Hi [[ session.user.profile.firstName ]]

Infosecurity 2016: Reasons to be Cynical with Your Cyber Security

- Infosecurity Europe 2016 -

BrightTALK got the chance to catch up with community favourite Jason Steer from Menlo Security for his views on the industry and the current threat landscape.

Jason gave his thoughts on the influence that a potential Brexit could have on UK Cyber Security; information security in the financial sector and how the banks can better protect themselves from threat actors; ransomare and the associated dangers; how to protect yourself from malware; defending the IoT and cyber warfare globally. Lots of topics covered, lots of insights to take away.
Recorded Jun 14 2016 5 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jason Steer, Solutions Architect, EMEA, Menlo Security Inc. & Josh Downs, Community Manager, BrightTALK
Presentation preview: Infosecurity 2016: Reasons to be Cynical with Your Cyber Security

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Golden Chickens: Threat Actor Deep Dive Analysis Jul 17 2019 12:00 pm UTC 60 mins
    Chaz Hobson & Daniel Young, QuoScient GmbH
    Cyber Threat Intelligence (CTI) analysis and investigation is critical to identifying, tracking and efficiently countering threat actors and adversarial techniques. In this webinar, we will dive into the Golden Chickens threat actor family uncovered and show you how to rapidly identify and derive actionable intelligence for this threat actor. In this presentation, you will see:

    In depth overview of this emerging threat actor and their primary targets
    The analytic methodology that led to the uncovering of this threat actor
    Drive this analysis of complex and multifaceted adversaries
    Understand the steps that can be taken to identify and mitigate this and other related threat actors

    Chaz Hobson: Senior Threat Intelligence Analyst, QuoLab
    Daniel Young: IR Lead and Senior Sales Engineer, QuoLab
  • Introducing Adaptive Threat Response Jul 17 2019 10:00 am UTC 60 mins
    Robin Smith CISSP, CISM, CISA – Cyber Security Researcher, Lifeboat Foundation
    This webinar examines the imperative to introduce greater agility into threat response. There are too many orthodoxies dictating cyber standards, limiting an organisations ability to move quickly once threats to standards and services are identified.

    This webinar will provide an insight into new methods for threat response that focus on lean methods to speed responses and deliver an improved security posture for the organisation.
  • Fighting Cyber Crime: Tips, Tools and Tech Jul 16 2019 3:00 pm UTC 60 mins
    Panelists TBA
    According to a recent FBI report, cyber crime cost organizations $2.7 billion in 2018. Business email scams that targeted wire transfer payments accounted for almost half of that.

    How are businesses protecting against cyber crime? What are the best practices when it comes to cyber crime prevention, breach detection and data security in general?

    Join this panel of experts from the industry as they discuss the latest trends in cyber crime and how organizations can get a step ahead of attackers.
    - New in cyber crime
    - Is ransomware still a threat?
    - Biggest priorities when it comes to cyber threat prevention
    - Tips from the front lines of security
    - Tools, technologies and policies that make security professionals' lives easier
  • Prevailing Trends in Cyber Crime Jul 15 2019 3:00 pm UTC 60 mins
    Robin Smith (Rosint Labs), Bob Rudis (Rapid7) + Panelists TBD
    The average cost of a malware attack on a company is $2.4 million, according to Accenture. Organizations need to ensure they are following cybersecurity best practices in order to mitigate risk.

    Join this interactive Q&A panel to learn more about:
    • What’s new on the threatscape
    • The latest hacking tools, strategies and methods and how to protect against them
    • How to implement proactive strategies rather than reactive
    • Recommendations for improving security and steps to take today
  • Evolving Cyber Crimes and its effective counter-measures Jul 15 2019 10:00 am UTC 60 mins
    Ravikumar Ramachandran, Account Security Officer, DXC Technology India
    Join this presentation to learn about the present types of cyber crimes and the scale and efficiency of it and the methods to counter it.
  • [Earn CPE] Executive's Guide to Smarter GRC with Cybersecurity Attack Analytics Jun 27 2019 5:00 pm UTC 75 mins
    Panelists: Sam Abidir, Lockpath; James Rice, Greenlight Technologies; Ilia Sotnikov,Netwrix; and Jason Bonds, Ping Identity.
    Today’s increasing organizational complexity and evolving threat environment have made it more critical than ever for organizations to clearly identify their exposures, measure vulnerability risk, and quickly prioritize remediation efforts. Cyberattacks are often hidden from view under a mountain of alerts generated by security systems, giving attackers time to gain access to systems and seize valuable data.

    To ensure their companies don't end up in the headlines for the wrong reasons, corporate governance, risk management, compliance management and other “lines of defense” functions need to rethink their security strategy and take an approach that looks at behavior and attack patterns. By conecting cybersecurity attack analytics with risk programs and GRC work streams, executives can increase visibility into the overall security risk of the organization which makes the investigation of application security events easy, and enables teams to mitigate and respond to real security threats quickly and decisively.

    Join this CPE panel webinar for insights on achieving smarter GRC with CAA. We will share:

    - Why traditional endpoint security is failing to see and stop attacks.
    - How using attack analytics can stop cyberattacks now and in the future.
    - Efficient ways to analyze events and prevent threats.
    - How to move from looking back to real-time and forward-looking GRC monitoring.
  • [PANEL] Cloud Security Common Sense Tips & Tools Jun 27 2019 5:00 pm UTC 60 mins
    Panelists TBA
    Organizations are increasing their spend on cloud security solutions (up to $12.7 billion by 2023). What are the biggest challenges for businesses when it comes to securing the cloud, the solutions they are increasingly turning to, and the best practices needed to improve security overall?

    Join this panel of experts to learn more about the current state of cloud and what organizations are doing to secure it. Attendees will learn about:

    - Moving to the multi-cloud
    - What's the deal with Infrastructure-as-a-service (IaaS), software-as-a-service (SaaS), and platform-as-a-service (PaaS)
    - Compliance challenges and how to overcome them
    - Common sense tips for cloud security
    - Recommended tools and solutions
    - Words of wisdom from the experts
  • Emerging Data Privacy and Security for Cloud Jun 25 2019 5:00 pm UTC 60 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    Personal data privacy will be the most prominent issue affecting how businesses gather, store, process, and disclose data in public cloud. Businesses have been inundated with information on what recent privacy laws like GDPR and CCPA require, but many are still trying to figure out how to comply with them on a practical level. Many companies are focusing on data privacy from the legal and security side, which are foundational, but are missing the focus on data.

    The good news is that these data privacy regulations compel businesses to get a handle on personal data — how they get it, where they get it from, which systems process it, where it goes internally and externally, etc. In other words, the new norms of data privacy require proactive data management, which enables organizations to extract real business value from their data, improve the customer experience, streamline internal processes, and better understand their customers.

    Join this interactive webinar to learn more about:
    - The latest trends and strategies for securing sensitive data in cloud and the enterprise
    - How to discover and capture your data inventory
    - What’s needed to prevent a data breach by securing your critical data and protect your reputation
  • [PANEL] Breach Protection - Best Practices, Tips and Tools Jun 24 2019 5:00 pm UTC 60 mins
    David Morris | Nick Vigier
    As more and more organizations are getting breached, executives are finally paying attention to cybersecurity and data protection. What are the biggest challenges for businesses when it comes to securing the enterprise?

    Join this panel of experts to learn more about the current state of breaches, how organizations of all sizes are coping, and what CISOs are prioritizing this year.

    Attendees will learn more about:
    - Who is most at risk of being breached
    - How to prevent a breach or minimize its impact
    - How long it takes to detect a breach
    - Best practices for investigation and remediation
    - Words of wisdom from the experts

    - David Morris, Managing Partner, Morris Cybersecurity
    - Nick Vigier, CxO Advisor, Coalfire
  • The New Age of Multi-Factor Authentication Jun 18 2019 4:00 pm UTC 60 mins
    Lysa Myers & Cameron Camp, Security Researchers
    Trying to navigate the stormy seas of multi-factor authentication (MFA) to find the “killer app” both you and your organization can use to bolster security? In this webinar, we look at:

    - The various factors of authentication
    - Factor vs “steps”
    - Considerations in choosing a factor
    - The various technologies that people are using
    - What seems to be working

    Whether you’re pondering Near Field Communication (NFC) ninja tech for your smart phone, or those new biometric doo-dads that verify you based on the smell of your ears (really), we can help you sort out what might work for you and what would be crazy to implement. And as a bonus: this tech will all keep you far safer that your plain old password ever did.
  • How to Operate a DDoS Testing Program Recorded: Jun 13 2019 55 mins
    Murray Goldschmidt, Co-founder & COO, Sense of Security
    Most people associate DDoS with large scale volumetric attacks. This is far from reality. Many organisations subjected to DDoS attacks are therefore unlikely to identify them or mitigate them because they simply don’t know what defences work against the huge range of attack vectors out in the wild.

    DDoS is much more than experiencing degraded performance; and the operational response is as important as the technology in place to attempt to prevent the attack. Unfortunately most vulnerability management program focus on scanning and penetration testing and simulating genuine DDoS attacks is seldom on the agenda. Resilience against Denial of Service should be as prominent in IT Networks as safety is in the automotive or airline industry.

    Have you ever tested your system defences and response capability?
  • IoT Threats & Vulnerabilities in Healthcare Recorded: Jun 12 2019 33 mins
    Jordan Kelly, Senior Managing Director at FTI Consulting
    Cybersecurity affects us all. Malicious actors are constantly scanning vulnerable systems of companies across all sectors, and healthcare organizations are a particularly attractive target. They are often responsible for the safety and security of confidential patient records, which is valuable information for malicious hackers. While the use of innovative technology in healthcare is on the rise, the industry faces tremendous risks from cyber threats due to this growing attack surface and the prevalence of dated medical hardware and software across the supply chain. This session will discuss the IoT threats facing the healthcare sector, as well as strategies for managing and mitigating threats. 

    Join this webinar to learn about:
    - Why the healthcare industry is a highly-targeted industry for cyber attacks
    - What Internet of Things (IoT) technology is and how it’s being leveraged for crime
    - Why legacy medical hardware and software exacerbates IoT-based risks
    - How to manage and mitigate IoT risk in the healthcare sector
  • [PANEL] Best Practices for Minimizing Your IoT Cyber Risk Recorded: Jun 12 2019 63 mins
    Kalani Enos, KEnos Technologies | Michael Goldgof, Barracuda | Nathan Wenzler, Moss Adams
    The Internet of Things is expected to grow to 30 billion devices within the next two years. This means more security and privacy risks that organizations will need to address. Learn how businesses are dealing with their IoT risk, the best practices cybersecurity professionals are recommending, and get the answer to your most pressing IoT security questions.

    Join this interactive panel to learn more about:
    - How the rise of IoT is impacting your organization's security
    - Cybersecurity threats and most common IoT vulnerabilities
    - Assessing your organization's IoT risk
    - Best practices for minimizing your cyber risk
    - Words of wisdom: Steps to better security and what you can do today

    With: Michael Goldgof, Senior Director, Product Marketing, Barracuda
    Kalani Enos Founder & CEO KEnos Technologies LLC
    Nathan Wenzler, Senior Director of Cybersecurity, Moss Adams
  • Protecting Billions of Things: Challenges in exploiting & hardening next- Recorded: Jun 12 2019 42 mins
    Sumanth Naropanth, CEO, Deep Armor
    Internet of Things (IoT) products proliferate the market today. They manifest in different forms – from a pacemaker inside a human body, to an oil and gas rig monitoring device in the remotest locations on the planet. IoT products are usually made up of small hardware devices (gateways and nodes) deployed in the field, supported by much larger software stack in the form of mobile and cloud-hosted applications that complete the product ecosystem picture.

    In our presentation, we discuss threats against industrial and consumer IoT products. We demonstrate how it is possible to use cheap, publicly available hardware and open source software tools to break into Zigbee-style Wireless Sensor Networks to compromise the confidentiality and integrity of IIoT platforms (think, turning life-saving vaccines into lethal chemicals!). On the consumer IoT front, we show - with simple Android applications, how we are able to exploit vulnerabilities in Bluetooth and BLE flows. We conclude with an analysis of why such vulnerabilities occur, and how we can reform existing SDLC practices to make them relevant for next-generation technologies.
  • Keynote: The Break to Build Method Recorded: Jun 11 2019 42 mins
    Ted Harrington Executive Partner, Independent Security Evaluators
    This keynote is designed to address the seemingly overwhelming collection of security concerns with which today’s leaders contend:

    - Do you struggle with designing and implementing a security program that effectively achieves the goals outlined in your security mission?
    - Are you interested in better understanding how hackers think, how they operate, and how to defend accordingly?
    - Do you struggle to know where to invest resources in order to best deliver security to your organization?
    - Are you concerned about your organization suffering a security incident under your watch?
    - Are you seeking more certainty that by investing resources into a given security approach, that investment will deliver the outcomes you seek?
    - Do you have the appetite and capacity for change?

    If any of this describes you, this is the keynote for you! An engaging blend of research-based issue analysis combined with storytelling, this keynote seeks to empower today’s security leaders, teaching attendees how to:

    - Implement a 3-phase action plan, based on years of practical experience in security research and security consulting, designed to help equip leaders to deal with modern attackers.
    - Define and implement a threat model.
    - Differentiate between assessment methods.
    - Understand level of attacker intensity.
    - Challenge conventional wisdom
  • Threat Detection in the age of IoT ATT&CKs Recorded: Jun 11 2019 49 mins
    Carlos Valderrama, SOC Service Manager EMEA, Proficio
    As IoT devices continue to evolve in different ways, connecting (even more) the physical with the cyber world, the adversaries continue to evolve methods for compromising them for different purposes.

    Based on their nature and the tasks they need to perform, the common general characteristics of IoT devices are:

    - They are very minimalistic,
    - They have limited resources,
    - Most of them are battery-based
    - They interact with other devices
    - They are connected to the cloud for different reasons
    - They have special RF protocols

    IoT use cases (as listed below) have a lot of security challenges that haven’t been addresses properly because of the devices’ constrains, the limited budget the contractors have (cause the solutions have to be “cost-effective”) and the priority is always functionality, thus sacrificing security, therefore exposing our society to massive risks.

    - Smart City
    - Smart Manufacturing
    - Autonomous Vehicles
    - Critical Infrastructures

    This is why we need to work on detecting threats in a structured way, taking into account that once attackers access to the IoT network, they won’t have much limitations moving around that network and even jumping to other networks, including IT network. When adversaries compromise IT networks, they are affecting business but when they compromise IoT devices, they can compromise our lives.

    In this webinar I’m going to propose a methodology that can be applied to enhance IoT network security by mitigating IoT cyber risks using MITRE ATT&CK Framework..
  • Mitigating the Risk of IoT – The IoT Cyber Reality Check Recorded: Jun 11 2019 45 mins
    Joseph Carson, Chief Security Scientist & Advisory CISO, Thycotic
    Welcome to the world of IoT (Internet of Things) as more and more devices get connected online. With weak or almost no security these devices can easily become a victim, be turned into a BOT which can then be controlled and used to participate in a DDOS (Distributed Denial of Service) attack like the one that has targeted Dyn bringing popular websites like Netflix, Twitter, Amazon, AirBnb, CNN and the New York Times to their knees and offline. This session walks you through the reality check on the risks and threats that IoT devices introduce to the business and what you can do to reduce the risks.

    - What are the biggest risks from IoT devices?
    - What are the biggest threats from IoT devices?
    - Best Practices in reducing the risks
    - Future of IoT Security
  • Assessing BizTech Risks of adopting IoT Recorded: Jun 11 2019 43 mins
    R Vittal Raj,FCA,CISA,CGEIT,CISM,CRISC, Founding Partner, Kumar & Raj
    Risk agnostic approaches to adopting emerging technologies are eating business for breakfast, IoT too is garnering its fair share! Unlike most other technologies, IoT adds a new dimension of less understood cyber-physical risks.

    This sessions seeks to scratch the surface on strategies for assessing business technology risks in adopting IoT.
  • [PANEL] IoT Security Strategy Best Practices Recorded: Jun 10 2019 42 mins
    Deral Heiland, Rapid7 | Sandy Carielli, Entrust Datacard
    As the world becomes increasingly connected, we have become more vulnerable to IoT threats and attacks. Having a comprehensive and strong security strategy in place is vital to organisational success.

    Join this exclusive panel of industry experts as they discuss:
    - IoT Security Maturity Model
    - Trends in cyber-attacks and breaches affecting the IoT
    - How to proactively prevent breaches and attacks
    - New in IoT Security
    - Security Strategy recommendations for CISOs

    Panelist confirmed:
    - Deral Heiland, IoT Research Lead, Rapid7
    - Sandy Carielli, Director of Security Technologies, Entrust Datacard
  • Proving You Are Secure in the Age of IoT Recorded: Jun 10 2019 41 mins
    Ian Smith, IoT Security Lead, GSMA
    This session will explain how the world’s leading mobile operators are using the GSMA’s IoT security guidelines and assessment process to deliver trusted and robust IoT products and services to their partners and customers.

    The presentation will explain the commercial benefits and long-term value that was realised by following industry best practices, and how IoT companies can overcome security challenges themselves to implement new processes and address IoT security concerns.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Infosecurity 2016: Reasons to be Cynical with Your Cyber Security
  • Live at: Jun 14 2016 1:20 pm
  • Presented by: Jason Steer, Solutions Architect, EMEA, Menlo Security Inc. & Josh Downs, Community Manager, BrightTALK
  • From:
Your email has been sent.
or close