This channel brings together the leading identity and security vendors and industry experts to regularly educate security leaders on how to reduce risk through identity-centric strategies. For more resources and education on identity-centric security strategies, visit www.idsalliance.org.
The IDSA is an approved (ISC)2 CPE Submitter Partner. To receive CPE credits, submit the viewing certificate to (ISC)2 or submit your information at www.idsalliance.org/about-us/earn-isc2-cpe-credits/.

As companies look to achieve seamless and secure access for their employees, partners, and customers—reducing or fully eliminating passwords is often part of their journey. Passwords are critically flawed, costly to maintain, and easily compromised. But how do you actually get rid of passwords? What resources do you need to replace them? And how are you going to get all your employees to manage new solutions and multiple credentials? 

In this webinar, we’ll discuss:  
1) How 80% of data breaches are caused by stolen or weak credentials
2) How passwordless is defined for people and machines
3) Steps organizations can take to achieve passwordless
4) Key takeaways you can apply to your company’s IAM strategy today

Achieving Passwordless for People & Machines

In 2020, Gartner® introduced CIEM (Cloud Infrastructure Entitlements Management) as part of its latest Hype Cycle. Since then, as nearly all organizations have adopted hybrid or multicloud infrastructures, CIEM has emerged as an essential enabler in securing access and entitlements across the Cloud. The task of enabling this visibility can be daunting for IT professionals at all levels causing confusion and integration complexities. 
In this webinar, we will discuss real-world examples of how the CIEM market has been evolving since its inception, as a means of helping organizations fill the gaps left during their rapid Cloud migration. We will also evaluate and discuss some industry best practices for both implementation and operationalization of CIEM within organizations’ current infrastructure to enable visibility, improve security, and enhance ROI.

Panelists:
Kurt John  Chief Cybersecurity Officer, Siemens USA
LinkedIn: https://www.linkedin.com/in/kurtmjohn/

Raj Kamachee  CIO & CTO, Team Rubicon
LinkedIn: https://www.linkedin.com/in/kamachee/

Tom Malta  CEO and Principal IAM Experts, LLC
LinkedIn: https://www.linkedin.com/in/identitymgmtexpert/

Axay Desai  Founder & CEO, ObserveID, Inc.
LinkedIn: https://www.linkedin.com/in/axay-desai/

CIEM 101: Understanding CIEM Fundamentals for Multicloud Security Enablement

So often, IT and Security professionals are focused on eliminating risk. However, as a career path, perhaps you should embrace it. Join our panel of accomplished IT and Security pros who have made taking risks an integral part of their careers. Sarah started her own business, Chase left the Analyst community for the private sector, Mike went from a startup to a F100 enterprise, and Den left the world of big enterprise to join a startup. Learn how these leaders advanced their careers treading non-traditional paths, and how you can too.

Viewers will takeaway:
* An understanding of why advancing your career is not at odds with advancing the goals of the business
* Why focusing on business outcomes is critical – even when you are a technology/security practitioner
* The importance of using technology you already own to achieve outcomes (vs. buying a shiny new object)

Featuring:
Dr. Chase Cunningham - former analyst - Dr. Zero Trust
https://www.linkedin.com/in/dr-chase-cunningham/

Mike Hanley from GitHub
https://www.linkedin.com/in/michael-hanley-b6508913/

Sarah Tenisi - Founder of her own company - TenisiTech
https://www.linkedin.com/in/stenisi/

Den Jones as Moderator - CSO and former Sr. Director of Enterprise Security at Cisco and Adobe
https://www.linkedin.com/in/denwjones/

Building Your IT/Security Career by Taking Risks

Who has access to what in your organizations? How do you consistently secure privileged access to critical systems and data? Join CyberArk’s Global Technology Office for strategies for building a Comprehensive Privileged Access Management program, including:

Protecting administrators and other privileged users with risk-based credential management and session management
Adopting a just-in-time, Zero Trust approach to secure privileged access for external contractors and other third party identities
Implementing least privilege access for all identities, from the endpoint to the cloud
Securely authenticating application accounts and managing DevOps secrets to protect machine identities
To receive CPE credits, submit the viewing certificate to (ISC)2 or submit your information at www.idsalliance.org/about-us/earn-isc2-cpe-credits/.

Comprehensive PAM: Defending Endpoints, Third Parties, and DevSecOps

The identity control plane is the ideal place to implement a Zero Trust approach, based on least-privilege, assumed breach and continuous verification. While it sounds simple in theory, many organizations struggle with implementing it in practice. 

In this session we’ll present a unified identity protection framework for identity Zero Trust that is based on four key pillars: Unification, Context, Enforcement and Granularity. This framework provides a clear path to evaluate your organization’s identity protection needs, based on the component of your actual environment and to map where identity Zero Trust requirements are checked and where there are gaps to address. 

Join this webinar to learn:
• What makes Unified Identity Protection a key Zero Trust enabler?  
• How to assess your environment’s identity Zero Trust readiness?
• What are the crucial factors in planning and executing your Zero Trust journey?

Note: The IDSA is an approved (ISC)2 CPE Submitter Partner. To receive CPE credits, submit the viewing certificate to (ISC)2 or submit your information at https://www.idsalliance.org/about-us/earn-isc2-cpe-credits/

Unified Identity Protection – Turning Zero Trust to Reality

Every system in your organization requires administration and therefore, requires one or more privileged accounts provisioned on it so it can be administered per the policies and requirements of your organization. Over time, the number of privileged accounts get bloated, and with always-on/always-available admin access, the end result is uncontrollable privilege sprawl. With 74% of breaches involving a privileged account, according to the Verizon Data Breach Investigations Report, overprivileged access can pose a significant risk to your organization.  The Privilege Sprawl Index is an indicator of risk due to the proliferation and 24×7 availability of admin accounts that make it possible for attackers to first land on, and then move laterally to reach systems that host sensitive data. In this webinar, we will present a method to model the Privilege Sprawl Index along with its impact on attack surface and lateral movement. You will learn strategies for how to achieve a Privilege Sprawl Index of zero, which is imperative to reaching Zero Trust.

Privilege Sprawl Index: Modeling Privilege Access Sprawl for Zero Trust Security

The ransomware threat is alive and well. In the first half of 2021 alone, we saw attacks impacting supply chains and critical infrastructure, creating major disruptions and resulting in significant financial losses. These attacks are not only growing at an alarming rate, but also evolving and destabilizing the Cyber Insurance industry. How are insurers responding to this growing threat and what does this mean for organizations? What steps can organizations take to protect themselves and their customers?

Join this webinar to hear from a panel of experts who are on the front lines working with organizations who have suffered a ransomware attack. During the session you’ll learn:

* The anatomy of a ransomware attack
* How the cyber security insurance industry is evolving due to the increasing attacks
* Steps you can take to protect your organization and the impact on customer experience

The Evolution of Ransomware – What Does it Mean for You?

The number of human and service identities in an organization’s cloud/multicloud accounts is
exploding. The permissions enabling those identities to access cloud resources and applications
pose a huge risk. Excessive entitlements, defined intentionally or unwittingly, can lead to
accidental or malicious use, network exposure of resources and other ills that plague an
organization’s cloud security upon a data breach. Detecting, prioritizing and mitigating these risks
is typically hampered by lack of visibility, lack of manpower, lack of coordination and an inability
to scale protective measures.

Cloud identities and their entitlements can’t be ignored. Attend our panel of cloud security
experts to learn why identities are the new security beast to reel in, why governing access must
be core to every security program and for fresh views on using automation to remediate risk.

Reeling in the Greatest Security Risk to Your Cloud Infrastructure – Identities

Identity today is not what it was a decade ago. Changes in the technology & regulatory landscape, user behavior, and organizational priorities have transformed it from a compliance-oriented discipline to a business enabler — and often a board-level initiative. It has also become the first step to adopting a modern Zero Trust security model. 

The latest technology has accelerated the need for identity transformation by impacting the way identity is perceived, practiced, and envisioned. These trends include technology convergence, cloud transformation, software simplification, intelligent automation, and business readiness. Identity is further influenced by adjacent security areas, such as SASE, CSPM, and CyberMesh. So how do you navigate this complex landscape and set your organization up for identity security success? Join us for this live webinar to find out. 

In the process, you’ll learn about:

* The leading factors influencing identity transformation
* The top trends driving change (and even some predictions too) 
* The benefits of modernizing IAM solutions and practices
* The biggest lessons learned by organizations on the other side
* The most common pitfalls and strategies to consider

Navigating the Modern Identity Landscape: Successful Transformation Strategies

No end in sight…regulatory mandates continue to increase. In response, many organizations create compliance-driven IAM programs with the assumption that security measures are inherently addressed.  While compliance is still a key driver in IAM initiatives, IAM is evolving into a security and risk-based program with capabilities focused on entitlement management and enforcement of logical access controls.

Building a security and risk driven IAM program allows organizations to adopt broader, enterprise-based solutions that are adaptable to usage trends, such a as cloud, mobile and remote office.  User demand will continue to drive program disciplines to transform from a compliance-based program into a true secure business enabler, helping reduce overall risks created by emerging technologies and threats.
While compliance and security intersect, they are not considered equal. Join us for a live webinar on the key aspects and benefits of security-driven IAM programs. In this session you'll hear about:

* Considerations to building a security-driven IAM program
* Key indicators to determine if your IAM program is compliance-driven or security-driven
* Benefits of security-driven IAM programs

Shifting your IAM Program from Compliance-Driven to Security-Driven

The recent White House Executive Order for multifactor authentication and data encryption is inducing organizations to take essential steps in order to meet fundamental cyber security requirements. Ensuring secure remote trusted access and authentication as part of a broader zero trust environment is crucial for  enterprises to thrive as they modernize their IT and security frameworks.

During this webinar we will discuss immediate and practical steps that CISOs and IT professionals can take today to start implementing identity-centric zero trust security. By the end of this webinar you will have a better understanding on how to address the multiple user authentication journeys in your organization and apply the appropriate level of authentication, taking into account:

*Authentication use cases
*User profiles
*Security requirements
*Regulatory constraints

Authentication Requirements for the Presidential Executive Order

These days it’s difficult to have a cybersecurity conversation without mentioning Zero Trust. It’s a topic that’s even entered boardrooms as organizations are rapidly rolling out digital transformation, remote work at scale, and cloud migration projects. Zero Trust is seen as the way forward to deliver the right levels of security without sacrificing speed or user experience.

Join us for a session on Zero Trust from three different points of view - a customer, a vendor, and a consultant. Our panel will discuss their Zero Trust approach to secure large enterprise workforces and some important challenges and lessons learned along the way. Topics will include:

Strong authentication
Remote work at scale
Organizational alignment

Whether you are new to Zero Trust or a seasoned expert, this panel will provide you with a unique perspective on the topic in a fun and interactive format. Featuring Sriram Santhanam, Director Identity and Access Management at Gap, Aubrey Turner, Executive Advisor at Ping Identity, Thani Anandan, Global Director of IdM and Security at LikeMinds Consulting.

Adopting Zero Trust in a Post-Pandemic World

During normal times healthcare is a complex and dynamic industry. The extensive ecosystem of users, devices, and systems is essential to delivering quality patient care, but it also provides ample opportunity for a digital identity to be compromised. In fact, in recent research by the Identity Defined Security Alliance, 78% of the healthcare organizations surveyed reported an identity-related breach in the last 2 years and the industry has suffered an unprecedented number of ransomware attacks in the last year. Through an identity-centric approach to security, Healthcare CISOs have an opportunity to improve security, better serve customers and develop competitive advantages.

Please join Jeremy Grant, Managing Director of Technology Strategy for Venable, LLP, Rebecca Archambault, Trust Identities Leader at Highmark Western and Northeastern New York and Scott Breece, VP of Security and CISO at Community Health Systems, as we discuss recommendations for the role of identity in healthcare security strategies with members of the H-ISAC Identity Committee. In this webinar you will learn why healthcare CISOs should take a more proactive role in leading identity initiatives, recommendations for identity-centric security strategies as defined in the H-ISAC Framework for Managing and Identity and the Identity Defined Security Framework and how it is being applied across healthcare organizations to reduce risk and provide business value.

Identity Matters – Applying an Identity-Centric Security Strategy in Healthcare

Enterprises are facing an explosion in the number of identities being managed (52% say that identities have grown more than five-fold in the past 10 years). They struggle to get their identity and security teams on the same page (only half (53%) report that security has any level of ownership for workforce IAM). And in research conducted in May of 2020, we found out that 94% of organizations have had an identity-related breach), which 99% believe could have been prevented. These insights provide the current state of identity security from the inside – the teams that are immersed in the day to day managing and securing identities, putting in place identity and access management processes and technologies. But what do their stakeholders have to say about the impact of their day to day activities?  

Please join Diane Hagglund, Founder and Principal of Dimensional Research and Den Jones, IDSA Customer Advisory Board Member and Cisco Sr. Director of Enterprise Security, as they discuss the results of our latest research that provides data on the experiences of Identity and Access Management stakeholders, such as Human Resources, Help Desk and Sales Management, and the impact of current practices on security risks and business operations.

IAM Stakeholder Perspective on Access Challenges, Business Operations and Risk

With the rapid development of the Coronavirus (COVID-19) in 2020, many security professionals had to come up with disaster recovery (DR) plans and make quick decisions to allow remote work en masse. The goals: keep the organization productive during this crisis and ensure that any unacceptable security risks are not created in the process. While most DR plans focus on maintaining productivity in the face of a single catastrophic event, Coronavirus represents a long-term threat that might stretch the typical disaster recovery model to its brink of coverage.
Join Morey Haber, CTO/CISO of BeyondTrust and author of four cybersecurity books, in this webinar for practical guidance on how to quickly implement and scale strong security protocols to enable long-term remote work. He will also cover:
 
•	Risks and Challenges of VPNs
•	Shadow IT and free, or consumer-grade, tools
•	Bring your own device (BYOD) in the Post-COVID Era
•	Secure remote access & endpoint security – the foundation for effective remote working

Why VPN Isn’t Enough: Supporting a Remote Workforce in the Post-COVID Era

Focal Point and SecZetta Present - Beyond the Pandemic: A decade of identity evolution forced into one chaotic year.  What’s next?
While most of us will look back at 2020 as a year of new and extraordinary challenges, in the world of identity we have much to be thankful for.   Join some of the world’s leading identity experts as we explore how resilience in the face of unprecedented adversity was the catalyst for these organizations to innovate their management of third parties through the integration of key technologies that comprise the core components of a zero trust architecture in the cybersecurity industry.

Join Art Coviello, former CEO of RSA and security thought leader, Chris Convey, CISO at Sharp Healthcare, Evan Fraser, cybersecurity architect at ABSA Bank to learn about the great strides that were made in identity and risk management to support a more dispersed workforce comprised of employees, non-employees and non-humans?  How will investments in technology and integrations between those technologies assist you as you move beyond talks of vaccines and into supporting a post pandemic workforce? And where does identity and enterprise risk management go from here?

A decade of identity evolution forced into one chaotic year.  What’s next?

Stories from the field on rolling out a Privileged Access Management program to a blended remote workforce

COVID-19 came on pretty suddenly for many of us. The effect it had on the operations and IT infrastructure of health systems ratcheted up rapidly, as they tried to manage (1) an influx of patients, planned and unplanned, (2) new standard operating procedures, (3) migrating and supporting a blended on-premises / remote workforce and (4) a surge in targeted pandemic-related cyberattacks.

Please join us to hear from George Irungu, an experienced hospital system CISO. George is joined by Paul Lanzi (COO and Co-Founder of Remediant) and will walk through how he used an identity centric approach to adapt and evolve his security program to meet hospital operational needs, manage risk and defend the patient and employee experience.

An Identity-Centric Approach to Harden a COVID-19 Critical Business

No one can ignore the sharp uptick of hospitals victimized by ransomware. And in healthcare, the stakes are higher. Just last month, a 78-year-old patient at University Hospital Düsseldorf died after a ransomware attack crippled the hospital's IT systems and forced doctors to attempt to transfer her to another facility. It's clear just how physically dangerous cyberattacks can be, but there are no signs of attackers slowing down. Healthcare organizations, both large and small, are in the crosshairs because human collateral pays. All it takes is a user clicking on the wrong link to kick off a deadly campaign. So, what action can defenders take to avoid becoming a victim of ransomware?

The Identity Defined Security Alliance (IDSA) provides the framework and practical guidance that helps organizations put identity at the center of their IT security strategy. In this fireside chat, Scott Breece, IDSA Advisory Board Member, and CISO at Community Health Systems, joins Gil Kirkpatrick, Chief Architect at Semperis, for a candid debate about yesteryear's best practices and how to push towards a safer tomorrow. Topics of conversation include the NIST Cybersecurity Framework, managing multiple identity systems in healthcare IT environments, and of course, ransomware.

Healthcare Security Fireside Chat: NIST, Identity, and Ransomware

Health Tech

Identity Management

Cyber Security

Ransomware

Risk Management

NIST

Semperis

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Healthcare Security Fireside Chat: NIST, Identity, and Ransomware

Presented by

About this talk

More from this channel