Hi [[ session.user.profile.firstName ]]

Know What to Defend Against: Anatomy of a Network Attack

You can’t secure your IT infrastructure if you don’t know what’s attacking you and how. In this session, Alert Logic will share information on the latest network security trends, including the types of activity that the Alert Logic research team sees from our more than 2700 customers, and data on the origins and targets of attacks.
Recorded Aug 5 2014 49 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Stephen Coty, Chief Security Evangelist, Alert Logic
Presentation preview: Know What to Defend Against: Anatomy of a Network Attack

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • You CAN Measure Your Cyber Security After All Jan 16 2017 6:00 pm UTC 45 mins
    Dr. Salvatore Stolfo, CEO at Allure Security Technology
    Any business exec will tell you that “what gets measured gets managed,” but few organizations apply that to their cybersecurity strategy. In this webinar, we’ll talk about why companies should make security analytics & threat analysis part of their ongoing business intelligence and how measuring data leakage could not only save an organization from a costly breach but can help impact the business bottom line.
  • I Heart Security: Developing Enterprise Security Programs for Millennials Jan 13 2017 10:00 pm UTC 45 mins
    Mary Jane Kelly, Security Consultant at NCC Group
    Open-minded, collaborative, and engaged, Millennials embrace values that can be effectively directed to reduce risk across an organization. While some may view the Millennial spirit as a security liability, with the right support, their views and priorities can actually help cultivate a stronger security mindset within their teams.

    In this talk, MJ Kelly explores how to develop security programs that resonate with Millennials. She presents practical approaches that incorporate deeply held priorities of the new generation, while ensuring that experienced team members remain included and engaged. Strategies include determining appropriate incentives, varying motivational focus, and testing new tactics such as gamification and novel information distribution channels to foster a strong security culture throughout the entire organization.
  • The 2017 Threatscape Jan 6 2017 3:00 pm UTC 45 mins
    Amar Singh
    There is only one threat that you need to fight and conquer in 2017. We can write a few lines about how threats are changing or about the dynamic threat landscape. However, let’s spare you the pain of reading the same old blurb and instead let’s do the right thing and share with you the one single, biggest threat facing every single business. It’s been around forever however in 2017 exploiting this threat is most certainly going to cause increased financial pain and reputation damage.

    Join Amar Singh, CEO of Cyber Management Alliance and founder of the Insights with Cyber Leaders series and other distinguished cyber leaders as they lay bare the severity of this threat.

    Note: 30 Minutes webinar only with 15 minutes of interactive questions from the audience at the end.
  • Interactive Q&A: SF Muni Ransomware Rampage Dec 16 2016 6:00 pm UTC 45 mins
    Alex Holden, Founder and CISO of Hold Security, LLC
    After the SFMTA Ransomware attack there are many questions about what is the proper response to such attacks and hackers’ motivations. Based on evidence directly from the hackers behind the recent ransomware attack against San Francisco's Muni, we know what led to the breach. We will be answering your questions about the hackers’ operation, motivations, and victim’s response to this and similar attacks.
  • The 2017 Cyberthreat Landscape Dec 14 2016 5:00 pm UTC 60 mins
    Leo Taddeo, Chief Security Officer, Cryptzone
    2016 was record-setting … and threats aren’t likely to subside in 2017. Let’s reflect on what happened this year and learn about emerging threat landscape trends. A solid understanding of the threat landscape will help you better formulate your defensive strategy and prioritize security initiatives for 2017 and beyond.

    This webinar will feature Leo Taddeo, who is uniquely qualified to present his thoughts on the ever-changing threat landscape. Currently Chief Security Officer (CSO) for Cryptzone, a provider of dynamic, context-aware network, software-defined perimeter based security solutions, Leo is former Special Agent in Charge of the Special Operation/Cyber Division of the FBI’s New York office. Leo is a frequent cybersecurity source for business, IT security and global news outlets, such as: Bloomberg, CNBC, CSO Online, Dark Reading, Fortune, New York Times, Washington Post and more.

    Join the discussion on December 13th!
  • Key Threats To Look Out for in 2017 Dec 13 2016 7:00 pm UTC 60 mins
    Josh Douglas, Chief Strategy Officer, Raytheon Foreground Security; Stuart Taylor, Senior Director, Forcepoint Labs
    To close out 2016, we'll be looking at the year in review; the big breaches and notable disclosed vulnerabilities. We'll then use that information to assess the key threats that'll be on the horizon in 2017 and what you can do to protect your organization.
  • When Things Misbehave: How to Mitigate Massive DDOS Attacks Dec 13 2016 6:00 pm UTC 45 mins
    Moshe Elias, Director of Product Marketing and Scott Poretsky, AVP Solutions Architect
    The Distributed Denial of Service (DDoS) attack launched Friday, October 21, against Dyn - one of the largest managed DNS infrastructure providers - was the most destructive attack to date launched from an IoT botnet. The threat of mega attacks launched from infected connected devices is now a reality that dramatically changes the paradigm for mobile and fixed operators whose core infrastructure is susceptible to global attacks that are large enough to significantly disrupt subscriber quality of experience (QoE).

    Join us in this webinar to learn:
    •The impact of IoT driven DDoS mega attacks
    •Architectural approaches to volumetric DDOS mitigation
    •How to measure and maintain subscriber quality of experience during an attack
  • Combating Cloud Security Threats in 2017 Dec 12 2016 7:00 pm UTC 60 mins
    Manolo Gonzalez, VP, ​Platform and​ Technology Alliances​ at CloudLock
    Gartner named CASB the #1 infosecurity technology in 2016. Why is cloud security number one? As users, data and applications move to the cloud and traffic happens off the network, new vectors for malware and threats open up and a new paradigm and breed of security solutions is required: Cloud Access Security Brokers (CASB).

    This presentation will demonstrate how to regain visibility and control in your cloud environments, as well as key use cases in the cloud, and how CloudLock works to provide effective security.
  • Reducing Threats through Improving Identity Security Dec 12 2016 6:00 pm UTC 45 mins
    David Coxe, Co-Founder, Criterion Systems and Co-Founder & CEO of ID DataWeb
    Cyber threats are increasing in frequency and complexity, and all industry segments are vulnerable. Join this presentation to learn the advances in identity security and privacy, and how you can protect your organization in 2017.

    Presenter:
    David Coxe is the CEO of ID DataWeb, Inc. (IDW) and was the Principal Investigator for the Criterion Systems NSTIC pilot program. He is also co- founder of Criterion Systems, a successful IT services contractor that provides information security, cloud computing, software development and other services to civilian agencies, DoD, and the Intelligence community. David has 20 years identity management experience and is currently very active in the development and implementation of attribute exchange trust frameworks. He co-chaired the Attribute Exchange Working Group (AXWG) at the Open Identity Exchange (OIX) for implementing the business, legal, technical, policy/privacy and assessor/certification requirements for Attribute Exchange (AX) Trust Frameworks.
  • How Cybersecurity, Technology and Risk Is Maturing the Role of the Modern CISO Dec 12 2016 5:00 pm UTC 60 mins
    Gary Hayslip, CISO - City of San Diego, CA
    The landscape that today’s CISOs operate in and the role they fill has fundamentally changed in the last few years. Today, CISOs must understand the technical side of cyber security, as well as enterprise risk management and how both disciplines impact their organization’s ability to successfully conduct business.

    Join this presentation to learn about the evolving cyber threat landscape, the challenges for CISOs and the requirements to ensure cyber security throughout their organization.
  • Abusing Bleeding Edge Web Standards For AppSec Glory Recorded: Dec 9 2016 42 mins
    Ryan Lester, CEO & Co-Founder of Cyph
    Through cooperation between browser vendors and standards bodies in the recent past, numerous standards have been created to enforce stronger client-side control for web applications. As web appsec practitioners continue to shift from mitigating vulnerabilities to implementing proactive controls, each new standard adds another layer of defense for attack patterns previously accepted as risks.

    With the most basic controls complete, attention is shifting toward mitigating more complex threats. As a result of the drive to control for these threats client-side, standards such as SubResource Integrity (SRI), Content Security Policy (CSP), and HTTP Public Key Pinning (HPKP) carry larger implementation risks than others such as HTTP Strict Transport Security (HSTS). Builders supporting legacy applications actively make trade-offs between implementing the latest standards versus accepting risks simply because of the increased risks newer web standards pose.

    In this talk, we'll strictly explore the risks posed by SRI, CSP, and HPKP; demonstrate effective mitigation strategies and compromises which may make these standards more accessible to builders and defenders supporting legacy applications; as well as examine emergent properties of standards such as HPKP to cover previously unforeseen scenarios.
  • Cyber-Security Trends – Security Analytics Is The Game Changer Recorded: Dec 8 2016 49 mins
    Stephan Jou, CTO at Interset
    In the past year there were numerous high-profile breaches including; insurance companies, government organizations, kid’s internet gaming, power utilities and dating sites. With the ever-changing landscape of threats and advanced cyber-attacks showing no sign of slowing down, organizations need to be prepared.

    As the breadth of corporate information expands, IT security teams face the daunting task of effectively protecting intellectual property, PII data, and PHI data from internal and external threats.

    Enter machine learning and security analytics – a technology that is at the top of most everyone’s hot new technologies for 2017, but can this technology detect and help stop cyber-attacks?

    Listen to guest speaker Stephan Jou, CTO at Interset, discuss what you need to know for the coming year and predict how user behavior analytics will play in the fight to stop cyber-attacks.
  • The Role of Supervisors in Mitigating Security Threats Recorded: Dec 8 2016 36 mins
    Anita R. Wood, Assistant Professor, Computer Information Technology at Pennsylvania College of Technology
    Cyber attacks are on the rise, both in volume and impact, and organizations worldwide are focusing on improving cybersecurity and data protection. A key aspect of this is raising security awareness across the organization. Join this presentation and learn about the the role supervisors play in awareness, preparedness and threat mitigation.

    Viewers will learn:
    - The types of insider cybercrimes
    - Mitigating insider's factors in cybercrime
    - Supervisors' value in the mitigation
    - Preparation of supervisors for mitigation
  • It’s My Life but I no Longer Have Control Over it! Recorded: Dec 8 2016 49 mins
    Gavin Chow, Network and Security Strategist
    We all know that technology plays a role in our everyday life but do you know the extent of that role? Advertising tells us to spend more and more of our life online and embrace technology in our homes, cars and everywhere else a microchip can be placed.

    But nowhere is there a message about the consequences of the misuse of that technology. 2016 has seen a rise in the number of incidents involving ransomware, IoT, and simply well intentioned connectivity gone wrong. That momentum is set to continue into 2017 and beyond.

    Although past performance does not guarantee future results, this session will focus on what we have seen this year and what we expect to see in the near future.
  • Trends in Email Fraud, and How to Prevent Enterprise-Facing Email Attacks Recorded: Dec 7 2016 50 mins
    Markus Jakobsson, Chief Scientist, Agari
    Email is the most popular communication tool, as well as the entry point for up to 95% of security breaches. As cyber criminals evolve their techniques, targeted, enterprise-facing email attacks are rapidly increasing, fueled by an almost inexhaustible supply of potential victims and the tremendous profits awaiting successful fraudsters.

    This talk will provide an overview of both the technical and psychological principles these criminals take advantage of, shedding light on why traditional defenses continue to fail. We will then describe a set of new defense mechanisms that enable enterprises to stop these attacks and review the results of early experiments with these approaches, which offer a new perspective on ways to prevent email fraud.

    Presenter:
    Dr. Markus Jakobsson is a security researcher with interests in applied security, ranging from device security to user interfaces. He is one of the main contributors to the understanding of phishing and crimeware, and is currently focusing his efforts on human aspects of security and mobile security.
  • Quantum Threats: The Next Undefended Frontier of Cybersecurity Recorded: Dec 7 2016 44 mins
    Mike Brown, CTO and Co-Founder of ISARA Corporation
    Cybersecurity threats are evolving more quickly than most organizations can pivot to defend against them. The 2016 IDC report states that “worldwide spending on cybersecurity products and services [is expected] to eclipse $1 trillion for the five-year period from 2017 to 2021” but we still may not be combatting emerging threats in the right ways.

    While we’re battling against growing threats from conventional computers, quantum computers are a growing shadow on the threat landscape, and people are already starting to think about how to get ready. Quantum safe options are becoming available, and bring with them new ways of thinking about how to integrate security solutions based on fundamentally different problems. What happens to TLS? What happens to VPN? What happens to PKI? Is your business ready? What potential threats should you be evaluating in your security strategy for 2017?

    In this talk, we’ll cover the 360-degree view of becoming quantum resistant. What is a quantum computer? Why will it cause problems for your security systems? How do you use quantum safe security?! How does entering the quantum age impact common tools like TLS, VPN, and PKI, and what are the challenges they’ll face? And most importantly, when do you need to worry?
  • Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing Recorded: Dec 7 2016 49 mins
    Dr. Phil Tully, Sr Data Scientist & John Seymour, Data Scientist at ZeroFOX
    Historically, machine learning for information security has prioritized defense: think intrusion detection systems, malware classification and botnet traffic identification. Offense can benefit from data just as well. Social networks, especially Twitter with its access to extensive personal data, bot-friendly API, colloquial syntax and prevalence of shortened links, are the perfect venues for spreading machine-generated malicious content.

    We present a recurrent neural network that learns to tweet phishing posts targeting specific users. The model is trained using spear phishing pen-testing data, and in order to make a click-through more likely, it is dynamically seeded with topics extracted from timeline posts of both the target and the users they retweet or follow. We augment the model with clustering to identify high value targets based on their level of social engagement such as their number of followers and retweets, and measure success using click-rates of IP-tracked links. Taken together, these techniques enable the world's first automated end-to-end spear phishing campaign generator for Twitter.

    Presenters:
    - Dr. Phil Tully, Senior Data Scientist, ZeroFOX
    - John Seymour, Data Scientist, ZeroFOX
  • Talking to the Board About Cyber Risk – A Metrics-based Approach Recorded: Dec 7 2016 48 mins
    Ariel Evans, CEO, Innosec
    The rise of attacks resulting in huge business losses have brought cyber security into the board room. Prior to the Target breach, the board of directors was not very interested in cyber security. However, things have changed, and we see more and more CISOs reporting into the CRO, CFO, or CEO and not the CIO. Put simply, if you report into the board more than once or twice a year you have to be speaking their language.

    Cyber breaches have impactful results. In 2015, Target’s CEO Gregg Steinhafel, a 35-year employee of the company with the last six at the helm, was forced to resign in light of the recent holiday-season credit-card security breach that affected 40 million customers.

    As a result, we are seeing a major shift in corporate cybersecurity policy. The board of directors is no longer interested in check box compliance. They are understanding their role much better. They are responsible to ensure that cyber controls are in place that protect business assets of the firm in alignment with their risk tolerance.
  • Insider Threats and Critical Infrastructure: Vulnerabilities and Protections Recorded: Dec 7 2016 41 mins
    Lydia Kostopoulos, PhD, Principal Consultant - Cybersecurity (Human Risk), @LKCyber
    As the sophistication of encryption and technical defences rises each year, so do the attacks against the people in organizations. Hence the rise in PICNIC = Problem In Chair, Not In Computer.

    This session gives an overview of the latest insider threats facing critical infrastructures and how they can compromise air-gapped networks. It provides proactive, preventative and defensive measures to manage the risk, and concludes with a discussion of the responsibilities organizations who manage critical infrastructures have to support national security, the well-being of society and economic prosperity.
  • Make 2017 a Year of Countering the Evolving Threat Landscape Recorded: Dec 7 2016 37 mins
    Josh Goldfarb, VP, CTO - Emerging Technologies, FireEye, Inc.
    Tis the season of predictions looking ahead to 2017 and paying lip service to the threat landscape. Not a fan of either of those? You’re not alone. Join FireEye in this BrightTalk webinar where we’ll discuss more than just the threats that may or may not be awaiting us in 2017. We’ll discuss real attacker tactics and techniques, along with how you can actually counter the risk they present.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Know What to Defend Against: Anatomy of a Network Attack
  • Live at: Aug 5 2014 3:00 pm
  • Presented by: Stephen Coty, Chief Security Evangelist, Alert Logic
  • From:
Your email has been sent.
or close