Name: Top 5 Risks of "Dirty" Firewalls
Start: 2016-06-06T15:15:00Z
End: 2016-06-06T16:39:59.000Z
Location: BrightTALK
Rating: 0

FireMon delivers continuous security for hybrid enterprises through a powerful fusion of vulnerability management, continuous compliance and orchestration. Since creating the first-ever network security management solution, FireMon solutions have continued to deliver visibility into and control over complex network security infrastructure, policies and risk for more than 1,700 customers around the world.

Currently, organisations are drowning in network complexity, lack the visibility to keep up, and enable business operations as networks evolve in this unusual time. Compliance requirements keep changing and cyber-attacks just won’t quit.

It is impossible to secure unknown IP devices without real-time visibility, meaning all organisations are open to breach however comprehensive their security stack may be.

In this session our expert presenters will discuss:

•Gaining real-time discovery and visibility that can eliminate blind spots in your network infrastructure. 
•Identifying and securing unknown, rogue/shadow networks and endpoints while tracking constant changes based on enterprise mobility, virtualization, cloud-based infrastructure, and software-defined networking (SDN).
•Finding the elusive **40%+ of unknown IP devices in current network security stacks, which threat actors exploit to compromise and eventually breach enterprises.
•How to better protect networks, endpoints and IoT devices while extending visibility and monitoring cloud environments.
 
** Research by Lumeta (A FireMon Company 2018)

Transformation Demands Real-time Discovery and Visibility

How policy automation can help security adjust to today’s environment  

Learn from our expert panel how Security Policy Automation can help you deliver speed AND security to your organisation – enabling corporate adoption of agile technologies and platforms easier, without losing control or increasing risk. In today’s exceptional times, you should not have to choose between business agility OR security – so why not provide both? Business demands, regulatory requirements and evolving threats aren’t going away, so it’s time to chance the game for Security Operations. 

During this live webinar, cybersecurity experts will provide real world examples, in-depth insights and innovative ways to move at velocity without sacrificing security. Policy Automation can provide real business value, faster than you think. 

This webinar will cover:
•Use cases for policy management automation (e.g., automating gold standard best practices, global overarching rules, and rapid approval processes for faster deployments).
•How automation can help you leverage innovation while reducing security and compliance risk.
•Automated responses for triggers like new apps or services, routine changes to apps or services, or new security threats.

Policy Automation – The New Normal

Whenever you see a spike in adoption of any technology you can be sure that security vulnerabilities soon follow.  In the rush to “get IT done” we neglect to “make IT secure”.  We have observed, as the pandemic takes hold, cloud adoption is accelerating, and this considerable growth reported by cloud vendors confirms this. This acceleration of adopting the cloud has resulted in cloud security misconfigurations. These misconfigurations are due to a lack of visibility into what is occurring in these environments. Therefore, we can expect security vulnerabilities. But these are in the cloud, and attackers seem to be even more active than ever right now.  And think about this, a network security mistake in the cloud may introduce and amplify unintended risk to your organization and customers. 

We will examine to most frequent network security mistakes associated with cloud adoption, including:
1.VM remote administration exposed to the Internet
2.Storage resources exposed to the Internet
3.Unprotected 2nd tier microservices
4.Unprotected cloud resource authorization keys
5.Insecure and unshielded container and orchestration infrastructure
6.Misconfiguration of cloud security groups and controls
7.Unprotected, insecure API
8.Lack of understanding of complex cloud resource interaction
9.Access that violates internal or regulatory compliance standards

Some are similar to normal on-premise network security issues but others are highly arcane to the cloud and you might never have thought of them.  As much as possible I’ll provide real world examples.  My guest, from our sponsor FireMon, Josh Williams, is a subject matter expert in empowering organizations to identify and mitigate risk within their network infrastructure. Josh will briefly discuss how organizations leveraging public and private clouds, need regular modifications to the network configuration, and user access to keep up with business needs and avoid the consequences of misconfigurations.

Top 9 Network Security Vulnerabilities Common to the Cloud

Your path to cloud computing may encounter roadblocks when it comes to security, compliance, cost and more. But never fear—this webinar will discuss concepts to help you breeze past these obstacles and arrive at your cloud destination in record time.

Join us as we discuss how to tackle the top 5 biggest roadblocks to workload migration:

•Cyberattacks
•Compliance Challenges
•Hidden Costs 
•Lack of Visibility
•Internal Politics

Overcome Your Cloud Roadblocks

Healthcare organizations are trusted by their patients to be custodians for massive amounts of highly confidential data: health records, payment details and other identifiable information. The unfortunate drumbeat of headlines serves as a stark reminder that this data is highly valued on the black market, making healthcare one of the most targeted industries by hackers and other cyber-criminals. 

With this level of risk, many healthcare leaders struggle to align budget to address this risk, instead focusing on digital transformation initiatives that modernize the network environment. With a goal to automate processes and apply cutting edge technology and access throughout the facility, compliance-driven security is often an after-thought.

This session will introduce the concept of persistent network security and what it looks like and discuss the considerations necessary to build a culture of compliance marked by an approach to automation designed to mitigate risk.

Creating a Culture of Compliance

From increasing complexity and scale, to lack of automation and integration, to decreasing budgets and staffing shortages - hybrid cloud is continuing to have a growing impact on enterprise security and IT teams. While enterprises increasingly transition to public and hybrid cloud environments, their network complexity continues to grow and create security risks. Meanwhile, they are losing the visibility needed to protect their cloud systems. FireMon conducted the second annual State of Hybrid Cloud Report, polling over 500 security professionals, and Tim Woods, VP of Technical Alliances, will present and discuss the findings.

- 78.2% of security practitioners use two or more different vendors for enforcement points
- 65.4% indicate that they use manual processes in their hybrid environment
- 69.5% have a security team of 10 people or less (compared to 52% in 2019)

Embracing the Cloud 2020

Security pros have spoken and the results are in! Our second annual 2020 State of the Hybrid Cloud Security report is out! Be one of the first to learn what is driving your peers and dig into the results from our annual survey.

  In 2019, the industry responded and we learned:  
• 60% reported that moving their business to the cloud has accelerated past their ability to adequately secure them in a timely manner
 • 50% reported that they have 2 or more different clouds currently deployed 
• 30% reported that they have a complicated non-existent relationship with their DevOps/Application team  

What will the 2020 findings reveal? Our in-house experts Tim Woods, VP, Technology Alliances, and Elisa Lippincott, Director of Product Marketing, will cover the trends and challenges of securing today’s hybrid cloud environments. Also, see how FireMon tackles the most complex hybrid environments.   

Join FireMon for this timely webinar.

2020 State of Hybrid Cloud Security

How can you best secure your complex hybrid network? Traditional network security approaches aren’t enough: innovation is the key. Join us to examine the security innovations that drove SC Media to name FireMon as a 2019 Industry Innovator Award Winner. 

In this webcast, you’ll see how FireMon’s unique security solutions empower your security team with:

- Adaptive Automation: Intelligent, configurable network security policy automation that monitors and responds (adapts) in real-time to changes in your environment and business requirements
- Attack Surface Reduction:Actionable insights into the key risks and vulnerabilities across your ever-changing attack surface – so you can identify and stop threats in their tracks before they materialize 
- Proactive Compliance: 100% trusted compliance and risk management, no matter what you discover and change in your hybrid cloud environment

You don’t have to choose between business agility and robust security. You can have it all, and this webcast will show you how.

Tackle Your Hybrid Network Complexity in 2020

IT and security teams know that automation is the key to optimizing operations and delivering faster, more reliable services and experiences both to the enterprise and its customers. But realizing the full potential of security automation requires both a disciplined automation framework and a flexible automation platform.

Register for our webinar to hear from:

Chris Gardner, a guest speaker from Forrester, who will help you gauge your journey and discover which core competencies you need to develop or strengthen to successfully transform your organization with automation.

Tim Woods from FireMon, who will share best-in-class solutions that support organizations along their entire automation journey to deliver maximum operational efficiency, process integration efficiency and next-gen transformation efficiency.

This webinar is a must-attend if you're looking to accelerate towards autonomous security using a powerful framework.

Assess and Turbocharge Your Security Automation Strategy

As your business grows, so does the pressure on your security team to do more. Automation is essential, but its not a panacea for the breadth and scope of todays threats.

Feedback from FireMon customers shows they know automation can help them. They believe that anywhere from 50 to 60 percent of recurring, cyclic tasks could be automated. Automation brings with it many connotations, and while the prospect of reducing the workload of security teams is no doubt appealing, its important to understand what automation can accomplish and what it cant.

This webinar will discuss 7 myths associated with Security Automation:

Automation is a substitute for warm seats
Automation is not orchestration
Everything should be automated
Automation is only for incident response
Automation equals better security
Automation is only for big organizations
You can set it and forget it
Join Tim Woods, VP of Technology Alliances at FireMon, to learn how to automate at your own pace and pick up tips to help your internal security teams.

7 Myths of Security Automation: Be Clear on What It Can Achieve

The ActualTech Media LIVE Megacast featured in-person interviews with FireMon and other cloud-centric vendors, seeking to help organizations further accelerate their workload support efforts. You will hear how FireMon:
- Helps organizations straddle public and private cloud environments 
- Improves organizational security
- Provides a single-pane-of-glass view to your network environment
- Helps organizations solve complex storage problems with cloud services, and much, much more.

Join Tim Woods, VP Technology Alliances, FireMon and Scott Lowe, CEO, ActualTech Media as they discuss how FireMon helps ensure your security has parity with the speed of your business.

ActualTech Media LIVE Megacast: AWS, Azure, and GCP Solutions

You hear about network boundaries being gone so much that it’s easy to start thinking firewalls are dead. But exploit after exploit shows the opposite is true. Here are examples:

•BlueKeep and DejaBlue demonstrate that protocols like RDP have no business being exposed directly to the Internet.
•Lateral movement exploits like that in the Equifax debacle show that more segmentation is needed so that a single unpatched server doesn’t result in your most important database going up in smoke
•The Capital One data breach shows that cloud resources need firewall protection too – not just on prem

Most web applications are two applications in one. 1) The single page or progressive app runs on the client with all its source code in clear text for bad guys to pursue and 2) the application API that goes between the client and back-end servers. But that can easily become an API for bad guys.

Putting everything in the cloud and not designing network security into the architecture is like taking your on-prem network and putting all storage arrays and servers on the Internet and expecting each device and system to defend itself.

In the webinar, we look at network security and the evolving role of the firewall. We will discuss two overall classes of firewalls:
•Traffic policy enforcement points
•Full-stack next-gen / deep-packet-inspection firewall products

Those categories may cause you to widen your scope as to what constitutes a “firewall” because by #1’s definition, anything with a network ACL is a firewall. 

It’s an important distinction because what we need are more enforcement points and granularity in policy. That’s the premise behind the holy grail of zero trust and microsegmentation.

But with more firewalls and rules on them, we risk making the #1 problem with firewalls even worse: misconfiguration.

Just released, FireMon will review the 6th annual State of the Firewall report. This year’s report is highly illuminating and will reinforce many of my key points.

Are Firewalls Dead? Not by a Long Shot - But We Need to Make Some Changes

Security pros have spoken and the results are in! Our sixth and largest 2019 State of the Firewall report is out! Be one of the first to learn what is driving your peers and dig into the results from our annual survey.

In 2018, the industry responded and we learned:

•94% reported that firewalls are critical as always or more critical than ever
•53% have already partially or fully adopted public or hybrid cloud
•64% reported that they still deal with manual change management processes

What will the 2019 findings reveal? Our in-house experts Tim Woods, VP, Technology Alliances, and Elisa Lippincott, Director of Product Marketing, will cover the trends and challenges of network operations and security practitioners worldwide.

Track the conversation on social using #SoFR19 and join FireMon for this timely webinar.

2019 State of the Firewall

If you are dealing with too many manual changes processes, burdening an overworked staff, this webinar is a must-attend for you. You’ll learn how to use security automation to reduce the opportunities for mistakes and misconfigurations by taking the drudge work off your staff and fast-tracking traditional SecOps.

Key takeaways: 

Eliminate bottlenecks that plague traditional change processes
Decrease errors by standardizing more areas of their security
Support the dynamic demands of their agile/DevOps customers

101 Guide to Security Automation

Data Breach.
 
Just reading that can give the most seasoned security professional a hair-raising moment. We now know, a single medical record fetches 10x the price of a credit card record on the black market. As scary as this sounds, it’s probably just the opening round in a topic that may have even more far reaching implications in the future.

What happens if/when hacker behavior impacts patient outcomes?  We’ve seen a raft of ransomware attacks in healthcare lately. Timely access to accurate information in this age of healthcare digital transformation is not just about reputation and loss of records anymore. Or when the patient information, inevitably, becomes richer, likely involving individual DNA genetics and customized treatments based on that? How important will it be then to safeguard the patient’s information?
 
In this dynamic threat landscape, healthcare organizations now find themselves struggling to secure assets and environments that were initially deployed without security in mind. As a result, four main security challenges have emerged and FireMon helps organizations address them:
 
·       Lack of network visibility: what you can’t see, you can’t protect
·       Risk in adopting new technologies / devices / applications
·       Limitations on vulnerability analysis and remediation
·       Lack of control over security policies
 
 
Join FireMon for this timely webinar designed to help security leaders accurately understand their profile and learn how to ensure security policies mitigate risk and close gaps in compliance through continuous, adaptive policy enforcement.

Don't Be the Next Healthcare Headline - Automate Mindfully to Lower Network Risk

Learn how to use automation to increase speed AND security in your organization. IT and security organizations are under pressure to deliver unprecedented business agility, but regulatory requirements and cyberattacks are growing fast. How do you choose between speed and security?

During this live webinar, cybersecurity expert Tim Woods, VP Technical Alliance from FireMon gives you innovative ways to move at velocity without sacrificing security. This webinar will cover:

•Automated responses for triggers like new apps or services, routine changes to apps or services, or new security threats
•Use cases for policy management automation (e.g., automating gold standard best practices, global overarching rules, and rapid approval processes for faster deployments)
•How automation help you leverage innovation while reducing security and compliance risk

Automation: One Giant Leap for Security

Learn how to balance speed + security in your organization. Businesses today must move at digital speeds. Going head-to-head with digital native competitors, enterprises have to evolve rapidly in areas ranging from time to market to product quality and features to business model innovation.

This puts intense pressure on IT and security organizations—often burdened with legacy systems—to deliver unprecedented business agility. At the same time, regulatory requirements are growing almost as fast as cyberattacks and cyberthreats. How do you balance the risk of not getting new application services or changes to market fast enough against the risk of a breach?

FireMon gives IT and security teams innovative ways to move at velocity without sacrificing an iota of security. FireMon uses automation that fits into your existing models and processes, so you can make incremental changes internally while your business acts disruptively in the marketplace.

In this webinar, we’ll cover:
•Automated responses for triggers such as a new app or service, routine changes in an app or a service, or new security threats
•Use cases for automation in policy management (e.g., automating gold standard best practices, global overarching rules, and rapid approval processes to ensure speed of deployment)
•How automation can help you leverage innovation without introducing security and compliance risk

Drive Innovation with a Strong Security Posture

This is a must-attend webinar for anyone responsible for management of SOAR solutions in their organization. During the webinar you'll hear from Josh Williams, FireMon Senior Sales Engineer, Cloud and Automation Solutions, as he shares his presentation from Black Hat USA 2019 on how to add command to your SOAR initiatives. 

Security Operations Centers wield a vast arsenal of tools to secure their assets. To get the most out of those tools, SOAR solutions start you down the right path. But if you want your SOAR solutions to truly take off, you need the ability to gather data in real time, analyze the data for patterns, trends and alerts, and respond instantly using automation. In this webinar, we'll dive deeper into automation and share five ways to make your SOAR initiatives take flight.

5 Ways to Make Your SOAR Initiatives Take Flight

Firewall rules are notoriously complex and voluminous in nature. Ironically, the more secure you try to be, the more complexity you create. Firewall proliferation not only driven by the number of physical sites, but also how fine-grained you attempt to make your network security. Along with more firewalls, you also end up with more rules, sometimes tens of thousands of them. 

On its own, this type of complexity is not a security issue. However, there is a strong correlation between the complexity of the firewall and the number of mistakes in the policy. Each mistake in turn adds unnecessary complexity. Over the years, these problems compound upon one another, resulting in an unmanageable policy, deteriorated firewall performance, increased risk and increased management costs.

In this webinar, we discuss the top 5 risks the team at FireMon, the leading network security policy software vendor, finds when assessing complex firewall infrastructures as well as the types of analysis you can perform to clean up your firewalls effectively and safely and prevent rules from getting out of hand and outdated in the future.

Top 5 Risks of "Dirty" Firewalls

Network Security

Firewalls

Ultimate Windows Security

Policy Compliance

Welcome to the virtualization community on BrightTALK! Whether it affects servers, storage, networks, desktops or other parts of the data center, virtualization provides real benefits by reducing the resources needed for your
infrastructure and creating software-defined data center components. However, it can also complicate your infrastructure. Join this active community to learn best
practices for avoiding virtual machine sprawl and other common virtualization pitfalls as well as how you can make the most of your virtualization environment.

Virtualization

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Top 5 Risks of "Dirty" Firewalls

Presented by

About this talk

More from this channel