Name: Cyber Notes Cast - Lessons learned from the Uber data breach
Start: 2023-05-26T15:00:00Z
End: 2023-05-26T15:00:07.000Z
Location: BrightTALK
Rating: 3

Futureproof Identity Security.

Segura® (formerly senhasegura) is a leader in Privileged Access Management (PAM), delivering security that's fast, simple, and powerful—without the complexity. Our intuitive, scalable platform simplifies privileged access management, designed for real IT teams dealing with real-world scenarios every day.

Segura® is globally recognized by Gartner, KuppingerCole, and Frost & Sullivan for innovation, reliability, and exceptional customer experience. On Gartner Peer Insights, real users consistently rank our solution as the #1 PAM.

Powerful security, zero time wasted—that's Segura.


Identity threats often serve as the keystone to many cyberattacks, where the compromise of digital identities can lead to unauthorized account access, identity theft, and fraud. Cybercriminals employ various tactics such as social engineering, phishing, and malware to capture credentials and impersonate legitimate users. Businesses must adopt a strategic approach to identity management, ensuring the robustness and security of identity verification processes to prevent potential breaches effectively.

The implementation of multi-layered identity protection strategies is crucial. These include multi-factor authentication (MFA), behavior-based access controls, and regular audits of access logs to detect anomalies early. Technologies like blockchain and digital identity verification provide next-generation solutions that enhance identity protection. By securing all entry points—including cloud services, on-premises systems, and mobile devices—organizations can significantly minimize risks associated with compromised identities.

Furthermore, a focus on transparency and user education enhances the effectiveness of identity protection strategies. Equipping users with the knowledge to recognize identity threats, such as phishing attempts or unusual login requests, empowers them to act as an active line of defense. Organizations that prioritize user-friendly security features—such as easy-to-use authentication apps and clear communication about security practices—foster a security-conscious culture, thereby strengthening the overall trust and efficacy of identity protection initiatives.

Identity Threats Decoded: Protecting the Core of Digital Security

Cyber threats are continually evolving, with malicious actors developing new methods to penetrate defenses and exploit vulnerabilities. These threats can range from ransomware attacks that lock users out of their systems to complex advanced persistent threats (APTs) that involve long-term, targeted network invasions for data theft and espionage. Understanding the breadth and depth of these threats is crucial, as it allows individuals and businesses to prioritize which risks demand immediate attention and how to allocate resources effectively.

Businesses, in particular, must recognize that cybersecurity is not just an IT issue but a fundamental component of their overall risk management strategy. An attack does not only lead to potential financial losses but can also damage brand reputation and erode customer trust. By conducting regular risk assessments and incorporating cybersecurity into all levels of the organization, businesses can better prepare themselves to face the full spectrum of cyber threats. This entails training employees, deploying the latest security technologies, and ensuring compliance with regulations and standards.

Both individuals and organizations should foster a culture of security consciousness. This involves understanding that cybersecurity is an ongoing process rather than a one-time solution. Continuous education and training on the latest threat vectors, coupled with a proactive approach to security hygiene—such as regular software updates, secure password practices, and awareness of phishing tactics—are essential in reducing risk and vulnerability. Cultivating this awareness helps build a robust defense against the expanding landscape of cyber threats.

Introduction to Cyber Threats: A Primer on Risk and Vulnerability

Are you prepared for the next wave of cyber challenges?

Join senhasegura and Edgeworx for an exclusive webinar where industry experts will unveil critical insights into the evolving cybersecurity landscape and what organizations need to prepare for in 2025.

 In this comprehensive session, our cybersecurity experts will dive deep into three specific trends:
- Insider Threats in the Digital Age
- The growing sophistication of internal security breaches
- Advanced detection and prevention strategies
- Real-world case studies and lessons learned
- Ransomware Evolution
- Next-generation attack vectors and techniques
- Emerging ransomware trends and predictions
- Proactive defense strategies for 2025
- Attacks on Cloud Infrastructure
- Expanded attack surface
- Protecting Clouds Identities from both Users and Machines
- Ensuring security through multiple CSPs

Benefits of Participating:
- Expert predictions for 2025's threat landscape
- Actionable strategies to enhance your security posture
- Live Q&A session with industry experts
- Webinar Presentation "2025 Cybersecurity Challenges"

Webinar Emerging Threats: Cybersecurity Forecast 2025

As technology evolves, so do cyber threats. Join us for a forward-looking webinar on Cybersecurity Trends for 2025, where we explore imminent challenges and innovative solutions in the cybersecurity landscape. Our expert panel will uncover emerging threats, cutting-edge technologies, and strategic approaches that organizations must adopt to stay ahead in the digital race. Stay informed and prepared to protect your digital assets effectively.

Attendees Will Learn:
– Emerging Cyber Threats: Understand the latest cyber threats and attack vectors predicted for 2025.
– Advanced Defense Mechanisms: Explore next-generation cybersecurity technologies and tools.
– Regulatory Changes: Stay updated on upcoming regulatory changes and compliance requirements.
– Best Practices: Learn effective strategies and best practices for robust cybersecurity.

Cybersecurity Challenges of 2025: Uncovering the Role of Digital Identities

Nossa live abordará as principais violações de segurança com vazamento de dados que ocorreram ao longo do ano e suas consequências para as empresas. A intenção é informar sobre os métodos que os cibercriminosos usaram, discutir as falhas de segurança que permitiram esses vazamentos e fornecer orientações práticas sobre como proteger seu negócio contra esses tipos de ameaças.

Tópicos que serão abordados:

- Introdução aos Vazamentos de Dados;
- Os 6 Maiores Vazamentos de Dados em 2024;
- Análise das Falhas de Segurança;
- Métodos Comuns Usados por Cibercriminosos;
- Medidas Proativas de Proteção;
- Planos de Resposta a Incidentes;
- Ferramentas e Recursos.

Quem deve participar?

- Profissionais de TI e Segurança da Informação: Administradores de redes, analistas de segurança e gerentes de TI que buscam aprimorar suas estratégias de segurança cibernética.
- Líderes e Executivos de Negócios: CEOs, CIOs, CISOs e diretores de operações que precisam entender a importância da resiliência digital para a continuidade dos negócios.
- Consultores e Especialistas em Cibersegurança: Profissionais que trabalham com segurança da informação e desejam se manter atualizados sobre as melhores práticas e tendências do setor.

Webinar Os 6 Maiores Vazamentos de Dados em 2024 - Como Proteger seu Negócio  (Webinar em Português)

Transforme a Gestão de Dados da Sua Empresa com Conhecimento de Alta Qualidade!

Participe de nosso webinar exclusivo e mergulhe nas implicações práticas da Lei Geral de Proteção de Dados (LGPD) para empresas como a sua. Este é o evento que você não pode perder se deseja estar na vanguarda da conformidade e segurança da informação, nossos especialistas em cibersegurança, compliance e jurídico irão explorar em profundidade os aspectos mais críticos da lei brasileira de proteção de dados pessoais.

O que você irá aprender:

- Adaptação à LGPD: Passos essenciais para alinhar a sua organização às exigências da legislação;
- Dicas Práticas: Estratégias e melhores práticas para implementar programas eficazes de proteção de dados;
- Tecnologia de Ponta: Saiba sobre as ferramentas mais avançadas para garantir a segurança das informações pessoais.

6 Anos de LGPD: Desafios, Impactos e Transformações na Cibersegurança! Webinar in Portuguese

Dive into the evolving landscape of cybersecurity as we unpack the key discussions and innovations highlighted at BlackHat USA 2024. This webinar offers a comprehensive exploration of how emerging technologies, strategic approaches, and regulatory changes are shaping the field of cybersecurity. Join our panel of experts as they provide valuable insights and forward-looking trends that will inform the strategies and defenses of tomorrow.

What will attendees learn?

- Cutting-Edge Cybersecurity Technologies
- Strategies for Digital Resilience

Understanding the Future of Cybersecurity - Insights from BlackHat USA 2024

In today’s complex regulatory environment, adhering to various cybersecurity and data privacy regulations is a challenging yet essential task for organizations. Join us for an insightful round table discussion where industry experts from senhasegura will delve into identity-centric strategies to simplify and streamline regulatory compliance. We’ll explore frameworks such as NIST 2.0, ISO 27001, CIS Controls, and data privacy regulations like GDPR and CCPA. Learn how Privileged Access Management (PAM) plays a critical role in meeting these standards.
Discover how to navigate regulatory requirements effectively while enhancing your organization’s security posture. Our experienced panelists will share challenges, best practices, and actionable insights to bolster your compliance efforts and business continuity planning.

Attendees Will Learn:
- Key regulatory requirements and how identity management addresses them.
- Insights into NIST 2.0, ISO 27001, CIS Controls, GDPR, and CCPA.
- Practical steps for implementing PAM to ensure compliance.
- Common compliance challenges and best practices for overcoming them.
- How to integrate compliance and cybersecurity into business continuity planning.

Who Should Attend:
- IT Security and Compliance Professionals
- Cybersecurity Analysts and Managers
- Risk Management Officers
- Data Privacy Officers
- IT Auditors and Consultants
- Business Continuity Planners

REGULATORY COMPLIANCE MADE EASY WITH IDENTITY-CENTRIC STRATEGIES

*Webinar in Portuguese*

Não conseguiu estar presencialmente na RSA mas quer estar por dentro do que foi mostrado por lá?! 

Então junte-se a nós para um webinar exclusivo, onde os principais especialistas em cibersegurança da senhasegura trazem insights valiosos diretamente da RSA Conference 2024.
Nesta sessão, exploraremos as tendências mais recentes, inovações e estratégias discutidas em um dos principais eventos de cibersegurança do mundo.

Nossa experiente equipe abordará tópicos-chave, incluindo proteção avançada contra ameaças, o cenário em constante evolução das ameaças cibernéticas, conformidade regulatória e o futuro das tecnologias de cibersegurança. Eles oferecerão conselhos práticos sobre como aplicar esses insights para proteger efetivamente sua organização. 

Se você é um profissional de cibersegurança que busca se manter atualizado, um líder empresarial que busca reforçar as defesas de sua organização, ou simplesmente tem curiosidade sobre o futuro da segurança da informação, este webinar irá equipá-lo com o conhecimento e as estratégias essenciais no cenário cibernético em constante evolução de hoje.

Não perca esta oportunidade de aprender diretamente com especialistas direto da RSA 2024 e participar de uma sessão onde poderá obter respostas para suas perguntas mais urgentes sobre segurança cibernética.

Principais Pontos Abordados:

Compreensão das últimas tendências e inovações em cibersegurança;
Estratégias para aprimorar a resiliência cibernética de sua organização;
Visão sobre o futuro da cibersegurança e como se preparar.

Quem Deve Participar?

- Profissionais de TI e Cibersegurança;
- Executivos de nível C focados em aprimorar a segurança digital;
- Entusiastas de tecnologia;

*Webinar in Portuguese*

RSA 2024 – Insights Estratégicos da senhasegura - Webinar in Portuguese

Join us for an exclusive webinar where senhasegura's top cybersecurity experts bring you invaluable insights fresh from RSA Conference 2024. 

This session will delve into the latest trends, innovations, and strategies discussed at one of the world's premier cybersecurity events.

Our seasoned panel will dissect key topics including advanced threat protection, the ever-changing cyber threat landscape, regulatory compliance, and the future of cybersecurity technologies. They'll offer practical advice on applying these insights to effectively safeguard your organization.

Whether you're a cybersecurity pro looking to stay ahead, a business leader aiming to bolster your organization's defenses, or simply curious about the future of infosec, this webinar will arm you with the knowledge and strategies essential in today's rapidly evolving cyber landscape.

Don't miss this chance to learn directly from RSA 2024 veterans and participate in a session where you can get answers to your most pressing cybersecurity questions.

Key Takeaways:

Understanding the latest cybersecurity trends and innovations;
Strategies for enhancing your organization’s cyber resilience;
Insights into the future of cybersecurity and how to prepare.


Who Should Attend?

- IT and Cybersecurity Professionals;
- C-Level Executives Focused on Enhancing Digital Security;
- Technology Enthusiasts;

RSA 2024 Revealed - Strategic Insights from senhasegura

As cyber threats continue to evolve and pose noteworthy risks to organizations globally, grasping the nuances of the current threat landscape is key to crafting robust cybersecurity tactics. The Verizon Data Breach Investigations Report 2024 provides a detailed analysis rooted in real-world data breaches, offering critical insights into the tactics, techniques, and motivations of attackers.

In our upcoming webinar, senhasegura experts will delve into the notable trends highlighted in the report. This includes a look at newly emerging threat actors, prevalent attack vectors, and the industries most impacted by breaches. We'll break down the advanced techniques used by cybercriminals and pinpoint sectors that are increasingly at risk, deepening your understanding of the ever-changing cybersecurity environment.

Additionally, we will discuss the broader implications of the report's findings for organizations and provide tailored recommendations to enhance your security posture. By determining the root causes of breaches and comprehending their effects, you can proactively spot vulnerabilities within your infrastructure and take effective measures to diminish risks.

Don't miss this opportunity to obtain exclusive insights and expert analysis from the Verizon Data Breach Investigations Report 2024. Join us to keep a step ahead of cyber threats, as we unpack the valuable lessons learned and equip you with actionable strategies to protect your organization's sensitive data.

Unveiling the Verizon Data Breach Investigations Report 2024

Cybersecurity in the Middle East: Protecting Cloud Identities with PAM

In the era of digital transformation, addressing cybersecurity risks is paramount for ensuring business continuity, particularly within the dynamic and expanding cloud environments of the Middle East.

Our webinar explores the pivotal role of Privileged Access Management (PAM) in fortifying cloud identities against threats amidst the evolving digital landscape. With the recent inauguration of Google Cloud's new data centers in Dammam, Saudi Arabia, and the pioneering PAM solutions offered by senhasegura, we stand at a crucial juncture in regional cybersecurity.

Key Takeaways:

- Navigating the Dynamic Cybersecurity Landscape
- The Significance of Google Cloud's Expansion
- Understanding the Vitality of PAM in Cloud Security
- Overcoming Implementation Challenges of PAM
- Selecting the Optimal PAM Provider
- Embracing PAM Solutions in the Middle East

Who Should Attend?

- IT and Cybersecurity Professionals
- C-Level Executives Focused on Enhancing Digital Security
- Cloud Technology Enthusiasts
- Business Owners Seeking Insights into PAM's Role in Cloud Environments

Don't miss this exclusive opportunity to bolster your cybersecurity acumen and stay ahead of the curve.

Webinar Cybersecurity in the Middle East: Protecting Cloud Identities with PAM

In a world where digital security is non-negotiable, join us for a groundbreaking webinar that delves deep into the ever-evolving realm of cybersecurity. 

Our focus? The seamless integration of passwordless authentication methods into Privileged Access Management (PAM) systems.

What You'll Gain Insight Into:

- Fundamentals of Digital Identity and Authentication - Dive into the cybersecurity landscape, unraveling the essentials of digital identity and the evolution of authentication tokens;

- The Rise of Passwordless Authentication - Explore how passwordless solutions are revolutionizing security protocols, striking the perfect balance between enhanced security and user convenience;

- Integrating Passwordless with PAM - Navigate the practical aspects of embedding passwordless authentication into PAM systems, uncovering the benefits and tackling challenges head-on;

- Expert Insights from Industry Leaders - Hear firsthand from our strategic partner, a trailblazer in passwordless authentication technology, as they share their expertise and real-world applications;

- Live Demonstration - Witness real-time demonstrations showcasing the seamless integration of passwordless methods in PAM. Experience the ease of use and heightened security in action.

What's In It for You:

- Understand Emerging Trends and Technologies - Gain insights into the latest happenings in the cybersecurity universe;

- Learn Practical Approaches to Enhance Security - Acquire actionable strategies to fortify your organization's security posture;

- Network with Industry Experts and Peers - Engage with the cybersecurity community, forging valuable connections.

Unlock the Future of Secure Access: Integrating Passwordless into PAM

In an era where cyber threats loom larger than ever, the traditional 'trust but verify' security model is becoming obsolete. Enter Zero Trust – a paradigm shift that redefines organizational cybersecurity. 

But what role does Privileged Access Management (PAM) play in this new framework? 

Join us in this illuminating webinar as we explore the crucial interplay between PAM and Zero Trust.

Why Privileged Access Management is essential to achieve Zero Trust Security

In an era where cybersecurity challenges are escalating, understanding the latest trends, impacts, and strategies is paramount to address associated risks. Discover how organizations worldwide are responding to breaches, making investments, and harnessing the power of AI and automation to mitigate risks. 

Join us for an insightful webinar as we dive into the key findings of the market-recognized IBM and Ponemon’s 2023 Cost of a Data Breach Report. From the rising costs to the influence of DevSecOps and cloud security, this webinar offers invaluable insights to enhance your security posture and safeguard your digital assets.

Turning Insights into Action: Exploring IBM's 2023 Cost of a Data Breach Report

Join us for an exhilarating panel discussion as we unpack the most provocative and groundbreaking discussions from DEF CON and Bsides 2023. From the evolving role of artificial intelligence in cybersecurity to the intricacies of digital certificate management, the audacious world of wearables and biohacking, to the revelations in RFID and mobile network vulnerabilities—our experts will explore these themes in detail. Engage with industry leaders and gain actionable insights into the future of cybersecurity.

The Hacker’s Paradigm: Insights from DEF CON and Bsides 2023

Join us for an insightful journey into the world of cutting-edge cybersecurity practices and techniques unveiled at DEF CON 2023 workshops. This webinar will delve into key areas that are shaping the cybersecurity landscape, including incident response strategies, cloud vulnerabilities, the emergence of wearable tech and biohacking, and the evolving challenges of hacking WiFi and mobile networks. Our expert speakers will share hands-on experiences, real-world case studies, and practical insights gained from DEF CON workshops, offering you a unique opportunity to stay informed about the latest trends and emerging threats in the cybersecurity realm.

Topics:

Cloud Vulnerabilities and Misconfiguration
Wearables and Biohacking
Wifi and Mobile Networks Hacking
The importance of Incident Response in cybersecurity

Hands-On Cybersecurity: Unveiling the Techniques and Tools from DEF CON 2023

In the ever-changing world of digital technology, the line between science fiction and reality is becoming increasingly blurred. The rise of Artificial Intelligence (AI) and Machine Learning (ML) is a testament to this, as these technologies are no longer just buzzwords but have become integral parts of our digital infrastructure. 

One area where AI and ML are making a significant impact is cybersecurity, specifically in Privileged Access Management (PAM). PAM is the digital equivalent of a high-security vault, safeguarding an organization's most critical systems and data. It's a booming market, projected to hit $2.3 billion by 2024, according to Gartner. 

Tune in to the discussion between our cybersecurity expert, David Muniz, and Charlie Harold from the renowned SecurityGuyTV.com. They delve into the ways Artificial Intelligence and Machine Learning enhance identity protection.

Free eBook about AI and ML in PAM: https://bit.ly/47yKpyu

How Artificial Intelligence and Machine Learning Help Identity Protection

Uber employees last month discovered a hacker intrusion into their internal network. This was possible because the attacker announced his feat on the organization’s Slack channel, as well as sharing it with the New York Times, which brought the story about the Uber data breach to light.

This isn’t the first time a data breach has occurred at Uber. Previously, the company had to pay a fine of US$148 million due to the theft of data from 57 million users and 7 million drivers worldwide in the year 2016.

The 2016 attack further prompted the conviction of former Uber CSO Joe Sullivan for hiding data breaches and theft from authorities.
In this Cyber Notes Cast, were going to dig into the two times Uber data was breached and the lessons learned from those intrusions. To facilitate your understanding, we have divided our text into topics. They are:

 - How did the data breach at Uber happen?
 - How did Uber respond to the hack?
 - What was the impact for the organization?
 - Who is responsible?
 - How did the 2016 Uber data breach occured?
 - About senhasegura
 - Conclusion

Enjoy this Cyber Notes Cast!

Cyber Notes Cast - Lessons learned from the Uber data breach

Data Breach

cyberattack

Security Strategy

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Internal audit and compliance professionals are facing increasingly stringent regulatory requirements when it comes to compliance reporting and internal control procedures. Join the audit and compliance community to learn best practices from thought leaders on topics such as regulatory compliance, internal audit checklists and audit program strategies.

Audit and Compliance

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Cyber Notes Cast - Lessons learned from the Uber data breach

Presented by

About this talk

Futureproof Identity Security: Segura®