Hi [[ session.user.profile.firstName ]]

Framework to Evaluate Your BCDR Plans

An organization’s resiliency is directly related to the effectiveness of its continuity capability. An organization’s continuity capability—its ability to perform its essential functions continuously—rests upon key components and pillars, which are in turn built on the foundation of continuity planning and program management. These pillars are Leadership, Staff, Communications, and Facilities. The Federal Continuity Directive (FCD) 1 provides direction to the Federal executive branch for developing continuity plans and programs. Continuity planning facilitates the performance of executive branch essential functions during all-hazards emergencies or other situations that may disrupt normal operations.

FCD2 provides further guidance and direction to Federal executive branch departments and agencies for identification of their Mission Essential Functions (MEFs) and potential Primary Mission Essential Functions (PMEFs). It also includes guidance on the processes for conducting a Business Process Analysis (BPA) and Business Impact Analysis (BIA) for each of the potential PMEFs that assist in identifying essential function relationships and inter-dependencies, time sensitivities, threat and vulnerability analysis, and mitigation strategies that impact and support the PMEFs.
Recorded Jan 13 2011 28 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Shankar Swaroop, Director of BCDR, NEXCOM
Presentation preview: Framework to Evaluate Your BCDR Plans

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Cloud Data Management & Interoperability: Why A CDMI Standard Matters Dec 9 2020 6:00 pm UTC 75 mins
    Mark Carlson, SNIA Technical Council Co-chair; Eric Hibbard, SNIA Security TWG Chair, Alex McDonald, SNIA CSTI Chair
    The Cloud Data Management Interface (CDMI™) International Standard is intended for application developers who are implementing cloud storage systems, and who are developing applications to manage and consume cloud storage. It documents how to access cloud storage namespaces and how to manage the data stored in these namespaces. In this webcast we’ll provide an overview of the CDMI standard and cover CDMI 2.0:

    •Support for encrypted objects
    •Delegated access control
    •General clarifications
    •Errata contributed by vendors implementing the CDMI standard
  • 2021 Readiness: Balancing Security in a Post-COVID World Dec 9 2020 5:00 pm UTC 60 mins
    Diana Kelley | Mark Weatherford | Ted Harrington
    Earlier this year many companies experienced an incredible shift to fully remote work almost overnight, in response to the COVID-19 pandemic. This accelerated the “digital transformation” journey for many companies compressing what was a multi-year timeline into a few months and making 2020 different than any other previous year. In this episode we’ll explore how the balance between security, privacy and productivity was tipped this year, and what can we expect to see in 2021 as some, but not all, organizations head back to office work with a post-pandemic mindset.

    The audience will hear from CISOs and Security Directors about how this year was different, what they're going to do differently going forward, and what they expect (or have already seen) as organizations get back to pre-COVID levels.

    Topics covered:
    - 2020 in review
    - The hard lesson that a mobile workforce is not the same as a remote workforce
    - How the attack surface expanded and what CISOs are doing to ensure risk doesn’t expand too
    - How digital transformation sped up and what they meant for security, privacy and productivity
    - During the speedy journey to the cloud - what mistakes were made?
    - Lessons learned that will be carried forward for security teams
    - What CISOs are doing to prepare for whatever 2021 may bring

    - Mark Weatherford, Chief Strategy Officer and Board Member, National Cybersecurity Center
    - Ted Harrington, Executive Partner, Independent Security Evaluators [ISE]

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • To Trust, or Not to Trust the Cloud; That is Your Compliance and Risk Question Dec 9 2020 11:00 am UTC 45 mins
    Niamh Muldoon, Senior Director, Trust and Security, EMEA, OneLogin
    Many organizations struggle with digital transformation and cloud computing particularly when implementing a framework to meet their compliance requirements. In this session, we will discuss a framework and operational approach to support you to move your business forward delivering quality services balancing cost and risk.
  • Protecting Against Public Cloud Data Breaches Using Confidential Computing Dec 8 2020 10:00 pm UTC 60 mins
    Seth Knox, Fortanix | Nelly Porter, Google | Dave Thaler, Microsoft | Mike Bursell, Red Hat | Aeva Black, Microsoft
    Today, data in the public cloud is often encrypted at rest in storage and in transit across the network, but not while in use in memory. Organizations that handle sensitive data such as Personally Identifiable Information (PII), financial data, or health information need to mitigate threats that target the confidentiality and integrity of either the application or the data in system memory.

    In this webinar, experts from the Confidential Computing Consortium (CCC) will define confidential computing, discuss how businesses are using Confidential Computing to protect against data breaches today, and review the ecosystem of solutions and open-source projects available to enable applications to make use of Confidential Computing.

    Key topics covered in the webinar include:
    ● The Confidential Computing definition and comparison to related technologies
    ● Key properties of Trusted Execution Environments (TEEs) to look for
    ● Threats mitigated by Confidential Computing technologies
    ● Utilization paradigms: using application SDKs vs. runtime deployment systems
    ● The ecosystem available to support Confidential Computing application development
    ● Common real-world use cases for Confidential Computing

    Seth Knox, VP of Marketing, Fortanix (Outreach Chair) (Linkedin https://www.linkedin.com/in/sethknox/, twitter @seth_knox)
    Nelly Porter, Lead Product Manager, Google
    Dave Thaler, Software Architect, Microsoft (TAC Chair)
    Mike Bursell, Chief Security Architect, Red Hat
    Aeva Black, Open Source Program Manager, Microsoft
  • Cloud adoption has changed gears; your security needs to do the same Dec 8 2020 6:00 pm UTC 60 mins
    Miguel Carrero, Cybersecurity Executive and Board Member, Siemplify, WireX
    We all know that consumer and businesses are dramatically increasing the consumption of cloud based Information Technologies; either infrastructure, applications, services or even cybersecurity. The move to a cloud-based IT is unstoppable, with another wave of changes coming as 5G becomes more of an actual reality. While we have a new slew of acronyms and technologies coming our way (XDR, NDR, SaSe, etc) many companies struggle to address cloud from a cybersecurity perspective. In this webinar we will address key elements to be taken into consideration:

    - Full understanding on what cloud consumed IT means end to end, specially in the world of hybrid cloud
    - Provide security for the cloud consumed infrastructure, applications and services
    - Keeping a security posture that included traditional and cloud consumed IT. Key priorities and where to start
    - Providing security from the cloud itself
    - What is the role of the big cloud providers (aka AWS, Microsoft and Google) as they doubled down their efforts in cybersecurity
    - Looking ahead. How will (true) 5G impact cloud cybersecurity as the underlying telecommunications industry undergoes a major shift
  • [PANEL] Cloud Security Risks and Solutions Dec 8 2020 4:00 pm UTC 60 mins
    Clarify360 | PerimeterX | Google Cloud | Appgate | Anitian
    In a recent report, the Cloud Security Alliance (CSA) outlined the top 11 threats to cloud computing for 2020. Data breaches, misconfiguration and inadequate change control, a lack of cloud security architecture and strategy, and insufficient identity and access management were among the biggest security challenges for all industries operating in the cloud.

    These issues are not unique to any particular industry, but fortunately, they have common solutions. It’s clear that protecting public cloud assets is key. COVID-19 pandemic was a major accelerant for organizations to quickly move forward with the migration of business infrastructure and applications to the cloud.

    Cloud Controls and Breach Prevention are top of mind for IT leadership and team alike.

    In this panel discussion, we’ll discuss the importance of cloud controls and breach protection during this accelerated move to the cloud

    - What the C Suite Needs to Know about Cloud Security
    - Why Cloud Security is not an IT problem, it’s a business problem
    - The Revenue and Brand ROI of Preventing Data Breaches
    - Real productivity results from correcting misconfiguration and inadequate change control
    - The importance of building a cloud security architecture and strategy
    - Why managing sufficient identity, credential, access, and key policies
    - Cross Training and Upskilling your team

    Moderated by: Jo Peterson, CEO & Co Founder, Clarify360

    Dr. Anton Chuvakin, Head of Solution Strategy, Google Cloud
    Ido Safruti, Co-founder and CTO of PerimeterX
    Tina Gravel, Senior Vice President, Appgate
    Charles Johnson, Cybersecurity Advocate, Anitian
  • Shifting to a holistic cloud security strategy Dec 8 2020 11:00 am UTC 45 mins
    Jeremy Snyder, VP Business/Corporate Development & International Strategy, Rapid7
    As companies gain more cloud maturity, they learn that their 2 core security tool sets for on-premise infrastructure no longer apply. Additionally, they get the most value by changing their operating patterns. In this talk, we’ll talk about lessons learned in embracing cloud-native security practices, and discuss implications for changing tool sets around cloud security.
  • The Corporate Dissolve of Centralized Security Dec 7 2020 11:00 pm UTC 45 mins
    Stan Golubchik, CEO and Founder, ContraForce
    Adopting to Secure the Mobile Workforce

    The shift to a widespread corporate mandate for employees to work from home has dynamically altered the threat landscape and how security applications and integrations are delivered. Data is more pervasive than ever. The expansive footprint of where data is accessed and stored, results in an ever evolving and growing attack surface.
    Our disrupted social normal has created one of the most nourishing environments for adversaries to target with phishing attacks, ransomware, and vulnerability exploits. Nearly 70% of attacks originate from the endpoint due to insufficient visibility, policies, and controls around the mobile work force.

    Are you implementing the proper defense in depth strategy with a Zero-Trust mindset to thwart attacks even at your weakest links? Digital sprawl has reached new heights in this new pandemic world and it’s important we focus on adapting to these new circumstances to keep our businesses safe and the outcomes they provide for social entitlement. Learn how your business can begin to work in a way to reduce operational strain of security and answer the question of how we can effectively secure our employees.
    Attendees will learn the following:
    1. Understand what your attack surface resembles in this current work from home climate.
    2. Identify best practices that can help assess your current security posture and take actionable results to invoke change.
    3. Which technologies can supplement your governance model to secure your business and employees.
  • Closing Cybersecurity Skills Gap with Customized Training and Untapped Talent Dec 7 2020 10:00 pm UTC 60 mins
    Leah McLean | Malcolm Harkins | Mary Chaney | Diana Kelley | Ryan Clarque
    Not a day goes by in the cybersecurity industry without hearing about a talent shortage, skills gap, and necessity for training. A recent survey conducted by the Enterprise Strategy Group (ESG) and the Information Systems Security Association (ISSA) of cybersecurity professionals shows that 70 percent believe their organization has been impacted by the global cybersecurity skills shortage.
    We spent time talking to a number of people from human resources, managers, vendors, universities and end-users to get their perspective on cybersecurity skills, type of roles, and overall business needs.

    We discovered, it’s not just about skills gap, but also the communications gap between what employers think they are looking for and the talent that is available to them. During this discussion, dynamic experts from various organizations will share the following:

    • The needs across the technology vendors and end-user organizations, the education variance, and how to accommodate for the requirements and demands across the entire industry.
    • Most common type of roles to be fulfilled and the drivers behind the role types.
    • How we can make security built into the fabric of our culture, no matter the organization.

    Moderated by:
    Leah McLean, Head of Business Development and Marketing, Cyber Future Foundation

    Malcolm Harkins, Chief Trust Officer, Cymatic
    Mary Chaney, Esq, CISSP, CIPP/US
    Diana Kelley – CTO and Founding Partner, SecurityCurve
    Ryan Clarque, Senior Manager, Global Cybersecurity at Levi Strauss & Co
  • A Muggles Guide to Security In The Cloud Dec 7 2020 1:00 pm UTC 45 mins
    Ell Marquez, Linux and Security Advocate, Intezer
    In the security and technology world, we rely so heavily on buzz words to explain our work that others feel like we are magicians working spells that they will never be able to do.

    Saying, "Due to issues with our security posture, the APT manipulated a well-known CVE to breach our cloud-native-applications." Might as well be: "The Death Eaters were able to use a port key to enter our environment and effectively cast the Avada Kedavra spell."

    Instead, we could say, "An attacker used a known flaw to gain access to our environment and brought down our servers."

    In this session, we will come to understand that security for our cloud environments can be simple to understand, yes even for muggles. That is, if we focus on the root cause of all cyber attacks: unauthorized spells, wait, I mean unauthorized code.
  • How Video Analytics is Changing the Way We Store Video Dec 2 2020 6:00 pm UTC 75 mins
    Kevin Cone, Intel; Glyn Bowden, HPE; Jim Fister, The Decision Place
    There is a new wave of cognitive services based on video and image analytics, leveraging the latest in machine learning and deep learning. In this webcast, we will look at some of the benefits and factors driving this adoption, as well as explore compelling projects and required components for a successful video-based cognitive service. This includes some great work in the open source community to provide methods and frameworks, some standards that are being worked on to unify the ecosystem and allow interoperability with models and architectures. Finally, we’ll cover the data required to train such models, the data source and how it needs to be treated.

    However, there are challenges in how we do this. Many archives were analog and tape based which doesn’t stand up well to mass ingestion or the back and forth of training algorithms. How can we start to define new architectures and leverage the right medium to make our archives accessible whilst still focusing on performance at the point of capture?

    We will discuss:

    •New and interesting use cases driving adoption of video analytics as a cognitive service
    •Work in the open source arena on new frameworks and standards
    •Modernizing archives to enable training and refinement at will
    •Security and governance where personal identifiable information and privacy become a concern
    •Plugging into the rest of the ecosystem to build rich, video centric experiences for operations staff and consumers
  • Cybersecurity and Elections – Past, Present, and Future Dec 1 2020 5:00 pm UTC 60 mins
    Dan Lohrmann | Earl Duby | Joseph Carson
    The 2020 elections in the U.S. have been historic in numerous ways. With more email-in voting than ever before and very close results for the U.S. President and Congressional races, there is plenty to discuss about security.

    Was there voter fraud? Were the people, process and technology changes sufficient in states? How can we rebuild trust in elections? What is the future of voting in America?

    Join us for this interactive discussion with audience Q/A.

    This panel is part of the CISO Insights original series on BrightTALK with hosts Dan Lohrmann & Earl Duby. We encourage audience questions and participation.
  • Data Breach – Tools and tips for managing a cyber attack Recorded: Nov 26 2020 45 mins
    Paul Benedek, Consultant Director, Excis Networks Ltd and Bernadette Tyson, Consultant Director, Excis Networks Ltd
    Every day we see news of cyber-attacks. We get the impression that they may only be affecting
    larger companies, but this is far from the truth. In fact, the statistics clearly show that smaller
    companies are also being targeted. Cyber-attacks are not diminishing, and sadly whatever the size of
    your company, you are a target in today’s connected world. But despite this, many businesses are
    not prepared, technically or operationally to deal with the impact of cyber-attacks made against

    In this talk we look at the steps that all companies, small or large can take to mitigate and deal with
    cyber-attacks, as well as incident response and the human elements that feature in an attack. We
    also cover the key areas of cyber breach management and examine it from an attacker,
    organisational and customer perspective, revealing the impact not only your organisation but to
    others in your value chain.
  • 5 Reasons CISOs are Turning to Security-as-a-Service Recorded: Nov 26 2020 61 mins
    Jo Peterson, Clarify 360; Dan Bowden, Sentara Healthcare; Tyler Cohen Wood, Private Consultant; Mark Lynd, NETSYNC
    The global security as a service market size is expected to grow from USD 11.1 billion in 2020 to USD 26.4 billion by 2025, at a Compound Annual Growth Rate (CAGR) of 18.9% during that time period. Driven by a cloud-based delivery model, options abound for organizations in areas such as application security, data security, identity and access management, infrastructure protection and integrated risk management to name a few. These options include off the shelf security as a service products as well as those provided and managed by an MSSP.

    In today’s session we’ll explore these 5 key points:
    1. Security budgets and priorities in a post Covid-19 world
    2. When to outsource
    3. Selecting an MSSP
    4. Tools, Tools and More Tools
    5. Upskilling your team
  • Cyber Threats in 2021: Real impact of COVID on Cyber Security Recorded: Nov 26 2020 33 mins
    Himanshu Dubey, Director of Security Labs and Harshad Bhujbal, Technical Architect, Quick Heal Technologies Ltd.
    2020 has seen many Cyber Attacks using the COVID-19 pandemic as the central theme. For most
    part though these have been the same attacks that have existed since the last few years; just
    the packaging was changed.

    We expect the real cyber security repercussions of changes brought in by the COVID-19
    pandemic to be felt in 2021. In this talk we explore what the repercussions might be and what we
    can do to prepare and protect ourselves against them.

    We will cover:
    - Major Cyber Attack trends of 2020
    - What can be expected to continue in 2021
    - Potential repercussions of COVID-19 induced changes and new attack types in 2021
  • I've Been Hit By Ransomware: Now What? Recorded: Nov 26 2020 44 mins
    Mark D Rasch, Chief Legal Officer, Unit221B
    This session will focus on specific technical, legal and policy responses to ransomware attacks.

    Join to learn more about:
    * History of Ransomware
    * Most common forms of Ransomware
    * Costs of Ransomware and Mitigation
    * Ransomware Insurance
    * Ransomware prevention
    * Ransomware training and education
    * Legal Issues in Ransomware Payment (with October 2020 developments)
    * Ransomware mitigation
    * Threat intelligence and investigation in ransomware cases
    * Ransomware inoculation
    * Disaster recovery in ransomware
  • CYA Toolkit for CISOs Recorded: Nov 26 2020 45 mins
    Michael Brooks, vCISO, Abacode Inc
    Perhaps you are like the 200 CISOs who shared their insights in the security leaders report, which revealed that organizations are using 57 separate security tools with 27% claiming they’re running a staggering 76 or more security products.

    These tools aren’t necessarily making your organization less vulnerable. In fact, many organizations find that they’re often flying blind when it comes to security.

    Join this session to learn:
    • Valuable techniques to optimize your cyber spend and offer risk balanced, cost effective security solutions for your organization
    • Key insights into the decision-making process to gain better visibility and control over your assets, attack surface and cyber defense posture
    • How to clearly define the business requirements and control objectives that should be driving your solution options and purchasing decision that will drive the most attractive ROI for your business and stakeholders
  • Key Strategies to Reduce your Attack Surface in 2021 Recorded: Nov 26 2020 50 mins
    Sushila Nair, VP Security Services, Chief Digital Office and Brandon Swain, NTT DATA
    The year 2020 has accelerated organizations' digital transformations, particularly cloud migrations and the development of remote work capabilities. This rapid change has drastically altered the way that we work and consume data--creating exciting new paradigms, but also bringing new risks along with it. This session will analyze the security breaches that have occurred so far in 2020, and will discuss what defenses would have been vital for the prevention of these attacks. We’ll examine which security projects should be the “tip of the spear” in 2021 to help you reduce your attack surface, as well as look to the future to predict how the attack landscape may continue to change.

    Sushila Nair is on the board of the GWDC, the Greater Washington, D.C. Chapter of ISACA and plays an active role in supporting best practices and skills development within the cybersecurity community.

    Sushila has worked as a Chief Information Security Officer for ten years and has twenty years’ experience in computing infrastructure, business and security. Sushila has consulted in many diverse areas including telecommunications, risk analysis, credit card fraud, and has served as a legal expert witness. She has worked with the insurance industry in Europe and America on methods of underwriting e-risk insurance based on ISO27001.

    She has published numerous articles in the computing press on risk and security, and has spoken at Segurinfo, CACS, TechMentor, FinSec and many other global technical events on diverse subjects ranging from managing risk to designing security baselines.
  • Election Recap & Cybersecurity Lessons Learned Recorded: Nov 19 2020 49 mins
    David Morris | Lee Imrey | Mick Baccio | Harrison Morris
    The 2020 U.S. presidential election has brought cyber security to the forefront for many in the U.S.

    From shedding light on disinformation campaigns aimed at disrupting the election, to testing voting machines and pentesting online voting apps, to raising awareness around the risk of ransomware and other attacks to local governments, voter registration databases, poll books and election reporting websites - security researchers and practitioners have been raising red flags throughout the election cycle.

    Join this episode of the Election Hacking series to learn about:
    - The 2020 election takeaways from a cybersecurity viewpoint: What went down, what could have gone better and how to better prepare for the midterm election in 2022
    - What the biggest election threats mean for your industry and organization
    - What have we learned and will it change anything in time for 2022
    - Post-election cybersecurity lessons for tech leaders

    - Lee Imrey, Security Strategist at Splunk
    - Harrison Morris, PhD Candidate Georgia Tech researching the intersection of Cybersecurity and Cognitive & Brain Sciences
    - Mick Baccio, Security Advisor, Splunk

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • Compute Everywhere: How Storage and Networking Expand the Compute Continuum Recorded: Nov 17 2020 61 mins
    Jim Fister, SNIA CMSI/CSTI, Steve Adams, Intel: Chipalo Street, Microsoft; Eli Tiomkin, NGD Systems
    In modern analytics deployments, latency is the fatal flaw that limits the efficacy of the overall system.  Solutions move at the speed of decision, and microseconds could mean the difference between success and failure against competitive offerings.  Artificial Intelligence, Machine Learning, and In-Memory Analytics solutions have significantly reduced latency, but the sheer volume of data and its potential broad distribution across the globe prevents a single analytics node from efficiently harvesting and processing data.

    This panel discussion will feature industry experts discussing the different approaches to distributed analytics in the network and storage nodes.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Framework to Evaluate Your BCDR Plans
  • Live at: Jan 13 2011 5:00 pm
  • Presented by: Shankar Swaroop, Director of BCDR, NEXCOM
  • From:
Your email has been sent.
or close