Hi [[ session.user.profile.firstName ]]

ISSA Thought Leadership Series: Is Your Organization Ready for Automation?

Today’s security and IT teams are struggling to keep up. The digital landscape is constantly changing and between disparate, unintegrated systems and repetitive, manual processes, security teams are having a difficult time getting ahead. There are too many alerts, not enough time to investigate them all, and staff are on the verge of burnout.

Security orchestration and automation (SOAR) tools introduce ways for security teams to streamline and improve their everyday processes. But, is your organization ready for automation?

Join a panel of experts for an engaging discussion where you’ll learn:

Key considerations that should be in place before implementing automation
When is the right time to add automation (and when it isn’t)
Which common security tasks are ideal to automate
How to prepare your organization for SOAR

Moderator:
Mikhael Felker, Director of Information Security & Risk Management, Farmers Insurance

Speaker:
Scott King, Senior Director, Advisory Services, Rapid7
Michael Wylie, Director of Cybersecurity Services, Richey May Technology Solutions
Jason Winder, Managing Director, Aerstone Labs
Recorded Jan 9 2019 58 mins
Your place is confirmed,
we'll send you email reminders
Presented by
ISSA International
Presentation preview: ISSA Thought Leadership Series: Is Your Organization Ready for Automation?

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • User-Centric Privacy: Designing Effective Protections that Meet Users' Needs Dec 17 2020 6:00 pm UTC 60 mins
    Florian Schaub, CIPP/US, CIPT Assistant Professor, University of Michigan School of Information.
    Privacy engineering aims to respect and protect user privacy. User studies provide insights on users' privacy needs, concerns and expectations, and are essential to understanding a system's actual privacy issues from a user perspective. This session will draw on the speaker's research regarding privacy notices and controls online, on smartphones and with smart speakers to discuss how and why privacy controls are often misaligned with user needs. It will also examine how user studies can inform the design of user-centric privacy protections to more effectively meet user needs, as well as benefit companies.
  • Using Jupyter Notebooks for Repeatable Investigation Automation Nov 4 2020 6:00 pm UTC 60 mins
    Chad Anderson, Senior Security Researcher, DomainTools
    Given the current economic climate and scrutinized security budgets as a result of COVID-19, security teams are finding it more difficult to fill gaps in their threat intelligence collection requirements, therefore limiting their potential effectiveness and efficiency.

    This leaves analysts asking themselves questions like: if I’m starting an investigation from a single or list of indicators, how can I move faster and act as a force multiplier on my team? The resounding answer from seasoned security professionals is automation. In this webinar, join subject matter experts to learn how to harness the power of automation, use open source tools and data sources to build Jupyter Notebook playbooks, and effectively collaborate with team members.

    In this webinar you will learn:
    •The value of using automation in your investigations
    •Practical strategies for collecting information on indicators
    •How to take advantage of pre-existing Jupyter Notebooks playbooks
  • Understanding, assessing, and mitigating insider threats Oct 27 2020 5:00 pm UTC 60 mins
    ISSA International
    Insider Threats are one of the top risks on many organizations list of top threats. They can be divided in three categories which require different view points for mitigating: malicious insiders, negligent insiders, and infiltrators. In this webinar, we look at all three and how organizations can assess and mitigate the risks of insider threats.
  • The Life and Times of Cybersecurity Professionals 2020 and The Impact of COVID - Oct 26 2020 5:00 pm UTC 60 mins
    Candy Alexander and Jon Oltsik
    Candy and Jon will walk you through the findings, provoking a discussion on what the data means to you. They will share ways to relate this information to your professional career and utilize the data within your organization. Further, they will provide insight into the future of cybersecurity as it relates to business strategy and mission during and post COVID-19.
  • Address the Hidden Risk in Cloud Infrastructure Oct 14 2020 5:00 pm UTC 60 mins
    Arick Goomanovsky
    Address the Hidden Risk in Cloud Infrastructure: Misconfigured Identities, Access & Privileges

    In the public cloud, thousands of human and machine identities, roles, policies, entitlements and configurations determine what hackers can do if they gain a foothold in your environment. One excess permission or open port can make the difference between a failed breach attempt and devastating data loss. By 2023, Gartner predicts that 75% of cloud security failures will result from inadequate management of identities, access and privileges. First-generation cloud security solutions do not give you visibility into access entitlements and risks. And the complexity of cloud infrastructure and development velocity make it virtually impossible to analyze and remediate at scale.

    In this session we’ll discuss:
    •The hidden threats to AWS, Azure and Google Cloud Platform
    •The difference between managing human and machine identities
    •How identity and network configuration affect data security
    •Automating public cloud security throughout the software lifecycle
  • Modernizing access for a new workforce Oct 7 2020 5:00 pm UTC 60 mins
    Chinedu Egonu
    Remote work has become mainstream in a very short amount of time. Companies across multiple industries had to adjust very quickly with varying amounts of difficulty to this new normal where most of the employees are working remotely. This new normal also exacerbates existing administrative issues and presents new ones.

    Join us in this webinar as we discuss;
    •Steps companies took to achieve business continuity in a short time
    •Challenges faced by technologies chosen to facilitate remote work
    •Long term approaches available to better secure your remote workforce
  • How She Got There—Women in Health IT Oct 6 2020 6:00 pm UTC 60 mins
    Moderator: Karen Diamond, Vice President of Strategic Accounts, pureIntegration
    Women are increasingly finding a career in healthcare IT. According to a recent article in Healthcare Finance News, women make up 66% of all entry-level healthcare employees and 30% of C-suite positions in healthcare IT.*

    Our panelists are challenging the ecosystem—transforming the information technology space in healthcare, driving improved patient care, and leading with a purpose.

    Join us for an open and honest hour-long conversation with influential women in healthcare information and technology who are leading the way to a more diverse and enriched community. Gain a better understanding of the challenges and opportunities that these female executives have experienced as they have navigated their careers. Learn from them how they are leading their organizations to digitally transform and serve their patients in more effective ways. Discover how they see the healthcare ecosystem evolving to achieve more diversity and balance in the workforce.

    Webinar host pureIntegration is an IT consulting services firm, led by a team of 53% women and minorities.

    *Reference: https://www.healthcarefinancenews.com/news/women-healthcare-hold-most-manager-positions-lack-minority-representation-persists
  • The Evolution Beyond Secure Email Gateways Oct 6 2020 4:00 pm UTC 60 mins
    Michael Landewe, Cofounder at Avanan
    Why Securing Cloud-Based Email Requires a Different Approach

    Email gateways including Proofpoint, Mimecast, and Barracuda were designed to protect on-premises email servers, but when you moved your email to the cloud, it revealed five vulnerabilities that continue to expose your users to attacks.

    It's why companies are switching from gateway vendors. Come learn how the migration to Office 365 and Gmail necessitated an evolution in how to secure cloud email, and why Secure Email Gateways are not the right answer.
  • Turning the table on cybercrime Oct 1 2020 5:00 pm UTC 60 mins
    Zeina Zakhour
    Turning the table on cybercrime : The journey to Adaptive Security Strategy and impact on your cybersecurity Career

    The fast-paced technological innovations are changing how end users consumer services and how organizations do business. However those innovations are also expending the attack surface with a hyperconnected world introducing new opportunities & means for cybercriminals to reach the sensitive data of organizations.
    How can we turn the table on cybercriminals when they are well organized, developing cyberattacks that are stealth by design and even leveraging their own innovation techniques in order to compromise organizations.

    Join us to hear about the latest threat vectors , how COVID pandemic is being leveraged by cybercriminals, how organizations can thwart those threats with an AI-powered Adaptive Cybersecurity Framework and how to future-proof your cybersecurity career in those ever-changing technological and threat landscapes
  • Enhancing your Security Program for the Cloud Sep 30 2020 5:00 pm UTC 60 mins
    Michael Coates, Flee Lee and Ben Hagen
    Business adoption of cloud technologies, such as SaaS and IaaS, provides huge productivity wins but also brings major impact to security programs. Learn from leading Silicon Valley CISOs on how their companies are rethinking their approaches and building security strategies to protect their most important assets, data, in cloud applications and systems.

    What we’ll cover:
    - How cloud architectures impact threat models
    - Why traditional controls are irrelevant and must be enhanced/replaced
    - Autonomous & scalable security at the speed of business
    - Tips you can use today
  • Leveraging an identity-centric Zero Trust model to plan your IAM strategy Sep 28 2020 5:00 pm UTC 60 mins
    ISSA International
    The need to enable mass work from home has left many organizations looking for new approaches to IAM. Now is the time to assess how identity-centric Zero Trust models offer an effective strategic framework for transforming security schemes, and facilitating our users’ need for anywhere, anytime access to cloud applications and services.
    During this session we’ll discuss:

    • Limitations of existing perimeter security models
    • The Zero Trust alternative:
    • Benefits of Zero Trust
    • How zero trust concepts can address the fast moving needs related to COVID, and the new ‘work from home’ normal
    • The advantages of identity-centric zero trust for modernizing IAM schemes
  • How to Discover & Mitigate APTs in Enterprise Networks Recorded: Sep 24 2020 61 mins
    ISSA International
    This session is a high-level overview of the tools, tactics, thinking and analytical skills that are needed to discover, isolate and eliminate Advanced Persistent Threats (APT) in enterprise network environments. A focus of this session will be how to discover brand new APT malware when the existence of such malware is not known or suspected and when the malware is not detected by anti-virus software, Intrusion Detection Systems (IDS) and other traditional defenses.
  • Security Past, Present and Growing our Future (Together) Recorded: Sep 21 2020 54 mins
    Avani Desai
    This session will discuss the evolution of a career in information security. We will highlight the future of this space and how it will develop in the next 30 years given our speaker’s experience with the first 15 years. We will discuss passwords to firewalls to hackers and steps on how women can pivot at each point in our careers.
  • Quantitative risk with FAIR (Security and Privacy) Recorded: Sep 17 2020 60 mins
    ISSA Privacy SIG - Donna Gallaher and Jason Cronk
    In this webinar, participants will be introduced to FAIR (Factors
    Analysis of Information Risk). FAIR is a quantitative risk analysis
    methodology originally conceived of for analyzing information security
    risk. Participants will learn the basic concepts behind FAIR and be
    introduced to distinctions relevant to doing quantitative analysis of
    privacy risk versus security risks.
  • Driving Real Behavior Change with Security Awareness Training Recorded: Sep 16 2020 60 mins
    Michael Bailey
    With October's Cybersecurity Awareness Month approaching fast, it’s important to get security awareness and training top-of-mind with your users. Given that 80% of organizations only allocate two hours or less per year for security awareness, how can you maximize your time with users to ensure behavior change?

    In this webinar, we’ll go over proven ways to plan and execute a successful program such as:

    · Focusing your program on the riskiest users
    · Keeping users engaged and on-your-side
    · Benchmarking against top-performing organizations
    · Reporting up to key stakeholders

    As a part of your attendance, we’ll give you our free eBook, Driving Real Behavior Change: The Complete Guide to Building a Security Awareness Program that Works in addition to other free security awareness materials you can utilize in your program.
  • Can Your Security Controls Handle the Unmanaged and IoT Device Tsunami? Recorded: Aug 26 2020 60 mins
    ISSA International - Armis- with Curtis Simpson and Christopher Dobrec
    By 2021, up to 90% of devices in businesses will be unmanaged - unprotected and un-agentable. Businesses of every segment face this tsunami of new, connected devices. Beyond the traditional laptops and desktops we may use at work, these new smart devices run our operations, manage building automation systems, drive our manufacturing lines, or track and deliver healthcare to patients. Even during the current pandemic, companies are applying these devices in new ways. From contact tracing in hospitals, to cleaning robots in warehouses. These devices are essentially the new endpoint with operating systems, an application, and connect to enterprise networks - even the Internet. But what they are missing is security. This requires a whole new playbook to mitigate security risk and protect the business. How do your security controls stack up in this world of unmanaged devices?

    Join Armis’ CISO Curtis Simpson and VP of Product Marketing Christopher Dobrec as they discuss the reality facing businesses with the proliferation of these unmanaged and IoT devices and how to apply agentless device security controls to meet this security challenge.
  • The Osano Data Privacy and Data Breach Link Recorded: Aug 19 2020 60 mins
    ISSA International - Osano - Arlo Gilbert
    Can data breach risk be predicted by an organization’s privacy practices? How do privacy and security risk change across different types of organizations? After conducting in-depth research, Osano has discovered that companies with poor practices are more likely to suffer a data breach, and the severity of the breach they experience is many multiples worse.

    In this data-driven discussion, Arlo Gilbert, Osano’s Co-Founder and CEO, will present the company’s findings from analyzing more than 11,000 companies and uncovering the important relationship between organizations’ privacy practices are their likelihood of experiencing a data breach. The presentation will break insights down by segments, such as the type of breach and industry.

    The lines between privacy and cybersecurity risk are becoming increasingly blurred. Osano’s analysis provides an illustration of how privacy and security are converging, what key risks you should be concerned about, and steps you can take to move forward most effectively.

    Key Takeaways

    -The probability and severity of data breaches can be predicted by a
    company’s privacy practices

    -The privacy practices of breached companies differ across
    industries, breach types, and record counts

    -How the relationship between data breaches and privacy practices
    can be expected to evolve in the future

    -Specific steps you can take to improve your privacy and reduce your
    likelihood of experiencing a data breach
  • Cybersecurity Career Focus – a presentation with the ISSA Education Foundation Recorded: Aug 11 2020 58 mins
    Deidre Diamond,Nikki Hendricks, and Lorraine Frost
    "Thinking of retooling your career? Join the ISSA/ISSA Education Foundation's webinar in an

    interview of one of its recent scholarship awardee, Nikki Hendricks and technology and staffing Guru,

    Deidre Diamond, Founder and CEO of CyberSN. Find out from Nikki what the challenges are in re-

    directing your career to get to the next level. Learn from Deirdre what skills and experience employers are

    looking for to protect their customer's NPI and intellectual property. Lorraine Frost, ISSAEF's Scholarship

    Committee Chair and International Board member will discuss the Foundation's many scholarship offerings, how to

    apply for a scholarship and how you can help tomorrow's cybersecurity professionals enter the field."
  • Moving Beyond the Potentiality of Women & Diversity in Cybersecurity Recorded: Aug 6 2020 62 mins
    ISSA International - llena Armstrong
    We’ve been making some progress to move beyond the mere potentiality of women and diversity in cybersecurity. Yet, most industry experts agree that there is still a great deal of work to be done. To reach a more solid and evolved state that sees a true embrace of diversity and inclusion in the cybersecurity space and, more specifically, in organizations and on teams, we must experience sustained systemic support. Industry and executive leaders must lead the charge in undertaking practical everyday actions and implementing longer-term strategies. Indeed, as one C-level leader explains it, when choices are made to limit a labor pool — intentionally or unintentionally, a lower quality cybersecurity workforce remains which hampers an industry already challenged on still other fronts. So what are some pragmatic actions we all can take and what programs, policies or strategies can organizational leaders spearhead to ensure that they are including and gaining advantages from a diverse array of professionals with different backgrounds, experiences, skills and opinions? This presentation will share just some ideas and suggestions from a few industry pros.
  • Human Brains for Human Problems: Successfully using ML and Automation in the SOC Recorded: Aug 5 2020 61 mins
    ISSA International - Exabeam-Sam Humphries, Joshua Marpet, and Myriah Jaworski
    Insider threats from compromised credentials, leading to lateral movement across the network continues unabated. They are notoriously difficult to spot and require lengthy investigations.

    Many security operations metrics are time-driven: time-to-detect, time-to-respond, time-to-answer… Security analysts are up against the clock to review, investigate, and act. Manual processes, manual analysis, manual decision making is borne from the idea that machines cannot always be trusted to understand risk as a human would. But the data haystacks continue to grow exponentially, and the needles ever harder to find.

    Humans are struggling.

    Understanding where and how to focus your analyst’s efforts will help you better protect your organization from risk.

    Attend this session to learn about:

    -Insider threat and the risks that organizations face
    -The “new breed” of insiders and the dangers they pose
    -Best practices for developing an insider risk management program
    -Leveraging machine learning and automation in the SOC to combat
    insider threats
Developing and Connecting Cybersecurity Leaders Globally
ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: ISSA Thought Leadership Series: Is Your Organization Ready for Automation?
  • Live at: Jan 9 2019 6:00 pm
  • Presented by: ISSA International
  • From:
Your email has been sent.
or close