Name: 解码客户端攻击和防护措施 – 威胁、挑战和最佳实践
Start: 2021-10-20T03:00:00Z
End: 2021-10-20T03:01:07.000Z
Location: BrightTALK
Rating: 4.8

Looking for expertise and information to advance your career and tackle your challenges? Subscribe and join us for the educational webinars in APAC time zone. Earn CPEs quickly and at no cost by attending webinars: 1 hour of webinar equals 1 CPE. We welcome members and non members alike.

Embark on a foresight journey into the future of cybersecurity, highlighting key trends and innovations that are set to redefine the digital defense landscape in the year ahead. Discover how advancements in artificial intelligence will revolutionize the way security teams reduce cybersecurity risks and improve their abilities to defend against modern threats. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he shares his top five cybersecurity predictions for 2025.

Top Five Cybersecurity Predictions for 2025

Has your organization jumped on the passwordless authentication bandwagon yet? If not, it should. Passwordless authentication embraces possession factors, such as certificates and hardware tokens, and inherence factors, such as fingerprints and face scans, to replace legacy password and single sign-on (SSO) authentication methods. It also strengthens your organization’s security posture while improving the user experience for accessing company applications and data. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews modern passwordless authentication technologies and the benefits organizations have achieved by implementing them.

Passwordless Authentication: A New Reality or a Pipe Dream?

New to the security industry? Or thinking about transitioning into an information security role? If so, this webinar is for you. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he provides a one-hour ‘crash course’ on the entire security industry, including:

- Size and growth of the security industry
- Useful vocabulary terms and buzz words
- Five types of cyberthreat actors 
- Modern cyberthreats and tactics
- Categories of security defenses
- Common security job roles
- Security industry ecosystem

Security Industry 101: A ‘Crash Course’ For Security Newbies

Artificial intelligence (AI) has bolstered cybersecurity solutions across the board. Security teams have more ways to detect advanced threats than ever before, and organizations are much better equipped to measure and reduce their attack surfaces. However, AI also benefits cyber adversaries with improved phishing and spear phishing techniques and new methods for tricking unsuspecting victims using deepfake content spawned by generative AI. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he provides a comprehensive analysis of AI's dual role in both fortifying and challenging modern cyber defenses. Discover who's winning the AI arms race in cybersecurity.

Impact of AI on the Cybersecurity Industry: Who's Got the Upper Hand?

Compromising end user computing devices through spear phishing attacks is frequently cited as the initial step of advanced persistent threats, often leading to data breaches. Year after year, IT security professionals cite “low security awareness among employees” as a top inhibitor to IT security’s success in CyberEdge’s annual Cyberthreat Defense Report. So, why aren’t more security teams adequately addressing this challenge? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he details five ways to invest in your company’s human firewalls.

Five Smart Ways to Invest in Your Human Firewalls

Want to know which IT security technologies are hot and which ones are not? Join Steve Piper, Founder & CEO of CyberEdge (and a proud CISSP), as he reviews key purchase insights from the 2024 Cyberthreat Defense Report. Specifically, Steve will examine which security technologies are most widely deployed and most planned for acquisition in 2024 so you can benchmark your company’s current and planned investments against your peers. Steve will review purchase intent across five key security technology categories, including:

- Network security
- Endpoint security
- Application and data security
- Security management and operations
- Emerging security technologies

The ‘Hottest’ IT Security Technologies in 2024

Colonial Pipeline, CNA Financial, JBS Foods, Garmin, and Travelex. All victimized by high-profile ransomware attacks. All paid ransoms. Did these companies do the right thing by paying ransoms to accelerate data and system recovery? Or are they merely funding the ransomware industry and prompting even more attacks? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key findings from CyberEdge’s 2024 Cyberthreat Defense Report. In this webinar, Steve will:

- Examine disturbing ransomware trends, by country and by industry
- Evaluate key factors that go into deciding whether to pay ransoms
- Outline ways to be prepared for a successful ransomware attack
- Review technologies to help give security teams the upper hand

Ransomware Deep Dive: To Pay or Not to Pay?

CyberEdge’s annual Cyberthreat Defense Report (CDR) has become a staple for assessing organizations’ security postures, for gauging perceptions of IT security professionals, and for ascertaining current and planned investments in IT security infrastructure. It incorporates dozens of insights from 1,200 security professionals from 17 countries and 19 industries. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key findings from CyberEdge’s tenth-annual 2024 CDR, including:

- The percentage of organizations victimized by cyber attacks 
- The percentage of organizations victimized by ransomware attacks
- How AI helps both cybersecurity teams and cyber adversaries
- Factors that improve overall job satisfaction among security professionals
- The health of IT security budgets
- The hottest security technologies planned for acquisition

Key Insights From the 2024 Cyberthreat Defense Report

In the world of cybersecurity defenses, the only constant is change. More than 3,500 cybersecurity vendors are continuously innovating, finding new ways to mitigate risks and secure modern computing environments. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews five emerging cybersecurity defenses, including:

- SaaS security posture management (SSPM)
- Cloud-native application protection platform (CNAPP)
- Cloud infrastructure entitlement management (CIEM)
- Identity threat detection and response (ITDR)
- Passwordless authentication

Exploring Five Emerging Cybersecurity Defenses

Nearly one-third of web attacks targeted APIs in 2023. APIs are now vital for modern applications, enabling seamless communication and data exchange between systems. As their use grows across various industries to improve efficiency and customer experiences, APIs also become prime targets for attackers. Vulnerabilities in APIs can lead to data breaches and abuse of business logic, presenting major challenges to organizations.  

On 23 April 2024 at 1:00 p.m. SGT join Akamai and ISC2 as we discuss findings from the State of the Internet (SOTI) report, Lurking in the Shadows: Attack Trends Shine Light on API Threats. 

We will discuss: 

-Latest API attack trends observed in Asia Pacific  

-Top industry sectors being attacked  

-Top cyber threats targeting APIs and their implications  

-Best practices and practical strategies for fortifying your APIs against malicious activities

Presenter: Reuben Koh, Director, Security Technology and Strategy, APJ, Akamai
Moderator: Emily Kong, CISSP, CCSP

Effectively Safeguarding Your APIs: From Discovery to Defense

これまで、WebベースのサービスはWAFによって保護されてきましたが、WAFによる検知を回避する様々なWeb攻撃の手法が、攻撃者によって日々開発されています。
Akamai が観測したそれらの巧妙な攻撃の中から、非常に高度なWebスキミングと API攻撃の実態を最新データから明らかにするとともに、有効な多層防御ソリューションのしくみと導入効果について実例を交えて考察します。

スピーカー：
Kazuhiro Nakanishi, Product Marketing Manager, Akamai Technologies

モデレーター：
Yuji Okamoto, CISSP, Member, ISC2 Japan Chapter

WAFによる検知を回避する 巧妙なWeb攻撃の実態

Join us for a deep dive into Certified Information Systems Security Professional (CISSP), the cybersecurity leadership credential from ISC2.

Earning the CISSP is an investment in your future and an important next step in your career. Consistently recognized globally as the gold standard cybersecurity certification, it distinguishes you as a leader committed to excellence.

CISSP certification demonstrates that you have the advanced knowledge and technical skills to design, develop and manage an organization’s overall security posture. If you’re vendor-certified, it expands the depth and breadth of your knowledge and positions your skills as more versatile.

In this 60-minute live virtual session, you’ll learn:
- If CISSP is right for you
- How Official ISC2 Training flexes with your learning style
- What to expect on exam day
- How to become endorsed and maintain your certification
- Plus, more!

Plus! Get answers to your CISSP questions during the Q&A section.

Register now and begin your CISSP certification journey today!

Certified Information Systems Security Professional (CISSP) Info Session

Vulnerability management has been a staple of security teams for decades. But if you haven’t noticed, this space has evolved considerably in recent years. Long gone are the days of lengthy, hard-to-digest vulnerability scanning reports often created to check the PCI compliance checkbox. These days, smart IT security teams are investing in exposure management platforms and embracing best practices to help prioritize which vulnerabilities to remediate first based on a variety of internal and external factors. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he:

- Recaps the evolution from VA, to VM, to RBVM, to exposure management
- Defines key elements of modern-day exposure management platforms
- Reviews internal and external factors to help prioritize vulnerability remediation
- Summarizes the extraordinary benefits derived from exposure management deployments
- Describes what to look for when evaluating best-of-breed exposure management offerings

From Vulnerability Management to Exposure Management: Evolution or Revolution?

When ChatGPT was released to the public, cyber criminals were quick to see generative AI’s potential to streamline and enhance their activities, dramatically increasing both the volume and effectiveness of their phishing efforts. Fortunately, security researchers have been equally busy developing new and enhanced capabilities with the help of AI and machine learning.  

Join Barracuda and ISC2 March 19, 2024 at 11am HKT for an insight-packed webinar and get a detailed account of exactly how AI is transforming both the threat landscape and the array of tools and strategies available to IT security personnel.

Presenters:
- Olesia Klevchuk, Product Marketing Director, Barracuda Networks
- Prebh Dev Singh, Manager, Product Management, Barracuda Networks
Moderator:
Yohanna Kho, CISSP

AI vs. AI: How Attackers and CISOs Are Both Leveraging AI

より多くの企業がクラウドに移行する中、クラウドセキュリティのプロフェッショナルの需要が高まっています。世界的に認められているCCSPを取得することで、クラウドにおけるデータ、アプリケーション、インフラを設計・管理・保護するための高度な知識とスキルを有していることをアピールできます。

本セミナーでは、ISC2について、またCCSP資格の概要、試験、認定維持についてご紹介後、ISC2公式 CCSP CBK トレーニングで実際に講師を務めるISC2認定講師 諸角氏が、CCSP CBKの一部を解説します。 
 
第一部：「ISC2とCCSP資格のご紹介」 (小熊 慶一郎氏) 
資格のご紹介、取得までの道のり、資格の維持についてお話するとともに参加者からの質問にお答えします。
 
第二部：CCSP CBK 第3章「クラウドプラットフォームとインフラストラクチャセキュリティ」解説（諸角 昌宏氏）
今回は、CCSP CBK 第3章「クラウドプラットフォームとインフラストラクチャセキュリティ」から、プラットフォームセキュリティをピックアップして解説します。
クラウドサービスを支えるプラットフォームのセキュリティとしてCCSPとして押さえるべくポイント、また、近年注目を集めているゼロトラストおよびサーバーレスのセキュリティについて、クラウドの観点から解説します。

ISC2 Online Information Session 2024: クラウドセキュリティ資格「CCSP」紹介セミナー

Artificial intelligence (AI) is transforming the way cybersecurity vendors and service providers empower their customers to mitigate the risks of today’s evolving threat landscape. Security teams have more ways than ever to work smarter, rather than harder, to detect and block advanced threats, automate response and remediation, and reduce modern attack surfaces. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he describes five ways that AI is already improving today’s cybersecurity defenses. This webinar is ideal for cybersecurity professionals keen to leverage AI's transformative power in safeguarding digital assets.

Five Ways AI Improves Cybersecurity Defenses Today

Join us for this live webinar where we’ll tell you all about newly enhanced Official ISC2 Online Self-Paced Training for ISSEP. Find out how it provides a clear-cut and comprehensive review of the domains for a more structured and intuitive learning experience. We’ll also share details about the new second path to earning the ISSEP.
We’ll cover:
• New Path to ISSEP Certification
• Enhanced ISSEP training benefits
• New study tools
• Education Guarantee
• And more!

Save your spot now.

ENHANCED! ISSEP Official ISC2 Online Self-Paced Training

生成AIの動向とセキュリティへの影響 ～大衆化する専門性への懸念と期待～
Preferred Networks 高橋 正和, CISSP
 
ChatGPTをはじめとした生成AIが活発に利用され、セキュリティ領域においても、攻撃者が生成AIを悪用することに伴う新たなリスクの発現、既存リスクの拡大や深刻化が懸念されています。
本講演では、まず、生成AIの概要として、構成や構造、ブレークスルーがどこにあるかを解説します。また、生成AIに伴う脅威については、CSAやOWASPが公表した資料を考察し、生成AIに関わるセキュリティ上の懸念について解説します。
 
CISOパネルディスカッション「今後3年間でCISOが行うべきことは何か」
Preferred Networks 高橋 正和, CISSP
日本マイクロソフト 河野 省二, CISSP
株式会社サイバーセキュリティクラウド 桐山 隼人, CISSP 
 
生成AIを活用し、企業におけるITシステムの使い方も変化していくと考えられます。今後3年間を考えたときに、CISOがすべきことについてディスカッションします。

モデレーター
ISC2 Director of Business Development, Japan 小熊 慶一郎, CISSP

生成AIが活用される時代に求められるセキュリティとは CISOパネルディスカッション「今後3年間でCISOが行うべきことは何か」

鉴于Web页面越来越依赖脚本，恶意攻击者正在利用脚本作为新的攻击媒介来窃取敏感的客户信息。近来，基 于脚本的攻击(例如 Magecart)变得日渐复杂、难以检测，想要阻止它们更是难上加难。这些 Web 窃取攻 击愈加侧重于在客户端通过脚本的方式窃取信用卡信息和帐户凭据，这样会损害您的品牌并导致贵公司遭受巨额罚款。 本次在线研讨会将会讨论如下的话题： 
• 通常的客户端攻击手段
• 保护客户端和相关数据的最佳实践

演讲人: 武智广, 资深售前工程师, Akamai Technologies
主持人: 叶天斌, CISSP, (ISC)² 广州分会会长

解码客户端攻击和防护措施    –    威胁、挑战和最佳实践

Cyber Security

Security Awareness

Information Security

Information Management

Cyber Threats

Practice Management

Cyber Attacks

Cyber Defence

Welcome to the mobile computing community on BrightTALK! With the consumerization of IT and the widespread adoption of mobile devices across the globe, mobile computing has become an important part of many people's lives in a culture of bring your own device (BYOD). With mobile devices doubling as work phones and more employees working from home, businesses need to provide secure access to data and work applications from anywhere at any time. Join this growing community and hear from industry thought leaders in webinars and videos as they share their insight on mobile computing research and trends.

Mobile Computing

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

解码客户端攻击和防护措施 – 威胁、挑战和最佳实践

Presented by

About this talk

More from this channel