Hi [[ session.user.profile.firstName ]]

Introduction to Proactive Prevention

Despite continued infosec investments, data breaches continue while companies contend with complicated security architectures composed of disconnected technologies that produce mountains of non-actionable data. A renewed focus on prevention may hold the answer.

Security architecture can be broken down into three main elements: Prevention, Detection and Remediation. Prevention should be considered the most strategically important defense element, as by default good true time zero prevention dramatically reduces latency, risks and operational costs of the security structure as a whole. As advanced threats evolve and data center transformation forces enterprise teams to consolidate security, the need for faster, easier and more deterministic threat prevention is essential, thus corporations need to consider a purpose-built stack of true prevention capabilities, that isn't available in a singular off-the-shelf solution, and add Detection based tools, which by definition have a huge latency, false alerts and are cost prohibitive, where and when appropriate, but not as a prevention tool.

Join Morphisec and (ISC)² on Jun 10, 2020 (Wed) at 12pm (GMT +8) to learn about the strategic element in your security stack.

Presenter: Eyal Rozen, Director of Sales EMEA & APAC, Morphisec
Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
Recorded Jun 10 2020 64 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Eyal Rozen, Director of Sales EMEA & APAC, Morphisec
Presentation preview: Introduction to Proactive Prevention

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • 昨今のExchange Server脆弱性に対する攻撃と、取るべき対策 May 26 2021 7:00 am UTC 60 mins
    アジェイ・ミスラ, セキュリティストラテジー ディレクター, Akamai Technologies
    昨今、Exchange Serverに複数の脆弱性が発見されておリます。またこの脆弱性を狙い、複数の企業が攻撃されました。本セッションでは、その脆弱性を利用してExchange Serverへ攻撃として、危険なWebshel攻撃をデモいたします。また防御対策として、マイクロソフト社が出してるパッチ適用に加えて検討すべき課題を防御対策ZTNAの観点で詳しく解説いたします。

    Presenter: アジェイ・ミスラ, セキュリティストラテジー ディレクター, Akamai Technologies
    Moderator: 小熊 慶一郎, CISSP, Director of Business Development, Japan, (ISC)²
  • DevSecOps - IT とAPPインフラへの継続的なセキュリティの導入方法 May 12 2021 7:00 am UTC 60 mins
    柳橋 貴光, テクニカル アカウント マネジャ, クォリスジャパン株式会社
    クラウドサービス、継続的な統合、継続的な開発において、セキュリティチームは DevOps 工程でセキュリティコントロールを導入することの必要性に迫られます。 このセッションでは、セキュリティチームと DevOps が どのように IT や アプリケーションインフラに継続的なセキュリティを取り込んで行くことを DevSecOps が手助けするのかを取り上げると共に また、アプリケーションを改善し、自動化された監査やコントロールのために DevSecOps プログラムを導入し開始、構築して行くのかを解説します 

    Presenter: 柳橋 貴光, テクニカル アカウント マネジャ, クォリスジャパン株式会社
    Moderator: 小熊 慶一郎, CISSP, Director of Business Development, Japan, (ISC)²
  • Tools and Techniques used in Automated Threats May 12 2021 4:00 am UTC 60 mins
    Shain Singh, Cloud Security Lead, F5; Benjamin Francis, Fraud Specialist, Shape Security - part of F5
    The use of automation and bots for attacks have been around from the earliest days of OWASP and web application firewalls. What has changed over the years is the increased exposure to these threats with the increasing use of public clouds and explosion of applications. Malicious actors have also evolved into more sophisticated adversaries as there is a growing financial gain from successful breaches.

    Learn from our industry experts on the common tools used to bypass common mitigation techniques, as well as how the OWASP Automated Threat list can be implemented for a comprehensive defense strategy.

    Presenter: Shain Singh, Cloud Security Lead, F5
    Presenter: Benjamin Francis, Fraud Specialist, Shape Security - part of F5
    Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
  • Combat MFA Security Gaps - Multi-Factor Authentication Decoded May 5 2021 5:00 am UTC 60 mins
    Haru Kaneko, Senior Product Marketing Manager, APJ, Akamai Technologies
    Cloud-centric work environments require us to manage multiple IDs. Multi-factor authentication (MFA) solutions are becoming more important to better serve your employees, partners, and customers — but they are not all created equally.

    Join our session on the latest trends in bypass attacks against MFA and how you can mitigate them.

    During this 45-minute session, we will review the different types of MFA solutions on the market and show you how to measure them based on industry best practice standards such as those outlined by the FIDO Alliance. We’ll also share tips on how to ensure you choose a modern authentication framework tailored to your business model to develop a secure, cost-effective, and low-friction solution.

    You will learn:
    - The role of MFA within your cybersecurity program
    - Different types of MFA solutions and why some are failing
    - Standards to base your solution on
    - Best practices to select a cost-effective and low-friction solution

    Presenter: Haru Kaneko, Senior Product Marketing Manager, APJ, Akamai Technologies
    Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
  • Complete Endpoint Security: Five Critical Steps Apr 28 2021 3:00 am UTC 60 mins
    Ajay Kumar, Director for Security Engineering - APJ, BeyondTrust
    70% of successful breaches started at the endpoint in 2019. Since then, a global pandemic has caused a large-scale shift to remote work – a perfect storm for privilege abuse. As a result, malware has increased by 30,000% in 2020. This is especially concerning when many companies still rely on antivirus software (AV) or Endpoint Detection and Response solutions (EDR) alone to secure endpoints.
    In this visionary session, we will be highlighting which two overlooked steps can mitigate the 60% of modern threats that are missed by AV, and why the need for organizations to move from a reactive to a preventative approach is more important than ever.
    Focus topics include:
    • An overview of endpoint security and why it is crucial for your organization
    • Traditional challenges and existing problems with endpoint security
    • The five critical steps to achieving complete endpoint security

    Presenter: Ajay Kumar, Director for Security Engineering - APJ, BeyondTrust
    Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
  • 13 Email Threat Types: What they Do, Why they Succeed, and How to Stop them Recorded: Apr 21 2021 65 mins
    Olesia Klevchuk, Senior Product Marketing Manager & Stephanie Cavigliano, Product Marketing Manager, Barracuda Networks
    Email is perpetually the top vector for cyber threats. Hackers work hard to create sophisticated new threats to thwart the latest security solutions. The result is a complex and confusing threat landscape. If you find it hard to keep track of the many kinds of email threats - you are certainly not alone.

    Don’t miss an in-depth look at exactly how spam, malware, phishing, Business Email Compromise, and the rest of the 13 email threat types use different strategies to penetrate your network, find their way to your inboxes, and manipulate your users into behaviors that can lead to massive data breaches or direct theft of your money. Discover the strategies and technologies that have proven themselves most effective for detecting and stopping these criminal schemes.

    In this webinar we will:
    • Review a wide range of evolving email threats, including their risk and impact on businesses
    • Explain how a machine learning and API-based defenses can keep your users secure
    • Define strategies to protect employees with the right combination of technology solutions and security awareness training

    Presenter: Olesia Klevchuk, Senior Product Marketing Manager, Barracuda Networks
    Presenter: Stephanie Cavigliano, Product Marketing Manager, Barracuda Networks
    Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
  • CCSPオンラインチャレンジセミナー Recorded: Apr 19 2021 118 mins
    諸角 昌宏氏, CCSP, (ISC)² 認定講師; 小熊 慶一郎, CISSP, (ISC)² Director of Business Development, Japan
    (ISC)² が認定する、クラウドセキュリティに関する情報セキュリティ国際認定資格、「CCSP」のチャレンジセミナーを開催します。サイバー・情報・クラウドコンピューティングセキュリティの実務経験に基づく専門的能力と、クラウドセキュリティの専門知識を認証することで、企業は、重要な機能に対して適切な専門家が対応していることを確認することができます。「クラウドファースト」を推進する組織において、クラウドサービスやその利用における情報セキュリティを確実にするため、 CCSP有資格者に管理を任せるケースが増加しています。


    今回のセミナーでは 「クラウドの重大セキュリティ脅威」をテーマに、CCSP CBKから関連する内容をピックアップするとともに、新たな内容を加えたセミナーとします。また、通常は5日間で行っているオフィシャルセミナーの各ドメインのオーバービューを紹介します。
  • DevSecOps — How to build continuous security into IT and App Infrastructures Recorded: Apr 14 2021 60 mins
    Walter Manyati, Technical Account Manager, Qualys; Ankit Wasnik, Solutions Architect, Qualys
    Cloud services, Continuous Integration, and Continuous Deployment require security teams to adapt security controls to DevOps processes. This session will discuss how DevSecOps helps security teams work with DevOps to embed continuous security into IT and application infrastructure, and how to get started and build a DevSecOps program for improved and automated auditing, compliance, and control of applications.

    Presenter: Walter Manyati, Technical Account Manager, Qualys
    Presenter: Ankit Wasnik, Solutions Architect, Qualys
    Moderator: Victor Yeo, CISSP, President, (ISC)² Singapore Chapter
  • Protecting the Enterprise: 5 Components needed for Cybersecurity Training Recorded: Apr 13 2021 62 mins
    Spencer Wilcox, CISO, PNM; Derrick Butts, CISO, The Truth Initiative; Mirtha Collin, (ISC)2; Brandon Dunlap, Moderator
    It’s difficult to prescribe a one-size-fits-all approach to training your cybersecurity team. While cybersecurity training needs to be structured and adhere to industry standards, it also must be purposeful and tailored to your organization’s needs. No one organization has precisely the same security needs as another. However, many of the fundamentals of a training and education program apply across different organizations and sectors. Join (ISC)2 for a panel discussion on Tuesday, April 13, 2021 at 1:00PM Eastern as industry leaders share tips they’ve learned and strategies they’re working towards to conquer a secure and compliant cybersecurity training program. Areas for discussion will include:

    · Who needs training

    · Who is responsible for training

    · Determining the curriculum

    · Training and certification

    · Ensuring training effectiveness

    Be prepared for an hour well-spent and discover how to create a cybersecurity training plan that maps to your organization’s specific needs.
  • Beyond Scanning: Container Vulnerability Management Recorded: Apr 7 2021 65 mins
    Steven Zimmerman, Senior Product Marketing Manager, Aqua Security
    Securing Container Images, VMs, and Functions

    Full cloud native security requires more than application security testing and network monitoring. It requires a concerted approach to vulnerability management within CI/CD pipelines, in pre-production testing, and at runtime.

    In this webinar, you will discover how to secure applications in complex cloud native ecosystems, including:
    • Detecting vulnerabilities and exploits in container images, VMs, and serverless functions
    • Prioritizing and triaging security risks to accelerate remediation
    • Uncovering hidden malware and attack kill chains before they’re executed in production

    Presenter: Steven Zimmerman, Senior Product Marketing Manager, Aqua Security
    Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
  • 2021 CISSP官方认证宣讲会 Recorded: Mar 30 2021 91 mins
    崔佳, CISSP, (ISC)²授权讲师, 东方瑞通资深专家
    网络安全的世界充满挑战,新冠肺炎疫情的爆发对全球的网络安全提出了更高的挑战!获取 “金牌认证” CISSP,在2021年为您的职业发展加速!
    享誉全球的CISSP认证含金量高,颇受行业雇主和专家青睐,多次被SC Magazine评为“最佳职业认证项目”,是网络安全专业人士证明网络安全策略、认知和实践经验的理想之选。

    • 网络安全专业人才的巨大需求;
    • (ISC)² 认证的价值;
    • CISSP认证的全面介绍,包括CISSP概况、持证者福利、考试及备考、知识域讲解等;
    • CISSP官方培训;
    • 在线答疑:欢迎提问CISSP认证相关的任何问题。

    讲师: 崔佳, CISSP, (ISC)²授权讲师, 东方瑞通资深专家
  • Members Get More! Getting the Most Out of Your (ISC)² Membership Recorded: Mar 25 2021 57 mins
    Tony Vizza, CISSP, CCSP, Director of Cyber Security Advocacy, APAC & Hun Keat Wong, Customer Service Manager, APAC, (ISC)²
    As an (ISC)² Member, you now have access to a wide range of global resources, educational tools, peer networking opportunities, as well as exclusive discounts to industry events. There is so much more to discover about what your (ISC)² membership brings!

    In this webinar, you will learn about:
    - The latest (ISC)² news and developments across APAC and (ISC)² from around the world
    - Who is the (ISC)² APAC team and how we can help you
    - Exciting and upcoming CPE opportunities to help you stay sharp
    - Member benefits and perks including fantastic discounts on a range of day-to-day items
    - New, upcoming and FREE professionally developed education courses for members
    - An update on (ISC)² certifications to help you take your career to the next level
    - Networking opportunity with like-minded professionals locally and globally via (ISC)² chapters
    - An opportunity to ask questions in our Q&A session

    Join us on Mar 25, 2021 at 12:00 (GMT+8) to get the most of your (ISC)² membership globally and locally.
  • 2020年度フィッシング、不正アクセス脅威動向とその実例紹介 Recorded: Mar 24 2021 52 mins
    伊藤 悠紀夫, CISSP, SE本部ソリューションズーアーキテクト, F5ネットワークスジャパン合同会社
    -Office 365環境を利用した資格情報収集


    Presenter: 伊藤 悠紀夫, CISSP, SE本部ソリューションズーアーキテクト, F5ネットワークスジャパン合同会社
    Moderator: 小熊 慶一郎, CISSP, Director of Business Development, Japan, (ISC)²
  • Decoding API Security - Threats, Challenges and Best Practices Recorded: Mar 24 2021 68 mins
    Aseem Ahmed, Senior Product Manager, Cloud Security, Akamai Technologies
    APIs power most digital experiences today and API security continues to be a top-of-mind concern for most CXOs.

    While digital transformation keeps driving API adoption across industries, malicious threat actors are targeting APIs more than ever before. Threats such as credential stuffing, data exfiltration and DDoS are on the rise. The current state of API security has wide gaps as organizations often struggle to fully comprehend the attack surface and lack right strategies to build defenses.

    The objectives of this session are to discuss different threats to API ecosystems today, identify common lapses in API security measures and provide some best practices for protecting the APIs.

    Join Akamai Technologies and (ISC)² on Mar 24, 2021 (Wed) at 1pm (GMT +8) to discuss API security threats, challenges and best practices.

    Presenter: Aseem Ahmed, Senior Product Manager, Cloud Security, Akamai Technologies
    Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
  • Inside (ISC)²: Updates on Exams and Certifications Recorded: Mar 23 2021 61 mins
    Clar Rosso, (ISC)² CEO; Dr. Casey Marks, Chief Product Office and VP, (ISC)²
    Clar Rosso, CEO of (ISC)2 shares the latest insights on what’s happening at our association. Join us for this quarterly update where we cover the latest developments at (ISC)2, ranging from certification to member benefits, continuing education and events, to major milestones and achievements.

    Joining Clar this quarter is Dr. Casey Marks, chief product officer and VP of (ISC)2, to discuss the latest in Exams and certifications.
  • Multi Vector DDoS 공격에 대한 대응 방안 Recorded: Mar 17 2021 62 mins
    한 준 (Rick Han), 부 장, Akamai Technologies
    전례 없는 2020년 작년, 해커 및 사이버 범죄자들은 인터넷 트래픽이 급증한 이 시기를 놓치지 않았습니다. 해커들의 공격 기법은 더욱 다양해졌고, 공격 시도 횟수는 늘어났으며, 결과적으로 사이버 보안 환경은 아주 많이 변했습니다. 특히 DDoS 랜섬 공격(DDoS 협박 공격)은 대가 지급을 거절한 기업들의 비즈니스에 실질적인 큰 지장을 줄 만큼 고도화되었습니다. 또한, 오래된 공격 기법인 피싱 역시 사람들의 지루함을 틈타 5백만 명의 피해자를 양산했습니다.

    Akamai는 세계 인터넷 공격 패턴을 늘 가까이 추적하고 있습니다. 이번 웨비나에서는 전례 없는 한 해였던 2020년의 보안 트렌드를 살펴보고, 이러한 트렌드가 미래의 보안 기술을 어떻게 변화시킬지 확인하실 수 있습니다. 최근 공격 트렌드인 웹과 DNS를 대상으로 하는 보안 공격을 효과적으로 대비할 수 있는 Akamai의 레퍼런스 아키텍처를 소개해 드리고 현업에서 고민하고 있는 문제들에 새로운 해결 방법을 제시합니다.

    발표자: 한 준 (Rick Han), 부 장, Akamai Technologies
    진행자: 박 선 영, Senior Business Development Manager, APAC, (ISC)²
  • Global Impressions: Endpoint Security Strategies for the Long-Term Recorded: Mar 17 2021 66 mins
    Bob Hansmann, Sr. Product Marketing Manager - Security, Infoblox
    After a painful but relatively successful response to workplace changes driven by the pandemic, how well are those security measures working and what is next for the evolution of the SOC and endpoint security in specific?

    For most organizations, the future involves a larger remote workforce, of both full and part-time workers, including those in traditional HQ office roles. But many of the measures taken in response to pandemic conditions are proving less-than-ideal as long-term solutions. This session will draw on recent analyst reports, and surveys conducted globally, with some Asia Pacific specific call-outs, to help attendees to better understand.

    • Which security alternatives are leaders considering as long-term solutions, and why?
    • What techniques are helping to improve visibility for users and devices regardless of their location?
    • Why are security leaders evolving methods for obtaining and using cyber threat intelligence?
    • How can embracing automation improve response times and overall operational efficiencies?

    Join Infoblox and (ISC)² on Mar 17, 2021 (Wed) at 10am (GMT +8) to learn about endpoint security strategies for the long-term.

    Presenter: Bob Hansmann, Sr. Product Marketing Manager - Security, Infoblox
    Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
  • (ISC)² Info Session: CSSLP-The Premier Secure Software Development Certification Recorded: Mar 16 2021 64 mins
    Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
    Earning the globally recognized CSSLP secure software development certification is a proven way to build your career and better incorporate security practices into each phase of the software development lifecycle (SDLC).

    The CSSLP is ideal for software development and security professionals responsible for applying best practices to each phase of the SDLC – from software design and implementation to testing and deployment.

    In this 60-min online information session, you will learn:
    - Why you should get CSSLP certified
    - The value of CSSLP certification
    - What you will learn in official training for the CSSLP exam
    - What to expect from the CSSLP exam
    - How to become endorsed and earn the CSSLP certification

    And, get to ask any question that will support your certification journey.

    Are you ready to prove yourself? Register and begin your certification journey today!
  • Inside (ISC)² Quarterly Board Update, 2021 (Q1) Recorded: Mar 12 2021 20 mins
    Clar Rosso, (ISC)² CEO; Zach Tudor, Chair of the Board, (ISC)²
    Join us for (ISC)² Insights, a quarterly review of our association’s latest accomplishments. Each quarter, the (ISC)² Board of Directors Chairperson and CEO will update members on the association’s strategic roadmap, new achievements and milestones, the latest on our certifications, new professional development opportunities, member offers and more.
  • Zero Trust Security For Your Distributed Workforces (以粵語進行) Recorded: Mar 10 2021 61 mins
    Leo Lam, Customer Development, Cloudflare; Antonio Rancan, Solutions Engineer, Cloudflare
    *This webinar will be conducted in Cantonese. (本次網上研討會將以粵語進行。)

    2020 has caught many businesses off guard. Users, data, devices, critical business applications and networks have left the office and become more distributed.

    This shift in the way we work & do business has resulted in companies losing visibility into what was happening in their corporate and their employees’ personal networks, devices, and applications. This shift has also seen several cybercriminals and sophisticated hacking groups rapidly adjusting their techniques and tactics to take advantage of the situation.

    Whether you are a Fortune 500 company or a small/medium enterprise, there are fundamentally three things you need to protect: data, devices, applications, and the network itself. Register for this session to:

    1. See how Hong Kong ranks in DDOS attacks distribution globally
    2. Stay ahead of the cyberattack vectors & see how Cloudflare helps in combating these attacks
    3. Find out what is the hype on Zero- Trust Security & how Cloudflare One can future- proof your cybersecurity capability regardless of the shift in workforce situation

    Stay on for a supercharged Q&A session and test your cybersecurity readiness!

    Presenter: Leo Lam, Customer Development, Cloudflare
    Presenter: Antonio Rancan, Solutions Engineer, Cloudflare
    Moderator: Otto Lee, CISSP, CCSP, CSSLP, Membership Chair, (ISC)² Hong Kong Chapter
(ISC)² Live Webinars for InfoSec Professionals in APAC Region
Looking for expertise and information to advance your career and tackle your challenges? Subscribe and join us for the educational webinars in APAC time zone. Earn CPEs quickly and at no cost by attending webinars: 1 hour of webinar equals 1 CPE. We welcome members and non members alike.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Introduction to Proactive Prevention
  • Live at: Jun 10 2020 4:00 am
  • Presented by: Eyal Rozen, Director of Sales EMEA & APAC, Morphisec
  • From:
Your email has been sent.
or close