Panel Session: Can Data Loss Prevention Get SaaSy?
About the Panel:
Ron Condon has been writing about developments in the IT industry for more than 30 years. In that time, he has charted the evolution from big mainframes, to minicomputers and PCs in the 1980s, and the rise of the Internet over the last decade or so. He has edited daily, weekly and monthly publications, and has written for national and regional newspapers, in Europe and the US. In recent years he has taken a strong interest in information security and is a former Editor-in-chief of SC Magazine.
Dr. Guy Bunker is an Independent Security and Technology Strategy
Consultant with customers across Europe and the Middle East. Guy
worked at Symantec (formerly VERITAS) for more than a decade, where
he was Chief Scientist and was responsible for, among other things,
Symantec’s Cloud Strategy.
Gareth Niblett is the Chairman of the Information Security Specialist Group for the British Computer Society which has over 3,500 members, he writes for the BCS Information Security Now Magazine and organise and speaks at numerous security events. Gareth also provides security, privacy and compliance related consultancy services through Blackarts Limited. Gareth Niblett is Chairman of the BCS Information Security Specialist Group (ISSG), a special interest group with over 3,600 members from BCS, the Chartered Institute for IT, where he is involved in a number of initiatives focused on improving security and safety.
RecordedAug 5 201049 mins
Your place is confirmed, we'll send you email reminders
Join security experts as they review the past 12 months and discuss security strategies, solutions and tools for success in 2020 and beyond.
Discussion topics will include:
- The key factors CISOs should consider for their cybersecurity strategy
- The current and future threatscape
- Platform Security for 2020
- Technological solutions that make CISOs' lives easier
- How organizations are coping with the shortage of qualified security workforce
- How CISOs can better communicate their strategy to the board
Richard Agnew - VP EMEA - Code42
Moderator to be confirmed
Security Strategy, CISO, Cyber Security, IT Security, Best Practices, Skills shortage, Network Security, Cyber Defence, Breach Prevention, Data Security, Email Security, Vulnerabilities, Cloud Security
Join this interactive interview with Richard Agnew - VP EMEA - Code42
Code42 is the leader in data loss protection. Native to the cloud, the Code42 Next-Gen Data Loss Protection solution rapidly detects insider threats, helps satisfy regulatory compliance requirements and speeds incident response – all without lengthy deployments, complex policy management or blocking user productivity. Because the solution collects and indexes every version of every file, it offers total visibility and recovery of data – wherever it lives and moves. Security, IT and compliance professionals can protect endpoint and cloud data from loss, leak and theft while maintaining an open and collaborative culture for employees.
Richard brings a broad base of sales and management experience to Code42, gained through years leading regional teams within internationally recognised brands such as Veeam, NetApp, and Dell. Outside of work, Richard is an avid cyclist who competes in a number of local organised cycling events.
With email security breaches constantly making headlines, it is crucial for organisations to be ahead of the curve. Join this interactive panel of industry experts as they discuss the latest trends in email security and how to prevent becoming the next international headline.
Join this Q&A panel to learn more about:
-Emerging trends in email attacks
-How to stay on top of the latest threats
-Best solutions to protect your organisation
We will discuss the Good, the Bad and the Ugly of Role Based Access Control. We will review access control in systems where multiple roles are fulfilled and compare MAC, DAC and RBAC.
We will present the "next generation" authorization model that provides dynamic, context-aware and risk-intelligent access control. We will discuss Identity Management, Data Discovery, AI, policy-based access control (PBAC), claims-based access control (CBAC) and key standards, including XACML and ALFA.
In today’s multi-cloud and hybrid environments, CISO's are struggling to secure assets, manage security policies across clouds, monitor and mitigate risks, while also supporting the business. How are CISOs solving the challenge of complexity?
Join this panel of experts to learn how to simplify cyber risk management as well as maximize the value of your team and technology.
- Risk scoring and security controls
- How to identify risks for organizations and their third-party vendors
- How to prevent, detect, and respond to, privacy and network security incidents
- Best of vulnerability and risk management in a multi-vendor environment
- Best practices and use cases across industries
The upcoming PCI DSS version 4.0 will include many new or revised requirements and compensating controls will be removed It will include support for a range of evolving payment environments, technologies, and methodologies for achieving security. PCI DSS v4.0 further supports the use of different new technologies. The new validation option gives organizations the flexibility to take a customized approach to demonstrate how they are meeting the security intent of each PCI DSS requirement. This customized approach supports organizations using security approaches that may be different than traditional PCI DSS requirements.
Through customized validation, entities can show how their specific implementation meets the intent and addresses the risk. Unlike compensating controls, customized validation will not require a business or technical justification for meeting the requirements using alternative methods, as the requirements will now be outcome-based.
We will discuss how PCI DSS v4 may impact:
- Implementation of the new “Customized Controls”
- Cloud implementations
- Compliance cost
- Changes in liability
- Relation to the 49 new US State Laws
- PII and PI privacy
- Measure data re-identifiability for pseudonymization.
- Apply data protection to discovered sensitive data
Amy McLaughlin, CISM, CHPS Director of Information Services, Student Health, Oregon State University
All organizations face ongoing threats from phishing attacks, insider threats, and other trajectories. It is evident that no organization will be able to hire or afford enough cyber security to mitigate or intercept every risk. Security strategy has to start with building a culture in which every employee is responsible for information security. A culture that imbues employee with the training and situational awareness to identify and respond (or not respond, as the case may be) to incoming threats. This webinar explores ways to move beyond everyday security awareness to an integrated security culture.
The insider threat continues to top all IT security threats. Conventional threat prevention measures primarily consist of annual security training and inserting security early into a project/product lifecycle to ensure incorporation throughout the design. However, these methods have stagnated in mitigating the largest category of insider threat: unintentional/non-malicious.
This presentation provides anecdotal and empirical evidence via a real-life use case,metrics, and testimonials of soft skills as essential characteristics for a modern organization’s security evolution. Specifically, it addresses the universal reality of internal-organization perceptions of security. New soft skill methods are then offered to overcome communication barriers with internal and external business/technology partners while also promoting a continual working relationship. The result of these improved relationships is project teams viewing security as an essential team member during all phases of an application/product lifecycle, plus the increased security of applications/products released. Secondary gains include maximizing cooperation and collaboration, creating opportunities to teach security concepts and proactively build security into the team’s processes and procedures, and fostering a team’s willingness to self-report security findings and vulnerabilities. As a whole, these behaviors exemplify a security culture that prevents and mitigates the unintentional/non-malicious insider threat.
The CISO position is now a multifaceted role that encompasses technical capabilities, legal/GRC requirements, and personnel and project management - all while not losing sight of the main objective: business enablement. This webinar will discuss what is important today for both new CISOs who are building their nascent security programs and seasoned CISOs who are maturing their established security programs.
Topics covered will include:
- Strategic initiatives that are top of mind for security leaders
- Optimal combinations of in-house and outsourced talent
- Technology essentials and non-essentials
- Communicating reports, metrics, and other pertinent information to stakeholders
In cyber security the strategic goals are often clear, while the methods to achieve those goals is anything but. This webinar introduces Damrod’s Cyber Strategic Framework that applies military analysis to cyber security challenges. Aimed at security teams trying to implement high level goals in the real world, this talk focuses on effects based planning that integrates disparate elements of IT and security into a cohesive package. Defending the network is about more than technology. Analysis and leadership are critical elements of an effective cyber defense. You will leave this webinar better equipped to develop the tactics that make strategy a reality.
Join this interactive webinar as we discuss using advanced PII/PI discovery to find & inventory all personal data at an enterprise scale.
Learn about new machine learning & identity intelligence technology, including:
- Identify all PII across structured, unstructured, cloud & Big Data.
- Inventory PII by data subject & residency for GDPR.
- Measure data re-identifiability for pseudonymization.
- Uncover dark or uncatalogued data.
- Fix data quality, visualize PII data relationships
- Automatically apply data protection to discovered sensitive data.
John McCumber, (ISC)² | Dan Lohrmann, Security Mentor, Inc | Marija Atanasova, BrightTALK
Find out what's trending in BrightTALK's IT Security community and the challenges keeping security professionals up at night.
Join John McCumber, Director of Cybersecurity Advocacy at (ISC)², Dan Lohrmann, Chief Strategist & Chief Security Officer at Security Mentor, Inc., and Marija Atanasova, Content Strategist from BrightTALK for an interactive Q&A session to learn more about:
- Key challenges for security professionals
- Insights from the (ISC)² 2019 Cybersecurity Workforce Study
- What to expect in 2020 and beyond
- Events in the community
John Bambenek, ThreatSTOP Inc. | Yotam Gutman | Cyber Mktg Pros | Thomas J. Harrington, Securonix | Michal Jarski, Tenable
What keeps CISOs up at night? What challenges are they facing on a daily basis? And what opportunities are they seeing in the industry?
Join experts from leading security organizations as they discuss strategies, solutions and technologies CISOs use in the face of on-going security challenges:
- Strategies for breach prevention
- Strategies for making the most of AI technology and human talent
- New technologies on the horizon
- Security strategy recommendations
John Bambenek, VP Security Research and Intelligence at ThreatSTOP, Inc.
Thomas J. Harrington, Associate Deputy Director (Retired), Federal Bureau of Investigation; Managing Director and Chief Information Security Officer (Retired), Citi, Strategic Advisory Board, Securonix
Michal Jarski, Territory Manager, Tenable
Yotam Gutman, Community Manager, Cyber Marketing Pros
This presentation will discuss the current sprawl of different firewall and micro-segmentation appliances and software agents and present an approach on how to solve this challenge.
Today different firewalls and micro-segmentation tools and agents are deployed for network zones, bare metal servers, virtual machines and container environments. This implementation of many disparate security tools creates operational and security problems. To eliminate these challenges, new approach will be introduced which moves services security to the server edge.
New architecture approach to distributed firewalls and micro-segmentation will be elaborated on. Benefits of new edge services security will be demonstrated. Attendees will learn how to take control and implement security at the server edge.
Businesses are reinventing themselves, leveraging technology and data to optimize and find new streams of revenue. This session will look backwards over the last year and discuss the threat landscape. We will then look into the future and examine the impact of digital transformation and how that is impacting threats and risk. Finally, We will examine how the enterprise can build security and resilience into the business of tomorrow.
Jo Peterson (Clarify360) | Jessica Bryar (Masergy) | Wade Woolwine (Rapid7) | Jeff Barto (DigiCert)
Join this keynote panel with security experts as they discuss the biggest threats organizations are facing and their strategies for better security in 2020:
- The threat landscape in 2020
- Key priorities for CISOs
- Best practices for improving security
- Jo Peterson, VP Cloud Services at Clarify360
- Jessica Bryar, Global Account Manager at Masergy
- Wade Woolwine, Director, Managed Services, Rapid7
- Jeff Barto, Trust Strategist, DigiCert
Tools and solutions are not always technology. This webinar introduces techniques from military wargaming to cyber conflict. You will learn how to identify your assets, assess threats, and allocate defenses. Wargaming is a vital tool to test theories and improve responses by visualizing the ebb and flow of detection, protection, response, and recovery.
John Bambenek, VP Security Research and Intelligence at ThreatSTOP, Inc.
With the increase in mobile and smart devices, we've expanded the threat landscape not only against threats to steal information, but for threats that have real physical risks. For instance, recent research by Google Project Zero and Volexity showed sophisticated attacks against both Android and iPhone devices that were targeted at Uighur Muslims and Tibet. Victims of this malware are targeted for persecution by the government of the People's Republics of China.
This talk will cover not only these attacks in specific, but in how threats are emerging that use new technologies which are being used to create physical threats to its victims and what that means for enterprises, SMBs, and society at large.
- Technical discussion on mobile surveillance techniques and malware.
- Cover real-world instances where such cyber attacks have led to physical harms.
- Discuss practical techniques to begin to mitigate such threats.
Michelle Drolet, Towerwall | Nathan Wenzler, Tenable | Griff Jones, Damrod | Roshan Sherifdeen, EY | Mark Forrest,Cryptshare
The threat landscape continuously evolves and adapts, requiring organizations to have a high level of security visibility. Join industry experts as they discuss which threats need to be on your radar and how to prepare for them:
-The threat landscape in 2020
-Best practices and recommendations for a more secure organization
-Solutions and strategies for 2020 and beyond
This session will discuss what attendees learned at The ISSA International Summit 2019, held on October 1-2 at in Irving/Dallas, TX.
Learn from one of the presenters at this conference and what cybersecurity professionals got to share and learn from the leaders in the industry.
Over the last 30 years ISSA international has grown into the global community of choice for international cybersecurity professionals. With over 100 domestic and international chapters, members have world wide support with daily cyber threats that are becoming increasingly intricate and difficult to prevent, detect, and remediate.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.
Panel Session: Can Data Loss Prevention Get SaaSy?Moderated by Ron Condon, TechTarget; Guy Bunker, Jericho Forum; Gareth Niblett, BCS[[ webcastStartDate * 1000 | amDateFormat: 'MMM D YYYY h:mm a' ]]48 mins