The Impact of Cloud on the Future of Web Application Security

Attendees can earn 1 CPE credit on this session.

The new EU General Data Protection Regulation (GDPR) rule looms and will take affect in May 2018, but only a third of companies are on track to be compliant by the due date. GDPR is the most significant change in data privacy regulation in more than 20 years. It represents an extraordinary shift in the way businesses will be expected to operate when they gather, process, maintain, and protect customer data. Any organization that retains information of EU citizens must be in compliance or face huge fines of up to 4% of worldwide turnover.

In this webinar series you will hear from industry experts facing the same challenges you face and find out how they're meeting and surpassing critical implementation check points, and you will learn what actions other organisations are taking preparation for data protection – not only for GDPR, but for long-term data protection.

Governments continue to try to regulate cyberspace, often with little effective impact. Security professionals struggle to design and operate infrastructure that will comply with rules written with Semantically Intentional Ambiguous Meaning (SIAM). Learn from the classrooms of one of the world's great universities the new methods for navigating those challenges and putting in place rules that are effective for managing infrastructure.

Attendees can earn 1 CPE credit on this session.

Digitization has become deeply embedded in enterprise strategy, as nearly all businesses and activities have been slated for digital transformations. The significant advantages of digitization, with respect to customer experience, revenue, and cost, have become increasingly compelling, and we are starting to see digital transformations in risk create real business value by improving efficiency and the quality of risk decisions.

The state of risk management at most global, multiregional, and regional banks is abundant with opportunity. Current processes are resource intensive and insufficiently effective, as indicated by average annual fines above $400 million for compliance risk activities alone. By improving the efficiency and effectiveness of current risk-management approaches, digital risk initiatives can reduce operating costs for risk activities by up to 30 percent, and a digitized risk function can provide better monitoring and control and more effective regulatory compliance. On this webinar our panel of experts will discuss digital innovations for risk management success.

Getting hacked is now a matter of “when”, not “if. As a result, the ability to detect and respond to attacks before significant damage is done has become one of the most important issues in information security.

A wide variety of tools and services are available with new technologies and capabilities being introduced regularly.

We will take a look at the important considerations for organizations seeking to monitor their network security via in-house resources, commercial tools, and/or managed security services. This will include important factors that will dictate the cost and effectiveness of security monitoring efforts.

About the Presenter:
Christopher Camejo has more than 18 years of security experience, and has been with NTT Security for over 15 years with experience in the Security Operation Center, developing and supporting a managed email security service, and implementing security solutions before moving on to start the US ethical hacking team and GRC practices. He has coordinated and conducted numerous large-scale, multi-discipline penetration tests and PCI assessments for NTT Security’s global clients.

As part of NTT Security’s threat intelligence capabilities, Chris follows the latest tactics and techniques of attackers, coordinates NTT Security’s vulnerability identification and disclosure activities, and helps educate NTT Security’s clients, clients from various other NTT operating companies, and the public on how to address strategic information security risks. He has presented at RSA Conference, Infosec World, the ISSA Conference, Computerworld Expo, and at United States Secret Service Electronic Crimes Task Force meetings.

2018 is bringing new Threats & Technologies.
Viewers will learn:
• Case studies and Current trends in Cyber attacks
• Security Metrics
• Oversight of third parties
• How to measure cybersecurity preparedness
• Automated approaches to integrate Security into DevOps

This talk will address how we need to develop and configure systems and software to eliminate common forms of malware and exploits. It is an engineering challenge that requires substantial change in tools and how we write applications and operating systems and how we design hardware. None of it is rocket science, but the pieces must be put together.

Viewers will learn about:
- Attack vectors and hidden risks
- How to build better dams, rather than trying to patch every leak and crack

Do we want our dams to be strong and safe, or is it more important to ensure that we can easily blow up the dams of any opponents, even if ours will break too? As a society increasingly living downstream of the dams, building better dams is a matter of survival.

Presented by a 20+ year security pioneer and inventor of SSH (Secure Shell, the de facto standard for system administration) and the principal author of NIST IR 7966 (guidelines for managing SSH access).

Dynamic, volatile, innovative. Cloud security is all of these and more. How can cloud service vendors turn the constant parade of new threats into a continuing opportunity to increase customer loyalty? How can customers gain trust in their service vendors despite the parade? Learn how in this webcast.

2017 is not yet over and it's already the year of cyber attacks. From phishing, to hacks, to classified hacking tools leaked and the biggest ransomware attacks to date (Wannacry, NotPetya), security professionals across the world are looking to apply the lessons learned in 2017 for an improved cyber security next year.

Join this live interactive Q&A panel with experts from the artificial intelligence, deep learning and IoT security space to learn about:
- The biggest attack trends seen so far
- Impact across industries
- Threats on the horizon
- Recommendations to better secure your data and company in 2018

Speakers:
- Shimon Oren, Head of Cyber-Intelligence at Deep Instinct
- Ted Harrington, Executive Partner at Independent Security Evaluators
- Greg Foss, Global SecOps Manager at LogRhythm

Effective responses to modern IT risks requires a transition from cyber security to cyber defense. This presentation introduces analysis based on proven military tools to understand, assess, and defend against cyber-attack. See how Petya worked its way in, and how to defend against it. Take away valuable tools and frameworks to develop your defenses.

Presenter:

Griff is trained as a Canadian Infantry Officer and is a graduate of the Johnson-Shoyama Graduate School of Public Policy. After a two-year stint as a Strategic Policy Analyst at the Treasury Board Secretariat in Ottawa, he moved to London where he completed a Master’s Degree at the LSE. Unable to find “real” work, he got into software development as a Scrum Master, leading the development of a web based application. This experience fostered an interest in cybersecurity, and Griff went on to a boutique start-up providing application security to Fortune 500 companies. Frustrated by the disconnect between technologies and poor analysis within cyber security, Griff founded cyber defense firm Damrod Analysis in 2017. He is London based, where he and his wife are expecting their first child shortly.

2017 was the year of cyber attacks and high profile data breaches. Discover what cyber security professionals should be focusing on in order to secure their organizations in 2018.

This interactive Q&A panel will discuss:
- The trends shaping the cyber threat landscape in 2018
- Lessons from the biggest cyber events of the year
- Recommendations for CISOs on securing the enterprise in an age of frequent and persistent attacks
- The technological advancements in the fight against cyber criminals and the processes organizations need to have in place to enable their security teams

Moderator:
- Amar Singh, Cyber Management Alliance

What have we learned from 2017's biggest breaches and how will we deal with 2018's emerging threats? Attempting to look both backward and forward over the cyber landscape, Peter Wood will review lessons learned and apply them to the evolving threatscape.

Technology is constantly evolving, and IT infrastructure and cloud are no exception. A rising number of enterprises are realizing it’s not a question of public OR private cloud, but rather a multi-cloud strategy that involves the best of both worlds.

The next evolution of IT infrastructure is true hybridization-- scaling and workload enablement for the full-stack compute layer, creating an environment that allows for more informed decision making. This means decision makers have all relevant information to make cost-effective choices on where workloads go and how to efficiently control them. Hybridization is about gaining the full competitive advantage that comes from the IT infrastructure itself.

Join this interactive Q&A panel and ask your cloud, hybridization and infrastructure questions.

Moderator
- Lynda Stadtmueller, VP of Cloud Services and Research, Frost and Sullivan

Panelists
- Jason Mendenhall, President of CB Technologies
- John Cowan, CEO and Founder of 6fusion
- Evelyn de Souza, Strategy Advisor to the Cloud Security Alliance

Attendees can earn 1 CPE credit on this session.

As the number of internet-connected devices skyrockets into the billions, a data security strategy is an increasingly important part of any organization’s ability to manage and protect critical information. Enterprises are migrating to the cloud in droves, however, protecting data in the cloud remains a challenge as employees push to access cloud apps from any device, anywhere. In the last year alone, 1 in 3 organizations were hacked more than 5 times, and with the increased number of attacks the financial cost of security incidents is also rising.

In many cases, breaches are caused by a combination of benevolent insiders, targeted attacks, and malicious insiders. For example, targeted attacks are often enabled inadvertently by well-meaning insiders who fail to comply with data or security policies, which can lead to a data breach. In this webinar, our panel will discuss major trends impacting cyber security – from the rising frequency of attacks and types of threats that organizations should be concerned about the most, and they will adress the risks, priorities, and capabilities that are top of mind for enterprises as they migrate to the cloud.

As organizations continue to ramp-up their migration to cloud-based environments, they will need to account for the associated security and control risks. There are hidden dangers and blind spots that arise through the use of virtualization technology in the data center. These hidden dangers and blind spots become more prevalent as business-critical applications are increasingly deployed on the public cloud. This is a problem considering that an organization’s operations are dependent on a cloud environment that inherently has a huge visibility gap.

Many are now making the necessary changes to keep data secure in the cloud. This talk will focus on how to pragmatically accomplish cloud security through increased emphasis on cloud network visibility and cloud access security brokers. Enterprises that can properly implement appropriate cloud network visibility and cloud access security brokers will experience a third fewer security failures. Learn about practical steps and tools that you can use for accomplishing cloud security in your organization.

Cloud computing is an increasingly vital element of information security. It’s used to protect sensitive data; for identity and access management; for network security and to aid with incident response. However it’s not without it’s own set of risks and has been hit in the past with significant and newsworthy breaches.

Join this interactive Q&A panel with top cloud and security experts as they discuss the future of the cloud and considerations to take for protecting sensitive data when it's held in the Cloud.

Moderator:
- Amar Singh, Cyber Management Alliance

Speakers:
- Daniele Catteddu, CTO, Cloud Security Alliance
- Klaus Gheri, VP and GM, Network Security, Barracuda Networks

Cloud Security- Protection Against Evolving Security Threats
Cloud Security Protection is improving, but how can we protect against Evolving Security Threats? How can we win?
In this session we will delve into some of the security risks associated with cloud environments and what can be done to protect your applications and data that reside in the cloud by utilizing a new technology known as Software Defined Perimeter (SDP) as well as encryption and tokenization.

With so many high-profile cyber attacks and breaches in the news, it is no wonder security is cited as the biggest concern of storing data in the cloud. The amount of critical data being sent to the cloud is on the rise. In fact, more than half of business-critical data is likely to reside there by 2019.

Join this keynote panel of experts as they discuss:
- The state of cloud storage and security in 2017
- The biggest threats to data security in the cloud
- How organizations are solving these security challenges

Speakers:
- Ted Harrington, Executive Partner, Independent Security Evaluators
- Paula Greve, ‎Principal Engineer, Data Science McAfee Labs
- Ken Hosac, VP, Cradlepoint
- Akhil Handa, EMEA Leader - Public Cloud Channel Partnerships, Palo Alto Networks

Technology will underpin all aspects of modern society by 2019, profoundly impacting the way people live and work. Business leaders face a stark dilemma; should they rush to adopt new technology and risk major fallout if things go wrong; or wait and potentially lose ground to competitors. Organisations that are well informed about emerging technologies and corresponding threats will be best placed to make winning decisions.

In this webinar, Steve Durbin, Managing Director, ISF, will examine the threats that organisations will be dealing with over the next two years and will provide advice on the best ways of handling them.