The Impact of Cloud on the Future of Web Application Security

In today’s interconnected technology ecosystem, companies increasingly rely on third party vendors to meet their operational needs. However, the current state of vendor risk management (VRM) is bleak. More than half of all information security breaches are caused by third-party vendors, and according to Deloitte 83% of today’s business leaders lack confidence in third party VRM processes.

Understanding and managing cyber risk posed by vendors, suppliers, and third parties has proven to be a difficult task. The right mix of people, processes, and technology result in the most effective and comprehensive program. Join this CPE accredited panel webinar as our expert panel address some key steps to master VRM, including:

- Implementing a scalable VRM program from the ground up
- Mapping the digital supply chain
- Tips on managing vendor data
- Assessing third, fourth, and fifth-party risk
- Performing quantifiable vendor security analyses
- Establishing pre-procurement standards

The largest threat of organisational breach occurs at the Endpoint level. Hacks, phishing, malware and untrained end users are a constant risk that need safeguards and monitoring to protect individuals and businesses with strong IT security. Small changes to your endpoints can drastically improve your protection. However, when you manage one or more businesses and need to implement and maintain these changes across multiple machines or environments, different complications will arise.

Join Webroot’s Threat expert as he discusses topics such as:

· Malware
Miners
Information Stealers
Ransomware
· End user education
· Best policies and settings for your Endpoints
· Endpoint monitoring

What is cyber threat intelligence, and how can organizations leverage it to identify threats and potential malicious activity in advance? Discover the best ways organizations can arm themselves with actionable threat intelligence to block cyber attacks or mitigate their impact.

Join this panel of experts to learn more about:
- Cyber threat intelligence: What it is and how you can use it
- What's new in phishing, banking trojans, Mirai, ransomware
- Emerging threats and what to do about them
- Best practices for a more secure enterprise

In an age where cybersecurity threats are an everyday fact of life, organizations are looking for solutions that enable them to predict, prepare and react to the shifting landscape of cyber threats, and implementation of adaptive cyber security strategies is becoming inevitable to achieve that goal.

Adaptive cyber security methods allow for the simultaneous defense of multiple attack surfaces against this new wave of advanced cyber attacks targeting businesses and services. The NIST Cybersecurity Framework enables organizations — regardless of size, degree of cybersecurity risk, or cybersecurity sophistication — to apply the principles and best practices of risk management to improving security. Attend this CPE webinar to gain insights on:

- Getting a clear picture of the current health of your organizations' defenses
- Defining your security road map using NIST CSF as a framework
- Conducting gap analysis and executing remediation actions
- Mapping the NIST CSF with security controls and built-in reporting templates that align with the framework.

Cybersecurity, much like safety, cannot be achieved - it is an ongoing process that changes and adjusts to respond to the threat landscape, business needs and resources. As essential a cybersecurity strategy is to the enterprise, so is the implementation of it.

Join us for an interactive Q&A panel with security leaders to learn more about how to operationalize cybersecurity.

Topics up for discussion:
- Making information security relatable
- Building security programs
- Defining your cybersecurity strategy
- Translating your cybersecurity strategy into a risk management plan
- Operationalizing your cybersecurity strategy
- Using the maturity capability model for measuring success

Global spend on cybersecurity solutions will grow 33%, reaching $134 billion annually by 2022. Attackers are becoming more sophisticated and the threat of data breaches is bigger than ever. CISOs from around the world will discuss why security is a key focus for investment and how to employ the best strategy for your enterprise.

In this webinar, Mark Chaplin, Principal, ISF will discuss how to communicate your security strategy to the board.

Cyber Risk Management is a topic of continuous growing importance for businesses across the globe. While oftentimes being perceived as an IT issue, cyber risks are impacting business on a much larger scale.

This talk will give some insights into the multiple facets of cyber risk, covering different viewpoints from the board members all the way over to cyber security professionals.

Starting with a short look at cyber from a geo-political perspective, this session will dive into an organizations perception of cyber risks by looking at:

- the board of director’s angle;
- the enterprise risk management angle;
- as well as the operational cyber security angle.

This talk will show how the various viewpoints interact in order to find a good balance between business needs and security needs.

Join us for this webinar that will present an advanced data science approach to detecting anomalous behavior in complex systems like the typical corporate network that your IT Security team is trying to defend. Generalized anomaly detectors, without tuning for a specific use case, almost always result in high false alarm rates that lead to analyst alert fatigue and a detector which is effectively useless. In this session, Brenden Bishop, Data Scientist at the Columbus Collaboratory, will present an open source tool and best practices for building specific, repeatable, and scalable models for hunting your network’s anomalies. Through iteration and collaboration, defenders can hone in on interesting anomalies with increasing efficiency.

No organization’s suite of business applications is static, especially for businesses that have committed to non-stop innovation. It is not uncommon for businesses to integrate only their high-impact applications with their existing identity and access management (IAM) systems. This can cause a huge surge in manual work, and oftentimes enterprises dedicate hundreds of human agents to manage accounts, adding more as new business applications are added. Enterprises can sidestep significant costs, increase efficiency, manage risk and deliver undiscovered value, by properly leveraging automation technologies across IAM systems.

Robotic process automation (RPA) is a powerful technology that harmonizes different systems across an organization’s environment, reduces human errors, provides 24/7 operations, and relieves employees from repetitive tasks so they can focus on more valuable activities. For example, data quality management in the risk and compliance processs has been a traditional pain area for many institutions, as it is very time consuming and manual. However, a cognitive RPA solution which combines machine learning capabilities can enable fast automated remediation of data quality issues, and the system can learn from the final decisions taken by the data analyst as well. Attend this CPE webinar for insights on:

- Getting started with an access management program.
- Evaluating the right configuration and system-based tools to automate processes at a task level, and align to your process automation strategy.
- Leveraging advanced analytics in risk management, compliance, and continuous monitoring programs.
- Embedding governance, risk management, and controls into your enterprise’s mobilization and deployment of RPA, so you can catch issues before they arise.

Join us for this webinar that will recommend how to deal with your “big data” problem when dealing with the massive volume of raw, unprocessed data points from your network security sensors. Hint: don’t start with the data and attempt to drill down to the problem. Instead, as Slava Nitikin, Data Scientist from the Columbus Collaboratory will explain, you must start by the defining problem, building a threat model, and then focusing on the corresponding signals in your sensor data. We will walk through the use case for an Active Directory password spraying attack to demonstrate how to define and apply appropriate filters to your security data for faster detection, more accurate threat scoring and more effective security overall.

Presented by WiCyS and SIA...

This webinar from Women in CyberSecurity (WiCyS) and the Security Industry Association (SIA) will present the findings of The Cybersecurity Imperative research project produced by WSJ Pro Cybersecurity and ESI ThoughtLab and sponsored by SIA. We will share insights into how 1,000-plus organizations around the globe measure their cybersecurity preparedness and how they are preparing for future cyber threats.

In this 45-minute program, we’ll also share a new tool that allows you to compare your own organization’s preparedness to the aggregated data of study participants.

Expect to Learn:
•Current threats organizations are facing
•Cyber risk management approaches
•Where organizations plan technology and staffing investments for cybersecurity
•The impact of cybersecurity “maturity”
•The costs of cybersecurity breaches

Presenters:
•Marilia Wyatt (WSJ Pro Cybersecurity)
•Lou Celi (ESI ThoughtLab)
•Kim Landgraf (Security Industry Association / SIA Women in Security Forum)

Interviewer:
•Taly Walsh, Executive Director (WiCyS)

Are traditional awareness raising campaigns (e.g. CBT, phishing simulations) affording sufficient protection against ever evolving cyber-attacks? With human errors being the #1 cause of security incidents and data breaches, it is now a CISO imperative to tackle behavioural change and effectively manage the human risk. This recognised need reflects the acceptance that how the workforce behaves is dependent on the shared beliefs, values and actions of its employees, and that this includes their attitudes towards cybersecurity.

Key topics covered in this presentation:
• People-related challenges and frustrations the industry is facing
• Why a new approach to awareness and culture is required
• Innovative approaches adopted by leading organisations

Your organisation can only be secure if you make people your strongest defence. Attend this session to discuss how to turn your human risk into your biggest advantage in cyber security!

Flavius Plesu:
A business-focused cyber security leader, Flavius has held senior security positions both within the public and the private sector and has lead a number of enterprise-wide security transformation programmes, in complex global organisations. Passionate about solving real industry problems, cultivating and building teams to deliver on the organisation’s mission, values and goals.

Alongside his role as a Head of Information Security at Bank of Ireland UK, Flavius is also one of the Founders of OutThink, a team of CISOs and security practitioners who are changing the way in which organisations engage with their employees to shape behaviours and manage human risk in the context of cyber security.

* This is a recording so CPE credit is unavailable.

Today’s organizations face a cybersecurity landscape more difficult to navigate than ever before. When it comes to data breaches, the risk for organizations is high, from the easily calculable costs of notification and business loss to the less tangible effects on a company's brand and customer loyalty. With large-scale data breaches continuing to make the headlines in 2018, organizations must be proactive, not reactive, in the face of looming cyber threats. Proactive threat intelligence can enable organizations to prevent breaches or compromises before they occur.

On this webinar our panel of experts will discuss some critical actions organisations can consider to prevent a data breach, and attendees will learn:

- Strategies you can implement now to help you protect against a breach.
- Best practices for gathering the intelligence to predict and prevent attacks.
- How to use threat intelligence to improve your organization’s security posture and reduce the risk of an attack.
- Steps to fortify your last line of defense.

Organisations today need to be agile, and dynamic in responding to the most advanced cyber threats, and although automation has it's place in improving SOC efficiencies, human intelligence is still one of the most important aspects in effective incident response.

In this session learn more about the journey to Intelligent orchestration and how leveraging it in an uncertain world can empower your organisation.

Organisations are constantly under threat with over two-thirds of them experiencing data breaches in 2018. As a result, preparedness and resiliency are paramount to protecting an organisation’s information from cyber attacks.

Business leaders and their security teams can improve their ability to handle cyber attacks by running cyber security exercises. These exercises should help the organisation identify areas of improvement in people, process and technology, reducing the impact should a real cyber attack occur.

In this webinar Daniel Norman, Research Analyst, ISF will share how organisations should approach running internal cyber security exercises to support breach identification, prevention and response.

Cybercrime has evolved from random activities being carried out by individuals into a billion dollar illegal industry that continues to grow. How is cybersecurity keeping up with the rise of cybercrime?

Join this panel of security experts to learn more about:
- Trends in cybercrime and lessons learned in 2018
- The cost of data breaches
- Rise of cryptojacking and ransomware
- Who are the players who make up the world of cybercrime (e.g. programmers, distributors, fraudsters, etc.)
- The CISO vs the cybercriminal
- Best practices for protecting your business

Speakers:
- Michelle Drolet, CEO, Towerwall
- Michael Thelander, Director of Product Marketing, Venafi
- William Peteroy, Security CTO, Gigamon
- Kalani Enos, Founder & CEO, kenos Technologies (Moderator)