Hi [[ session.user.profile.firstName ]]

CISO Insights: Early Warning Signs Before a Breach

Security Teams Are Utilizing Threat Intelligence for Spotting Potential Threats

Today’s threat environment has drastically changed due to the pandemic with threat actors taking advantage of the hyper-distributed, work-from-home workforce, which has exasperated security vulnerabilities. Consequently, this has impacted Cyber Threat Intelligence (CTI) teams worldwide.

In this executive dialogue, we spoke to Richard Kaufmann, CISO at Amedisys to discuss his current environment, journey, and the recent aggressive cyber attacks they have experienced due to the pandemic. Richard explained how threat intelligence is leveraged at Amedisys as “an early warning system” against attacks and the importance of establishing threat-sharing communities.

We also examined why it is important to get the board’s endorsement and more importantly key lessons learned on a critical topic faced by all CISOs–how to get support from your company board to do what’s necessary?

Watch this lively discussion focused on what to look for in your security environment before a breach.
Recorded Jul 13 2021 34 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Richard Kaufmann, CISO at Amedisys and Maggie Sanchez, VP of Sales for North America West and LATAM at Anomali
Presentation preview: CISO Insights: Early Warning Signs Before a Breach

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Intelligence Powered Threat Detection Recorded: Aug 24 2021 18 mins
    Mark Alba, Chief Product Officer, Anomali and Joe Gehrke, Solutions Architect, Anomali
    The resource you are about to view is an 18-minute long video.

    In this video, we'll show you how a bidirectional continuous retrospective search can speed and optimize threat detection, investigation, and response by orchestrating global intelligence that can be utilized by your full security team—this approach is particularly critical for events like Sunburst.
  • Threat Intelligence: The Essential Ingredient In Your XDR Strategy Recorded: Jul 20 2021 34 mins
    Thomas Graves, Senior Solutions Architect at Anomali
    Enhance Your XDR Strategy with Threat Intelligence

    In this webinar, Thomas Graves, Senior Solutions Architect at Anomali, discusses how an XDR security architecture provides a foundation for organizations to move closer to managing their security infrastructure as an integrated and unified platform. XDR empowers them to and prevent, detect, and respond to threats more effectively across the enterprise.

    But to be successful, an essential ingredient in any XDR implementation is high-fidelity threat intelligence that connects to structured workflows to avoid contributing to more alert fatigue and a team response that is not prioritized and unfocused.

    Topics of discussion include:

    -Characterizing Your Threat Landscape
    -Understanding the Pillars of XDR
    -Identifying XDR Use Cases
    -Avoiding XDR Pitfalls

    Watch the webinar and see how relevant threat intelligence powers analytics, detection, investigation, and response layers of XDR.
  • CISO Insights: Early Warning Signs Before a Breach Recorded: Jul 13 2021 34 mins
    Richard Kaufmann, CISO at Amedisys and Maggie Sanchez, VP of Sales for North America West and LATAM at Anomali
    Security Teams Are Utilizing Threat Intelligence for Spotting Potential Threats

    Today’s threat environment has drastically changed due to the pandemic with threat actors taking advantage of the hyper-distributed, work-from-home workforce, which has exasperated security vulnerabilities. Consequently, this has impacted Cyber Threat Intelligence (CTI) teams worldwide.

    In this executive dialogue, we spoke to Richard Kaufmann, CISO at Amedisys to discuss his current environment, journey, and the recent aggressive cyber attacks they have experienced due to the pandemic. Richard explained how threat intelligence is leveraged at Amedisys as “an early warning system” against attacks and the importance of establishing threat-sharing communities.

    We also examined why it is important to get the board’s endorsement and more importantly key lessons learned on a critical topic faced by all CISOs–how to get support from your company board to do what’s necessary?

    Watch this lively discussion focused on what to look for in your security environment before a breach.
  • What Big Cybersecurity Attacks Mean for Your Security Strategy Recorded: Jun 29 2021 53 mins
    Liviu Arsene, Bitdefender; André Correa, Malware Patrol; Tomislav Peričin, Reversing Labs; AJ Nash, Anomali
    The Sunburst malware attack was discovered in early December by FireEye researchers and is already considered one of the most evasive, sophisticated, and significant cyberattacks in history. Understanding the scope of the compromise and damage from the breaches will require time, as new attack vectors, tactics, and techniques continue to be discovered.

    In this threat intelligence session, leading experts discussed:

    -The significance of the Sunburst Attack in historical context
    -What the attack means for companies’ security strategy
    -What implications there are for the security industry going forward

    The Panelists:
    Liviu Arsene, Global Cybersecurity Researcher, Bitdefender
    André Correa, CEO & Founder, Malware Patrol
    Tomislav Peričin, Chief Software Architect & Co-founder, ReversingLabs
    AJ Nash, Sr. Director of Cyber Intelligence Strategy, Anomali

    Watch the panel to get this expert take on the Sunburst attack and how to navigate it, now that we know this type of attack exists.
  • Northern Europe Threat Intelligence Panel Recorded: Jun 14 2021 64 mins
    Panelists are from Anomali, CrowdStrike and Silobreaker
    This virtual threat briefing brought everyone together to discuss threat intelligence challenges, requirements, and best practices. Industry experts and threat intelligence thought-leaders provided briefings on today’s threat landscape, adversaries, and their attack techniques.

    In this session, experts from Anomali, CrowdStrike, and Silobreaker discuss the key security incidents and issues impacting Northern Europe including:

    Top threats on the horizon and the importance of an inter-disciplinary threat intelligence strategy.
    Ransomware attacks and Business Email Compromises: how are you addressing them?
    Insider threats posed by working from home: how a distributed workforce impacts the security of your supply chain.
    Watch the session on-demand and walk away with recommendations for your teams and tangible information to research within your own environments.
  • Cyber Fusion Centers—A Conversation on Actionable Threat Intel Recorded: Jun 14 2021 15 mins
    Mark Alba, CPO, Anomali and Tom Field, Senior VP, Editorial, ISMG
    Is a Lack of Automation Holding Enterprises Back?

    Join Anomali’s Mark Alba, and Tom Field from ISMG, to gain further insight into the lack of automation and actionable threat intelligence that may prevent enterprises from developing the fully functional Cyber Fusion Centers they envision. In this video interview, Mark Alba discusses the necessary levels of automation and visibility within organizations:

    -The state of threat intelligence in many enterprises
    -How the lack of automation hinders anti-fraud efforts
    -Business benefits to be realized through automation

    Watch this video to gain in-depth knowledge on securing your business and achieving automated intelligence with the Anomali approach.
  • Effectively Automate Your CTI Program with Air Canada and Anomali Recorded: Jun 10 2021 58 mins
    Kyle Howson, IT & Cyber Security Operations, at Air Canada and Dave Empringham, Principal Sales Engineer at Anomali
    Air Canada Demonstrates Tactical Steps to Ingest and Automate Threat Intel

    This webinar is the second in a series that demonstrates best practices for building effective and efficient threat intelligence programs with Anomali. You’ll hear from industry experts, Anomali power-users, and internal employees alike.

    Are you just getting started with your threat intel program? Kyle Howson, CSOC Specialist, IT & Cyber Security Operations, at Air Canada, shows you how he uses Anomali to automate his daily tasks. You'll learn tactical steps to building the automation and scripts needed to ingest, track, and manage your own threat intelligence through the Anomali threat intel platform, ThreatStream.

    Dave Empringham, a Principal Sales Engineer at Anomali, joins Kyle to offer advice as he helps make these tasks easy for customers on a regular basis.

    They demonstrate how to:

    -Bring intel data relative to your own organization into ThreatStream
    -Leverage this intel to improve visibility
    -Operationalize threat intelligence to increase your security posture
    -Efficient threat intel management is an important building block for any threat intel program—watch the webinar today.
  • Anomali Detect LIVE: Navigating Healthcare Cyber Attacks During a Pandemic Recorded: Jun 10 2021 30 mins
    Tony Clarke, VP of IT Operations & Infosecurity at Marken and Alexander Beattie, Sales Director, Norther Europe, Anomali
    Anomali Detect LIVE: Navigating Healthcare Cyber Attacks During a Pandemic

    COVID-19 Provides New Opportunities for Threat Actors to Target the Healthcare Industry

    Over the last year, a widespread disruption rocked the healthcare industry due to the coronavirus pandemic. Ensuring sufficient healthcare capacity and resources are complex issues facing many healthcare organizations, but they must also address the increase of cybersecurity threats. A variety of intricate and coordinated cyber-attacks, many from red flag countries, are targeting the healthcare industry. Stealing intellectual property such as data related to vaccine development is just one example.

    Cybercriminals are seeking to capitalize on the vulnerabilities of this industry as it can provide a very lucrative reward for their efforts. In this executive dialogue, we spoke to Tony Clarke, VP of IT Operations & Infosecurity at Marken, to discuss how the healthcare industry has weathered the storm of COVID-19.

    Tony shares:

    -His experience securing the various stages of the vaccine rollout
    -Observations on COVID-19 related cyber campaigns including phishing and ransomware
    -His involvement in the H-ISAC and how you can strategically utilize your industry ISAC

    View the webinar to hear from an industry expert working to keep healthcare data and vaccine development safe.
  • Anomali Detect LIVE: Hunt, Bourne, and Ryan are Amateurs Recorded: Jun 10 2021 32 mins
    Matt Singleton, CISO at The State of Oklahoma, Office of Management and Enterprise
    Hunt, Bourne, and Ryan are Amateurs

    How Oklahoma Cyber Command is Using CTI to Save the World—Or at Least One State

    Cyber threat intelligence (CTI) is an ever-evolving arena. Solid intel can prevent catastrophe, but bad intel can wreak havoc. There will always be known knowns, known unknowns, and unknown unknowns. The key is to limit those unknown unknowns and to provide actionable threat intelligence to inform your cybersecurity teams.

    CTI is most often used for threat detection, prevention, and response, but according to the 2020 SANS Cyber Threat Intelligence Survey, there’s an “other” category used by 2% of the survey respondents. In this session, Matt Singleton, CISO at The State of Oklahoma, Office of Management and Enterprise Services talks about what “other” means to The State of Oklahoma as well as:

    Creating the Oklahoma Cybersecurity Alliance
    The importance of aligning with federal partners and state agencies
    How cyberspace is infiltrating the physical world
    Using CTI against fraud, for public health and safety, and counterterrorism

    Watch this engaging session from Matt to hear how The State of Oklahoma is leveraging CTI to build partnerships, drive creative solutions, and protect its citizens and data!
  • Anomali Detect LIVE: Sunburst Under a Microscope Recorded: Apr 12 2021 35 mins
    Costin Raiu, Head of Global Threat Research, Kaspersky
    In this webinar, Costin Raiu, Head of Global Threat Research for Kaspersky and a member of the Virus Bulletin Technical Advisory Board, provided a deep dive on the Sunburst malware and related artifacts used in the SolarWinds backdoor attack.

    He walked through their research and analysis and clarified what is known at this point in time—as well as what is still unknown about the attack some are calling the largest collective breach of all time.

    He shared:

    -The SolarWinds "potential vulnerability" UNC2452 / DarkHalo
    -Similar code fragments found in Kuzar
    -Important timelines and overall findings

    Watch the webinar for countermeasures you can take to increase your protection against high-profile supply chain attacks like Sunburst.
  • Anomali Detect LIVE: Introduction to Collection Planning Recorded: Apr 12 2021 30 mins
    AJ Nash, Sr. Director of Cyber Intelligence Strategy, Anomali
    To successfully create an intelligence-driven cybersecurity practice we must understand our intelligence needs, create an intelligence collection plan based on those needs, and acquire the resources needed to support a successful cyber intelligence team.

    In this presentation, AJ Nash, Sr. Director of Cyber Intelligence Strategy at Anomali, examined how to solve these challenges through stakeholder engagement, authoring intelligence requirements, and selecting intelligence packages that are most likely to provide meaningful results aligned to the requirements you adopt. Furthermore, he explored how to operationalize a unified collection capability and the metrics to look at to capture the value of your entire intelligence program.

    Key points of discussion include:

    -The Intelligence Cycle
    -Intelligence Requirements
    -Categories of Intelligence
    -Intelligence in Action

    Watch the webinar to get a framework for your collection plan and get your intelligence team on the right track.
  • Anomali Detect LIVE: Tracking and Detecting Sunburst in Your Network Recorded: Apr 12 2021 22 mins
    Joe Gehrke, Solutions Architect, Anomali
    The Sunburst / SolarWinds attack illustrates the dwell-time problem we continue to see in advanced cyberattacks. In this hands-on demo session Joe Gehrke, Solutions Architect at Anomali, walked through how security analytics work with SIEMs to immediately answer the most fundamental question: Have we been impacted?

    He also reviewed how continuous retrospective search can speed threat detection, investigation, and response—particularly for critical events like Sunburst.

    He discussed:

    -Challenges to threat detection
    -SIEM data overload—and how to overcome it
    -Automated detection and threat hunting with strategic intelligence

    Watch the session to learn important steps your organization can take when it comes to major security breaches.
  • Anomali Detect LIVE: Cybersecurity from Scratch–In a Big Startup Recorded: Feb 9 2021 38 mins
    David Mycock, CISO at Upfield and AJ Nash, Sr. Director of Cyber Intelligence Strategy at Anomali
    When Unilever Deputy CISO, David Mycock decided to run global security for the new “startup" he had to build a cybersecurity program from scratch. Now, Upfield is the largest plant-based food company in the world, operating in 95 countries, including brands such as Flora, Rama, Blue Band, and Country Crock.

    In this executive dialogue, we spoke to David, CISO, at Upfield where we walked through his journey of building a cybersecurity program covering the design and implementation of the program, foundational decisions and prioritization, green and brownfield opportunities, lessons learned, and future concerns.

    Key points of discussion included:

    -The mission for Upfield’s Cybersecurity Program
    -Developing a Plan for the Build Phase
    -Post-Build Cybersecurity Strategy around Threat Intelligence, Detection, and Response
    -Upfield’s Future and How to Keep Up with the Changing Cybersecurity Landscape

    Watch the webinar to learn how to build a cybersecurity program from the ground up.
  • Anomali Detect LIVE: State of Cyber-Espionage Report from Verizon Recorded: Feb 9 2021 36 mins
    Chris Novak, Global Director, Verizon
    Verizon has conducted all kinds of investigations into cybersecurity incidents and data breaches over the years. None have been more challenging or perplexing than Cyber-Espionage attacks. Chris Novak, Global Director at Verizon Threat Research Advisory Center, gave a preview of Verizon’s first-ever data-driven publication on advanced cyberattacks.

    The State of Cyber-Espionage Report (CER) is one of the most comprehensive overviews of the Cyber-Espionage landscape.

    In this session, Chris Novak discussed:

    -A Deep Dive Into the Attackers
    -Attackers Motives
    -Attackers Key Methods
    -Victims Who Are Targeted

    The report serves as a tool for better understanding these threat actors and what organizations can do to hunt, detect, and respond to cyber-espionage attacks.

    Watch the webinar to get a preview of the State of Cyber-Espionage Report and how you can utilize it.
  • Anomali Detect LIVE: Climbing the Threat Intelligence Maturity Curve Recorded: Feb 9 2021 39 mins
    Jimmie Owens, CISO and Vice President, Enterprise Security at DXC Technology and Mark Alba, Chief Product Officer at Anomali
    The path to achieving "intelligence-driven" security operations can be challenging, and organizations start in different places and face unique threat environments. Buying a few threat feeds is not enough if you're not using them properly.

    In this executive dialogue, we spoke to Jimmie Owens, CISO and Vice President, Enterprise Security, at DXC Technology to explore his insights and experience in the journey to cyber threat intelligence across a range of industries and organization types.

    We discussed issues such as how to understand and prioritize your threat intelligence requirements, how much intelligence you need, how to ensure your CTI program delivers actionable intelligence, and how to analyze the threat landscape to find actionable insights.

    Jimmie shared a repeatable process for setting up a cyber threat intelligence program, and how to mature your CTI processes.

    Watch the webinar to gain insight on how to make your organization threat intelligence-driven.
  • Anomali Detect LIVE: Don't Hack Texas - Creating a Threat Sharing Organization Recorded: Feb 9 2021 43 mins
    Dan Basile, CISO and Director of Statewide Cybersecurity Services at Texas A&M University System
    In 2019, Texas created an information sharing and analysis organization (ISAO) to provide a forum for state agencies, local governments, public and private institutions of higher education, and the private sector to share information regarding cybersecurity threats, best practices, and remediation strategies.

    The TxISAO is currently working on enhancing its means of disseminating information to all interested organizations, and reported threats are researched by various members including the Department of Information Resources and the Texas A&M University System.

    Dan Basile, CISO and Director of Statewide Cybersecurity Services, Texas A&M University System discussed the journey to creating a statewide sharing organization in Texas, including:

    -Drivers for establishing an ISAO
    -Organizational, political, and budgetary barriers to establishing and operating an ISAO
    -The importance of education and feedback
    -Next steps and future directions to take as your ISAO evolves

    Start sharing threat intelligence today!
  • Anomali Detect LIVE: Practical Cyber Fusion–Operationalizing Threat Intelligence Recorded: Feb 9 2021 38 mins
    Mark Alba, Chief Product Officer, Anomali
    "Cyber Fusion Centers” have moved from radical concept to marketing hype in just a few years. However, the concept is still important. Don't let the hype stop you from grasping the true value a cyber fusion center can provide.

    Anomali, Chief Product Officer, Mark Alba reviewed the basic principles of cyber threat intelligence (CTI) maturity levels and explored how a virtual cyber fusion center can be leveraged to support the effective operationalization of CTI. Get an overview of the promise of a cyber fusion center as well as practical examples of how one can be implemented with little to no impact on your current security investment.

    The cyber fusion center can be a worthwhile pursuit as long as the outcome is the ability to use threat intelligence to drive coordinated decisions across your security organization and functions to improve the overall security posture.

    Put your current security systems to work for you, today.
  • Anomali Detect LIVE: Understanding Business Risk with Threat Intelligence Recorded: Feb 9 2021 38 mins
    Valentina Soria, Head of Global Intelligence, Morgan Stanley and AJ Nash, Sr. Director of Cyber Intelligence Strategy Anomali
    Historically, business risk management has covered a broad set of risks to the organization, including things like cyber threats, insider threats, the physical security of executives and staff, the risk of engaging with third-party vendors in the supply chain, or even the risk around M&A deals. Too often, however, executives are flying blind without a sufficient understanding of these risks in a business context, so they can decide what level of business risk to accept in their decisions.

    In this executive dialogue, we spoke to Valentina Soria, Head of Global Intelligence at Morgan Stanley to explore some of the new and emerging risks facing organizations, challenges organizations face in understanding these risks, and some thoughts and insights around how to capture and present cyber and other operational risks to the business so they understand it.

    Watch playback now!

    The promise of threat intelligence is alluring. It should help organizations to understand and manage business risk–to turn unknown threats into known and mitigated threats, to improve the effectiveness of the defense. –CERT-UK
  • Beyond Your SIEM – Automating Threat Detection at Scale Recorded: Dec 17 2020 54 mins
    Dan Maier, CMO, Anomali; Scott Dowsett, VP Worldwide Sales Engineering, Anomali; John Hubbard, SANS Instructor, SANS
    Security teams are struggling to effectively detect threats in their environments using security controls with decade-old architectures and prohibitive cost models. Most of the security products in use in the SOC, including your legacy SIEM, were not designed to analyze the massive volumes of threat intelligence and security telemetry available today. In response to this gap, a new generation of security analytics products has emerged that promise to deliver threat detection and prioritization at scale, in real-time, and at a predictable cost.

    In this webinar, the Anomali security team and SANS Instructor John Hubbard discussed how the Anomali Match security analytics platform can complement your existing SIEM infrastructure, and improve your security team’s ability to detect, investigate, and respond to threats in your network at scale. Get a better understanding of the economic benefits of faster threat detection and improved SOC productivity, and see a live demo of Anomali Match in action.

    Watch the on-demand webinar to learn how you can continuously detect threats in your network in an automated fashion using Anomali Match.
  • Developing Intelligence Requirements: From Concept to Practice Recorded: Oct 28 2020 55 mins
    AJ Nash, Sr. Director of Cyber Intelligence Strategy, Anomali; Mike DeBolt, Vice President of Intelligence, Intel 471
    Intelligence is good. Requirements-driven intelligence is better. This webcast highlights the core benefits and challenges of building an intelligence program that maximizes resources, measures success criteria, and demonstrates the value an intelligence team brings to the organization.

    In this discussion, Mike DeBolt of Intel 471 and AJ Nash of Anomali explained the concept of Intelligence Requirements (IRs), how to develop these IRs, and how a requirements-driven intelligence program creates more measurable value for enterprises looking to create intelligence-driven security practices.

    -What are Intelligence Requirements (IRs)?
    -Benefits of Developing Intelligence Requirements (IRs)
    -Challenges in Building Requirements-Driven Intelligence Program

    Listen to the on-demand webcast and start developing intel requirements and putting them into practice.
Intelligence-Driven Cybersecurity Solutions
Anomali® delivers intelligence-driven cybersecurity solutions, these include Anomali ThreatStream®, Anomali Match™, and Anomali Lens™. Private enterprises and public organizations use Anomali to gain unlimited visibility, speed time to detection, and constantly improve security operations. Anomali customers include more than 1,500 global organizations, many of the Global 2000 and Fortune 500, and large government and defense organizations around the world. Founded in 2013, it is backed by leading venture firms including GV, Paladin Capital Group, Institutional Venture Partners, and General Catalyst. Learn more at: www.anomali.com

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: CISO Insights: Early Warning Signs Before a Breach
  • Live at: Jul 13 2021 4:00 pm
  • Presented by: Richard Kaufmann, CISO at Amedisys and Maggie Sanchez, VP of Sales for North America West and LATAM at Anomali
  • From:
Your email has been sent.
or close