Hi [[ session.user.profile.firstName ]]

Combat MFA Security Gaps - Multi-Factor Authentication Decoded

Cloud-centric work environments require us to manage multiple IDs. Multi-factor authentication (MFA) solutions are becoming more important to better serve your employees, partners, and customers — but they are not all created equally.

Join our session on the latest trends in bypass attacks against MFA and how you can mitigate them.

During this 45-minute session, we will review the different types of MFA solutions on the market and show you how to measure them based on industry best practice standards such as those outlined by the FIDO Alliance. We’ll also share tips on how to ensure you choose a modern authentication framework tailored to your business model to develop a secure, cost-effective, and low-friction solution.

You will learn:
- The role of MFA within your cybersecurity program
- Different types of MFA solutions and why some are failing
- Standards to base your solution on
- Best practices to select a cost-effective and low-friction solution

Presenter: Haru Kaneko, Senior Product Marketing Manager, APJ, Akamai Technologies
Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
Recorded May 5 2021 63 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Haru Kaneko, Senior Product Marketing Manager, APJ, Akamai Technologies
Presentation preview: Combat MFA Security Gaps - Multi-Factor Authentication Decoded

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Countering Threat Evasion: You Cannot Stop What You Cannot See! Jun 30 2021 2:00 am UTC 60 mins
    Bob Hansmann, Senior Product Marketing Manager, Infoblox
    Cybercriminals must master evasion if they are to be successful. Many threats, such as APT’s, are designed to remain hidden for months or years as they slowly monitor their victim, compromising select information in a way that is also intended to go unnoticed. Others, like ransomware, may only need to hide their malicious intentions long enough to infect and begin encryption processes. And even when these attacks trip some defensive sensor, it can take analysts days to investigate and launch an effective incident response, often too late to prevent significant damage.
    Join us as we assess evasion methodologies and the value of DNS, with some unique Asia-Pacific callouts, to counter them across the kill chain including:
    - Why does DNS visibility expose threat activity other solutions miss?
    - How can DNS visibility be used to make other solutions more effective?
    - What role does DNS play in investigation and response?

    Presenter: Bob Hansmann, Senior Product Marketing Manager, Infoblox
    Moderator: Hoo Chuan-Wei, CISSP, Technical Advisor, Asia-Pacific, (ISC)²
  • Master the Art of Secure Software Coding and App Development with the CSSLP Jun 22 2021 6:00 am UTC 60 mins
    Pishu Mahtani, CSSLP, Experienced Technical Staff Member
    The modern software developer faces an enormous amount of challenges. From continuously creating innovative apps to ensuring high quality and meeting tight deadlines, developers need to cope with many responsibilities. As a result, security remains one of the last priorities on many developers’ minds during the software development lifecycle, despite software security continuing to be a major contributing factor behind devastating cyber breaches such as Starburst.

    In this webinar, you will learn:
    • Why Do We Need Developers with a Security Mindset?
    • What personnel certifications for software security will do for individuals and the organisations they work for;
    • How a security certification qualification will help software professionals develop more secure software;
    • The merits and benefits of the (ISC)² CSSLP software security certification as well as the steps involved to attain accreditation.

    Presenters:
    • Pishu Mahtani, CSSLP, Experienced Technical Staff Member
    • Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
  • Kick Start an Exciting Cybersecurity Career with (ISC)² Jun 15 2021 6:00 am UTC 60 mins
    Chuan-Wei Hoo, CISSP, Group CISO, ST Engineering & Jeremy Daly​, SSCP, Cybersecurity Product Manager, DDLS
    Cybersecurity is a booming industry that suffers from a lack of skilled personnel. Organizations from technology and manufacturing to retailers, airlines, and shipping, to financial services and healthcare, government and federal sectors are all seeking skilled and experienced security staff. In fact, it is predicted that there will be 3.5 million unfilled cybersecurity jobs globally by 2021.
    IT and Risk Management professionals have many of the underlying knowledge, skills and experience needed to enter the field of cybersecurity. So, do you have what it takes to be a cybersecurity professional?

    In this webinar, you will learn:
    • Why cybersecurity is a great choice for a exciting and fulfilling career;
    • How you can use your current knowledge, skills and experience and hone it towards a cybersecurity career;
    • Attaining broad security knowledge with the (ISC)² SSCP certification;
    • How a security certification will help you become a better cyber professional;
    • Which areas of knowledge the SSCP security certification covers

    Presenters:
    • Chuan-Wei Hoo, CISSP, Group Chief Information Security Officer, Group Information Security Office, ST Engineering IHQ Pte. Ltd; Technical Advisor, Asia Pacific, (ISC)²
    • Jeremy Daly​, SSCP, Cybersecurity Product Manager, DDLS
    • Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
  • Dissecting the 2020 ATT&CK Eval Results - What They Mean to Enterprises in APJ Jun 9 2021 6:00 am UTC 60 mins
    Kelvin Wee, Director of Security Engineering - Asia Pacific and Japan, SentinelOne
    The ATT&CK® Evaluations are an unbiased assessment of detection and protection capabilities from all key cybersecurity vendors. Conducted annually by Mitre Att&ck, the evaluations emulate known adversary behavior and attack techniques, in this year’s case – the Carbanak+FIN7 attacks.
    In this same spirit, SentinelOne will host a special webinar on June 9 to dissect the 2020 MITRE Engenuity ATT&CK “Carbanak+FIN7” Enterprise Evaluation, which put 29 global endpoint security solutions, and elucidate why this evaluation is becoming a key reference for CISOs when choosing cybersecurity vendors.
    Join Kelvin Wee, Director of Security Engineering at SentinelOne - APJ, to understand:
    • What Mitre Att&ck is and why it matters to every enterprise CISO in APJ
    • How the evaluation is done and key results from the 29 endpoint security vendors evaluated
    • Why some EPP & EDR solutions produced the lowest results
    • Technology Validation: How SentinelOne was the only vendor to achieve complete visibility with zero missed detections across both Windows and Linux environments

    Presenter: Kelvin Wee, Director of Security Engineering - Asia Pacific and Japan, SentinelOne
    Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
  • Increase Your Hiring Appeal as a Cloud Security Professional with the CCSP Jun 8 2021 6:00 am UTC 60 mins
    Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
    According to Gartner, worldwide security spending on cloud security increased by over 30% in 2019-20, while overall IT spending dedicated to cloud will increase significantly in 2021. Coupled with the rapid adoption of cloud due to the COVID-19 pandemic, the need for cloud security professionals has become acute and opportunities abound for those in cybersecurity who want to maximise their personal development with cloud security skills.

    In this webinar, you will learn:
    • What security in the cloud looks like;
    • What the ‘shared responsibility model’ for cloud security entails;
    • What personnel certifications for cloud security will do for individuals and the organisations they work for;
    • Why a vendor-agnostic accreditation is critical for organisations which increasingly are using a multi-cloud strategy;
    • The merits of the (ISC)² CCSP cloud security certification for a cloud security professional as well as the steps involved to attain accreditation.
  • Addressing The Top 5 Remote Access Problems Jun 2 2021 6:00 am UTC 60 mins
    Ajay Kumar, Director for Security Engineering - APJ, BeyondTrust
    Now more than ever before, remote access is critical to organizations. With the explosion of remote working, coupled with the necessity to keep up with Digital Transformation, employees and vendors require access hundreds of times per day, from various off-site locations. This creates an expanded and often uncheck attack surface, presenting a large risk that hackers are lining up to exploit.
    This session will take a deeper dive into a variety of considerations when it comes to securing your remote access, including:
    • Remote working and the rising risk of remote access breaches
    • The top five most challenging remote access problems
    • Using Privileged Remote Access for an effective solution
    If you have any number of remote access connections in your organization, either through employees or vendors, this session is an essential – as it will help you to better understand the dangers (and the solutions) when it comes to your remote access landscape.


    Presenter: Ajay Kumar, Director for Security Engineering - APJ, BeyondTrust
    Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
  • Accelerate Your Cybersecurity Career with the CISSP Certification Jun 1 2021 6:00 am UTC 60 mins
    SC Leung, CISSP, By-Laws Committee Chair, (ISC)² Board & Zhou Zhihao, CISSP, CCSP, Manager, Infosecurity, SPTel Pte Ltd
    The (ISC)² CISSP is one of the world’s most valued information technology and information security certifications today. With a proven track record over 25 years in the making, the CISSP truly demonstrates that you are at the top of your cybersecurity game in terms of knowledge, skills and experience.

    In this webinar, you will learn:
    • The lessons learned from recent incidents
    • Why it has never been more important to become a Certified Cybersecurity Professional
    • Recent changes regarding CISSP exam domains
    • The merits and benefits of CISSP certification for you as well as the steps involved to attain accreditation.

    Presenters:
    • SC Leung, CISSP, By-Laws, Committee Chair, (ISC)² Board; Centre Manager, HKCERT
    • Zhou Zhihao, CISSP, CCSP, Manager, Infosecurity, SPTel Pte Ltd
    • Tony Vizza, CISSP, CCSP, Director of Cyber Security Advocacy, APAC, (ISC)²
  • 昨今のExchange Server脆弱性に対する攻撃と、取るべき対策 May 26 2021 7:00 am UTC 60 mins
    アジェイ・ミスラ, セキュリティストラテジー ディレクター, Akamai Technologies
    昨今、Exchange Serverに複数の脆弱性が発見されておリます。またこの脆弱性を狙い、複数の企業が攻撃されました。本セッションでは、その脆弱性を利用してExchange Serverへ攻撃として、危険なWebshel攻撃をデモいたします。また防御対策として、マイクロソフト社が出してるパッチ適用に加えて検討すべき課題を防御対策ZTNAの観点で詳しく解説いたします。

    Presenter: アジェイ・ミスラ, セキュリティストラテジー ディレクター, Akamai Technologies
    Moderator: 小熊 慶一郎, CISSP, Director of Business Development, Japan, (ISC)²
  • Building Your Cybersecurity Bench: (ISC)2’s Cybersecurity Career Pursuers Study May 18 2021 5:00 pm UTC 60 mins
    Clar Rosso, (ISC)2 CEO; Brandon Dunlap, Moderator
    As organizations continue to struggle to find trained cybersecurity professionals to build out their teams, recruiters and hiring managers may need to adjust the tactics they use to proactively identify internal and external candidates. Developing bench strength by targeting candidates who have transferable skills can lead to long term depth and stability on security teams. Understanding who to look for and managing their expectations of what cybersecurity roles entail is critical to success. Join Clar Rosso, CEO of (ISC)2 on May 18, 2021 at 1:00 p.m, Eastern/10:00 a.m. Pacific as she provides an overview of the 2021 (ISC)2 Cybersecurity Career Pursuers Study, which surveyed both experienced cybersecurity professionals as well as jobseekers considering a career in the field. The study examines such topics as which tasks and experiences make a cybersecurity professional successful, the value of mentorship, at what point in their careers pursuers seem likely to seek a cybersecurity path, what attracts people to the profession and which qualities rank as strong indicators of future success for team members.
  • DevSecOps - IT とAPPインフラへの継続的なセキュリティの導入方法 May 12 2021 7:00 am UTC 60 mins
    柳橋 貴光, テクニカル アカウント マネジャ, クォリスジャパン株式会社
    クラウドサービス、継続的な統合、継続的な開発において、セキュリティチームは DevOps 工程でセキュリティコントロールを導入することの必要性に迫られます。 このセッションでは、セキュリティチームと DevOps が どのように IT や アプリケーションインフラに継続的なセキュリティを取り込んで行くことを DevSecOps が手助けするのかを取り上げると共に また、アプリケーションを改善し、自動化された監査やコントロールのために DevSecOps プログラムを導入し開始、構築して行くのかを解説します 

    Presenter: 柳橋 貴光, テクニカル アカウント マネジャ, クォリスジャパン株式会社
    Moderator: 小熊 慶一郎, CISSP, Director of Business Development, Japan, (ISC)²
  • Tools and Techniques used in Automated Threats May 12 2021 4:00 am UTC 60 mins
    Shain Singh, Cloud Security Lead, F5; Benjamin Francis, Fraud Specialist, Shape Security - part of F5
    The use of automation and bots for attacks have been around from the earliest days of OWASP and web application firewalls. What has changed over the years is the increased exposure to these threats with the increasing use of public clouds and explosion of applications. Malicious actors have also evolved into more sophisticated adversaries as there is a growing financial gain from successful breaches.

    Learn from our industry experts on the common tools used to bypass common mitigation techniques, as well as how the OWASP Automated Threat list can be implemented for a comprehensive defense strategy.

    Presenter: Shain Singh, Cloud Security Lead, F5
    Presenter: Benjamin Francis, Fraud Specialist, Shape Security - part of F5
    Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
  • Inside (ISC)² Quarterly Board Update, 2021 (Q2) Recorded: May 6 2021 15 mins
    Zachary Tudor, CISSP, (ISC)² Board of Directors Chairperson and Clar Rosso, CEO, (ISC)²
    (ISC)² Board of Directors Chairperson, Zachary Tudor, CISSP and CEO Clar Rosso update members on accomplishments in Q2 of 2021 including a significant increase in professional development opportunities, record numbers of exam offerings, and sharing new research findings to help fill the cybersecurity profession pipeline. Tune in to hear what the organization has planned for the rest of 2021, including an update on this year’s (ISC)² Security Congress event.
  • Combat MFA Security Gaps - Multi-Factor Authentication Decoded Recorded: May 5 2021 63 mins
    Haru Kaneko, Senior Product Marketing Manager, APJ, Akamai Technologies
    Cloud-centric work environments require us to manage multiple IDs. Multi-factor authentication (MFA) solutions are becoming more important to better serve your employees, partners, and customers — but they are not all created equally.

    Join our session on the latest trends in bypass attacks against MFA and how you can mitigate them.

    During this 45-minute session, we will review the different types of MFA solutions on the market and show you how to measure them based on industry best practice standards such as those outlined by the FIDO Alliance. We’ll also share tips on how to ensure you choose a modern authentication framework tailored to your business model to develop a secure, cost-effective, and low-friction solution.

    You will learn:
    - The role of MFA within your cybersecurity program
    - Different types of MFA solutions and why some are failing
    - Standards to base your solution on
    - Best practices to select a cost-effective and low-friction solution

    Presenter: Haru Kaneko, Senior Product Marketing Manager, APJ, Akamai Technologies
    Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
  • Complete Endpoint Security: Five Critical Steps Recorded: Apr 28 2021 64 mins
    Ajay Kumar, Director for Security Engineering - APJ, BeyondTrust
    70% of successful breaches started at the endpoint in 2019. Since then, a global pandemic has caused a large-scale shift to remote work – a perfect storm for privilege abuse. As a result, malware has increased by 30,000% in 2020. This is especially concerning when many companies still rely on antivirus software (AV) or Endpoint Detection and Response solutions (EDR) alone to secure endpoints.
    In this visionary session, we will be highlighting which two overlooked steps can mitigate the 60% of modern threats that are missed by AV, and why the need for organizations to move from a reactive to a preventative approach is more important than ever.
    Focus topics include:
    • An overview of endpoint security and why it is crucial for your organization
    • Traditional challenges and existing problems with endpoint security
    • The five critical steps to achieving complete endpoint security


    Presenter: Ajay Kumar, Director for Security Engineering - APJ, BeyondTrust
    Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
  • 13 Email Threat Types: What they Do, Why they Succeed, and How to Stop them Recorded: Apr 21 2021 65 mins
    Olesia Klevchuk, Senior Product Marketing Manager & Stephanie Cavigliano, Product Marketing Manager, Barracuda Networks
    Email is perpetually the top vector for cyber threats. Hackers work hard to create sophisticated new threats to thwart the latest security solutions. The result is a complex and confusing threat landscape. If you find it hard to keep track of the many kinds of email threats - you are certainly not alone.

    Don’t miss an in-depth look at exactly how spam, malware, phishing, Business Email Compromise, and the rest of the 13 email threat types use different strategies to penetrate your network, find their way to your inboxes, and manipulate your users into behaviors that can lead to massive data breaches or direct theft of your money. Discover the strategies and technologies that have proven themselves most effective for detecting and stopping these criminal schemes.

    In this webinar we will:
    • Review a wide range of evolving email threats, including their risk and impact on businesses
    • Explain how a machine learning and API-based defenses can keep your users secure
    • Define strategies to protect employees with the right combination of technology solutions and security awareness training

    Presenter: Olesia Klevchuk, Senior Product Marketing Manager, Barracuda Networks
    Presenter: Stephanie Cavigliano, Product Marketing Manager, Barracuda Networks
    Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
  • CCSPオンラインチャレンジセミナー Recorded: Apr 19 2021 118 mins
    諸角 昌宏氏, CCSP, (ISC)² 認定講師; 小熊 慶一郎, CISSP, (ISC)² Director of Business Development, Japan
    (ISC)² が認定する、クラウドセキュリティに関する情報セキュリティ国際認定資格、「CCSP」のチャレンジセミナーを開催します。サイバー・情報・クラウドコンピューティングセキュリティの実務経験に基づく専門的能力と、クラウドセキュリティの専門知識を認証することで、企業は、重要な機能に対して適切な専門家が対応していることを確認することができます。「クラウドファースト」を推進する組織において、クラウドサービスやその利用における情報セキュリティを確実にするため、 CCSP有資格者に管理を任せるケースが増加しています。

    CCSPの6ドメインは、クラウドセキュリティの基礎知識から実践的な対策を行うための考えかたを系統立てて理解するために必要な情報が集約されています。また、CCSPを受験させてみたいけど、どのような内容になっているのかわからないという経営層の皆さんにも理解しやすい内容で提供させていただきますし、情報セキュリティベンダーで製品・サービス企画を行っている皆さんにも効果的な内容となっています。

    今回のセミナーでは 「クラウドの重大セキュリティ脅威」をテーマに、CCSP CBKから関連する内容をピックアップするとともに、新たな内容を加えたセミナーとします。また、通常は5日間で行っているオフィシャルセミナーの各ドメインのオーバービューを紹介します。
  • DevSecOps — How to build continuous security into IT and App Infrastructures Recorded: Apr 14 2021 60 mins
    Walter Manyati, Technical Account Manager, Qualys; Ankit Wasnik, Solutions Architect, Qualys
    Cloud services, Continuous Integration, and Continuous Deployment require security teams to adapt security controls to DevOps processes. This session will discuss how DevSecOps helps security teams work with DevOps to embed continuous security into IT and application infrastructure, and how to get started and build a DevSecOps program for improved and automated auditing, compliance, and control of applications.

    Presenter: Walter Manyati, Technical Account Manager, Qualys
    Presenter: Ankit Wasnik, Solutions Architect, Qualys
    Moderator: Victor Yeo, CISSP, President, (ISC)² Singapore Chapter
  • Protecting the Enterprise: 5 Components needed for Cybersecurity Training Recorded: Apr 13 2021 62 mins
    Spencer Wilcox, CISO, PNM; Derrick Butts, CISO, The Truth Initiative; Mirtha Collin, (ISC)2; Brandon Dunlap, Moderator
    It’s difficult to prescribe a one-size-fits-all approach to training your cybersecurity team. While cybersecurity training needs to be structured and adhere to industry standards, it also must be purposeful and tailored to your organization’s needs. No one organization has precisely the same security needs as another. However, many of the fundamentals of a training and education program apply across different organizations and sectors. Join (ISC)2 for a panel discussion on Tuesday, April 13, 2021 at 1:00PM Eastern as industry leaders share tips they’ve learned and strategies they’re working towards to conquer a secure and compliant cybersecurity training program. Areas for discussion will include:

    · Who needs training

    · Who is responsible for training

    · Determining the curriculum

    · Training and certification

    · Ensuring training effectiveness

    Be prepared for an hour well-spent and discover how to create a cybersecurity training plan that maps to your organization’s specific needs.
  • Beyond Scanning: Container Vulnerability Management Recorded: Apr 7 2021 65 mins
    Steven Zimmerman, Senior Product Marketing Manager, Aqua Security
    Securing Container Images, VMs, and Functions

    Full cloud native security requires more than application security testing and network monitoring. It requires a concerted approach to vulnerability management within CI/CD pipelines, in pre-production testing, and at runtime.

    In this webinar, you will discover how to secure applications in complex cloud native ecosystems, including:
    • Detecting vulnerabilities and exploits in container images, VMs, and serverless functions
    • Prioritizing and triaging security risks to accelerate remediation
    • Uncovering hidden malware and attack kill chains before they’re executed in production

    Presenter: Steven Zimmerman, Senior Product Marketing Manager, Aqua Security
    Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
  • 2021 CISSP官方认证宣讲会 Recorded: Mar 30 2021 91 mins
    崔佳, CISSP, (ISC)²授权讲师, 东方瑞通资深专家
    网络安全的世界充满挑战,新冠肺炎疫情的爆发对全球的网络安全提出了更高的挑战!获取 “金牌认证” CISSP,在2021年为您的职业发展加速!
    享誉全球的CISSP认证含金量高,颇受行业雇主和专家青睐,多次被SC Magazine评为“最佳职业认证项目”,是网络安全专业人士证明网络安全策略、认知和实践经验的理想之选。

    通过本次CISSP中文在线宣讲会,您将了解到:
    • 网络安全专业人才的巨大需求;
    • (ISC)² 认证的价值;
    • CISSP认证的全面介绍,包括CISSP概况、持证者福利、考试及备考、知识域讲解等;
    • CISSP官方培训;
    • 在线答疑:欢迎提问CISSP认证相关的任何问题。
    还有针对单个知识域的详细讲解!欢迎参会!

    讲师: 崔佳, CISSP, (ISC)²授权讲师, 东方瑞通资深专家
(ISC)² Live Webinars for InfoSec Professionals in APAC Region
Looking for expertise and information to advance your career and tackle your challenges? Subscribe and join us for the educational webinars in APAC time zone. Earn CPEs quickly and at no cost by attending webinars: 1 hour of webinar equals 1 CPE. We welcome members and non members alike.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Combat MFA Security Gaps - Multi-Factor Authentication Decoded
  • Live at: May 5 2021 5:00 am
  • Presented by: Haru Kaneko, Senior Product Marketing Manager, APJ, Akamai Technologies
  • From:
Your email has been sent.
or close