Hi [[ session.user.profile.firstName ]]

Using Privileged Access Management to Beat Back Insider Threats

Employee accounts are being constantly targeted by black hat teams. Owning the keys to the kingdom leads to large payoffs. Significant breaches in the last couple of years has provided credence to this fact. Join this presentation as we discuss the challenges and strategies for combating employee account misuse. The discussion will focus on a deep dive into Privileged Access Management (PAM), its various facets and strategies to strengthen the security envelope.
Recorded Nov 16 2016 50 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Dr. Anirban Banerjee, CEO, Onion ID
Presentation preview: Using Privileged Access Management to Beat Back Insider Threats

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • 5G IoT Security Recorded: Sep 16 2021 34 mins
    Praveena Sridhar
    5G IoT is the latest in the IoT World. This next generation of mobile technology, with features such as Enhanced Mobile Broadband, Ultra-Reliable Low Latency Communication, and Massive IoT, is set to radically re-shape today’s mobile networks. This webinar aims at depicting the high-level composition of the end-to-end 5G network architecture termed as 5GS (5G System) and Security in this space.
  • To Pay or Not to Pay 'Ransom'… That is the Question! Recorded: Sep 16 2021 44 mins
    Leena Bongale | Manager | Data Management & Governance, Personal Banking Data & Analytics | TD Bank Group
    Thriving through a cloud ransomware attack is no accident. The only way to avoid becoming a ransomware victim is to plan for an attack and take steps to recover before the attack happens. New Cyberattacks Require New Protection Strategies. So in this presentation I will talk about how to build a plan that can be used in the unfortunate event a company finds itself the target of ransomware. Your key takeaways from this session will be:

    • Identifying a ransomware attack and assessing the blast radius
    • Activating the Rapid Recovery Plan
    • Examining the importance of backup immutability
    • Recovering Data with precision

    Leena Bongale is a recognized industry expert with over 18 years of experience in Information Technology and specializes in Information Security and Management. She is currently Manager of Data Analytics & Governance at TD Bank. Leena is an accomplished consultant, speaker, trainer, writer, and columnist, and has achieved industry certifications including CRISC and SAP BI. Leena regularly speaks, writes and blogs for some of the most recognized tech companies today on topics including cybersecurity, cloud adoption, business continuity, and compliance.
  • How do you monitor your cloud controls in a multi-cloud environment? Recorded: Sep 16 2021 55 mins
    Benoit Heynderickx
    On Thursday 16th September at 13:00 BST, Benoit Heynderickx Principal Analyst at the ISF will be hosting a live webinar exploring cloud control visibility and how to monitor your cloud controls in a multi-cloud environment.

    In this session we will be looking at:
    - The main challenges faced by security professionals when it comes to monitoring the controls deployed over the multitude of cloud services recently acquired
    - The various solutions at-hands for cloud controls monitoring and reporting across the whole multi-cloud environment
    - Future trends leveraging the use of AI techniques for cloud controls monitoring.

    Benoit is a principal analyst at the ISF. He is the project lead for the ISF’s Supply Chain suite of products and the research lead for cloud security. Benoit has over 20 years’ experience in information security risk and assurance and has worked across various industries and large organisations. Benoit also has a keen interest in the emerging quantitative techniques in information risk analysis.
  • Using AI to Thwart Cloud Ransomware Recorded: Sep 14 2021 27 mins
    Rick Bosworth, MBA Director of Product Marketing, SentinelOne
    Enterprise cloud infrastructure use continues its torrid growth as organizations embrace cloud compute and storage to supplement their IT strategy. Unfortunately, so too have ransomware attacks. Ransomware itself has undergone its own digital transformation of sorts, with ransomware as a service, aka RaaS, making even the most sophisticated attack campaigns as simple as a button click. Join Rick as we delve into recent ransomware trends and what each of us can do to secure our organization’s hybrid cloud footprint to minimize the probability, breadth, and impact of future attacks.
  • No Silver Bullet – Essence and Accident in Cyber Resiliency Engineering Recorded: Sep 14 2021 57 mins
    Teresa Merklin
    Cybersecurity incidents and failures impact critical public infrastructure, national defense, corporate economic interests, and personal privacy. As the magnitude and frequency of cyber events continues to escalate, vendors and agencies are desperately seeking solutions to solve this issue once and for all. In the 1980’s the software development industry was facing similar challenges. That crisis prompted Frederick Brooks to write his iconic paper “No Silver Bullet – Essence and Accident in Software Engineering.” The solutions and technologies detailed in that paper are eerily similar to the “breakthrough” solutions currently proposed for cyber. This presentation examines the “Silver Bullets” of cybersecurity, lessons we can learn from that parallel history, and the essence of challenges that confront modern security practitioners.

    Teresa Merklin is a Fellow at Lockheed Martin where she specializes in Cyber Risk Assessment and Engineering for Cyber Resiliency. She is currently attached to the Aeronautics Cyber Range which performs cyber assessment and penetration testing across the complete portfolio of Lockheed Martin aircraft and related systems. She has 30+ years of career experience starting out in embedded software development which slowly morphed into cybersecurity over time. Teresa holds a BSEE from Oklahoma State University, a Masters of Software Engineering from Texas Christian University, and an MBA from the University of Dallas. She holds the CISSP and CSSLP certifications.
  • Securing Your Organisation’s Cloud the Right Way Recorded: Sep 14 2021 60 mins
    Ateef Mulla | Johannes Wiklund | Jeremy Synder | Chani Simms | Raphael Peyret
    It’s hard to defend against today’s threatscape while securing users, devices, apps, and data and providing quality customer experience. As organisations need to quickly adapt to an evolving threatscape, new compliance regulations, and customer demands, how can they keep security at the forefront of their cloud adoption plans?

    Wherever they are in their cloud adoption journey, it remains necessary for organisations to be critical of cloud security blindspots and secure cloud assets. Join this summit to learn more about what your organisation can be doing to better their cloud security strategies.

    Join us to learn:
    - The latest threats targeting the cloud in 2021 and how to stay on top of the evolving threatscape
    - How to protect your enterprise against ransomware
    - How to better secure your cloud applications
    - Why visibility across your cloud environments is key for early threat detection and mitigation

    Moderated by:
    Jeremy Synder, Senior Director of Corporate Development, Rapid7

    Participants include:
    Ateef Mulla, Regional Senior Solution Engineer & Cybersecurity Expert - SonicWall
    Johannes Wiklund, Vice President, IT & Cyber Security, Somos
    Chani Simms, Managing Director, MetaDefence Labs
    Raphael Peyret, VP of Product, Horangi Cybersecurity
  • Top 10 Cloud Security Challenges of 2021 Recorded: Sep 13 2021 60 mins
    Jo Peterson | Kayode Olafunmiloye | Stan Lowe | Joseph South
    Gartner forecasts that global public cloud spend is forecast to grow 18.4% in 2021 to a total of $304.9 billion --up from $257.5 billion in 2020.

    Organizations are prioritizing cloud security in 2021. Work life changes that were introduced in 2020 are here to stay. More and more workloads are moving to the cloud and organizations are shoring up remote work practices in accordance with evolving government guidelines.

    In today’s session, we’ll review the top 10 Cloud Security Challenges of 2021.

    Moderated by:
    Jo Peterson, VP, Cloud & Security Services, Clarify360
    Panelists include:
    Kayode Olafunmiloye, Senior Manager, Cloud Security Strategy and Architecture, AMD
    Stan Lowe, former CISO, Zscaler
    Joseph South, Sr Cloud Security Engineer, Guaranteed Rate
  • Innovations in new Threats on the Cloud Recorded: Sep 13 2021 38 mins
    Shayak Tarafdar, Team Lead | Himanshu Dubey, Sr. Director, Engineering, SEQRITE
    Public cloud infrastructure has emerged as the backbone for innovation-driven growth. By embracing the cloud, enterprises can modernise their IT infrastructure and conjure solutions to serve customers digitally in new and innovative ways. Digital transformation & cloud adoption has further accelerated in recent times, as COVID-19 pandemic forced businesses to setup remote working at an unprecedented scale. Public Cloud services enabled fast & smooth migration to “working from home” by enabling connectivity from anywhere and supporting essential services such as video conferencing & real time communication.

    This rapid increase in cloud adoption has introduced numerous new security threats and challenges. Also, this has opened up new attack avenues for Cyber Attackers, and subsequently cyber-attacks against cloud installations are only going to increase in time to come.

    In this presentation we will discuss:
    • Cloud security risks & challenges
    o Multi vector attacks against cloud installations
    o Cloud jacking due to misconfigurations and using shared software
    o Among others
    • Impact of these threats
    • Preventive measures
  • Threat Horizon: Emerging Cyber Risks for APAC Recorded: Sep 7 2021 48 mins
    Dan Norman
    On Tuesday 7th September at 17:00 HKT, Dan Norman, Senior Solutions Analyst at the ISF will be hosting a live webinar to explore the emerging cyber risks that the APAC region may face.

    In this session we will be addressing:
    - The key political, economic, social, technological, legal and environmental factors impacting APAC
    - Future cyber and physical threats that will likely emerge over the next 2-3 years
    - Strategies to mitigate emerging risks.

    Dan Norman is a Senior Solutions Analyst at the ISF, helping ISF Members to manage current and emerging information/cyber risks. Dan’s historical focus has been on threat intelligence and technology forecasting, with emphasis on running cyber security exercises to prepare organisations for future threats. Dan is also the lead author of the human-centred security research series, which leverages psychological theory to understand manipulative attack techniques and identifies how weaknesses in the human mind can lead to security incidents.
  • Securing Mission-critical Operations with Emerging Transport Technologies Recorded: Sep 7 2021 44 mins
    Somnath Ojha, Group Director (CTO's Office), Tejas Networks
    In this talk we will discuss the growing cybersecurity threat to utility firms ( power, oil and gas, railways etc) and compare and contrast the strengths/weaknesses of popular packet-optical transport technologies such as IP, Carrier Ethernet, MPLS-TP and OTN technologies from a network security standpoint.
  • 5G and Cyber Threats Recorded: Aug 24 2021 51 mins
    Katie Grzywacz
    5G brings the power to connect billions of new devices and enable their use in new ways. With that comes significant risk. What types of threats does 5G introduce and what should we consider as we start incorporating 5G into our products?

    Katie Grzywacz is a Lockheed Martin Associate Fellow and is the chief cyber architect for the LM Space Centers of Excellence. She has 16+ years of experience that includes security engineering and offensive security testing. She is currently researching cyber threat scenarios that apply to a multitude of 5G use cases.
  • Advanced Threat Prevention - Defending Against Sophisticated Threat Actors Recorded: Aug 19 2021 55 mins
    Ondrej Krehel, PhD, CISSP, CEH, CEI , EnCE Digital Forensics Lead, CEO and Founder, LIFARS
    Advanced threat protection services and solutions are must in today’s business environment to protect data as well and the integrity of a business. Threat actors now have the resources to wage war like never before. Advanced Threat Prevention (ATP is made of several components and functions:

    • Continuous monitoring and real-time visibility - Threats are often detected too late. After the damage is done. Monitoring and quick action is a must or you will pay the price in resource utilization and reputation damage.
    • Context - Monitored threats must contain context for security teams to effectively prioritize threats and organize response.
    • Data awareness – Having an understanding of data, its sensitivity, value.
  • Stay ahead of the game: automate your threat hunting workflows Recorded: Aug 19 2021 43 mins
    Christopher Van Der Made, Security Developer Advocate, Cisco
    It is very important nowadays to stay up to date with all of the cyber threats that are posing all over the world. It is widely known that there are not enough resources to be found to fill up every Security Operation Center (i.e. SOC). Therefore, many organizations struggle with coping with the massive amount of new type of attacks and generated alerts from their tooling. During this session, you will learn how to hunt (and automate your hunt) for active cyber threats in your environment and contain them using integrated connections to network, endpoint, and cloud products. This session is targeted at SOC management, cyber security engineers, threat hunters, and analysts. It will touch on threat detection, investigation and response. All the code will be made available after the session.
  • Quantum vs. Quantum Recorded: Aug 19 2021 47 mins
    Bruno Huttner, Director of Quantum Strategic Initiatives, ID Quantique
    As emphasized by the recent controversy about quantum supremacy, the quantum computer is already a reality. Although the timing of the arrival of a quantum computer capable of factoring large integers and therefore of breaking most existing public key cryptosystems is still under debate, the risk to our cybersecurity infrastructure is now real and steadily increasing. In order to prepare our cybersecurity framework to the quantum era, and build a Quantum-Safe infrastructure, action must be taken today.

    Fortunately, some solutions exist today and are constantly improving. There come in two very different flavours. One is to find new mathematical problems, which should be immune to the quantum computer threat. This is the domain of Post-Quantum Cryptography. The second is to use the peculiar properties of quantum itself to fight against the quantum computer threat. Current solutions are known as Quantum Random Number Generators, which improve the quality of keys, and Quantum Key Distribution, which enable secure distribution of these keys. Quantum Networks and the future Quantum Internet will soon make these solutions usable in a broad context.

    In this presentation, we will outline both solutions and focus on the quantum ones.
  • Application Security Vulnerability – a risk-based approach Recorded: Aug 18 2021 40 mins
    Christopher Peters, Application Security Engineer, Premiere Global Services
    Security teams can become overwhelmed with vulnerability reports. A myriad of tools exist that provide all kinds of reporting on suspected vulnerabilities in software. False positives (and negatives) are usually present in the data. For the security team, this can create a situation where more time is spent managing the data and reports than fixing things or helping other teams focus their patching efforts.

    In order to triage and focus effort on the greatest risk to the business, a different approach may be
    needed than the traditional compliance-based ones or systems based on CVSS scores.

    In this webinar we’ll start out by defining what exactly the term vulnerability means, how to measure that, and then explore a more risk-based approach.
  • Application Security 2021 Recorded: Aug 18 2021 60 mins
    Jo Peterson | Dustin Lehr | Derek Fisher | Les Correia | Nick Moy
    The notion that software runs the world and the world runs on software became even more of a reality during the pandemic. In addition to enabling work from home efforts, organizations hit the Fast Forward button on digital transformation efforts in the last 12-18 months. Gartner points out that the global expenditure on enterprise software will grow by approximately 10.8% and be $516.9 billion in 2021

    Software applications can be the weakest link when it comes to the security of the enterprise stack

    In this session, we’ll explore:

    • Current state of application security
    • Best practice guidance
    • Importance of a mature application security program

    Jo Peterson, Vice President, Cloud and Security Services, Clarify360
    Dustin Lehr, Director, Application Security, Fivetran
    Derek Fisher, VP Application Security, Envestnet|Yodlee
    Les Correia, Global Head of Application Security, The Estee Lauder Companies
    Nick Moy, CISSP, GCSA | VP Application Security, Fairway Independent Mortgage Corp.
  • How To Do Application Security Right Recorded: Aug 18 2021 39 mins
    Ted Harrington, Executive Partner, Independent Security Evaluators (ISE)
    You're building an application and need to prove it's secure, and to do that you need to find vulnerabilities and fix them. However, there's so much confusion about what that even means, let alone how to do it right, that it can be an uncertain and overwhelming endeavor. Author Ted Harrington takes you to the front lines of ethical hacking and security research, blending real-world exploit stories with actionable insights in order to help you understand how to break -- and fix -- applications. You'll walk away with practical guidance about how to:

    - Abuse functionality
    - Chain vulnerabilities
    - Choose a testing approach & methodology
    - And much more
  • 5 Steps to Your SASE Journey: Security Connectivity to Any App, from Anywhere Recorded: Aug 17 2021 35 mins
    Paul Martini, CEO/CTO, iboss
    In this "work from anywhere" world, ensuring users can quickly and securely connect to any cloud application they need is critical. To do this, organizations need to transition their network and security strategy to provide secure connectivity for remote workforce. Building your roadmap for the move to SASE cloud offers many benefits. It provides organizations with a path to reducing network and security cost and complexity, while increasing security and connectivity to give your users a better experience, regardless of location.

    During this session, Paul Martini, CEO/CTO of iboss, will discuss:
    • The true enterprise impact of "work from anywhere"
    • How to reduce of eliminate the need for on-prem proxy appliances and VPNs
    • The new mindset of security at the edge
    • 5 steps to consider when migrating to a SASE cloud platform
  • Exploring Cyber Threats & Breach Prevention 2021 Recorded: Aug 17 2021 51 mins
    Towerwall | SecureCloudDB | Alert Logic | Nasuni |
    The last 12 months have been incredibly turbulent in the cybersecurity world. The move to a hybrid work model has seen many organisations turn their security on its head, with the adoption of security solutions like SASE and Zero Trust. Ransomware has also spiked: according to a new Group-IB report, in 2020 ransomware surged by 150%. As the security landscape evolves and new threats seem to be at every corner, it’s essential to re-evaluate your security posture to ensure that your organisation is as safe as possible.

    But what are the key trends thought leaders expect to face this year, and how can we navigate these security threats? Are security teams fully prepared to tackle new risks and breaches?

    Join our panel of expert thought leaders as we discuss:
    - The key cybersecurity trends of 2021, from SASE, ZTNA and beyond
    - Breach prevention, and how to find the right solution for your organisation
    - What the ‘new normal’ means for your security teams
    - Identity-first security, and why it’s so valuable today
    - And more

    Moderated by:
    Michelle Drolet, CEO, Towerwall

    Panelists include:
    Bharath Vasudevan, VP, Alert Logic
    David LeBlanc, SecureCloudDB
    Anne Blanchard, Senior Director, Nasuni
  • Staying Ahead of the Breach in 2021 Recorded: Aug 16 2021 60 mins
    Kalani Enos | Michelle Drolet| Christopher Kruegel | Ido Safruti | Chris Arsenault
    Cyber attacks on companies, governments and individuals grew significantly in 2020. What can enterprises do to better protect their data? Is breach prevention even possible?

    Hear from the experts on what the new normal for organizations looks like, the cybersecurity best practices to adopt and what's in store for the rest of 2021.

    The topics up for discussion will include:
    - Cybersecurity in the new normal
    - How attackers have take advantage of the pandemic
    - Critical steps to take on the path to preventing data breaches
    - Why data protection and cybersecurity should not be separate functions
    - Best practices and solutions for breach detection and response
    - Lessons from the field and recommendations for CISOs

    Moderated by:
    Kalani Enos, CEO, KEnos Technologies

    Panelists include:
    Michelle Drolet, CEO, Towerwall
    Christopher Kruegel, VP Security Services - Network and Security Business Unit (NSBU) at VMware
    Ido Safruti, CTO & Co-Founder, PerimeterX
    Chris Arsenault, Principal Solutions Architect, BlackBerry
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Using Privileged Access Management to Beat Back Insider Threats
  • Live at: Nov 16 2016 8:00 pm
  • Presented by: Dr. Anirban Banerjee, CEO, Onion ID
  • From:
Your email has been sent.
or close