Hi [[ session.user.profile.firstName ]]

Life of a CISO

In this podcast, Dr. Cole will provide a playbook for approaching organizational security from this perspective. You’ll learn how a proper foundation for security is key, followed by proactive threat hunting and active defense. You’ll also get a prioritized checklist of actions that you can take right away to reduce the risk of an attack and mitigate one in progress..

The constant barrage of security threats is not going to let up, and if you wait to respond, it will already be too late.
Recorded Aug 12 2021 61 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Eric Cole, PhD, is an industry-recognized security expert with over 20 years of hands-on experience.
Presentation preview: Life of a CISO

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Thoughts on operationalizing your threat intelligence capabilities Nov 18 2021 6:00 pm UTC 60 mins
    Ben Smith
    In this webinar, you’ll hear about some common challenges organizations face when putting their threat intelligence to work, whether it’s sourced internally or externally. Too many SOCs are drowning in data today, and there is almost always room to improve how you consume and apply your existing threat intelligence – as an example, many successful SOCs integrate their threat intelligence capability directly within their orchestration and automation solution (SOAR). You’ll hear some thoughts around how to make the most of your existing threat intelligence data, and you’ll leave the webinar with some actionable ideas to consider within your own environment.
  • Cloud Security: Locking down the Unintended Exposure of Sensitive Data Nov 17 2021 6:00 pm UTC 60 mins
    Kurt Van Etten, Chief Product Officer, RedSeal
    In a recent survey of over 100 IT/Security professionals nearly 2/3 reported that sensitive data has been exposed as a result of cloud misconfigurations. Additionally, 93% reported they are highly concerned about the potential impact of cloud misconfiguration. In this session the panel will discuss why unintentional exposure of sensitive data is so rampant, and how the industry is responding.
    We will discuss ways security teams can
    • Gain Visibility into their multi cloud and hybrid environments.
    • Best ways to leverage native CSP and Kubernetes security controls.
    • Recommended uses of third-party cloud security controls.
    • Steps to continuously monitor and prevent unintended exposure of sensitive data.
  • CISO 2.0 Security Eco-system for Dev, Multi-cloud, and Digital Transformation Nov 4 2021 5:00 pm UTC 60 mins
    Mary Gardner
    Women in Security Webinar
    CISO 2.0: Security Eco-system for Development, Multi-cloud, and Enterprise Digital Transformation

    Mary shares her story and passion, her career evolution and how she supports ever changing technology while also protecting the business eco-system: Multi-cloud, development, and enterprise digital evolution today; dealing with hackers, threats, bots and ransomware; leading a remote security function and staff; building your career beyond platforms, product lines and verticals; and successfully leading a security organization, including staffing and managing successful employees and the talent pipeline.
  • Cyber Insurance Oct 27 2021 5:00 pm UTC 60 mins
    Kathy Ahuja
    With identity-based ransomware attacks on the rise both in volume and dollar amount demanded, cyber insurance companies are starting to require security measures as a precondition for eligibility. Many cyber insurance firms are using cybersecurity tools to run an analysis of clients’ controls to make sure they are up to par. In the event where coverage is offered, many insurance providers are declining to take new clients or are capping amounts at about half of what they used to be for some clients.Join OneLogin’s Vice President of Global Compliance & IT on October 27, at 10am PT to learn more about

    Cyber insurance policy requirements
    Best practices to qualify for insurance and remain insured
    Features that provide protection mandated by insurance providers
  • Leverage Comprehensive Network Visibility to Achieve Advanced Threat Analytics Oct 20 2021 5:00 pm UTC 60 mins
    Mark Doering, Technical Marketing Director at NETSCOUT
    Doing business in a digital economy demands agility, and corporate digital infrastructures have changed profoundly in response. But as businesses race to the cloud and expand activities across a globally distributed digital ecosystem, they must also reinvent cybersecurity to defend this expanded threat surface.

    Comprehensive network visibility is critical.

    Join NETSCOUT’s Technical Marketing Director Mark Doering to discuss how to improve security for a large organization using metadata and packets.

    Join this webinar to learn more about the value of using a common source of packet-derived, smart data to:
    • Gain multi-dimensional visibility (e.g., broad, deep, with both quality and reliability of service and cybersecurity perspective) across an organization’s entire digital infrastructure
    • Reduce the time (i.e., Mean Time To Resolution) it takes to detect, investigate and remediate cyber or other IT threats
    • Achieve the ultimate business goal of reducing IT risk
  • Always Aware: Continuing Your Cybersecurity Awareness Month Journey Oct 13 2021 5:00 pm UTC 60 mins
    Robert Shields and Susan Mackowiak
    - October is Cyber Security Awareness Month (CSAM). But one month is only the beginning, and lasting change takes consistent programs and nudges to cultivate a strong security awareness 365-days of the year.
    - Join ISSA and Proofpoint as they discuss how to leverage CSAM to kick-start continuous programs to transform users from targets to defenders. In this session, our experts will cover:
    - How to leverage monthly nudges and campaigns
    - Extensive opportunities available by seasonal challenges and ‘domain days’
    - How pre-packaged campaigns utilizing micro-learnings can make this a reality
  • Innovating Your Career in the New Security and Privacy Frontier Oct 7 2021 5:00 pm UTC 60 mins
    Juliet "Jules" Okafor, JD
    Juliet “Jules” Okafor, will describe her professional journey and offer perspectives for workplace leadership and career innovation, while recounting adventures along the way, as she navigated life beyond graduate school. Jules will share details regarding her post-graduate journeys and current positions, and where she the current focus of our fields of security and privacy. She will talk about career innovation for you and your staff, in challenging economic conditions, work-life balance, diversity in the workplace, and strategies for professional growth.
  • Life of a CISO Oct 7 2021 3:00 pm UTC 60 mins
    Eric Cole, PhD, is an industry-recognized security expert with over 20 years of hands-on experience.
    In this podcast, Dr. Cole will provide a playbook for approaching organizational security from this perspective. You’ll learn how a proper foundation for security is key, followed by proactive threat hunting and active defense. You’ll also get a prioritized checklist of actions that you can take right away to reduce the risk of an attack and mitigate one in progress..

    The constant barrage of security threats is not going to let up, and if you wait to respond, it will already be too late.
  • Creating a Successful Security Awareness Training Program Recorded: Sep 22 2021 60 mins
    Larry Cates and Suzanne Gorman
    Organizations historically have relied on their Cybersecurity, IT and their Networking teams to purchase
    technologies to provide defense-in-depth protection for their organizations. While this is necessary, most
    organizations never think that their biggest risk is actually their untrained employees.
    With the onslaught of phishing, malware, ransomware attacks and Business Email Compromise or CEO
    Fraud, we are at a critical point that each and every organization needs to have a successful training
    program in place to properly educate their employees on how to identify social engineering attempts, or
    they are almost guaranteed to fall short of its security objectives and they will become a victim of
    cybercrime, and in many cases this can be a very expensive lesson to be learned.
    Ninety percent of security breaches are caused by Human Error. A successful security awareness training
    program will not only educate your employees. A successful program will also empower them to make
    changes to their behavior and embrace a security minded culture, securing themselves and in turn,
    securing your organization.
    But how can organizations take the next step beyond training when changing human behavior is such a
    complex process. Traditional security awareness programs are not enough—you need to develop
    Security-Minded Employees and make it part of the corporate culture.
    In this webinar, Larry Cates, President and CEO, and Suzanne Gorman, Vice President, Information Security
    and Risk Management Evangelist with Global Learning Systems will discuss:
    ● Setting objectives to make your program successful
    ● Biggest risks to any organization
    ● Elements of a Successful Security Awareness Program
    ● Quantifying Your Success
  • Privacy SIG: A Delicate Balance: When Security and Privacy Want Opposite Things Recorded: Sep 21 2021 60 mins
    Daniel Ayala
    Usually, privacy and information security professionals have a shared mission to protect information. But what happens when their approaches and objectives conflict with each other or make it impossible for them to coexist within a specific use case? From the physical world to the technology realm, there has long been give-and-take necessary to find the right balance between privacy and security in protecting and defending. As privacy (or its more appropriate term, data protection) is about respecting the person, and their decisions around data use and depends heavily on security technologies to be effective, the importance of collaborating continues to increase but remains challenging. We will cover the history of these two worlds' relationship across the physical and technical domains. By reviewing cases, including the recent news that Apple will soon check for CSAM data on users' devices, we will discern how to discuss, understand and find the balance between security and privacy for different use cases, risk postures and constituencies.
  • Achieving Regulatory Compliance in the Microsoft Cloud Recorded: Sep 16 2021 60 mins
    Brendan Hoffman and Lisa Abshire
    Regardless of the industry, most organizations report to unique regulatory bodies with their own set of requirements– and meeting those requirements only becomes more complicated when data and applications are stored in the cloud. And on top of that, many companies find themselves lacking direction around Data Loss Prevention (DLP), legacy data archiving, data classification, document tagging, third party access, and other issues that can bring your organization out of good standing with those regulatory bodies.

    How can your company quickly adapt your cloud controls, standards, and processes to maintain compliance under changing conditions?

    In this webinar, our group of experts will provide guidance on tools and resources for your organization to develop a roadmap to better tackle your compliance needs in the Azure cloud.
  • Key challenges and requirements on network security in a remote world Recorded: Sep 15 2021 59 mins
    Ameet Naik, Product Marketing, Cloudflare
    The shift to cloud applications and remote work imposes fundamentally different requirements on network security. The Internet is your new corporate network and security needs to evolve from appliances and choke points to a ubiquitous cloud-based service. Join this webinar to learn how you can transform your security architecture and take advantage of cloud-native network security-as-a-service from Cloudflare.

    In this webinar you will learn about:
    - hybrid network architectures for the modern enterprise
    - the shifts in network security requirements driven by the cloud and remote work
    - how network security-as-a-service can help you maintain a consistent security posture in the hybrid work era
  • Venture Capital, Security and Influencing Your Own Success Recorded: Sep 2 2021 55 mins
    Bio Chenxi Wang
    Dr. Wang will share her own career success story, how she chose this profession, how she evolved to her successful role today. She will give us a view of venture capital in security today, and what venture capital funds look at when considering funding from emerging technologies and trends, and how security fits into that pipeline. Chenxi will give perspective on how we might aspire to this career path—or as an investor, within the Venture Capital field. This will include skillsets, experience, the persona that works best, how negotiations and power of influence come into play, the benefits of such a field, and where and why we may want to engage.
  • Cybersecurity Tips & Challenges in the Hybrid Work Era Recorded: Aug 25 2021 55 mins
    Darren Guccione, CEO and co-founder of Keeper Security
    Information security continues to evolve as the workplace goes hybrid

    67% of security personnel are concerned that remote employees’ use of personal devices to access their work systems have hurt their organizations’ security posture. As hybrid work conditions become the norm, companies must find a way to keep their systems safe from cyber-attacks while keeping employees connected. This webinar provides solutions to the most common challenges facing security teams in the hybrid work environment.

    • Learn about possible security issues stemming from remote work
    • Ways to keep networks secure with little business interruptions
    • Learn how password security can help protect networks
  • Latest DDoS Trends and the rise of ransom-driven attacks Recorded: Aug 18 2021 59 mins
    Vivek Ganti, Product Marketing Manager at Cloudflare
    DDoS attacks have dominated the charts in terms of frequency, sophistication, and geo-distribution over the last year. Ransom DDoS attacks are also surging, crippling organizations' network infrastructure and taking them offline while demanding ransom in bitcoin. Unlike ransomware attacks, these ransom DDoS attacks do not even require the hacker to access an organization’s internal systems before they can be carried out.

    There are no signs of DDoS attacks going away anytime soon. How do organizations ensure that their Internet assets are protected against threats of any size or kind?

    In this webinar, you’ll learn about:

    * Key Q2 2021 DDoS attack trends
    * Ransom DDoS threats — and what you can do if you are affected
    * Steps organizations can take to make the impact of DDoS attacks a thing of the past
  • How nascent privacy-tech supports operations while preserving confidentiality Recorded: Aug 17 2021 61 mins
    Brian Scriber, Vice President of Security Technologies
    How can technology help with global privacy regulation compliance, data analytics, and help us manage shared APIs, multiple companies, divisions, and departments with different data utilization strategies. How can differential privacy allow us to engage in meaningful research or demographic studies with detailed and privacy-protected datasets? Where are we now in the art of data management, software architecture, and where will we be in five years or ten years? How does self-sovereign identity play into this? Which historical experiences are analogous to our privacy and data protection work now and why is today’s IoT, video surveillance, facial recognition, artificial intelligence, and machine learning world different?
  • Life of a CISO Recorded: Aug 12 2021 61 mins
    Eric Cole, PhD, is an industry-recognized security expert with over 20 years of hands-on experience.
    In this podcast, Dr. Cole will provide a playbook for approaching organizational security from this perspective. You’ll learn how a proper foundation for security is key, followed by proactive threat hunting and active defense. You’ll also get a prioritized checklist of actions that you can take right away to reduce the risk of an attack and mitigate one in progress..

    The constant barrage of security threats is not going to let up, and if you wait to respond, it will already be too late.
  • Defend your financial services organization against sophisticated fraud Recorded: Aug 11 2021 62 mins
    Carl Mosby III and Shehzad Shahbuddin with Shape Security
    In financial services, keeping gross fraud loss in check is critical to the brand and the bottom line. Unfortunately, financial services institutions are lucrative targets for organized crime rings and the tools that enable cybercriminals are becoming more sophisticated and less expensive. You need the latest intelligence if you want to protect your organization.

    Join this session to learn:

    • New threats from organized crime rings related to the credential marketplace landscape.
    • Insights and evidence around how criminal organizations are increasingly reverting to manual (i.e., human-driven) fraud methods, and how to stop them.
    • The latest machine learning algorithms trained by attack profile, risk surface, and historical fraud records that specifically protect banks, credit unions, and other financial institutions.
  • The New Approach to AQPR Cybersecurity Risks to the Business Recorded: Aug 10 2021 61 mins
    Yotam Ben Ezra, Vice President of Product, SafeBreach and Valeriy Leykin Director of Product, SafeBreach
    Understand What Matters - The New Approach to Assessing, Quantifying, Prioritizing, and Reducing Cybersecurity Risks to the Business

    Today’s security teams navigate significant layers of complexity, contending with too many different standards and too many disparate technologies. The proliferation of technologies and terminology, in turn, generates a broader challenge: getting teams across the organization to speak plainly and generate consensus about risks to the business, all using a common language.
    The reality is that too often there’s a fundamental gap between the cybersecurity strategy and business goals and priorities that conspires against the success of each of these roles.
    Join us to learn how your organization can begin to achieve a common language and align priorities for reducing risk by employing risk-based vulnerability management, and by establishing a model for cyber risk quantification (CRQ) within the enterprise.
    During the webinar we’ll discuss:
    ● Why a risk-based vulnerability management approach enables you to drive down and prioritize the risks that pose the gravest threats to the business
    ● A new, proposed model for quantifying cyber risks
    ● How a simple calculation and defining three key terms can provide a blueprint for aligning the organization
    ● How the model can be applied in less mature and in more mature organizations
    ● Which technologies will best support your cyber risk quantification efforts
  • Redefining Cloud Security in a Perimeter-Less World with Machine IM Recorded: Aug 4 2021 59 mins
    Muralidharan Palanisamy, Chief Solutions Officer, AppViewX
    Cybersecurity for a long time revolved around the central idea of the classic network perimeter, driven by the theory—inside is trusted and outside must be verified. When the cloud burst onto the enterprise IT landscape, many organizations resisted cloud migration because it infringed on the traditional concept of the network perimeter. Moving data and applications outside the data center into the cloud meant no control over user access and data security.

    Today, the enterprise IT landscape is undergoing a radical transformation. The impact of the COVID-19 pandemic has irrevocably altered workplace dynamics. Retail office spaces have closed doors and organizations have shifted to long-term remote work. To support modern workforce needs, organizations are rapidly moving data and applications to multi-cloud and hybrid-cloud environments. The once trusted network perimeter is slowly disappearing. And cloud security has yet again become a top priority for business leaders. Thankfully, cybersecurity has evolved significantly, shifting the focus from network to identity as the new perimeter. And, machine identity is the modern approach to cybersecurity in a perimeter-less environment.

    Machine identity-driven solutions such as Public Key Infrastructure (PKI) and CLM (Certificate Lifecycle Management) help organizations take complete control of all digital assets and enable secure online communication regardless of where they are located. This helps build a fluid and agile cybersecurity model that is identity-first and location-independent.
    Join this webinar to understand how machine identity is redefining cloud security for today’s distributed and hybrid IT environments and helping organizations build cyber-resilience.
Developing and Connecting Cybersecurity Leaders Globally
ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Life of a CISO
  • Live at: Aug 12 2021 3:00 pm
  • Presented by: Eric Cole, PhD, is an industry-recognized security expert with over 20 years of hands-on experience.
  • From:
Your email has been sent.
or close