Name: 内部不正対策はなぜ難しいか? その事例と対応策
Start: 2024-09-03T05:00:00Z
End: 2024-09-03T05:01:32.000Z
Location: BrightTALK
Rating: 4.7

Looking for expertise and information to advance your career and tackle your challenges? Subscribe and join us for the educational webinars in APAC time zone. Earn CPEs quickly and at no cost by attending webinars: 1 hour of webinar equals 1 CPE. We welcome members and non members alike.

サプライチェーンは経営リスクの１つであり、多様な課題を抱えています。その中でもメールのサプライチェーンリスクは重要なテーマです。メールは取引先とのやり取りで最も多く利用される一方で、攻撃者にとっても代表的な侵入口であり、取引先の信頼関係を逆手に取った形で日本国内でも脅威が拡大しています。本講演では、こうした現状を踏まえ、メールを起点とするサプライチェーン攻撃の特徴と、日本企業が取るべき防御の取り組み方、そしてサプライチェーン全体を強化するための実践的アプローチをご紹介します。

見落とされがちなサプライチェーン - 信頼している取引先から届くメール、本当に安全だと言えますか？

The cybersecurity landscape is evolving rapidly. As cyberthreats grow in complexity, organizations must stay ahead of the curve by anticipating what’s next. So, what’s in store for our industry in the coming year?

Join Steve Piper, CEO of CyberEdge and Editor-in-Chief of Security Buzz, as he recaps the good, the bad, and the ugly cybersecurity events of 2025 and shares his top five cybersecurity predictions for 2026. This webinar provides a forward-looking perspective, equipping attendees with the insights and strategies needed to stay ahead of emerging threats and capitalize on new opportunities.

The Road Ahead: Top Five Cybersecurity Predictions for 2026

New to the security industry? Or thinking about transitioning into an information security role? If so, this webinar is for you. Join Steve Piper, CEO of CyberEdge and Editor-in-Chief of Security Buzz, as he provides a one-hour ‘crash course’ on the entire security industry, including:

- Size and growth of the security industry
- Useful vocabulary terms and buzz words
- Five types of cyberthreat actors 
- Modern cyberthreats and tactics
- Categories of security defenses
- Common security job roles
- Security industry ecosystem

Security Industry 101: What Every Newcomer Needs to Know

Join this live online session as our panel of experts deep dive into SSCP and answer your questions. We’ll go over certification requirements, the domains, self-study resources, training options and more to help you build confidence so you’re ready on exam day.

What You'll Learn: 

- Certification Requirements: Understand what it takes to become a SSCP.
- Domains of Knowledge: Get familiar with the key areas covered and the exam format.
- Study Resources: Discover effective tools and strategies to enhance your preparation.
- Expert Q&A: Have your burning questions answered by industry professionals and an authorized instructor.

Save your spot now.

Presenters:
- Revanth Davuluri, SSCP, CC, OT/ICS Cybersecurity Engineer
- Utkarsh Utsava, CCSP, SSCP, Cyber Security Design Senior Specialist
- Ajit Pal Singh Wadhwan, CISSP, CCSP, SSCP Authorized Instructor

SSCP EXAM READY: Ask the Experts Before You Sit

The rise of artificial intelligence in cybersecurity is both a blessing and a curse. AI is redefining the cybersecurity battlefield, offering unprecedented advantages for security teams and threat actors.

Join Steve Piper, CEO of CyberEdge and Editor-in-Chief of Security Buzz, as he explores AI’s transformative impact on the IT security industry. On the defense side, AI is revolutionizing threat detection, automating incident response, and predicting vulnerabilities before they’re exploited. However, threat actors are also leveraging AI to enhance phishing attacks, create evasive malware, and orchestrate sophisticated social engineering campaigns. 

This webinar provides a balanced view of AI’s dual role in cybersecurity, showcasing both the opportunities and challenges it presents. Gain insights into how IT security teams can adopt AI to stay ahead, while understanding how adversaries may use it to their advantage. With expert commentary and real-world examples, this session equips attendees with the knowledge to navigate AI’s impact on the evolving threat landscape.

From Shield to Spear: How AI is Reshaping Cyber Defense and Offense

Join this live online session as our panel of experts deep dive into CCSP and answer your questions. We’ll go over certification requirements, the domains, self-study resources, training options and more to help you build confidence so you’re ready on exam day.

What You'll Learn: 

- Certification Requirements: Understand what it takes to become a CCSP.
- Domains of Knowledge: Get familiar with the key areas covered and the exam format.
- Study Resources: Discover effective tools and strategies to enhance your preparation.
- Expert Q&A: Have your burning questions answered by industry professionals and an authorized instructor.

Save your spot now.

Presenters:
- Ajit Pal Singh Wadhwan, CISSP, CCSP, SSCP, ISC2 Authorized Instructor
- Affan Shaikh, CISSP, CCSP, Deputy Vice President, IT Security
- Kamlesh Singh, CISSP, CCSP, Cyber and Cloud Security Leader

CCSP EXAM READY: Ask the Experts Before You Sit

The threat landscape continues to evolve at breakneck speed. In 2024 alone, Akamai observed over 311 billion web application and API attacks—a 33% year-over-year jump. Ransomware rose 37% globally, with quadruple extortion emerging as the latest tactic of choice. AI-driven threats, vulnerable APIs, and Ransomware-as-a-Service (RaaS) are on the rise, resulting in the attack landscape evolving at a very rapid pace - one where threat actors are now faster, stealthier, and more coordinated than ever. With APIs fast becoming a preferred attack vector and ransomware becoming the new normal, organizations need to start adapting their security posture to counter these modern threats that are getting increasingly sophisticated by the day. 

Join this session to learn about: 
- How AI and GenAI are being used in modern ransomware attacks
- Hacktivism + RaaS: New trend of hybrid groups mixing political ideology with ransomware 
- Why protecting APIs should be front and center of your security strategy 
- Recommended mitigations to protect against these threats based on continuous visibility, enhanced resilience and AI-powered defenses.

How Ransomware, APIs, and AI are Rewriting the Rules of Cyber Defense

Join this live online session as our panel of experts deep dive into CISSP and answer your questions. We’ll go over certification requirements, the domains, self-study resources, training options and more to help you build confidence so you’re ready on exam day.

What You'll Learn: 

- Certification Requirements: Understand what it takes to become a CISSP.
- Domains of Knowledge: Get familiar with the key areas covered and the exam format.
- Study Resources: Discover effective tools and strategies to enhance your preparation
- Expert Q&A: Have your burning questions answered by industry professionals and an authorized instructor.

Save your spot now.

Presenters:
- Richa Garg, CISSP, CCSP, SSCP, Principal Architect
- Shafaat Khan, CISSP, CC, Cyber Security Analyst
- Luqman Haniff Bin Omar, CISSP, CCSP, CGRC, ISC2 Authorized Instructor

CISSP EXAM READY: Ask the Experts Before You Sit

Today’s cyberthreat landscape is marked by sophisticated attacks, including ransomware, deepfakes, and advanced persistent threats. The rise of AI-powered malware, supply chain vulnerabilities, and insider risks compounds challenges. 

Join Steve Piper, CEO of CyberEdge and Editor-in-Chief of Security Buzz, as he explores the cutting-edge advancements driving the evolution of IT security, such as continuous threat exposure management (CTEM), identity threat detection and response (ITDR), passwordless authentication, and more. This session offers practical advice on implementing these innovations to protect your organization against complex and emerging risks. Whether you’re planning for growth or looking to bolster your current defenses, this webinar delivers the insights you need.

The Future is Here: Top IT Security Technologies Shaping 2025

Join this online session as our panel of experts deep dive into Certified in Cybersecurity (CC) and answer your questions. We’ll go over certification requirements, the domains, self-study resources, training options and more to help you build confidence so you’re ready on exam day.

What You'll Learn: 

- Certification Requirements: Understand what it takes to become a certified CC professional.
- Domains of Knowledge: Get familiar with the key areas covered and the exam format.
- Study Resources: Discover effective tools and strategies to enhance your preparation
- Expert Q&A: Have your burning questions answered by industry professionals and an authorized instructor.

Presenters:
• Ajit Pal Singh Wadhwan, CISSP, CCSP, Authorized Instructor
• Hritik Bhandari, CC, Software Engineer
• Beenu P B, CISSP, CC, Information Security Platform Engineer

CC EXAM READY: Ask the Experts Before You Sit

Ransomware attacks have reached unprecedented levels of sophistication, targeting organizations across all industries and sectors. As these threats evolve, so too must the strategies to combat them.

Join Steve Piper, CEO of CyberEdge and Editor-in-Chief of Security Buzz, as he provides a deep dive into strategies that can help organizations effectively navigate the ransomware threat lifecycle. From advanced prevention techniques and risk mitigation to streamlined recovery processes, this session covers every critical aspect of ransomware readiness. Don’t let ransomware catch you off guard—join us to build your defenses, improve your response capabilities, and recover faster when faced with a ransomware event.

Surviving Ransomware: Strategies to Defend, Respond, and Recover

As cloud adoption surges, so does the speed and sophistication of attacks. Traditional static detection and response can’t keep up in today’s fast-moving, multi-cloud environments.  

Join Palo Alto Networks and ISC2 for this on-demand webinar to explore actionable best practices for modern cloud detection, investigation, and response (CDR). We’ll cover how security teams are leveraging CDR to keep up with the speed and diversity of cloud-native attacks.  

In this session, you'll learn:  
<ul><li>Lessons from real-world multi-cloud incidents  </li>
<li> Why cloud security must start with prevention, not just detection  </li>
<li> How to cut through the noise and focus on what really matters  </li>
<li> Key capabilities to demand in a CDR solution — and red flags to avoid </li>
<li> How to ready your SecOps team for cloud-native response </li></ul>

Best Practices for Cloud Detection and Response: Real-World Lessons from Multi-Cloud Attacks

Deepfakes are no longer a distant concern—they’re an active threat to businesses, governments, and individuals. As deepfake technology grows more sophisticated, security teams face mounting challenges in combating its misuse. 

Join Steve Piper, CEO of CyberEdge and Editor-in-Chief of Security Buzz, as he discusses the evolution of deepfakes, methods for their detection, and strategies for mitigating risks. From leveraging AI to enhance defenses to improving security awareness amongst your workforce, attendees will gain actionable guidance to stay ahead of this growing challenge.

The Rise of Deepfakes: How Smart Security Teams Stay Ahead

より多くの企業がクラウドに移行する中、クラウドセキュリティのプロフェッショナルの需要が高まっています。世界的に認められているCCSPを取得することで、クラウドにおけるデータ、アプリケーション、インフラを設計・管理・保護するための高度な知識とスキルを有していることをアピールできます。

本セミナーでは、ISC2について、またCCSP資格の概要、試験、認定維持についてご紹介後、ISC2公式 CCSP CBK トレーニングで実際に講師を務めるISC2認定講師 諸角氏が、CCSP CBKの一部を解説します。 
 
第一部：「ISC2とCCSP資格のご紹介」 (小熊 慶一郎氏) 
資格のご紹介、取得までの道のり、資格の維持についてお話するとともに参加者からの質問にお答えします。
 
第二部：CCSP CBK 第6章　モジュール3「プライバシーの問題の理解」解説（諸角 昌宏氏）

今回は、CCSP CBK 第6章「クラウドガバナンス:  法務、リスク、コンプライアンス」から、クラウド上でのプライバシーデータの取り扱いをピックアップして解説します。プライバシーの問題、個人データをクラウド上で取り扱うには、国ごとに定められている法律を理解することが必要です。それぞれの国・地域の法律の特徴、プライバシー要件等を理解し、クラウド上で取り扱う場合の注意点などを、CCSP CBKに従って解説します。

ISC2 Online Information Session 2025: クラウドセキュリティ資格「CCSP」紹介セミナー

Join us for a deep dive into Systems Security Certified Practitioner (SSCP), the security operations and network security credential from ISC2, creator of the CISSP.  

As organizations continue to pursue digital transformation initiatives, the threat landscape is always expanding. Yet cybersecurity leadership talent is scarce. That’s where SSCP from ISC2 comes in — to help fill the gap.

The SSCP is ideal for IT administrators, managers, directors and network security professionals responsible for the hands-on operational security of their organization’s critical assets. It shows you have the advanced technical skills and knowledge to implement, monitor and administer IT infrastructure using security best practices, policies and procedures. 
 
In this 60-minute live virtual session, you’ll learn: 
- If SSCP is right for you 
- About the exam prep options and tips
- What to expect on exam day
- How to become endorsed and maintain your certification 

Plus! Get answers to your SSCP questions during the Q&A section. 

Register now and begin your SSCP certification journey today!

Systems Security Certified Practitioner (SSCP) Information Session

ISC2 が提供するグローバルスタンダードなサイバーセキュリティ資格 CISSP（Certified Information Systems Security Professional） について、詳しくご紹介するオンラインセッションを開催します。

CISSP は、サイバーセキュリティ分野におけるリーダーシップと専門性を証明する資格として、世界中で高く評価されており、取得はキャリアの大きな投資となります。組織全体のセキュリティ戦略を設計・構築・運用できる高度な知識とスキルを証明するこの資格は、ベンダー資格をすでに取得している方にとっても、より広範で実践的なスキルを補完・強化するものです。

第一部：「ISC2とCISSP資格のご紹介」 (小熊 慶一郎氏)
資格のご紹介、取得までの道のり、資格の維持についてお話するとともに参加者からの質問にお答えします。

第二部：「情報セキュリティを学ぶ前に知っておきたいこと」（河野 省二 氏）

さらに、Q&Aセッションでは、参加者の皆さまからのご質問にもリアルタイムでお答えします。
今すぐご登録いただき、CISSP 認定への第一歩を踏み出しましょう！

Online Information Session 2025: サイバーセキュリティ資格「CISSP」紹介セミナー

Legacy vulnerability management approaches often struggle to keep pace with today’s dynamic threat landscape. Maximizing the value of your vulnerability management program requires moving beyond outdated practices to adopt a proactive and risk-based approach. 

Join Steve Piper, CEO of CyberEdge and Editor-in-Chief of Security Buzz, as he shares strategies for transforming legacy vulnerability management systems into efficient, leading-edge cyber exposure programs that prioritize high-risk vulnerabilities, streamline workflows, and reduce attack surfaces. Gain insights into leveraging automation, integrating threat intelligence, and driving measurable improvements in your organization’s security posture.

From Legacy to Leading-Edge: How to Maximize Your Vulnerability Management Investment

Join us for a deep dive into Certified in Governance, Risk and Compliance (CGRC), the governance, risk and compliance credential from ISC2, creator of the CISSP.
 
The CGRC is an information security practitioner who champions system security commensurate with an organization’s mission and risk tolerance, while meeting legal and regulatory requirements.  

CGRC, a vendor-neutral cybersecurity credential, recognizes your knowledge, skills and abilities to authorize and maintain information systems within the RMF. It proves you know how to formalize processes to assess risk and establish security documentation.  
 
CGRC is particularly well-suited for IT, information security and cybersecurity practitioners who manage risk in information systems. It is also recommended for any practitioner involved in authorizing and maintaining information systems. 

In this 60-minute live virtual session, you’ll learn:
- If CGRC is right for you
- How Official ISC2 Training flexes with your learning style
- What to expect on exam day
- How to become endorsed and maintain your certification

Plus! Get answers to your CGRC questions during the Q&A section. 

Register now and begin your CGRC certification journey today!

Presenters:
- Luqman Haniff Bin Omar, CISSP, CCSP, CGRC, ISC2 Authorized Instructor
- Louis Cremen, CISSP, CSSLP, CGRC, ISC2 Authorized Instructor
- Zhihao Zhou, ISSAP, ISSMP, CISSP, CCSP, CSSLP, CGRC, SSCP,  Deputy Director, Security Architecture and Consultancy, MAS

Certified in Governance, Risk and Compliance (CGRC) Information Session

近年、内部不正に関する事案を目にする機会が増えてきています。内部事情を知っている内部者による不正は、時に非常に大きな損害を組織に与えます。どうすればこのリスクを低減することができるのでしょうか。世の中には数多くのセキュリティソリューションが存在しますが、これらは内部不正にも有効なのでしょうか。

本講演では、まず、内部不正にはどのようなものがあり、どのようにすれば防ぐことができるのか、そして、その対策の難しさについて事例と共に解説していきます。

「内部不正対策の考え方 ～ 組織における内部不正防止ガイドラインから」
　独立行政法人情報処理推進機構　セキュリティセンター 主任研究員
　佐川 陽一

「金融機関における内部不正対策 ～ 報道事例に基づいて ～」
　金融情報システム監査等協議会 会長
　米川 敦, CISSP

【パネルディスカッション】
「なぜ内部不正対策が難しいのか? その事例と対応策」

　モデレーター：
　ISC2 Director of Business Development, Japan 小熊 慶一郎, CISSP
　パネリスト：
　独立行政法人情報処理推進機構 セキュリティセンター 主任研究員 佐川 陽一
　金融情報システム監査等協議会 会長 米川 敦, CISSP

内部不正対策はなぜ難しいか? その事例と対応策

ISC2

Welcome to the mobile computing community on BrightTALK! With the consumerization of IT and the widespread adoption of mobile devices across the globe, mobile computing has become an important part of many people's lives in a culture of bring your own device (BYOD). With mobile devices doubling as work phones and more employees working from home, businesses need to provide secure access to data and work applications from anywhere at any time. Join this growing community and hear from industry thought leaders in webinars and videos as they share their insight on mobile computing research and trends.

Mobile Computing

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

内部不正対策はなぜ難しいか? その事例と対応策

Presented by

About this talk

ISC2 APAC Secure Webinars