CMDSP - Mobile Security for the Mobile IT Administrator
ITPG Secure Compliance's Cybercast series proudly presents : CMDSP - Mobile Security for the Mobile IT Administrator.
Come join us for a discussion on the advent of the Mobile IT Administrator position, and how CMDSP is helping organizations improve their enterprise mobility management strategy.
ITPG Secure Compliance has invited Mr. Ken Lloyd, CMDSP's Board members and CTO for Mi3 Security, a leader in Mobile Application Risk Intelligence and Mobile Threat Defense. With 18 years focused on creating powerful Mobile and Security solutions for Enterprises, SMB's and Consumers. Recognized as a Subject Matter Expert (SME) in Mobile Security, Security Awareness and IT Security.
RecordedAug 10 201754 mins
Your place is confirmed, we'll send you email reminders
Choosing cyber vendors and balancing budgets can be a challenge. We want to help cut through the clutter and show how we build a cybersecurity budget and identify spending needs an organization needs to immediately address. This is a two-part webinar series where you will learn how to approach the cybersecurity budgeting process (as well as see common mistakes to avoid) and how to build your own cyber budget. We will offer a budget plan worksheet to guide you along the way and share best practices and takeaways.
In early 2000, the Open Source Security Testing Methodology Manual (OSSTMM) was released with the primary objective of improving how the enterprise conducted security testing. Key sections of this methodology include operational, human, physical, wireless, telecommunication, and data network security testing. Today, OSSTMM is widely regarded as a methodology for penetration testing world-wide, offering a standard approach to conducting security testing.
Frank Shirmo of ITPG Secure Compliance, a Cyber Security Boutique in Northern Virginia will be joined by Pete Herzog, the creator of OSSTMM, to answer key questions, and provide clarifications on OSSTMM for CTOs, CISOs, CIOs, Security Engineers and Analysts, and all other stakeholders interested in the topic of security testing.
Robert Johnston, CEO & Co-Founder, Tim Stacey, Ph.D., Director of Data Science & Tim Evans, SVP & Co-Founder of Adlumin Inc
Sophisticated, targeted attacks can take weeks, months, or longer to discover and resolve. Security teams need tools that quickly uncover the source and scope of an attack to reduce time-to-resolution, mitigate ongoing risk, detect attacker breakout, and further fortify the network.
During the Webinar, You will Have Hands-On Control of the Adlumin Platform and Learn:
•Why User & Entity Behavior Analytics (UEBA) is the key to determining whether you have an intruder in your network today.
•How UEBA and Adlumin’s SIEM technology are advancing cybersecurity
•Why you need the Adlumin Platform to help you visualize privilege in Active Directory
Robert Johnston, CEO & Co-Founder, Tim Stacey, Ph.D., Director of Data Science, and Col.(Ret) Tim Evans, SVP & Co-Founder of Adlumin Inc. Rob Johnston was the incident responder for the Democratic National Committee (DNC) investigation in 2016 and started U.S. Cyber Commands first Cyber Protection Team (CPT).
Join this webinar to hear from past students and current champions discuss how the SANS CyberTalent program is changing lives and closing the workforce gap. The cybersecurity workforce gap can be partly solved through increasing diversity. Organizations like SANS CyberTalent and the WSC are reaching into communities throughout Maryland and the US searching for professionals with technical appitude but new to cybersecurity.
These academies are designed to help qualified veterans and women receive training and certifications to quickly and effectively launch careers in cybersecurity. The Immersion Academy is an intensive, accelerated program designed for completion in six to eight months, depending upon program selected. The program is at NO COST to the students selected.
Come listen to learn:
• What the selection process includes and important application tips
• Understand what kind of training is provided (length and format)
• Hear from a recent graduate who will share her experience
• How this training academy and related certifications can help your career
Dr. Shawn P. Murray, President, Murray Security Services & Consulting
Artificial Intelligence (AI) is quickly gaining recognition as a viable method to increase successful problem solving, advance research in areas that exceed human capabilities and are automating menial processes to increase efficiency and productivity in expediential time. In the future, your interface with a human doctor may be limited, as AI gains more prominence in the medical industry diagnosing patients and determining levels of care. AI is being used to develop humanoids for companionship and is providing additional conveniences that are starting to alarm some organizations. There is a sense that the pace of AI is growing so fast that it may be impacting areas that are not getting the attention required to address various risks. Cybersecurity issues continue to arise regarding the integration of AI in computer systems, network and software platforms and the growing advances in IoT devices. As various industries invest in AI technology, CIOs, CISOs, researchers and manufacturers need to be working together to ensure cybersecurity and other safeguards are being considered in the design phase before allowing AI technology into the computing environment.
Matt Mosley | Patrick Cable | Paul Williams | Jay Jacobs | Laurance Dine
It's everyone's favorite time of year. What will we learn from this
year's breach reports? Join us as we review the latest data, look for
lessons and trends, and help you understand what it all means. Our
panel of experts will focus on how security professionals can learn
from the data, and hopefully avoid becoming a statistic for next
Jerry Caponera is the VP Cyber Risk Strategy at Nehemiah Security
Cyber has yet to be fully integrated into the suite of business functions and monitored risks within most organizations. GRC is the mechanism to align cyber and the business, but it’s current state is not sufficient. Governance hierarchy is ineffective (CISOs reporting to the CIO or COO), Risk leveraging ambiguous risk measurements, and Compliance mistaken as security. Moving forward, Governance must be redefined, making CISOs business leaders, reporting to the Board. Risk should leverage traceable data to measure in a common business language. Compliance should be the baseline for security initiatives, not the end goal. When these initiatives can be achieved, GRC will transform cyber into a business enabler.
Jerry Caponera is the VP Cyber Risk Strategy at Nehemiah Security where he leads the effort to quantify cyber risk in financial terms. Prior to Nehemiah he founded PivotPoint Risk Analytics which focused on cyber risk quantification through value-at-risk modeling and simulations. Jerry has a broad background in cyber, having worked for incident response, malware analysis, and services companies. He has spoken at a number of conferences worldwide including ISS World MEA in Dubai, InfoSecurity Russia in Moscow, and TM World Forum in Nice, France. He holds an MBA from the University of Massachusetts, an MS in Computer Science from the University of Pennsylvania, and a BS in Electrical Engineering from the University of Buffalo.
Dr. James Stanger Chief Technology Evangelist, CompTIA
One of the more interesting-sounding job skills today is that of the “threat hunter.” Let’s talk about the activity of “threat hunting,” and deconstruct it a little bit. The idea behind threat hunting is to proactively look for adversaries and for traces of their activity. So, is threat hunting all that it’s cracked up to be? Is looking for trouble really the best approach today? It’s very possible that the one key element of threat hunting is one fundamental assumption: That you’ve already been hacked, but you just don’t quite realize it yet. In this presentation, James will discuss the benefits and drawbacks of “active defense,” and where it fits in with other security activities.
Lisa Jiggetts, Founder, President & CEO of the Women's Society of Cyberjutsu
Security operations face intensifying pressures along numerous fronts, including a constantly shifting threat landscape, an increasingly complex environment to defend, and an extreme shortage of skills. This panel of distinguished security experts will discuss the role that competitions – at the primary school, collegiate and professional levels – can play in attracting workers to the security arena, growing their skills, and developing methods to identify and defend against the greatest threats and risks of the day.
Lisa Jiggetts, the Founder & CEO of the Women's Society of Cyberjutsu, one of the fastest growing nonprofits dedicated to women in cybersecurity, will spearhead this panel of experts is cyber security and competitions.
Other panelists include Mika Devonshire, Director of Forensics and Cyber Risk Analytics at SSIC; Marcelle Lee, Threat Researcher at LookingGlass Cyber Solutions; and Dan Manson, Professor of Computer Information Systems at Cal Poly Pomona.
Hari Pendyala | S.A. Srinivasa Moorthy | Chris Rouland | Matthew Crouse
The prolific outburst of IoT devices in our lives has become a boon or a curse. Boon as they make it easy to interact with "Things" and Curse as they make it easy for hackers to invade our privacy and breach security.
Implementing Security in IoT devices is still after thought.This webinar looks at the challenges of securing IoT devices against threats and discusses about the options available to secure these devices.
GDPR is a huge topic, with issues ranging from "What does it mean to my business processes?" to "Do I have to care about it?" And that's besides the technical bits! Together, let's explore what it means for a sample company. We'll discuss data, geography, and business processes. You'll learn about some of the pitfalls, and some of the opportunities inherent in GDPR. And maybe we can make it work for you, instead of causing a headache. Want to find out? Just show up.
Joshua Marpet is an accomplished speaker, long time information and physical security practitioner, as well as a start up CEO and serial entrepreneur.
He has presented on topics ranging from Facial Recognition to National Security, to audiences from government agencies, law enforcement, Fortune 5 companies, and many others. His research encompasses Digital Forensics, business security maturity, and how not to start an information security business!
Joshua has been in the hot seat, at all levels of IT and Infosec. From the Federal Reserve, to law enforcement, to being an entrepreneur, Josh has been there. Let's talk.
Mark Kadrich | James Grundvig, Myntum Ltd. | Peter Linder | Brian Russell, Leidos
We will be examining blockchain technology and its proliferation in our data security architectures. Our speakers will discuss their experiences with BC technology, how it’s working today, plans for taking advantage of it in the future, and possible technical issues that may affect its long term efficacy.
Jeff Schmidt, VP & Chief Security Officer, Columbus Collaboratory
In this session, you will learn how an offense-informed defense approach will enable your security team to cut through the noise, be more effective at both identifying the most likely and riskiest attacks and thwarting them faster at less cost. We will discuss how to understand not only the attack vectors, the attackers’ tactics, techniques and procedures but also the residual effects so that, in an environment of almost immeasurable alerts and alarms, your team can focus on the indicators that are the most important.
Jeff Schmidt, VP and Chief Cyber Security Innovator at Columbus Collaboratory is an accomplished cybersecurity expert with a background in security and risk management. He founded JAS Global Advisors LLC, a security consulting firm in Chicago, and Authis, a provider of innovative risk-managed identity services for the financial sector. Jeff is a board member for Delta Risk LLC, A Chertoff Group Company, a global advisory firm focused on security and risk management. In 1998, he worked with the FBI to create the InfraGard Program, receiving commendations from the Attorney General and the Director of the FBI. He is an adjunct professor of systems security engineering at the Stevens Institute of Technology and a Zurich Cyber Risk Fellow, Cyber Statecraft Initiative, at The Atlantic Council. Jeff received a Bachelor of Science in computer information systems and an MBA from the Fisher College of Business at The Ohio State University.
This webinar will provide an overview of the future of passwords. Passwords have become very important, protecting a treasure trove of information. You will get an inside look at the techniques and tactics used conduct password attacks. We will discuss the various countermeasures available, new improvements made to the latest operating systems to prevent successful password attacks, and how the industry is trying to eliminate passwords. We will conclude by discussing ways we can potentially circumvent new countermeasures.
Hamza Sirag Hamza is currently an Information Security consultant. He has spent the majority of his time immersed in the world of cybersecurity. He has had the opportunity to lead complex penetration tests for a variety of federal and commercial clients. He is the founder of Beltway Hackers, a Northern VA based meetup group focused on offensive cybersecurity. https://www.meetup.com/Beltway-Hackers
Jack Koziol, InfoSec Institute | Robb Reck, Ping Identity | Marnie Wilking, Orion Health | Michael Towers, Allergan
Beating Hackers at Their Own Game: Security Awareness Strategies That Work
If 2017’s explosion of cybersecurity breaches taught us anything, it’s that our workforces, more than ever, are one of our most critical defenses. But with as much as 30% of employees unable to spot a phishing email, how do you keep hackers from hijacking your data? The seemingly obvious answer is security awareness training. Unfortunately, many security education programs today fail to sufficiently change employees’ security attitudes, skills and behaviors -- providing a false sense of protection and safety. Even worse, 48% of companies do not have an employee security education program.
If your New Year’s infosec resolutions include launching a security awareness initiative, or reviving an existing one, what better way to guarantee results than to learn from pros who have been in your shoes. Join our expert panel as they share:
● Their most effective security awareness strategies to improve your organization’s security posture
● Proven methods to get employees to take security seriously (before a breach occurs)
● Security awareness program pitfalls to avoid and biggest lessons learned
● Predictions on what will cyber attacks will look like in the next couple years and what you should do in your security awareness program today to prepare
At the end of 2017 there were more than a million new malware samples found for Windows per day. The old ways of protecting computers are not powerful enough anymore. Join to learn how one of the leading security experts in the world, Sami Laiho, explains how to protect your endpoints proactively. You’ll learn tips & tricks on how to implement hard disk encryption, Whitelisting and Principle of Least Privilege.
Sami Laiho is one of the world’s leading professionals in the Windows OS and Security. Sami has been working with and teaching OS troubleshooting, management, and security for more than 15 years. Sami’s session was evaluated as the best session in TechEd North America, Europe and Australia in 2014, and Nordic Infrastructure Conference in 2016 and 2017. At Ignite 2017 Sami was evaluated as the Best External Speaker! Sami is also an author at PluralSight and the newly appointed conference chair at the TechMentor conference.
Pete Lindstrom, IDC | Randy Sabett, Cooley LLP | Mathieu Gorge, Vigitrust | Brad Keller, Prevalent | Jim Jaeger, Arete
We are all concerned about Privacy. Every day there we hear about multiple PII breach announcements. Our current solution – lets create laws to require announcements and levy fines to encourage proper activities and protections. With GDPR looming on the horizon, as the most recent and perhaps the most comprehensive regulation yet, we find ourselves wondering if others will adopt similar regulations. If so, do we as security professionals need to be concerned about our ability to perform forensic analysis, and gather information outside of our realm of direct influence to identifier a hacker? Do elements of GDPR create a situation in which hunting for a hacker might violate their privacy rights? In the end will companies still be able to monitor and protect their assets as they do today, or will it require a change? This webinar will provide insight into the Privacy vs Security Debate.
With cybersecurity concerns escalating, organizations of all sizes have scrambled to boost budgets, hire talent and improve security operations – all in the hopes of catching up with and defeating a sophisticated and nearly-invisible enemy. But in this rush to build the SOC according to perceived industry best practices, have we truly optimized our human, technological and procedural resources? Or are we all SOC, and no action? If we took a moment to regroup and build the whole system again from scratch, would it be better than the SOC we’ve reached today by throwing resources at the problem? And if so, where did we go wrong – and how do we course correct? Join a panel of experts to discuss their visions of the perfect SOC and its top priorities while exploring how it can be evolved to achieve them.
Jason Dion, CISSP - Cyber Security Trainer at Dion Training Solutions
A brief overview of the Attacker's Methodology. In this webinar we began our quest to think like an attacker. We will cover the 6 stages of an attack: reconnaissance, scanning & enumeration, gaining access, escalating privileges, maintaining access, and covering your tracks.
In early 2000, the Open Source Security Testing Methodology Manual (OSSTMM) was released with the primary objective of improving how the enterprise conducted security testing. Key sections of this methodology include operational, human, physical, wireless, telecommunication, and data network security testing. Today, OSSTMM is widely regarded as a methodology for penetration testing world-wide, offering a standard approach to conducting security testing. Frank Shirmo of ITPG Secure Compliance, a Cyber Security Boutique in Northern Virginia will be joined by Pete Herzog, the creator of OSSTMM, to answer key questions, and provide clarifications on OSSTMM for CTOs, CISOs, CIOs, Security Engineers and Analysts, and all other stakeholders interested in the topic of security testing.
Founded in 1999, ITPG Secure Compliance is dedicated to preventing information security breaches that put organizations at risk of noncompliance. Based in Vienna, VA, our subject matter experts are sought-after authorities on PCI DSS, HIPAA Security and Privacy Rule, FERPA and other industry security requirements. Our IT security consultants and virtual CISOs have decades of experience assessing security risks and vulnerabilities, recommending mitigation strategies and mapping remediation plans to strengthen enterprise security posture. We work with corporate, association, and state agency clients that span multiple industries and for multiple resellers. Visit our web site www.itpgsecure.com