Contain Yourself - Analysis of BYOD Secure Containers
In today's world, everyone wants access to information from his or her personal mobile device. As a business, this includes your customers and/or employees. What if the information they want access to is highly sensitive? While it's tempting to resist these pressures for security reasons, providing mobile access can be a significant competitive advantage and most importantly keep your customers and employees happy and productive. The reality is that in order to survive in a connected world, we must provide a way to meet these demands without sacrificing security.
Organizations have begun moving from "managed devices" to a Bring Your Own Device (BYOD) model where company resources can be accessed and stored on unmanaged devices. As you can imagine, there are some inherent risks with this approach due to the organizations inability to enforce policies on personal devices. There is currently a huge market for solutions that allowing enterprises protect their data on unmanaged devices. Enter "Secure Containers” and “Application Wrapping". The basic premise of these solutions is that it allows organizations enforce policies at the application layer rather than the device layer. For example, authentication, remote wipes, lockouts and data encryption can now be enforced on a per application basis. Application Wrapping is a technique, which allows the ability inject their own code into existing iOS applications. Once injected, existing iOS method implementations can be overwritten to enforce these policies. In a nutshell, you can have an existing application and have it wrapped so that it enforces various defined policies and secure it without developers having to manually implement it.
RecordedMay 13 201451 mins
Your place is confirmed, we'll send you email reminders
Changed business practices, such as employees working on the move and the adoption of the cloud and cloud resources, should be mirrored by a change in security strategies. Organizations are commonly reluctant to adopt cloud technologies over concerns with security and control over enterprise data. However at the same time, many of these same organizations opened up access to applications for employees on the move, users on personal devices, external contractors, and other third parties that created a significantly larger attack surface than cloud services would have. To combat these threats, a number of cloud-friendly segmentation and application isolation techniques can be deployed to allow organizations to safely use the cloud whilst reducing their attack surface. Specifically, application segmentation via software-defined security represents a technique to accommodate borderless applications, adoption of the cloud, and modern user behaviours.
Paul German, VP in EMEA, will discuss how the challenges presented by the next generation of information security can be overcome with practical examples and best practice tips.
Sian John (Chief Strategist) & Zoltán Précsényi (Senior Manager Government Affairs) - Symantec
When a breach occurs the most damaged areas for the business are reputation, revenue and repeat business. Protecting these means having strong controls in place to prevent the breach, and clear communications if (when) it happens. The EU-GDPR requires a breach to be notified within 72 hours of discovery, strong protection process allows the business to control what/who needs to be notified, and limit potential damage.
Join this webcast to find out the latest on the General Data Protection Regulation.
Mary Jane Kelly, Security Consultant - RMG at NCC Group
While social engineering is an age-old tactic employed by con artists and attackers alike, increasing interconnectedness of social media accounts has made it easier than ever to obtain enough information to launch successful attacks such as spear phishing.
In this talk, MJ Kelly explores the emerging dangers of information exposure through social media and its increasing attack surface. She presents practical strategies for protecting yourself and your company, including social media security awareness, identity verification, and recovery from hijacked online identity.
Dr. Srinivas Mukkamala, Co-founder and CEO, RiskSense Inc.
While organizations spend huge sums of money every year to maintain a security perimeter designed to fend off cyber and insider threats, reports about breaches at organizations such as Hyatt, DNC, Twitter, and SWIFT are raising doubts about the effectiveness of these investments. In turn, cyber security insurance has emerged as a stop-gap to protect stakeholders from the shortcomings of siloed risk management processes. However, insurance policies are not a replacement for improving a company’s cyber security posture.
In this session, renowned cyber security expert Dr. Srinivas Mukkamala will outline the challenges posed by today’s dynamic threat landscape. He will explain how organizations can operationalize cyber risk management and implement a pro-active, rather than reactive, approach to threat prevention, detection and response. Dr. Mukkamala will reveal best practices in how to identify, quantify, and remediate imminent cyber risk across a growing attack surface.
Enabling secure BYOD has long been a challenge for IT. Attempts to secure these devices with agents and device management tools like MDM have been met with widespread employee concerns about privacy and usability, and as a result, organizations see low rates of adoption. Requiring that employees use these install these cumbersome device management tools or access data solely from managed devices are solutions fraught with issues. Employees need the flexibility to work from any device, anywhere.
In this webinar, we'll discuss how IT can limit risk of data leakage amid changing user habits. Learn how organizations across all industries are enabling secure mobility and productivity with a zero-touch, agentless solution.
With the rise of the digital business, organizations see a clear value in automating infrastructure. While automation provides more agility and speed, it also introduces new security risks. Organizations are no longer simply worried about controlling human access; authorization and authentication must be managed for every job, container, VM, service, and user. In this talk, we’ll discuss the security challenges organizations face in this new environment, and some strategies to help organizations manage, curate, and constrain cloud system resources and people when these entities are too numerous or dynamic to be managed by hand.
Matthew Yeh, Delphix, Product Marketing & Olivia Zhu, Delphix, Business Technology Consultant
A new, data-centric approach to security is taking hold. Rather than establishing perimeter defenses in hopes of repelling breach attempts, security-minded organizations are investing in technologies that protect the interior--the data itself. In particular, the combination of virtual data and data masking is proving to be a powerful way for enterprises to safeguard sensitive data from both insider and outsider threats.
View this webinar to learn:
How data masking is superior to solutions based on encryption and firewalls
What virtualized data is, and how it forms the foundation for an effective security strategy
Why integrating data masking with virtual data reduces your surface area of risk by 90%
Ransomware is dominating the headlines, and with good reason - it is one of the biggest threats to business in 2016. It hase evolved into a self-replicating and network-aware criminal attack that can destroy smaller organisations and cause havoc in businesses of all sizes. Learn how ransomware is developing, the attack vectors and what you can do to minimise your exposure.
Healthcare has become criminals most lucrative target. Why? Because medical records are worth 10 times that of credit cards. The recent digitization of the healthcare industry has rapidly expanded the attack surface to include electronic healthcare records, patient portals, IoT-enabled medical devices and more.
Imagine losing access to all of your patient data—only to find out you are being extorted by criminals who require payment to get it back. This type of attack can disrupt life & death technologies that medical practitioners rely on to perform their jobs. Ransomware adds up to a significant threat to the healthcare industry.
But, there are steps you can take to actively reduce the number of ransomware infections across your organization. OpenDNS and Cisco are on the forefront of helping our healthcare customers against various versions of ransomware.
Hear from Barry Fisher, Sr. Product Manager at OpenDNS, to learn the simplest way for healthcare security practitioners to stay ahead of Ransomware attacks. You’ll learn how to:
-Reduce ransomware infections across your organization
-Identify the infrastructure used by attackers to connect, control and transfer the encryption keys
-Protect medical IoT endpoints, patients’ devices and even devices that don’t run agents, like heart monitors and infusion pumps
Register now to learn how to start covering your healthcare security gaps.
Over the last few years, there are a known 620 million user accounts that have been compromised across hundreds of sites. Organized cybercrime have figured out that this is the fastest, most reliable method to infiltrate organizations, as well as achieve financial gain. Since users share passwords across multiple sites, it is easier to find logins that work on a target site than try to bypass firewalls, find software flaws, or even run spearphishing campaigns.
These types of attacks are collectively coming to be known as “Account Takeover” (ATO). Some are simple, while others are sophisticated. Some can be stopped relatively easily, and others require much more effort.
ATO attacks (via stolen credentials) were cited as the #1 method of confirmed data breaches in both 2014 and 2015, for web applications, which itself was the #1 vector for data breaches.
Come learn what these ATO threats are, their impact to your business, how to detect them, and what you can do about it.
Ben Wilson, Senior Director, Product Management, Fortinet
During the past 15 years, access layer solutions have evolved, especially in terms wireless connectivity.
Today's wireless connectivity has multiple approaches, each better meeting the specific requirements of organisations through a choice of different architectures. Whether its a refresh, redeployment, change of application or a brand new site, there are a lot of options.
During this webinar we’ll examine different approaches and how to apply them to different verticals or deployment scenarios. As wireless connectivity continues to evolve, we will also look to the future and see how trends in new hardware can provide cutting edge solutions to meet the potential needs of tomorrow's organisations.
The presentation will end with an overview of Fortinet's Secure Access Architecture and how it can meet today's and tomorrow's wireless requirements.
Sam Fineberg, Distinguished Technologist, HPE, Ben Swartzlander, OpenStack Architect, NetApp, Thomas Rivera, SNIA DPCO Chair
This Webcast will focus on the data protection capabilities of the OpenStack Mitaka release, which includes multiple resiliency features. Join Dr. Sam Fineberg, Distinguished Technologist (HPE), and Ben Swartzlander, Project Team Lead OpenStack Manila (NetApp), as they discuss:
- Storage-related features of Mitaka
- Data protection capabilities – Snapshots and Backup
- Manila share replication
- Live migration
- Rolling upgrades
- HA replication
Our experts will be on hand to answer your questions.
This Webcast is co-sponsored by two groups within the Storage Networking Industry Association (SNIA): the Cloud Storage Initiative (CSI), and the Data Protection & Capacity Optimization Committee (DPCO).
Moderator: Colin Whittaker, PCI Industry Alumni; George Rice, HPE Security; Mike Urban, Javelin, Miguel Gracia,CardConnect
The face of the threat landscape is becoming increasingly sophisticated and highly targeted. Advanced threats are succeeding in their effort to gain access to payment data of target organizations. CISOs, CXOs, and other executives need to become knowledgeable about the potential impacts of targeted attacks and advanced persistent threats. They need to become actively engaged in developing and implementing effective protective strategies.
During this webinar we will discuss recommendations and best practices to help organizations develop a sustainable security program designed to respond quickly to targeted attacks and minimize the consequences of any data breaches.
Technologies like software defined networking (SDN) provide flexibility and efficiency, but where does security fit in? SDN, like any network can be attacked at each network component. And as bandwidths increase to 100G and beyond, the rate of data transfer and the risks escalate, both on the physical and virtual plane. So what can you do to protect your networks and the data that travels through them?
What will be the impact on cybersecurity in the UK if Brexit becomes a reality? Cybersecurity professionals and UK government have voiced their opinions and Peter Wood has distilled the key arguments into this independent analysis.
Krishna Narayanaswamy, Founder and Chief Scientist, Netskope
The rapid rise in cloud adoption – of which corporate IT has underestimated the scope by as much as 10x - has created a new effect: a “cloud attack fan-out.” Between many connected devices, which increase the attack surface, and capabilities like sync and share, which increase data velocity in the cloud, both the propensity and the severity of a breach rise.
Join Krishna Narayanaswamy, Founder and Chief Scientist of cloud security company Netskope, as he takes an in-depth look at data breaches involving cloud services and how they come about. Krishna will take a fun, CSI-like presentation approach and draw upon unique, anonymized data seen in the cloud to illustrate:
- The multiplier effect that that the cloud can have on the probability of a data breach
- Three real-world examples in which the cloud can play a role in data breaches, including a step-by-step review of a recent exploit found in a cloud storage app
- How to identify data breaches in an enterprise cloud environment using advanced anomaly detection techniques
- A forensic walk-through in the reconstruction of a complex audit following a data breach
- Best practices for mitigating breaches as well as monitoring and protecting sensitive enterprise data in the cloud
29% of today’s global workforce use 3+ devices, work from multiple locations and use multiple apps, while 80%+ employees admit to using non-approved software-as-a-serve (SaaS) applications in their jobs. How do you boost productivity, collaboration, and agility with real-time access to business tools and information while keeping it all secure?
Join this webcast to learn:
•How to protect your mobile productivity tools
•How to save money and set up quickly
•Keep your data secure on the move
•Protect everything—across devices, operating systems and applications
Peter Gossin, Digital Transformation Manager, Microsoft
Digital transformation is the process of using today’s technology to modernize outdated processes and meet the most pressing needs of your business.
Thanks to recent advances in lower cost tablet technology and Microsoft’s suite of cloud and productivity services, complete digital transformation is more accessible now than ever before. A new class of affordable devices is revolutionizing the way businesses and their employees work and interact with customers.
Sign up now to:
•Engage your customers
•Empower your employees
•Optimize your operations
•Transform your products
As detection of malware and exploits at the perimeter and endpoint becomes more effective, attackers are increasingly using a combination of social engineering and direct end-user outreach to bypass technological controls. The most common source for cyberattacks today is not malicious code, but exploits of trust, typically over email.
In this session, cybersecurity veteran Kevin O'Brien (@stake, Thomson Reuters, CloudLock, GreatHorn) will look at these new patterns, and provide a general framework for response to defend your organization.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.
The panel will be discussing:
- Brexit's impact on the technology industry
- What IT and information security can do to prepare for Brexit
- Who else we should work with in our organisation to prepare
- Any legal angles (e.g. storing data in the cloud in Ireland) we need to investigate
- Legal obligations, such as GDPR, we may still have to prepare to meet.
Moderator: Adrian Davis, Managing Director (ISC)² EMEA
David Evans, Membership Director at BCS
Lars Davies, Founder & CEO at Kalypton Group Limited
Louisa-Jayne O'Neill, Vice Chairman, Information Assurance Advisory Council (IAAC)
Open Banking is set to disrupt the financial services value chain. Across the world, this disruption can already be seen with a number of innovative initiatives emerging and with pressure from regulation, such as PSD2 in Europe, beginning to impact institutes.
With the foundations starting to build, what are the common approaches to Open Banking and how can you avoid the pitfalls?
Hear from MuleSoft Banking API specialist Danny Healy and industry veteran Paul Rohan, author of "PSD2 in Plain English", for a unique business and technical insight from the leaders in API-led connectivity.
Will you simply survive? Or change to thrive, in an Open Banking world?
SPID è il nuovo servizio che permette a cittadini e imprese di accedere con un’unica identità digitale ai servizi online pubblici e privati in maniera semplice, sicura e veloce. Durante questo webinar vi racconteremo cosa cambia con SPID, e in particolare cosa prevede la normativa per tutte le Pubbliche Amministrazioni; ma anche come sia possibile trasformare questa sfida in una grandissima opportunità di business per tutte le aziende, che potranno permettere a milioni di cittadini di accedere ai propri servizi senza bisogno di registrazione.
CA Technologies ha realizzato dei pacchetti che consentono a quasiasi azienda di interconnettersi al sistema di autenticazione di SPID in modo veloce e sicuro. Scoprite tutto all’interno di questo webinar!
Allot WebSafe Personal enables rapid rollout of value-added parental control and anti-malware services that increase customer loyalty, and generate incremental revenue for fixed and mobile service providers. Enterprise cloud services also use Allot WebSafe Personal to protect user endpoints and enhance business productivity.
Komplexe Cyber-Angriffe betreffen hunderte oder sogar tausende von Unternehmen. Um Cyber-Angriffe rechtzeitig zu entdecken, benötigt man sehr spezialisierte Analyse-Werkzeuge vergleichbar mit den Systemen mit denen Unwetter-Warnungen und Schäden identifiziert werden. Wo soll man anfangen? Man muss die kritische Infrastruktur schützen und Geschäftsprozesse am Laufen halten. Nicht nur in Bezug auf die physische RZ Infrastruktur, sondern auch im Bereich Cloud & Mobile. Wie stellt man sich auf Angriffe von multiplen Quellen ein, wenn man eine Ansammlung getrennter IT Sicherheits-Lösungen unterschiedlicher Hersteller hat? Wir können Ihnen helfen, die Gefahren abzuwehren. Im letzten Webcast unserer Serie zeigen wir, wie Sie Ihr Unternehmen auf zukünftige Gefahren vorbereiten. Mit unseren Security Daten Analysen sind Sie gut gewappnet, wenn die nächste Angriffswelle kommt.
The demand for business to be more agile to meet customer demands and stay competitive is driving a change in the way applications are developed, deployed, and adopted. The challenge has become balancing the agility needs of the business with improving the security of the applications and more importantly the data as it moves between the various clouds. Gaining visibility and preventing attacks that are attempting to get access to the data both from an external location and through a lateral attack becomes imperative in all locations the applications and data reside without adding additional complexity or cost.
Organizations require visibility, control, and prevention capabilities across all major private and public cloud environments enabling consistent security policies and protection no matter where it is deployed.
This webinar will cover:
•Visibility: Consistent visibility across clouds is one of the most common issues with multi-cloud deployments.
•Threat prevention: Block known and unknown threats is a critical requirement to protect applications and data no matter where they reside.
•Automation: The ability to natively integrate into a variety of environments to match the dynamic and on demand nature of cloud services.
•Centralized management: Manage your virtualized and physical firewalls from a single management console, delivering consistent policy and features across all clouds.
Test automation, continuous integration (CI), and reliable test data provisioning are all key elements to making DevOps work, as they provide the necessary capabilities to quickly and securely test and release software. Without these technologies, the DevOps promise of rapidly deploying new services and applications is only a dream.
Join this web seminar to learn how to execute an integrated data management approach that will deliver seamless automation, efficiency, and security to your DevOps and continuous integration efforts.
• How to release applications faster with confidence through improved collaboration, automation and visibility.
•How self-service test data powers DevOps and CI implementations
•Ways to manage test data to reduce risk when implementing CI and DevOps
• Common oversights when employing automation and DevOps
• How organizations have saved millions and slashed development cycles
• Seamless automation tools and processes
Protecting your enterprise data is often referred to as a technology issue, but most cyber attacks begin by fooling a user into doing something, such as unknowingly downloading malware or giving up security credentials. This “social engineering” is the most common way that an online attacker will gain access to your business – and the hardest to defend against, because it exploits everyday human weaknesses, rather than technical vulnerabilities.
How do attackers fool your employees via email, Web, phone, and onsite? What are some of the latest methods they use to trick users and employees into breaking security policy? And most importantly, what can your organization do to keep its employees from being taken in? In this informative Dark Reading webcast, top experts on social engineering will answer these questions and many more. You’ll learn about current social engineering methods and the “human” threats posed by online and physical attackers. You’ll also get insight on how your organization can train and test its users and employees to recognize and turn away these social engineering exploits – before they compromise your business.
Threat actors have discovered that targeting organizations with ransomware can be far more lucrative than extorting small sums from home users. Ransomware is on the rise. But your organization does not have to become a victim. Automated prevention is certainly achievable.
Join us for this live webinar where you will learn:
• Which three steps you must take to successfully prevent an outbreak in your organization
• Why existing endpoint security solutions often fail to prevent ransomware infections
• Which organizations threat actors target most intently with ransomware
• What endpoint protection technology capabilities are necessary to automate ransomware prevention
• Which three delivery vectors attackers use in nearly all ransomware infections