Global Panel: Dissecting Cloud Security Standards

Dealing with the threats from insiders who have administrative privilege in your systems is a challenge enough, but how do you handle the risk that comes from vendors and other third parties such as contractors who need privileged access? These are usually trusted vendors and have undergone some vetting but it isn't usually as rigorous as your internal processes and your visibility into their employee’s background and activities within your systems can be opaque. We will go over why this kind of access represents an outsized risk to security and compliance, the challenges of managing these “Inside-Outsiders” and give some best practices to make sure that their access is as secure, compliant and efficient as your internal employees.

About Tony Howlett:
Tony Howlett is a published author and speaker on various security, compliance, and
technology topics. He serves as President of (ISC)2 Austin Chapter and is an Advisory Board
Member of GIAC/SANS. He is a certified AWS Solutions Architect and holds the CISSP, GNSA
certifications, and a B.B.A in Management Information Systems. He has previously served at
CTO for Codero, a managed cloud hosting provider and CTO of Network Security Services, a
security and compliance consulting firm, as well as founding InfoHighway Communications, one
of the nation’s first high speed internet access providers. Tony is currently the CISO at
SecureLink.

The COVID-19 Pandemic has amplified cybersecurity concerns particularly related to the cloud. Threat actors have recognized a unique opportunity to exploit pandemic-related vulnerabilities through social engineering attacks, business email compromise, work from home or other remote weak points. This results in increased risk and occurrence of ransomware attacks and data breaches that can disrupt or totally compromise organizations’ ability to conduct business. These security incidents can also subject victims to liability for violations of privacy and data breach notification laws. Join this webcast as SNIA experts will discuss:
• Changing threat landscape due to COVID
• Recent attacker exploits
• Common security failures and their consequences
• Data Protection (Mounir)
o Strategies to combat malware
o Minimizing ransomware risks
• How emerging technologies (5G, IoT, AI, etc.) expand the threat landscape

The 2020 US presidential election is behind us, but the key cybersecurity issues surrounding election integrity could linger for years to come. From ransomware attacks on local governments, to the untamed spread of disinformation, to experimenting with online voting apps and the myriad of vulnerabilities uncovered across election infrastructures, cybersecurity had never before taken such a central place in the national conversation as it did in 2020.

So, what have we learned in the aftermath? And how can we apply it to better protect upcoming elections as well as enterprises, customers and employees?

Join this interactive panel with security experts and tech leaders to learn the biggest lessons from the election from a cybersecurity and privacy standpoint. Discover what went down, what could have gone better and how to prepare for the midterm elections in 2022.

- Can we build a hack-free election
- Does misinformation on social sites impact how people vote and what can be done to stop the spread
- What was new this time and what should security leaders keep in mind for their organizations
- Would it be safer if we brought the voting process online or in app
- Can nation state actors change voter rolls or polling data
- What the biggest election threats mean for industry
- Key takeaways for cybersecurity leaders

Panelists:
- Jim Richberg, Public Sector Field CISO at Fortinet
- W. Curtis Preston, Chief Technical Evangelist, Druva

This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.

The MITRE ATT&CK framework has become an excellent way for security professionals to understand and describe threats. However, most of the time, it is used to describe the actions of external threats.

But what about the insider threats? According to Forrester, 25% of breaches resulted from internal incidents, and almost half of them were malicious. In the past few years, insider threats have evolved in several aspects from how sensitive data leaves the organization to ways in which privilege access gets misused, creating risks for organizations to mitigate. The proliferation of cloud applications and the current remote work setup make tracking and protecting sensitive data extremely challenging.

Can we use the MITRE ATT&CK framework to help us describe, understand, and finally detect and protect against insider threats? If the framework often describes and supports threat detection of external threats, does it also help deal with insider threats? What organizations should expect from this exercise, and what do they need to do differently to achieve the desired results?

Join Augusto Barros, VP of Solutions at Securonix, to learn about:

• How insider threats have evolved and the new challenges they present?
• How the MITRE ATT&CK framework supports threat detection practices?
• How the MITRE ATT&CK framework can also help to address the issues related to insider threats?

Augusto Barros was the Research VP in the Gartner for Technical Professionals (GTP) Security and Risk Management group. He has over 20 years of experience in the IT security industry as an analyst and a security architect and officer for large enterprises.

This webcast, Tackling Insider Threat with Open Source Intelligence (OSINT), will demonstrate how OSINT can be leveraged to help identify and prevent insider threat.

Rachel will discuss the critical role OSINT can play in effective business risk management, specifically in managing insider threat.

In particular, Rachel will describe how companies can make more informed decisions about the people they employ and do business with by embedding OSINT within their recruitment and screening purposes, thereby minimising the risk of taking on high risk personnel.

Rachel will also discuss how OSINT can be used to understand an individual’s vulnerability to being an unconscious insider by, for example, inadvertently clicking on a link to a malicious website through a specifically targeted email.

Lastly, the webcast will examine the way in which organisations are using continuous OSINT methods combined with machine learning to identify and alert them to early indicators of insider threat, for example negative attitudes towards work, excessive spending, or a close association with a competitor. Indicators which when fused with other information regarding an individual such as a change in working hours or excessive data extraction, can start to build a picture of risk.

Key takeaways:
- The principles of OSINT
- The types of freely available information on people and companies
- The value OSINT brings to business risk management, specifically in managing insider threat
- How OSINT can be embedded within recruitment processes to help prevent companies taking on high risk personnel
- How understanding a company’s and individual’s online footprint can help reduce the harm caused by unconscious insiders
- How machine learning and continuous OSINT methods can help detect insider threat and provide an early warning of potential harm