Name: Taking the Guesswork Out of CMMC Compliance: Mobile Security Edition
Start: 2022-10-25T15:00:00Z
End: 2022-10-25T15:00:45.000Z
Location: BrightTALK
Rating: 4

As the only mobile security platform purpose-built for enterprise environments, Zimperium provides security solutions for mobile devices and applications, ensuring safe and secure access to critical data. Our patented, on-device, machine learning-based security provides visibility and protection against known threats and zero-day attacks, and our mobile application protection suite combines comprehensive in-app protection with centralized threat visibility. Here we share resources and information related to our mobile threat research, and best practices for securing mobile devices and mobile applications in the context of the modern threat landscape.

The In-App Protection market is a constantly evolving segment with many players and challenges.

Join us as industry experts from Zimperium and Quadrant discuss the dynamics around in-app protection and what businesses should be doing today to ensure they are secure for tomorrow.

Topics will include:
- A look at the In-App Protection market and growth
- The increasing frequency and sophistication of hacking and fraud via mobile apps
- A review of Quadrant's In-App Protection SPARX Matrix™ competitive assessment
- The best practices organizations should adopt for in-app protection

Why Quadrant Knowledge Solutions Named Zimperium The Leader in In-App Protection

The global cyber threat landscape continues to evolve and adversaries have refined their tradecraft to become even more sophisticated and brazen. In this year’s annual Global Mobile Threat Report, we found that the frequency and sophistication of attacks reached unprecedented levels in 2022. Attackers are employing a startling range of tactics and techniques as they bid to extort, disrupt, and infiltrate organizations through mobile devices and apps.

Our 2023 report contains in-depth data about mobile device, network, phishing, and app risks and attacks. We’ve gleaned unique insights into what organizations are facing and what they need to know to stay ahead of today’s mobile threats.

We invite you to join our mobile security experts as we discuss our key findings, including:
- The  most critical mobile threats, including phishing and malicious application trends like spyware and ransomware
- How enterprise apps put data at risk everyday
- Technical deep dives into real-life mobile attack chains

Key Takeaways from Zimperium’s 2023 Global Mobile Threat Report

All caught up on the latest benefits of app hardening and code obfuscation, but interested in learning more about the inner workings? Join a member of the Zimperium Sales Engineering team for a demo webinar where we will show the core aspects of zShield, our advanced app shielding and obfuscation solution. Register and learn about:
- Setup and deployment
- Alerts and monitoring risks
- Special highlight on implementing zShield in iOS Apps

Demo Series: zShield | Plus a Deep Dive on Implementing zShield in iOS Apps

Healthcare providers are increasingly investing in mobile devices and apps because they help save lives, but they come with critical security risks. Vulnerable app-connected medical devices used for dispensing medicines and therapies, access based on implicit trust, limited threat protection, and operational complexity make it hard to defend healthcare networks and patient PII. Ensuring patient health is always the critical factor in how much security is enough.

The compromise of an app can result in severe consequences for both patient health and patient data. With the continued growth in the deployment and use of app-connected medical devices, cyberattacks, be they malicious or not, are only likely to increase.

In order to minimize any gaps in security, mobile applications need advanced and dynamic detection capabilities that can detect even zero-day threats to keep the application and user safe at all times, even long after the system was designed and running. This post-market surveillance is a critical aspect of long term security posture.

Register for this webinar and learn about:
- The latest mobile security threats that can affect your app 
- How advanced app security solutions can help you stay ahead of these threats
- What device manufacturers and software developers need to do to design their products to minimize potential vulnerabilities

Protecting Patients Requires Protecting App-Connected Medical Devices

Mobile app developers are under pressure to do more with less and faster, making it more difficult than ever to build a secure mobile app. And hackers know this. Join Zimperium and DZone for a webinar to hear how hackers attack mobile apps. 

In this webinar, you will learn:
- The different attack vectors and methods for hacking mobile apps
- The most crucial security measures you should put in place to secure your mobile applications
- How to obtain comprehensive in-app protection and threat visibility
- Where to start on your mobile AppSec journey

How Malicious Actors Compromise Your Mobile App

All caught up on the latest benefits of app hardening and code obfuscation, but interested in learning more about the inner workings? Join a member of the Zimperium Sales Engineering team for a demo webinar where we will show the core aspects of zShield, our advanced app shielding and obfuscation solution. Register and learn about:
- Setup and deployment
- Alerts and monitoring risks
- Special highlight on implementing zShield in Android Apps

Demo Series: zShield | Plus a Deep Dive on Implementing zShield in Android Apps

The number of organizations banning applications due to surveillance and spyware concerns on employee devices continues to grow In 2020, the average smartphone user had 40 apps installed on their mobile phone. And Zimperium’s zLab Research team found last year (2022) that 23% of all Android samples and 24% of the iOS apps in the public record are malicious, meaning mobile apps represent a major attack surface.

Mobile threat defense (MTD) solutions protect mobile platforms by detecting threats to apps on the devices as well as operating systems and the networks they use. While MTD is a vital component of enterprise security that should be integrated into Zero Trust architecture, organizations also get significant benefits from the app vetting capabilities, especially in this era requiring specific app policy enforcement. In fact, according to the 2023 Gartner Market Guide for Mobile Threat Defense, “Security and risk management leaders looking for immediate, visible value to justify an MTD investment should use the app-vetting and device vulnerability management features. These two features enable them to demonstrate quickly how MTD reduces app risk and device risk.”

Join Zimperium and SANS for a webinar to discuss how to use mobile app vetting to protect your organization from security and privacy threats.

Managing Apps on BYO and Managed Devices: How to Enforce Policies

Interested in learning more about the day-to-day impact of Mobile Threat Defense on your overall security? Join a member of the Zimperium Sales Engineering team for a demo of the core aspects of Zimperium Mobile Threat Defense (MTD), formerly known as zIPS. Attend to learn about:
- Policy setup and enforcement
- Integrations with MDM / EMM, XDR, SIEM and SOAR solutions
- Alerts and managing risks
- Special highlight on zero-touch deployment

See a Demo of Zimperium MTD | Plus a Deeper Dive on Zero-Touch Deployment

Multi-factor authentication (MFA) is a key component to achieving Zero Trust, as it adds a secondary line of protection before allowing access to networks, applications, or databases. However, malicious actors have found ways to bypass this control through sophisticated SMS-based attacks, device compromises, malware and even network attacks.

Join Zimperium and RSA for a discussion on how advanced mobile threat defense (MTD) solutions, either standalone or integrated into MFA apps directly, can enhance Zero Trust controls and protect MFA implementations by providing critical mobile device risk attestation.

During the webinar we’ll cover:
- How hackers can bypass traditional MFA solutions, including lessons learned from the Cloudflare, Uber, and Twilio attacks
- How MTD provides critical mobile device risk attestation
- How RSA has enabled its MFA app to be self-defending by embedding MTD technology

How Hackers Bypass MFA… And How to Stop Them

The White House has given Federal agencies 30 days to remove a popular social media app from all government-issued devices and to prohibit future traffic to the app. This is in addition to the many State, Local, and Education groups that have already banned the app. MDMs and Network traffic tooling alone won’t meet the new requirements. A mobile threat defense (MTD) solution is necessary for mobile app vetting, which can prohibit and protect against specific mobile apps and filter traffic. 

Join our webinar to learn:
- How to quickly & fully meet the mobile app ban guidance for government devices
- Why this is only the beginning of understanding a particular “category of apps” (Spyware, Leaky, etc.)
- Where meeting this guidance crosses into other guidelines and programs, such as OMB 21-31, 22-01, 22-09, and BOD 23-01 and 22-01

How Government Organizations Can Quickly Enforce Mobile App Bans

On board with Mobile Threat Defense, but interested in seeing more on the day-to-day detail of how it will impact your mobile security? Join a member of the Zimperium Sales Engineering team for a demo of the core aspects of zIPS, our advanced mobile threat defense (MTD) solution. Attend to ask questions and learn about:
- Policy setup and enforcement
- Integrations with MDM / EMM, XDR, SIEM and SOAR solutions
- Alerts and managing risks
- Special highlight on anti-phishing capabilities

See a Demo of Zimperium MTD | Plus a Deeper Dive on Anti-Phishing Capabilities

Hackers work 24 hours a day to find new ways to uncover mobile app secrets and private user data. To defend against their constant and sophisticated attacks, mobile app developers must implement security throughout the entire app development lifecycle.

But between fixing the privacy, security and compliance risks in the development process and enabling protection of your mobile apps from the many different threat vectors while in use, it’s often hard to know where to start.

Join Zimperium and a Senior Security Analyst from Riscure, an independent security laboratory, to learn about mobile app attacker techniques and capabilities, including:
- The top mobile app attack vectors and attacker capabilities
- How to prioritize and approach your mobile application security objectives 
- Overall best practices for securing the entire mobile application development lifecycle

Top Risks to Address in your Mobile Application Security Journey

Mobile is the unsecured dream frontier for malicious actors targeting critical data and IT systems here in Australia.

No matter the device, OS or ownership, the mobile attack surface is increasingly under attack. From spear phishing attacks successfully targeting critical services to feature-rich mobile malware infecting mobile devices to advanced spyware, the threat vector against IT infrastructure in Australia continues to get larger with each mobile endpoint connected.

Join Zimperium for a detailed overview of the mobile threats targeting Australia right now:
- An analysis of the mobile threats in Australia
- A map view of where threats occur most
- Best practices to protect your organisation’s mobile devices from threats and attacks

Mobile Threat Patterns Across Australia | 2022 Q4 Analysis

According to recently published ESG research, “the top 3 reasons security operations are more difficult today than they were two years ago:
- The threat landscape is growing and changing rapidly
- The attack surface has grown
- The attack surface is continuously changing and evolving”

Security operations teams demand massive scale to collect, process, analyze, and act upon vast amounts of data. Threat detection and response across enterprise organizations commands a wider aperture than legacy security solutions. In order to modernize security operations centers and keep up with the volume of security alerts, large organizations need to ensure they aren’t ignoring a wide swath of the modern enterprise endpoints. 

Join Zimperium and SentinelOne to learn why efforts to optimize an EDR strategy without incorporating a Mobile Threat Defense solution paints an incomplete picture and leaves an enterprise vulnerable to modern day mobile threats.

Better Together: Why EDR Without MTD Leaves You Vulnerable to Attack

No importa el sistema operativo o la propiedad del dispositivo, la superficie de ataque a un dispositivo móvil está bajo ataque cada vez más. Desde ataques de phishing dirigidos con éxito a servicios críticos, hasta malware móvil que infecta dispositivos móviles con software espía avanzado, el vector de amenazas contra las infraestructuras de TI continúa creciendo con cada terminal móvil conectado.

Únase a nuestro webinar para obtener una descripción detallada de las amenazas móviles ocurriendo en España en este momento:
- Un análisis de las amenazas móviles en España
- Un mapa de dónde ocurren más amenazas
- Mejores prácticas para proteger los dispositivos móviles de su organización de amenazas y ataques

Patrones de las amenazas y ataques a dispositivos móviles en España

For years, financial services organizations have been leveraging mobile both internally and externally, and the increased usage has brought an ever-expanding set of security threats that need to be addressed. Mobile apps accessed by customers and mobile devices accessed by employees (both corporate owned and employee owned) need to be able to detect known and unknown threats across the threat vectors – Device, Network, Application, and Phishing.

Join Zimperium for a webinar about the unique mobile security challenges facing banks in APAC. In this webinar, we’ll discuss:
- The top threats that can undermine financial services’ mobile initiatives
- Ways hackers are targeting and exposing your apps
- How you can protect your organization and customers

Mobile Threat Chains: Patterns of Attack Against APAC Banks

The monetized world of cybercrime is not a new concept, and until recently the highly technical malware did not reach into the mobile world. But like everything else, that has changed. Cybercriminals see the widely adopted frontier of mobile as a valuable target for increasingly advanced malware and services, and for the right price, are ready to sell to anyone.

Advanced mobile malware, like spyware, is no longer a product just for nation states and deep-pocketed criminals as it sits on the open markets available for purchase with a simple credit card, cryptocurrency, or even donations. The threat to enterprises, their data and employees, has increased significantly due to this market evolution, and spyware is the main course.

Join representatives of Zimperium’s zLab Advanced Threat Research team as they reveal the growing marketspace for spyware, how enterprises can stay aware of new and emerging threats, and a demo of commercially available mobile spyware in action.

Spyware for Sale: The Growing Threat to Mobile Security

Mobile Geräte & Applikationen sind ein ungesichertes Paradies für Hacker, die es hier in Deutschland auf vertrauliche Daten & kritische IT-Systeme abgesehen haben.

Unabhängig vom Betriebssystem oder Eigentümer des Gerätes steigt die Häufigkeit der Angriffe auf Geräte & Applikationen rasant. Von Spear-Phishing-Angriffen, die erfolgreich auf kritische Dienste abzielen, über funktionsreiche mobile Malware die Mobilgeräte infiziert, bis hin zu fortschrittlicher Spyware wird die Angriffsfläche für IT-Infrastrukturen in Deutschland mit jedem angeschlossenen mobilen Endpunkt immer größer.

Wir laden Sie herzlich zu unserer Online-Veranstaltung “Mobile Bedrohungsmuster in Deutschland” am 13. Dezember um 11 Uhr ein, in der wir uns konkret auf die folgenden Themen fokussieren werden:
- Eine Analyse der mobilen Bedrohungen in Deutschland
- Eine Kartenansicht der Orte, an denen Bedrohungen am häufigsten auftreten
- Best Practices zum Schutz der mobilen Geräte & Applikationen Ihres Unternehmens vor Bedrohungen und Angriffen

Mobile Bedrohungsmuster in Deutschland | 2022 Q3 Analyse

Organizations of all sizes in the Defense Industrial Base (DIB) are in the process of preparing to comply with the Cybersecurity Maturity Model Certification (CMMC) 2.0, which requires DIB members managing Controlled Unclassified Information (CUI) to undergo third-party assessments based on all 110 practices of the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171. 

Mobile device security is a critical topic of discussion among those in the DIB who are assessing and strategizing about how to address their existing endpoint security. In particular, there are specific requirements around incorporating mobile device usage restrictions, scanning a device for software updates and patches, and conducting operating system (OS) integrity checks within their current cybersecurity mix.

As many organizations race to meet these updated CMMC standards, they will all but certainly fall short if they neglect to incorporate mobile threat defense (MTD) as part of their mobile device security controls. 

Join us for an in-depth webinar discussion as we break down in detail which standards will require an MTD or mobile application security solution in order to help you take the guesswork out of meeting these important compliance mandates.

Taking the Guesswork Out of CMMC Compliance: Mobile Security Edition

Cyber Security

Information Security

CMMC

IT Security

Government

Compliance

Cyber Threats

Threat Defense

SecOps

Public Sector

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Join this new, vibrant community to learn and connect with top thought leaders, startups and banks who are disrupting the financial services industry. Keep up with the latest news and trends in Fintech and take part in lively debates on topical issues and challenges.

Fintech

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Taking the Guesswork Out of CMMC Compliance: Mobile Security Edition

Presented by

About this talk

More from this channel