Hi [[ session.user.profile.firstName ]]

The Missing Link in the Supply Chain

In recent years, the global supply chain has become the new"playground for hackers". With supply chain inherently having numerous links (from suppliers to manufacturers to distributors), the number of potentially exploitable relationships makes it an attractive target. This presentation includes the 'how' and the 'why' of supply chain attacks and describes several notable malware campaigns affecting supply chain in multiple industries
Recorded Aug 1 2018 56 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Chris Hall
Presentation preview: The Missing Link in the Supply Chain

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • How to make DevSecOps a Reality Recorded: Oct 28 2019 59 mins
    Sushila Nair NTT DATA, Setu Kulkarni WhiteHat Security, Larry Quick NTT Ltd, Sanjiev Chattopadhya Blackboard
    Custom code is the way that we are optimizing and creating new business opportunities but it is also the way that we are being attacked. Learn how to integrate security into DevOps and manage the risk posed by application development in such a way that speed and agility are not sacrificed.
  • The Missing Link in the Supply Chain Recorded: Aug 1 2018 56 mins
    Chris Hall
    In recent years, the global supply chain has become the new"playground for hackers". With supply chain inherently having numerous links (from suppliers to manufacturers to distributors), the number of potentially exploitable relationships makes it an attractive target. This presentation includes the 'how' and the 'why' of supply chain attacks and describes several notable malware campaigns affecting supply chain in multiple industries
  • Best Practices for Securing Your Enterprise Recorded: Jul 17 2018 58 mins
    Sushila Nair (NTT DATA Services) | Sergio Caltagirone (Dragos) | Chris Sestito (Cylance) | James Ignacio (JFI Cyber)
    Cybercriminals are constantly innovating ways to infiltrate your organization, and steal your valuable data. With an ever expanding attack surface, security professionals are struggling to secure the enterprise.

    Join this roundtable discussion with top security experts to learn more about:
    - What's new on the cyber threat landscape
    - Why cyber threat intelligence Is more critical than ever
    - How to prevent and protect against breaches
    - What tools and approaches should security teams use
    - Why network visibility and actionable data about attackers is key
    - Best practices and expert recommendations on improving your enterprise security

    - Sushila Nair, Sr. Director, NTT DATA Services
    - Sergio Caltagirone, Director of Threat Intelligence, Dragos
    - Chris Sestito, Director of Threat Research, Cylance
    - James Felix Ignacio, Founder & CEO, JFI Cyber Solutions
  • Stopping the Hack: Using Advanced Analytics to Detect and Respond to Attacks Recorded: Nov 16 2017 59 mins
    Christopher Camejo, Director of Product Management for Threat Intelligence at NTT Security
    Getting hacked is now a matter of “when”, not “if. As a result, the ability to detect and respond to attacks before significant damage is done has become one of the most important issues in information security.

    A wide variety of tools and services are available with new technologies and capabilities being introduced regularly.

    We will take a look at the important considerations for organizations seeking to monitor their network security via in-house resources, commercial tools, and/or managed security services. This will include important factors that will dictate the cost and effectiveness of security monitoring efforts.

    About the Presenter:
    Christopher Camejo has more than 18 years of security experience, and has been with NTT Security for over 15 years with experience in the Security Operation Center, developing and supporting a managed email security service, and implementing security solutions before moving on to start the US ethical hacking team and GRC practices. He has coordinated and conducted numerous large-scale, multi-discipline penetration tests and PCI assessments for NTT Security’s global clients.

    As part of NTT Security’s threat intelligence capabilities, Chris follows the latest tactics and techniques of attackers, coordinates NTT Security’s vulnerability identification and disclosure activities, and helps educate NTT Security’s clients, clients from various other NTT operating companies, and the public on how to address strategic information security risks. He has presented at RSA Conference, Infosec World, the ISSA Conference, Computerworld Expo, and at United States Secret Service Electronic Crimes Task Force meetings.
  • Preparing for the Ransomware Pandemic Recorded: Sep 28 2017 56 mins
    Sushila Nair, Security Principal at NTT Security
    Ransomware has become a cybersecurity pandemic with damages from this type of cyber attack predicted to exceed $5 billion in 2017.

    Join this interactive webinar presentation to learn more about:
    - Ransomware, its evolution and common techniques used to extract money
    - How ransomware may evolve in the future
    - What types of protection you can put in place
    - What devices you to can use to provide you with the capability to protect your organization
    - How you can detect attacks
    - How to respond and recover following a ransomware attack

    About the Presenter:
    Sushila Nair, CISA, CISSP, CISM, CRISC is on the board of the Greater Washington DC Chapter of ISACA and a security principal at NTT. Sushila has over twenty years’ experience in computing infrastructure, business and security and has worked in a number of diverse areas — telecommunications, risk analysis, credit card fraud, and has served as a legal expert witness. Sushila worked with the insurance industry in Europe and America on methods of underwriting e-risk insurance based on ISO27001. She has published numerous articles in the computing press, and has spoken at Microsoft CACs Seguruinfo, TechED, FinSec and many other global technical events on diverse subjects ranging from mobile security to security baselines.
  • Finding Stolen Data Recorded: Aug 10 2017 49 mins
    Kirby Plessas
    Regardless of how the material is maliciously obtained, finding stolen data efficiently - before your customers know they have been compromised - is a critical component of information security. Using the Open Source Intelligence methodology presented in this workshop, the information security professional can search and monitor for stolen data as well as users linking to and advertising the sale of your customers' data. With live examples from the dark web, this fast paced tutorial lays the groundwork for safe, effective investigations and includes searching with advanced search operators, email addresses, usernames and people searches in both the public internet as well as the dark web.
  • Insider Cyber Theft and Sabotage: How Does It Work and How Can We Stop It? Recorded: Jun 21 2017 44 mins
    Dawn Cappelli, VP & CISO at Rockwell Automation
    In the current threat environment – with threat actors like North Korea targeting Sony Pictures and Russian hackers targeting the Ukraine power grid – it is important that organizations consider the potential harm that could result from a malicious insider in the organization.

    Learn from a series of real life insider attacks why you should be motivated to mitigating this risk in your own organization. Then learn what you can do about it. Insider threats are happening every day, and it’s fairly easy and inexpensive to start building an effective Insider Risk Program if you understand what to do. It takes teamwork and buy-in from the top, but you’ll be amazed at what you can do with technologies you already have in place. And if you already have a program that’s great – you will learn how to mature that program to mitigate the very serious threat of insider cyber sabotage.

    About the Presenter:
    Dawn is responsible for Rockwell Automation’s global information security program, using a risk-based approach to ensure the company’s products and infrastructure are secure. Dawn’s team collaborates closely with the product security team, and is also responsible for the insider risk program, behavioral analytics, and document retention. Dawn started at Rockwell Automation in 2013 as their Director of Insider Risk, and was named Vice President and Chief Information Security Officer in 2016. Prior to joining Rockwell, Dawn was Founder and Director of Carnegie Mellon’s CERT Insider Threat Center. Before that she developed software for nuclear power plants for Westinghouse. She is a co-author of the book "The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud),” and is on the RSA Program Committee and DSAC Leadership Council for Intelligence and Threats.
  • Protecting Your Revenue, Reputation and Meeting Regulatory Requirements Recorded: May 16 2017 62 mins
    Doug Howard, Steve Bergman, Marty Colburn, and Larry Whiteside Jr.
    Join this panel of seasoned cyber security executives as they discuss the trends shaping the fintech security landscape in 2017.

    From getting the most out of your investments, to meeting regulatory requirements while reducing risk and improving your cybersecurity posture, join the discussion and learn the latest on:
    - Creating a risk based roadmap to allow for prioritizing of resources and projects for the best outcome
    - Understanding and inventorying your most critical assets (upstream and downstream) from Customers’ Data to dependent/supporting systems
    - Updates on breach expenses and impacts to a company’s reputation
    - Evolving regulatory requirements in a common way to map to a security framework of common investment

    Panel Moderator:
    - Doug Howard, VP Global Services, RSA; Prior VP of Security and Business Continuity at AT&T

    - Steve Bergman, Sr. Partner, Fortium Partners; Prior CIO Easter Seals and Goodwill Industries
    - Marty Colburn, Managing Partner, Cloud Partners; Prior CTO FINRA
    - Larry Whiteside, Co-founder and VP, International Consortium of Minority Cybersecurity Professionals (ICMCP); advisor and board member multiple security companies
  • ISACA Certifications Information and Update Recorded: Mar 29 2017 43 mins
    Kim Cohen
    Becoming ISACA certified is one of the best ways to prove you have the knowledge and expertise to secure the modern enterprise against escalating IT-related threats and get ahead in your career. Attend this webinar and learn about the CISA, CISM, CGEIT, CRISC certifications, as-well as ISACA’s CSX performance-based cyber security products.
  • The State of Cyber Defense in the Age of Hacks, Breaches and IoT Recorded: Mar 14 2017 64 mins
    Fred Wilmot (PacketSled), Usman Choudhary (ThreatTrack), Sushila Nair (NTT) Chris Roberts (Acalvio), Joseph Carson(Thycotic)
    Today, every organization is at risk of cyber attacks. It is no longer the question of if, but when. Attackers are motivated, sophisticated and not limited by national borders. With IoT devices increasing in adoption and becoming intrinsic elements in our smart city infrastructure, industrial control systems and transportation systems, improving cybersecurity is essential.

    Join this keynote panel and learn the latest trends in cyber attacks, hacks and breaches in an increasingly IoT world, and the recommendations on how to strengthen the security of our most critical assets.

    - Fred Wilmot, CTO of PacketSled

    - Usman Choudhary, Chief Product Officer at ThreatTrack
    - Chris Roberts, Chief Security Architect at Acalvio
    - Sushila Nair, Principal Consultant at NTT Security
    - Joseph Carson, Chief Security Scientist of Thycotic
  • Climbing the Corporate Ladder… in (Tasteful) High Heels Recorded: Feb 16 2017 62 mins
    Jo Stewart-Rattray (BRM Holdich) & Theresa Grafenstine (US House of Representatives)
    For many years, women have represented roughly half of all university graduates. Yet, there is a lingering imbalance of women that progress to senior leadership positions.

    Join two industry trailblazers, Jo Stewart-Rattray, the first woman to serve as CIO with responsibility for both operational and business IT in the Australian utilities space and Theresa Grafenstine, the first woman to serve as the Inspector General of the US House of Representatives, as they discuss how they cracked through the proverbial glass ceiling.

    Attendees will get practical advice on becoming a trusted advisor, building your personal brand, joining the “Old Boys Club,” and the art of gaining influence.

    Jo and Theresa will also reflect on their careers and share lessons learned on the bumps and bruises they encountered along the way with “What they wished they knew 20 years ago…”

    At the end of what will surely be a spirited discussion, attendees will have a chance to pose questions to these two role models who blazed a trail for women in the IT profession.
Live webcasts for Cybersecurity and IT governance professionals
The GWDC Brighttalk channel provides thought leadership and technical information in the area of Risk, Governance and Cyber Security. The GWDC is one of the oldest ISACA chapters and has a strong history of serving it's members. The Chapter is comprised of over 3,100 members in a variety of IT professions across the Washington D.C. Metropolitan area.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: The Missing Link in the Supply Chain
  • Live at: Aug 1 2018 4:00 pm
  • Presented by: Chris Hall
  • From:
Your email has been sent.
or close