Hi [[ session.user.profile.firstName ]]

ISSA International Series: 2018 Year in Review and Predictions for 2019

2018 was worse than 2017 for cyber security. This year every month was filled with even more major breaches, hacks, and attacks surfacing then 2017. The nature and range of the attacks varied from email hacking to zero days, from minor incursions to (potentially) everyone’s data being stolen. 2018 will probably go down as the new worst year for Cyber Security with all the previous year’s events having been far surpassed. Even our doom and gloom or same old same old predictions of last year have been blown away. The question now, will 2019 bear the full weight and impact of the events of 2019, or will it have its own harrowing events. Will the growing impact and occurrences spotlight security and translate in terms of media and regulatory attention? What kinds of threats will dominate the 2019 landscape?

Join us, make notes, and then check back in a year to see how our panel of experts did in providing insight and making predictions for the 2019 challenges to InfoSec.

James McQuiggan, Product & Solutions Security Officer, Service Americas Division, Siemens Gamesa Renewable Energy

Ricky Allen, CISO, Critical Start
Ira Winkler, President, Secure Mentem
Patrick Miller, Managing Partner, Archer International
Recorded Feb 22 2019 120 mins
Your place is confirmed,
we'll send you email reminders
Presented by
ISSA International
Presentation preview: ISSA International Series: 2018 Year in Review and Predictions for 2019

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • ISSA Thought Leadership Series: BEC Attacks – Who’s Impersonating Who? Jun 17 2020 5:00 pm UTC 60 mins
    ISSA International
    The 2019 HMSS Cybersecurity Survey indicated that email is the initial point of compromise for healthcare cyber-attacks, with Business Email Compromise (BEC) becoming the favored tactic by cybercriminals. Because BEC emails do not carry malicious payload and are narrowly targeted, it’s difficult for health institutions to detect these attacks. With overall losses of more than $1.7 billion in 2019, BEC attacks are quickly becoming a significant headache for healthcare CISOs. Join us for a deep dive into the dos and don’ts when it comes to BEC, and best practices to mitigate against risk of this vital attack vector.
  • ISSA Thought Leadership Series: Preventing Burnout and Dealing with Adversity Jun 11 2020 4:00 pm UTC 120 mins
    ISSA International
    We hear so much about "burnout" these days. A 2019 Blind survey from tens of thousands of Tech professional indicated that 57.1% of them self-identify as "burned out." As a former serial CISO for iconic companies including Microsoft, our speaker, Karen Worstell, did the burnout saga not once, but twice, even pushing to the limits where her stress-related illness caused the loss of the use of her left arm for a year. It was in her training for the chaplaincy fellowship in Palliative Care at the VA that she fully understood the dynamics behind chronic unmanaged stress and its manifestations. in this two hour webinar, she will educate, motivate and inspire you to understand how to flameproof your career and handle adversity like a boss with actionable strategies you can use for yourself, your team, and your loved ones. You can download a completely free version of the workbook for this seminar at https://BeAnAlly.today.
  • How the Next Normal will require a updated Cyber Strategy Jun 10 2020 5:00 pm UTC 60 mins
    ISSA International
    As organizations begin to embrace some degree of change coming out of recent global events, it is hard for business and security professionals to determine what the impact to their security strategy will be. Leaders also have to evaluate which “quick-fixes” came with too much risk, and what changes to the strategy to secure internet-facing perimeter are required. In this talk, Advisory CISO at Akamai, Steve Winterfeld and Director of Technology & Security Strategy, also at Akamai, Tony Lauro will review some of the issues that need to be addressed as we establish a new baseline for both our employees and customers that will protect operations based on new business models.
  • Executive Speaker Series for ISSA: Women in Security Special Interest Group Jun 4 2020 5:00 pm UTC 60 mins
    ISSA International
    Jari will share her professional and personal experience to help you at any stage of your career in cyber security. She will share her own standouts, how those apply to her hiring and to her own career success—and yours.

    •You will gain insights and best practice in this series on how you can build new skills, while staying engaged for the long haul in our current global turmoil. We’ll bring to the table with our Guest Expert Speakers, successful strategies and approaches to security today and going forward, for women—and anyone—globally

    •You will be able to apply these to your current and future career in our field, to sustain or grow, at entry, mid-career, senior and executive level, or in transition, whether you hold a senior role, or aspire to something different than where you are today.

    •Think Big! And yet, at the smallest detail, what can you do to improve your opportunities at any stage? Our executive women will help you become more conscious of where opportunities best exist today for any of us, as an employee, executive, consultant, business owner, entrepreneur, or hiring manager. We will help you sustain for today, and build for your future.
  • ISSA Thought Leadership Series: CCPA Enforcement: What to Expect after July 1st Jun 3 2020 5:00 pm UTC 60 mins
    ISSA International
    Signed into law on June 28, 2018, the California Consumer Privacy Act (CCPA) became effective on January 1, 2020. The next milestone will be on July 1, 2020, when the California Attorney General will begin enforcement for the CCPA. Non-compliance can result in the maximum fine of $7,500 per violation. When you consider how many consumer records you hold, the potential fines could stack up quickly if you don't take CCPA seriously. Since July 1st has yet to come, we still don’t know how enforcement will play out for companies, but the Attorney General has established a firm stance on compliance, and there are several indicators of his intent to firmly enforce. In this webinar we’ll cover the key indicators of enforcement and what you can do to prepare. We’ll also review the final version of the modified CCPA regulations.

    Speaker: Dan Clarke, President – IntraEdge

    Speaker: Dominique Shelton Leipzig, Partner Privacy & Security- Perkins Coie LLP
  • ISSA Thought Leadership Series: Threat Reports Undone Recorded: May 26 2020 116 mins
    ISSA International
    It's everyone's favorite time of year. What will we learn from this year's breach reports? Join us as we review the latest data, look for lessons and trends, and help you understand what it all means. Our panel of experts will focus on how security professionals can learn from the data, and hopefully avoid becoming a statistic for next year's report.
  • Current Landscape of Mid-Market Threat Intelligence Recorded: May 20 2020 60 mins
    ISSA International
    The global threat landscape is changing. Mid-market enterprises are facing the same threats as larger ones. Attackers are no longer exclusively focused on high-value intellectual property of the assets of billion-dollar corporations; any organization handling sensitive information has become an inviting target for hackers to exploit.

    This interactive web conference will cover:

    •Do You Know the Risks?

    •Advanced Attacks Being Leveraged on Mid-Market Companies.

    •Why are Mid-Market Companies a Target?

    •How to Take Advantage of Threat Intelligence.
  • Trends and Statistics for Mobile Phishing in the Enterprise Recorded: May 13 2020 55 mins
    ISSA International
    Your employees work differently now; often using their own devices to access enterprise data from home, airports, shopping malls, and the local coffee shop. Employees working outside of their corporate perimeters, coupled with the shift to cloud-based services, opens a whole new door of vulnerabilities that organizations need to consider. Namely, phishing threats.

    Learn how evolving phishing threats can leave your corporate data unprotected, and how to address this common yet largely undetected issue.

    Attendees will learn:
    •Why is phishing a bigger problem on mobile
    •How big a concern mobile phishing is to your organization
    •Examples of phishing attacks targeting mobile users
    •How can you stop mobile phishing attacks in your organization
  • ISSA Thought Leadership Series: Empowering the Modern SOC Recorded: May 6 2020 58 mins
    ISSA International
    It's harder than ever before for analysts to keep up. The nature of today's operating environment has resulted in an ever-increasing volume of alerts paired with a growing complexity and scale of subsequent investigations. In this talk we will be discussing in depth what this means in the daily life of analysts, and how imperative it is to force multiply them to enable quicker and more effective response. We will explore the key role of operationalized threat intelligence, and why (and how) orchestrating it alongside SOC processes and technology can enable organizations to be more effective when detecting and responding to threats.


    Alex Grohmann, Founder, Sicher Consulting


    Sean Ennis, Product Manager, RSA
    Iain Davison, Security Architect & Technical Director of Strategic Alliances & OEM, ThreatConnect
  • ISSA International Series: Breaking Down Zero Trust: What does it actually mean? Recorded: Apr 28 2020 117 mins
    ISSA International
    Over the past six months we have heard the buzz phrase Zero Trust. Like most new concepts, it means different things to different people. While it sounds like a line from a SciFi series, ‘Trust no-one’, does it really mean you should not trust anything in an infrastructure, or does it mean that we should trust but verify? Join us as the presenters provide their take on Zero Trust and far or how little we should really trust things.


    Thomas Fischer, Security Advocate and Threat Researcher


    Vladimir Klasnja, Director, Cloud Architecture, Netskope
    Ross Asquith, Product Marketing Manager, Netskope
    James McQuiggan, Security Awareness Advocate, KnowBe4
  • ISSA Thought Leadership Series: Proofpoint State of the Phish 2020 Recorded: Apr 8 2020 62 mins
    ISSA International
    Cyber criminals are taking a people-centric approach to phishing attacks. Is your organization taking a people-centric approach to phishing prevention? The sixth annual State of the Phish again delivers critical, actionable insights into the current state of the phishing threat, including:

    The end-user awareness and knowledge gaps that could be negatively impacting your cybersecurity defenses.
    The impacts infosec professionals are experiencing as a result of phishing attacks and the ways they’re attempting to combat these threats
    How organizations are delivering phishing awareness training, and the ways they measure program success

    3,500+ technology user insights: Results of a third-party survey of more than 3,500 working adults across seven countries—the United States, Australia, France, Germany, Japan, Spain and the United Kingdom—provide a global perspective on the cybersecurity awareness levels of the average end-user.

    A survey of more than 600 IT security professionals: Proofpoint surveyed IT security professionals from the same seven countries. They shared insights about what they’re experiencing within their organizations, how they are responding to attacks and the steps they’re taking to improve security postures.

    Nearly 50 million simulated phishing emails: Proofpoint compiled and analyzed data from nearly 50 million simulated phishing emails sent to end-users over a one-year period via its cloud-based Security Education Platform.

    More than 9 million reported emails: Proofpoint logged more than 9 million emails reported by their customers’ end users over a 12-month span.

    Robert Martin, Sr. Security Engineer, Cisco Systems, Inc.

    Gretel Egan, Security Awareness Training Strategist, Proofpoint
    Paige Yeater, Director of Information Security Program Management, Mainstay Technologies
    Steve Sanders, Vice President, Internal Audit, CSI
  • ISSA Thought Leadership Series: Dissecting Ransomware to Defeat Threat Actors Recorded: Mar 11 2020 61 mins
    ISSA International
    In 2019, ransomware has caused significant disruption for hospitals, transportation, government agencies, and more. This flavor of malware is particularly vicious and shows no signs of slowing. The positive side, however, is that there is much to be learned from these attacks and ransomware actor profiling can help inform cyber security strategy.

    In this webinar, join subject matter experts as they conduct data driven analysis highlighting the evolution of ransomware from a technical perspective. They will examine high impact samples like REvil, TeslaCrypt, Locky, SimpleLocker, and provide practical advice to defenders.

    This webinar will cover:

    •A deep dive into the evolution of malware
    •Analysis of high impact malware samples
    •Practical takeaways for defenders

    Tim Mackey, Principal Security Strategist, Synopsys CyRC

    Tony Buenger, Cybersecurity Manager & Deputy CISO, Auburn University
    Tarik Saleh, Senior Security Engineer & Malware Researcher, DomainTools
  • ISSA International Series: Supply Chain Security - Shifting Left Recorded: Mar 3 2020 116 mins
    ISSA International
    As Systems continue to be assaulted by hackers, we often wonder why and how they succeed. You have heard it said that they succeed because we have flaws in our cyber supply chain, but what is the cyber supply chain? We know it includes the software and (with recent news ) the hardware. But the chain can even include the environment (power grid, facilities, etc) and ultimately the people.

    Michael Angelo, Chief Security Architect, Micro Focus | NetIQ


    Thomas Fischer, Security Advocate and Threat Researcher
    James McQuiggan, Security Awareness Advocate, KnowBe4
  • Combating Business Email Compromise (BEC) & Email Account Compromise (EAC) Recorded: Feb 19 2020 59 mins
    ISSA International
    Since 2016, Business Email Compromise (BEC) and Email Account Compromise (EAC) have become an exponentially increasing problem, costing organizations over $26 Billion in losses according to the FBI. These very targeted attacks utilize public research and social engineering to target an organization’s people and fraudulently obtain funds and valuable information. So how can you better protect your end users in 2020?

    Join us for our webinar to learn more about these BEC and EAC attacks and how you can effectively protect your organization's most valuable assets: your people and your data. In this session we'll share:
    •Techniques for preventing these cyber threats
    •A framework for understanding where potential gaps exist
    •What a people-centric approach looks like to better protect your company

    Lee Neely, Senior IT and Cybersecurity Professional, LLNL

    Tanner Luxner, Product Marketing Manager, Proofpoint
    Sue Bergamo, CIO & CISO, Episerver
  • ISSA International Series: 2019 - A Year in Review Recorded: Jan 28 2020 55 mins
    ISSA International
    As we head into a new year, we continue to anticipate new and complicated challenges around Cyber Security. This past year we continued to see major breaches, hacks, and attacks surfacing and that does not look to be slowing down. The nature and range of the attacks varied from email hacking to zero days, from minor incursions to (potentially) everyone’s data being stolen. 2019 will probably go down as the new worst year for Cyber Security with all the previous year’s events having been far surpassed. Even our doom and gloom or same old same old predictions of last year have been blown away. The question now, will 2020 bear the full weight and impact of the events of 2019, or will it have its own harrowing events. Will the growing impact and occurrences spotlight security and translate in terms of media and regulatory attention? What kinds of threats will dominate the 2020 landscape?

    Join us, make notes, and then check back in a year to see how our panel of experts did in providing insight and making predictions for the 2020 challenges to InfoSec.

    James McQuiggan, Security Awareness Advocate, KnowBe4

    Ira Winkler, Lead Security Principal, Trustwave
    Jim Reavis, CEO, Cloud Security Alliance
  • ISSA Thought Leadership Series: The Asset Management Resurgence Recorded: Jan 22 2020 59 mins
    ISSA International
    In the world of cybersecurity, asset management has been the boring sibling of more exciting things like threat hunting, deception, and automation. But the foundational challenges of understanding what devices, users, and cloud instances are in our environments have jumped to the top of CISOs priority lists. Despite the amazing tools we have in cybersecurity, teams still struggle to answer basic questions like: how many devices and cloud instances do I have, and are they secure?

    In this webinar, we’ll examine:
    •Why asset management has a bad reputation
    •What’s changed that has made security teams prioritize asset management for cybersecurity
    •The challenges around making sure all assets comply with security policies
    •Six essential questions you should know about every asset

    David Vaughn, Director, ISSA International Board of Directors


    Nathan Burke, Chief Marketing Officer, Axonius
    Brian Bethelmy, CISO, Mancon
  • Software-Defined Segmentation -Challenges of Accelerated Enterprise Recorded: Dec 11 2019 60 mins
    ISSA International
    Businesses have turned to IT for competitive differentiation. They demanded IT bring accelerated delivery, resource conservation and cost savings. IT has responded with DevOps/cloud-based models and practices that utilize automation, autoscaling and playbooks. With this speed comes increased risk, compliance concerns and has left IT staff wondering how they can gain visibility and segmentation across their entire heterogeneous environments easily, effectively and at this new speed of innovation. With the realization that traditional methods of segmentation like VLANs, cloud security groups and firewalls are not suitable for today’s rapidly changing enterprise environments enterprises have turned to software-defined segmentation.

    In this webinar come learn about how modern software-defined segmentation solutions:

    Start with visibility.
    Provide enterprises with easy ways to identify and label workloads.
    Provide easy to implement, granular enforcement that goes way beyond IP address and port but is able to lock down by process, user and domain.
    Enables DevOp automation, provisioning and management.
    Is decoupled from and works in an agnostic fashion across every enterprise platform.
    Provides unparalleled security while enabling compliance and ongoing compliance validation.


    Robert Martin, Sr. Security Engineer, Cisco Systems, Inc.


    Dave Klein, Senior Director, Engineering & Architecture, Guardicore
    Jonathan Fowler, CISO, Consilio
  • Building a People-Centric Cybersecurity Strategy for Healthcare Recorded: Dec 4 2019 56 mins
    ISSA International
    More than 99% of all targeted cyber-attacks rely on users to activate them. Nowadays, threat actors are not going after an organization's technology and infrastructure. They are going after your most valuable assets - your people and your data. So, do you know when or how your people are being targeted? Do you know who the most cyber-attacked people are in your organization? Are your Very Attacked People (VAPs) the same as your Very Important People (VIPs)?

    Join our cybersecurity experts for a deep dive into what the current healthcare threat landscape looks like, how a people-centric approach can help institutions identify and protect your end users, and the latest findings in healthcare threat research.

    In this session, we’ll share:
    •Why cybersecurity transformation is critical right now
    •What a people-centric approach means to today's healthcare threat landscape
    •How hospitals are leveraging a people-centric strategy to improve their security posture
    •How to better protect your patients' data and improve your end-users' safety

    Lee Neely, Senior IT & Security Professional, LLNL


    Ryan Witt, Managing Director, Healthcare Industry Practice, Proofpoint
    Barbara Guerin, CISO, Renown Health
    Andrew Seward, CISO, Solution Health System
  • “Cloud Data Security: Own Your Data Encryption Keys” Recorded: Nov 13 2019 61 mins
    ISSA International
    Numerous cloud trends, including storing sensitive data in cloud and the recognition that data security mandates also apply there, drive both cloud consumers and providers to endeavor to share the challenge of keeping data secure in the cloud. This webinar will explore trends and challenges in multicloud computing, introduce a cloud data security toolkit, including requirements to control cloud data encryption keys. From there we will explore a cloud provider case study: Salesforce Shield Platform Encryption and its newest and most secure key management feature: “Cached Keys”. The webinar will close with potential solutions to multicloud data encryption key management including Salesforce Cached Keys.

    Tylen Cohen Wood, Private Consultant

    Eric Wolff, Senior Product Marketing Manager, Thales
    Tuhin Kumar, Product Manager–Security, Salesforce
  • The Persistent Pernicious Myths and Hidden Truths of Cybersecurity Recorded: Nov 6 2019 62 mins
    ISSA International
    IT implementors are made less successful due to ‘Technical Debt’. Cybersecurity suffers from ‘Myth Debt’, where the same untrue tropes are repeated and hold us back. It takes experience to recognize these myths, but worse still is they can mask the valuable truths that lie within the myth. These never-dying misunderstanding spread outside cybersecurity and falsely inform the IT and business leaders, making it harder still to stop bad things from happening.

    So let’s poke some holes in some myths, pick some or all:
    •Insider threat is the biggest worry
    •Great Pen Tests mean excellent security
    •Any attacker motivated enough can hack you easily
    •Security training and education of devs will get us secure code and apps
    •The cloud is secure. The cloud is insecure
    •Encrypting everything makes for strong security
    •Spending more on security makes security better
    •Excellent endpoint security means we no longer have to worry about network or other security
    •You can’t defend yourself against ransomware

    Jorge Orchilles, SANS Certified Instructor

    Greg Young, VP, Cybersecurity, Trend Micro
    Zane Lackey, Co-Founder, Chief Security Officer, Signal Sciences
    Dr. Cragin Shelton, DSc, CISSP
Developing and Connecting Cybersecurity Leaders Globally
ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: ISSA International Series: 2018 Year in Review and Predictions for 2019
  • Live at: Feb 22 2019 5:00 pm
  • Presented by: ISSA International
  • From:
Your email has been sent.
or close