Hi [[ session.user.profile.firstName ]]

Infosecurity 2016: How can the Banks Improve their Cyber Security?

- BrightTALK at Infosecurity Europe 2016 -

BrightTALK got the chance for a quick chat with BrightTALK favourite and industry luminary Steve Durbin, Managing Director of the Information Security Forum.

Steve discussed key hot topics such as the Brexit debate and how it'll influence European cyber security along with how the secure and protect the IOT and critical infrastructure in the face of new technological developments.

Steve also covered compliance, with the new GDPR regulations and finally how to better protect the worlds's banks from persistent cyber threats from the world's cyber criminals.
Recorded Jun 14 2016 5 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Steve Durbin, MD, ISF & Josh Downs, Community Manager, BrightTALK
Presentation preview: Infosecurity 2016: How can the Banks Improve their Cyber Security?

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • [VIDEO] Man & Machine: Analytics as a Defence Against Advanced Cyber Threats May 24 2017 1:00 pm UTC 30 mins
    Ross Brewer, vice president and managing director EMEA, LogRhythm & Josh Downs, Senior Community Manager, BrightTALK
    As technology advances, so does the threat landscape, with cyber criminals effectively exploiting weak points on an almost daily basis. When malware infiltrates an organisation’s first layer of defence, it can spread quickly throughout the network, exposing data and weakening security - and in most cases this happens faster than analysts or administrators have time to react to. Indeed, with reams of data being generated and transferred over networks, organisations are having a hard time monitoring everything, which means potential threats can easily go unnoticed.

    Organisations need to rely on machines to detect and respond to threats more quickly and efficiently. Even enterprises with a dedicated security team that monitors the latest security threat trends and understands the blueprint of evolving attack vectors still need to continuously monitor all network activity. The sheer volume of processes, services and applications running on a corporate network is just too much for human beings to monitor alone. However, this doesn’t mean that human analysis is not important.

    User and entity behavioural analytics (UEBA) is essential in keeping up with continuously evolving threats and making sense of anomalous network behaviour. Security approaches that utilise both machine learning and human analysis enable all threats to be analysed for effective detection and response, ensuring all data is accounted for and including the human element to help reduce the opportunities for false positives. To keep up with the ever-changing security landscape, companies need to integrate internal and external threat context in their environment by updating processing rules for operating systems, applications, and network devices in order to strengthen the accuracy of real-time machine analytics.
  • Strategies for Effective 3rd Party Risk Management May 23 2017 5:00 pm UTC 60 mins
    Scott Roller, Founder of 3WP; Rebecca Herold, Privacy Professor; Sam Kassoumeh, SecurityScorecard. James Christiansen, Optiv.
    The challenges that organizations face today are increasingly more complex than in the past. The constant change of the global economy, dynamics of business risks and opportunities, and an increased threat of cyber-attacks add complexities we’ve never faced. As organizations rely on more and more third parties to grow and thrive, they’re exposed to higher levels of risk, and regulators are focused on the need for organizations to manage 3rd party risk more effectively.

    Manual processes, silos in contract administration, and technology and resource constraints can all lead to significant errors in the third party supply chain that leads to violation of privacy guidelines and security breaches, which cause substantial fines, penalties, and damage to brand value. On this webinar our panel of experts will discuss the risks and repercussions associated with third party contract management shortcomings, common gaps in third party contract management processes, examples of how new solutions and technologies can help organizations optimize their third party processes, and effective strategies for managing 3rd Party Risk.
  • GDPR: Global Implications of EU Legislation May 23 2017 3:00 pm UTC 60 mins
    Jonathan Armstrong, Cordery & Nima Baiati, Absolute
    Enforcement of the EU General Data Protection Regulation (GDPR) is looming, giving you less than 12 months to prepare. And it has major implications for every organization that processes EU personal data – regardless of where they are based.

    With the cost of non-compliance set at an astronomical 4% of global annual revenue – not to mention damage to reputation – the time to protect yourself is now.

    On May 23rd, join Absolute’s data protection experts alongside leading technology and compliance lawyer Jonathan Armstrong, as they share practical insights on the global implications of GDPR. Register today and learn:

    • GDPR compliance – what’s required and what’s at stake
    • Organizational steps you need to take now to avert disaster
    • The best security approaches to ensure compliance and protect your data – and your brand
  • Don’t let Smartphones Kill your PKI Security Strategy May 23 2017 3:00 pm UTC 60 mins
    Gregory Vigroux, Enterprise Mobility Expert at Gemalto
    Half of businesses admit security is their biggest concern to increasing user mobility. Securing enterprise mobility has been an ongoing and arduous topic for IT security professionals. Maintaining high-assurance security, while offering access to company resources to an on-the-go workforce has become a balancing act. So much so, a third of businesses actually prevent employee access to company resources via mobile. This is likely not a long term or sustainable solution to the problem.

    So how do you find a compromise that won’t kill your security strategy? There are currently many technologies from derived credentials to mobile PKI. IT professionals are feeling the pressure to find a viable, user friendly, easy-to-deploy and secure options. In this webinar, we will discuss the current solutions in-depth and how they impact your current IT security policies. Attendees will learn more about:
    -Software-based security versus hardware-based security
    -How this impacts your back-end systems
    -Technology such as derived credentials and mobile PKI
    -Implementing a mobile PKI solution
  • WannaCry Ransomware: Why Kill Switches Will Not Protect You Recorded: May 22 2017 35 mins
    Mounir Hahad, Sr. Director of Cyphort Labs
    The world is experiencing a ransomware attack like no other. While the wave of infections was spreading from East to West, a kill switch was identified that slowed the campaign considerably. Then another kill switch was needed, then another. Against popular belief, these kill switches are only effective against the original strain of the malware. In this presentation, we will review a variant without a registerable web site kill switch and how to protect against it.

    Join this webinar and ask your most pressing WannaCry questions.

    About the Presenter:
    Mounir Hahad, Ph.D. is Sr Director at Cyphort, a Security Analytics company headquartered in Santa Clara, CA. Mounir is the head of Cyphort Labs, the group responsible for conducting threat research within Cyphort and driving detection enhancements for Cyphort’s Advanced Detection Fabric which uses behavioral analysis along with machine learning to detect advanced threats and correlate those incidents with ingested information from third party solutions. Mounir holds a Ph.D. in computer science from the University of Rennes. Prior to Cyphort, Mounir held various engineering management positions with Cisco’s Security Technology Group and with IronPort Systems.
  • Google Docs Worm - Facts, Resolution & Why This Scam Will Happen Again Recorded: May 19 2017 41 mins
    Travis Smith (Tripwire), Cameron Naghdi (Malwarebytes), Filippo Valsorda (Cloudflare)
    Attacks like the Google Docs phishing scam that swept across the internet in early May showed a level of sophistication above regular phishing scams. More importantly, it will likely happen to other online services, thanks to a common login mechanism that is used by hundreds of websites.

    Join this panel of security experts as they discuss:
    - The nuts and bolts of the Google Docs worm
    - How it was resolved
    - What to expect in the future
    - How to avoid becoming a victim to phishing scam: What to look out for and what NOT to do

    Speakers:
    - Travis Smith, Principal Security Researcher at Tripwire
    - Cameron Naghdi, Sr. Security Engineer at Malwarebytes
    - Filippo Valsorda of the Crypto Team at Cloudflare
  • Detecting Insider Threats: Lessons from the Front Line Recorded: May 19 2017 44 mins
    Brian White (RedOwl) & Mark Kelton (ex-CIA)
    Join us for this rare opportunity to hear Mark Kelton, a former senior CIA official, who concluded his career as Deputy Director of the National Clandestine Service for Counterintelligence, discuss the insider threat.

    Mr. Kelton led the unit that protected the Nation’s most closely guarded secrets – and by virtue of his experience overseeing the Intelligence Community’s “Gold Standard” Insider Threat Detection program, Mr. Kelton has comprehensive expertise in the detection, investigation and mitigation of Insider Threats.
  • Securing Fintech: Threats, Challenges & Best Practices Recorded: May 18 2017 60 mins
    Ulf Mattsson, CTO Security Solutions at Atlantic BT
    Cyber attacks have increased in frequency and severity, and financial institutions are particularly interesting targets to cyber criminals. Join this presentation to learn the latest cybersecurity threats and challenges plaguing the financial industry, and the policies and solutions your organization needs to have in place to protect against them.

    Viewers will learn:
    • Current trends in Cyber attacks
    • FFIEC Cyber Assessment Toolkit
    • NIST Cybersecurity Framework principles
    • Security Metrics
    • Oversight of third parties
    • How to measure cybersecurity preparedness
    • Automated approaches to integrate Security into DevOps

    About the Presenter:
    Ulf Mattsson is the Chief Technology Officer of Security Solutions at Atlantic BT, and earlier at Compliance Engineering. Ulf was the Chief Technology Officer and a founder of Protegrity, He invented the Protegrity Vaultless Tokenization, Data Type Preservation (DTP2) and created the initial architecture of Protegrity's database security technology. Prior to Protegrity, Ulf worked 20 years at IBM in software development and in IBM's Research organization, in the areas of IT Architecture and Security, and received a US Green Card of class ‘EB 11 – Individual of Extraordinary Ability’ after endorsement by IBM. Ulf is the inventor of more than 45 patents in the areas of Encryption, Policy Driven Data Encryption, Internal Threat Protection, Data Usage Control and Intrusion Prevention.
  • Exploit Kits: Getting in by Any Means Necessary Recorded: May 18 2017 50 mins
    Scott Simkin, Senior Threat Intelligence Manager, Palo Alto Networks
    By understanding the inner workings of exploit kits, you’ll be better equipped to protect your organization from them. Join Scott Simkin from Unit 42 as he breaks down how today’s attackers are automatically exploiting vulnerabilities in common systems.

    You’ll learn about:

    - Why exploit kits are increasing in popularity
    - The process for launching exploit kit campaigns
    - How to defend your organization from exploits
  • Ransomware in the Age of Wannacry: What Fintech Needs to Know Recorded: May 18 2017 45 mins
    John Bambenek, Threat Systems Manager at Fidelis Cybersecurity
    This past week we saw the emergence of a worm-based ransomware attack in wannacry that showed us how damaging these attacks can be to critical services society relies on.

    This presentation will cover the recent wannacry attacks and what we have learned from them. In addition, we'll discuss the evolution of ransomware in recent years, focusing on attacks targeted against enterprises and so-called "high-interaction" ransomware attacks. Attendees will also be given a path forward of protecting their institution. A discussion of the renewal of Business Continuity and Disaster Recovery as a result and what this means for fintech going forward.

    About the Presenter:
    John Bambenek is Manager of Threat Intelligence Systems at Fidelis Cybersecurity and an incident handler with the Internet Storm Center. He is also a faculty member of the Department of Computer Science at the University of Illinois where he teaches courses in cybersecurity. He has been researching security threats and criminal organizations for 17 years and coordinating with US and foreign law enforcement entities to help bring criminal actors to justice.
  • Real-time Threat Hunting - 451 Research Trends & Security Analytics Recorded: May 18 2017 58 mins
    Jason Stamper, Analyst, 451 Research and Eric Tran-le, CMO, Logtrust
    Every day, organizations are impacted by cyber-attacks. Misleading indicators, complex security incidents, and evolving intruder patterns require new threat intelligence and analytics. With millions of data to analyze, every second counts - augment your security tools with real-time threat hunting capabilities and new research insights.

    Join experts Jason Stamper, Analyst for 451 Research, and Eric Tran-le, CMO for Logtrust, as they affirm how essential real-time threat hunting is for cybersecurity teams, and share new insights and tools for combatting attacks.

    • Learn new trends in machine data analytics from 451 Research
    • Pinpoint cybersecurity attacks and unusual behavior
    • Visualize an attack graph
    • Detect intruder paths and potential vulnerabilities
    • Leverage a single source of truth
  • Trends in Fintech Security - Mobile Payment Apps, Risks & Cybersecurity Recorded: May 18 2017 75 mins
    Ted Eull (NowSecure), JP Bourget (Syncurity), RJ Gazarek (Thycotic), Jason Kent (AsTech)
    Fintech may still be in its early stages, but it's seen tremendous growth and is expected to see global investments exceed $150 billion in 2017. With the proliferation of mobile apps, cybersecurity is extremely important. Trust is a key difference maker for customers, so fintech companies need to ensure that their sensitive client information stays secure.

    Join this panel roundtable of cyber security experts as they discuss:
    - The top cyber threats financial institutions are facing
    - Ransomware, data loss & BCDR
    - Mobile banking apps and security vulnerabilities
    - Recommendations on improving security and establishing consumer trust

    Speakers:
    - JP Bourget, CSO of Syncurity
    - Ted Eull, VP Privacy and Risk at NowSecure
    - RJ Gazarek, Product Manager at Thycotic
    - Jason Kent, CTO of AsTech Consulting
  • How to Recover from the WanaCrypt Ransomware Attack Recorded: May 18 2017 60 mins
    Phil Richards (CISO), Chris Goettl, and Amber Boehm of Ivanti Software
    On Friday the news broke: a massive ransomware attack which started in the UK NHS immediately spread to global proportions. By Sunday, the attack had impacted over 200,000 organizations in 150 countries. Listen to Phil Richards, CSO of Ivanti and a panel of security experts discuss how to recover from the WanaCrypt Ransomware attack and safeguard your environment against the evolving threats that are likely to come.

    Presenters:
    • Phil Richards, CISO
    • Chris Goettl, Manager of Product Management, Security

    About Phil Richards:
    Phil Richards is the Chief Information Security Officer (CISO) for Ivanti. He has held other senior security positions including the head of operational security for Varian Medical Systems, Chief Security Officer for Fundtech Corporation and Business Security Director for Fidelity Investments.
  • [Video Panel] Fighting Ransomware & Responding if the Worst Happens Recorded: May 18 2017 47 mins
    Josh Downs, BrightTALK; Adrian Taylor, FireEye; Ian Whiting, Titania & Bart Parys, PwC
    Ransomware was one of the biggest threats facing businesses in 2016 and that trend is expected to continue as we press further into 2017.

    As more and more cheap malware becomes available to cyber criminals the sheer amount of ransomware attacks is on the rise.

    However, cyber defences are beginning to catch up.

    This expert video panel will be discussing the ransomware landscape, what you can do to better protect your business from the threat and steps to take should the worst happen.

    Panelists:

    - Josh Downs, BrightTALK (moderator)

    - Adrian Taylor, Field CTO, FireEye

    - Ian Whiting, CEO, Titania

    - Bart Parys, Threat Intelligence Analyst, PwC
  • Politics and Cyber Attacks: Techniques, Prevention & Influence Recorded: May 18 2017 34 mins
    Indy Dhami, Director & Independent Security Consultant
    Focus of the talk:

    The current global political climate and the increased number of cyber attacks associated with nation states and revelations from whistleblowers such as WikiLeaks. The strategies and potential reasons for such attacks – We are seeing a focus shifting from financial gain
    to political power, control and mass surveillance.

    Audience learning:

    A view of the technologies utilised and targeted to perform the attacks such as malware targets such as iPhones, Android devices and smart TVs and malware on Windows, Osx, Linux etc

    Audience takeaways:

    The talk is aimed at those with a general interest in Cyber Security and how political gain is firmly intertwined and a tool utilised in state sponsored cyber attacks indiscriminately against corporations, criminals and citizens alike.

    ------------------

    Indy possesses over 14 years’ experience, having worked in both
    operational and consulting positions at FTSE100 and Fortune 500
    organisations including AXA, Deutsche Bank, PwC, Accenture,
    Mercedes-Benz, Jaguar Land Rover and many other world leading
    organisations.

    His experience includes leadership positions in information/
    cybersecurity transformation, risk assurance, crisis management
    (pre and post incident), assurance, audit, governance, risk and
    compliance programmes.
  • [Video Interview] Pentest Masterclass & Getting the Most of Your Security Spend Recorded: May 18 2017 8 mins
    Josh Downs, Senior Community Manager BrightTALK & Ian Whiting, CEO, Titania
    - BrightTALK at CRESTCON & IISP Congress -

    BrightTALK caught up with Titania's Ian Whiting for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

    Topics up for discussion:

    - How to run a comprehensive pentest to protect your business

    - How to get the most from your cyber security budget

    - AI & Machine learning and the influence it'll have on the security industry

    - The explosion of connected devices on the IoT and where networks are especially vulnerable
  • Risk Intelligence: Lessons Learned from Current Attacks Recorded: May 18 2017 49 mins
    Michael Goedeker, CEO, Hakdefnet
    This presentation goes into details of BlackEnergy3+ and SocialBots attacks and how we use forensics and CyberNSight to reduce Risks based on Data Breach exposure and analysis. This presentation discusses the differences in Threat and Risk Intelligence and how Hakdefnet has changed security by creating a unique Actionable Risk Intelligence platform / solution.

    ---------------

    Hakdefnet is a cyber-security Start-up company that gives customers the opportunity to protect themselves more comprehensively, cheaper and easier than ever before. We analyze security gaps, find stolen data - including the Darknet, and can individually protect Critical Infrastructure, VIPs and Enterprises globally. Based on CyberNSight, VCISO and our RIP (Risk Intelligence Platform) Subscriptions, our customers not only know if but also how they were attacked, and what happened with their data. This (we believe) is the only way to really minimize the damage caused by cyber attacks and avoid them in the future.

    Michael Goedeker is an author and researcher at the front end of cyber warfare, espionage and crime, and he researches for academia, press and security professionals globally.

    Michael A. Goedeker is a German American researcher, born in 1971 in New York City. He has worked in the IT Security field for over 16 years, training and consulting for fortune 500 companies. He has worked on worldwide security projects for Accenture, Avande, Microsoft, IBM, Symantec and Sophos.
  • Block The Risk Of Ransomware Recorded: May 18 2017 34 mins
    Jonathan Korba, System Engineer, Symantec, and Q&A with Gavin Fulton and Robert Arandjelovic
    Ransomware is becoming a more prevalent problem and attackers are becoming more straightforward; not even bothering to masquerade as legitimate agencies anymore. You may be wondering what you can do. First we would encourage you not to pay and then put protection in place so you won’t be victimized again.

    Learn how Symantec Endpoint Protection 14 can help protect you from future ransomware attacks:

    • What are your options if you’re a victim of ransomware
    • Why Symantec Endpoint Protection 14 can address ransomware better than other solutions
    • How Symantec technologies work together for maximum protection
  • All Your PCI Questions Answered - Interactive Q&A with the PCI Dream Team Recorded: May 17 2017 76 mins
    Ben Rothke (Nettitude), David Mundhenk (Herjavec Group), Art Cooper (NuArx), Jeff Hall (Optiv)
    Join the smartest minds working with PCI DSS compliance and find the answer to your toughest and most vexing PCI questions. With hundreds of different requirements, the various Payment Card Industry (PCI) standards can be overwhelming. While the PCI Security Standards Council has provided lots of answers, the devil is often in the details. Our panelists are some of the top PCI QSA’s in the country, with decades of combined PCI and card processing experiences. They’ve seen it all: the good, bad and ugly; and lived to tell the tale.

    Join Ben Rothke, David Mundhenk, Arthur Cooper, and Jeff Hall for an interactive session, and get answers to your most vexing PCI questions. No PCI question is out of bounds.

    Moderator:
    - Ben Rothke, Senior Security Consultant - Nettitude Ltd.

    Panelists:
    - David Mundhenk, CISSP, PCIP, QSA (P2PE), PA-QSA (P2PE), Senior Security Consultant, Herjavec Group
    - Arthur Cooper "Coop", Senior Security Consultant - NuArx Inc.
    - Jeff Hall, the "PCI Guru", Principal Security Consultant, Optiv Security
  • How to Increase Information Confidentiality with Double Encryption Recorded: May 17 2017 49 mins
    Sebastien Boire-Lavigne, Executive Vice President & CTO, XMedius
    Encrypting sensitive information is a pervasive requirement for today’s organizations, but too often, little attention is given to key management and its implication on how effective encryption is against various threats like hackers or malicious administrators.

    Register for this webinar to learn:
    • How double encryption ensures the security and integrity of sensitive data
    • Key elements of an effective double encryption management strategy
    • Using double encryption wisely to overcome common pitfalls

    About the Presenter:
    Sebastien Boire-Lavigne is an Executive Vice President and CTO at XMedius. For over 15 years Sébastien has been a driving force at XMedius Solutions, and has been instrumental in developing XMedius’ technology strategy. Among his many accomplishments, Sébastien led the development of the ground-breaking XMedius Fax-over- IP technology and cloud platforms. His versatility, wide-ranging technical skills and keen business acumen allow him to seamlessly bridge the technical – business divide. In addition to leading Product Development, Sébastien is also responsible for Customer Services, IT and Information Security.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Infosecurity 2016: How can the Banks Improve their Cyber Security?
  • Live at: Jun 14 2016 1:20 pm
  • Presented by: Steve Durbin, MD, ISF & Josh Downs, Community Manager, BrightTALK
  • From:
Your email has been sent.
or close