Hi [[ session.user.profile.firstName ]]

Securing the Remote Workforce

Remote working has been a growing trend for the last few years, especially in the tech sector. However, the COVID19 outbreak has really pushed businesses to adopt or accelerate their remote integration plans. How has this affected security? What are the steps companies need to take to better protect their remote workforce?

Join this episode as we explore the security challenges in the time of COVID, why a strong security culture is important, and what steps to take today.
- What are the security challenges associated with remote working
- Examples of changes in cyber-attacks during COVID
- Managing patching, VPNs, and backups for large and small remote workforces
- How to maintain auditability and visibility
- How to enable and keep your remote team secure
- ​Tips for training end users to help themselves
- Why a strong security culture matters now more than ever

Panelists:
- David Sherry, CISO, Princeton University
- Lee Imrey, Cybersecurity Advisor, Splunk
- Nathan Howe, Head of Transformation Strategy, EMEA, Zscaler

This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.
Recorded Jun 30 2020 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Diana Kelley | David Sherry | Lee Imrey | Nathan Howe
Presentation preview: Securing the Remote Workforce

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Zero Trust for the New Normal Jun 16 2021 4:00 pm UTC 60 mins
    Diana Kelley, SecurityCurve | Mari Galloway, Women's Society of Cyberjutsu
    Working remotely has become the new normal. This, and many other changes organizations adopted last year in response to the pandemic are likely to stay for the long term. According to Gallup, about two-thirds of U.S. remote workers want to continue to work remotely. So, how can organizations continue to support their growing distributed workforce at a time where reports of security threats have increased by 400% compared to pre-pandemic levels? 

    Here is where the zero-trust approach to security comes into play. 

    Join this month's episode of The (Security) Balancing Act with Diana Kelley and guests as they discuss the emergence of zero trust (“Trust Nothing, Verify Everything”) and what it helps achieve for enterprises in the age of cloud and remote work.

    Viewers will learn about:
    - The evolution of the security perimeter and the shift to zero trust
    - Why zero trust is an approach and not a product
    - Zero Trust Network Access (ZTA) vs. corporate VPN
    - Real-world stories and practical hands-on guidance from people who have deployed a ZTA

    Speakers:
    - Mari Galloway, CEO, Women's Society of Cyberjutsu
    - Other panelists TBA

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Ransomware in the Remote Work Era May 12 2021 4:00 pm UTC 60 mins
    Diana Kelley, SecurityCurve | Jessica Gulick, Katzcy
    Phishing and ransomware attacks continue to rise, according to Proofpoint’s State of the Phish report for 2020. Organizations in the U.S. are at risk, the increase in remote work due to the pandemic has fueled a spike in attacks, and phishing attempts are up by 14 percent compared to the previous year.

    Email continues to be the number 1 delivery vehicle, but other social engineering schemes that rely on social media, voicemail (“vishing"), SMS phishing (“smishing”), and malicious USB drops are also of concern for organizations. Ransom demands are also on the rise, but according to the report, paying the ransom is not guaranteed to work as many companies that paid the ransom failed to receive a decryption key.

    Join this month's episode of The (Security) Balancing Act as Diana Kelley and guests discuss why ransomware is surging again, which sectors are most at risk, the threat to enterprises and how it is being used for more than just ransom (ex: distractionware, destructionware, etc).
    - The rise in ransomware under the cloak of the pandemic
    - Why email continues to be the channel of choice
    - The difference between fully automated and human-operated campaigns
    - How to decide whether or not to pay or not to pay the ransom
    - Why your backups may not be immune to ransomware
    - Addressing the threat with best practices

    Speakers
    - Jessica Gulick, Founder & CEO of Katzcy Consulting
    - Other panelists TBA

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Taking Down Nation State Botnets Apr 14 2021 4:00 pm UTC 60 mins
    Diana Kelley, SecurityCurve | Johna Till Johnson, Nemertes Research
    This month's episode of The (Security) Balancing Act will focus on botnets as a growing threat to the enterprise, examples from the real world, and what enterprises can do to better protect against botnet-fueled state sponsored attacks.

    Join this interactive roundtable discussion with security experts and industry leaders to learn more about:
    - How botnets have become a tool for cyber criminals and nation state actors
    - Real-world examples & known botnet attacks
    - Nation state ransomware attacks
    - DDoS attacks
    - Cyber espionage
    - ATPs
    - The trouble with attribution
    - What enterprises and governments can do to address the threat

    Panelists:
    - Johna Till Johnson, CEO and Founder of Nemertes Research
    - Other panelists TBA

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • The Future is Identity-Centric Mar 17 2021 4:00 pm UTC 60 mins
    Diana Kelley, SecurityCurve | Joseph Carson, Thycotic | Dave Farrow, Barracuda | Jeremy Snyder, Rapid7
    Instead of the traditional "castle and moat" model of the past, today the security perimeter is being defined around the identity of the person or the device requesting access. What are organizations doing to protect digital identities in the age of breaches? How are the current trends in identity and access management helping address this issue?

    Join this interactive roundtable discussion with notable security experts to learn more about:
    - The shift to identity-centric security
    - The zero trust mindset
    - What constitutes strong and effective authentication and authorization
    - The role of policy orchestration and enforcement
    - Best practices for protecting identities and managing access across the enterprise

    Panelists:
    - Joseph Carson, Chief Security Scientist and Advisory CISO at Thycotic
    - Dave Farrow, VP, Information Security at Barracuda
    - Jeremy Snyder, Sr. Director, Corporate Development, Rapid7

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Succeeding as a CISO in 2021 Recorded: Feb 17 2021 62 mins
    Diana Kelley, SecurityCurve | Patricia Titus, Markel Corp | Jonathan Nguyen-Duy, Fortinet | Gerald Mancini, Fidelis
    This month's episode of The (Security) Balancing Act will look at how the CISO role has evolved in the last few years, what today's expectations are and what it takes to succeed as a CISO.

    Some of the topics to be covered during this roundtable discussion with security and tech leaders include:
    - How has the CISO role evolved over the last few years and what is expected of CISOs in 2021?
    - CISO vs BISO
    - How to see ROI on your cybersecurity investment?
    - How to get the business to understand risk and care about security?
    - How to keep cyber employees happy. The churn is exhausting and costly for companies, and it’s exacerbated by employee burnout and a “grass is greener” approach.

    Panelists
    - Patricia Titus, Chief Privacy and Information Security Officer, Markel Corporation
    - Jonathan Nguyen-Duy, Vice President, Global Field CISO Team at Fortinet
    - Gerald Mancini, Chief Operating Officer of Fidelis Security

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Election Takeaways for Cybersecurity Leaders Recorded: Jan 20 2021 61 mins
    Diana Kelley | Jim Richberg | W. Curtis Preston
    The 2020 US presidential election is behind us, but the key cybersecurity issues surrounding election integrity could linger for years to come. From ransomware attacks on local governments, to the untamed spread of disinformation, to experimenting with online voting apps and the myriad of vulnerabilities uncovered across election infrastructures, cybersecurity had never before taken such a central place in the national conversation as it did in 2020.

    So, what have we learned in the aftermath? And how can we apply it to better protect upcoming elections as well as enterprises, customers and employees?

    Join this interactive panel with security experts and tech leaders to learn the biggest lessons from the election from a cybersecurity and privacy standpoint. Discover what went down, what could have gone better and how to prepare for the midterm elections in 2022.

    - Can we build a hack-free election
    - Does misinformation on social sites impact how people vote and what can be done to stop the spread
    - What was new this time and what should security leaders keep in mind for their organizations
    - Would it be safer if we brought the voting process online or in app
    - Can nation state actors change voter rolls or polling data
    - What the biggest election threats mean for industry
    - Key takeaways for cybersecurity leaders

    Panelists:
    - Jim Richberg, Public Sector Field CISO at Fortinet
    - W. Curtis Preston, Chief Technical Evangelist, Druva

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • 2021 Readiness: Balancing Security in a Post-COVID World Recorded: Dec 9 2020 60 mins
    Diana Kelley | Mark Weatherford | Ted Harrington | Amir Shaked
    Earlier this year many companies experienced an incredible shift to fully remote work almost overnight, in response to the COVID-19 pandemic. This accelerated the “digital transformation” journey for many companies compressing what was a multi-year timeline into a few months and making 2020 different than any other previous year. In this episode we’ll explore how the balance between security, privacy and productivity was tipped this year, and what can we expect to see in 2021 as some, but not all, organizations head back to office work with a post-pandemic mindset.

    The audience will hear from CISOs and Security Directors about how this year was different, what they're going to do differently going forward, and what they expect (or have already seen) as organizations get back to pre-COVID levels.

    Topics covered:
    - 2020 in review
    - The hard lesson that a mobile workforce is not the same as a remote workforce
    - How the attack surface expanded and what CISOs are doing to ensure risk doesn’t expand too
    - How digital transformation sped up and what they meant for security, privacy and productivity
    - During the speedy journey to the cloud - what mistakes were made?
    - Lessons learned that will be carried forward for security teams
    - What CISOs are doing to prepare for whatever 2021 may bring

    Panelists:
    - Mark Weatherford, Chief Strategy Officer and Board Member, National Cybersecurity Center
    - Amir Shaked - VP, R&D, PerimeterX
    - Ted Harrington, Executive Partner, Independent Security Evaluators [ISE]

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Deceiving the Attacker Recorded: Nov 17 2020 56 mins
    Diana Kelley | Chris Roberts | Christina Fowler
    When it comes to deception technology, the industry is evolving beyond simple honeypots to a more automated, scalable, and effective approach.

    Join this episode of The (Security) Balancing Act to discover how deception technology can be used by organizations to detect, investigate and respond to malicious intruders. How does deceiving the attacker save your company and buy you time?

    During this episode, we'll go over:
    - What is deception technology and what does it help with?
    - How does it work? (e.g. Deception decoys, lures, honeytokens, traps, grids)
    - Is your organization ready to adopt deception?
    - What do you need to do before you buy the technology / build it in-house?
    - Key benefits of using deception for threat hunting
    - What else can deception be used for?
    - Deception use cases
    - The role of AI in deception (e.g. dynamic deception)

    Panelists:
    - Chris Roberts, vCISO, Researcher, Hacker, Consultant, Devils Advocate
    - Christina Fowler, Chief Cyber Intel Strategist at MITRE Corporation

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Securing Identity - 1 Year Check-In Recorded: Oct 14 2020 59 mins
    Diana Kelley | Aidan Walden | Shareth Ben | Doug Simmons
    According to Verizon’s 2020 Data Breach Investigation Report (DBIR), over 80% of hacking-related breaches involved the use of lost or stolen credentials - and approximately 35% of all breaches were initiated due to weak or compromised credentials.

    Last year, we kicked off The (Security) Balancing Act series with a panel of identity experts to help us understand the landscape. Join us for this 1 year check-in to learn what has changed for organizations in the last 12 months and the security implications of shifting to a more remote workforce.

    - 2020 vs 2019: Key changes & challenges for cybersecurity
    - How work from home has opened the door to attackers
    - Regulatory updates that may impact identity management programs
    - Why attackers are focused on credentials and authentication systems
    - What businesses can do to keep track of all endpoints, manage identities and privileged access, protect their data and maintain compliance

    Panelists:
    - Aidan Walden, Director, Public Cloud Architecture & Engineering at Fortinet
    - Shareth Ben, Executive Director, Insider Threat & Cyber Threat Analytics at Securonix
    - Doug Simmons, Principal Consulting Analyst, Managing Director, Consulting at TechVision Research

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Life on the Front Lines - Staying Sane in the SOC Recorded: Sep 16 2020 57 mins
    Diana Kelley, SecurityCurve | Vinay Pidathala, Menlo Security | Delyan Nestorov, Rapid7 | Charity Wright, Recorded Future
    Join this episode of The (Security) Balancing Act for an insider's view of life on the front lines of cybersecurity.

    This panel will look into what it's like to work in and manage a Security Operations Center (SOC), as well as share best practices for keeping your team of front-line defenders sane, empowered and happy, and your organization secure.

    The topics up for discussion during this episode include:
    - What kind of people are best suited for work in a SOC?
    - What kind of training / certifications / skills are needed to be successful?
    - How to handle alert fatigue and analyst overload?
    - Is automation (ML & AI) the answer?
    - What do you do when IOCs aren't enough?
    - Hunters vs. responders, what's the difference?
    - How the pandemic is impacting security operations?
    - Building a healthy team culture and managing self-care in the age of breaches
    - What's needed to make life easier for these front-line cyber defenders

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Supply Chain Security Recorded: Aug 18 2020 56 mins
    Diana Kelley | Kiersten Todt | Nick Charpentier
    According to new research from Risk Ledger, 60% of security breaches originate in the organization's supply chain; including third party vendors and applications. No matter what business an organization is in, supply chain security and resilience must be factored into business planning to ensure secure, ongoing operations even during times of crisis and disruption.

    Join this panel to learn more about:
    - Types of supply chains (hardware, software, services)
    - Common vulnerabilities in the supply chain
    - Assessing where your security gaps lie and addressing the risk
    - Impact of the COVID-19 pandemic on supply chain security
    - Recommendations for improving security in your supply chain and your risk management program
    - Benefits of Supply Chain Risk Management (SCRM)
    - What is the Cybersecurity Maturity Model (CMM), and how it can improve supply chain security
    - Solutions and approaches that can improve supply chain security

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Protecting Your Business from Nation State Attacks Recorded: Jul 21 2020 59 mins
    Diana Kelley | Matt Rider | Etay Maor
    Cyberattacks attributed to foreign governments have been on the rise for years, many against organizations all over the world. These attacks try to steal online account information, infect computers, and compromise the safety of networks. Targets of these attacks include think tanks, university staff, government employees, and even members of organizations focused on human rights issues.

    As these attacks increase in prevalence and sophistication, organizations are taking notice of the threats posed by hostile state actors and state-sponsored cybercriminal groups.

    So, how can businesses protect against them?

    Join today's episode of The (Security) Balancing Act with Diana Kelley to learn whether your business should be concerned about nation state attacks and what to do about it.

    The topics up for discussion will include:
    - State actors & rise in cyber crime
    - How the attackers get in
    - A review of recent nation-state campaigns
    - How does this impact organizations across different verticals (Financial vs Healthcare vs Government)
    - How industry and law enforcement are responding to these attacks
    - How AI and ML may change cybercriminal tactics
    - How to deal with threats from criminals and hostile states

    Panelists:
    - Etay Maor, Chief Security Officer, IntSights
    - Matt Rider, International Engineering Director, Rapid7

    We welcome viewer participation and questions during this interactive panel session.
  • Securing the Remote Workforce Recorded: Jun 30 2020 59 mins
    Diana Kelley | David Sherry | Lee Imrey | Nathan Howe
    Remote working has been a growing trend for the last few years, especially in the tech sector. However, the COVID19 outbreak has really pushed businesses to adopt or accelerate their remote integration plans. How has this affected security? What are the steps companies need to take to better protect their remote workforce?

    Join this episode as we explore the security challenges in the time of COVID, why a strong security culture is important, and what steps to take today.
    - What are the security challenges associated with remote working
    - Examples of changes in cyber-attacks during COVID
    - Managing patching, VPNs, and backups for large and small remote workforces
    - How to maintain auditability and visibility
    - How to enable and keep your remote team secure
    - ​Tips for training end users to help themselves
    - Why a strong security culture matters now more than ever

    Panelists:
    - David Sherry, CISO, Princeton University
    - Lee Imrey, Cybersecurity Advisor, Splunk
    - Nathan Howe, Head of Transformation Strategy, EMEA, Zscaler

    This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.
  • Cybersecurity Strategy and Leadership for the SMB Recorded: May 20 2020 56 mins
    Diana Kelley | Susan Whittemore | Jay Ryerse | Courtney Radke
    Smaller businesses have a common problem when it comes to cybersecurity - limited expertise, resources and budget.

    The board is asking for, clients are demanding to know whether the company is secure, IT team can't articulate the cybersecurity program, because there isn't one.

    Cybersecurity is sometimes an afterthought for a start-up, or delegated to one engineer. There's a tendency to think of cybersecurity as a set of tactical, technical implementations to cover obvious threats rather than a business problem.

    We'll discuss the role of the CISO in terms of providing the leadership and strategy for a cohesive, risk based program. Ideally, the role is not a technician.

    With an ever-evolving threat landscape and a growing business, where does a business start to build and maintain an affordable program? We'll discuss a baseline program, technologies required, focusing on fewest technologies for maximum benefit.

    This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.
  • Balancing Security on Premise and In The Cloud Recorded: Apr 22 2020 60 mins
    Diana Kelley | Dominique West | Jon Garside | Dan Harding
    Digital transformation - we hear about it all the time, but what does it really mean for security? As organizations transition users, applications, workloads, and data from on-premise into the cloud to improve agility and competitiveness - how does that change their security landscape and threat model? And how can organizations address the challenge of protecting both legacy on-premise systems, while at the same time, also having to secure dynamic multi-cloud-based environment?

    Join today's episode to learn about the reality many organizations are facing when it comes to juggling on prem and multi-cloud security, what the key differences are and how to address them for your organization. The panel will also discuss the following topics:

    - What are the differences between Cloud Security vs On-Premise Security and why do they matter for organizations in 2020?
    - Can we normalize our security posture across the legacy and hybrid/multi-cloud environments?
    - Is it possible to improve security as part of a digital transformation program?
    - What kind of cyber hygiene do we need to practice? What should be added and what can be taken off security teams' plates?
    - Where does DevOps (or DevSecOps) fit into all of this?
    - Are cloud security failures the customer's fault?
    - What is SASE and how will it impact your organization?

    This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.
  • Balancing the Security Workforce Recorded: Mar 25 2020 56 mins
    Diana Kelley | Chris Calvert | Larry Whiteside, Jr. | Gary Hayslip
    The world needs more people in infosec. There are currently about 2.8 million cybersecurity professionals, but roughly 4 million more are needed to close the skills gap.

    So, how are organizations addressing this shortage? What are some of the things organizations are doing when it comes to attracting and retaining cybersecurity talent, but also balancing the workload for the security teams they already have.

    Join today's episode to learn more about the challenges and solutions when it comes to balancing the security workforce.
    - Security skills shortage: Myth vs. Reality
    - Top challenges for security teams
    - Addressing burnout and analyst fatigue
    - How machine learning can help
    - Areas where people are better than AI
    - Building a security culture
    - Removing obstacles and attracting new talent

    This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.

    Panelists:
    - Chris Calvert, Co-Founder & VP Strategy at Respond Software
    - Larry Whiteside, Jr., Veteran CISO & Cybersecurity Thought Leader; Co-Founder & Interim President - ICMCP
    - Gary Hayslip, CISO, Softbank
  • Social Engineering Threats to Enterprise Security Recorded: Feb 18 2020 58 mins
    Diana Kelley | Tyler Cohen Wood | Stephanie Carruthers | Samantha Davison
    Join us as we review social engineering tactics and attack methods. Learn about the latest trends in social engineering, the risk to your organization's cybersecurity and what steps to take to mitigate it.

    Viewers will learn more about:
    - How social engineers exploit human behavior
    - Most common types of social engineering attacks
    - New in phishing, baiting, tailgating and more
    - Managing access and insider threats

    This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.
  • How To Prevent Bias in Machine Learning Recorded: Jan 23 2020 58 mins
    Diana Kelley, Microsoft I Deveeshree Nayak, University of Washington, Tacoma I Marcae Bryant-Omosor, USAA
    Machine Learning is not immune to bias. In fact, often times it can actually amplify bias.

    As organizations are increasingly turning to ML algorithms to review vast amounts of data, achieve new efficiencies and help make life-changing decisions, ensuring that bias does not creep in ML algorithms is now more important than ever.

    So, how can we protect ML systems from the “garbage in, garbage out” syndrome?

    If undetected or left unchecked, feeding "garbage" biased data to self-learning systems can lead to unintended and potentially dangerous outcomes.

    Join us as we discuss bias in Machine Learning. Learn about the risk of ML bias, how to detect it and how to prevent it.
  • When NOT To Release and Hold Out for Better Security Recorded: Dec 5 2019 51 mins
    Diana Kelley, Microsoft | Arun Kothanath, Clango | Ed Moyle, SecurityCurve
    New products or services can mean the difference between success and failure for a lot of companies. However, in the rush to release, security often takes a back seat which can cause monetary and reputational trouble down the line.

    Join us as we explore instances when it's best for the business NOT to release new products, features or services and instead hold out for better security. Learn what's needed to assess risk before launch and how to balance speed, innovation and security.

    Panelists:
    - Arun Kothanath, Chief Security Strategist, Clango
    - Ed Moyle, Founding Partner, SecurityCurve
  • Why Today’s Attacker is Focused on Identities Recorded: Oct 31 2019 59 mins
    Diana Kelley, Microsoft I Joseph Carson, Thycotic I Roshan Sherifudeen, EY
    According to Verizon’s 2019 Data Breach Investigation Report, 80% of hacking-related breaches exploited either stolen or weak user passwords - and 29% of all breaches used stolen credentials regardless of attack type. Why are attackers focused on authentication systems, and what risk does this pose as our businesses move more sensitive data and applications into the cloud?

    Join us as we explore what today’s attacker knows and how to balance defending your data with continuing to offer users and customers the agility they have come to expect.
The (Security) Balancing Act
As we realize the transformative power of the cloud, AI and machine learning, has our culture of responsibility and ethics kept pace? How do we harness our new technological capabilities to the understanding of how to use them well?

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Securing the Remote Workforce
  • Live at: Jun 30 2020 4:00 pm
  • Presented by: Diana Kelley | David Sherry | Lee Imrey | Nathan Howe
  • From:
Your email has been sent.
or close