N00bSec to Cyber-Champion: How I Used CTFs Launch My Career in Cybersecurity
Too often, when I tried to learn cybersecurity in a classroom lab, I found that it existed in a sphere of ideal conditions: we were given the perfect command on the perfect target to get the perfect results on that target. As it turns out, the real world has less than ideal conditions, so I wasn’t sure how my education was going to translate to the real world. That’s when I discovered cyber competitions. In the CTF’s I began to play, I found that there were no wrong ways to get a right answer and I was finally able to hit the ground running in a way that felt like I was preparing for the workforce. Just over a year into my career, I can say that Cyber CTF’s prepared me better than any classroom experience could. Join me on Wednesday, October 2nd to find out how this newbie took her skills from #N00bSec to #Cyber-Champion using CTF’s!
RecordedOct 2 201961 mins
Your place is confirmed, we'll send you email reminders
Jessica Gulick, CEO, and Monica Ricci, VP of Marketing, Katzcy
Join Jessica Gulick, tech & cybersecurity growth hacker, as she shares the top lessons that have not only been learned, but have been put into practice by Katzcy’s growth-stage clients. We’ll talk about the importance of understanding buyer profiles, the techno-buzz trap, the right time for geek-speak, and how to build a narrative that positions your unique solution in the right box in the minds of buyers, industry analysts, and influencers alike.
Custom code is the way that we are optimizing and creating new business opportunities but it is also the way that we are being attacked. Learn how to integrate security into DevOps and manage the risk posed by application development in such a way that speed and agility are not sacrificed.
Chris Rodgers, Director of Product Management, Qualys & Jim Reavis, CEO and Co-founder of CSA
Most people think that a network is a static event. However, with new types of devices, transient workloads, contract and guest participation, the system is fluid. At any given time,15-20% of the network is unseen or unmanaged. This is why the principle of maximum IT asset visibility is a fundamental prerequisite to improving your security posture. Simply put, it is difficult, if not impossible, to secure what we do not know or cannot see.
During the webinar, Jim Reavis, co-founder and CEO of the Cloud Security Alliance, will discuss the challenges facing today's complex and hyper-connected IT environments. Additionally, Qualys' Chris Rodgers will explore:
- Why comprehensive visibility is the foundation for your security architecture
- The importance of visibility as it relates to compliance
- A demonstration of the role visibility plays in threat hunting
- Customer success stories highlighting how access to clean, reliable data with visibility and context enabled leads to effective business decisions
Insider threats can wreck your network, your business, and your company's reputation. But stopping malicious or simply incompetent insiders from doing damage isn't just an exercise in analyzing where the damage came from. Insider Threats aren’t just malicious employees. They can run the gamut from incompetent to accidental to theft. Join Ryan Lai, EVP of Professional Services at Nisos, as he discusses the wide-ranging complexities of an insider threat investigation.
David Morris, Roy E. Hadley Jr., Reid Eastburn and Skeet Spillane
This session will cover why State and Local Governments have headed the list of Ransomware Attacks. Part 1 will delve into why is this the case and Part 2 will address what can be done to prevent these attacks.
Troy Vennon, Director of Security Innovation, the Columbus Collaboratory
It’s been 20+ years since the US government first issued a directive mandating that critical infrastructure providers in the public and private sectors share information about cyber threats. This directive, PDD63, recognized that, in the face of increasing threats, organizations that band together to share information and coordinate responses stand a better chance of protecting themselves. Thus, the realm of threat intelligence sharing was created. Join Troy Vennon, Director of Security Innovation at Columbus Collaboratory, as he reviews the basics of sharing threat intelligence and how it can benefit an organization of any size in any industry.
Emily Wilson, VP of Research, and Dee Liebenstein, VP of Product Management, Terbium Labs
A thriving fraud economy exists in the criminal underground, on the Dark Web and beyond, that trades in compromised information. Even if it’s not your business’s information, it’s still your problem because stolen user credentials are used for large-scale phishing attacks, credential stuffing, and account takeover.
Join two Terbium Labs VPs—Emily Wilson, VP of Research, and Dee Liebenstein, VP of Product Management—as they offer insights into how your organization should rethink data security as more information is exposed, and re-exposed, every day.
David Morris, Lance James, Steven Teppler, and Mark Rasch
This session will delve into the legal responsibilities of your Bank's liability and your requirements to protect your banking credentials from the unauthorized transfer of funds as a result of a hack.
Jeff Costlow, Deputy CISO, ExtraHop & Craig Balding of CSA
The rush to innovate has resulted in more sophisticated threat defenses, but it has also created a complex web of tools that must be managed by an already overworked and understaffed security team. Heterogeneity of defense systems is itself a defense, so modern security teams need to approach consolidation differently.
In this session, Jeff Costlow, Deputy CISO at ExtraHop will give an abbreviated version of his keynote presentation at the upcoming CSA Summit at (ISC)² and share insights about how data-first approaches and cross-collaboration improve security posture and help reduce tool sprawl.
Jerry Caponera, VP of Products & Cyber Risk, Nehemiah Security
Join us for this webinar to explore how cyber risk models have evolved to more accurately predict financial outcomes through better alignment with frameworks and models like NIST and MITRE ATT&CK. Jerry Caponera, VP of Products and Cyber Risk at Nehemiah Security, will share insights from global cybersecurity leaders who have risen above cyber geek talk and successfully translated risk into business terms. He will cover managing risk by tracking associated potential financial losses; what’s behind the hype surrounding financial data risk assessment (FinDRA); how to calculate ROI for security and mitigation investments; and how to brief your Board on cyber risk in financial terms.
Tune in for this live interview with Graeme Payne, former VP and CIO for Global Corporate Platforms at Equifax. This session will give you first hand insights into what happened at Equifax, and lessons learned.
Machine learning platforms are one of the fastest growing services of the public cloud. ML, an approach and set of technologies that use Artificial Intelligence (AI) concepts, is directly related to pattern recognition and computational learning. Early adopters of AI have now rolled out cloud-based services that are bringing AI to the masses.
How are AI, deep learning, machine learning, big data, and cloud related? Can machine learning algorithms enable the use of an individual’s comprehensive biological information to predict or diagnose diseases, and to find or develop the best therapy for that individual? How is Quantum Computing in the Cloud related to the use of AI and Cybersecurity?
Join this webinar to learn more about:
- Machine Learning, Data Discovery and Cloud
- Cloud-Based ML Applications and ML services from AWS and Google Cloud
- How to Automate Machine Learning
Join BrightTALK's LinkedIn Group for IT Security Insights: http://bit.ly/2IsbauU
This session will take a practical approach to IT risk management and discuss multi cloud, Verizon Data Breach Investigations Report (DBIR) and how Enterprises are losing ground in the fight against persistent cyber-attacks. We simply cannot catch the bad guys until it is too late. This picture is not improving. Verizon reports concluded that less than 14% of breaches are detected by internal monitoring tools.
We will review the JP Morgan Chase data breach were hackers were in the bank’s network for months undetected. Network configuration errors are inevitable, even at the largest banks as Capital One that recently had a data breach where a hacker gained access to 100 million credit card applications and accounts.
Viewers will also learn about:
- Macro trends in Cloud security and Micro trends in Cloud security
- Risks from Quantum Computing and when we should move to alternate forms of encryption
- Review “Kill Chains” from Lockhead Martin in relation to APT and DDoS Attacks
- Risk Management methods from ISACA and other organizations
Speaker: Ulf Mattsson, Head of Innovation, TokenEx
Join BrightTALK's LinkedIn Group for IT Security Insights: http://bit.ly/2IsbauU
Lisa Jiggets/WSC; Marcelle Lee/Fractal Security; Jessica Gulick/Katzcy; Kristin Demoranville/Sony
Do you know your cyberjutsu tribe? There a many ways your tribe can help you take stock and advance your career. Join us for this webinar where a panel of cybersecurity professionals will discuss tools available for exploring opportunities for job advancement, from education and training and certifications to networking and mentorships. Moderated by Mansi Thakar from the Women's Society of Cyberjutsu (WSC), the group will provide tips for identifying and engaging with your cyberjutsu tribe.
Behind professional exteriors, many employees struggle with personal and financial pressures and workplace stress. The implications of employee stress to your business extend well beyond human resource concerns. Join Tom Miller, CEO of ClearForce, for this webinar discussing how employee stress leads to inadvertent errors, financial risks, disengagement, harassment, and in extreme cases, insider threats and criminal activity in the workplace. Tom will discuss how to discover and understand employee behavioral cycles so that you can take action to improve workplace safety, the productivity of both your workers and your business, and defend against insider threats.
John Bambenek, VP of Security Research and Intelligence at ThreatSTOP, Inc.
The chief problem with cybersecurity is that most of our tools and workforce is geared to waiting for adverse events, detecting those events (sometimes months after the fact), investigating the breach that has already occurred, and then cleaning up. This slow and reactive process ensures breaches happen and security staff us overwhelmed under the noise.
This talk will focus on automation and machine learning techniques that can proactively identify threats seen in the wild based on the latest academic research. This techniques allow organizations to identify suspect infrastructure before it is used to attack them. The key to making this work is infusing machine learning with knowledge of how actual attacks work and the threat landscape. Machine learning without intelligence is merely gussied up mensa math exercises.
It isn't enough to know what the attacker will use to attack, however. Armed with this knowledge, organizations now need to safely automatically block these attacks before they occur so breaches never happen to begin with. The goal of automation must be to stop attacks before they are launched, not merely speeding up incident response. Several case studies will be discussed showing how this all can work together in the real world.
- How to use machine learning and why it is essential to use strong intelligence to create models
- Techniques to use automation to block attacks before they are launched against a victim organization
- Cost-effective and safe ways to whitelist and blacklist infrastructure to insure against false positives
Scott Scheferman, Cylance Director of Global Services; Masataka Hashiguchi, Interfocus Sales Engineer
Join Interfocus and Cylance for this webinar outlining the workplace productivity gains that your business can realize through an integrated and unified platform delivering both IT asset management and endpoint security. Most IT teams today suffer from "alert fatigue" from the growing number of devices on their network, and spend on average 5-13 hours a week cleaning up compromised endpoints. Scott Scheferman from Cylance and Masataka Hashiguchi from Interfocus will demonstrate how automation and prevention is worth a pound of cure on your endpoints.
Diana Kelley, Microsoft | Michelle Drolet, Towerwall | Peter Dougherty, MantisNet
As the average monetary cost of a malware attack continues to increase and currently costs an organization an average of $2.4 million, it is essential to be up to date on detection and prevention best practices. Join leading industry experts as they discuss the biggest security threats and how to detect and prevent them:
-New on the threat landscape
-How to deploy automated threat detection
-Breach prevention best practices
Diana Kelley, Cybersecurity Field CTO, Microsoft (moderator)
Michelle Drolet, CEO, Towerwall
Peter Dougherty, CISSP, CEO, MantisNet
N00bSec to Cyber-Champion: How I Used CTFs Launch My Career in CybersecurityKaitlyn Bestenheider, Senior Information Security Associate for Tevora and Chief Player Ambassador for National Cyber League[[ webcastStartDate * 1000 | amDateFormat: 'MMM D YYYY h:mm a' ]]61 mins