Name: ISSA International Series: Security Professionals Dilemma
Start: 2018-11-27T17:00:00Z
End: 2018-11-27T17:01:41.000Z
Location: BrightTALK
Rating: 4.2

ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

Take command of your thoughts and emotions – focus on how to build inner strength through understanding our thoughts and emotions and developing habits and practices to help us cultivate a strong, optimistic attitude.  
Take command of your relationships – we will explore our connections to the people we care about or interact with every day – how to establish and repair trust, deal with difficult people, sustain strong relationships and see things from the other person’s point of view.  
Take command of your future – we will define your values, pursue your purpose, and create a vision for your life.

Taking Command in 2024

“Privacy by design” has been part of the cybersecurity and privacy practitioners’ vernacular for well over a decade, but for many the phrase remains vague. In some of the new privacy laws, both in the US and globally, privacy by design is becoming something that companies must now implement. It can no longer be "vague."
In this talk, we will walk through the development of a hypothetical smart thermostat following the recently released Design Process Standard from the Institute of Operational Privacy Design. For many participants this will open up a new avenue of thinking about privacy beyond the laws, principles and programmatic elements they are most familiar with and provide a level of concreteness to the concept beyond the broad to “build privacy in”.

Privacy by Design: More than just a catchy phrase!

Innovating in Cyber Security by Solving a 20 Year Old Problem with a Simplistic and New Approach

- Tal's story from Hacker to CEO & Co-Founder 
- Winning the Cybersecurity Women Entrepreneur of the year 2023” award and what this means to you and women in Cyber 
- About GYTPOL

Innovating in Cyber Security by Solving a 20 Year Old Problem

Incorporating Identity Threat Detection and Response (ITDR) into your organizations Security Operation Center 

Identity professionals have traditionally focused on compliance and governance activities, while leaving Security Operations to the Cybersecurity team to monitor the endpoint (EDR) and network (NDR), potentially missing Identity Threats. Cloud adoption has made identity a primary target for cyber security attacks, making it one of the key vectors of attack expansion after infiltration. As a result, Identity professionals need to consider an Identity Threat Detection and Response (ITDR) program and how to integrate it into their organization’s larger Security Operations Center (SOC). In this webinar, we will discuss the considerations that should be made when bringing on an ITDR program and how to incorporate it into an organizations larger SOC program. By doing so, you can ensure that your organization is well-protected against identity-based cyber threats.

Incorporating ITDR into your organizations Security Operation Center

Ensuring access is secure in the digital era is critical, especially with the rise of hybrid workforces, apps migrating to cloud, the sheer number of devices, and the sophistication of cyber threats. How can you ensure that your users, devices, and data are protected no matter where they are or what they access?
In this webinar, you’ll learn why Security Service Edge (SSE) is helping teams achieve secure business access for the next decade and beyond. Discover how SSE can help you:
• Simplify management and reduce complexity by consolidating multiple security functions into a single platform
• Reduce risk and compliance costs by preventing data breaches, malware infections, and over-privileged access
• Enhance performance and user experience by optimizing access to the internet, SaaS, and private applications
• Improve visibility and control by enforcing consistent policies and monitoring user behavior across all edges

Solving the secure access challenge for the next decade & beyond with SSE

With any good football team, both the offense and defense huddle, communicate, collaborate, and react in a coordinated way. If the eleven defenders all acted alone, without coordination, to individually try to stop the front line, the results would be a disaster.

Cybersecurity should be no different, yet most defenders operate in disconnected silos, unable to work together, call coordinated plays, or form any coherent line of defense. It’s time for a different approach to change the game.

Join security expert Jason Keirstead from Cyware for a discussion of the importance of Collective Threat Defense, and practical ways we can all start sharing intelligence and collaborating across organizations and industries to disrupt and defeat well organized attacker game plans.

Winning in Football Requires Collective Defense. So Does Cybersecurity

Challenges and Opportunities in Implementing Privacy By Design in the Caribbean - The Jamaica Data Protection Act 2020 as a Case Study.

In the era of digital transformation, integrating Privacy by Design (PbD) is crucial for fostering trust and ensuring the protection of user data. It is a proactive approach to privacy protection that is embedded in all aspects of a business or organization's operations.

The Jamaica Data Protection Act 2020 is a new law that was enacted to protect the privacy of Jamaicans. The Act requires businesses and organizations that collect and process personal data to comply with a number of privacy requirements, including some that map closely to privacy by design.

This presentation will delve into the unique challenges and opportunities associated with implementing Privacy by Design within the Caribbean, using the Jamaica Data Protection Act 2020 as a case study. We will explore the foundational principles of PbD, such as proactive privacy measures and user-centric privacy, examining how these align with the mandates  of the Jamaica Data Protection Act 2020. Additionally, we will spotlight the challenges faced by Caribbean nations and entities in embedding privacy into their operational and developmental frameworks.

Challenges and Opportunities in Implementing Privacy By Design in the Caribbean

Collaboration is Key:  The ISSA AIM Program and ACI Learning, Working to Help Bridge the Gap from Education to Employment

Preparing professionals for the workforce must be collaborative between training and education, employers, and industry associations. All parties receive benefit and value when the community comes together to bridge the gap to full-time employment. The ISSA Aim Program is an influential force that positively contributes to the cybersecurity workforce. ACI Learning provides training and education to build the necessary skills for workforce readiness.

In this session, we will discuss the challenges of an apprenticeship program and the solution ACI Learning and ISSA are working to develop. A partner ecosystem provides candidates training and helps identify opportunities for apprenticeships and full-time job opportunities placement with enterprise organizations. Join us for a lively interaction on the benefits of building bridges to success.

Collaboration is Key:  The ISSA AIM Program and ACI Learning

In a rapidly evolving digital landscape, the intersection of neurodiversity and cybersecurity is an emerging frontier that promises to revolutionize the way we think about securing our digital future. Join us for an enlightening panel discussion, titled "Unlocking the Neurodiverse Advantage: Cybersecurity Beyond the Spectrum," where we bring together a diverse group of experts to explore the untapped potential within the realm of neurodiversity and its profound impact on the world of cybersecurity.
Our esteemed panelists include:
Mark Meulemans, Director of Cloud Solutions Architecture at VMware, will share his insights on how neurodiverse individuals are contributing to innovative cybersecurity solutions that go beyond the conventional spectrum.
Amber Buening, Senior Vice President and Security Outreach Director at Huntington, will provide a unique perspective on how organizations can harness the strengths of neurodiverse individuals to enhance their security practices and outreach initiatives.
Alexandra McCoy, a Site Reliability Engineer at VMware, will discuss her firsthand experiences as a neurodiverse professional in the tech industry, shedding light on the invaluable contributions she and others like her are making to cybersecurity.
Nathan Chung, a Neurodiversity Evangelist, will lend his expertise in advocating for neurodiversity inclusion and explain why fostering a neurodiverse workforce is not just an ethical imperative but also a strategic advantage in the world of cybersecurity.
Together, our panelists will delve into the ways neurodiversity is revolutionizing cybersecurity practices, driving innovation, and creating more inclusive and resilient digital environments. Don't miss this opportunity to gain fresh insights and discover the transformative power of neurodiversity in the cybersecurity landscape. Join us as we navigate "Cybersecurity Beyond the Spectrum" and unlock the potential of a more diverse and secure future.

Unlocking the Neurodiverse Advantage: Cybersecurity Beyond the Spectrum

In this session, Jose Hernandez from the Lacework Labs team will dissect the most pertinent cloud security attack trends and techniques of 2023. Delve into actionable insights, real-world metrics, and the current threat landscape as we equip your team with the latest knowledge and strategies.

This discussion will cover the following topics and more:
• Kubernetes attacks and abuses: The rise in complexity and vulnerabilities in deployment, and the resulting increased attacks and administrative plane abuses.
• Zenbleed impact: How Zenbleed affected cloud providers and how Lacework approaches this security concern.
• Cloud supply chain attacks: An examination of the JumpCloud APT case and its broader implications.
• CloudWizard APT: The use of OneDrive, Dropbox, and Google Drive as a C2 in the ongoing CloudWizard threat, including an analysis of its evolution.
Join us as we explore the rapidly changing world of cloud security and provide valuable insights, tools, and strategies to safeguard your organization against an increasingly sophisticated array of threats.

Navigating the Cloud Attack Landscape: Insights for H2 2023

In the ever-evolving landscape of cybersecurity, the management and protection of cryptographic assets play a pivotal role in ensuring the resiliency and security of corporate environments.  Organizations can often struggle with the complexities associated with managing identities, securing connected devices all while trying to mitigate human errors. Because there is no single approach to solving cryptographic challenges, leveraging modern tools like asset discovery, automation and integration is key to establishing digital trust and control of cryptographic assets. 
Learn about the transformative power of crypto modernization and its impact on your organization’s cryptographic asset management through five key use cases. 
The session will show you how to: 
• Gain visibility and control of the cryptographic assets in your organization’s environments
• Secure your remote workforce 
• Incorporate tools to reduce the risk of security breaches and outages

The DigiCert Guide to PKI Modernization: Five Key Use Cases

We've heard time and time again how privilege can be exploited for lateral movement. The challenges are understanding the extent of this commonly exploited attack surface in your environment and finding effective tools to reduce your risk.
 
Join this webinar to learn:
•  The different types of privilege (hint: it’s not just administrator accounts)
•  How easy it can be to discover and measure privilege sprawl
•  The importance of tracking privilege sprawl over time
•  What tools are available to minimize your attack surface

Privilege Sprawl — Yes, It Applies to You!

Join us for a webinar where IronCore Labs CEO Patrick Walsh walks through the AI tech stack from a privacy and security perspective. Attendees will come away with a better understanding of the AI tech stack, its vulnerabilities, and PETs and other solutions that prevent sensitive data from getting into the wrong hands.

How to address privacy needs across the AI tech stack

Identity risk is a problem that’s become exponentially more challenging in cloud-native environments. Rapid application delivery makes over-privileged  users the norm, while the explosion in machine identities creates dangerous attack vectors. What do you need to reduce your cloud identity attack surface and achieve least privileged access?

Join our panel of experts as they map out a blueprint for successfully reducing the risk associated with misconfigured cloud resources, and overly permissive identities, and discuss what’s next in cloud identity security.

In this session, we’ll cover:
• Security posture management for cloud-native applications
• Identity and entitlement challenges in the cloud
• Management of non-human security principals
• Best practices for reducing cloud identity risk

Managing Cloud Identity Risk: A blueprint for success

It can be really hard to understand how things are going in cybersecurity, let alone communicate how things are going to others. How do you get the buy-in and collaboration you need for your team and your program? Caroline Wong, author of the best selling textbook Security Metrics: A Beginner's Guide, will share her expert insights from practical learning in the field.

Security Metrics Insights

Artificial intelligence has revolutionized the way we store, process, and analyze data. However, with great power comes great responsibility, especially when it comes to protecting sensitive information. In this webinar, we’ll explore the challenges and best practices for data privacy and protection in the age of AI and Large Language Models (LLMS).
 
We’ll cover:
 
●     How to understand the risks and threats to data privacy in the age of AI
●     The latest trends and regulations in data privacy and protection
●     The key data governance challenges and risks associated with LLMs
●     Best practices for implementing data governance around LLMs
●     Best practices for securing data in an AI-driven world
●     Practical insights and advice on how to safeguard sensitive information
 
Join us to learn how to protect your organization's data in the age of AI and enhance your knowledge and skills in data privacy and protection. Register now!

Risk Management in the Age of AI

We’ve long known that there are far too many threats and security alerts, for overstretched analysts to respond to. But as enterprises have piled on new layers of security, especially during the COVID era, the sheer number of disparate tools is making the problem worse – not better. Recent estimates are that large enterprises average over 100 discreet security tools, many of which don’t play nicely together.
Today’s security challenges are less about detection, than connecting the dots. This presentation will cover strategies to empower your security team through orchestration, automation, and collaboration tools, to connect systems across platforms, and connect the right people across silos to take intelligence-driven action. 
Learning Objectives:
• How to connect people and systems across security silos
• The need to orchestrate disparate security tools
• Strategies for effective automation with humans in the loop
• Integrating collaboration and threat intel sharing across organizations

We Have Plenty of Security Tools – Now we Need to Connect the Dots

AIM: Building the Bridge from Cybersecurity Education to Employment:  overcoming the cyber skills shortage and barriers to entry. 

ISSA International recently launched the Apprenticeship, Internships, Mentorships (AIM) Program to help bridge the gap that exists from the time a student or professional transitioning to a cyber career to the time it takes to contribute to an organization’s cyber team positively.
Join us for a discussion on developing alliances with like-minded organizations to ensure skills development and workforce readiness is easily available and accessible to all pre-professionals and entry-level employees.

AIM: Building the Bridge from Cybersecurity Education to Employment

We as security professionals are faced with a multitude of dilemma’s in the performance of our duties.  These dilemmas range in nature including the following questions;
•What new technology do we need to protect against the latest threats?
•How much security do we put into our infrastructures and yet still not be obtrusive?
•Should we or can we hack back to stop an attack?
•How often do we test?
•How do we harmoniously integrate our operational processes with those of our enterprise?
•How much time do we need to spend tracking laws and regulations?

This webinar will attempt to provide insight into these issues and others as we move forward.

Moderator:
Mark Kadrich, Principal, Kadrich InfoSec Consulting Services

Speakers:
Matt Mosley, VP Products, Cybersecurity, Devo
Karen Worstell, CEO, W Risk Group
Geoff Horne, Distinguished Engineer and Senior Manager of SMEs, Infoblox Inc.

ISSA International Series: Security Professionals Dilemma

Cyber Security

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

ISSA International Series: Security Professionals Dilemma

Presented by

About this talk

More from this channel