Name: Cyber Authors Ep.2: A Practical Guide for CISOs
Start: 2021-01-13T18:00:00Z
End: 2021-01-13T18:56:07.000Z
Location: BrightTALK
Rating: 4.67

As an organization, we aim to inspire confidence in technology professionals that enables innovation through technology. Come join us to learn about the latest in cybersecurity, information assurance, audit, risk and governance from industry experts, and learn more about ISACA certifications and projects. 


As users cost organizations billions of dollars due to simple errors or malicious actions, organizations believe that they have to improve their awareness efforts to make more secure users. The reality is that it takes a multilayered approach that acknowledges that users will inevitably make mistakes or have malicious intent, and the failure is in not planning for that. 

Using lessons from tested and proven disciplines like military kill-chain analysis, counterterrorism analysis, industrial safety programs, and more, join Sushila Nair with author Ira Winkler on how to determine the appropriate countermeasures to implement and prevent cybersecurity breaches and other user-initiated losses. Join now and learn how to:

-Minimize business losses associated with user failings
-Proactively plan to prevent and mitigate data breaches
-Optimize your security spending
-Cost justify your security and loss reduction efforts
-Improve your organization’s culture

Business technology and security professionals will benefit from the information provided by these two well-known and influential cybersecurity speakers and experts.


This episode is part of Cyber Authors, a new series with Sushila Nair. We welcome viewer participation and questions during this interactive interview.

Cyber Authors Ep.4: Stopping Losses from Accidental and Malicious Actions

Mentoring programs can increase knowledge and build skills for future goals and milestones, allowing your workforce to grow their skills organically and create cultures of collaboration and success. 

Join Part 1 of our series to learn how to design a mentoring program for women and minorities in security that actually delivers for everyone involved. 
- Learn from experts on how to design a mentoring program that delivers
- Understand how to make mentoring meaningful for your organization
- Learn what strategic planning steps are critical to make the plan a success

Speakers:
- Virginia "Ginger" Spitzer, Executive Director | ISACA, One In Tech Foundation
- Joy Harrison, Director, Leadership Development Center for Excellence | NTT DATA Services
- Sushila Nair, VP Security Services, Chief Digital Officer | NTT DATA Services
- Kwasi Mitchell, Chief Purpose Officer | Deloitte
This is Part 1 of our new series on mentorship produced by BrightTALK. Sign up for Part 2 via the link in the attachments.

Design a Mentoring Program That Delivers!

If you don’t fix your security vulnerabilities, attackers will exploit them. It’s simply a matter of who finds them first. If you fail to prove that your software is secure, your sales are at risk, too. 
 
Whether you’re a technology executive, developer, or security professional, you are responsible for securing your application. However, maybe you’re uncertain about what works, what doesn’t, how hackers exploit applications, or how much to spend. Or, maybe you think you do know, but don’t realize what you’re doing wrong.
 
To defend against attackers, you must think like them. Join Ted Harrington, author of HACKABLE: How to Do Application Security Right and learn:
- how to eradicate security vulnerabilities
- establish a threat model
- build security into the development process 

You’ll leave knowing how to build better, more secure products, gain a competitive edge, earn trust, and win sales.

This episode is part of Cyber Authors, a new series with Sushila Nair. We welcome viewer participation and questions during this interactive interview.

Cyber Authors Ep.3: How to Do Application Security Right

Theresa Payton, leading cybersecurity expert and first female Whitehouse CIO, discusses her book "Manipulated: Inside the Cyberwar to Hijack Elections and Distort the Truth." 

Theresa Payton tells battlefront stories from the global war being conducted through clicks, swipes, internet access, technical backdoors and massive espionage schemes. She investigates the cyberwarriors who are planning tomorrow’s attacks, weaving a fascinating yet bone-chilling tale of Artificial Intelligent mutations carrying out attacks without human intervention, “deepfake” videos that look real to the naked eye, and chatbots that beget other chatbots.

In this session, Theresa is joined by Sushila Nair where they will take a look inside the Cyberwar to hijack elections & distort the truth.

Join this webinar and learn:
- About our new era of hacked elections and non-stop disinformation campaigns
- From battlefront stories the effect of cyber conflict and its risks
- Who are the cyberwarriors who are planning tomorrow’s attacks
- The attacks of tomorrow including Artificial Intelligent mutations, “deepfake” videos that look real to the naked eye, and chatbots that beget other chatbots
- To build a plan so that individual citizens, big tech corporations, governments and the international community can push back

This episode is part of Cyber Authors, a new series with Sushila Nair. We welcome viewer participation and questions during this interactive interview.

Cyber Authors Ep.1: Inside the Cyberwar to Hijack Elections & Distort the Truth

In recent years, the global supply chain has become the new"playground for hackers". With supply chain inherently having numerous links (from suppliers to manufacturers to distributors), the number of potentially exploitable relationships makes it an attractive target. This presentation includes the 'how' and the 'why' of supply chain attacks and describes several notable malware campaigns affecting supply chain in multiple industries

The Missing Link in the Supply Chain

Regardless of how the material is maliciously obtained, finding stolen data efficiently - before your customers know they have been compromised - is a critical component of information security. Using the Open Source Intelligence methodology presented in this workshop, the information security professional can search and monitor for stolen data as well as users linking to and advertising the sale of your customers' data. With live examples from the dark web, this fast paced tutorial lays the groundwork for safe, effective investigations and includes searching with advanced search operators, email addresses, usernames and people searches in both the public internet as well as the dark web.

Finding Stolen Data

In the current threat environment – with threat actors like North Korea targeting Sony Pictures and Russian hackers targeting the Ukraine power grid – it is important that organizations consider the potential harm that could result from a malicious insider in the organization. 
 
Learn from a series of  real life insider attacks why you should be motivated to mitigating this risk in your own organization. Then learn what you can do about it. Insider threats are happening every day, and it’s fairly easy and inexpensive to start building an effective Insider Risk Program if you understand what to do. It takes teamwork and buy-in from the top, but you’ll be amazed at what you can do with technologies you already have in place. And if you already have a program that’s great – you will learn how to mature that program to mitigate the very serious threat of insider cyber sabotage.

About the Presenter:
Dawn is responsible for Rockwell Automation’s global information security program, using a risk-based approach to ensure the company’s products and infrastructure are secure. Dawn’s team collaborates closely with the product security team, and is also responsible for the insider risk program, behavioral analytics, and document retention. Dawn started at Rockwell Automation in 2013 as their Director of Insider Risk, and was named Vice President and Chief Information Security Officer in 2016.  Prior to joining Rockwell, Dawn was Founder and Director of Carnegie Mellon’s CERT Insider Threat Center. Before that she developed software for nuclear power plants for Westinghouse. She is a co-author of the book "The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud),” and is on the RSA Program Committee and DSAC Leadership Council for Intelligence and Threats.

Insider Cyber Theft and Sabotage: How Does It Work and How Can We Stop It?

Join this panel of seasoned cyber security executives as they discuss the trends shaping the fintech security landscape in 2017. 

From getting the most out of your investments, to meeting regulatory requirements while reducing risk and improving your cybersecurity posture, join the discussion and learn the latest on: 
- Creating a risk based roadmap to allow for prioritizing of resources and projects for the best outcome 
- Understanding and inventorying your most critical assets (upstream and downstream) from Customers’ Data to dependent/supporting systems 
- Updates on breach expenses and impacts to a company’s reputation 
- Evolving regulatory requirements in a common way to map to a security framework of common investment

Panel Moderator: 
- Doug Howard, VP Global Services, RSA; Prior VP of Security and Business Continuity at AT&T 

Panelists:
- Steve Bergman, Sr. Partner, Fortium Partners; Prior CIO Easter Seals and Goodwill Industries
- Marty Colburn, Managing Partner, Cloud Partners; Prior CTO FINRA
- Larry Whiteside, Co-founder and VP, International Consortium of Minority Cybersecurity Professionals (ICMCP); advisor and board member multiple security companies

Protecting Your Revenue, Reputation and Meeting Regulatory Requirements

Becoming ISACA certified is one of the best ways to prove you have the knowledge and expertise to secure the modern enterprise against escalating IT-related threats and get ahead in your career. Attend this webinar and learn about the CISA, CISM, CGEIT, CRISC certifications, as-well as ISACA’s CSX performance-based cyber security products.

ISACA Certifications Information and Update

For many years, women have represented roughly half of all university graduates.  Yet, there is a lingering imbalance of women that progress to senior leadership positions.  

Join two industry trailblazers, Jo Stewart-Rattray, the first woman to serve as CIO with responsibility for both operational and business IT in the Australian utilities space and Theresa Grafenstine, the first woman to serve as the Inspector General of the US House of Representatives, as they discuss how they cracked through the proverbial glass ceiling.  

Attendees will get practical advice on becoming a trusted advisor, building your personal brand, joining the “Old Boys Club,” and the art of gaining influence. 

Jo and Theresa will also reflect on their careers and share lessons learned on the bumps and bruises they encountered along the way with “What they wished they knew 20 years ago…”  

At the end of what will surely be a spirited discussion, attendees will have a chance to pose questions to these two role models who blazed a trail for women in the IT profession.

Climbing the Corporate Ladder… in (Tasteful) High Heels

Organizations are keenly aware of the existential threat that cyber risks now pose. The authors of the CISO Desk Reference Guide, Bill Bonney, Matt Stamper, and Gary Hayslip, grasp that reality and use their many years of experience to provide practical advice about how to function effectively in this role. 

The unique multi-author approach of the CISO Desk Reference Guide has produced a wealth of insight into the complex and challenging role of the Chief Information Security Officer, a role that increasingly anchors organizational risk management in all things cyber and digital. It's essential reading for both aspiring and incumbent Chief Information Security Officers. The CISO Desk Reference Guide (Volumes 1 & 2), help fill a critical gap in the ever-evolving information security common body of knowledge.

In this session, the authors, Bill Bonney, Matt Stamper, and Gary Hayslip, are joined by Sushila Nair where they discuss:

-The evolving CISO role and how best to embed it in the organization
-Fundamentals like data classification and controls
-Advice on tools and techniques
-Different perspectives on the foundations of organizational cybersecurity
-and more!

This episode is part of Cyber Authors, a new series with Sushila Nair. We welcome viewer participation and questions during this interactive interview.

Cyber Authors Ep.2: A Practical Guide for CISOs

CISO

Cyber Security

Cyber Attacks

Cyber Defence

Cyber Risk Management

Cyber Crime

Threat Defence

Data Management

Leadership

Security Strategy

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Many elements come into play when attracting the right talent. Is your careers page up-to-date? Does your website accurately represent your company culture and communicate it clearly to recruited applicants? In terms of internal processes, do you have an ongoing talent acquisition strategy? How efficient are your application screening and onboarding processes? Where and how are you looking for top candidates and are you enabling them to find you? Discover best practices and learn from industry thought leaders by joining the recruiting community.

Recruiting

Get powerful learning and development insights from influential experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge in the field.

Learning and Development

Human resources is intrinsically linked to business success and requires a thoughtful balance of a variety of complex issues. The human resources community on BrightTALK is made up of thousands of professionals in human resources exchanging human resources best practices and advice. Watch hundreds of on-demand webinars for immediate information or participate in upcoming live webinars and have your questions answered by respected HR thought leaders.

Human Resources

Leadership styles are continually evolving to incorporate new ways of thinking about employee satisfaction, motivation and performance. Find webinars and videos on the strategies, techniques and qualities that make an effective leader. By participating in this community you will gain insight into current leadership theories and how to optimize employee performance.

In the business management community, commercial experts will be sharing webinars and videos on an array of subjects. From sales and marketing, to finance, productivity and growth, this content will help you stay up-to-date with the current economic environment and provide timely management insight to drive business growth.

Cyber Authors Ep.2: A Practical Guide for CISOs

Presented by

About this talk

More from this channel