Name: The Threat Intelligence Playbook: Keys to Building Your Own Threat Intelligence
Start: 2018-11-07T18:00:00Z
End: 2018-11-07T18:59:02.000Z
Location: BrightTALK
Rating: 4.5

ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

Revolutionizing Privileged Access Management: Simplifying Security with Privilege Orchestration

Revolutionizing Privileged Access Management

Good cybersecurity governance is more important than ever before with new mandates from the SEC on cybersecurity risk management and the increasing emphasis placed on information security by investors. By building a cybersecurity governance framework that connects your programs and processes with your controls, frameworks and policies, you can increase visibility into your program and empower stakeholders to protect against cyber risk.
In this webinar, you will learn how to:
• Establish a strong program baseline by crosswalking your controls, policies and procedures;
• Create enterprise-wide accountability for risks, policies and controls from the operational level to the board level; 
• Align technology and departments on risk management workflows
• Optimize your program’s operations to improve your organization’s security posture.

How to Build an Effective Cybersecurity Governance Framework

Ready to expand into the international cybersecurity market? Join us to discover how to get started and explore the wealth of State and Federal resources available to cyber companies.

Business development experts Pompeya Lambrecht, Senior International Trade Specialist at the U.S. Commercial Service, and Ellen Meinhart, Senior International Trade Manager from the Virginia Economic Development Partnership, will be our guests giving U.S.-based businesses tips and resources to help break into the international cyber marketplace.

Sign up today!

How to Break into the International Cybersecurity Market

Join us for an eye-opening presentation on the dynamic intersection of Artificial Intelligence (AI) and Cybersecurity. Discover how AI is revolutionizing the way we protect against cyber threats and defend our digital environments. Delve into real-world examples showcasing AI's power in threat detection, malware prevention, and fraud detection. Explore the future implications of AI in cybersecurity and the need for ethical considerations in its development. Gain valuable insights into the potential risks and challenges AI brings to the table, and learn how to harness its capabilities for robust cyber defenses. Don't miss this captivating session that will unravel the cutting-edge advancements reshaping the landscape of cybersecurity.

Transforming Cybersecurity From the Power of AI

Developments in Europe from the Data Protection perspective: data sharing with trust

Since the enforcement of the GDPR, Europe's data strategy has been focused on the development of instruments that facilitate the sharing of data to ensure the EU’s leadership in the global data economy. But how are these efforts aligned with the GDPR? And how can trust be ensured in data sharing? During this talk we will look into the new European data strategy developments and some of their benefits and challenges. We will also explore the role that Privacy Engineering can play in this new landscape.

Developments in Europe from the Data Protection perspective

Modern information security requires practitioners to defend environments and surfaces which are highly dynamic. With new security risks arising and constant changes to your system, point-in-time assessments  can’t keep up. That’s why you need to routinely assess your security through automated, continuous monitoring. 
Continuous monitoring and automation are buzzy words in the industry, but what do they really mean?  Monitoring and automation can be applied at various levels and layers in an environment in order to meet a wide variety of security and compliance objectives.
In this webinar, Matt Cooper, Senior Manager of Privacy, Risk, and Compliance at Vanta, and Rob Picard, Senior Manager of Security at Vanta, will detail common use cases for security and compliance monitoring and automation to enhance your security posture.

Automation and Continuous Monitoring: What it Means and Why it's Critical

Over the past several years, the global privacy landscape has changed dramatically, particularly in the United States. Since 2018, the United States has enacted six comprehensive state privacy laws: the California Consumer Privacy Act (amended by the California Privacy Rights Act), the Virginia Consumer Data Protection Act, the Colorado Privacy Act, the Utah Consumer Privacy Act,  the Connecticut Data Privacy Act, and Iowa’s consumer privacy law. We anticipate more state bills to follow. Join us as Hunton Andrews Kurth partner Lisa Sotto discusses the current privacy landscape in the U.S. and what is on the horizon. From an overview of current laws and privacy considerations, to global trends, this program will highlight key privacy issues for businesses.

U.S. Privacy Landscape: Overview of State and Federal Privacy Laws

It’s a wrap!  Paula will share her career journey and her exit strategy following 27 years in high tech leadership with Intel Corporation.   What does Paula’s transition look like, as she boldly starts the year with big personal changes?  What are the different aspects of retirement, and how is she embracing change as an opportunity?  Do you dream of retiring, and designing what you want to do in your best years ahead?  Paula will share her plans and insights on what you too might consider, if you find yourself in a similar role, by choice or by chance.  Join Paula as she embarks on exciting ventures packed with fun, faith, family, friends, fitness and fulfillment.Daring to Move:  Retiring, Embracing Change and Designing Your New Life”

Daring to Move:  Retiring, Embracing Change and Designing Your New Life

Demonstration utilizing an online tool, the CREF Navigator™, to apply cyber resiliency considerations from NIST SP 800-160 Volume 2 (Rev 1) to common use cases.

Comprehensive technical frameworks are usually voluminous including several definitions, concepts, relationships, tables, and references with linkages to other key frameworks or publications.  NIST SP 800-160 Volume 2 (Rev 1): “Developing Cyber-Resilient Systems” is the leading framework defining and impacting the cyber resiliency space for US federal information systems.  It is a comprehensive framework that is generally applicable and can be adopted by any organization seeking comprehensive and well-defined cyber resilience guidance.  The publication which is over 300 pages centers around the Cyber Resiliency Engineering Framework (CREF) whose constructs include, in addition to the definition of cyber resiliency, four goals, eight objectives, fifteen techniques, fifty approaches, and fourteen design principles and their many to many relationships.

Cyber Resilience in Practice: Demo of The MITRE CREF Navigator Tool

AppSec programs have long relied on a traditional approach, using gates, reviews, and scanning tools to achieve security and compliance. But a new era is here that calls for securing modern cloud apps, SaaS, DevOps infrastructure, and the rapidly changing environments that surround them. Many organizations struggle to shed the traditional model, delaying the reframing of AppSec that is required to both ensure modern application security and integrity and keep up with the ever-increasing velocity the business demands.
 
What does it take to adopt a modern AppSec approach within today’s budget realities? It starts with gaining visibility and business context within rapidly changing development environments and ensuring limited resources are applied to the highest risk issues. Seeing the whole picture allows for effective security prioritization and remediation, partnerships with security champions, drives accountability and allows teams to do more with the same budget.
 
Join us to hear from Jason Chan, ex-CISO of Netflix, and Legit Security CTO Liav Caspi, to learn:
• How to obtain real-time visibility and security posture awareness over rapidly changing applications and development environments.
• How to gain valuable security context to cut through the noise and prioritize efficiently.
• Methods to identify security tool redundancies and leverage existing scanners to save cost and maximize value
• How developer engagement techniques such as security champion programs, paved roads, and security metrics can improve security and AppSec productivity.

Reframing Application Security for Modern Apps and Tighter Budgets

The last two decades have seen massive change in the IT landscape: We’ve seen workloads shift from the datacenter to the cloud, applications move from the desktop to mobile devices, and an increase in the frequency and sophistication of attacks to the point where it's not if you’ll get breached but when. Yet, the process we use for locking down access to our most sensitive systems — privileged access management (PAM) — has not fundamentally changed. 
Is there a better way to approach PAM? Join this session to learn how you can: 
• Leverage just in time orchestration to remove attack surfaces 
• Dynamically delegate just-enough access according to use case. 
• Enable administrators to do their jobs without jumping through hoops. 
• Limit the spread of malware.

PAM: We’ve Been Doing It All Wrong

The session will focus on the recent trends emerging from the data protection ecosystem in Africa. It will look at the laws, the regulators, the progress that has been made in the last decade, the challenges, and recommendations.

Emerging trends in data protection in Africa

Data Security Posture Management (DSPM) is the first step towards closing the data security execution gap. Born in the cloud companies like WalkMe can especially benefit from DSPM. Hear from Dror Zilberman, Senior Security Engineer at WalkMe, about why they invested in DSPM, their experience implementing Laminar and the outcomes they’ve achieved. Andy Smith, CMO of Laminar, will talk about how DSPM helps companies leverage data democratization for innovation without adding undue data security risk. 
What you will learn:
• What is DSPM and why it’s needed now
• Why WalkMe invested in DSPM and Laminar
• What benefits has WalkMe achieved by implementing DSPM

How WalkMe Keeps Data Secure with Data Security Posture Management

A cybersecurity intern program is a 12 week series, that requires the cybersecurity interns to be higher education students currently taking courses in Virginia.  The Commonwealth Cyber Initiative (CCI) awarded Brian Ngac and his research colleague, Nirup Menon, a $100K Grant for a Cyber Security Experiential Learning effort. This grant was based on Brian's past performance and experience in conducting Experiential Learning activities in the areas of Cyber Security and Business Process Improvement with high-performing students, Industry Participants, and Real Projects since the Spring 2018 semester at George Mason University. In this talk, Brian will introduce the Experiential Learning Program and its needs including two 12-student cohorts, multiple industry participants, and 8 project solicitations. Brian will also inform the audience of his Cyber and Business Process Improvement Experiential Learning course and how industry can participate in the following semesters.

Cyber Experiential Learning: Projects with Students & Industry Partners

Data is moving faster and at higher volumes than ever before. With so much being communicated, the need for tighter cybersecurity is at an all-time high. Encryption is one of the top tools cyber experts use to secure their systems, with crypto agile encryption helping to enhance data protection as it’s on the move. 

Together with quantum computing, crypto agile encryption’s automation capabilities are game changers in the movement toward enhanced data protection. To help leaders better understand how these work together, quantum and data security experts QuintessenceLabs' Vice President of EMEA Gilles Trachsel and PKWARE’s APAC Regional Sales Director Matt Mackender will co-host a joint webinar on February 23, 2023. 

They will explore the following:
- What is crypto agility?
- How can you adopt crypto agility into your cybersecurity strategy? 
- How can you better protect data on the move? 

Don’t miss your chance to ask questions and learn from the best as they pave the way for a post-quantum world. Sign up today!

Crypto Agile Encryption, Wherever Your Data Moves

With the Sephora decision in 2022, the California Attorney General threw down the gauntlet and let companies know that ignoring clear consumer signals will not be tolerated. While Do Not Track/Do Not Target (DNT) failed, the Global Privacy Control (GPC) will have the force of law. This session will discuss the history of consumer preference signals, the technology behind the new GPC, and the regulations driving adoption. As new state privacy laws are enacted in the US, understanding GPC will become critical to your company's success.

Listen to me! Global Privacy Control (GPC) and Consumer Preference

RapidAscents cybersecurity training program is at no out of pocket cost to learners. The 15-week DoL Registered Apprenticeship training program is in-depth and role-based from basics to job role simulated exercises, developed by leading practitioners in the space who have decades of experience in industry. Our training is supported by multiple grants one of which is the Department of Commerce to train entry level cybersecurity professionals. The RapidAscent team was selected for these grants due to our extensive background in cybersecurity.  Our team has a combined experience of 25 years in corporate related cybersecurity skills. Our extensive experiences allows us to understand the needs of the learner as well as the company.

In this presentation, our team will introduce the DoL Registered Apprenticeship approach as well as share how ISSA-COS and RapidAsecent are working with the Colorado Springs Community both to increase mentoring and support the development of entry level cybersecurity professionals respectively.

We will walk through how we effectively partner with universities, industries, and other organizations related to ISSA to create a high quality turnkey apprenticeship programs.  Will discuss different models for partnering that may benefit different ISSA Chapters and the greater community.

Developing Successful Mentoring and Apprenticeship Programs

The 360 degree leader methodology has been used in businesses to determine the influence of  an leadership in organizations from various roles. In this talk, Tanisha discusses how a 360 degree model can be applied to cyber security leadership and business practices to improve workflow and efficiency. She will provide examples of how to implement strategies that are beneficial and will improve productivity.

360 Degree Cyber Security Leadership

Acronyms such as IOCs (indicators of compromise) and IOAs (indicators of attack) are ubiquitous in the security industry. But a recent SANS Institute survey revealed that a vast majority of security professionals don't even know how many indicators they receive or can use. Join DomainTools Sales Engineer, Taylor Wilkes-Pierce to learn how IOCs and IOAs can work in tandem to build your own threat intelligence, enrich your investigations and overall security strategy. 


In this webinar, you will learn

How security professionals go about sourcing indicators
What can you do with IOCs/IOAs after locating valuable indicators
To pivot through threat actor infrastructure and determine the "Who" and the "How Bad".

Moderator: 
C-A Washington, Founder, Image & Etiquette Institute

Speakers:
Taylor Wilkes-Pierce, Sales Engineer, DomainTools
Ken Dunham, Senior Director, Technical Cyber Threat Intelligence, Optiv
Greg Reith, Sr. Solutions Architect, CenturyLink

The Threat Intelligence Playbook: Keys to Building Your Own Threat Intelligence

Threat Intelligence

SANS

Indicators of Compromise

Indicators of Attack

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

The Threat Intelligence Playbook: Keys to Building Your Own Threat Intelligence

Presented by

About this talk

More from this channel