Hi [[ session.user.profile.firstName ]]

ISSA Thought Leadership Series: Empowering the Modern SOC

It's harder than ever before for analysts to keep up. The nature of today's operating environment has resulted in an ever-increasing volume of alerts paired with a growing complexity and scale of subsequent investigations. In this talk we will be discussing in depth what this means in the daily life of analysts, and how imperative it is to force multiply them to enable quicker and more effective response. We will explore the key role of operationalized threat intelligence, and why (and how) orchestrating it alongside SOC processes and technology can enable organizations to be more effective when detecting and responding to threats.


Alex Grohmann, Founder, Sicher Consulting


Sean Ennis, Product Manager, RSA
Iain Davison, Security Architect & Technical Director of Strategic Alliances & OEM, ThreatConnect
Recorded May 6 2020 58 mins
Your place is confirmed,
we'll send you email reminders
Presented by
ISSA International
Presentation preview: ISSA Thought Leadership Series: Empowering the Modern SOC

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • User-Centric Privacy: Designing Effective Protections that Meet Users' Needs Dec 17 2020 6:00 pm UTC 60 mins
    Florian Schaub, CIPP/US, CIPT Assistant Professor, University of Michigan School of Information.
    Privacy engineering aims to respect and protect user privacy. User studies provide insights on users' privacy needs, concerns and expectations, and are essential to understanding a system's actual privacy issues from a user perspective. This session will draw on the speaker's research regarding privacy notices and controls online, on smartphones and with smart speakers to discuss how and why privacy controls are often misaligned with user needs. It will also examine how user studies can inform the design of user-centric privacy protections to more effectively meet user needs, as well as benefit companies.
  • Using Jupyter Notebooks for Repeatable Investigation Automation Nov 4 2020 6:00 pm UTC 60 mins
    Chad Anderson, Senior Security Researcher, DomainTools
    Given the current economic climate and scrutinized security budgets as a result of COVID-19, security teams are finding it more difficult to fill gaps in their threat intelligence collection requirements, therefore limiting their potential effectiveness and efficiency.

    This leaves analysts asking themselves questions like: if I’m starting an investigation from a single or list of indicators, how can I move faster and act as a force multiplier on my team? The resounding answer from seasoned security professionals is automation. In this webinar, join subject matter experts to learn how to harness the power of automation, use open source tools and data sources to build Jupyter Notebook playbooks, and effectively collaborate with team members.

    In this webinar you will learn:
    •The value of using automation in your investigations
    •Practical strategies for collecting information on indicators
    •How to take advantage of pre-existing Jupyter Notebooks playbooks
  • Understanding, assessing, and mitigating insider threats Oct 27 2020 5:00 pm UTC 60 mins
    ISSA International
    Insider Threats are one of the top risks on many organizations list of top threats. They can be divided in three categories which require different view points for mitigating: malicious insiders, negligent insiders, and infiltrators. In this webinar, we look at all three and how organizations can assess and mitigate the risks of insider threats.
  • Address the Hidden Risk in Cloud Infrastructure Oct 14 2020 5:00 pm UTC 60 mins
    Arick Goomanovsky
    Address the Hidden Risk in Cloud Infrastructure: Misconfigured Identities, Access & Privileges

    In the public cloud, thousands of human and machine identities, roles, policies, entitlements and configurations determine what hackers can do if they gain a foothold in your environment. One excess permission or open port can make the difference between a failed breach attempt and devastating data loss. By 2023, Gartner predicts that 75% of cloud security failures will result from inadequate management of identities, access and privileges. First-generation cloud security solutions do not give you visibility into access entitlements and risks. And the complexity of cloud infrastructure and development velocity make it virtually impossible to analyze and remediate at scale.

    In this session we’ll discuss:
    •The hidden threats to AWS, Azure and Google Cloud Platform
    •The difference between managing human and machine identities
    •How identity and network configuration affect data security
    •Automating public cloud security throughout the software lifecycle
  • Modernizing access for a new workforce Oct 7 2020 5:00 pm UTC 60 mins
    Chinedu Egonu
    Remote work has become mainstream in a very short amount of time. Companies across multiple industries had to adjust very quickly with varying amounts of difficulty to this new normal where most of the employees are working remotely. This new normal also exacerbates existing administrative issues and presents new ones.

    Join us in this webinar as we discuss;
    •Steps companies took to achieve business continuity in a short time
    •Challenges faced by technologies chosen to facilitate remote work
    •Long term approaches available to better secure your remote workforce
  • Turning the table on cybercrime Oct 1 2020 5:00 pm UTC 60 mins
    Zeina Zakhour
    Turning the table on cybercrime : The journey to Adaptive Security Strategy and impact on your cybersecurity Career

    The fast-paced technological innovations are changing how end users consumer services and how organizations do business. However those innovations are also expending the attack surface with a hyperconnected world introducing new opportunities & means for cybercriminals to reach the sensitive data of organizations.
    How can we turn the table on cybercriminals when they are well organized, developing cyberattacks that are stealth by design and even leveraging their own innovation techniques in order to compromise organizations.

    Join us to hear about the latest threat vectors , how COVID pandemic is being leveraged by cybercriminals, how organizations can thwart those threats with an AI-powered Adaptive Cybersecurity Framework and how to future-proof your cybersecurity career in those ever-changing technological and threat landscapes
  • Enhancing your Security Program for the Cloud Sep 30 2020 5:00 pm UTC 60 mins
    Michael Coates, Flee Lee and Ben Hagen
    Business adoption of cloud technologies, such as SaaS and IaaS, provides huge productivity wins but also brings major impact to security programs. Learn from leading Silicon Valley CISOs on how their companies are rethinking their approaches and building security strategies to protect their most important assets, data, in cloud applications and systems.

    What we’ll cover:
    - How cloud architectures impact threat models
    - Why traditional controls are irrelevant and must be enhanced/replaced
    - Autonomous & scalable security at the speed of business
    - Tips you can use today
  • Leveraging an identity-centric Zero Trust model to plan your IAM strategy Sep 28 2020 5:00 pm UTC 60 mins
    ISSA International
    The need to enable mass work from home has left many organizations looking for new approaches to IAM. Now is the time to assess how identity-centric Zero Trust models offer an effective strategic framework for transforming security schemes, and facilitating our users’ need for anywhere, anytime access to cloud applications and services.
    During this session we’ll discuss:

    • Limitations of existing perimeter security models
    • The Zero Trust alternative:
    • Benefits of Zero Trust
    • How zero trust concepts can address the fast moving needs related to COVID, and the new ‘work from home’ normal
    • The advantages of identity-centric zero trust for modernizing IAM schemes
  • How to Discover & Mitigate APTs in Enterprise Networks Sep 24 2020 5:00 pm UTC 60 mins
    ISSA International
    This session is a high-level overview of the tools, tactics, thinking and analytical skills that are needed to discover, isolate and eliminate Advanced Persistent Threats (APT) in enterprise network environments. A focus of this session will be how to discover brand new APT malware when the existence of such malware is not known or suspected and when the malware is not detected by anti-virus software, Intrusion Detection Systems (IDS) and other traditional defenses.
  • Security Past, Present and Growing our Future (Together) Sep 21 2020 5:00 pm UTC 60 mins
    Avani Desai
    This session will discuss the evolution of a career in information security. We will highlight the future of this space and how it will develop in the next 30 years given our speaker’s experience with the first 15 years. We will discuss passwords to firewalls to hackers and steps on how women can pivot at each point in our careers.
  • Quantitative risk with FAIR (Security and Privacy) Recorded: Sep 17 2020 60 mins
    ISSA Privacy SIG - Donna Gallaher and Jason Cronk
    In this webinar, participants will be introduced to FAIR (Factors
    Analysis of Information Risk). FAIR is a quantitative risk analysis
    methodology originally conceived of for analyzing information security
    risk. Participants will learn the basic concepts behind FAIR and be
    introduced to distinctions relevant to doing quantitative analysis of
    privacy risk versus security risks.
  • Driving Real Behavior Change with Security Awareness Training Recorded: Sep 16 2020 60 mins
    Michael Bailey
    With October's Cybersecurity Awareness Month approaching fast, it’s important to get security awareness and training top-of-mind with your users. Given that 80% of organizations only allocate two hours or less per year for security awareness, how can you maximize your time with users to ensure behavior change?

    In this webinar, we’ll go over proven ways to plan and execute a successful program such as:

    · Focusing your program on the riskiest users
    · Keeping users engaged and on-your-side
    · Benchmarking against top-performing organizations
    · Reporting up to key stakeholders

    As a part of your attendance, we’ll give you our free eBook, Driving Real Behavior Change: The Complete Guide to Building a Security Awareness Program that Works in addition to other free security awareness materials you can utilize in your program.
  • Can Your Security Controls Handle the Unmanaged and IoT Device Tsunami? Recorded: Aug 26 2020 60 mins
    ISSA International - Armis- with Curtis Simpson and Christopher Dobrec
    By 2021, up to 90% of devices in businesses will be unmanaged - unprotected and un-agentable. Businesses of every segment face this tsunami of new, connected devices. Beyond the traditional laptops and desktops we may use at work, these new smart devices run our operations, manage building automation systems, drive our manufacturing lines, or track and deliver healthcare to patients. Even during the current pandemic, companies are applying these devices in new ways. From contact tracing in hospitals, to cleaning robots in warehouses. These devices are essentially the new endpoint with operating systems, an application, and connect to enterprise networks - even the Internet. But what they are missing is security. This requires a whole new playbook to mitigate security risk and protect the business. How do your security controls stack up in this world of unmanaged devices?

    Join Armis’ CISO Curtis Simpson and VP of Product Marketing Christopher Dobrec as they discuss the reality facing businesses with the proliferation of these unmanaged and IoT devices and how to apply agentless device security controls to meet this security challenge.
  • The Osano Data Privacy and Data Breach Link Recorded: Aug 19 2020 60 mins
    ISSA International - Osano - Arlo Gilbert
    Can data breach risk be predicted by an organization’s privacy practices? How do privacy and security risk change across different types of organizations? After conducting in-depth research, Osano has discovered that companies with poor practices are more likely to suffer a data breach, and the severity of the breach they experience is many multiples worse.

    In this data-driven discussion, Arlo Gilbert, Osano’s Co-Founder and CEO, will present the company’s findings from analyzing more than 11,000 companies and uncovering the important relationship between organizations’ privacy practices are their likelihood of experiencing a data breach. The presentation will break insights down by segments, such as the type of breach and industry.

    The lines between privacy and cybersecurity risk are becoming increasingly blurred. Osano’s analysis provides an illustration of how privacy and security are converging, what key risks you should be concerned about, and steps you can take to move forward most effectively.

    Key Takeaways

    -The probability and severity of data breaches can be predicted by a
    company’s privacy practices

    -The privacy practices of breached companies differ across
    industries, breach types, and record counts

    -How the relationship between data breaches and privacy practices
    can be expected to evolve in the future

    -Specific steps you can take to improve your privacy and reduce your
    likelihood of experiencing a data breach
  • Cybersecurity Career Focus – a presentation with the ISSA Education Foundation Recorded: Aug 11 2020 58 mins
    Deidre Diamond,Nikki Hendricks, and Lorraine Frost
    "Thinking of retooling your career? Join the ISSA/ISSA Education Foundation's webinar in an

    interview of one of its recent scholarship awardee, Nikki Hendricks and technology and staffing Guru,

    Deidre Diamond, Founder and CEO of CyberSN. Find out from Nikki what the challenges are in re-

    directing your career to get to the next level. Learn from Deirdre what skills and experience employers are

    looking for to protect their customer's NPI and intellectual property. Lorraine Frost, ISSAEF's Scholarship

    Committee Chair and International Board member will discuss the Foundation's many scholarship offerings, how to

    apply for a scholarship and how you can help tomorrow's cybersecurity professionals enter the field."
  • Moving Beyond the Potentiality of Women & Diversity in Cybersecurity Recorded: Aug 6 2020 62 mins
    ISSA International - llena Armstrong
    We’ve been making some progress to move beyond the mere potentiality of women and diversity in cybersecurity. Yet, most industry experts agree that there is still a great deal of work to be done. To reach a more solid and evolved state that sees a true embrace of diversity and inclusion in the cybersecurity space and, more specifically, in organizations and on teams, we must experience sustained systemic support. Industry and executive leaders must lead the charge in undertaking practical everyday actions and implementing longer-term strategies. Indeed, as one C-level leader explains it, when choices are made to limit a labor pool — intentionally or unintentionally, a lower quality cybersecurity workforce remains which hampers an industry already challenged on still other fronts. So what are some pragmatic actions we all can take and what programs, policies or strategies can organizational leaders spearhead to ensure that they are including and gaining advantages from a diverse array of professionals with different backgrounds, experiences, skills and opinions? This presentation will share just some ideas and suggestions from a few industry pros.
  • Human Brains for Human Problems: Successfully using ML and Automation in the SOC Recorded: Aug 5 2020 61 mins
    ISSA International - Exabeam-Sam Humphries, Joshua Marpet, and Myriah Jaworski
    Insider threats from compromised credentials, leading to lateral movement across the network continues unabated. They are notoriously difficult to spot and require lengthy investigations.

    Many security operations metrics are time-driven: time-to-detect, time-to-respond, time-to-answer… Security analysts are up against the clock to review, investigate, and act. Manual processes, manual analysis, manual decision making is borne from the idea that machines cannot always be trusted to understand risk as a human would. But the data haystacks continue to grow exponentially, and the needles ever harder to find.

    Humans are struggling.

    Understanding where and how to focus your analyst’s efforts will help you better protect your organization from risk.

    Attend this session to learn about:

    -Insider threat and the risks that organizations face
    -The “new breed” of insiders and the dangers they pose
    -Best practices for developing an insider risk management program
    -Leveraging machine learning and automation in the SOC to combat
    insider threats
  • Purple Teaming / Red Teaming and Adversary Emulation Recorded: Jul 28 2020 120 mins
    Dave Mayer Paul Williams Thomas Fischer
    Adversary Emulation is a type of ethical hacking engagement where the Red Team emulates how an adversary operates, leveraging the same tactics, techniques, and procedures (TTPs), against a target organization. The goal of these engagements is to train and improve people, process, and technology. This is in contrast to a penetration test that focuses on testing technology and preventive controls. Adversary emulations are performed using a structured approach following industry methodologies and frameworks (such as MITRE ATT&CK) and leverage Cyber Threat Intelligence to emulate a malicious actor that has the opportunity, intent, and capability to attack the target organization. Adversary Emulations may be performed in a blind manner (Red Team Engagement) or non-blind (Purple Team) with the Blue Team having full knowledge of the engagement.

    This webcast will teach you to plan and execute a high value adversary emulation in a blind red team engagement or as a purple team (in collaboration with the defenders/blue team).
  • TLS, Compliance and Zero Trust – Protecting Users from Themselves Recorded: Jul 22 2020 58 mins
    ISSA International - Babur Nawaz Khan
    Modern cyberattacks are not limited to network intrusions from outside by hackers. “Internal threat actors” can often be found at the center of a complex mix of simple social engineering attacks and sophisticated, multi-staged infections and data breaches.

    The Zero Trust model, based on the simple principle of “trust nobody”, defines rules which enhance the security of networks against modern cyberattacks, whether they are initiated from the outside or within. However, with most of the internet traffic being encrypted, it is becoming increasingly difficult to implement the Zero Trust model in an effective way.

    In this webinar, we will look at:

    *The role of “internal threat actors” and TLS encryption in modern cyberattacks

    * How the Zero Trust model defines the future of cybersecurity

    * Why effective decryption is essential for a fool proof Zero Trust strategy.
  • Ransomware: Are Your Vulnerabilities Exposing You? Recorded: Jul 22 2020 48 mins
    Troy Vennon, Director of Cybersecurity and Trustworthiness, Covail
    More mid-to-smaller companies are being targeted by cyber attackers with ransomware. According to a recent report, the average-sized company impacted has decreased from 2018 to about 650 employees in 2019. This trend will likely continue.

    Join Troy Vennon, who leads the Ohio security community of CISOs and security managers (ISAO), for a discussion about protecting your company with practical steps and tight budgets. Troy will discuss how knowing how vulnerable your company is to ransomware helps you better protect from it.
    You will learn from this discussion:
    + Top 3 steps your security team can take to protect your network on a budget
    + How to find, prioritize and close vulnerabilities that expose you to ransomware
    + What best practices other companies are deploying to defend their enterprise from attack
Developing and Connecting Cybersecurity Leaders Globally
ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: ISSA Thought Leadership Series: Empowering the Modern SOC
  • Live at: May 6 2020 5:00 pm
  • Presented by: ISSA International
  • From:
Your email has been sent.
or close