Hi [[ session.user.profile.firstName ]]

Case Study: PCI - A Challenge for Online Gaming Companies

Oliver is currently head of Corporate Security at bwin Interactive Entertainment AG, one of the largest online gaming companies. He has been working in the security field for more that 10 years in Africa, Eastern Europe and Austria both in the ISP as well as in the Banking field.
Recorded Dec 10 2009 36 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Oliver Eckel, bwin Interactive Entertainment AG, Head of Corporate Security
Presentation preview: Case Study: PCI - A Challenge for Online Gaming Companies

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • [Earn CPE] Cornerstones to Fortify Your Enterprise Cybersecurity Defense Jan 30 2020 6:00 pm UTC 75 mins
    Moderated by Colin Whittaker, Founder of Informed Risk Decisions
    The enterprise cybersecurity landscape is dramatically expanding in scale and complexity, and cyberattacks are growing in magnitude and impact as digital transformation increases on a global scale. From phishing scams, to ransomware attacks, to malicious breaches from state actors, the potential threat to your business is huge. According to the Ponemon Institute, the average per breach cost to a company in 2018 was estimated at $3.86 million, an increase of 6.4 percent over the previous year.

    Even though cybersecurity presents a challenge to the enterprise, you are not helpless against the bad actors who seek to cause real and costly damage to your business. A proactive, company-wide, integrated digital security strategy that addresses cybersecurity threats at all levels of your business will provide you with both the offensive and defensive capabilities you need to handle whatever comes your way. Earn 1 CPE credit by attending this educational and interactive panel webinar. Our experts will discuss why fortifying your cybersecurity strategy should be a critical priority and highlight some best practices that you can employ to stay ahead of evolving threats, including how to;

    - Understand the changing cyberattack landscape,
    - Create a company-wide cybersecurity task force,
    - Evaluate your security budget against your threat level,
    - Fortify your cybersecurity defense with systems hardening, adaptive authentication, and endpoint protection.
  • [Earn CPE] Critical Steps to Manage CCPA Compliance and Risk in 2020 Dec 17 2019 6:00 pm UTC 75 mins
    Colin Whitaker, Informed Risk Decisions; Panelists from TrustArc, LogicGate.
    The California Consumer Privacy Act of 2018 (CCPA) is arguably the most expansive privacy law in U.S. history and will become enforceable in just a matter of months. The CCPA introduces new privacy rights for consumers and will force companies that conduct business in the State of California to implement structural changes to their privacy programs.

    The new rights given to California consumers are similar to the rights provided in the European Union’s General Data Protection Regulation (GDPR). The CCPA also subjects non-compliant businesses to expensive fines, class-action lawsuits, and injunctions.

    On this webinar, we will examine the impact of the CCPA, answer your burning questions, uncover the CCPA’s nuances, and address its ambiguities and challenges. We will also include strategies for creating compliance programs in the midst of the unknowns, and a strategic action plan for businesses to become compliant.
  • Advanced PII/PI Data Discovery Nov 13 2019 9:00 pm UTC 60 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    Join this interactive webinar as we discuss using advanced PII/PI discovery to find & inventory all personal data at an enterprise scale.

    Learn about new machine learning & identity intelligence technology, including:
    - Identify all PII across structured, unstructured, cloud & Big Data.
    - Inventory PII by data subject & residency for GDPR.
    - Measure data re-identifiability for pseudonymization.
    - Uncover dark or uncatalogued data.
    - Fix data quality, visualize PII data relationships
    - Automatically apply data protection to discovered sensitive data.
  • [Earn CPE] Key Steps to Mature Your Third-Party Risk Management Program Oct 31 2019 5:00 pm UTC 75 mins
    Colin Whitaker, Informed Risk Decisions; Panelists from OneTrust, Process Unity, BitSight, and Coupa.
    High-Profile Data Breaches have placed a spotlight on the risk of cyber security breaches with vendors and subcontractors, expanding the need to have greater rigor in third party risk management and ongoing risk assessments. Maintaining an effective third-party risk management program doesn't happen overnight. It's a journey that involves continual learning, refinement and evolution.

    And as a program matures over time, it results in the management of vendors and other third parties with fewer risks, lower costs, better performance and stronger compliance. Since every company is at a different place in their journey towards better vendor management, it's important to identify steps that you can follow as you mature your program, and to consider your vendor risk ecosystem and the data and services that can have an enormous impact on risk reduction. On this CPE accredited webinar our panel of experts will address some key steps to mature your third-party risk management program, including how to:

    - Create a third-party risk-management maturity roadmap.
    - Connect with enterprise systems to create a centralized data repository and enable seamless vetting activities across processes
    - Incorporate external content sources for a more wholistic view of your vendors plus more sustainable ongoing monitoring
    - Strengthen and streamline your third-party risk management efforts.
  • [PANEL] How to Simplify Cyber Risk Management? Oct 15 2019 4:00 pm UTC 60 mins
    Panelists TBA
    In today’s multi-cloud and hybrid environments, CISO's are struggling to secure assets, manage security policies across clouds, monitor and mitigate risks, while also supporting the business. How are CISOs solving the challenge of complexity?

    Join this panel of experts to learn how to simplify cyber risk management as well as maximize the value of your team and technology.
    - Risk scoring and security controls
    - How to identify risks for organizations and their third-party vendors
    - How to prevent, detect, and respond to, privacy and network security incidents
    - Best of vulnerability and risk management in a multi-vendor environment
    - Best practices and use cases across industries
  • Practical Risk Management for the Multi-Cloud Oct 10 2019 4:00 pm UTC 60 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    Customers need to better protect their investments in infrastructure, data, internet applications and their corporate reputation by focusing on these areas:

    ENTERPRISE NETWORK CYBER PROTECTION
    In today's cyber defense climate, it is critical to have reliable results and actions performed in the fastest of speeds.

    SECURED MOBILE DEVICES
    Cyber protection anywhere, any time with integrated device security.

    IDENTITY AND ACCESS MANAGEMENT (IAM) SERVICES
    Empower organizations and applications with identity assurance & security through multi-modal biometrics.

    DATA PROTECTION
    Secure Any Sensitive Data Element for data security and regulatory compliance.
  • [Earn CPE] Cornerstones to CCPA Readiness Oct 3 2019 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions.
    The California Consumer Privacy Act of 2018 (CCPA) is arguably the most expansive privacy law in U.S. history and will become enforceable in just a matter of months. The CCPA introduces new privacy rights for consumers and will force companies that conduct business in the State of California to implement structural changes to their privacy programs.

    The new rights given to California consumers are similar to the rights provided in the European Union’s General Data Protection Regulation (GDPR). The CCPA also subjects non-compliant businesses to expensive fines, class-action lawsuits, and injunctions.

    On this webinar, we will examine the impact of the CCPA, answer your burning questions, uncover the CCPA’s nuances, and address its ambiguities and challenges. We will also include strategies for creating compliance programs in the midst of the unknowns, and a strategic action plan for businesses to become compliant.
  • [PANEL] Getting Ready for CCPA Sep 17 2019 5:00 pm UTC 60 mins
    Elena Elkina | Lisa Hawke
    The California Consumer Privacy Act (CCPA) is going into effect on January 1, 2020, making it America’s first-ever state data privacy law. It is also the most far-reaching privacy regulation in the U.S. to date.

    Join this panel of experts for an interactive Q&A session to learn more about what businesses need to do to prepare for CCPA. Attendees will also learn about the CCPA checklist, as well as dive into:
    - GDPR vs. CCPA
    - Which organizations need to plan for CCPA compliance
    - What to do to avoid the risk of fines
    - How to develop a strategy and start implementing tools to achieve compliance
    - More privacy legislation on the horizon

    Speakers:
    - Elena Elkina, Partner, Aleada Consulting
    - Lisa Hawke, VP Security and Compliance, Everlaw
  • [Earn CPE] Preventing Data Breaches with a Scalable Verification Program Sep 10 2019 5:00 pm UTC 75 mins
    Panelists: Nathan Rowe, Evident ID; Jeremy Grant, the Better Identity Coalition; Jon Lehtinen, Thompson Reuters.
    Consumer demand is driving the corporate IT environment. Business demands for IT are changing rapidly — so too are the demands on IAM — resulting in the requirement to adopt emerging technologies (e.g., mobile and cloud computing, data loss prevention, and social media) earlier and more quickly. Scalability is critical for any business that wants to catalyze short- and long-term success. A flexible workflow for identity verification can help organizations of all sizes with limited time, resources, and funding to focus their efforts on initiatives that support positive growth. While your business might be conducting background checks today, it could have different verification needs in the future to ease onboarding friction, prevent data breaches, and demonstrate regulatory compliance.

    It’s important to begin laying the groundwork now for a more sophisticated and intricate verification program so you can be proactive, not reactive, but what does a scalability strategy look like? In this CPE accredited panel webinar our experts will address how to create identity and credential verification workflows that can scale with your organization as it grows, including how to:

    - Gain a better understanding of the digital identity landscape,
    - Ensure accuracy of both data sources and verification records,
    - Centralize verification of multiple data sources into a unified platform,
    - Evaluate new developments like biometrics, AI, and blockchain, and how they can impact identity and data management,
    - Save money in the long-term by laying the groundwork for adaptable online verification workflows,
    - Adapt and respond to new regulations.
  • Managing Your Organization's Cyber Risk as a Service Aug 29 2019 3:00 pm UTC 60 mins
    Troy Vennon, Director of Security Innovation, the Columbus Collaboratory
    Join us for this webinar that will demonstrate how your organization can adopt best practices for vulnerability management, threat intelligence and cyber risk management that previously had been beyond your means. For various reasons - tight budgets, lack of skills or resources, or a focus on other priorities - most companies perform vulnerability, threat and risk management in a very tactical way. Join Troy Vennon, Director of Security Innovation at the Columbus Collaboratory, for this session outlining how the the combination of cloud-based vulnerability management, threat analysis and risk assessment, bundled with expert reporting and guidance for your specific IT environment, will cost-effectively transform your security operations from the tactical to the strategic.
  • Why Join an ISAO? The Network Effects of Threat Intelligence Sharing Aug 27 2019 6:00 pm UTC 60 mins
    Troy Vennon, Director of Security Innovation, the Columbus Collaboratory
    Join us for this webinar presenting the benefits of networking with your industry peers to share intelligence about threats and vulnerabilities. In today's environment where the threats seem to intensify, it's critical to know who to trust. During this session, Troy Vennon, Director of Security Innovation at the Columbus Collaboratory, will outline the benefits of an Information Sharing and Analysis Organization (ISAO), explain how you can benefit from joining an ISAO even if you're already part of an ISAC, and provide an example of how collaboration around cyber threat data can enable your organization to efficiently identify and neutralize the most prolific and potentially harmful threats out there.
  • PCI Dream Team: Ask Us Your Toughest Questions [Part 7] Recorded: Aug 15 2019 61 mins
    Ben Rothke | David Mundhenk | Jeff Hall | Arthur Cooper "Coop"
    The PCI Dream Team is back for another interactive Q&A session.

    With hundreds of different requirements, the various Payment Card Industry (PCI) standards can be overwhelming. While the PCI Security Standards Council has provided lots of answers, the devil is often in the details.

    Our panelists are some of the top PCI QSA’s in the country, with decades of combined PCI and card processing experiences. They’ve seen it all: the good, bad and ugly; and lived to tell the tale.

    Join Ben Rothke, David Mundhenk, Arthur Cooper, and Jeff Hall for an interactive Q&A session, and get answers to your most vexing PCI questions. No PCI question is out of bounds.

    Speakers:
    - Ben Rothke, Senior Information Security Specialist at Tapad
    - David Mundhenk, Senior Security Consultant at Herjavec Group
    - Jeff Hall, Senior Consultant with Online Business Systems
    - Arthur Cooper "Coop", Senior Security Consultant at NuArx
  • The Future of Privacy and Security Recorded: Aug 7 2019 60 mins
    Joseph Carson, (Thycotic), Debra Farber, Nathan Wenzler (Moss Adams), James Chappell, (Digital Shadows)
    Organizations are evolving beyond the traditional, reactive approach to privacy and data security to thinking proactively. Are we closer to a Privacy-and-Security-by-Design reality?

    Join this panel of experts to get the answer to all of your privacy, security and compliance questions. Viewers can learn more about:
    - Effects of GDPR: One year later
    - How businesses are preparing for CCPA
    - Best practices for achieving and maintaining compliance
    - How to bake privacy and security into your processes
    - What to expect in the next 12 months

    Speakers:
    Joseph Carson, Chief Security Scientist, Thycotic (Moderator)
    Debra Farber, Independent Privacy & Security Advisor
    Nathan Wenzler, Senior Director, Cybersecurity, Moss Adams
    James Chappell, Co-Founder & Chief Innovation Officer, Digital Shadows
  • [Earn CPE] Automating Your Third-Party Risk Management Program Recorded: Jul 25 2019 77 mins
    Colin Whittaker, IRD; Chris Poulin, BitSight; Jason Sabourin, OneTrust; Szuyin Leow, LogicGate; Todd Boehler, ProcessUnity.
    The current state of vendor risk management (VRM) is bleak. More than half of all information security breaches are caused by third-party vendors, and according to Deloitte 83% of today’s business leaders lack confidence in third party VRM processes. Given the growing complexities in accurately collecting and screening third-party data and the need for deeper due diligence, automation is key to a successful risk program. However, many corporations haven’t adopted automation in their third-party risk management programs.

    The lack of automation adoption can be traced to a few core reasons. Disparate systems, out-of-date data, and inconsistent policies can all stifle a company’s ability to modernize their third-party risk management program, and companies often suffer from more than one of these. When applied effectively, automation can not only help prevent these roadblocks; it can also drive the efficiencies procurement and compliance leaders are looking for. Join this CPE accredited panel webinar as our expert panel address some key steps to automating third-party risk management, including how to:

    -Manage an up-to-date vendor master to create one source of truth across the entire corporation,
    -Leverage automation and machine learning to standardize data governance,
    -Drive efficiencies and reduces costs, while ensuring the highest accuracy in your third-party risk management program.
  • Emerging Data Privacy and Security for Cloud Recorded: Jul 18 2019 58 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    Personal data privacy will be the most prominent issue affecting how businesses gather, store, process, and disclose data in public cloud. Businesses have been inundated with information on what recent privacy laws like GDPR and CCPA require, but many are still trying to figure out how to comply with them on a practical level. Many companies are focusing on data privacy from the legal and security side, which are foundational, but are missing the focus on data.

    The good news is that these data privacy regulations compel businesses to get a handle on personal data — how they get it, where they get it from, which systems process it, where it goes internally and externally, etc. In other words, the new norms of data privacy require proactive data management, which enables organizations to extract real business value from their data, improve the customer experience, streamline internal processes, and better understand their customers.

    Join this interactive webinar to learn more about:
    - The latest trends and strategies for securing sensitive data in cloud and the enterprise
    - How to discover and capture your data inventory
    - What’s needed to prevent a data breach by securing your critical data and protect your reputation
  • [Earn CPE] Executive's Guide to Smarter GRC with Cybersecurity Attack Analytics Recorded: Jun 27 2019 77 mins
    Panelists: Sam Abadir, Lockpath; James Rice, Greenlight Technologies; Ilia Sotnikov,Netwrix; and Jason Bonds, Ping Identity.
    Today’s increasing organizational complexity and evolving threat environment have made it more critical than ever for organizations to clearly identify their exposures, measure vulnerability risk, and quickly prioritize remediation efforts. Cyberattacks are often hidden from view under a mountain of alerts generated by security systems, giving attackers time to gain access to systems and seize valuable data.

    To ensure their companies don't end up in the headlines for the wrong reasons, corporate governance, risk management, compliance management and other “lines of defense” functions need to rethink their security strategy and take an approach that looks at behavior and attack patterns. By conecting cybersecurity attack analytics with risk programs and GRC work streams, executives can increase visibility into the overall security risk of the organization which makes the investigation of application security events easy, and enables teams to mitigate and respond to real security threats quickly and decisively.

    Join this CPE panel webinar for insights on achieving smarter GRC with CAA. We will share:

    - Why traditional endpoint security is failing to see and stop attacks.
    - How using attack analytics can stop cyberattacks now and in the future.
    - Efficient ways to analyze events and prevent threats.
    - How to move from looking back to real-time and forward-looking GRC monitoring.
  • Emerging Data Privacy and Security for Cloud Recorded: Jun 25 2019 59 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    Personal data privacy will be the most prominent issue affecting how businesses gather, store, process, and disclose data in public cloud. Businesses have been inundated with information on what recent privacy laws like GDPR and CCPA require, but many are still trying to figure out how to comply with them on a practical level. Many companies are focusing on data privacy from the legal and security side, which are foundational, but are missing the focus on data.

    The good news is that these data privacy regulations compel businesses to get a handle on personal data — how they get it, where they get it from, which systems process it, where it goes internally and externally, etc. In other words, the new norms of data privacy require proactive data management, which enables organizations to extract real business value from their data, improve the customer experience, streamline internal processes, and better understand their customers.

    Join this interactive webinar to learn more about:
    - The latest trends and strategies for securing sensitive data in cloud and the enterprise
    - How to discover and capture your data inventory
    - What’s needed to prevent a data breach by securing your critical data and protect your reputation
  • [Earn CPE] Enabling GRC with Secure Authentication across the Digital Ecosystem Recorded: Jun 11 2019 76 mins
    Colin Whittaker, IRD; Richard Bird, Ping Identity; Teju Shyamsundar, Okta, Jerrod Chong, Yubico; and Andy Smith, Centrify.
    The days of securing a well-defined perimeter around your organization are gone. The cloud, mobile technologies, the internet of things (IoT) and diverse user groups freely exchange data across digital ecosystems, network and economies. This fluidity, however, means that organizations must secure access at multiple points throughout the organization, or risk letting in intruders seeking to hijack data.

    To manage the increasingly diverse digital landscape, IT and security managers need to move beyond usernames and passwords, and expand their use of multi-factor authentication (MFA) to help provide secure and convenient access to the critical data and systems users need. On this webinar our panel of experts will address how secure authentication can help enable GRC across the digital ecosystem, and they will share tips on:

    - Securing access at all points across applications, devices, users and environments.
    - Sharing insights across security systems to strengthen security.
    - Collecting and analyzing information to stop attacks.
    - How MFA can transform secure access—to any application, from any device, anywhere, at any time.
    - Strengthening identity assurance with privileged users.
  • Ask the AppSec Expert: How to Secure the Applications you Build, Buy & Manage Recorded: Jun 6 2019 13 mins
    Paul Farrington, Veracode | Yotam Gutman, Cybersecurity Marketing Community
    Tomorrow's businesses need a simpler and more scalable way to increase the resiliency of global application infrastructure, without slowing innovation, today.

    Join this interactive 1-2-1 discussion where EMEA Chief Technology Officer, Paul Farrington (CISSP, MBCS) will share how leading businesses are;

    - Improving the level of security awareness and addressing the skills deficit
    - Enabling developers to fix flaws and prevent new ones
    - Prioritising and triaging the most exploitable flaws
    - Automating application security
    - Providing software development leaders with really useful security metrics
    - Incentivising secure development as part of their culture

    This session will show you how architects and developers are making smarter choices in designing secure software. You will also learn how to report success, and investment justification, to the board whilst setting realistic expectations throughout the software development lifecycle and not just at the destination.
  • Livestream Video - Proactive Data Privacy and Security Recorded: Jun 6 2019 45 mins
    Bill Mew, The Crisis Team | Ilias Chantzos, Symantec | Allan Boardman, ISACA
    How can enterprises shift from a reactive approach to privacy and data security to being proactive and closer to privacy-and-security-by-design? Join this panel of experts to get the answer to all of your privacy, security and compliance questions.

    Viewers can learn more about:
    - Effect of GDPR: One year later
    - How are enterprises instituting changes to achieve and maintain compliance
    - Challenges to achieving compliance in an IoT world
    - How to bake privacy and security into your processes
    - Best practices for data protection and privacy from the ground up

    Panellists
    Bill Mew, CEO,The Crisis Team
    Ilias Chantzos, Senior Director, Government Affairs, Symantec

    Moderated by Allan Boardman, CGEIT Certification Committee Member, ISACA
Trends, developments, and technology
Increasing expectations for good data governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance for insights on how to implement successful GRC strategies and processes for your organization.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Case Study: PCI - A Challenge for Online Gaming Companies
  • Live at: Dec 10 2009 10:00 am
  • Presented by: Oliver Eckel, bwin Interactive Entertainment AG, Head of Corporate Security
  • From:
Your email has been sent.
or close