It is no surprise that government agencies face unique challenges as they try to improve efficiency and productivity by providing employees access to data anytime, anywhere on any device.
Watch this webcast, where Kris Ostergard, Chief Architect at Cyber Solutions Group and Douglas Bourgeois, VP End User Computing - Public Sector at VMware, will review the VMware Secure Mobile Workplace (the modernization of the desktop and app infrastructure) and answer the following questions:
•Can you provide all end users with services that deliver agile mission value?
•Will you be able to leverage existing infrastructure investments?
•What are realistic ROI expectations?
•How do you establish a clear path to the future?
RecordedFeb 6 201534 mins
Your place is confirmed, we'll send you email reminders
Professor Michael Mainelli, FCCA FCSI FBCS (Z/Yen Group Limited)
Mutual distributed ledger (MDL) identity schemes could empower people with personal data storage and management, permission frameworks for access by third parties such as banks insurers or governments, and even distributed reputation ratings.
Such applications could reduce financial fraud, costs, and crime, and increase returns, confidence, and security. MDLs are uniquely supportive of controlled distribution and sharing of digitally-signed documentation and could form the backbone to identity and authentication systems worldwide. In fact, some claim that identity authentication infrastructure is the ‘killer app’ for MDLs rather than payments.
While anti-money-laundering/know-your-customer/ultimate-beneficial-ownership processes are arduous for high-net-worth individuals, about 2.4 billion poor people worldwide lack official identification, about 1.5 billion over the age of 14.
This webinar will examine how MDLs might aid both rich and poor.
The traditional security perimeter is proving to no longer be an effective cyber security control and fast growing technologies, such as cloud, mobile and virtualization make the boundaries of an organization blurry.
For many years, organizations have protected their valuable and sensitive information by building a fence around assets, and all of the data that flowed in and out was either via a single internet access point or on physical devices.
This meant that a traditional perimeter was an effective measure as the boundaries were known. As long as the internet access was controlled by the data that flowed through it, it was possible to protect, monitor and control that data.
Organizations protected internet access with firewalls, VPNs, access controls, IDS, IPS, SIEMs, email gateways, and so forth, building multiple levels of security on the so-called perimeter. On physical devices, systems management and antivirus protected those systems and kept them updated with the latest security patches.
This is a traditional security approach, used for nearly 30 years. However, in today’s world it is no longer effective alone. The perimeter has moved and we need to move with it.
During this session, attendees will learn about how identity and access management is evolving fast and becoming the new security perimeter, including:
• Why the traditional perimeter is no longer effective
• What hacker techniques are being used to compromise organizations
• What some governments are doing to protect their citizens
• Technologies that will help create the new cyber security perimeter
Third-party website resources and code play an integral role in the online economy. They enable interactive sites that allow people to transact with their banks; shop online, watch movies or television, share photos, videos, documents and much more. Unfortunately, these resources also represent exploitable infrastructure that sits outside the control of an organisation's IT security team. As a result third party web components have become fertile ground for launching attacks and distributing malware. Addressing this challenge requires looking at security from a new perspective.
In this webinar we will explore the different kinds of third party code that organisations host on their sites along with their security implications. We’ll show how an outside-in approach to security can provide the controls organisations require while at the same time protecting their customers and employees.
Aurélie Perez, Senior Security Consultant at Orange Cyberdefense
Are cybercriminals using the dark web to buy and sell your customer and employee data, intellectual property and malware? Highly specialist expertise, big data tools and Artificial Intelligence are essential to detect and mitigate the threats to your enterprise.
Learn about the techniques used to:
• Conduct undercover surveillance on the dark web to discover mentions of your industry, brand, and data
• Find data from a security breach at your enterprise
• Stop stolen user account credentials from being used to breach trusted systems
• Track emerging exploit kits and vulnerabilities
Mainstream search engines are unable to penetrate and index these hidden parts of the Internet. Access to sites is often restricted to cybercriminals who are recommended by a current member. Meanwhile, the cost of cybercrime is forecast to hit $6 trillion annually by 2021 according to Cybersecurity Ventures. It’s an issue that can’t be ignored.
Jennifer Zientek, Federal Systems Engineer, Palo Alto Networks & David Page, Sr. Sales Engineer, Splunk
Palo Alto Networks + Splunk - Defeat Advanced Threats While Maximizing Visibility, Control and Security of the Network and Applications in the Public Sector.
As cyber attacks become more sophisticated, it becomes increasingly hard for legacy systems to detect threats early enough to prevent loss or damage to sensitive data. With valuable data at risk, organizations need a security platform that correlates data and automatically implements protections. Learn how by combining next-generation solutions, Palo Alto Networks and Splunk can provide the visibility and insight necessary to prevent attacks and keep your organization from becoming the next victim.
Chris Roberts (Acalvio), Andrew Hoog (NowSecure), Nathan Wenzler (AsTech), RJ Gazarek (Thycotic)
Cloudbleed - a major security breach from the web services and security company Cloudflare, may have leaked user passwords and other information to thousands of websites over a period of six months. Join this Q&A session with trusted experts and discover how Cloudbleed may affect you, your organization and the industry as a whole.
- Chris Roberts, Chief Security Architect at Acalvio Technologies
- Andrew Hoog, Co-Founder & CEO of NowSecure
- Nathan Wenzler, Principal Security Architect at AsTech Consulting
- RJ Gazarek, Product Manager at Thycotic
John Bambenek (Fidelis Cybersecurity), Jeffrey Goldberg (Agilebits), Jay Beale (InGuardians)
Cloudflare revealed a serious bug in its software in February, which caused sensitive data like passwords, cookies, authentication tokens to spill in plaintext from websites using Cloudflare Content Delivery Network (CDN).
Join this panel of experts and learn:
- Who is affected by Cloudbleed
- What this means for your organization
- What should you do right away
- How to better protect your data
- John Bambenek, Threat Systems Manager at Fidelis Cybersecurity
- Jeffrey Goldberg, Chief Defender Against the Dark Arts at Agilebits
- Jay Beale, COO of InGuardians
Dan Lohrmann, Chief Strategist & Chief Security Officer at Security Mentor, Inc
As the largest cybersecurity show on the earth, the RSA Conference always offers new products, insights and approaches to securing the latest connected devices. So with more Internet of Things (IoT) devices than ever before hitting the markets, what can be done to secure your corner of cyberspace. Let’s explore what we learned at the RSA Conference in San Francisco this year.
About the Presenter:
During his distinguished career, Dan Lohrmann has served global organizations in the public and private sectors in a variety of executive leadership capacities, including enterprise-wide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan. Lohrmann joined Security Mentor, Inc. in August, 2014, and he currently serves as the Chief Security Officer (CSO) and Chief Strategist for this award-winning training company. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors.
Ross Brewer, VP & MD, LogRhythm & Josh Downs, Community Manager, BrightTALK
Research shows that 76% of companies suffered a data breach in 2016, so it’s now almost inevitable that hackers will gain access to your company and your sensitive data.
Security professionals are now looking to deal with breaches faster, to keep their company off the front page and with heavy GDPR fines on the horizon, they’re wise to do so.
Organisations are fearful of damaging data breaches but unsure of the best course of action to protect themselves from major cyber incidents. Whilst a large per cent of businesses focus on building up perimeter defences, not enough are concentrating on monitoring their own network to detect threats and mitigate them before significant damage is done.
Tune into this in-depth one-on-one interview to discover:
•More about the current threat landscape and the dangers to your organisation.
•How you can reduce the time to detect and respond to threats without adding staff to accomplish the job.
•More about how cutting edge technology can be used such as:
oAdvanced machine analytics, which are key to discovering potential threats quickly.
oSecurity automation and orchestration capabilities, which increase the efficiency of the threat lifecycle management process.
•The influence that GDPR will have and steps you need to take.
John Kindervag, Vice President and Principal Analyst at Forrester
The rising tide of successful cyberattacks against organizations has made it clear that traditional approaches for defining trust levels, stopping lateral movement and enforcing advanced security controls within a data center are no longer effective. The Zero Trust approach advocated by Forrester provides guiding principles for achieving a robust and secure data center security architectures. However, choice of the security platform, design considerations and effective use of advanced security capabilities play a crucial role in implementing a successful Zero Trust enabled data center.
In this webinar, guest speaker John Kindervag, Vice President and Principal Analyst at Forrester will talk about the steps to achieving a Zero Trust data center.
Topics covered in this webinar will include:
- 5 Steps to achieving Zero Trust enabled data centers.
- Extending Zero Trust design principles across hybrid cloud deployments
- Security policy considerations and guidelines for implementing Zero Trust enabled data centers.
Nathan Wenzler, Principal Security Architect at AsTech Consulting
It’s that time of year again: RSA Conference 2017 is upon us. The trends in the security industry are moving more quickly than ever, and the newest methods of preventing cyberattacks have quickly shifted away from solely building walls of defense and into analytics of the data gathered about your network and the way users and attackers use it.
But what about the tried and true methods for thwarting hackers like traditional Vulnerability Management programs? Many organizations have allowed their VM programs to languish and become ineffective because it’s often seen as too old of a technology and too difficult to make successful.
But that’s only because they’ve really never done it right.
Join Nathan Wenzler, Principal Security Architect at AsTech Consulting, to learn why Vulnerability Management is still a critically key component to a successful security program.
This discussion will highlight:
- The issues that lead companies to ignore their VM programs
- Real-world examples and case studies of solutions you can use to resurrect one of the best tools in your security arsenal
About the Presenter:
Nathan Wenzler is the Principal Security Architect at AsTech Consulting, a leading information security consulting firm. Wenzler has nearly two decades of experience designing, implementing and managing both technical and non-technical solutions for IT and Information Security organizations.
The National Credit Union Administration (NCUA) requires every credit union to protect their members’ personal, private data. But with a host of mandates and a range of technology options, where should credit union IT administrators begin? Encryption and key management can address a number of the requirements set out in these guidelines. Together they can help credit unions become compliant and can keep customer data safe.
Join our live webinar "Navigating the National Credit Union Administration (NCUA) Privacy Guidelines:
Securing Customer Records with Encryption and Key Management" on February 7th to learn about:
•Which specific guidelines concern customer information at rest and in transit
•How encryption and key management addresses these requirements
•The benefits of a centralized encryption management
Dr. Branden Williams; Smrithi Konanur, HPE Security; Kevin Eberman, Mineraltree; Asma Zubair, WhiteHat Security
In today’s digital landscape, it’s much easier for criminals to access sensitive payment card data, not only gaining direct access to a consumer’s available funds, but also their personal identity. With cyber attacks becoming much more advanced, the PCI DSS standard has been forced to adapt to address these new threats.
However, PCI compliance is something that any organization can successfully achieve. The requirements of PCI DSS are clear, but it takes work to accomplish compliance across an organization. On this webinar our panel will discuss some best practices, and solutions that provides your business with an easy, cost effective and highly automated way to achieve compliance with PCI DSS in 2017.
Tom Gorup, Director of Security Operations at Rook Security
With the growing number of newly-released, longtime-funded automation tools and platforms, it’s clear that network security operations automation has reached an inflection point. While automation promises to provide significant value to security and network operations teams, along with hopes and promises comes concerns about limitations, potential failures, and critical oversights—especially when it comes to automating incident response. These limitations don’t stem from a lack of APIs, compute power, or the advancement of machine learning or artificial intelligence, but rather from the tools that are doing the detection, notification, and remediation.
Security operations expert Tom Gorup addresses short- and long-term automation challenges and provides analysis on why investments should be focused on arming people with more assistive technology, rather than attempting to remove humans from the equation entirely.
About the Presenter:
As Director of Security Operations for Rook Security, Tom Gorup oversees Managed Security Services and develops proprietary security operations management tools and services for organizations ranging from Fortune 100 firms to fast-growing startups. Prior to joining Rook, Tom served 6 years in the U.S. Army. As an Infantry Squad Leader, Tom served two tours in Iraq and Afghanistan, where he received a Purple Heart alongside several other awards for actions on the battlefield. Tom is GCIA certified, a participant in the GIAC mentor program and advisory board, Indiana Infragard Sector Specialist, and on the NexTech advisory board.
John Bambenek, Threat Systems Manager, Fidelis Cybersecurity
Those defending against cyberattacks are overwhelmed by the shear volume of incidents to respond to. It is so bad that it has been said there may be as many as 1 million unfilled cybersecurity jobs. Machine learning and automation is often heralded as a way to deal with this problem so that many incidents can be dealt with requiring pressing a button. While there is much promise is machine learning there are also many perils that need to be considered. Attackers know how we defend ourselves and they do use our defenses against us.
This talk will cover some of the open-source tools and techniques available for organizations to use to defend themselves while keeping in mind how attackers could undermine our efforts.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.
Secure Mobility in the Federal GovernmentDouglas Bourgeois, VP End User Computing Public Sector at VMware and Kris Ostergard, Chief Architect at Cyber Solutions Group[[ webcastStartDate * 1000 | amDateFormat: 'MMM D YYYY h:mm a' ]]34 mins