Name: [Video Interview] The Cyber Year in Review: Troels Oerting, CISO, Barclays
Start: 2016-12-07T14:00:00Z
End: 2016-12-07T14:20:44.000Z
Location: BrightTALK

This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Once considered an afterthought in software design, in today's cloud-native, app-centric world, application security must be top of mind. Widespread applications usage over distributed and public networks invites a variety of potential threats. Frequent testing and adherence to application security best practices can limit the possibility of unauthorized code being used to steal, share or modify sensitive user information.

This panel of experts will discuss the importance of a comprehensive application security program that incorporates best practices, threat identification and security testing.

Join us to learn about:

--Potential application threats
--Program requirements for app security
--Implementing app security standards
--Using DevSecOps initiatives to improve security
--Application security testing methods

Update Your Application Security Strategy

Threats like malware and denial-of-service attacks have been around since the earliest days of the internet, and the cybersecurity industry has created generations of threat detection and response tools to identify and remediate them. As security threats continue to evolve and advance, the tools to identify and stop them need to evolve as well.

This panel of security experts will explore how security teams can shift form using reactive to proactive measures, utilizing a host of emerging tools and technologies. Join us to learn about:

--Endpoint-focused technologies such as XDR
--AI's role in reshaping threat detection
--Threat detection and intelligence services
--Security observability tools that improve breach detection
--Using tools within a zero-trust framework to limit vulnerabilities

It's Time to Modernize Threat Detection

The social, economic and technological shifts of the past two years prompted cyber attackers to refine their methods, becoming more sophisticated and aggressive. This resulted in the business community suffering a series of high-profile attacks with far-reaching repercussions. Threat actors continue to exploit vulnerabilities across endpoints and cloud environments, and are ramping up use of stolen identities and credentials to bypass legacy defenses.

This panel of security experts will discuss the top threats of the moment and look toward what to expect in the next 12 months. They'll provide best practices and recommendations for security measures that can offer the best level of defense.

Join us to learn about:
--The most prevalent attacks today
--Emerging attacks that will threaten your business tomorrow
--How to take a proactive approach to threat detection
--How to prepare for continued global disruption

The Cyber Threat Landscape: Get Ready for 2023

As the methods and practices used to attack digital assets become more refined, the security tools to combat the threats must evolve, shifting from reactive to proactive methods. This change means security teams must learn about and assess a slew of acronyms, including endpoint detection and response (EDR), network detection and response (NDR), managed detection and response (MDR) and extended detection. and response (XDR). They also must consider new methods for addressing and preventing alert fatigue, such as using AI or cloud-based services.

In this panel, experts discuss the types of endpoint detection and response available and how to tease out which is best for your organization.

Join us to learn:
--Why EDR alone is not enough
--How to inventory your endpoints and their protection needs
--How to evaluate MDR options including MEDR, MNDR and MXDR
--The difference between hybrid XDR and native XDR
--Operational benefits of XDR
--How SIEM and SOAR compare with XDR

Unpacking Endpoint Detection and Response

Cyberattacks against healthcare jumped 42% in 2020 and another 35% in 2021. 

Successful cyberattacks disrupt healthcare operations, delay access to clinical services, and lead to significant economic loss. Stolen patient records can be used to commit fraud and identity theft, disrupting patients’ personal lives. 

Medical information is an attractive target because it has high economic value on the black market. 

If you are interested in protecting patients and the healthcare organizations that serve them from cybercriminals, join WiCyS Strategic Partner, Optum, to learn about the career opportunities in healthcare cybersecurity.

Cybersecurity Careers in Healthcare

Spreading operations across more than one cloud enables organizations to choose from a variety of cloud services to cut costs, improve operations and improve scalability. However, operating complex environments across multiple platforms requires a comprehensive strategy to handle connectivity, applications, data and security.

In this panel, experts will discuss how organizations can evaluate risks in their own and their cloud service provider environments, as well as technologies and tools that can assist in achieving a comprehensive strategy.

Join us to learn about:
--Understanding cloud scope across the organization
--Cloud governance frameworks
--Pros and cons of centralizing security access and monitoring controls
--Multi-cloud management and network security analytics platforms
--Cloud security posture management (CSPM) tools that can identify misconfigurations and risks
--Tools for cloud compliance monitoring

Build a Multi-cloud Strategy that Supports Governance and Compliance

Our cyber enemies are sophisticated and strategic with clear objectives and lots of resources. To counter their attacks, we need a pragmatic approach to threat and risk analysis to feed our cyber security ecosystem and focus on protecting our most important assets. This session aims to answer these questions:
•         How can we make cyber security decisions based on threats and risks if we’re not risk experts?
•         How can we determine who wants to access our information assets and why?
•         How do we discover what our valuable information assets are, and where they are located?
•         How do we prioritise our defences, ensuring that our resources are focused to the best effect?

Pragmatic Risk-Based Cyber Security

Data and resource accessibility has come a long way. From private networks to enabling connectivity across the internet to outsourcing them in the cloud. One thing that hasn’t changed is the need to track who is using our resources and viewing our data. The concept of identity has remained one of the cornerstones of security. The ability to identify and control access to cloud-hosted offerings has increased the need for tight security measures that are only effective if we understand “who, what and where”.

In this session we’ll 
• Outline typical cloud-hosted capabilities;
• Identify their user groups and roles;
• Look at identity components that are applicable to cloud services; and
• Introduce the concept of outsourcing Identity Management as a Service (IDaaS).

Identity as the Foundation for Access

Join WiCyS Strategic Partner, AWS will discuss misconfiguration in the cloud, its patterns, threats, and risk to an organization/business. Understanding the shared responsibility model and how we can protect our organizations. We will be going through a use-case exercise and attendees will learn how we can implement the shared model.

Mis-Configuration in the Cloud

Digital transformation and the evolution of identity in the workplace -- spurred by decentralization, cloud adoption and remote work -- have exposed the fact that old methods of identity and access management have outgrown traditional security protections, posing major risks. Adaptable and agile security architectures with a spotlight on identity are a necessity to keep employees and their organizations safe.

In this panel, security experts will explore digital identity trends that bolster cloud security, as well as cybersecurity innovations that focus largely on identity, and help them understand the options.

Join us to learn about:

--Open identity standards and interoperability
--Identity as a service
--Cloud infrastructure entitlement management (CIEM)
--Zero trust models
--Cloud access security brokers (CASBs)

Identity Management Is Essential to Cloud Security

The core tenet of a zero trust strategy is least-privilege access. Yet, organizations continue to rely on user and machine identities that are susceptible to compromise, abuse and misuse, and theft. Risk is compounded by over-permissive, static access rights that provide little to no visibility into who and what is using access and how. Vaguer is how identities should be monitored and protected.

Availability of modern, cloud-managed identity services is widespread. However, organizations have been slow to pivot their security programs from traditional endpoint, network, and SecOps to an approach that focuses on identity orchestration and experiences, which is dynamic and distributed. Where there are no perimeters, a multitude of identity verification services and managed identity services exist. This research-led session will focus on how teams are responding, the identity security controls at play, and the strategies shown to be most effective.

Securing the Identity Perimeter with Defense in Depth

Cyberattackers are not showing any signs of slowing down -- in fact, cyberattacks are worsening. Several factors are responsible for that with some being directly linked to the global pandemic – thanks, COVID! Infosec teams must change their security practices to address the challenges of today and the future. In this conversation among experts, you will gain insights to help you keep your organization secure in an evolving threat landscape. 

Learn how can you limit the impact of future ransomware and supply chain attacks, how you can differentiate cloud security solutions, and more.

Moderated by:
Melinda Marks, Senior Analyst, ESG

Featureing:
Matt Hathaway, Chief Strategy & Marketing Officer, TrueFort

Turn Your Security Challenges into Opportunities

IT and IT Security teams must think proactively and creatively about their data protection strategies, but getting there can be challenging. In this panel, cybersecurity experts delve into the trends and activities putting data at risk in the enterprise and how you can use emerging technologies to mitigate those risks. Use these insights to help you construct a rock-solid data security strategy. 

Moderated by: 
Jack Poller, Senior Analyst, ESG

Featuring: 
James Christiansen, VP and CSO Cloud Strategy, Netskope

How to Build a Strong Data Security Strategy (Panel Discussion)

When it comes to end user cybersecurity and protection, there is no better method to improve cybersecurity than to educate your staff. A well-informed workforce is one of the best tools in the fight against cybersecurity breaches. But let’s be real, how easy is this? 

In this panel conversation, industry experts will share their insights on key areas that organizations should address when tackling data security and privacy. 

Moderated by:
Jack Poller, Senior Analyst, ESG

Featuring:
Blackcloack

End User Protection Strategies for 2022 and Beyond (Panel Discussion)

The rise in cloud adoption, remote work, and other digital transformation efforts are forcing organizations to adapt how they are managing network security. This is proving to be challenging considering there is no one-size-fits-all approach to network security. 

Tune into this panel discussion where experts will provide insights on how organizations can use emerging concepts like SASE, next-gen firewalls and zero trust to help enhance their network security strategy.  

Moderated by: 
John Grady, Senior Analyst, ESG
Featuring: 
Nick Edwards, VP Product Management, Menlo Security

Build a Network Security Strategy that Works for You, Not Cyberattackers

Cloud-native applications are proliferating in even the most traditional IT environments, but the ability to secure these applications and environments has fallen behind. 

This panel discussion explores how security organizations can embrace cloud native by automating processes through DevSecOps, considering cloud-native application protection platforms, and more. 

Moderated by:
Melinda Marks, Senior Analyst, ESG

Featuring: 
Jonathan Nguyen-Duy. Vice President, Field CISO Team. Fortinet

Securing the Cloud-Native Enterprise (Panel Discussion)

Modern SOCs play an essential role in any organization, and this goes beyond cybersecurity -- it has to do with the business entirely. This includes everything from earning trust from employees and customers to reducing impact and costs a potential breach may incur through data loss, lawsuits, or business reputation damage. 

In this panel, experts discuss the tools, techniques, and skills that today’s infosec professionals need for effective security operations and management.  

Moderated by: 
Jon Oltsik, Sr. Principal Analyst, ESG Fellow

Featuring:
Joel Vincent, VP, Product and Technology Marketing, Cribl

Your Approach to Security Operations Must Evolve (Panel Discussion)

With the huge expansion on the attack surface of an organization and the dynamic growth in the realm of Cybersecurity, employees are tempted to choose the latest and greatest product in the market to make life easier for them. While busy individuals think they are finding a solution to their problem, not assessing the associated security risks can cause more problems than it solves! What vulnerabilities are associated with this new tool? Who should have access to the data? Who should own the application? It is quite common for products from vendors to become compromised.

In this presentation, WiCyS strategic partner, Workday, will talk about how Enterprise Security establishes the relationship and collaborates with various security teams before a technology is approved.

Enterprise Security: The Batman Effect

I Heart Security: Developing Enterprise Security Programs for Millennials

The 2017 Cyberthreat Landscape

Key Threats To Look Out for in 2017

When Things Misbehave: How to Mitigate Massive DDOS Attacks

The Latest in Compliance: PCI DSS 3.2 Decoded

Reducing Threats through Improving Identity Security

How Cybersecurity, Technology and Risk Is Maturing the Role of the Modern CISO

Abusing Bleeding Edge Web Standards For AppSec Glory

2016 Has Been a Security Minefield; Are You Ready for 2017?

Smarter Cybersecurity&trade; solutions start with next-gen protection

Cyber-Security Trends &ndash; Security Analytics Is The Game Changer

The Role of Internal Network Traffic Analysis in Cybersecurity

The Role of Supervisors in Mitigating  Security Threats

It&rsquo;s My Life but I no Longer Have Control Over it!

Trends in Email Fraud, and How to Prevent Enterprise-Facing Email Attacks

How to Prepare for the Greatest Security Threats of 2017

Quantum Threats: The Next Undefended Frontier of Cybersecurity

The Threat Landscape &ndash; A Year in Review and a Look at What is Ahead

Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing

2017 Vulnerability Trends - What To Look Out For

Cyber Risk Management in 2017: Challenges &amp; Recommendations

Talking to the Board About Cyber Risk &ndash; A Metrics-based Approach

Insider Threats and Critical Infrastructure: Vulnerabilities and Protections

Make 2017 a Year of Countering the Evolving Threat Landscape

2017 Threat Landscape: Increased Sophistication, or More of the Same?

Caught in the Net: Effective Defence Against Phishing Attacks

The Threat Landscape &ndash; Cybersecurity Trends in 2016 and Beyond

Storm on the Horizon &ndash; 2017 Threats Both Foreign and Familiar

The Year of Cyber Extortion--Why Now and What's Next?

Best Practices for Mitigating Network Security Risks

[Video Interview] The Cyber Year in Review: Ian Glover, President, CREST

The 2017 Threatscape

[Cybersecurity] Our Indigenous Apps: Securing Critical Business Data

Akamai Q3 2016 State of the Internet Security Report

Join this engaging session as BrightTALK conducts an in-depth interview with Troels Oerting, CISO, Barclays.

It's been a crucial year for cyber security with big breaches and newsworthy hacks. BrightTALK's Information Security Community Manager Josh Downs will be quizzing Troels for his thoughts on the cyber security industry and in particular:

- The big breaches of 2016 and lessons to be learnt
- The current threatscape
- The big vulnerabilities on the horizon
- Troels's insights into how to keep your company secure in 2017

We look forward to you joining us for the session.

[Video Interview] The Cyber Year in Review: Troels Oerting, CISO, Barclays

Cyber Security

IT Security

Hack

Breach

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

[Video Interview] The Cyber Year in Review: Troels Oerting, CISO, Barclays

Presented by

About this talk

More from this channel