Cyber Threats are Looming - Leverage NIST CSF

As 2019 approaches, DevOps & SecOps are looking to minimize the risks due to change management delays and manual processes. Today's existing approaches are good at monitoring and presenting what is wrong, but don’t take that vital next step in automating the correction of any issues.

In this Webinar we show you how to close the security gap through auto-remediation, combining AWS Lambda functions and Ansible Playbooks. Auto-remediation extends from your cloud security posture to your VMs and container instances, on-prem, or in the cloud.

Our day-to-day life depends on the country’s 16 sectors of critical infrastructure. From healthcare and financial services to energy and network systems, any disruption can be a threat to our democratic society. Security professionals are tasked with putting together a security program to protect our most valuable assets.

We have asked Joe Kucic, creator of the Verizon Risk Report, and Ken Williams, security leader from Nissan Motor Corporation, to provide us with their top ten tips to creating a successful security program and where NIST CSF fits in.

The discussion will include, but is not limited to:

• Getting management buy-in
• Mapping the NIST CSF Framework to your infrastructure
• The importance of system hardening

Pacific Dental Service (PDS) is one of the country’s leading dental support organizations, providing supported autonomy to more than 630 dental practices. As a support services provider in the healthcare space, PDS is subject to HIPAA and other regulations, which plays a vital role in their journey to the AWS cloud.

Join us on September 25th as Nemi George, Sr. Director of Information Security and Service Operations at PDS, walks us through the AWS cloud journey: the required planning, timing, best practices, and their experience to-date. Plus, how Cavirin’s CyberPosture intelligence continues to strengthen Pacific Dental’s security posture and meet compliance regulations.

Then we are lucky to have Thomas Robinson, Solution Architect for AWS look at the shared responsibility model, validating AWS responsibilities, and the tools available for building HIPAA workloads and maintaining compliance. Topics include AWS CloudTrail and Lambda Functions.

If you are considering migrating to the cloud, this is a must-see event.

Pacific Dental Service (PDS) is one of the country’s leading dental support organizations, providing supported autonomy to more than 630 dental practices. As a support services provider in the healthcare space, PDS is subject to HIPAA and other regulations, which plays a vital role in their journey to the AWS cloud.

Join us on September 12th as Nemi George, Sr. Director of Information Security and Service Operations at PDS, walks us through the AWS cloud journey: the required planning, timing, best practices, and their experience to-date. Plus, how Cavirin’s CyberPosture intelligence continues to strengthen Pacific Dental’s security posture and meet compliance regulations.

Then we are lucky to have Thomas Robinson, Solution Architect for AWS look at the shared responsibility model, validating AWS responsibilities, and the tools available for building HIPAA workloads and maintaining compliance. Topics include AWS CloudTrail and Lambda Functions.

If you are considering migrating to the cloud, this is a must-see event.

This summer, California passed a new privacy legislation implementing the strictest privacy controls of any state in the United States going into effect on January 1, 2020. We have asked security expert, Joe Kucic, creator of the Verizon Risk Report, to walk us through what this newest regulation means to a CSO, CISO, and other security professional. Plus what changes enterprises have made to address the GDPR regulations that went into effect earlier this year.

Join us as Kucic, who held security management leadership roles at Citigroup and GM and is currently the CSO at Cavirin, shares his thoughts on what organizations need to do to survive during this major movement to user privacy and transparency. Joe will be available to answer all your questions and take on a few of ours too. This is 45 minutes of insight through a CSO's eyes that you are not going to want to miss..

Just when you thought you had container security covered, a vulnerability appeared in the Docker container runtime—an insecure opening of the file-descriptor allowing privileged escalation—Now what?

Yes, container hardening and image scanning are essential for container security, but automating anomaly detection and threat defenses in the container runtime is now essential. Watch this technical webinar, to learn more about the threat to the evolution of the container runtime layer as well as a simplified approach to container runtime protection as well as how automation enables DevSecOps.

In this technical webinar/demo, hosted by ISSA (the Raleigh Chapter) you will learn:

* How container runtime protection complements image, instance, and orchestration security

* How to automate full stack container security across multiple public clouds even on-prem

* Automating code promotion through scripting

The credit rating single score is used to represent consumer credit risk. While easy to understand, a credit rating score incorporates several signals of consumer credit risk. We believe hybrid cloud infrastructures will benefit from an easily-understood “CyberPosture Score” that provides a meaningful, comprehensive, defensible and extensible view of Security and Compliance risk.

Join us as Cavirin experts discuss what’s required to obtain a CyberPosture Score—Learn about Cavirin’s breakthrough approach to Security Posture assessment and scoring including:

>> Verify where your risks are coming from

>> Identify the differences and correlations of risk and compliance

>> Determine the criticality of your assets, using the CIA (confidentiality, integrity, and availability) framework across your hybrid infrastructure

>> Remediate risks utilizing actionable intelligence

>> Manage configuration drift and maintain golden posture

3.5 million unfilled security jobs in the coming years coupled with increasingly sophisticated attacks doesn’t paint a pretty picture. As Cisco’s SVP security said at RSA this year, ‘we are completely screwed.’ But we don’t have to be, and you don’t have to be a genius either!

Join us, as we share results of recent surveys from ESG, Cybersecurity Insiders, and Cavirin that look at key concerns when migrating to the hybrid cloud, things like DevSecOps, container monitoring, and continuous compliance.

We will then provide you a sneak peek into Cavirin’s CyberPosture Intelligence and its simplicity which provides you with a real-time view across your hybrid cloud, both account security posture as well as workload continuous compliance. One button assessments and immediate comparisons to your desired ‘golden posture’ help you maintain control without hiring more security experts.

Summer is quickly approaching and unfortunately, many organizations let the GDPR deadline slip away. If you are one of the thousands of organizations that missed the deadline, then this is the webinar for you. Download this on-demand Webinar, to find out from experts on GDPR means to US companies and an action plan to automate your compliance and address this global regulation.

Cyber threats are looming in 2018. Join Byron Acohido, Pulitzer Prize winner and executive editor of lastwatchdog.com, to learn about the current threat landscape and how your organization can utilize current frameworks and guidelines to become better prepared to handle these threats. Cavirin will demonstrate how customers have incorporated the NIST CSF to strengthen their cybersecurity infrastructures against these looming threats.

Watch this webcast to learn:

- The spectrum of cyber threats looming in 2018
- The major forces in motion to mitigate cyber threats
- The implications for company decision makers
- How the NIST Cybersecurity Framework will strengthen your cybersecurity infrastructure

Download this on-demand webinar as DevSecOps expert and writer, Gregory S. Bledsoe (@geek_king on Twitter), provides insight into balancing quickness with security into the DevOps environment. In addition, Dr Ravi Rajamiyer, VP Engineering at Cavirin, demonstrates the steps required to securing the container (Docker/Kubernetes) lifecycle.

Competition is fierce and today’s businesses cannot afford to slow down their development processes to wait for security to catch up. Development lag time could mean the difference between success and failure, so DevOps and SecOps must find ways to unite. Securing the application lifecycle from the beginning has become key to making DevSecOps real.

What you will learn:

>> The why, the what, and the how of DevSecOps
>> Repackaging security and looking at change as an opportunity
>> How to refine a standard DevOps workflow to address security requirements
>> Automating security through the container lifecycle

According to Gartner, “The NIST Cybersecurity Framework is an absolute minimum of guidance for new or existing cybersecurity risk programs, and is a legal framework for aligning IT to OT security.” However, even with this strong guidance, many organizations are still hesitant to implement the security framework because, at first glance, it can appear overwhelming.

In this on-demand Webinar Cybersecurity and compliance experts, Pravin Goyal and Anupam Sahai, will provide insight on successfully implementing and automating CSF and NIST 800-171 across cloud, on-premise, and hybrid cloud infrastructures.

What You Will Learn:

>> The five NIST Cybersecurity Framework functions
>> NIST’s seven steps for establishing a cybersecurity program
>> How to map and automate technical controls defined in CSF
>> How CSF works with other security frameworks (including NIST 800-171)
>> NIST 800-171 compliance

Is your cybersecurity protection making the grade? Healthcare rates a 'C' in security, almost half of US residents have been compromised, and the end-user impact is tens of billions of dollars a year.

An easy first step is understanding the attack vectors and automating HIPAA technical controls. This automation lets you quickly understand your baseline security posture both on-premise and within the public cloud, where you have gaps, and how to remediate them.

Docker adoption has surged, up 40% over the past year, taking the lead for DevOps tools on AWS. With this transformation, enterprises are looking for ways to confidently introduce Docker into their Cloud environment. Join us as Cavirin experts guide you through:

> Securing EC2 Container Services, as well as Docker images, brought in from different registries
> Integrating CloudTrail and CloudFormation
> Today's best Docker security practices on AWS
> The latest on Kubernetes

Image, Container, and Orchestration security with Cavirin

Describes Cavirin platform's automation and manual controls, and includes a demo of capabilities.

Are containers & Docker secure? We look at best practices across their lifecycle, including image scanning within CI/CD process, container OS hardening, and orchestration security with Kubernetes. Guest speaker is Izak Mutlu, former CISO at Salesforce.

Why are CIS security benchmarks important and how are they created?

Pravin Goyal discusses differences between compliance and security