[Video Interview] The Cyber Year in Review: Troels Oerting, CISO, Barclays

Today’s businesses cannot succeed on their own. That is why, according to Gartner, 60% of organizations now are working with more than 1,000 third-parties, including partners, sub-contractors, and suppliers.

Companies work with these additional organizations to become leaner, more agile, flexible, and efficient, so they can go to market faster and beat the competition. However, according to Gartner it now takes an average of 90 days to onboard a new vendor, 20 days longer than four years ago. How can third-party risk managers create faster, less costly and more scalable onboarding processes that enable the business to grow faster and achieve true digital transformation.

Digital transformation - we hear about it all the time, but what does it really mean for security? As organizations transition users, applications, workloads, and data from on-premise into the cloud to improve agility and competitiveness - how does that change their security landscape and threat model? And how can organizations address the challenge of protecting both legacy on-premise systems, while at the same time, also having to secure dynamic multi-cloud-based environment?

Join today's episode to learn about the reality many organizations are facing when it comes to juggling on prem and multi-cloud security, what the key differences are and how to address them for your organization. The panel will also discuss the following topics:
- What are the differences between Cloud Security vs On-Premise Security and why do they matter for organizations in 2020?
- Can we normalize our security posture across the legacy and hybrid/multi-cloud environments?
- Is it possible to improve security as part of a digital transformation program?
- What kind of cyber hygiene do we need to practice? What should be added and what can be taken off security teams' plates?
- Where does DevOps (or DevSecOps) fit into all of this?
- Are cloud security failures the customer's fault?
- What is SASE and how will it impact your organization?

This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.

This is a Special Edition episode in the Election Hacking series on BrightTALK.

The outbreak of the Coronavirus (or COVID19), has redefined every aspect of our lives from the way we work, play, and receive emergency services.

Remote interactions may be the new normal. How will this "new normal" affect our election process and what are the ramifications from a cybersecurity point of view?

Will we be voting remotely in an electronic fashion and if so, what are the threats, vulnerabilities, and weaknesses? What can be done to prepare for a secure voting process?

Panelists:
- Lance James, CEO of Unit 221B
- Steven Teppler, Partner at Mandelbaum Salsburg P.C.
- Michael Aisenberg, Principal Cyber Policy Counsel at the MITRE Corporation

Moderator: David Morris, Executive Director at Digital Risk Management Institute

Join this special episode of the Election Hacking Series as we discuss this timely and critical issue.

Will AI (whatever the “A” stands for?) ever replace humans for Automation and Threat Detection?

The advances in technology especially with AI (Artificial Intelligence) is being both embraced and feared. Automation is the key to organizations being scalable and assisting with the skilled resource shortage in the cybersecurity industry though will AI ever fully replace humans, and will it eventually be GOOD AI versus BAD AI when it comes to cyberattacks. Could humans simply become a spectator when it comes to the future cyberattacks? This webinar will look into all those questions and possible outcomes.

Join Joseph Carson from Thycotic to take a journey from the present and into the future of AI & Humans, can we coexist together?

Key Takeaways:
What are the current capabilities of AI today in Threat Intelligence?
Can AI prevent cyberattacks?
Will AI replace humans for Cyber Defense or Offensive capabilities?
Future of AI & Humans, can we coexist together?

With email security breaches constantly making headlines, it is crucial for organisations to be ahead of the curve. Join this interactive panel of industry experts as they discuss the latest trends in email security and how to prevent becoming the next international headline.

Join this Q&A panel to learn more about:

- Emerging trends in email attacks
- How to stay on top of the latest threats
- Best solutions to protect your organization

Technical detection is now just the starting point for a series of exercises which will see the entire business work together to identify what happened and to mitigate the results.

In this session, you will learn:

- How EDR and MDR are morphing into BDR
- Why BDR is a challenge for the whole business
- How technology can help, and how it doesn’t

In this 30 minute webinar Ade will discuss how the world of cyber-security detection and response is changing, fast. From IT and technical analysts to the CEO via HR, this is a problem for the whole business to solve together.

While cyber attacks come from all directions, the majority of them originate on endpoints. In this webinar UJ Desai, Director of Product Management at Bitdefender will discuss why organizations are still struggling with endpoint security, and will explore the five critical elements of endpoint security that will allow organizations to effectively defend endpoints from both common and advanced cyber attacks.

Incredibly, 90% of all Security Breaches originate with a Phishing Email and most all breaches trace back to human error. In spite of this reality, businesses spend relatively little time and money on training and testing employees' ability to recognize and prevent the most common Cyber Criminal points of entry.

In a survey conducted by Mimecast, only 45% of organizations provide mandatory Security Awareness Training and of that, only 6% do it monthly. With all we know about learning behavior and corporate culture, how do we get better at raising awareness levels, lower risk, and delivering training in a manner that works?

In this talk, Craig Sandman of Symbol Security, and Security Awareness Practitioner Jonathan Osmolski will walk you through the current realities of Security Awareness, both the Cyber Criminal environment, and what a CISO and Security team has to navigate through in order to execute a program. They also touch on some Security Awareness Specifics, like how to successfully execute meaningful Security Awareness Training and how often should you be training your employees. Join us and find out how you can ensure success in your organization!

According to The Cost of Insecure Endpoints report from Ponemon Institute, ineffective endpoint security strategies are costing these organizations $6 million annually in detection, response, and wasted time

Endpoints are the new network perimeter. Attackers know this. Endpoint threats pose a significant risk to organizations large and small. A report by IDC shares that that 70 percent of cyberthreats actually originate from endpoints. As the bad actors become more sophisticated so should your end point strategy.

Redefine the concept of “endpoint”
Learn why the Global endpoint market is due to double by 2026
Understand effective security measures needed to protect endpoints
Get tips for a unified endpoint security strategy that can help you stay ahead of bad actors.

Moderated by: Jo Peterson, Vice President, Cloud and Security Services, Clarify360
Panelists:
Tom Gorup, VP, Security & Support Operations, Alert Logic
Wade Woolwine, Senior Demand Generation Specialist, Rapid7
Juergen Bayer, Product Consultant - Security, HP

What do oBike, a bicycle rental company, Instagram, and the IRS have in common? Answer -- hackers used APIs to access their customers sensitive information forcing these organizations to announce breaches. Although these API attacks were exposed, most API-based attacks go undetected these days – particularly attacks that used compromised credentials.

This webinar will discuss API cyberattack examples and the techniques used by hackers to breach APIs. It will also review how AI-based security ​solutions can effectively stop these attacks and provide deep visibility into your API sessions for forensic and compliance reporting. Topics covered in this webinar include:
- API cyberattack trends
- Review of recent API attacks
- How to monitor and protect your API activity
- How to detect and block API attacks on your data/apps (live demo)
- How to deliver reports with detailed traffic insight for any API
- Best practices for securing APIs

Cyber security is a hot topic as the world has witnessed a rapid increase in cyber-attacks, data breaches, data leaks and espionage. Governments are taking cyber security seriously, increasing investment in both defensive and offensive capabilities, and introducing regulations to support legal frameworks.

Unfortunately, cyber-attackers don't sleep or take vacations and this means you must be prepared and ready at any time during the day or night.

Join this webinar to learn about the following:
- Which cyberattack is most likely the one that will hit you?
- What are the top threats in 2020?
- What are the latest threats?

We are seeing and a experiencing a massive drive from Industry 4.0 towards ubiquitous connectivity and digitalization. This “Interconnected Era” has seen unprecedented adoption of interconnected devices in both our personal and work lives.

The benefits to both a business and consumers are massive and are set to transform all our lives. However, with this “connected everywhere era” comes inherent security and privacy issues. Join us for an interactive webinar and discussion around security best practice, as we navigate thought this new era.

The Coronavirus pandemic has changed the world. Most organizations are scaling their “Work from Home” employee base from zero to 100%. And many organizations are in the midst of rolling out technology required to support their employees, clients, partners, and constituents.

Join Zoom, Microsoft and NTT DATA in this panel discussion as we explore how to collaborate, communicate and conduct business more securely and efficiently during this new paradigm of “distance working.”

Speakers:
Sushila Nair, Security Offer Leader, NTT DATA
Steve Ross, Partner & Technology Strategist, Microsoft
Gary Sorrentino, CTO, CISO, Zoom
Shamlan Siddiqi, CTO, NTT DATA

Existing APT and Ransomware solutions only address specific parts of the kill chain, making them ineffective at completely stopping APT and Ransomware attacks. Powered by multiple levels of implementation of machine learnings on malware, DGA and other attack behaviors, We will explore holistic approaches that addresses every step of the kill chain making it the only fully integrated security solution with NGFW, EDR and MDR today that can accurately detect and mitigate APT/Ransomware attacks from network to endpoints.

The world is becoming increasingly connected in the digital age that is setting upon us and there is no turning back. The huge opportunities from the IT and OT convergence enable new services and increased productivity. At the same time with greater connectivity there is also greater risks to organizations because of this increased threat surface. A new approach to defend against cyber attacks is needed to keep pace with other business changes and evolving threats. Artificial Intelligence and Machine Learning technologies may present a solution to this problem.

The webinar will cover:
- Why the digital economy is not cyber secured
- Cyber Security Strategic choices
- The threat Intelligence life cycle
- Threat detection and incident response: the future
- Summary

About the presenter:
John Lee is the Managing Director for the Global Resilience Federation Asia-Pacific office. He is managing an Information Sharing Analysis Centre for Operational Technology operators. He had past roles in Information Security, GRC and Operations working for MNCs covering APAC and Middle East. He is the immediate past President of the ISACA Singapore Chapter. He had also taught various cybersecurity certifications from ISACA and ISC2. He is a certified APMG trainer for ISACA.

Carbon Black recently found that 84% of UK organisations had suffered one or more data breaches in the past year. Effectively cybersecurity is critical for ensuring the success of your business in the digital age.

In this webinar, ThreatAware CEO Jon Abbott explores the problems that cybersecurity professionals have faced over the past year and how these are likely to evolve in 2020. He draws on his twenty years of experience, including as founder of MSP Priority One, to examine how cyber threats develop and how business cybersecurity needs to grow to meet new challenges.

From comprehensive asset management to compliance with international standards, proficient cybersecurity requires you to juggle a vast number of tools and processes. Jon’s presentation will look at the way in which innovative technology can increase visibility and reduce complexity when it comes to cybersecurity management, to allow your business to embrace positive risk in 2020.

Key takeaways
- The biggest risks cybersecurity professionals faced in 2019
- How these risks are likely to evolve moving forward into 2020
- What tools allow businesses to embrace new technologies securely

Despite our advances in medical science, humans are still vulnerable to newly developed virus such as COVID-19.

One thing we know today about coronavirus: it can be extremely contagious even if patients have shown no sign of symptoms. This is remarkably similar for IT security. For example, most ransomware remains dormant for weeks or months until activated.

While the infected hosts are not causing any damages, they are busy infecting other systems. IT organizations only have knowledge of ransomware that are reported by PC or server users. This discussion borrows the lessons learned from center for disease control, such as detection, quarantine, and tracking down “patient zero”, and demonstrate the importance of AI & machine learning in security with the best practices for cybersecurity professionals, helping organizations to understand their current threat landscape, perform impact analysis, improve their security posture.

As cybersecurity vulnerabilities and breaches continue to make headlines and put organizations reputation at stake, it’s important to ask “What would a CISO do?”

Join this interactive panel of industry experts as they discuss:

- Top threats to look out for in 2020
- Key factors for building a successful CISO strategy
- Selling your security strategy
- Why your entire organization should be up to date on cybersecurity

Moderator: To be announced

Panelists:
John Lee, Managing Director, GRF Asia Pacific
RV Raghu, Director Versatilist Consulting India Pvt Ltd & Director, ISACA
Panelist to be announced

With the new decade bringing the biggest threat to humanity in terms of COVID19 and its cascading global impact, the ask of the CISO is evolving and the CISO will have a much larger role to play in the enterprise and be truly asked to sit at the big table.

By listening to this session, participants will:

a) have a view of how the changing world looks for the CISO
b) understand what the CISO can do to remain relevant in this new world