Hi [[ session.user.profile.firstName ]]

The Present and Future of Security Operations

If you struggle to keep up with the volume of alerts you receive daily, you’re not alone. More than 79% of information security professionals report alert fatigue. Organizations of all sizes and across the globe are realizing that in order to effectively mitigate risk, they need new strategies for detecting, triaging, investigating and responding to the growing volume of security alerts they receive.

Join this webinar to learn:

- Common challenges with Security Operations today

- Details of Enterprise Strategy Group’s SOAPA architecture vision

- Splunk’s SOC 2020 initiative and the 10 capabilities of the modern SOC

Jon Olstik,
Senior Principal Analyst and Fellow, Enterprise Strategy Group

Chris Simmons ,
Senior Product Marketing Manager, Splunk Inc.
Recorded Apr 16 2020 48 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jon Olstik, Sr. Principal Analyst & Fellow, Enterprise Strategy Group & Chris Simmons, Sr. Product Marketing Mgr, Splunk, Inc
Presentation preview: The Present and Future of Security Operations

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Cybersecurity in an Uncertain World - New Ways to Confront New Ransomware Threat Dec 16 2020 4:00 pm UTC 60 mins
    Lee Imrey, Splunk Inc. | Deborah A. Snyder, Center for Digital Government | Dan Lohrmann, Security Mentor Inc.
    State and local governments today face unprecedented threats to network security. Foreign hackers, ransomware attacks and other forms of malware have skyrocketed in recent years, costing governments millions of dollars in productivity. And these attacks don’t just cost money – they can potentially sideline hospitals, cripple emergency response efforts, and even shut down vital public infrastructure such as dams, energy grids and transit systems.

    The near-national lockdown in response to COVID-19 has exacerbated these threats, exposing governments to new vulnerabilities and even greater risks. Remote workers are more susceptible to phishing scams and other email hacks. And with tens of thousands of public employees suddenly working from home – often using their own devices on unsecured wireless networks – government systems are ripe for attack.

    In this extremely high-pressure time, it’s never been more important for governments to get it right on cybersecurity. This critical webinar will explore the latest emerging cyberthreats, and the strategies, best practices and technological tools that states and cities are using to meet the challenge.

    Join us for an interactive forum with public officials and industry experts, on issues including:
    • The biggest cybersecurity threats today – and the greatest emerging challenges for the future
    • The steps you can take right now to improve your protection and preparedness for ransomware attacks
    • How better analytics, monitoring and alerting can aid in threat detection and contextualization
    • Best practices and real-life use cases of cybersecurity innovation
  • New Normal of Digital Public Sector Services Dec 8 2020 5:00 pm UTC 59 mins
    Juliana Vida, Chief Technical Advisor, Public Sector, Splunk Inc. | Dugan Petty, Senior Fellow, Center for Digital Government
    Government agencies cannot afford to ignore digital transformation and e-Government initiatives anymore. Digital services like telehealth, distance learning, unemployment systems and transportation management require the highest levels of quality to ensure citizen well-being.

    Agencies were already under pressure to match private companies in offering highly available, high-performing digital services. Now, the coronavirus pandemic has accelerated that pressure overnight: Governments everywhere have been forced to provide digital access for crucial services, but public sector organizations continue to struggle with legacy forms of monitoring that decelerate or even impede the delivery of crucial services for citizens. Leading public sector organizations are adopting more comprehensive and data-driven approaches to monitoring that dramatically reduce outages and performance degradation to help ensure citizens, students, patients, and other stakeholders get continuous access to the services they need.

    Join us for an in-depth discussion with industry experts and public-sector leaders about digital service delivery, and what governments need to do now to meet the evolving needs of their constituents.

    In this complimentary one-hour webinar, you’ll learn:
    • How citizen experience and well-being can be improved with new approaches to monitoring
    • How emerging solutions offer comprehensive visibility into the full range of governments’ digital services
    • How analyzing operational data can help agencies understand performance bottlenecks and continuously improve efficiency
    • How to plan for and accommodate seasonal and cyclical changes in the demand for digital services
  • Battling the Cloud Complexity Challenges Dec 3 2020 5:00 pm UTC 54 mins
    James Hodge, Chief Technical Advisor, Splunk Inc. | David Linthicum, GigaOm Analyst & Chief Cloud Strategy Officer, Deloitte
    The shift to the cloud has greatly accelerated as organizations adapt to the challenges brought on by recent events and as they try to ignite innovation to compete with digital disruptors.

    Yet, cloud also creates a new challenge: dealing with complexity. In this webinar, Deloitte Chief Cloud Strategy Officer and GigaOm analyst, David Linthicum, and Splunk Chief Technical Advisor, James Hodge, discuss the strategies to take to overcome this complexity and realize the promised benefits of the cloud.

    Key topics include:
    - Why your cloud strategy needs a data strategy
    - Factors to consider when investing in DevOps
    - Securing a multi-cloud and hybrid environment
    - Monitoring and governing costs
  • Election Recap & Cybersecurity Lessons Learned Nov 19 2020 5:00 pm UTC 60 mins
    David Morris | Lee Imrey
    The 2020 U.S. presidential election has brought cyber security to the forefront for many in the U.S.

    From shedding light on disinformation campaigns aimed at disrupting the election, to testing voting machines and pentesting online voting apps, to raising awareness around the risk of ransomware and other attacks to local governments, voter registration databases, poll books and election reporting websites - security researchers and practitioners have been raising red flags throughout the election cycle.

    Join this episode of the Election Hacking series to learn about:
    - The 2020 election takeaways from a cybersecurity viewpoint: What went down, what could have gone better and how to better prepare for the midterm election in 2022
    - What the biggest election threats mean for your industry and organization
    - What have we learned and will it change anything in time for 2022
    - Post-election cybersecurity lessons for tech leaders

    - Lee Imrey, Security Strategist at Splunk

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • Aligning the Modern SIEM with MITRE ATT&CK Nov 17 2020 5:00 pm UTC 61 mins
    Kyle Champlin, Splunk Inc. | Ryan Kovar, Splunk Inc. | John Wunder, MITRE | Matt Valites, Cisco Talos
    Although MITRE ATT&CK is famous for making security analyst's lives easier, there is sometimes a learning curve to a company adopting the MITRE ATT&CK framework and implementing it into their SIEM. Join SIEM experts from the MITRE ATT&CK team, Cisco Talos Group, and Splunk to discuss the challenges (and solutions!) with using MITRE ATT&CK with a modern SIEM. Join us in this webinar to learn:

    - How security teams can derive value from using MITRE ATT&CK with a SIEM
    - Common issues organizations run into and guidance on how to improve security posture
    - How to supercharge your SIEM with MITRE ATT&CK and use it to your advantage
    - ATT&CKing your SIEM rules: how to map taxonomies and the difficulties you might face
    - Planning your defenses with Matrices
  • Five SOC Modernization Stories Nov 12 2020 5:00 pm UTC 43 mins
    Chris Simmons, Product Marketing, Splunk Inc. | John Stoner, Principal Security Strategist, Splunk Inc.
    Insights in Transformation From Splunk Customers

    Outdated solutions produce volumes of security alerts, yet security teams struggle to accurately detect high-priority threats because of the amount of noise generated. Compound this reality with compliance mandates, budget uncertainties, as well as staff shortages and skills gaps, and it becomes readily apparent why security professionals are looking for new solutions. This is why modernizing Security Operations Centers (SOCs) to maximize productivity and effectiveness has become a top priority for organizations around the globe.

    Splunk customers are making inroads into solving the problem. Using real customer stories of SOC modernization, this webinar will share key insights Splunk customers learned during their transformation, including:

    - How the 2020 United States Census was able to leverage Splunk for security and IT use cases
    - How Penn State evened the playing field between a high proportion of security incidents and security workforce
    - How SAIC detects and mitigates insider threats in their environment
    - How technology helps Starbucks with the cyber skills shortage, ticket fatigue, and analyst burnout
    - Why Intel required a common digital work surface for their SOC team in their next-generation Security Operations Platform
  • How to Modernize the SOC: Get in the Driver's Seat Nov 5 2020 5:00 pm UTC 44 mins
    Oliver Friedrichs, Splunk, Inc. | Robert Boyce, Accenture | James Brodsky, Splunk, Inc.
    It’s time to modernize the Security Operations Center (SOC). We’ve seen the same challenges for years: too many security alerts, a massive shortage in the number of security professionals, insufficient skill sets and experience, and teams using a myriad of complex, siloed point solutions instead of holistic threat-mitigation capabilities. It’s an unsustainable model that’s long overdue for change.

    SOC teams must adapt and evolve to a new cyber threat response model - one that is cloud based and that helps them prioritize effective triage, reduce false positives, leverage new automation, behavior analytics, AI and machine learning tools. This will streamline their workflow so they can focus on the industry-specific threats that matter—instead of the alerts that don’t. This must be done while onboarding many new data sources to continue to effectively protect the business. Only then can these teams transform their operations and overcome the burdens of today’s obsolete SOC.

    Watch Splunk and Accenture Security on-demand to learn more about how you can:

    - Use risk-based alerting to accelerate alert triage and threat response
    - Automate response to mitigate threats in seconds instead of hours
    - Integrate your existing security solutions for streamlined workflow
    - Mature processes and skill sets to build cyber resilience
    - Align and integrate security with your business objectives
  • Pre-Election Check-In Oct 29 2020 4:00 pm UTC 60 mins
    David Morris | Mick Baccio
    With the 2020 U.S. presidential election less than a month away, let's take a look at the current state of this election from a tech and cybersecurity perspective. What are the new challenges and threats to democracy that we have not seen in previous election cycles?

    Join this panel to ask your questions and learn more about:
    - Things to keep in mind ahead of Election Day
    - Lessons from recent cyber attacks in the public & private sector
    - Securing voter databases and election infrastructure
    - Election reporting websites and when to expect to hear the results of the election
    - Weeding through election interference and disinformation
    - What to expect after Election Day

    - Mick Baccio, former CISO at Pete for America, and White House Threat Intelligence Branch Chief, Security Advisor at Splunk

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • Navigating Cloud Pitfalls in the New Normal Oct 27 2020 4:00 pm UTC 43 mins
    Stephen Elliott, Program VP, Management Software and DevOps, IDC | Johnathon Cervelli, Chief Technical Advisor, Splunk Inc.
    While adopting the cloud can be transformative – and in our increasingly digital world, an imperative – it also increases complexity.

    Everyone who is accelerating moving to the cloud knows the benefits. But what are the associated pitfalls and how can you avoid them? In this webinar, Johnathon Cervelli, Splunk Chief Technical Advisor, and Stephen Elliot, IDC Program VP, Management Software and DevOps, will discuss how the right data strategy can help realize the promises of the cloud while avoiding often-overlooked pitfalls – ultimately, empowering organizations to succeed in and accelerate their transformation strategies.

    What we’ll cover:
    - The state of cloud adoption and its impact on DevOps and I&O teams
    - What’s changed in response to the pandemic
    - Six pitfalls organizations face in moving to the cloud and the data strategies necessary to overcome them
  • Modernizing your SOC for the Cloud Age Starts with Security Foundations Oct 15 2020 4:00 pm UTC 74 mins
    Dimitri McKay, Principal Security Specialist, Splunk | Taylor Williams, Professional Services Director, Zivaro
    When all data is security-relevant, it’s difficult to know where to start. Getting started requires decisions, but without quality data you’re simply guessing. Bad data in, is bad data out. Getting the most from your data and security solutions can help ensure you get the answers you need to make more informed decisions in order to take action.

    In this webinar, we cover security best-practices for properly configuring environments and data to get started building a strong data foundation for your cloud security. After all, data quality is the foundation of becoming a data-driven organization in this digital transformation. No matter how mature your organization or where you are in your security or cloud journey, having a strong data foundation is the building block to modern security operations.

    Whether you've started a digital transformation, recently installed Splunk Cloud -- Or maybe you’re looking to onboard data, explore new security use cases, or make sure you have a strong security foundation at every stage of your cloud journey.

    Join us for to learn best practices on how to:
    - Optimize and onboard data sources: Cisco ASA, AWS CloudWatch, Microsoft, Linux and more
    - Optimize data collection
    - Configure security systems, data forwarding
    - Get the most value from Splunk's security solutions
    - Leverage Splunk apps to extend the value on Splunk solutions
  • Getting More from Your Data with Machine Learning Oct 6 2020 1:00 pm UTC 34 mins
    Gyanendra Rana, Senior Product Manager at Splunk
    Are you looking to apply machine learning to your data to uncover new insights and make more informed decisions? Join us as we discuss how machine learning solutions can help your organization. Whether you are an analyst looking to enhance your reporting or a trained data scientist, we’ll cover ways to model your data, experiment with machine learning tools, and operationalize different algorithms using our guided workflows.

    This webinar will touch on machine learning concepts such as:
    Anomaly and outlier detection
    And much more!
    You’ll walk away with an understanding of how ML can help improve your ability to sift through alerts, identify threats, and ultimately improve your data analyses and decision making. We will also give you a look into what is possible with the latest release of Splunk’s Machine Learning Toolkit (MLTK).
  • Four Stages for Government Security Teams to Manage Risk Oct 1 2020 4:00 pm UTC 40 mins
    Cam Beasley, CISO, UT Austin | Jae Lee, Product Marketing, Splunk Inc.
    To achieve comprehensive and effective cybersecurity, organizations first need to understand where they reside on the security maturity curve.

    Gain the insights you need by listening to this webinar, 4 Steps to Government Security, available on demand. Moderated by CSO, the webinar features a fireside chat with Cam Beasley, CISO of the University of Texas at Austin and Splunk, who examine the security challenges facing highly regulated organizations today, and explain how to leverage data from a broad range of sources to improve your security posture.


    Cam Beasley,
    UT Austin

    Jae Lee,
    Director, Product Marketing,
    Splunk Inc.
  • Machine Learning Deep Dive: Simplify Ticket Remediation with ML-Powered Analysis Oct 1 2020 9:00 am UTC 43 mins
    Greg Ainslie-Malik, Staff ML Architect at Splunk
    Machine learning (ML) can be applied to help companies leverage intelligence in their operations. In this webinar, we will discuss how the Splunk Machine Learning Toolkit (MLTK) can be extended to create domain-specific guided Assistants that can simplify workflows for users such as IT administrators.

    Join Greg Ainslie-Malik, Staff ML Architect at Splunk, to get a glimpse into the future of IT ticket triage, as we display:
    How ML can provide new insights into ticket management
    A deep dive demo into a new app powered by the Machine Learning Toolkit (MLTK) that can help admins mine their data for patterns and easily identify candidates for automated remediation
    How this use case can complement IT Service Intelligence (ITSI), our premium monitoring and analytics solution powered by artificial intelligence for IT Operations (AIOps)
  • Top Trends to Protect Your Servers and Business with Centralized Infrastructure Sep 29 2020 2:00 pm UTC 38 mins
    Amit Sharma, Director of Product Marketing at Splunk & Jason Odden, IT Evangelist at Splunk
    The upheaval caused by the global pandemic has made it significantly more challenging to monitor your IT infrastructure, and also significantly more important to do it effectively. With employees working from home, or in a hybrid environment where some are at home and some in the office, the level of complexity—and potential risk—has skyrocketed. Add in an element of economic uncertainty, and the potential damage from an outage becomes even greater.

    It’s not easy finding and fixing underlying server issues even when you’re onsite. Traditional monitoring tools are often siloed and difficult to scale, and they weren’t built for a hybrid environment. Without effective monitoring, you risk costly outages, lost productivity and frustrated customers. It’s never been more vital to have an effective and dependable IT monitoring solution in place.

    Watch our On-demand webinar, ""Top Trends to Protect Your Servers – and Your Business – with Centralized Infrastructure Monitoring"" to learn:

    Top trends for maximizing IT performance with a centralized infrastructure monitoring strategy
    Practical tips for optimizing the performance, uptime and health of your IT environment
    How to get end-to-end visibility across your IT infrastructure to prevent outages before they happen
    What to look for when evaluating IT monitoring tools
  • Fünf Beispiele für erfolgreiche SOC-Modernisierung Sep 25 2020 9:00 am UTC 59 mins
    Udo Götzen, Alexander Pilger, Angelo Brancato, Zachary Warren & Matthias Maier
    Veraltete IT-Security-Lösungen führen zu einer Vielzahl von Warnmeldungen. Dabei haben Sicherheitsteams aufgrund der Menge von Meldungen Mühe, die Spreu vom Weizen zu trennen und wirklich wichtige Bedrohungen genau zu erkennen. Kombiniert man dies mit Compliance-Vorschriften, Budget-Unsicherheiten sowie Personalmangel und Qualifikationslücken, wird schnell klar, warum Sicherheitsexperten nach neuen Lösungen suchen. Das ist auch der Grund, warum die Modernisierung des Security Operations Center (SOC) zur Maximierung von Produktivität und Effektivität für Unternehmen auf der ganzen Welt zur obersten Priorität geworden ist.

    Splunk-Kunden machen bei der Lösung dieses Problems riesige Fortschritte. Dieses Webinar vermittelt anhand realer Kundenberichte über die SOC-Modernisierung wichtige Einblicke und Erkenntnisse, die Splunk-Kunden während ihrer eigenen Transformation gelernt haben. Hierzu gehören:

    Warum Intel innerhalb seiner next-gen Security Operations Plattform eine gemeinsame digitale Arbeitsoberfläche für sein SOC-Team benötigte,
    Wie DATEV sein Security Operations Center mit Splunk und MITRE ATT&CK auf ein neues Level heben konnte,
    Wie Fresenius in seinem SOC umfangreiche Sicherheitsaufgaben automatisierte und den DAX der Cybersicherheit entwickelte,
    Wie Dachser KRITIS-Anforderungen löste und eine Integration mit dem BSI automatisierte
    Wie Swisscom Splunk zum Mittelpunkt ihres Computer Security Incident Response Teams machte.
  • AIOps – Beyond the Hype Sep 24 2020 1:00 pm UTC 45 mins
    Cory Minton (Splunk), Kia Behnia (Splunk), Sean Crabtree, Managing Director (Accenture)
    Today’s climate and economy are forcing teams to reevaluate initiatives: what will drive IT efficiency immediately, with limited funding? AIOps is a term often thought of as a hyped buzzword, and a practice primarily for CIOs thinking about long-term transformation initiatives. How can AIOps help IT teams and organizations now, in response to this new climate?

    In this leadership panel tell-all, executives from Accenture and Splunk cover common misconceptions about AIOps and present practical advice to implement machine learning, automation and predictive analytics today. In this Q&A session, we will discuss how to activate AIOps for short-term initiatives, and improve IT operations effectiveness and agility.

    Join us for our on-demand webinar, AIOps: Beyond the Hype, to learn:
    Success stories from companies who have activated AIOps today
    How to get started with AIOps and common use cases like event management, predictive analytics and service monitoring
    Why AIOps is relevant today with a remote workforce
  • Battling Disinformation, Voter Suppression & Cyber Attacks Sep 23 2020 4:00 pm UTC 60 mins
    David Morris | Lee Imrey | Mark Rasch
    This episode of the Election Hacking Original series will explore the impact of social media platforms on democratic elections, with a special focus on the 2020 U.S. presidential election.

    Join this panel to ask your questions and learn more about:
    - Has anything changed since 2016 and how
    - What can we learn from examples of other elections around the globe when it comes to the spread of disinformation
    - How has disinformation been used to suppress voting
    - What's new on the threat landscape for November
    - What is the likelihood of a cyber attack against elections

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • Practical Lessons in IT Modernization Success Sep 22 2020 4:00 pm UTC 34 mins
    Marques Young, US Dept. of Commerce | Joshua Scheurer, State of Michigan | Ashok Sankar, Splunk, Inc.
    Modernization and cloud migration initiatives are disrupting public sector organizations as IT environments shift under their feet. According to a recent survey, replacing aging systems and reducing agency risk remain top drivers and more than 50% of respondents expect a hybrid environment as the end state of their IT modernization efforts. But only 13% say they are either very confident or confident in their ability to modernize current systems and applications, including cloud/hybrid migrations.

    Listen to this on demand webinar to learn how State of Michigan and the International Trade Administration under the U.S. Department of Commerce have been able to modernize their IT environments and make confident decisions to drive positive mission outcomes.


    Marques Young,
    SOC Manager,
    International Trade Administration,
    U.S. Dept of Commerce

    Joshua Scheurer,
    System Architect,
    State of Michigan

    Ashok Sankar,
    Director, Solutions Marketing,
    Splunk Inc.
  • Be in the Clear with VMware vSphere Sep 22 2020 1:00 pm UTC 34 mins
    Ian Torbett, Product Manager at Splunk
    Virtualized environments are complex - it’s not easy to find and fix underlying VM issues. Monitoring tools are siloed and difficult to scale and with different tools to monitor the same IT environment, things can get chaotic. Imagine if analysts, admins and virtualization teams could collaborate and troubleshoot all from the same platform. No more finger-pointing, no more “my tool says” and no more data disagreements.

    Join us for a On-Demand webinar, Be in the Clear with VMware vSphere and learn how Splunk can help you:

    Gain visibility across your entire stack - from vCenter to the underlying operating system
    Analyze VM health, drill down into relevant entities, do split-bys to find root causes and also prevent future outages
    Implement a centralized infrastructure monitoring strategy to improve overall IT operations
  • Why Leading SOC Teams Have Cloud-y Vision Sep 22 2020 9:00 am UTC 45 mins
    Matthias Maier - Security Product Marketing Director, Splunk
    Security teams need to plan and prepare for a consistent security and compliance posture across a larger, more fluid ecosystem in the cloud. To cover the additional attack surface, it’s important to know all the nooks and crannies, and what operates within them. One of these operators are the App Dev teams that increasingly move toward DevOps. Code is being built and released at a level of speed and complexity that leads to high interdependencies - causing unpredictability and risk. Now more than ever, a strategy needs to balance Security Operations’ costs with the growing list of responsibilities that come as part of the package with cloud. Don’t be left behind, join this session to learn the secrets of leading security teams, including:

    - What the future of security operations centres (SOCs) and job roles will look like
    - How the SOC Team needs to be strategically embedded in DevOps
    - How to ensure and monitor compliance with an organization's security policy across multi-cloud services
    - How DevOps’ principles can be practiced in the SOC operating model
    - What it looks like to plan and establish a SOC in the cloud
    - Starting your plan and how to communicate it to management
Splunk Webinars and Videos
Splunk is the world’s first Data-to-Everything Platform. Now organizations no longer need to worry about where their data is coming from, and they are free to focus on the business outcomes that data can deliver. Innovators in IT, Security, IoT and business operations can now get a complete view of their business in real time, turn data into business outcomes, and embrace technologies that prepare them for a data-driven future.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: The Present and Future of Security Operations
  • Live at: Apr 16 2020 3:00 pm
  • Presented by: Jon Olstik, Sr. Principal Analyst & Fellow, Enterprise Strategy Group & Chris Simmons, Sr. Product Marketing Mgr, Splunk, Inc
  • From:
Your email has been sent.
or close