Protecting Critical Infrastructure from Cyberattacks

Learn How to Defend Your Business Now

Since Spectre and Meltdown burst onto the scene in early 2018, and vendors have been scrambling to deploy patches, but we are not close to eliminating this 20-year-old vulnerability, and new variants continue to emerge. According to the researchers who discovered Spectre, “it is not easy to fix, it will haunt us for quite some time.”

Business must, of course, go on but ignoring elephant-in-the-room threats is never wise. Solutions are emerging that look deeper into processor caching and memory usage, and selectively limit speculative execution, without recompiling code or hobbling performance.

Join security experts from Virsec for a deep dive into how Spectre works, the latest variants, the limitations of current patches, and how to disrupt attacks without a performance hit.

The vast majority of security solutions are focused on an out-of-date model of chasing known malware that is already weaponized – ready to do damage. Today’s security landscape has shifted away from this, with the majority of modern attacks bypassing conventional security systems by delivering benign-looking data. These benign components subvert interpreters and assemble to create dangerous weaponized code that can derail applications, expose sensitive data, or damage critical infrastructure. 

Join experts from Virsec for an interactive webinar discussing the emergence of WRT attacks and new strategies organizations need to use to protect applications in memory in real time.

The World Economic Forum has elevated cyberattacks as one of the top global risks in terms of likelihood and impact, ahead of all other types of technological, economic, political or terrorist risks. The easy availability of advanced hacking tools combined with our aging infrastructure and outdated security models is a recipe for disaster. To tackle this looming crisis, we need to rethink our approach to security and develop new strategies to protect our most critical applications and infrastructure.

Join renowned security experts Troels Oerting, CIO of the World Economic Forum for an interactive discussion on new strategies to preempt this global crisis.

New Security Strategies to Keep Up with IT/OT Convergence

With the explosion of IoT and increased convergence between IT systems and industrial Operational Technology (OT), is security an afterthought? While the potential of IoT seems limitless, inadequate security could significantly dampen growth and put much of our industrial infrastructure at risk.

Join us for an interactive discussion with renowned security and IoT expert Prith Banerjee, Senior Client Partner at Korn Ferry and former EVP and CTO at Schneider Electric.

New Mindsets and Strategies for Proactive Defense

There is no doubt that our infrastructure is under attack, and new vulnerabilities are being revealed daily. A perfect storm of political forces, aging infrastructure, increased automation, and advanced decentralized hacking all mean that we can’t be complacent about the security of our nation’s industrial backbone. To tackle today’s threats, we can’t rely on outdated security models and need a shift in mindset and defensive strategies that are up to the task.

Join us for an interactive discussion with Maj. Gen. Robert Wheeler, a renowned security expert and former Deputy Chief Information Officer for Command, Control, Communications and Computers (C4) and Information Infrastructure Capabilities (DCIO for C4IIC).

Learn How to Improve Security While Reducing Your WAF Dependency

Web application firewalls are a popular line of defense, but they can also be difficult to manage, require too much expert tuning, and deliver floods of false positives. And many advanced attacks such as the Equifax breach have easily bypassed WAFs. Perhaps we’re asking too much from a tool that sits at the network perimeter and has limited application context.

Join experts from Virsec for an interactive webinar discussing next-generation technology that can augment WAF protection, dramatically reduce false positives, reduce your reliance on patching, and stopping advanced attacks that weaponize at runtime (WRT).

Troels Oerting, Head of the World Economic Forum Centre for Cybersecurity discussed a new class of cyber attack that exploits fileless and memory-based techniques. These attacks bypass conventional security and only weaponize as programs execute in runtime.

Most security solutions are locked into an out-of-date mindset, looking for known malware that has been constructed by hackers and delivered already weaponized – ready to do damage. But today’s advanced hacks are increasingly bypassing conventional security systems by delivering benign-looking data that only gets weaponized when applications are live, in runtime memory. By subverting interpreters and manipulating legitimate processes and memory, these attacks can assemble benign components to create dangerous weaponized code that can derail applications, expose sensitive data, or damage critical infrastructure.

Join experts from Virsec for an interactive webinar discussing the emergence of WRT attacks and new strategies organizations need to use to protect applications in memory in real time.

Paul Forney, Chief Security Architect for Schneider Electric and Satya Gupta, CTO of Virsec delivered a joint presentation at the ICS Singapore Conference in April 2018, discussing the explosion of fileless and memory-based attacks, and strategies for protecting critical infrastructure.

While many people focus on detecting the next cyber threat to wreak havoc, more attention should be paid to detecting precursors to attacks that may already be within your network. In many major attacks, malware and vulnerabilities dwell within networks for months or years before the full exploit is launched. Machine Learning is being applied to detect new threats in the wild, but these techniques can be equally effective when applied internally, to map acceptable application behavior and react quickly if there is a real attack. Join noted security experts for an interactive discussion on strategies to protect your organization from these lurking threats.

The past year has seen a sharp increase in cyberattacks targeting critical infrastructure such as power plants, water treatment facilities, oil & gas refineries and elsewhere. High-impact attacks such as StuxNet, HaveX, Black Energy, Industroyer, Triton and others have used advanced hacking techniques and memory exploits to hijack control, cause disruption, shut down critical systems or worse. These technique bypass conventional network security tools and have been considered “indefensible” by many security experts.

Hear ICS and security experts discuss how to defend against advanced attacks and protect infrastructure from unknown threats.

The multitude of recent cyberattacks have a number of things in common: they are sophisticated, multi-pronged, use fileless techniques, and target applications at in process memory – largely invisible to conventional security products.

Attacks including WannaCry, Petya, NotPetya, SystemD, Industroyer, and Apache Struts all leveraged memory-based attacks to infiltrate, pivot, and hijack valuable data. What used to be viewed as arcane, theoretical attacks have now become easily accessible through the Shadow Brokers leak of advanced memory corruption tool kits.

Learn from Virsec experts:
•Why memory attacks are under the radar of most security
•How to map correct memory usage and detect deviations
•New models for protecting applications from the inside

This webinar is part of BrightTALK’s "Ask the Expert" Series. As attacks increase and start to have a significant impact, not just on companies’ bottom lines, but on their ability to carry out everyday business, cybersecurity has become much more of a boardroom issue than ever before. Increasingly this is causing forward looking organizations of all sizes to examine how security can be better integrated into business as normal.

No business is immune from cybercrime and the theft of personal information and intellectual property will increase as the ability to turn raw data into money-spinning opportunities increases. The response to cybercrime is a business decision – and is all about risk management. Between human error and malicious insiders, time has shown us the majority of data breaches originate inside company walls. Employees and negligence are the leading causes of security incidents but remain one of the least reported issues. The fightback starts not in the organization but with people and increasingly in the home. More and more security professionals need to be re-assessing the risks to company data at a personal level - mobile/consumer devices, internet connected devices, cloud access and storage both inside and outside the corporate environment.

Speakers:
- Joseph Carson, Chief Security Scientist, Thycotic
- William Leichter, VP Marketing, Virsec
- Dr. Chenxi Wang, Founder of The Jane Bond Project & Vice Chair, Board of Directors, OWASP

Audience members are encouraged to send questions to the expert, which will be answered during the live session.

Ray DeMeo, COO of Virsec discusses a new model for security using deterministic, memory-based protection to stop attacks in real-time while eliminating false positives.

Atiq Raza, CEO of Virsec and tech industry luminary, discusses a unique approach to protecting against today's advanced fileless and memory attacks in real-time.

The volume and frequency of cyber-attacks makes it impossible for security analysts to use manual threat analysis to keep up with a rapidly changing threat landscape.

Innovations in artificial intelligence (AI) now make it possible to automate mundane security operations, and provide security analysts with access to large data sets. The benefits are significant: analyst time is freed-up, and they have access to better information enabling smarter, faster decisions about how to continually improve the security posture of their organization.

Join this Q&A panel on how AI can help improve your organization's overall security.

Speakers:
- Chris Roberts, Chief Security Architect, Acalvio
- Chris Morales, Head of Security Analytics, Vectra
- Vikram Kapoor, Co-Founder and CTO, Lacework
- Willy Leichter, Vice President of Marketing, Virsec

Massive data breaches are a dime a dozen these days, affecting more people than before and exposing the highly personal information of millions of consumers. Uber is the latest company to disclose a major breach, joining Equifax from a few months ago, in which the names, addresses and other personal data got stolen by hackers.

Join this interactive Q&A panel discussion to learn more about:
- Impact and lessons learned from the Uber breach
- What should enterprises do to better protect their customer data?
- How can we address the growing threat of cyber attacks?

Some of the industry's top minds will provide their insights on the impact of the recent breaches on consumers, organizations and policy.

Moderator:
- William Leichter, VP Marketing, Virsec Systems (Moderator)

Speakers:
- Chris Roberts, Chief Security Architect, Acalvio Technologies
- Chris Morales, Head of Security Analytics, Vectra Networks
- Jason Kent, CTO, AsTech Consulting

What are the lessons learned from the recent slate of mega-breaches (Equifax, CIA, NSA)? How can we apply these lessons toward educating our workforce and strengthening our organizations' security posture?

Join this interactive panel with cyber security experts to learn more about:
- Why the Equifax data breach was inevitable
- How to prepare against the next big one
- How to detect breaches faster
- The first 24 hours after a breach
- The importance of employee security training
- What CISOs can learn from this breach

Speakers:
- Rick Holand, VP Strategy, Digital Shadows
- Chris Sullivan, SVP, Chief Information Security Office, Core Security
- Josh Shaul, VP of Product Management, Akamai

Moderator:
- William Leichter, VP Marketing, VIrsec Security

In the aftermath of the Equifax data breach, both consumers and enterprises are scrambling for ways to minimize the impact. Since highly personal information was exposed (social security numbers, addresses, birthdays), the implications of this breach could haunt us in the long-term future.

What are the lessons of this breach to individuals, as well as organizations?

Join this interactive panel discussion with security experts to learn:
- The short and long-term effects of this data breach
- What you can do to protect yourself and your organization
- How to protect against future scams
- Why breaches happen and how organizations can improve their breach prevention efforts, as well as employ technologies and process for faster breach detection and response
- How to improve cyber security going into 2018

Speakers:
- Satya Gupta, CTO, Virsec Systems
- Shawn Burke, Global Chief Security Officer, Sungard Availability Services
- Vamshi Sriperumbudur, VP Marketing, CipherCloud

Moderator:
- William Leichter, VP Marketing, Virsec Systems