Hi [[ session.user.profile.firstName ]]

ISSA Thought Leadership Series - Zero Trust: The Evolution of Perimeter Security

One key aspect of digital transformation for many companies has been the evolution and rise of the remote user. Application access from any device, anywhere has become an imperative for success, but with transformation comes challenges with attack surface and network vulnerability.

Adopting a zero trust model is key to combat cybercriminals who are probing security perimeters and enterprise resources for vulnerabilities with a distinct purpose. Application access and identity is one of the key areas to begin.

Join us on ……May 15th at 1pm EST for a discussion with Akamai security professional Faraz Siddiqui as he shares steps you can take to protect your network against breaches by evolving access policies and solutions.
Recorded May 15 2019 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
ISSA International
Presentation preview: ISSA Thought Leadership Series - Zero Trust: The Evolution of Perimeter Security

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Quantitative risk with FAIR (Security and Privacy) Sep 17 2020 5:00 pm UTC 60 mins
    ISSA Privacy SIG - Donna Gallaher and Jason Cronk
    In this webinar, participants will be introduced to FAIR (Factors
    Analysis of Information Risk). FAIR is a quantitative risk analysis
    methodology originally conceived of for analyzing information security
    risk. Participants will learn the basic concepts behind FAIR and be
    introduced to distinctions relevant to doing quantitative analysis of
    privacy risk versus security risks.
  • Security Past, Present and Growing our Future (Together) Sep 10 2020 5:00 pm UTC 60 mins
    Avani Desai
    This session will discuss the evolution of a career in information security. We will highlight the future of this space and how it will develop in the next 30 years given our speaker’s experience with the first 15 years. We will discuss passwords to firewalls to hackers and steps on how women can pivot at each point in our careers.
  • Can Your Security Controls Handle the Unmanaged and IoT Device Tsunami? Aug 26 2020 5:00 pm UTC 60 mins
    ISSA International - Armis- with Curtis Simpson and Christopher Dobrec
    By 2021, up to 90% of devices in businesses will be unmanaged - unprotected and un-agentable. Businesses of every segment face this tsunami of new, connected devices. Beyond the traditional laptops and desktops we may use at work, these new smart devices run our operations, manage building automation systems, drive our manufacturing lines, or track and deliver healthcare to patients. Even during the current pandemic, companies are applying these devices in new ways. From contact tracing in hospitals, to cleaning robots in warehouses. These devices are essentially the new endpoint with operating systems, an application, and connect to enterprise networks - even the Internet. But what they are missing is security. This requires a whole new playbook to mitigate security risk and protect the business. How do your security controls stack up in this world of unmanaged devices?

    Join Armis’ CISO Curtis Simpson and VP of Product Marketing Christopher Dobrec as they discuss the reality facing businesses with the proliferation of these unmanaged and IoT devices and how to apply agentless device security controls to meet this security challenge.
  • The Osano Data Privacy and Data Breach Link Aug 19 2020 5:00 pm UTC 60 mins
    ISSA International - Osano - Arlo Gilbert
    Can data breach risk be predicted by an organization’s privacy practices? How do privacy and security risk change across different types of organizations? After conducting in-depth research, Osano has discovered that companies with poor practices are more likely to suffer a data breach, and the severity of the breach they experience is many multiples worse.

    In this data-driven discussion, Arlo Gilbert, Osano’s Co-Founder and CEO, will present the company’s findings from analyzing more than 11,000 companies and uncovering the important relationship between organizations’ privacy practices are their likelihood of experiencing a data breach. The presentation will break insights down by segments, such as the type of breach and industry.

    The lines between privacy and cybersecurity risk are becoming increasingly blurred. Osano’s analysis provides an illustration of how privacy and security are converging, what key risks you should be concerned about, and steps you can take to move forward most effectively.

    Key Takeaways

    -The probability and severity of data breaches can be predicted by a
    company’s privacy practices

    -The privacy practices of breached companies differ across
    industries, breach types, and record counts

    -How the relationship between data breaches and privacy practices
    can be expected to evolve in the future

    -Specific steps you can take to improve your privacy and reduce your
    likelihood of experiencing a data breach
  • Cybersecurity Career Focus – a presentation with the ISSA Education Foundation Recorded: Aug 11 2020 58 mins
    Deidre Diamond,Nikki Hendricks, and Lorraine Frost
    "Thinking of retooling your career? Join the ISSA/ISSA Education Foundation's webinar in an

    interview of one of its recent scholarship awardee, Nikki Hendricks and technology and staffing Guru,

    Deidre Diamond, Founder and CEO of CyberSN. Find out from Nikki what the challenges are in re-

    directing your career to get to the next level. Learn from Deirdre what skills and experience employers are

    looking for to protect their customer's NPI and intellectual property. Lorraine Frost, ISSAEF's Scholarship

    Committee Chair and International Board member will discuss the Foundation's many scholarship offerings, how to

    apply for a scholarship and how you can help tomorrow's cybersecurity professionals enter the field."
  • Moving Beyond the Potentiality of Women & Diversity in Cybersecurity Recorded: Aug 6 2020 62 mins
    ISSA International - llena Armstrong
    We’ve been making some progress to move beyond the mere potentiality of women and diversity in cybersecurity. Yet, most industry experts agree that there is still a great deal of work to be done. To reach a more solid and evolved state that sees a true embrace of diversity and inclusion in the cybersecurity space and, more specifically, in organizations and on teams, we must experience sustained systemic support. Industry and executive leaders must lead the charge in undertaking practical everyday actions and implementing longer-term strategies. Indeed, as one C-level leader explains it, when choices are made to limit a labor pool — intentionally or unintentionally, a lower quality cybersecurity workforce remains which hampers an industry already challenged on still other fronts. So what are some pragmatic actions we all can take and what programs, policies or strategies can organizational leaders spearhead to ensure that they are including and gaining advantages from a diverse array of professionals with different backgrounds, experiences, skills and opinions? This presentation will share just some ideas and suggestions from a few industry pros.
  • Human Brains for Human Problems: Successfully using ML and Automation in the SOC Recorded: Aug 5 2020 61 mins
    ISSA International - Exabeam-Sam Humphries, Joshua Marpet, and Myriah Jaworski
    Insider threats from compromised credentials, leading to lateral movement across the network continues unabated. They are notoriously difficult to spot and require lengthy investigations.

    Many security operations metrics are time-driven: time-to-detect, time-to-respond, time-to-answer… Security analysts are up against the clock to review, investigate, and act. Manual processes, manual analysis, manual decision making is borne from the idea that machines cannot always be trusted to understand risk as a human would. But the data haystacks continue to grow exponentially, and the needles ever harder to find.

    Humans are struggling.

    Understanding where and how to focus your analyst’s efforts will help you better protect your organization from risk.

    Attend this session to learn about:

    -Insider threat and the risks that organizations face
    -The “new breed” of insiders and the dangers they pose
    -Best practices for developing an insider risk management program
    -Leveraging machine learning and automation in the SOC to combat
    insider threats
  • Purple Teaming / Red Teaming and Adversary Emulation Recorded: Jul 28 2020 120 mins
    Dave Mayer Paul Williams Thomas Fischer
    Adversary Emulation is a type of ethical hacking engagement where the Red Team emulates how an adversary operates, leveraging the same tactics, techniques, and procedures (TTPs), against a target organization. The goal of these engagements is to train and improve people, process, and technology. This is in contrast to a penetration test that focuses on testing technology and preventive controls. Adversary emulations are performed using a structured approach following industry methodologies and frameworks (such as MITRE ATT&CK) and leverage Cyber Threat Intelligence to emulate a malicious actor that has the opportunity, intent, and capability to attack the target organization. Adversary Emulations may be performed in a blind manner (Red Team Engagement) or non-blind (Purple Team) with the Blue Team having full knowledge of the engagement.



    This webcast will teach you to plan and execute a high value adversary emulation in a blind red team engagement or as a purple team (in collaboration with the defenders/blue team).
  • TLS, Compliance and Zero Trust – Protecting Users from Themselves Recorded: Jul 22 2020 58 mins
    ISSA International - Babur Nawaz Khan
    Modern cyberattacks are not limited to network intrusions from outside by hackers. “Internal threat actors” can often be found at the center of a complex mix of simple social engineering attacks and sophisticated, multi-staged infections and data breaches.


    The Zero Trust model, based on the simple principle of “trust nobody”, defines rules which enhance the security of networks against modern cyberattacks, whether they are initiated from the outside or within. However, with most of the internet traffic being encrypted, it is becoming increasingly difficult to implement the Zero Trust model in an effective way.

    In this webinar, we will look at:

    *The role of “internal threat actors” and TLS encryption in modern cyberattacks

    * How the Zero Trust model defines the future of cybersecurity

    * Why effective decryption is essential for a fool proof Zero Trust strategy.
  • Ransomware: Are Your Vulnerabilities Exposing You? Recorded: Jul 22 2020 48 mins
    Troy Vennon, Director of Cybersecurity and Trustworthiness, Covail
    More mid-to-smaller companies are being targeted by cyber attackers with ransomware. According to a recent report, the average-sized company impacted has decreased from 2018 to about 650 employees in 2019. This trend will likely continue.

    Join Troy Vennon, who leads the Ohio security community of CISOs and security managers (ISAO), for a discussion about protecting your company with practical steps and tight budgets. Troy will discuss how knowing how vulnerable your company is to ransomware helps you better protect from it.
    You will learn from this discussion:
    + Top 3 steps your security team can take to protect your network on a budget
    + How to find, prioritize and close vulnerabilities that expose you to ransomware
    + What best practices other companies are deploying to defend their enterprise from attack
  • Top Reopening Considerations:Back to Business with a Privacy & Security Approach Recorded: Jul 15 2020 61 mins
    Dan Clarke, President – IntraEdge, and Janalyn Schreiber Partner – DPS Advisors- IntraEdge
    Throughout the pandemic, technology will play a critical role as businesses adapt to this "new normal." One strategy industries will rely on to provide employees and consumers with peace of mind is the use of temperature screening technology. However, users are reluctant to hand over private health data to a business or employer without reassurances as to how the data will be managed. How can we ensure the privacy of this data, and what are some guidelines you can introduce to transition back to business seamlessly? In this webinar we'll walk through key privacy considerations as you work to help your company reopen.

    In this webinar you will learn:

    Key privacy and security considerations for your users and employees’ peace of mind
    Data management strategies for the enterprise
    Industry leader best practices for reopening
  • A discussion presented by the Women in Security Special Interest Group Recorded: Jul 9 2020 59 mins
    Heather Ricciuto, BBA, PMP®
    Join this conversation with Heather Ricciuto as she shares lessons learned from her own career journey in the technology industry. Heather will provide insight on career growth strategies, such as staying relevant and building your personal brand, discuss the value of diversity in cybersecurity, and teach you how to use your passion to find your place in cybersecurity.
  • How Companies Are Using Data Analytics to Prioritize Cyber Spend Recorded: Jul 8 2020 42 mins
    Jerry Caponera, VP of Products and Cyber Risk Management, Nehemiah Security
    Choosing which cybersecurity projects to implement is more challenging than ever. Cyber risk changes daily and budgets are changing too as the COVID-19 pandemic continues to unfold. Register to see why leading companies are using a data-driven approach to make better decisions about which projects to prioritize, and learn how modeling risk helps optimize cyber spend.

    Join us to learn:
    + What’s changed in how companies look at risk remediation and ROI pre- and post-COVID
    + Why the prioritization of cyber spend is more important than ever
    + How to take a data-driven approach and what data you need to get started
    + Why modeling is important and how you can do this easily (demo)
  • ISSA Thought Leadership Series: Reflections of a New CISO: 5 Lessons Learned. Recorded: Jul 8 2020 58 mins
    ISSA International
    What's it like to be a new CISO? What challenges await you? How might you address them? Lenny Zeltser shares the lessons he learned after becoming the CISO of a fast-growing cybersecurity company. He's been discussing his journey in articles and talks, so that others can learn from his experience.
  • IT Manager's Series: Top 3 Ways to Protect from Ransomware Recorded: Jul 8 2020 46 mins
    Troy Vennon, Director, Cybersecurity & Trustworthiness at Covail
    Join us for an informative webinar on how IT managers and small security teams can prevent ransomware from infecting their company’s networks. Ransomware on the rise and no longer focused only on large enterprise (average-sized company impacted in 2019 around 650 employees). Organizations with small security teams or that leverage their IT teams to manage security need help to protect from the growing wave of cybercrime. Here’s what to expect from our webinar on ransomware:
    - How to identify where you are exposed so you can fix your vulnerabilities
    - Why and how to segment your network and identity management programs
    - What kind of a response and recovery process you need in place
  • THREAT INTEL IN THE REAL WORLD: An Expert Roundtable Recorded: Jul 1 2020 54 mins
    Chase Cunningham, Kurtis Minder, Rick Holland, Chris Camacho, Allan Liska, John Grim
    Find out what happens…when intel analysts stop being polite…and start getting real.

    Today’s typical enterprise security team subscribes to at least four, often more, intelligence feeds, which analysts must comb through to find relevant information for operationalization. As a result, most threat intel has become “yet another tool to manage.” It’s simply not practical to expect every security organization to be able to hire threat intelligence analysts to make sense out of the feeds. Vendors need to deliver “threat-analyst-in-a-box” capabilities, so intelligence can be operationalized with minimal intervention.

    In this session, a blue-chip panel of cyber threat experts will discuss the state of current threat intel offerings, and dive into the future of this space to help you understand how it will evolve to meet the needs of enterprise security teams. They will discuss how the next generation of threat intelligence will conform to the conventions of government intelligence operations, where the right information goes to the right people and systems in the right form factor.

    Attendees will learn:

    ​Why general-purpose threat intelligence won’t cut it and how it needs to be customized to each organization’s risk profile.

    What enterprises need to do to make the market mature in this evolving industry.

    ​How to take the right approach to threat intelligence and big data.
  • Privacy and Security Considerations Post Public Health Emergency Recorded: Jun 25 2020 58 mins
    Beverly R. Allen, Vice President, Deputy General Counsel, Chief Compliance and Privacy Officer, Inovalon, Inc., Bowie, MD R
    Public health emergencies and crises such as the COVID-19 pandemic present unique security and privacy concerns for companies and other organizations. In fact, the related challenges CISOs and other security and privacy professionals have been confronted with as a result of the current COVID–19 crisis continues to rise.

    For example, to facilitate a surge in “work-from-home” demand, many companies have expedited IT infrastructure expansion and cloud capability resulting in shortened security vetting and testing processes. There has also been increased stress on existing systems and, for most companies, a significant increase in cybersecurity incidents. In addition to security concerns, companies are using personal data and analytics in new, previously unforeseen ways to safeguard their workforces, customers, and business operations, which present a myriad of privacy challenges. In addition, other privacy concerns and risks arise from the collection of new data, such as temperature results and COVID-19 tests.

    This webinar will examine risk considerations post-pandemic and address such questions as:

    What privacy challenges should I be thinking about and preparing for post-pandemic?
    Are digital health surveillance techniques in the workplace privacy infringing? Are there any unintended consequences for the workforce?
    What will “business as usual” look like post COVID - 19 from a privacy perspective and how does that impact the CISO role?
    Do CISOs need to take extra precautionary measures for any health data that is generated as the result of employee testing?
  • ISSA Thought Leadership Series: BEC Attacks - Who's Impersonating Whom? Recorded: Jun 17 2020 60 mins
    Effie Tsiopras Senior Information Security Engineer; Ryan Witt Managing Director, Healthcare Industry Practice
    The 2019 HMSS Cybersecurity Survey indicated that email is the initial point of compromise for healthcare cyber-attacks, with Business Email Compromise (BEC) becoming the favored tactic by cybercriminals. Because BEC emails do not carry malicious payload and are narrowly targeted, it’s difficult for health institutions to detect these attacks. With overall losses of more than $1.7 billion in 2019, BEC attacks are quickly becoming a significant headache for healthcare CISOs. Join us for a deep dive into the dos and don’ts when it comes to BEC, and best practices to mitigate against risk of this vital attack vector.
  • ISSA Thought Leadership Series: Preventing Burnout and Dealing with Adversity Recorded: Jun 11 2020 112 mins
    ISSA International
    We hear so much about "burnout" these days. A 2019 Blind survey from tens of thousands of Tech professional indicated that 57.1% of them self-identify as "burned out." As a former serial CISO for iconic companies including Microsoft, our speaker, Karen Worstell, did the burnout saga not once, but twice, even pushing to the limits where her stress-related illness caused the loss of the use of her left arm for a year. It was in her training for the chaplaincy fellowship in Palliative Care at the VA that she fully understood the dynamics behind chronic unmanaged stress and its manifestations. in this two hour webinar, she will educate, motivate and inspire you to understand how to flameproof your career and handle adversity like a boss with actionable strategies you can use for yourself, your team, and your loved ones. You can download a completely free version of the workbook for this seminar at https://BeAnAlly.today.
  • How the Next Normal will require an Updated Cyber Strategy Recorded: Jun 10 2020 51 mins
    ISSA International
    As organizations begin to embrace some degree of change coming out of recent global events, it is hard for business and security professionals to determine what the impact to their security strategy will be. Leaders also have to evaluate which “quick-fixes” came with too much risk, and what changes to the strategy to secure internet-facing perimeter are required. In this talk, Advisory CISO at Akamai, Steve Winterfeld and Director of Technology & Security Strategy, also at Akamai, Tony Lauro will review some of the issues that need to be addressed as we establish a new baseline for both our employees and customers that will protect operations based on new business models.
Developing and Connecting Cybersecurity Leaders Globally
ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: ISSA Thought Leadership Series - Zero Trust: The Evolution of Perimeter Security
  • Live at: May 15 2019 5:00 pm
  • Presented by: ISSA International
  • From:
Your email has been sent.
or close