Hi [[ session.user.profile.firstName ]]

Utilizing a Digital Risk Management Framework for Securing the Cloud

How a Digital Risk Framework (an understanding of the differences between cyber security, cyber risk and digital risk) can help identify and mitigate risks to your Cloud Infrastructures.

In this session you will learn what a Digital Risk Framework is, how a Digital Risk Framework can help you comply with the onslaught of privacy regulations (CCPA, GDPR, HIPPA, etc) and its impact on your Cloud Infrastructures, which are most commonly used.
Recorded Feb 22 2019 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Bob Liscouski, Juanita Koilpillai and David Morris
Presentation preview: Utilizing a Digital Risk Management Framework for Securing the Cloud

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • SIM Swapping Digital Identities Jun 18 2020 4:00 pm UTC 60 mins
    David Morris | Allison Nixon
    This Election Hacking episode will explore the recent wave of SIM swap attacks in the context of MFA compromise, account hijacking and data theft ahead of the 2020 election.

    Can SIM swapping be used to target and steal identities of high-value individuals in the 2020 elections (e.g. campaign staff, influencers, local election officials)?

    Join this panel to learn more about:
    - Why attackers are focusing on identities
    - SIM swap attacks and two-factor authentication
    - Phishing - most commonly used for SIM swapping
    - Other ways attackers can get the victim's info
    - What can be done to protect digital identities
    - Early SIM-swapping attack warning signs

    Speakers:
    - Allison Nixon, Chief Research Officer at Unit 221B

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • Election Threats: Ransomware at the State & Local Level Recorded: May 21 2020 58 mins
    David Morris | Lee Imrey | Brett Foy | Lance James
    Crippling ransomware attacks are on the rise and U.S. cities are falling victim at alarming rates. The public sector is especially vulnerable because state and local governments tend to have outdated computer systems and maintain sensitive data which is highly desirable to attackers.

    Join this episode of the Election Hacking series to learn more about the ransomware threat to state and local governments and what this means for the 2020 U.S. presidential election.
    - The year of ransomware
    - How cities and states are coping with the scourge of ransomware
    - The ransomware dilemma: Pay the ransom or fight the infection
    - How AI is enabling - and helping fight - ransomware attacks
    - Ransomware as a threat to democracy

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    Panelists:
    - Lee Imrey, Cybersecurity Advisor, Splunk
    - Brett Foy, Global Vice President, Engineering, Datrium
    - Lance James, CEO of Unit 221B

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • Cyber Threats to Elections Recorded: Apr 28 2020 49 mins
    David Morris | Mick Baccio | Dave Klein | Allison Nixon
    With the 2020 U.S. presidential election on the horizon, what are the biggest cybersecurity threats our democracy is facing? How well is the election infrastructure prepared when it comes to cybersecurity, and what are some steps to take today to strengthen the security posture?

    Join this panel to learn more about:
    - The current government threat landscape
    - Which threats can we expect to see in the next few months?
    - Why visibility into the security posture of election infrastructure is key
    - What's needed to ramp up security quickly?
    - Recommendations for enhancing election security

    Speakers:
    - Mick Baccio, Security Advisor, Splunk
    - Dave Klein, Sr. Director of Engineering and Architecture, Guardicore
    - Allison Nixon, Chief Research Officer at Unit 221B

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • Elections, Pandemics & Cybersecurity: A Toxic Brew Recorded: Apr 21 2020 61 mins
    David Morris | Steven Teppler | Lance James
    This is a Special Edition episode in the Election Hacking series on BrightTALK.

    The Coronavirus outbreak (or COVID19), has redefined every aspect of our lives from the way we work, play, and receive emergency services.

    Remote interactions may be the new normal. How will this "new normal" affect our election process and what are the ramifications from a cybersecurity point of view?

    Will we be voting remotely in an electronic fashion and if so, what are the threats, vulnerabilities, and weaknesses? What can be done to prepare for a secure voting process?

    Panelists:
    - Lance James, CEO of Unit 221B
    - Steven Teppler, Partner at Mandelbaum Salsburg P.C.

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    Join this special episode of the Election Hacking Series as we discuss this timely and critical issue.
  • Deepfakes, Social & Impact on Elections Recorded: Mar 26 2020 61 mins
    David Morris | John Bambenek | Lance James | Dean Nicolls
    AI-generated fake videos, or deepfakes, are becoming more common, more convincing and easier to create. In the era of social, technically manipulated videos can spread like wildfire.

    This is a particularly sensitive issue in today's politically charged environment. With the 2020 U.S. presidential election on the horizon, foreign interference in elections is a real problem and social media the perfect gateway for sowing misinformation, discord and mistrust.

    Can deepfakes impact the outcome of elections? How easy are they to spot, and do you need a tool for that?

    Join this episode of the Election Hacking series to learn more about the emergence of deepfakes and what can be done to mitigate its impact on elections.
    - The current state of deepfakes
    - How deepfakes can be used in misinformation campaigns
    - Use of deepfakes in cyber crime
    - Social media and the spread of fake videos
    - How tech companies are addressing the scourge of deepfakes (Facebook, Twitter, YouTube)

    Panelists:
    - Lance James, CEO of Unit 221B
    - John Bambenek, VP for Security Research and Intelligence at ThreatSTOP
    - Dean Nicolls, VP of Global Marketing, Jumio

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • 2020 Election – Hacking The Vote Recorded: Feb 24 2020 59 mins
    David Morris | Cameron Koffman | Tinatin Japaridze | Lance James
    The inaugural episode of the Election Hacking series will introduce the topic of who, how and why the upcoming 2020 election will be hacked.

    Join this interactive Q&A session to learn more about election hacking, its impact, the various stakeholders, and what if anything, can be done.

    Our unique panel of individuals will bring diverse perspectives to this topic.

    - Cameron Koffman, who, if elected, would be the youngest candidate since Theodore Roosevelt running for the NY State Assembly
    - Tinatin Japaridze, former United Nations correspondent for the Russian and Ukrainian media, with expertise in bi-lateral US-Russian relations on cyber security.
    - Lance James, CEO of Unit 221B and noted cyber security expert who has assisted various law enforcement and government agencies on some of the most highly publicized hacking investigations.

    Moderator: David Morris, Executive Director at Digital Risk Management Institute
  • How to Add Security in DataOps and DevOps Recorded: Jan 29 2020 62 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    The emerging DataOps is not Just DevOps for Data. According to Gartner, DataOps is a collaborative data management practice focused on improving the communication, integration and automation of data flows between data managers and consumers across an organization.

    The goal of DataOps is to create predictable delivery and change management of data, data models and related artifacts. DataOps uses technology to automate data delivery with the appropriate levels of security, quality and metadata to improve the use and value of data in a dynamic environment.

    This session will discuss how to add Security in DataOps and DevOps.
  • A Practical Approach to FFIEC, GDPR & CCPA Compliance Recorded: Jan 21 2020 63 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    With sensitive data residing everywhere, organizations becoming more mobile, and the breach epidemic growing, the need for advanced data privacy and security solutions has become even more critical. French regulators cited GDPR in fining Google $57 million and the U.K.'s Information Commissioner's Office is seeking a $230 million fine against British Airways and seeking $124 million from Marriott. Facebook is setting aside $3 billion to cover the costs of a privacy investigation launched by US regulators.

    This session will take a practical approach to address guidance and standards from the Federal Financial Institutions Examination Council (FFIEC), EU GDPR, California CCPA, NIST Risk Management Framework, COBIT and the ISO 31000 Risk management Principles and Guidelines.

    Learn how new data privacy and security techniques can help with compliance and data breaches, on-premises, and in public and private clouds.
  • Threat Hunting - An Introduction Recorded: Dec 19 2019 67 mins
    David Morris, Reid Eastburn and Skeet Spillane
    This Session will be the first in a series on Threat Hunting. This kick-off session will introduce the concept of Threat Hunting as there is a lot of confusion about this important activity. Specifically, we will cover what it is, how it is performed, its’ role and some of the best Tools to use as a Threat Hunter.
  • The Day When Role Based Access Control Disappears Recorded: Nov 25 2019 62 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    We will discuss the Good, the Bad and the Ugly of Role Based Access Control. We will review access control in systems where multiple roles are fulfilled and compare MAC, DAC and RBAC.

    We will present the "next generation" authorization model that provides dynamic, context-aware and risk-intelligent access control. We will discuss Identity Management, Data Discovery, AI, policy-based access control (PBAC), claims-based access control (CBAC) and key standards, including XACML and ALFA.
  • Emerging PCI DSS v4 Data Security and Privacy for Hybrid Cloud Recorded: Nov 20 2019 61 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    The upcoming PCI DSS version 4.0 will include many new or revised requirements and compensating controls will be removed It will include support for a range of evolving payment environments, technologies, and methodologies for achieving security. PCI DSS v4.0 further supports the use of different new technologies. The new validation option gives organizations the flexibility to take a customized approach to demonstrate how they are meeting the security intent of each PCI DSS requirement. This customized approach supports organizations using security approaches that may be different than traditional PCI DSS requirements.

    Through customized validation, entities can show how their specific implementation meets the intent and addresses the risk. Unlike compensating controls, customized validation will not require a business or technical justification for meeting the requirements using alternative methods, as the requirements will now be outcome-based.

    We will discuss how PCI DSS v4 may impact:

    - Implementation of the new “Customized Controls”
    - Cloud implementations
    - Compliance cost
    - Changes in liability
    - Relation to the 49 new US State Laws
    - PII and PI privacy
    - Measure data re-identifiability for pseudonymization.
    - Apply data protection to discovered sensitive data
  • Advanced Data Discovery and Data Protection Recorded: Nov 13 2019 63 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    Join this interactive webinar as we discuss using advanced data discovery to find & inventory all personal data at an enterprise scale.

    Learn about new machine learning & identity intelligence technology, including:
    - Identify all PII across structured, unstructured, cloud & Big Data.
    - Inventory PII by data subject & residency for GDPR.
    - Measure data re-identifiability for pseudonymization.
    - Uncover dark or uncatalogued data.
    - Fix data quality, visualize PII data relationships
    - Apply data protection to discovered sensitive data.
  • Part 2: What can State and Local Governments do to Prevent Ransomware? Recorded: Oct 29 2019 61 mins
    David Morris, Roy Hadley, Reid Eastburn and Skeet Spillane
    This session will be a short recap of Session 1 and will then go into detail as to what State and Local Governments can do to prevent Ransomware Attacks.
  • Part 1: Why State and Local Governments are Prime Targets for Ransomware Recorded: Oct 22 2019 61 mins
    David Morris, Roy E. Hadley Jr., Reid Eastburn and Skeet Spillane
    This session will cover why State and Local Governments have headed the list of Ransomware Attacks. Part 1 will delve into why is this the case and Part 2 will address what can be done to prevent these attacks.
  • What Happens When Your Bank is Hacked? Recorded: Oct 15 2019 61 mins
    David Morris, Lance James, Steven Teppler, and Mark Rasch
    This session will delve into the legal responsibilities of your Bank's liability and your requirements to protect your banking credentials from the unauthorized transfer of funds as a result of a hack.
  • Live Interview with Graeme Payne, former VP and CIO of Equifax Recorded: Oct 14 2019 61 mins
    David Morris, Graeme Payne and Reid Eastburn
    Tune in for this live interview with Graeme Payne, former VP and CIO for Global Corporate Platforms at Equifax. This session will give you first hand insights into what happened at Equifax, and lessons learned.
  • Practical Risk Management for the Multi-Cloud Recorded: Oct 10 2019 62 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    This session will take a practical approach to IT risk management and discuss multi cloud, Verizon Data Breach Investigations Report (DBIR) and how Enterprises are losing ground in the fight against persistent cyber-attacks. We simply cannot catch the bad guys until it is too late. This picture is not improving. Verizon reports concluded that less than 14% of breaches are detected by internal monitoring tools.

    We will review the JP Morgan Chase data breach were hackers were in the bank’s network for months undetected. Network configuration errors are inevitable, even at the largest banks as Capital One that recently had a data breach where a hacker gained access to 100 million credit card applications and accounts.

    Viewers will also learn about:
    - Macro trends in Cloud security and Micro trends in Cloud security
    - Risks from Quantum Computing and when we should move to alternate forms of encryption
    - Review “Kill Chains” from Lockhead Martin in relation to APT and DDoS Attacks
    - Risk Management methods from ISACA and other organizations

    Speaker: Ulf Mattsson, Head of Innovation, TokenEx

    ----------------------------------------
    Join BrightTALK's LinkedIn Group for IT Security Insights: http://bit.ly/2IsbauU
  • What is Zero Trust and How to Implement it Recorded: Sep 27 2019 49 mins
    David Morris and Juanita Koilpillai
    This session will define and delve into the concept of Zero Trust and how to best implement a Zero Trust Architecture
  • The Day When 3rd Party Security Providers Disappear into Cloud Recorded: Sep 26 2019 62 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    How should we prepare for this new brave world where many 3rd party security providers disappeared into cloud providers? This will greatly impact many 3rd party security vendors, organizations and investors.

    Cloud transformations are accelerating. By 2020, cloud will increase by 157% and on-premises ’traditional’ IT infrastructure will decrease by 54%, according to 452 Research, 2018.

    We will cover how many security solutions will change, including:
    - WAF – Web Application Firewalls
    - SIEM
    - Firewalls
    - Encryption
    - Tokenization
    - Key Management
    - AV – Anti Virus
    - Network
    - And more...

    ----------------------------------------
    Join BrightTALK's LinkedIn Group for IT Security Insights: http://bit.ly/2IsbauU
  • Emerging Application and Data Protection for Multi-cloud Recorded: Sep 25 2019 62 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    With sensitive data residing everywhere, organizations becoming more mobile, and the breach epidemic growing, the need for advanced identity and data protection solutions has become even more critical.

    Join this webinar to learn more about:
    - Data Protection solutions for the enterprise
    - Trends in Data Masking, Tokenization and Encryption
    - New Data Protection Standards from ISO and NIST
    - The new API Economy and how to control access to sensitive data — both on-premises, and in public and private clouds
    - The llatest developments in IAM technologies and authentication

    ----------------------------------------
    Join BrightTALK's LinkedIn Group for IT Security Insights: http://bit.ly/2IsbauU
Comprehensive Information Security Management and Compliance
The Cybersecurity- No Spin Zone is dedicated first and foremost to educating viewers about Cybersecurity Technologies, Problems, Compliance and Legal FACTS. We are not a Vendor Sponsored Channel, this gives us the unique ability to bring you factual unbiased information and advice from subject matter experts.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Utilizing a Digital Risk Management Framework for Securing the Cloud
  • Live at: Feb 22 2019 6:00 pm
  • Presented by: Bob Liscouski, Juanita Koilpillai and David Morris
  • From:
Your email has been sent.
or close