Hi [[ session.user.profile.firstName ]]

Fallout from Cloudbleed: Protecting Yourself and Your Organization

Cloudbleed shocked the world as one of the most widespread vulnerabilities to affect cloud services. 99.7 percent of companies have at least one employee who used a CloudBleed vulnerable cloud application, meaning hackers could have stolen user passwords and potentially corporate data.

Attend this webinar to find out the extent of Cloudbleed’s impact and how to limit the risk to yourself and your organization. The session will cover the following topics:

· How did the vulnerability function and what is the risk to organizations?
· What cloud services were affected and how did enterprise applications fare?
· How can IT security teams put together an action plan to respond to Cloudbleed?
· How can organizations proactively protect themselves from future cloud vulnerabilities?

About the Presenter:
Kaushik Narayan is the CTO at Skyhigh Networks, where he is responsible for Skyhigh’s technology vision and software architecture. He brings over 18 years of experience driving technology and architecture strategy for enterprise-class products.
Recorded Mar 8 2017 40 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Kaushik Narayan, CTO at Skyhigh Networks
Presentation preview: Fallout from Cloudbleed: Protecting Yourself and Your Organization

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Security on a Shoestring Oct 14 2021 1:30 am UTC 45 mins
    Ashwin Pal | Director Cybersecurity | Unisys Asia Pacific
    It is now widely known that SMBs are a key target for cyber criminals. They are now seen as the ‘low hanging fruit’ as SMBs generally cannot afford the same investment in cyber security initiatives when compared to larger firms. Unfortunately, as far as the cyber criminals are concerned, anyone on the internet is fair game. Unlike their larger counterparts, a cyber attack on an SMB can be very debilitating and can even cause the business to shut down. SMBs face their own unique challenges when it comes to defending against cyber-attacks. Within this presentation, you will hear about how the Invictus Games in Sydney in 2019 was secured using minimal funding and time as a case study. We will then explore some of the unique challenges faced by SMBs when it comes to cyber security. We will look at how focusing on your core business and risk management helps direct efforts to the right places in a cost effective manner. We will then explore what a typical attack looks like and discuss the basics that need to be covered to provide an SMB with an ability to defend itself from cyber-attacks while avoiding overspend.
  • Protecting Critical Web APIs: Evolution of Attack Vectors & Defense Strategies Jul 15 2021 9:00 pm UTC 45 mins
    David Senecal, Sr. Director of Product Architecture & Research | Spandan Brahmbhatt, Sr. Data Scientist, Arkose Labs
    Web APIs that handle critical workflows like login or new accounts creation are constant targets of attacks. Web site owners need to protect these endpoints in order to prevent account takeover as well as the proliferation of fake accounts.

    In this presentation, we’ll look through real examples at how attackers evolve their strategies as soon as protections are in place. We’ll also provide some insights into the most effective detection methods in order to counter the evolution and to stay ahead.

    And finally, we’ll discuss how the evolution of the Internet ecosystem is affecting the web security world and make the task more complex.
  • Comprehensive Cloud Migration: Making Cloud SecOps a Success Jul 15 2021 1:00 pm UTC 60 mins
    Panelists to be confirmed
    Cloud migration has been a focus for many enterprises over the last few years, and this has only been accelerated and driven by the move to remote working and work from anywhere. According to Deloitte, more than 90% of global enterprises will rely on hybrid cloud by 2022. While cloud migration is increasing, the threat landscape is too, which is why cloud SecOps should be an organisational priority.

    Join security experts in this interactive panel as they discuss:
    - How the pandemic impacted the rate of cloud migration
    - Whether cloud migration was done properly during the pandemic or if it was rushed, and the impact of this on your security posture
    - How cloud SecOps can improve response time and mitigation
    - The future of cloud migration
    - Cloud SecOps best practices
  • The Future of IT Security: Best Practices for Adopting SASE Jul 15 2021 10:30 am UTC 60 mins
    Panelists to be confirmed
    SASE, or Secure Access Service Edge, is growing in popularity at a rate few had anticipated. According to Gartner, 40% of enterprises will consider SASE adoption by 2024, compared with only 1% in 2018. But what can SASE do for your network security that other network security solutions can’t, and what does the future of SASE look like?

    Join security experts as they discuss:
    - Why SASE has exploded in the network security space
    - SASE adoption best practices
    - Why private VPN technology is no longer sufficient
    - What SASE looks like in 2021
    - Whether SASE is here to stay, and if it truly is the ‘future of network security’
  • Cyber Authors Ep.5: Big Breaches: Cybersecurity Lessons for Everyone Jul 14 2021 5:00 pm UTC 60 mins
    Neil Daswani President of Daswani Enterprises | Sushila Nair VP Security Services NTT DATA
    The cybersecurity industry has seen an investment of over $45 billion in the past 15 years. Hundreds of thousands of jobs in the field remain unfilled amid breach after breach, and the problem has come to a head. It is time for everyone―not just techies―to become informed and empowered on the subject of cybersecurity.

    Knowing this, author Dr. Neil Daswani covers some of the largest security breaches and the technical topics behind them such as phishing, malware, third-party compromise, software vulnerabilities, and unencrypted data in his latest book, Big Breaches: Cybersecurity Lessons for Everyone.

    In this session, Neil Daswani is joined by Sushila Nair where they’ll discuss:
    - Effective prevention and detection countermeasures
    - Meta-level causes of breaches
    - Crucial habits for optimal security in your organization
    - and much more!

    Whether you are seeking to implement a stronger foundation of cybersecurity within your organization or you are an individual who wants to learn the basics, this webinar will answer your questions and prepare you for the future of cyber security.

    This episode is part of Cyber Authors, a new series with Sushila Nair. We welcome viewer participation and questions during this interactive interview.
  • Securing What’s Next: Exploring CISO Trends and Insights Jul 14 2021 1:00 pm UTC 60 mins
    Panelists to be confirmed
    Today’s CISO faces very different operational challenges than ever before. From securing remote workers and ensuring secure remote access, to navigating returns to the office and the onset of the hybrid-workforce. Other challenges include vendor consolidation. Gartner found that 78% of CISOs have 16 or more tools in their cybersecurity vendor portfolio, and too many vendors result in complicated security operations. But what are the main problems faced by CISOs today, and what tools are needed to navigate risks?

    Join security experts across the industry as they discuss:
    - How the pandemic shifted security operations
    - Securing the hybrid workforce
    - Vendor consolidation, and the ramifications of too many vendors
    - Identity-first security
    - What the next year has in store for security professionals
  • Arming Against Phishing, Ransomware & Social Engineering: A Modern Approach Jul 14 2021 10:30 am UTC 60 mins
    Panelists to be confirmed
    Cyber threats like phishing, ransomware and social engineering are more prominent today than ever before. In fact, 75% of organisations around the world experienced some form of phishing attack in 2020 (Proofpoint). But what is causing this increase, and what does 2021 hold in store for cyber crime?

    Join this interactive panel as security experts discuss:
    - The most imminent threats facing organisations worldwide
    - Why cyber attacks increased throughout 2020, and what to expect in 2021
    - Lessons from cyber attacks, and how to integrate these learnings into your security solutions
    - Best practices in the workplace to improve cyber security
  • Rethinking DevSecOps in 2021 Jul 13 2021 1:00 pm UTC 60 mins
    Panelists to be confirmed
    While in the past, security was isolated to your security team, in the era of collaboration, security operations are now a shared responsibility. DevSecOps represents a huge area of corporate change, both culturally and to your infrastructure - a change that not all businesses are prepared to make. But if the pandemic and the events of the last year have taught us anything, it’s that we should always be prepared for change.

    Join this panel as industry experts discuss:
    - Key principles and best practices for integrating security into your DevOps teams
    - The future of DevSecOps, and why it’s more important now than ever before
    - The trends and challenges faced by DevSecOps leaders
    - How to initiate and support a cultural change within your DevOps teams
    - Where DevOps and security overlap, and how to find a common goal
    - Recommendations for improving your security posture in 2021
  • Managing Multi-Cloud Security in 2021 Jul 13 2021 8:30 am UTC 60 mins
    Panelists to be confirmed
    93% of enterprises already have a multi-cloud strategy in place (Flexera 2020 State of Cloud Report). Multi-cloud security protects data and applications from advanced, sophisticated security threats. Some other benefits include reduced costs and better service delivery. But what are the main multi-cloud security trends you can expect to see in 2021?

    Join cloud and security leaders as they discuss:
    - The benefits of multi-cloud solutions for your security posture
    - The challenges associated with a multi-cloud strategy and how to navigate and overcome these challenges
    - The cloud security landscape of 2021
  • Federated Learning and Preserving Data Privacy Jun 23 2021 4:00 pm UTC 60 mins
    Eric Topham, The Data Analysis Bureau | Dr. Pedro Baiz, Imperial College London | Max Robbins, AI Market
    Businesses rely on AI models that transform data into actionable insights. Traditional methods for creating AI models require a lot of data that is collected at some central location. Federated Learning (FL), however, takes a different approach by turning the centralised paradigm on its head and moving models or functions to be executed to where the data is.

    As a distributed process that does not require a single depository of data and where different parties can train an AI model without having to share the data, FL can be used in situations where data privacy is paramount.

    This paradigm shift is also creating new opportunities to democratize AI, which has the potential to transform the data economy.

    Join this month's episode of the Business Intelligence Report with Eric Topham, Co-Founder & Data Science Director at The Data Analysis Bureau, to learn more about how FL works and what opportunities it creates for consumers and enterprises.

    Viewers will also hear from the experts about the different use cases for federated learning, especially in the context of customer privacy, regulatory compliance, and integrating siloed data. The topics up for discussion will include:
    - The emergence of FL
    - FL, the democratization of data and what this means for Big Tech
    - How FL can be used as a privacy-preserving technology
    - Business use cases for FL
    - How FL can be part of your data strategy

    - Dr. Pedro Baiz, Royal Society Entrepreneur in Residence, AESE: Adaptive Emergent Systems Engineering Group, Department of Computing at Imperial College London
    - Max Robbins, CEO of AI Market

    This episode is part of The Business Intelligence Report original series with Eric Topham, Co-Founder & Data Science Director at The Data Analysis Bureau. We welcome viewer participation and questions during this interactive panel session.
  • Managing Cloud Risk and Security in 2021 Jun 17 2021 3:00 pm UTC 60 mins
    Jo Peterson, Clarify360 | Nicolas Moy, Fairway Independent Mortgage | Further panelists to be announced
    Cloud adoption is skyrocketing. The Hyperscale providers are reporting double digit increases in revenues. Cloud can be more secure than on premises environments, but the optimal word is can. Cloud security is a shared responsibility model. How business approach their part of the security, management and oversight of cloud is a critical part of the success puzzle.

    In this session we’ll explore:

    • Biggest Cloud Security Challenges of 2021
    • Adopting a Risk Management Framework
    • A life cycle approach that includes Security by Design and Privacy by Design
    • Regulatory considerations and cloud privacy
    • Tools that can help

    Jo Peterson, Vice President, Cloud & Security Services, Clarify360)
    Nicolas Moy, VP Security Engineering, Fairway Independent Mortgage
  • Adopting Cloud? Learn how to manage your Cyber Risks Jun 17 2021 7:00 am UTC 45 mins
    Srinath Vangari, Project Manager | Himanshu Dubey, Director, Engineering, Security Labs
    Cloud adoption has witnessed exponential growth over the past few years. It provides many advantages for both individuals and organizations. However, at the same time, many new cyber security risks have arisen due to this rapid growth of cloud adoption. A conventional risk management framework does not fit well with cloud applications, as those frameworks were designed for applications running in traditional on prem environments.

    In this presentation we will discuss:

    • New cyber risks that organizations are exposed to when they adopt cloud.
    • Impact of Cloud breaches.
    • Techniques used by attackers to breach cloud deployment.
    • A framework for Cloud Risk Management.
  • Zero Trust for the New Normal Jun 16 2021 4:00 pm UTC 60 mins
    Diana Kelley, SecurityCurve | Mari Galloway, Women's Society of Cyberjutsu | Jonathan Nguyen Duy, Fortinet
    Working remotely has become the new normal. This, and many other changes organizations adopted last year in response to the pandemic are likely to stay for the long term. According to Gallup, about two-thirds of U.S. remote workers want to continue to work remotely. So, how can organizations continue to support their growing distributed workforce at a time where reports of security threats have increased by 400% compared to pre-pandemic levels? 

    Here is where the zero-trust approach to security comes into play. 

    Join this month's episode of The (Security) Balancing Act with Diana Kelley and guests as they discuss the emergence of zero trust (“Trust Nothing, Verify Everything”) and what it helps achieve for enterprises in the age of cloud and remote work.

    Viewers will learn about:
    - The evolution of the security perimeter and the shift to zero trust
    - Why zero trust is an approach and not a product
    - Zero Trust Network Access (ZTA) vs. corporate VPN
    - Real-world stories and practical hands-on guidance from people who have deployed a ZTA

    - Mari Galloway, CEO, Women's Society of Cyberjutsu
    - Jonathan Nguyen Duy, Vice President, Global Field CISO Team, Fortinet
    - Other Panellist TBA

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Endpoint Security in the Remote and Hybrid Workplace Jun 15 2021 3:00 pm UTC 60 mins
    Panelists to be announced shortly
    Endpoint security remains a major challenge for organizations, and in November 2020, Cybersecurity Ventures predicted that global cybercrime costs will reach $10.5 trillion USD a year by 2025. That’s more than triple the amount that it was in 2015. With remote working still very much the norm, and hybrid workforces emerging, it is becoming increasingly difficult to keep track of multiple endpoints and the risk they carry.

    With the threatscape continuing to evolve and cyber attacks becoming even more sophisticated, experts are here to share how security leaders can take the complication out of endpoint security.

    Join us to learn:
    - Common endpoint threats from the first half of 2021
    - Emerging endpoint threats and what to prepare for going forward
    - Leading endpoint protection strategies and how they can be integrated into your existing security solutions
    - And more
  • How to WOW Submission Reviewers with a Stellar Proposal Jun 9 2021 6:00 pm UTC 60 mins
    Diana Kelley, Alyssa Miller, Chloe Messaghi, Tennisha Martin
    So you want to showcase your skills and speak at a technical conference? Great. Your voice matters. Conference organizers highly value new voices, and they are always on the lookout for ways to bring more talent to the stage. The good news is that there are opportunities abound and by submitting to conferences, you're honing in on your expertise, experience and knowledge, creating the most stellar of proposals. Join us for an honest discussion of cybersecurity industry influencers who weren't always used to being accepted when they initially submitted for speaking opportunities. They will share their stories of how they transformed every "no" into a "YES"!
  • A Day in the life of SOC: Woman’s Perspective Jun 3 2021 6:00 pm UTC 60 mins
    Amina Aggarwal (Workday)
    A security operations center (SOC) is a dedicated site where enterprise information systems (web sites, applications, databases, data centers and servers, networks, desktops and other endpoints) are monitored, assessed, and defended by a team of information security professionals.

    This session will give you insight of a SOC from a woman's perspective. You will be taken through some of the challenges faced by many of us today while working in a male dominated field. By the end of this webinar, you will have learned about the day-to-day activities in a SOC, how to manage your work-life balance, and how to acquire the skills that will help you grow in this field.
  • Breach Detection and Response in the era of Supply Chain Attacks Recorded: May 13 2021 60 mins
    Sunil Sharma Director of Cyber Defense, Help AG
    SolarWinds Cyberattack came as a wake-up call to many. An attack that most cyber-aware /savvy organizations could not detect for many months. It is a reminder of how an interconnected world can impact us all in a short time.
    Join Sunil Sharma, Director of Cyber Defense for Middle East’s leading provider of strategic consultancy and tailored information security solutions and services company, Help AG, the cybersecurity arm of Etisalat, to discuss supply chain attacks, techniques, and tactics used by advisories to execute such attacks and strategies to detect and respond to supply chain attacks.
  • Cyber Authors Ep.4: Stopping Losses from Accidental and Malicious Actions Recorded: May 12 2021 52 mins
    Ira Winkler President at Secure Mentem | Sushila Nair VP Security Services at NTT DATA
    As users cost organizations billions of dollars due to simple errors or malicious actions, organizations believe that they have to improve their awareness efforts to make more secure users. The reality is that it takes a multilayered approach that acknowledges that users will inevitably make mistakes or have malicious intent, and the failure is in not planning for that.

    Using lessons from tested and proven disciplines like military kill-chain analysis, counterterrorism analysis, industrial safety programs, and more, join Sushila Nair with author Ira Winkler on how to determine the appropriate countermeasures to implement and prevent cybersecurity breaches and other user-initiated losses. Join now and learn how to:

    -Minimize business losses associated with user failings
    -Proactively plan to prevent and mitigate data breaches
    -Optimize your security spending
    -Cost justify your security and loss reduction efforts
    -Improve your organization’s culture

    Business technology and security professionals will benefit from the information provided by these two well-known and influential cybersecurity speakers and experts.

    This episode is part of Cyber Authors, a new series with Sushila Nair. We welcome viewer participation and questions during this interactive interview.
  • Threat Modeling with the VERIS A4 Threat Model Recorded: May 12 2021 45 mins
    John Grim, Head (Distinguished Architect) | Research, Development, Innovation Verizon Threat Research Advisory Center
    VERIS, the Vocabulary for Event Recording and Incident Sharing, is a set of metrics designed to provide a common language for describing cybersecurity incidents (and data breaches) in a structured and repeatable manner. VERIS provides cyber defenders and intelligence practitioners with the ability to collect and share useful incident-related information - anonymously and responsibly – with others.

    VERIS underpins the annual Data Breach Investigations Report. VERIS and its A4 Threat Model – Actors, Actions, Assets, Attributes – help codify incident-related information for threat modeling, intelligence analysis, breach mitigation, and detection / response improvement.

    Key takeaways for this session include:
    • Understanding cybersecurity incidents through the VERIS lens
    • Recognizing the VERIS A4 Threat Model: Actors, Actions, Assets, Attributes
    • Getting started in Threat Modeling with VERIS
  • Ransomware in the Remote Work Era Recorded: May 12 2021 61 mins
    Diana Kelley, SecurityCurve | Nicole Hoffman, GroupSense | Courtney Radke, Fortinet | Patrick Lee, Rapid7
    Phishing and ransomware attacks continue to rise, according to Proofpoint’s State of the Phish report for 2020. Organizations in the U.S. are at risk, the increase in remote work due to the pandemic has fueled a spike in attacks, and phishing attempts are up by 14 percent compared to the previous year.

    Email continues to be the number 1 delivery vehicle, but other social engineering schemes that rely on social media, voicemail (“vishing"), SMS phishing (“smishing”), and malicious USB drops are also of concern for organizations. Ransom demands are also on the rise, but according to the report, paying the ransom is not guaranteed to work as many companies that paid the ransom failed to receive a decryption key.

    Join this month's episode of The (Security) Balancing Act as Diana Kelley and guests discuss why ransomware is surging again, which sectors are most at risk, the threat to enterprises and how it is being used for more than just ransom (ex: distractionware, destructionware, etc).
    - The rise in ransomware under the cloak of the pandemic
    - Why email continues to be the channel of choice
    - The difference between fully automated and human-operated campaigns
    - How to decide whether or not to pay or not to pay the ransom
    - Why your backups may not be immune to ransomware
    - Addressing the threat with best practices

    - Nicole Hoffman, Intelligence Analyst, GroupSense
    - Courtney Radke, CISO for National Retail, Fortinet
    - Patrick Lee, Senior Incident Response Consultant, Rapid7

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Fallout from Cloudbleed: Protecting Yourself and Your Organization
  • Live at: Mar 8 2017 7:00 pm
  • Presented by: Kaushik Narayan, CTO at Skyhigh Networks
  • From:
Your email has been sent.
or close