Hi [[ session.user.profile.firstName ]]

Risk-based Security: Having the Right Security in the Right Place

-- Middle East CISO of the Year -- Global CISO of the Year Runner Up --

An overall deep level analysis of why it is important to go back to basics, and basics of risk based approach towards information security. The session will be covering the current and historical state of information security, its challenges, and the way to get the right security for any organisation. Risk based approach, frameworks, high level steps, cost-benefit analysis, prioritisation of corrective measures based on risk categories, and presenting the information security plans to executive management based on a risk based approach. This is extremely key, when the organisational perimeters are not physical anymore, and organisational boundaries cannot be clearly defined within a firewall or a router, due to the adoption of new technologies and solutions like cloud, big data, mobiles etc.
Recorded Jan 19 2016 49 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Illyas Kooliyankal (Middle East CISO of the Year), CISO, ADS Securities
Presentation preview: Risk-based Security: Having the Right Security in the Right Place

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Trends in Cyber Attacks and Breaches Dec 11 2018 1:00 pm UTC 45 mins
    Steve Durbin, Managing Director, ISF LTD
    As the scale, sophistication, and targeting of cyber-attacks increase, organisations need to manage risk in ways beyond those traditionally handled by the information security function.

    In this webinar, Steve Durbin, Managing Director at the ISF will offer his insights into how security and business teams across the entire organisation can work together to minimise the impact of a breach, in order to protect organisations from damaging shareholder value and business reputation.


    About the presenter

    Steve Durbin is Managing Director of the Information Security Forum (ISF). His main areas of specialism include strategy, information technology, cybersecurity and the emerging security threat landscape across both the corporate and personal environments.
  • Security in the Golden Age of Cloud Oct 23 2018 12:00 pm UTC 45 mins
    Steve Durbin, Managing Director, ISF LTD
    Demand for cloud services continues to increase as the benefits of cloud services change the way organisation manage their data and use of IT.

    However, while these services can be implemented quickly and easily, with increased legislation and data privacy, the threat of cyber theft is on the increase and organisations must have a clear understanding of where their information is stored and how reliant these services are.

    In this webinar, Steve Durbin, Managing Director of the ISF will discuss the risks associated with cloud computing and how to manage them, as well as how to maximise the benefits.

    About the presenter

    Steve Durbin is Managing Director of the Information Security Forum (ISF). His main areas of specialism include strategy, information technology, cybersecurity and the emerging security threat landscape across both the corporate and personal environments.
  • Beyond the Breach: Recommendations for Effective Response Sep 19 2018 5:00 pm UTC 60 mins
    Heather Stratford-Geibel (Stronger.tech) | Sushila Nair (NTT DATA)
    Discover the latest trends in cyber crime, your organization's vulnerabilities, and how to go about preventing, detecting and responding to a breach.

    Join this interactive Q&A panel with top security experts across the ecosystem to learn more about:
    - Trends in breaches and cyber attacks
    - What to do (and not to do) after a breach
    - What's new on the threatscape
    - Best practices and recommendations for improving your security posture

    Speakers:
    - Heather Stratford-Geibel, CEO of Stronger.tech
    - Sushila Nair, Sr. Director, NTT DATA Services
    - Others TBA
  • [Earn 1 CPE] Compliance vs Risk: Aligning Priorities & Prioritizing Threats Sep 18 2018 5:00 pm UTC 75 mins
    Stephen Boyer, CTO & Co-Founder, BitSight
    Compliance is a fundamental pillar to effective risk management at any company. However, simply complying with laws and regulations without considering the broader threat landscape can result in disaster. Certainly, a balance between compliance and risk is necessary. Ensuring compliance represents an organization's starting point, not the endgame, should be a priority.

    In a dynamic threat environment, forward-thinking organizations have concluded that the goal of total protection is elusive and that a risk-based approach to governance and management of cybersecurity is necessary. That is easier said than done, as the way most information security professionals measure risk today fails to quantify threats in terms the business can understand and use. In this CPE accredited webinar, our panel of experts will discuss:

    - Aligning risk and compliance metrics and controls across functional domains.
    - Benchmarking existing process for managing the risks identified by stakeholders.
    - Creating a transparent 'system of record' and collaborative process life-cycle management system.
    - Prioritizing control efforts accordingly.
    - Aligning compliance investments with compliance risk ratings and business priorities.
  • A Data Breach Prevention, Detection & Response Strategy to Combat Today' Threats Sep 18 2018 12:00 pm UTC 45 mins
    Nick Frost, Principal Consultant, ISF LTD
    With the ever-increasing frequency and sophistication of security threats to organisations, business leaders need to have a comprehensive data security strategy to protect themselves. Information security practitioners have to think and plan beyond existing protection capabilities that are aimed at preventing threats only. Today's cyber security strategies need to protect an organisations mission critical assets in a way that is:

    ‒ balanced, providing a mixture of informative, preventative and detective security controls that complement each other
    ‒ comprehensive, providing protection before, during and after threat events materialise into security incidents
    ‒ end-to-end, covering the complete information life cycle.

    This will enable organisations to match the protection provided with the sophistication of threats to such mission critical information assets. This webinar will look at past and present models and share ideas on how organisations can ‘future proof’ their strategies to combat next generation threats.

    In particular in this webinar, Nick Frost, Principal Consultant at the ISF will discuss what actions can be taken to identify your most critical information assets, and how a modern day cyber security model needs to focus on prevention and detection of a data breach, and how to respond to a breach in order to reduce damage to brand and reputation.
  • GDPR 101: Managing Data Risk & Maintaining Compliance Aug 28 2018 5:00 pm UTC 75 mins
    Kelley Vick, IT GRC Forum, Dr. Branden Williams, MUFG Union Bank; TrustArc.
    The European Union’s new General Data Privacy Regulation (GDPR) came into force on May 25th, and began immediately reshaping the digital universe. According to IDC's 2017 GDPR Readiness Survey, 80% of companies were not prepared, and tech giants have already been sued for violating the terms, while major newspapers have been forced to restrict EU access to their websites for fear of noncompliance. Now two months after deadline, it's clear that large scale enterprises and their employees, are still not sure about what they need to do to comply.

    In this CPE accredited webinar, our panel of experts will discuss how to adhere to the GDPR and boost the security and compliance foundations of your organization by managing the data risk.

    Learning Objectives:

    - Find out what your organization needs to uncover data risks and avoid fines.
    - Discover the latest techniques to protect data and remediate breaches.
    - Learn how handle data in cloud and ensure only the right people have access.
    - Clarify the requirements for your enterprise to become compliant with GDPR.
  • [Ep.18] Founders Spotlight: Paul Kurtz, Co-founder & CEO of TruSTAR Aug 21 2018 5:00 pm UTC 45 mins
    Paul Kurtz, Co-founder & CEO of TruSTAR
    This webinar is part of BrightTALK's Founders Spotlight Series, where each week we feature inspiring founders and entrepreneurs from across industries.

    In this episode, Paul Kurtz, an internationally recognized expert on cybersecurity and the co-founder and CEO of TruSTAR Technology, will share his insight and expertise into the threat intelligence and security industry.
    - What it means to found and run a security start up
    - Where is the industry headed in the age of cyber attacks and high-profile breaches
    - How to scale and grow a business in this hi-tech industry

    Paul will be taking questions from the live audience so this session will be an excellent opportunity for any entrepreneurs or security professionals out there to have their questions answered.

    About the Speaker:
    Paul began working on cybersecurity at the White House in the late 1990s. He served in senior positions relating to critical infrastructure and counterterrorism on the White House's National Security and Homeland Security Councils under Presidents Clinton and Bush. After leaving government, Paul has held numerous private sector cybersecurity positions including founding the Cyber Security Industry Alliance (Acquired by Tech America), Executive Director of SAFECode, Managing Partner of Good Harbor Consulting in Abu Dhabi, and CISO of CyberPoint International.

    Paul’s work in intelligence analysis, counterterrorism, critical infrastructure protection, and non-proliferation of weapons of mass destruction influenced his approach to cybersecurity. Specifically, the fields highlighted the need to build an exchange platform which addresses barriers to sharing information--bureaucratic, legal, and market risk and concerns--while providing immediate value to operators defending networks.
  • The SNIA Persistent Memory Security Threat Model Aug 21 2018 5:00 pm UTC 75 mins
    Doug Voigt, Co-Chair, SNIA NVM Programming TWG and Distinguished Technologist, HPE
    What new security requirements apply to Persistent Memory (PM)? While many existing security practices such as access control, encryption, multi-tenancy and key management apply to persistent memory, new security threats may result from the differences between PM and storage technologies. The SNIA PM security threat model provides a starting place for exposing system behavior, protocol and implementation security gaps that are specific to PM. This in turn motivates industry groups such as TCG and JEDEC to standardize methods of completing the PM security solution space.
  • [Webcam Panel] Trends Discussed at Black Hat 2018 Aug 15 2018 5:00 pm UTC 60 mins
    Charles Tendell (The Charles Tendell Show) | Eddie Lamb (6point6) | Other Panelists TBA
    Join this post-Black Hat panel as we look at the biggest trends and cyber threats covered during the Black Hat Conference 2018 in Las Vegas.

    Tune in for an interactive Q&A panel with industry experts across the security ecosystem as they discuss:
    - What are the biggest threats to security in 2018?
    - Key steps to take today to better secure your critical data assets
    - Top technological advancements powering security
    - CISO strategy in the age of breaches

    Speakers:
    - Charles Tendell, Renown Cybersecurity Expert, Certified Ethical Hacker & Host of "The Charles Tendell Show"
    - Eddie Lamb, Managing Director, Cyber Security at 6point6
    - Other Panelists TBA

    The session is being brought to you in partnership with ITSPmagazine.
  • How to Manage Cyber Risks in a Regulatory Environment with Security Analytics Aug 14 2018 3:00 pm UTC 45 mins
    Ashwin Chaudhary, Accedere Inc
    With increased security and privacy regulations such as the new EU GDPR, it is becoming more important to reduce the dwell time of incidents to be able to report those breaches in the required time. For example GDPR requires you to report them in 72 hours.

    In this webinar, we will discuss how Security Analytics can help you do that including getting you ready for preventing, detecting and responding to breaches.

    Join us to know how Security Analytics as a Service can give you a better insight to your threats as well as optimize your compliance costs.
  • [Webcam Panel] What to Expect at Black Hat 2018 Jul 31 2018 5:00 pm UTC 60 mins
    Sean Martin (ITSPmagazine) | Eddie Lamb (6point6) | Other Panelists TBA
    Join this panel of industry experts as they share their experiences and thoughts on one of biggest security conferences in the world, Black Hat in Las Vegas, along with their expectations from this year's event.

    Tune in for an interactive Q&A panel with some of the biggest names in infosecurity to learn more about:
    - What can security professionals learn during Black Hat / DEF CON week
    - Must-attend events and why
    - What's new on the cyber threatscape
    - Advances in technology
    - AI: Hype vs Reality
    - Common sense advice for CISOs
    - How to keep your employees cyber safe

    Speakers:
    - Sean Martin, Co-Founder and Editor-in-Chief, ITSPmagazine
    - Eddie Lamb, Managing Director, Cyber Security at 6point6
    - Other Panelists TBA

    The session is being brought to you in partnership with ITSPmagazine.
  • [Earn 1 CPE] Post-GDPR: Key Steps to GRC Integration Jul 26 2018 5:00 pm UTC 75 mins
    Colin Whitaker, Informed Risk Decisions; Sooji Seo, RSA; Quin Rodriguez, Riskonnect; Gabriel Gumbs, STEALTHbits.
    Data protection laws such as the General Data Protection Regulation (GDPR) are complex, and can impact a broad range of business roles, including legal, audit, HR and finance, not just IT. In achieving GDPR compliance, organizations should focus on getting these roles to work together in ongoing efforts to ensure governance, risk and compliance (GRC) across an organization, and not be distracted by the noise in the marketplace. Through the process of integrating GRC practices real value can be achieved, as long as all stakeholders work with one another and take practical, measured steps toward integration. Join our panel of experts on this CPE accredited webinar to learn how your organization can achieve this.

    Learning Objectives

    - Find out how to align risk management with enterprise performance management under the GDPR.
    - Learn how to work with stakeholders to effectively integrate compliance activities, and gain transparency, efficiency and agility for process operations.
    - Discover how to identify and manage the digital risks that matter, and which risk functions need to transform.
  • Threat Hunting - An Indepth Explaination Jul 23 2018 4:00 pm UTC 60 mins
    Lance James, Andrew Johnston and Ulf Mattsson
    Threat Hunting is a complicated and often misunderstood cybersecurity activity that if properly used can add tremendous value to your cybersecurity posture.

    In this session you will learn:
    What is Threat Hunting?
    When do I use it?
    What will it tell me?
    How do I use it?
  • Zero to Hero: Blissfully Ignorant to Risk Focused Jul 19 2018 9:00 pm UTC 60 mins
    Casey Reid, Principal Security Engineer, Tenable
    Innovation is the key to survival in today's Digital economy. Providing fresh content in new ways to broader markets is expanding the attack surface. The adoption of DevOps, cloud proliferation and enterprise IoT has added significant challenges to understanding your Cyber Risk.

    In this webinar Casey Reid, Principal Security Engineer at Tenable will talk about:
    - Why there no such thing as "Secure"
    - How the "Race to Zero" is killing your productivity and increasing your Cyber Risk
    - How "Chasing the Zero Day" could be a big waste of time
    - What it takes to be Risk focused: Going from Zero to Hero

    About the Speaker:
    Casey Reid is a Principal Security Engineer at Tenable, responsible for helping enterprise customers reduce their Cyber Exposure and strengthen their Vulnerability Management program. He is an energetic, outspoken, problem solver and hobby hacker with over 15 years of diverse technical experience. When he's not learning new technologies or hacking in his lab, he is competing at local CrossFit competitions and Obstacle Course Races such as the World's Toughest Mudder.
  • Trends in Security Analytics & Threat Intelligence Jul 17 2018 9:00 pm UTC 60 mins
    Anupam Sahai (Cavirin) | Setu Kulkarni (WhiteHat Security) | Yiyi Miao (OPSWAT)
    Discover the trends in security analytics technology and how leveraging threat intelligence can help organizations on their journey to cyber resilience.

    Join this interactive Q&A panel with top security experts across the ecosystem to learn more about:
    - What's new on the threatscape
    - How to leverage security analytics to investigate and hunt modern threats
    - How cyber threat intelligence helps organizations understand their risk of external threats
    - CISO recommendations for improving security

    Speakers:
    - Anupam Sahai, Vice President of Product Management, Cavirin
    - Setu Kulkarni, VP Product & Corporate Strategy, WhiteHat Security
    - Yiyi Miao, VP Products, OPSWAT
  • Best Practices for Securing Your Enterprise Jul 17 2018 12:00 pm UTC 60 mins
    Sushila Nair (NTT DATA Services) | James Felix Ignacio
    Cybercriminals are constantly innovating ways to infiltrate your organization, and steal your valuable data. With an ever expanding attack surface, security professionals are struggling to secure the enterprise.

    Join this roundtable discussion with top security experts to learn more about:
    - What's new on the cyber threat landscape
    - Why cyber threat intelligence Is more critical than ever
    - How to prevent and protect against breaches
    - What tools and approaches should security teams use
    - Why network visibility and actionable data about attackers is key
    - Best practices and expert recommendations on improving your enterprise security

    Speakers:
    - Sushila Nair, Sr. Director, NTT DATA Services
    - James Felix Ignacio, Founder & CEO, JFI Cyber Solutions
    - Others TBA
  • [Earn 1 CPE] Practical Steps to Scale Your Vendor Risk Management Program Jun 26 2018 5:00 pm UTC 75 mins
    Rebecca Herold. Panel: Jake Olcott, BitSight; Todd Boehler, ProcessUnity; Matt Kunkel, LogicGate; Scott Schneider, CyberGRX.
    As organizations rely on third parties to grow and thrive, they’re exposed to major cybersecurity risks. Mitigating this risk means confronting the potential security vulnerabilities that are present in your third party network, but traditional vendor risk management (VRM) methods are no match for modern threats. According to Deloitte 83% of today’s business leaders lack confidence in third party VRM processes.

    Join our panel of experts on this CPE accredited webinar to learn how your organization can create a VRM program that’s ready and able to stand up to today's third party threat landscape.

    Learning objectives:

    - Find out why traditional vendor risk management programs don’t work
    - Learn how to perform quantifiable vendor security analyses
    - Discover how to build a scalable VRM program
  • Increasing Cyber Workforce Diversity Recorded: Jun 20 2018 64 mins
    Max Shuftan, Jessica Gulick and other panelist
    Join this webinar to hear from past students and current champions discuss how the SANS CyberTalent program is changing lives and closing the workforce gap. The cybersecurity workforce gap can be partly solved through increasing diversity. Organizations like SANS CyberTalent and the WSC are reaching into communities throughout Maryland and the US searching for professionals with technical appitude but new to cybersecurity.

    These academies are designed to help qualified veterans and women receive training and certifications to quickly and effectively launch careers in cybersecurity. The Immersion Academy is an intensive, accelerated program designed for completion in six to eight months, depending upon program selected. The program is at NO COST to the students selected.


    Come listen to learn:
    • What the selection process includes and important application tips
    • Understand what kind of training is provided (length and format)
    • Hear from a recent graduate who will share her experience
    • How this training academy and related certifications can help your career
  • PCI Dream Team: Ask Us Your Toughest Questions [Part 4] Recorded: Jun 15 2018 60 mins
    Ben Rothke | David Mundhenk | Jeff Hall | Arthur Cooper
    With hundreds of different requirements, the various Payment Card Industry (PCI) standards can be overwhelming. While the PCI Security Standards Council has provided lots of answers, the devil is often in the details. Our panelists are some of the top PCI QSA’s in the country, with decades of combined PCI and card processing experiences. They’ve seen it all: the good, bad and ugly; and lived to tell the tale.

    Join Ben Rothke, David Mundhenk, Arthur Cooper, and Jeff Hall for an interactive Q&A session, and get answers to your most vexing PCI questions. No PCI question is out of bounds.

    Speakers:
    - Ben Rothke, Principal Security Consultant at Nettitude
    - David Mundhenk, Senior Security Consultant at Herjavec Group
    - Jeff Hall, Principal Security Consultant at Optiv Security
    - Arthur Cooper "Coop", Senior Security Consultant at NuArx
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Risk-based Security: Having the Right Security in the Right Place
  • Live at: Jan 19 2016 4:00 pm
  • Presented by: Illyas Kooliyankal (Middle East CISO of the Year), CISO, ADS Securities
  • From:
Your email has been sent.
or close