Marketing, Infoblox
    The accelerated adoption of the hybrid workplace and rise of supply chain attacks has led to an increased exposure to cyber-attacks, which can cause substantial disruption to any organization or industry. This increased exposure is forcing companies to not only invest and improve their own cybersecurity posture, but also manage third party risk and protect against cyber risks with cyber insurance. Certain best practices and technologies help reduce your risk and improve your security score while helping to keep insurance premium costs low. DNS security is one such approach that provides extended visibility, protection and security automation to improve a company’s security posture.

    Join Srikrupa Srivatsan for this webinar to learn more about:

    • Why organizations invest in cyber insurance
    • Getting the most out of cyber insurance
    • How DNS security improves security scores and reduces cyber insurance premiums

    Presenter: Srikrupa Srivatsan, Director, Product Marketing, Infoblox
    Moderator: Garion Kong, CISSP, CCSP, Vice President, (ISC)2 Singapore Chapter
  • The Three Stages of Ransomware: Barracuda Threat Spotlight Oct 28 2021 3:30 am UTC 60 mins
    Fleming Shi, Chief Technology Officer, Barracuda; Anastasia Hurley, Sr. Product Marketing Manager, Barracuda
    Join Barracuda’s top ransomware specialists to find out the most recent ransomware research findings, and break down how today’s complex, multi-stage ransomware attacks exploit gaps in your email security, web app security, and data protection to achieve their criminal goals.

    Register now to gain knowledge and tools you need to defend your organization against this fast-changing threat—by ensuring that at each stage of an attack, ransomware crooks are confronted by multi-layered and comprehensive security solutions.

    See for yourself how easy it can be to defeat ransomware by:

    • Enhancing email security with AI-powered phishing detection and advanced user security awareness training
    • Hardening web applications against exploitation and implementing advanced, zero-trust access controls and policies
    • Ensuring that you can rapidly and completely recover data and systems compromised by ransomware with a highly secure, modern backup strategy

    Ransomware will keep making headlines, but after this webinar you’ll know how to keep your company out of them.

    Presenter: Fleming Shi, Chief Technology Officer, Barracuda Networks
    Presenter: Anastasia Hurley, Sr. Product Marketing Manager, Barracuda Networks
    Moderator: Anne Saita, Editor-in-Chief, InfoSecurity Professional Magazine
  • BT Sets the Bar Higher with (ISC)2 CISSP Team Training Oct 27 2021 5:00 pm UTC 60 mins
    Jonathan Kilgannon, Cathy Marsh and Mirtha Collins
    Building a strong cybersecurity team takes grit. The best results don’t always come at the first pass. When BT, a world-leading communications provider headquartered in London with offices globally, tasked CSIRT Training Specialist Jonathan Kilgannon and Security Learning & Development Specialist Cathy Marsh with raising the bar for success among the company’s CISSP candidates, they delivered. Average exam pass rates jumped to 90% percent — a 40% increase — following the changes they implemented in the training process. Find out how identifying the right candidates, preparing them in advance and (ISC)2 Official In-Person Team Training made all the difference.
  • Security Debt, Running with Scissors Oct 27 2021 3:00 am UTC 60 mins
    Dave Lewis, Global Advisory CISO, Duo Security, now part of Cisco
    Security debt, defined by Dave Lewis, Global Advisory CISO, Duo Security at Cisco, as “the accumulation of the patches missed, the risks accepted, and the configurations misapplied,” is a serious and common problem for many organizations, especially with the move to cloud computing and rise of IoT. Part of the problem is that, while organizations might accept the risks they encounter, they often neglect to review them or make a plan for the future, and that risk is compounded when patches are passed from person-to-person through staff changes and/or employee churn. However, it doesn’t have to be this way - to track and address security debt, organizations must develop and implement defined, repeatable processes. They should look to strategies like the zero-trust model, trust but verify, sanitation of inputs and outputs, and of course, make sure to execute patches instead of pushing it onto the next person.

    Presenter: Dave Lewis, Global Advisory CISO, Duo Security, now part of Cisco
    Moderator: Victor Yeo, CISSP, President (ISC)² Singapore Chapter
  • CCSPオンラインチャレンジセミナー(CODE BLUE同時開催) Oct 20 2021 7:00 am UTC 120 mins
    Speaker: 小熊 慶一郎, CISSP, (ISC)² Director of Business Development, Japan | Instructor: 諸角 昌宏氏, CCSP, (ISC)² 認定講師
    (ISC)² が認定する、クラウドセキュリティに関する情報セキュリティ国際認定資格、「CCSP」のチャレンジセミナーを開催します。サイバー・情報・クラウドコンピューティングセキュリティの実務経験に基づく専門的能力と、クラウドセキュリティの専門知識を認証することで、企業は、重要な機能に対して適切な専門家が対応していることを確認することができます。「クラウドファースト」を推進する組織において、クラウドサービスやその利用における情報セキュリティを確実にするため、 CCSP有資格者に管理を任せるケースが増加しています。

    CCSPの6ドメインは、クラウドセキュリティの基礎知識から実践的な対策を行うための考えかたを系統立てて理解するために必要な情報が集約されています。また、CCSPを受験させてみたいけど、どのような内容になっているのかわからないという経営層の皆さんにも理解しやすい内容で提供させていただきますし、情報セキュリティベンダーで製品・サービス企画を行っている皆さんにも効果的な内容となっています。

    今回のセミナーでは 「クラウドにおける最近のセキュリティ事故」をテーマに、AWSの障害、セールスフォース環境からの情報漏洩などの事例に基づいて、クラウド利用者、クラウドプロバイダとして考慮が必要となる点について解説するとともにCCSP CBKから関連する内容をピックアップしたセミナーとします。また、通常は5日間で行っているオフィシャルセミナーの各ドメインのオーバービューを紹介します。
    ※講師の講義は前回の録画を使用します。
  • Securing Your Environment with Intelligent Network Detection & Response Oct 20 2021 6:00 am UTC 60 mins
    Henry Kay, Solutions Architect, Asia, Kemp Technologies
    How do you cover visibility gaps, detect ransomware and respond prior to locking down of digital assets? Who is responsible for monitoring, detecting and responding to the increasing threats to business continuity? Successful threat detection is a multi-layered approach that requires the right tools, methods and approaches. There’s no single magic bullet but with the right building blocks (including a scalable NDR solution), organizations can be successful in detecting and preventing exploits by extracting the insights from the network.

    This webinar will address the challenges of detecting and remediating threats to your network and critical applications that could compromise business continuity. We will look at how you can:
    A: Principles and Approaches for Network Threat Detection
    B: Preparing your organization for ransomware attack
    C: Use Cases

    Kemp’s product portfolio is centered on helping customers deliver the best possible application experience by addressing the requirements of modern application load balancers, network visibility, and response to emerging security threats in the network. The core components of this portfolio are the LoadMaster ADC & WAF, Flowmon NPMD, and Flowmon ADS.

    Presenter: Henry Kay, Solutions Architect, Asia, Kemp Technologies
    Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
  • 解码客户端攻击和防护措施 – 威胁、挑战和最佳实践 Oct 20 2021 3:00 am UTC 60 mins
    武智广, 资深售前工程师, Akamai Technologies
    鉴于Web页面越来越依赖脚本,恶意攻击者正在利用脚本作为新的攻击媒介来窃取敏感的客户信息。近来,基 于脚本的攻击(例如 Magecart)变得日渐复杂、难以检测,想要阻止它们更是难上加难。这些 Web 窃取攻 击愈加侧重于在客户端通过脚本的方式窃取信用卡信息和帐户凭据,这样会损害您的品牌并导致贵公司遭受巨额罚款。 本次在线研讨会将会讨论如下的话题:
    • 通常的客户端攻击手段
    • 保护客户端和相关数据的最佳实践

    演讲人: 武智广, 资深售前工程师, Akamai Technologies
    主持人: 叶天斌, CISSP, (ISC)² 广州分会会长
  • CISSPオンラインチャレンジセミナー(CODE BLUE同時開催) Oct 19 2021 6:00 am UTC 120 mins
    Speaker: 小熊 慶一郎, CISSP, (ISC)² Director of Business Development, Japan | Instructor: 河野 省二, CISSP, (ISC)² 認定講師
    「CISOに必要な情報セキュリティの知識と考え方」

    CISOにはどのような知識が必要なのか、CSIRTのメンバーの教育はどうしようか、情報セキュリティに関する製品やサービス開発はどのように行えばよいのかなど、ユーザ企業もベンダー企業も人材育成の悩みは尽きません。セキュリティ事故をベースにした教育はわかりやすい一方で、応用が効かないためにその他の脅威や攻撃に対応する力が付きにくいのが現状です。

    CISSPの8ドメインは情報セキュリティ活動のあり方について基盤づくりから学び、実践的な対策を行うための考えかたを構築するために必要な情報が集約されています。セミナーでは「CISSPならこう考える」ということで、経営陣やCISO、CSIRTのメンバーが知っておくべき情報セキュリティの知識をわかりやすくお教えします。通常は5日間で行っているオフィシャルセミナーの中から、CISOに大きく関係するセキュリティとリスクマネジメント、アイデンティティとアクセスの管理、資産のセキュリティを中心に8チャプターのトピックをご理解いただくためのショートセミナーです。

    CISSPを受験させてみたいけど、どのような内容になっているのかわからないという経営層の皆さんにも理解しやすい内容で提供させていただきます。情報セキュリティベンダーで製品・サービス企画を行っている皆さんにも効果的な内容となっています。

    ※講師の講義は前回の録画を使用します。
  • SSCPオンラインチャレンジセミナー(CODE BLUE同時開催) Oct 19 2021 1:00 am UTC 120 mins
    小熊 慶一郎, CISSP, (ISC)² Director of Business Development, Japan; 安田 良明, CISSP, SSCP, (ISC)² 認定講師
    経営陣が情報セキュリティやリスクマネジメントの取り組みを推進してはいるものの、期待するほど情報セキュリティが向上していない声をよく耳にします。その理由の1つとして経営陣は情報セキュリティの課題を解決するために必要となる「ガバナンスから業務遂行へリンクさせる目標と目的の調整」に失敗していることが挙げられます。

    たとえ、経営陣が情報セキュリティの活動を宣言したとしても、現場の実務者がポリシーを適切に理解し、現場のシステムや運用に適切に実装できなければ、経営陣が期待する情報セキュリティの目標を達成することはできません。また、現場の実務を支える実務者の育成は耳ざわりがよい知識と技術を身に着ければよいというわけではなく、各組織が培ってきた「独自の文化」を理解し、情報セキュリティ専門家や経営陣とコミュニケーションを図れる人材でなければなりません。そのためには、IT全体にわたる業務知識、ネットワーク、クラウド、システムの開発・運用などのシステム構築に必要な知識、確実なセキュリティ対策を実装・維持できる技術的な実務能力に加え、「組織」という観点から情報セキュリティを理解している必要があります。

    SSCPの共通知識は、 組織のプロセスとシステムに適切なレベルの情報セキュリティを設計するために必要な情報を提供します。7つドメインを学ぶことで、情報セキュリティの運用から基本的な情報セキュリティの実務に必要な知識を取り扱い、情報セキュリティを専業としていない実務経験年数が少ない方にとっても、より実践に近い内容をグローバルの標準に則って理解することが期待できます。

    今回のオンラインセミナーでは、「基本的なセキュリティの考え方をどのようにシステムセキュリティとして適用していくのか」をテーマとして、IT全般のエンジニアやサポート技術者、アナリスト担当者が知っておくべき情報セキュリティの知識をわかりやすくお教えします。SSCPを受験させてみたいけど、どのような内容になっているのかわからないというユーザー企業の管理職の皆さんにも理解しやすい内容で提供させていただきます。システム開発や情報システム担当者の皆さんにも効果的な内容となっています。

    是非、SSCP の認定取得を目指していただき、(ISC)²が提供する共通知識分野を学び、同じ言葉で、そして、(ISC)²の仲間とともに社会全体のセキュリティ向上を目指していきましょう。

    ※講師の講義は前回の録画を使用します。
  • (ISC)2 Town Hall 2021 Oct 18 2021 5:00 pm UTC 90 mins
    Clar Rosso, Zachary Tudor, Lori Ross O'Neil and Dr. Casey Marks
    Join us for (ISC)2 Security Congress Town Hall to learn what’s next for (ISC)2 and hear directly from members of the Board of Directors.

    CEO Clar Rosso will provide a strategic update for our association, including recent accomplishments and milestones, as well as what members can expect in 2022 and beyond.

    Then, a panel consisting of (ISC)² Board members and management will answer members’ questions about the association, membership, certifications, workforce trends and other cybersecurity issues and challenges facing the profession.

    Town Hall is open to (ISC)2 members and associates, as well as all Security Congress attendees.

    Featuring:
    Clar Rosso, CEO, (ISC)2
    Zachary Tudor, CISSP, Board of Directors Chairperson
    Lori Ross O'Neil, CISSP Board of Directors Vice Chairperson
    Dr. Casey Marks, Chief Qualifications Officer, (ISC)2
  • Securing the Cloud Native Software Supply Chain Recorded: Oct 13 2021 62 mins
    Zhihao Tan, Director, Solution Architects – APJ, Aqua Security
    We’ve seen this story play out in grand fashion over the last year: attackers are using the software supply chain to inject malicious artifacts into CI/CD pipelines and execute elaborate kill chains in production. Traditional software testing techniques are ill-equipped to detect these advanced threats that only initiate during runtime, and cloud native ecosystems add multiple layers of complexity. Now, today’s best practices for DevSecOps all but oblige security teams to implement complete pre-production analysis of runtime behavior, to provide detailed documentation of the attack kill chain, and to facilitate proper remediation at the risk’s source.

    Join Aqua Security as we discuss supply chain security for today’s cloud native software ecosystems, exploring:
    • Advanced threats in the software supply chain
    • Security implications of cloud native and DevOps methodologies
    • Best practices for detecting malware and mitigating risks before production deployment

    Presenter: Zhihao Tan, Director, Solution Architects – APJ, Aqua Security
    Moderator: Paolo Miranda, CISSP, Volunteer Outreach Director, (ISC)² Singapore Chapter
(ISC)² Live Webinars for InfoSec Professionals in APAC Region
Looking for expertise and information to advance your career and tackle your challenges? Subscribe and join us for the educational webinars in APAC time zone. Earn CPEs quickly and at no cost by attending webinars: 1 hour of webinar equals 1 CPE. We welcome members and non members alike.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: CISSPチャレンジセミナー③
  • Live at: Aug 2 2019 7:40 am
  • Presented by: 講師:日本マイクロソフト株式会社 技術統括室Chief Security Officer 河野省二, CISSP
  • From:
Your email has been sent.
or close