Hi [[ session.user.profile.firstName ]]

How the Next Normal will require an Updated Cyber Strategy

As organizations begin to embrace some degree of change coming out of recent global events, it is hard for business and security professionals to determine what the impact to their security strategy will be. Leaders also have to evaluate which “quick-fixes” came with too much risk, and what changes to the strategy to secure internet-facing perimeter are required. In this talk, Advisory CISO at Akamai, Steve Winterfeld and Director of Technology & Security Strategy, also at Akamai, Tony Lauro will review some of the issues that need to be addressed as we establish a new baseline for both our employees and customers that will protect operations based on new business models.
Recorded Jun 10 2020 51 mins
Your place is confirmed,
we'll send you email reminders
Presented by
ISSA International
Presentation preview: How the Next Normal will require an Updated Cyber Strategy

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Creating a Successful Security Awareness Training Program Sep 22 2021 5:00 pm UTC 60 mins
    Larry Cates and Suzanne Gorman
    Organizations historically have relied on their Cybersecurity, IT and their Networking teams to purchase
    technologies to provide defense-in-depth protection for their organizations. While this is necessary, most
    organizations never think that their biggest risk is actually their untrained employees.
    With the onslaught of phishing, malware, ransomware attacks and Business Email Compromise or CEO
    Fraud, we are at a critical point that each and every organization needs to have a successful training
    program in place to properly educate their employees on how to identify social engineering attempts, or
    they are almost guaranteed to fall short of its security objectives and they will become a victim of
    cybercrime, and in many cases this can be a very expensive lesson to be learned.
    Ninety percent of security breaches are caused by Human Error. A successful security awareness training
    program will not only educate your employees. A successful program will also empower them to make
    changes to their behavior and embrace a security minded culture, securing themselves and in turn,
    securing your organization.
    But how can organizations take the next step beyond training when changing human behavior is such a
    complex process. Traditional security awareness programs are not enough—you need to develop
    Security-Minded Employees and make it part of the corporate culture.
    In this webinar, Larry Cates, President and CEO, and Suzanne Gorman, Vice President, Information Security
    and Risk Management Evangelist with Global Learning Systems will discuss:
    ● Setting objectives to make your program successful
    ● Biggest risks to any organization
    ● Elements of a Successful Security Awareness Program
    ● Quantifying Your Success
  • Achieving Regulatory Compliance in the Microsoft Cloud Sep 16 2021 5:00 pm UTC 60 mins
    Brendan Hoffman and Lisa Abshire
    Regardless of the industry, most organizations report to unique regulatory bodies with their own set of requirements– and meeting those requirements only becomes more complicated when data and applications are stored in the cloud. And on top of that, many companies find themselves lacking direction around Data Loss Prevention (DLP), legacy data archiving, data classification, document tagging, third party access, and other issues that can bring your organization out of good standing with those regulatory bodies.

    How can your company quickly adapt your cloud controls, standards, and processes to maintain compliance under changing conditions?

    In this webinar, our group of experts will provide guidance on tools and resources for your organization to develop a roadmap to better tackle your compliance needs in the Azure cloud.
  • Cybersecurity Tips & Challenges in the Hybrid Work Era Aug 25 2021 5:00 pm UTC 60 mins
    Darren Guccione, CEO and co-founder of Keeper Security
    Information security continues to evolve as the workplace goes hybrid

    67% of security personnel are concerned that remote employees’ use of personal devices to access their work systems have hurt their organizations’ security posture. As hybrid work conditions become the norm, companies must find a way to keep their systems safe from cyber-attacks while keeping employees connected. This webinar provides solutions to the most common challenges facing security teams in the hybrid work environment.

    • Learn about possible security issues stemming from remote work
    • Ways to keep networks secure with little business interruptions
    • Learn how password security can help protect networks
  • Latest DDoS Trends and the rise of ransom-driven attacks Aug 18 2021 5:00 pm UTC 60 mins
    Vivek Ganti, Product Marketing Manager at Cloudflare
    DDoS attacks have dominated the charts in terms of frequency, sophistication, and geo-distribution over the last year. Ransom DDoS attacks are also surging, crippling organizations' network infrastructure and taking them offline while demanding ransom in bitcoin. Unlike ransomware attacks, these ransom DDoS attacks do not even require the hacker to access an organization’s internal systems before they can be carried out.

    There are no signs of DDoS attacks going away anytime soon. How do organizations ensure that their Internet assets are protected against threats of any size or kind?

    In this webinar, you’ll learn about:

    * Key Q2 2021 DDoS attack trends
    * Ransom DDoS threats — and what you can do if you are affected
    * Steps organizations can take to make the impact of DDoS attacks a thing of the past
  • How nascent privacy-tech supports operations while preserving confidentiality Aug 17 2021 5:00 pm UTC 60 mins
    Brian Scriber, Vice President of Security Technologies
    How can technology help with global privacy regulation compliance, data analytics, and help us manage shared APIs, multiple companies, divisions, and departments with different data utilization strategies. How can differential privacy allow us to engage in meaningful research or demographic studies with detailed and privacy-protected datasets? Where are we now in the art of data management, software architecture, and where will we be in five years or ten years? How does self-sovereign identity play into this? Which historical experiences are analogous to our privacy and data protection work now and why is today’s IoT, video surveillance, facial recognition, artificial intelligence, and machine learning world different?
  • Life of a CISO Aug 12 2021 3:00 pm UTC 60 mins
    Eric Cole, PhD, is an industry-recognized security expert with over 20 years of hands-on experience.
    In this podcast, Dr. Cole will provide a playbook for approaching organizational security from this perspective. You’ll learn how a proper foundation for security is key, followed by proactive threat hunting and active defense. You’ll also get a prioritized checklist of actions that you can take right away to reduce the risk of an attack and mitigate one in progress..

    The constant barrage of security threats is not going to let up, and if you wait to respond, it will already be too late.
  • Defend your financial services organization against sophisticated fraud Aug 11 2021 5:00 pm UTC 60 mins
    Carl Mosby III and Shehzad Shahbuddin with Shape Security
    In financial services, keeping gross fraud loss in check is critical to the brand and the bottom line. Unfortunately, financial services institutions are lucrative targets for organized crime rings and the tools that enable cybercriminals are becoming more sophisticated and less expensive. You need the latest intelligence if you want to protect your organization.

    Join this session to learn:

    • New threats from organized crime rings related to the credential marketplace landscape.
    • Insights and evidence around how criminal organizations are increasingly reverting to manual (i.e., human-driven) fraud methods, and how to stop them.
    • The latest machine learning algorithms trained by attack profile, risk surface, and historical fraud records that specifically protect banks, credit unions, and other financial institutions.
  • The New Approach to AQPR Cybersecurity Risks to the Business Aug 10 2021 5:00 pm UTC 60 mins
    Yotam Ben Ezra, Vice President of Product, SafeBreach and Valeriy Leykin Director of Product, SafeBreach
    Understand What Matters - The New Approach to Assessing, Quantifying, Prioritizing, and Reducing Cybersecurity Risks to the Business

    Today’s security teams navigate significant layers of complexity, contending with too many different standards and too many disparate technologies. The proliferation of technologies and terminology, in turn, generates a broader challenge: getting teams across the organization to speak plainly and generate consensus about risks to the business, all using a common language.
    The reality is that too often there’s a fundamental gap between the cybersecurity strategy and business goals and priorities that conspires against the success of each of these roles.
    Join us to learn how your organization can begin to achieve a common language and align priorities for reducing risk by employing risk-based vulnerability management, and by establishing a model for cyber risk quantification (CRQ) within the enterprise.
    During the webinar we’ll discuss:
    ● Why a risk-based vulnerability management approach enables you to drive down and prioritize the risks that pose the gravest threats to the business
    ● A new, proposed model for quantifying cyber risks
    ● How a simple calculation and defining three key terms can provide a blueprint for aligning the organization
    ● How the model can be applied in less mature and in more mature organizations
    ● Which technologies will best support your cyber risk quantification efforts
  • Redefining Cloud Security in a Perimeter-Less World with Machine IM Aug 4 2021 5:00 pm UTC 60 mins
    Muralidharan Palanisamy, Chief Solutions Officer, AppViewX
    Cybersecurity for a long time revolved around the central idea of the classic network perimeter, driven by the theory—inside is trusted and outside must be verified. When the cloud burst onto the enterprise IT landscape, many organizations resisted cloud migration because it infringed on the traditional concept of the network perimeter. Moving data and applications outside the data center into the cloud meant no control over user access and data security.

    Today, the enterprise IT landscape is undergoing a radical transformation. The impact of the COVID-19 pandemic has irrevocably altered workplace dynamics. Retail office spaces have closed doors and organizations have shifted to long-term remote work. To support modern workforce needs, organizations are rapidly moving data and applications to multi-cloud and hybrid-cloud environments. The once trusted network perimeter is slowly disappearing. And cloud security has yet again become a top priority for business leaders. Thankfully, cybersecurity has evolved significantly, shifting the focus from network to identity as the new perimeter. And, machine identity is the modern approach to cybersecurity in a perimeter-less environment.

    Machine identity-driven solutions such as Public Key Infrastructure (PKI) and CLM (Certificate Lifecycle Management) help organizations take complete control of all digital assets and enable secure online communication regardless of where they are located. This helps build a fluid and agile cybersecurity model that is identity-first and location-independent.
    Join this webinar to understand how machine identity is redefining cloud security for today’s distributed and hybrid IT environments and helping organizations build cyber-resilience.
  • Life of a CISO Recorded: Jul 22 2021 61 mins
    Eric Cole, PhD, is an industry-recognized security expert with over 20 years of hands-on experience.
    In this podcast, Dr. Cole will provide a playbook for approaching organizational security from this perspective. You’ll learn how a proper foundation for security is key, followed by proactive threat hunting and active defense. You’ll also get a prioritized checklist of actions that you can take right away to reduce the risk of an attack and mitigate one in progress..

    The constant barrage of security threats is not going to let up, and if you wait to respond, it will already be too late.
  • Protecting Data and Enabling the Workforce in a Post-Pandemic World Recorded: Jul 14 2021 58 mins
    Samuel Shiflett - Sales Engineer
    Enterprises were already well on their way to digital and network transformation when the pandemic hit in 2020. COVID accelerated the cloud journey and transformation, demonstrating where legacy approaches fell short. Making sense of SASE, its components, and the network delivering these services has companies scrambling as they attempt to enable a modern workforce that's in the office, at home, and around the world. Join Netskope as we discuss the building blocks of SASE and how you can safely enable your organization's transformation and ensure the effectiveness and productivity of your modern workforce.
  • Zero Trust and the New Normal of Cybersecurity Recorded: Jun 30 2021 60 mins
    Doug McKillip, Solutions Architect, A10 Networks and Babur Nawaz Khan, Product Marketing, A10 Networks
    2020 was an eventful year for cybersecurity, with an unprecedented rise in cyberattacks. Many organizations were caught off guard as the pandemic accelerated and dictated the need for remote work and education. However, the accelerated move to everything cloud has left many wondering about the future, whether their on-premises investments have been rendered obsolete or if the “new normal” would only rely on cloud-only solutions.

    The pandemic has also highlighted the need for fool-proof Zero Trust implementations to enhance the security of networks against modern cyberattacks, whether they are initiated from the outside or within. However, with most internet traffic encrypted, it is becoming increasingly difficult to effectively implement a Zero Trust approach.

    In this webinar, we will discuss:
    * What the “new normal” of cybersecurity might look like in a post-pandemic world
    * What role will Zero Trust play in the future of cybersecurity
    * Why effective decryption is essential for a fool-proof Zero Trust implementation
  • The Life and Times of the Cybersecurity Professional 2021 Recorded: Jun 24 2021 61 mins
    Candy Alexander, ISSA International President and Jon Oltsik, Senior Principal Analyst and ESG Fellow
    ISSA/ESG’s annual research study “The Life and Times of the Cyber Security Professional “is full of valuable information, but only if you know how to use it. We will review pain-points identified by cybersecurity professionals and offer suggestions to use the data to educate the business, build a value proposition and justification for budgeting, training, and professional development time.
  • Cybersecurity Asset Management Trends 2021 Recorded: Jun 16 2021 48 mins
    Noah Simon, Director of Product Marketing at Axonius and Jake Munroe, Product Marketing Manager at Axonius
    Cybersecurity Asset Management Trends 2021: The pandemic’s impact on cybersecurity and priorities for the future

    Last year’s overnight shift to remote work drove rapid changes in security and IT priorities — resulting in more challenges than ever before.

    Now, as teams prepare for a post-pandemic “new normal”, IT and security teams are facing fresh obstacles.

    Axonius partnered with Enterprise Strategy Group (ESG) for a global survey of IT and cybersecurity professionals to explore how the pandemic impacted IT complexity, and what security initiatives teams are prioritizing post-pandemic.

    Register now for Cybersecurity Asset Management Trends 2021: The pandemic’s impact on cybersecurity and priorities for the future on June 16 at 1:00 p.m. E.T. Noah Simon and Jake Munroe of Axonius will dive into the survey’s findings to share key insights and takeaways from security leaders and practitioners worldwide, including:
    72% of respondents report increased complexity over the past two years.
    55% cite increased remote workers as the top cause of complexity (compared to only 22% last year)
    87% say the pandemic has accelerated cloud infrastructure adoption
    82% plan to increase investment in asset inventory
  • Why Privacy (usually) Needs Anonymity Recorded: Jun 15 2021 60 mins
    George Rosamond
    Privacy finally earned its legitimate place in the world of the technology despite years of being dismissed as the domain of the paranoid or the guilty. But strong privacy often requires what some consider its nefarious sibling, anonymity. Is collecting so much identifying data about users really critical to security? This presentation will approach how strong privacy enhancing technologies should also be appreciating the necessity of anonymity, or at least pseudonymity, in their design.
  • Is your enterprise MFA solution effective? Recorded: Jun 9 2021 60 mins
    Dan Hall, Principal Product Manager, Akamai
    MFA is critical to reducing risk in the enterprise. But not all MFA factors are equally effective. Join us as we discuss how attackers are taking advantage of weaknesses in the most popular MFA factor. We will review a strong authentication factor based on the FIDO2 standards, which presents its own challenges in balancing security against cost and productivity. Finally, we will introduce a modern authentication factor and service tailored to your business model and needs that delivers a secure, cost effective and low friction solution.

    What you will learn:
    • Why the most popular MFA factor should worry a security professional
    • The advantages of a strong authentication factor based on FIDO2
    • The Risk Management challenge: security vs cost & productivity
    • How to solve the Risk Management challenge with a modern authentication factor
  • Data Privacy: A World of Opportunities Recorded: Jun 3 2021 60 mins
    Shivangi Nadkarni
    The session will cover:
    • What really is Data Privacy – and how is it different from Data Security
    • Implementing Data Privacy in organizations
    • Opportunities in the domain of Data Privacy
  • Going Multicloud: Managing identities and privileges risk in AWS and Azure Recorded: May 19 2021 55 mins
    Or Priel, VP Product Management
    Midsize and large organizations are moving rapidly to multi cloud, with 75% adopting a multi and/or hybrid cloud strategy by this year [Gartner].
    With a whopping 75% of cloud security expected to result from inadequate management of identities, access, and privileges by 2023 [Gartner], how do you protect your multi cloud infrastructure -- and organization -- from inappropriate access and privileges risk? The challenge is compounded by different approaches to managing permissions and privileges from one public cloud to the next.
    Join Ermetic’s Or Priel, VP Product Management, for insight into how AWS and Azure handle identities, permissions and resources and how to manage identities and privileges risk in both environments. We will cover:
    - Azure’s RBAC vs AWS’s IAM roles and policies
    - Strategies for enforcing least privilege
    - Governing access and protecting sensitive resources
    - Using automation and analytics to mitigate risks across clouds
  • Secure Multi-Party Computations Recorded: May 18 2021 61 mins
    Dan Bogdanov
    Secure multi-party computation is a cryptographic technology for running a computation on the confidential inputs of two or more parties so that nobody learns the inputs of others. To simplify, it is a kind of a distributed computer that can process data without seeing it. This has applications in protecting sensitive data such as cryptographic keys, personal data or business secrets. The benefit of the technology is greatest when multiple organisation wish to collaborate, but find themselves unable to share the data.

    MPC Alliance (https://www.mpcalliance.org) is an industry union of companies building key management solutions, virtual HSMs, privacy-preserving statistics, ML and AI systems for finance, healthcare and public sector. In the talk, we'll talk of the technology, its applications in security and privacy, with example use cases.
  • How to Get Your People, Processes and Technology Ready for CMMC Certification Recorded: May 13 2021 62 mins
    Rick Lemieux and Steve Torino
    The Cybersecurity Maturity Model Certification (CMMC) is a new DoD requirement for implementing cybersecurity risk management across the many supply chain companies that make up the defense industrial base (DIB). Eligibility for future DoD contract awards will require the CMMC certification. Supply chain company chief legal officers, compliance officers, and senior leadership are responsible for understanding and enforcing the new DoD security regulatory requirements and compliance standards within their respective organizations and ensuring these current and future business risks are mitigated to improve cybersecurity in the DoD supply chain.

    Why Attend?
    Small, medium, and even some large defense contractors, suppliers, universities, and research labs, which make up most of the DIB supply chain, are among the nation’s most vulnerable and face the highest risk of data exfiltration. Many organizations have not made the required information protection investments, do not have the necessary cybersecurity skills or maturity, and do not perceive themselves as likely targets. The old honor system relying on self-accreditation for supply chain risk management simply wasn’t working. In this interactive session and demonstration, you can meet the industry experts and ask questions to help you get started preparing for CMMC certifications.

    * Special Offer:
    For each person who registers AND attends the webinar, they will receive a FREE itSM Solutions NCSP Awareness Training Voucher worth $99
Developing and Connecting Cybersecurity Leaders Globally
ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: How the Next Normal will require an Updated Cyber Strategy
  • Live at: Jun 10 2020 5:00 pm
  • Presented by: ISSA International
  • From:
Your email has been sent.
or close