Hi [[ session.user.profile.firstName ]]

Trend Watch: Attacks on Remote Work (and How to Defend Your Business)

Many businesses have now been supporting work from home for months now. After an initial rush to get the basics such as remote access to applications scaled up, what other changes need to be considered to protect and secure remote employees? Especially since it may be a considerable time before normality returns, this question is more imperative than ever.

In this webinar, we will look at how attackers have adapted their techniques to exploit remote working, what changes has there been in user behavior and the top 5 approaches business should be considering to protect users when they are accessing the public internet.
Recorded Jan 20 2021 61 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Tony Lauro, Director of Security Strategy and Or Katz, Principal Security Researcher for Akamai
Presentation preview: Trend Watch: Attacks on Remote Work (and How to Defend Your Business)

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Threat and Attack Surface Intelligence Mar 3 2021 6:00 pm UTC 60 mins
    Brandon Hoffman, Head of Security Strategy & CISO
    There’s no lack of threat intelligence about what adversaries do “out there,” but it doesn’t tell you how they view your company network. To manage external risk you need attack surface intel to show your most likely attack vectors—and which to fix first. Integrating threat and attack surface intelligence delivers the context needed to prioritize and remediate risk. The combination gives you a major advantage in reducing risk from external assets (domains, email addresses, certificates, shadow IT) and improving SecOps.
  • 5 pillars for creating your modern Unbound Enterprise with data-centric SASE Feb 17 2021 6:00 pm UTC 60 mins
    Jim Fulton is Forcepoint’s director of SASE and Zero Trust solutions
    Even before 2020, we knew where digital transformation was taking us. But we had no idea how quickly it would arrive. Because of the pandemic, our journey in cloud migration happened almost overnight. As a result, businesses today are less constrained by traditional network infrastructure and designated worksites. And, while we’ve always had some agility to shift work between on-prem and remote, we’re seeing the beginning of the new age of the Unbound Enterprise in which people have the freedom to work anywhere and anytime.

    Join this discussion to see how the new ways that people are accessing and using data—in multiple locations, on different devices, over the internet, in public and private clouds—are greatly accelerating the need to replace siloed infrastructure that can’t keep up. We’ll connect the dots on how you can take a “human-centric” SASE approach that puts users and data at the center of cloud-based security to make your business more agile and safer, all while cutting complexity and cost.

    Takeaways:
    1. Make working anywhere seamless and easy to deploy
    2. Protect data everywhere with a single set of policies enforced uniformly from endpoints to the cloud
    3. Automatically personalize security based on people’s behavior and the risk they present
  • Birth of Privacy Design Strategies Feb 16 2021 6:00 pm UTC 60 mins
    Jaap-Henk Hoepman, Associate Professor Computer Science, Radboud University and IT Law, University of Groningen
    Some privacy regulations now have privacy by design/privacy by default obligation, and in the past, these have been difficult for engineers to define and implement. We will explore the history of how to translate these vague legal obligations into concrete design requirements. This session will explain how privacy design strategies were developed and how they break down into actionable tactics. We will provide real-world examples of how to apply the tactics in practice. You will walk away with knowledge of privacy-friendly processing techniques and how to process personal data responsibly.
  • 2021 State of the Phish Report Feb 10 2021 6:00 pm UTC 60 mins
    ISSA International
    Cyber criminals are taking a people-centric approach to phishing attacks. Is your organization taking a people-centric approach to phishing prevention? Join this webinar for Proofpoint’s seventh annual State of the Phish report as it delivers critical, actionable insights into the current state of the phishing threat.

    Our experts will deep dive into:

    - The end-user awareness and knowledge gaps that could be negatively impacting your cybersecurity defenses.
    - The impacts infosec professionals are experiencing as a result of phishing attacks and the ways they’re attempting to combat these threats
    - How organizations are delivering phishing awareness training, and the ways they measure program success
  • Cyber Security Trends and Their Impact on Your Career and the World Feb 4 2021 6:00 pm UTC 60 mins
    Diana Kelley, Co-Founder and CTO of SecurityCurve
    Diana will share her expertise on cyber security trends for the future, and what they mean to business, the world and your career. She will provide personal insights on executive career planning, what will help you build a successful security program, and how you can create your own impact and path to success.
  • Shift Security Left. No, More Left Than That Feb 3 2021 6:00 pm UTC 60 mins
    David DeSanto - Senior Director, Product Management - Security at GitLab
    The “shift left” approach is not a new concept within software testing and DevOps best practices and it is commonly thought of when discussing DevSecOps. This usually includes security testing earlier in the software development lifecycle with the goal of identifying security vulnerabilities and weaknesses prior to shipping code to operations. However, “shift security left” is commonly interpreted to be “get developers to run security tools”. This approach is fraught with issues as it requires developers to context switch out of their workflow, learn and use new tools, understand the output of these new tools, and file bugs to be remediated (in yet another tool). The “shift left” approach requires a harder shift left, bringing security testing as close as possible to the developer while not expecting them to learn new tools. Furthermore, security results need to be contextual and provide actionable next steps so they can be resolved as quickly as possible. Finally, security scans need to finish in minutes, not in hours or days. A harder shift left empowers you and your organization as it applies repeatable, defensible processes that automate security and compliance policies from the first line of code written.

    In this session, we will discuss:
    • Common pitfalls when implementing traditional “shift left” security
    • How to best apply different security scanning techniques available
    • Embedding security scanning into the developer workflow
    • Automating secure development best practices
  • Life of a CISO Feb 2 2021 5:00 pm UTC 60 mins
    Eric Cole, PhD, is an industry-recognized security expert with over 20 years of hands-on experience.
    In this podcast, Dr. Cole will provide a playbook for approaching organizational security from this perspective. You’ll learn how a proper foundation for security is key, followed by proactive threat hunting and active defense. You’ll also get a prioritized checklist of actions that you can take right away to reduce the risk of an attack and mitigate one in progress.

    The constant barrage of security threats is not going to let up, and if you wait to respond, it will already be too late.
  • How to Prevent Organizational Risk when Faced with Modern Multifaceted Attacks Jan 27 2021 6:00 pm UTC 60 mins
    Thom Bailey, Senior Director of Product Strategy
    In this session, Thom Bailey, senior director of product strategy at Mimecast, will explore the benefits of a consolidated cyber resilience platform to layer security, enhance visibility, and more effectively reduce mean time to remediate (MTTR). Attendees can expect to learn how to leverage an open API platform that uses shared threat intelligence to integrate with prevention, detection, and response technologies, and identify phishing emails with machine learning using real-life attacks to train and educate end users. With this knowledge session, attendees will gain an understanding of business risk with a Risk Score, comprised of aggregated data, to better gauge their organization’s security posture.

    5 Benefits of Attending Session:

    • Learn the benefits of a consolidated cyber resilience platform to layer your security, enhance visibility, and more effectively reduce time to respond/remediate (MTTR)
    • Leverage an open API platform that uses shared Threat Intelligence to integrate with the prevention, detection, and response technologies
    • Identify phishing emails with Machine Learning - and use real-life de-weaponized phishing attacks to both train and educate end-users
    • Understand and manage business risk with a Risk Score comprised of aggregated data to gauge the organization’s security posture
  • Trend Watch: Attacks on Remote Work (and How to Defend Your Business) Recorded: Jan 20 2021 61 mins
    Tony Lauro, Director of Security Strategy and Or Katz, Principal Security Researcher for Akamai
    Many businesses have now been supporting work from home for months now. After an initial rush to get the basics such as remote access to applications scaled up, what other changes need to be considered to protect and secure remote employees? Especially since it may be a considerable time before normality returns, this question is more imperative than ever.

    In this webinar, we will look at how attackers have adapted their techniques to exploit remote working, what changes has there been in user behavior and the top 5 approaches business should be considering to protect users when they are accessing the public internet.
  • Pseudonymization vs. Encryption: Fight! Recorded: Jan 19 2021 61 mins
    Patrick Walsh
    The user data you hold is now toxic -- meaning the penalties for losing control of that data are now potentially very costly. Technical measures must be taken to protect the privacy of that user data, which means you probably need to adopt a PET. But what PET is appropriate? Join us as we discuss the limits of pseudonymization and the landscape of encryption options available. We’ll examine a few well-known companies that are using encryption to make privacy a first-class part of their product by embracing end-to-end encryption and customer held encryption keys. We’ll also touch on encryption techniques like secure multi-party computation, homomorphic encryption, and transform cryptography.
  • Evolution of Identity Recorded: Jan 13 2021 59 mins
    Zulfikar Ramzan Chief Digital Officer (CDO) RSA, Chief Technology Officer (CTO) RSA Security Business Unit
    Most security leaders have entered 2021 understanding that securing rapid digital acceleration means greater reliance on Identity and Access Management programs than ever before. Many are embracing identity- and risk-centric concepts such as Passwordless Authentication, Zero Trust, and Mesh Security to address needs for greater resiliency and flexibility. Dr. Zulfikar Ramzan, Chief Digital Officer at RSA and a world-renowned expert on digital identity believes that success demands both clarity of vision and understanding for our current place on the continuum of identity evolution.

    Step into a time machine with Dr. Ramzan as he takes you on a journey to explore how the concept and practices of identity and access management have evolved over time. He’ll also show you where both are headed, and how your identity management strategy may need to change to keep pace with business and technology trends.
  • A Birds Eye View for Crossing Borders in Cyber Security: Hiring or Relocating Recorded: Jan 7 2021 57 mins
    ISSA International
    Three women leaders will share their experience in relocating and hiring across borders, their insights on key success factors, how to prepare for, locate and mine opportunities, and how to mesh your own goals with the job market and organizational needs. We will also gain a perspective on what a go-forward plan would include in today’s climate.
  • Life of a CISO - Defending A Compromised Network (Part II). Recorded: Jan 5 2021 60 mins
    Eric Cole, PhD, is an industry-recognized security expert with over 20 years of hands-on experience.
    Here’s the hard truth: if you haven’t detected an attack/compromise in the last 12 months, it is NOT because it’s not happening – it’s because you’re not looking in the right places.

    According to Dr. Eric Cole, Founder and CEO of Secure Anchor, a compromise in your network is inevitable – if it isn’t already happening now, it will soon. Given that 100% security simply doesn’t exist, what can you do to control and minimize the damage from attacks?

    In this podcast, Dr. Cole will provide a playbook for approaching organizational security from this perspective. You’ll learn how a proper foundation for security is key, followed by proactive threat hunting and active defense. You’ll also get a prioritized checklist of actions that you can take right away to reduce the risk of an attack and mitigate one in progress.

    The constant barrage of security threats is not going to let up, and if you wait to respond, it will already be too late. See previous webinar Part I : https://www.brighttalk.com/webcast/16125/454016
  • Excuse me, my mind set is {null}. A conversation to launch 2021 well Recorded: Dec 22 2020 61 mins
    James McQuiggan, Mathieu Gorge and Michael Angelo
    As 2020 comes to a close, we can choose how we reflect on the challenges of the past year and their influence on 2021. How do you characterize 2020? Was it a blessing in disguise or a curse? Was it an answer or a question? Will you enter 2021 in a state of burnout and despair, or was 2020 a gift to us whose potential and benefits are to be revealed? This session will talk about the power of perspective-taking and mindset for security professionals to avoid the burnout that is plaguing the industry and how we can use it to create the kind of career and life we desire in 2021.
  • User-Centric Privacy: Designing Effective Protections that Meet Users' Needs Recorded: Dec 17 2020 61 mins
    Florian Schaub, CIPP/US, CIPT Assistant Professor, University of Michigan School of Information.
    Privacy engineering aims to respect and protect user privacy. In order to ensure that privacy protections actually meet people’s privacy needs it is important to understand those needs, concerns and expectations and build privacy into systems with a user-centric perspective. This session will draw on the speaker's research regarding privacy notices and controls online, on smartphones and with smart speakers to discuss how and why privacy controls are often misaligned with user needs and how we can design privacy for users instead of past them. It will also examine how user studies can inform the design of user-centric privacy protections to more effectively meet user needs, as well as benefit companies.
  • 2021 Trends Recorded: Dec 16 2020 64 mins
    Peter Kilmek & Brian Anderson
    With digital disruptions increasing on a global scale, 2020 saw organizations reprioritizing their security requirements. Now more than ever security professionals need to be innovative in their approach as current projects shift and change without notice. With no foreseeable end to pandemic’s global impact, we anticipate sophisticated security threats to increase in volume and severity well into 2021.

    Join us in a discussion of three key trends we see coming in 2021:

    •The changing and evolving workplace causing unknown vulnerabilities
    •Security’s role in your cloud transformation process
    •Protecting your data and all paths to it
  • Using the NIST Cybersecurity Framework to Align your Organization’s Risk Recorded: Dec 15 2020 26 mins
    Patrick von Schlag, President, Deep Creek Center, Inc.
    All organizations are concerned about cybersecurity risk and its impact on their business. This is especially true in the context of digital business strategy and how effectively the organization can manage its risk profile as their business models continue to adapt to meet changing conditions. In this session we will discuss using the NIST Cybersecurity Framework as a vehicle to identify, prioritize, and execute your cybersecurity risk management program, and introduce a roadmap to help you plan your assessments and actions. Whether you are a small- or medium-sized business or a global enterprise, this approach can help better align cybersecurity into your overall organizational risk management program and provide a vehicle to help you build the adaptive culture you’ll need to sustain success.
  • Putting in place MFA and good access security to protect against ransomware Recorded: Dec 9 2020 62 mins
    ISSA International
    Ransomware attacks targeting enterprises in a variety of sectors have skyrocketed during the first half of 2020. Criminals are taking advantage of our reliance on digital communications and remote working for sinister purposes. As a result, most of the ransomware incidents can be attributed to a limited number of intrusion vectors, with the top three being badly secured remote desktop protocol (RDP) endpoints, email phishing, and the exploitation of zero-day VPN vulnerabilities. Join us in this session to understand how weak credentials and lack of access security exposes your organization to RDP and VPN-based ransomware attacks and hear from Thales experts on how you can protect against them.
  • Zero-Trust from Aspirational to Overdue Recorded: Dec 8 2020 60 mins
    John Checco
    Globally, firms face a dynamic cybersecurity threat landscape. To combat new threats to remote workers, many firms have reacted with point products to secure their new perimeter. However, this has resulted in increased costs, marginalized impact, and lower ROI.
    In order to achieve true resiliency, firms need to rethink their approach and adopt a holistic Zero Trust model that is long-term and cost-effective.
    Join our panel of experts on Dec. 8th at 10 am PT as they explore the new Zero Trust security paradigm. In this session, they’ll cover:

    •What Zero Trust is and what it isn't
    •Why firms are rapidly adopting this model
    •Where change will be most effective, most disruptive, and most challenging
  • Future proof your Cloud Security & Governance strategy and be prepared for 2021 Recorded: Dec 3 2020 61 mins
    Malini Rao - Global Head of Cybersecurity & GRC Operations
    As many organization are going digital as part of digital transformation strategy, businesses and organizations need to be more strategic with their security controls. Market forces continue to push organization to rapid and comprehensive digital transformation, accelerating the use of technologies such as the cloud and agile and increasing exposure to the many inherent security issues.

    According to IDC, the pandemic has impacted the long-term cloud strategy of many organizations, causing an accelerated move to cloud. Due to the sudden shift and adoption of going digital and work from anywhere due to COVID-19 pandemic (the new normal), businesses have had a short time to reflect and reassess their cloud strategy, how security fits in the picture and how they can ensure that remote workers and their devices are protected and have the security they need to keep their organizations safe and comply with compliance requirements and regulations. As more than half the global economy turns digital by 2023, a new species of enterprise will be required to compete and thrive. IDC 2020 predictions show that enterprises will prepare for the digitized economy by accelerating investments in key technologies and new operating models to become hyper speed, hyperscaled, and hyperconnected organizations.

    With more assets and data moving to the cloud, cybercriminals are geared up and equipped to target the organizations moving their critical data to cloud. We will discuss lessons learnt from 2020 and top tips to reduce your attack surface in the cloud and future-proof your cloud security strategy for 2021 so you are well prepared and have cloud security as your top priority for 2021.

    A strong cloud security and Governance strategy will help ensure organizations can take advantage of cloud environment benefits at the same time ensure that the attack surface is reduced and have the risk appetite and mitigation strategy well planned for cloud risks.
Developing and Connecting Cybersecurity Leaders Globally
ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Trend Watch: Attacks on Remote Work (and How to Defend Your Business)
  • Live at: Jan 20 2021 6:00 pm
  • Presented by: Tony Lauro, Director of Security Strategy and Or Katz, Principal Security Researcher for Akamai
  • From:
Your email has been sent.
or close