Hi [[ session.user.profile.firstName ]]

Supply Chain Security

According to new research from Risk Ledger, 60% of security breaches originate in the organization's supply chain; including third party vendors and applications. No matter what business an organization is in, supply chain security and resilience must be factored into business planning to ensure secure, ongoing operations even during times of crisis and disruption.

Join this panel to learn more about:
- Types of supply chains (hardware, software, services)
- Common vulnerabilities in the supply chain
- Assessing where your security gaps lie and addressing the risk
- Impact of the COVID-19 pandemic on supply chain security
- Recommendations for improving security in your supply chain and your risk management program
- Benefits of Supply Chain Risk Management (SCRM)
- What is the Cybersecurity Maturity Model (CMM), and how it can improve supply chain security
- Solutions and approaches that can improve supply chain security

This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
Recorded Aug 18 2020 56 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Diana Kelley | Kiersten Todt | Nick Charpentier
Presentation preview: Supply Chain Security

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • 2021 Readiness: Balancing Security in a Post-COVID World Dec 9 2020 5:00 pm UTC 60 mins
    Diana Kelley, SecurityCurve
    Earlier this year many companies experienced an incredible shift to fully remote work almost overnight, in response to the COVID-19 pandemic. This accelerated the “digital transformation” journey for many companies compressing what was a multi-year timeline in to a few months and making 2020 different than any other previous year. In this episode we’ll explore how the balance between security, privacy and productivity was tipped this year, and what can we expect to see in 2021 as some, but not all, organizations head back to office work with a post-pandemic mindset.

    The audience will hear from CISOs and Security Directors about how this year was different, what they're going to do differently going forward, and what they expect (or have already seen) as organizations get back to pre-COVID levels.

    Topics covered:
    - 2020 in review
    - The hard lesson that a mobile workforce is not the same as a remote workforce
    - How the attack surface expanded and what CISOs are doing to ensure risk doesn’t expand too
    - How digital transformation sped up and what they meant for security, privacy and productivity
    - During the speedy journey to the cloud - what mistakes were made?
    - Lessons learned that will be carried forward for security teams
    - What CISOs are doing to prepare for whatever 2021 may bring

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Deceiving the Attacker Nov 17 2020 5:00 pm UTC 60 mins
    Diana Kelley, SecurityCurve
    When it comes to deception technology, the industry is evolving beyond simple honeypots to a more automated, scalable, and effective approach.

    Join this episode of The (Security) Balancing Act to discover how deception technology can be used by organizations to detect, investigate and respond to malicious intruders. How does deceiving the attacker save your company and buy you time?

    During this episode, we'll go over:
    - What is deception technology and what does it help with?
    - How does it work? (e.g. Deception decoys, lures, honeytokens, traps, grids)
    - Is your organization ready to adopt deception?
    - What do you need to do before you buy the technology / build it in-house?
    - Key benefits of using deception for threat hunting
    - What else can deception be used for?
    - Deception use cases
    - The role of AI in deception (e.g. dynamic deception)

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Securing Identity - 1 Year Check-In Oct 14 2020 4:00 pm UTC 60 mins
    Diana Kelley | Angela Leifson | Aidan Walden | Shareth Ben
    According to Verizon’s 2020 Data Breach Investigation Report (DBIR), over 80% of hacking-related breaches involved the use of lost or stolen credentials - and approximately 35% of all breaches were initiated due to weak or compromised credentials.

    Last year, we kicked off The (Security) Balancing Act series with a panel of identity experts to help us understand the landscape. Join us for this 1 year check-in to learn what has changed for organizations in the last 12 months and the security implications of shifting to a more remote workforce.

    - 2020 vs 2019: Key changes & challenges for cybersecurity
    - How work from home has opened the door to attackers
    - Regulatory updates that may impact identity management programs
    - Why attackers are focused on credentials and authentication systems
    - What businesses can do to keep track of all endpoints, manage identities and privileged access, protect their data and maintain compliance

    Panelists:
    - Angela Leifson, Forensic Analyst for Oracle Cloud Infrastructure
    - Aidan Walden, Director, Public Cloud Architecture & Engineering at Fortinet
    - Shareth Ben, Executive Director, Insider Threat & Cyber Threat Analytics at Securonix

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Life on the Front Lines - Staying Sane in the SOC Recorded: Sep 16 2020 57 mins
    Diana Kelley, SecurityCurve | Vinay Pidathala, Menlo Security | Delyan Nestorov, Rapid7 | Charity Wright, Recorded Future
    Join this episode of The (Security) Balancing Act for an insider's view of life on the front lines of cybersecurity.

    This panel will look into what it's like to work in and manage a Security Operations Center (SOC), as well as share best practices for keeping your team of front-line defenders sane, empowered and happy, and your organization secure.

    The topics up for discussion during this episode include:
    - What kind of people are best suited for work in a SOC?
    - What kind of training / certifications / skills are needed to be successful?
    - How to handle alert fatigue and analyst overload?
    - Is automation (ML & AI) the answer?
    - What do you do when IOCs aren't enough?
    - Hunters vs. responders, what's the difference?
    - How the pandemic is impacting security operations?
    - Building a healthy team culture and managing self-care in the age of breaches
    - What's needed to make life easier for these front-line cyber defenders

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Supply Chain Security Recorded: Aug 18 2020 56 mins
    Diana Kelley | Kiersten Todt | Nick Charpentier
    According to new research from Risk Ledger, 60% of security breaches originate in the organization's supply chain; including third party vendors and applications. No matter what business an organization is in, supply chain security and resilience must be factored into business planning to ensure secure, ongoing operations even during times of crisis and disruption.

    Join this panel to learn more about:
    - Types of supply chains (hardware, software, services)
    - Common vulnerabilities in the supply chain
    - Assessing where your security gaps lie and addressing the risk
    - Impact of the COVID-19 pandemic on supply chain security
    - Recommendations for improving security in your supply chain and your risk management program
    - Benefits of Supply Chain Risk Management (SCRM)
    - What is the Cybersecurity Maturity Model (CMM), and how it can improve supply chain security
    - Solutions and approaches that can improve supply chain security

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Protecting Your Business from Nation State Attacks Recorded: Jul 21 2020 59 mins
    Diana Kelley | Matt Rider | Etay Maor
    Cyberattacks attributed to foreign governments have been on the rise for years, many against organizations all over the world. These attacks try to steal online account information, infect computers, and compromise the safety of networks. Targets of these attacks include think tanks, university staff, government employees, and even members of organizations focused on human rights issues.

    As these attacks increase in prevalence and sophistication, organizations are taking notice of the threats posed by hostile state actors and state-sponsored cybercriminal groups.

    So, how can businesses protect against them?

    Join today's episode of The (Security) Balancing Act with Diana Kelley to learn whether your business should be concerned about nation state attacks and what to do about it.

    The topics up for discussion will include:
    - State actors & rise in cyber crime
    - How the attackers get in
    - A review of recent nation-state campaigns
    - How does this impact organizations across different verticals (Financial vs Healthcare vs Government)
    - How industry and law enforcement are responding to these attacks
    - How AI and ML may change cybercriminal tactics
    - How to deal with threats from criminals and hostile states

    Panelists:
    - Etay Maor, Chief Security Officer, IntSights
    - Matt Rider, International Engineering Director, Rapid7

    We welcome viewer participation and questions during this interactive panel session.
  • Securing the Remote Workforce Recorded: Jun 30 2020 59 mins
    Diana Kelley | David Sherry | Lee Imrey | Nathan Howe
    Remote working has been a growing trend for the last few years, especially in the tech sector. However, the COVID19 outbreak has really pushed businesses to adopt or accelerate their remote integration plans. How has this affected security? What are the steps companies need to take to better protect their remote workforce?

    Join this episode as we explore the security challenges in the time of COVID, why a strong security culture is important, and what steps to take today.
    - What are the security challenges associated with remote working
    - Examples of changes in cyber-attacks during COVID
    - Managing patching, VPNs, and backups for large and small remote workforces
    - How to maintain auditability and visibility
    - How to enable and keep your remote team secure
    - ​Tips for training end users to help themselves
    - Why a strong security culture matters now more than ever

    Panelists:
    - David Sherry, CISO, Princeton University
    - Lee Imrey, Cybersecurity Advisor, Splunk
    - Nathan Howe, Head of Transformation Strategy, EMEA, Zscaler

    This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.
  • Cybersecurity Strategy and Leadership for the SMB Recorded: May 20 2020 56 mins
    Diana Kelley | Susan Whittemore | Jay Ryerse | Courtney Radke
    Smaller businesses have a common problem when it comes to cybersecurity - limited expertise, resources and budget.

    The board is asking for, clients are demanding to know whether the company is secure, IT team can't articulate the cybersecurity program, because there isn't one.

    Cybersecurity is sometimes an afterthought for a start-up, or delegated to one engineer. There's a tendency to think of cybersecurity as a set of tactical, technical implementations to cover obvious threats rather than a business problem.

    We'll discuss the role of the CISO in terms of providing the leadership and strategy for a cohesive, risk based program. Ideally, the role is not a technician.

    With an ever-evolving threat landscape and a growing business, where does a business start to build and maintain an affordable program? We'll discuss a baseline program, technologies required, focusing on fewest technologies for maximum benefit.

    This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.
  • Balancing Security on Premise and In The Cloud Recorded: Apr 22 2020 60 mins
    Diana Kelley | Dominique West | Jon Garside | Dan Harding
    Digital transformation - we hear about it all the time, but what does it really mean for security? As organizations transition users, applications, workloads, and data from on-premise into the cloud to improve agility and competitiveness - how does that change their security landscape and threat model? And how can organizations address the challenge of protecting both legacy on-premise systems, while at the same time, also having to secure dynamic multi-cloud-based environment?

    Join today's episode to learn about the reality many organizations are facing when it comes to juggling on prem and multi-cloud security, what the key differences are and how to address them for your organization. The panel will also discuss the following topics:

    - What are the differences between Cloud Security vs On-Premise Security and why do they matter for organizations in 2020?
    - Can we normalize our security posture across the legacy and hybrid/multi-cloud environments?
    - Is it possible to improve security as part of a digital transformation program?
    - What kind of cyber hygiene do we need to practice? What should be added and what can be taken off security teams' plates?
    - Where does DevOps (or DevSecOps) fit into all of this?
    - Are cloud security failures the customer's fault?
    - What is SASE and how will it impact your organization?

    This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.
  • Balancing the Security Workforce Recorded: Mar 25 2020 56 mins
    Diana Kelley | Chris Calvert | Larry Whiteside, Jr. | Gary Hayslip
    The world needs more people in infosec. There are currently about 2.8 million cybersecurity professionals, but roughly 4 million more are needed to close the skills gap.

    So, how are organizations addressing this shortage? What are some of the things organizations are doing when it comes to attracting and retaining cybersecurity talent, but also balancing the workload for the security teams they already have.

    Join today's episode to learn more about the challenges and solutions when it comes to balancing the security workforce.
    - Security skills shortage: Myth vs. Reality
    - Top challenges for security teams
    - Addressing burnout and analyst fatigue
    - How machine learning can help
    - Areas where people are better than AI
    - Building a security culture
    - Removing obstacles and attracting new talent

    This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.

    Panelists:
    - Chris Calvert, Co-Founder & VP Strategy at Respond Software
    - Larry Whiteside, Jr., Veteran CISO & Cybersecurity Thought Leader; Co-Founder & Interim President - ICMCP
    - Gary Hayslip, CISO, Softbank
  • Social Engineering Threats to Enterprise Security Recorded: Feb 18 2020 58 mins
    Diana Kelley | Tyler Cohen Wood | Stephanie Carruthers | Samantha Davison
    Join us as we review social engineering tactics and attack methods. Learn about the latest trends in social engineering, the risk to your organization's cybersecurity and what steps to take to mitigate it.

    Viewers will learn more about:
    - How social engineers exploit human behavior
    - Most common types of social engineering attacks
    - New in phishing, baiting, tailgating and more
    - Managing access and insider threats

    This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.
  • How To Prevent Bias in Machine Learning Recorded: Jan 23 2020 58 mins
    Diana Kelley, Microsoft I Deveeshree Nayak, University of Washington, Tacoma I Marcae Bryant-Omosor, USAA
    Machine Learning is not immune to bias. In fact, often times it can actually amplify bias.

    As organizations are increasingly turning to ML algorithms to review vast amounts of data, achieve new efficiencies and help make life-changing decisions, ensuring that bias does not creep in ML algorithms is now more important than ever.

    So, how can we protect ML systems from the “garbage in, garbage out” syndrome?

    If undetected or left unchecked, feeding "garbage" biased data to self-learning systems can lead to unintended and potentially dangerous outcomes.

    Join us as we discuss bias in Machine Learning. Learn about the risk of ML bias, how to detect it and how to prevent it.
  • When NOT To Release and Hold Out for Better Security Recorded: Dec 5 2019 51 mins
    Diana Kelley, Microsoft | Arun Kothanath, Clango | Ed Moyle, SecurityCurve
    New products or services can mean the difference between success and failure for a lot of companies. However, in the rush to release, security often takes a back seat which can cause monetary and reputational trouble down the line.

    Join us as we explore instances when it's best for the business NOT to release new products, features or services and instead hold out for better security. Learn what's needed to assess risk before launch and how to balance speed, innovation and security.

    Panelists:
    - Arun Kothanath, Chief Security Strategist, Clango
    - Ed Moyle, Founding Partner, SecurityCurve
  • Why Today’s Attacker is Focused on Identities Recorded: Oct 31 2019 59 mins
    Diana Kelley, Microsoft I Joseph Carson, Thycotic I Roshan Sherifudeen, EY
    According to Verizon’s 2019 Data Breach Investigation Report, 80% of hacking-related breaches exploited either stolen or weak user passwords - and 29% of all breaches used stolen credentials regardless of attack type. Why are attackers focused on authentication systems, and what risk does this pose as our businesses move more sensitive data and applications into the cloud?

    Join us as we explore what today’s attacker knows and how to balance defending your data with continuing to offer users and customers the agility they have come to expect.
  • Balancing Security and Privacy Recorded: Sep 26 2019 57 mins
    Diana Kelley, Microsoft I Bill Mew, Crisis Team I Michelle Drolet, Towerwall Inc. I Guy Cohen, Privitar
    There is an old adage that says you can have security without privacy, but not privacy without security. Knowing the differences and overlap between the two is key in today's data landscape.

    Think about it this way - if security is the safeguarding of your data, privacy is the safeguarding of your identity as a user. For many, striking the right balance between privacy and security has never been more critical.

    Join us for The (Security) Balancing Act, a new series where we will explore the difference between privacy and security, their core principles and what's needed to balance the two.
The (Security) Balancing Act
As we realize the transformative power of the cloud, AI and machine learning, has our culture of responsibility and ethics kept pace? How do we harness our new technological capabilities to the understanding of how to use them well?

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Supply Chain Security
  • Live at: Aug 18 2020 4:00 pm
  • Presented by: Diana Kelley | Kiersten Todt | Nick Charpentier
  • From:
Your email has been sent.
or close