Hi [[ session.user.profile.firstName ]]

The Role of PCI in a Security Strategy

Following multiple data breaches at “PCI Compliant” organizations, there has arisen a chorus of voices who are discovering that complying with PCI does not make an organization secure. This, while not a surprise to anyone who has either looked at PCI or worked in security, is evidently news enough to begin to call into question the utility of PCI, and of complying with its dictates. Listen as Jack Danahy, Founder and CTO of Ounce Labs, discusses the ways in which the PCI Data Security Standard and PCI compliance can form an important track of a solid security strategy, can provide cautions about common pitfalls, and can engender some critical thinking needed to secure critical data. PCI compliance alone is not a security strategy, but it is certainly a useful step along the way.
Recorded Apr 16 2009 46 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jack Danahy, Founder and CTO of Ounce Labs
Presentation preview: The Role of PCI in a Security Strategy

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • [PANEL] IoT Security Strategy Best Practices Jun 10 2019 3:00 pm UTC 60 mins
    Deral Heiland, Rapid7 | Further Panelists to be announced
    As the world becomes increasingly connected, we have become more vulnerable to IoT threats and attacks. Having a comprehensive and strong security strategy in place is vital to organisational success.

    Join this exclusive panel of industry experts as they discuss:
    -Trends in cyber-attacks and breaches affecting the IoT
    -How to proactively prevent breaches and attacks
    -New in IoT Security
    -Security Strategy recommendations for CISOs

    Panelist confirmed:
    Deral Heiland, IoT Research Lead, Rapid7
  • Proving You Are Secure in the Age of IoT Jun 10 2019 10:00 am UTC 45 mins
    Ian Smith, IoT Security Lead, GSMA
    This session will explain how the world’s leading mobile operators are using the GSMA’s IoT security guidelines and assessment process to deliver trusted and robust IoT products and services to their partners and customers.

    The presentation will explain the commercial benefits and long-term value that was realised by following industry best practices, and how IoT companies can overcome security challenges themselves to implement new processes and address IoT security concerns.
  • Thrill of the Hunt: My Leap into Bug Bounties Jun 8 2019 5:00 pm UTC 30 mins
    Jasmine Jackson, Bug bounty hunter and cool nerd
    Bug bounty hunter and cool nerd, Jasmine Jackson will kick off our newest webinar series #SheSpeaksTech with a short talk on " Thrill of the Hunt: My Leap into Bug Bounties.

    Join this webinar series for a quick starter talk with women in cybersecurity. Each webinar will explore a new tech topic by a newbie speaker. She will deliver the first 20 minutes of her 1 hour talk and open to feedback on topic, delivery and tips. Check out (https://womenscyberjutsu.org/page/SHESPEAKSTECH) for more on SheSpeakTech or to register for your 30 minutes to shine.
  • Ask the AppSec Expert: How to Secure the Applications you Build, Buy & Manage Jun 6 2019 2:30 pm UTC 30 mins
    Paul Farrington, Veracode | Yotam Gutman, Cybersecurity Marketing Community
    Tomorrow's businesses need a simpler and more scalable way to increase the resiliency of global application infrastructure, without slowing innovation, today.

    Join this interactive 1-2-1 discussion where EMEA Chief Technology Officer, Paul Farrington (CISSP, MBCS) will share how leading businesses are;

    - Improving the level of security awareness and addressing the skills deficit
    - Enabling developers to fix flaws and prevent new ones
    - Prioritising and triaging the most exploitable flaws
    - Automating application security
    - Providing software development leaders with really useful security metrics
    - Incentivising secure development as part of their culture

    This session will show you how architects and developers are making smarter choices in designing secure software. You will also learn how to report success, and investment justification, to the board whilst setting realistic expectations throughout the software development lifecycle and not just at the destination.
  • Livestream Video - Proactive Data Privacy and Security Jun 6 2019 1:00 pm UTC 45 mins
    Steve Wright, Bank of England | Christian Toon, Pinsent Masons | Ilias Chantzos, Symantec | Allan Boardman, ISACA
    How can enterprises shift from a reactive approach to privacy and data security to being proactive and closer to privacy-and-security-by-design? Join this panel of experts to get the answer to all of your privacy, security and compliance questions.

    Viewers can learn more about:
    - Effect of GDPR: One year later
    - How are enterprises instituting changes to achieve and maintain compliance
    - Challenges to achieving compliance in an IoT world
    - How to bake privacy and security into your processes
    - Best practices for data protection and privacy from the ground up

    Christian Toon, CISO, Pinsent Masons
    Steve Wright, CISO & GDPR Advisor, Bank of England
    Ilias Chantzos, Senior Director, Government Affairs, Symantec

    Moderated by Allan Boardman, CGEIT Certification Committee Member, ISACA
  • Livestream Video - Application Security in a DevOps World Jun 6 2019 10:30 am UTC 45 mins
    Moshe Lerner, Checkmarx | Paul Farrington, Veracode | Yotam Gutman
    With today's enterprises leveraging around 1000 applications and multiple clouds, application security is becoming a key area of focus. Application security testing is being integrated into the DevOps process early on, while automation, speed and coverage and becoming critical to the success of DevSecOps programs.

    Join this interactive panel of industry experts to learn more about:
    - Why application security is critical
    - Key principles for building application security into DevOps
    - Best practices for leveraging automation
    - Speed vs Security: Where do you draw the line?
    - Recommendations for improving security in 2019

    Paul Farrington, EMEA CTO, Veracode
    Moshe Lerner, SVP Product Strategy & Corporate Development, Checkmarx

    Moderated by Yotam Gutman, Founder & Community Manager, Cybersecurity Marketing Community
  • Ask the DevSecOps Expert: Software Security in DevOps & CI Environments Jun 6 2019 9:30 am UTC 30 mins
    Moshe Lerner, Checkmarx | Yotam Gutman, Cybersecurity Marketing Community
    The increased complexity of software and the need to keep up with fast-paced release cycles create new types of risk in the form of Software Exposure.

    Join this interactive 1-2-1 discussion where product strategist and industry expert, Moshe Lerner will share insights including;

    - Why you should consider software security as non-functional issue?
    - What are the key challenges for managing software security in general and in DevOps environments?
    - Best of breed vs Best of suite – Which is the right approach?
    - The difference between interactive application security testing (IAST) and dynamic application security testing (DAST)? Can IAST replace DAST?
    - How to manage and reduce application security risk at scale

    Moderated by Yotam Gutman, Founder & Community Manager, Cybersecurity Marketing Community
  • Ask the Security Expert: How to Protect your Business in the Cloud Jun 5 2019 2:30 pm UTC 30 mins
    Carl Leonard, Forcepoint | Raef Meeuwisse, ISACA Expert Speaker
    Cloud security is a key challenge for today's data-driven businesses.

    Join this interactive 1-2-1 discussion where Principal Security Analyst, Carl Leonard will share insights on;

    - What are the top cyber threats and trends to look out for in 2019?
    - Why are businesses continuing to suffer data breaches?
    - How are businesses securing themselves as they embrace digital transformation?
    - What is secure SD-WAN? Why is it increasingly important to businesses with distributed office locations?
    - What are the most important security solutions for businesses wishing to safely adopt cloud services?

    Moderated by Raef Meeuwisse, ISACA Expert Speaker and co-author of "How to Hack a Human: Cybersecurity for the Mind"
  • Livestream Video - Protecting Against Phishing, Ransomware & Social Engineering Jun 5 2019 1:00 pm UTC 45 mins
    Raef Meeuwisse | Carl Leonard, Forcepoint | John Scott, Bank of England | Adenike Cosgrove, Proofpoint | Richard Agne, Code42
    External and internal threats continue to pose a challenge for security professionals worldwide. How are businesses preparing against attacks like phishing, ransomware, and social engineering?

    Join security experts from the industry to learn more about:
    - The most prevailing cyber threats businesses face in 2019
    - Lessons from cyber attacks and strategies for protecting against them
    - Solutions for faster breach detection and response
    - Why network visibility is key
    - Recommendations for improving enterprise security

    Richard Agnew, VP EMEA, Code42
    Carl Leonard, Principal Security Analyst, Forcepoint
    John Scott, Head of Information Security, Bank of England
    Adenike Cosgrove, Cybersecurity Strategist, Proofpoint

    Moderated by Raef Meeuwisse, ISACA Expert Speaker and co-author of "How to Hack a Human: Cybersecurity for the Mind"
  • Livestream Video - CISO Challenges and How to Solve Them Jun 5 2019 10:30 am UTC 45 mins
    Darren Thomson, Symantec | David Boda, Camelot Group | George Patsis, Obrela Security Industries | Martin Mackay, Proofpoint
    Today's CISO faces a myriad of challenges when it comes to securing the enterprise. From budgetary concerns and vendor confusion to dealing with the chronic lack of cyber talent, to addressing the disappearing security perimeter, CISOs are looking for ways to automate security operations and leverage AI to do more with existing teams and fewer tools.

    Join security experts across the industry for an interactive discussion on:
    - What keeps CISOs up at night
    - Strategies for breach prevention
    - Strategies for making the most of AI technology and human talent
    - Coping with analyst fatigue
    - Threats on the horizon
    - Recommendations for strengthening security

    David Boda, CISO, Camelot Group
    Darren Thomson, CTO - EMEA, Symantec
    George Patsis, CEO, Obrela Security Industries
    Martin Mackay, Senior Vice President - EMEA, Proofpoint

    Moderated by Yotam Gutman, Founder & Community Manager, Cybersecurity Marketing Community
  • Ask the Cyber Expert: How to Manage Cyber Exposure, Risks and Compliance Jun 5 2019 9:30 am UTC 30 mins
    George Patsis, Obrela Security Industries | Yotam Gutman, Cybersecurity Marketing Community
    Join this interactive 1-2-1 discussion where information security expert, George Patsis will share how to;

    - Align cybersecurity function with organisational and business strategy
    - Meet regulatory and compliance requirements
    - Deal with breaches in an ever-changing technology landscape
    - Create valuable reports

    During this session, you will learn how to identify, predict and prevent cyber threats, in real time.

    Moderated by Yotam Gutman, Founder & Community Manager, Cybersecurity Marketing Community
  • Ask the Cloud Security Expert: How to Protect your Critical Data in the Cloud Jun 4 2019 3:30 pm UTC 30 mins
    Dave Barnett, Forcepoint EMEA | Alex Hilton, Cloud Industry Forum
    Effectively protecting critical data in the cloud is a key challenge for today's data-driven businesses.

    Join this interactive 1-2-1 discussion where Cloud Access Security Broker (CASB), Dave Barnett will share insights on;

    - Why and how today organisations are protecting data in the cloud.
    - What are the main risks inherent in the adoption of cloud services?
    - Where the key challenges are in protecting data in the Cloud?
    - What to look for when selecting cloud security for your organisation

    Moderated by Alex Hilton, Chief Executive, Cloud Industry Forum
  • Ask the Data Protection Expert: How to Protect your Data Journey Jun 4 2019 2:30 pm UTC 30 mins
    Patrick Grillo, Fortinet | Yotam Gutman, Cybersecurity Marketing Community
    Join this interactive 1-2-1 discussion where network security and IP networking solutions expert, Patrick Grillo will share how to deal with security challenges as networks evolve including cloud-based resources and SD-WAN.

    Key themes to be explored include;

    - Why security should never be treated as an afterthought
    - The impact of new technologies/techniques on existing security infrastructure/practice
    - How to develop/maintain a consistent security practice beyond technology
    - How to get C-suite commitment and build the right organizational structure

    This session showcases the need for security continuity by connecting a number of disparate concepts, for example how the Cloud services and SD-WAN are related.

    Moderated by Yotam Gutman, Founder & Community Manager, Cybersecurity Marketing Community
  • Livestream Video - Securing the IoT in the Age of Threats Jun 4 2019 1:00 pm UTC 45 mins
    Wallace Sann, Forescout | Nigel Stanley, TÜV Rheinland Group | Jonathan Zulberg, LogRhythm | Jason Soroko, Sectigo
    The ever-growing Internet of Things continues to pose security and privacy threats. How are businesses managing the risks associated with IoT devices on their networks? What are the best strategies for achieving basic security and cyber hygiene?

    Join this interactive panel with IoT and security experts to learn more about:
    - Impact of IoT on enterprise security
    - How to assess the IoT risk
    - Most common IoT vulnerabilities and how to address them
    - Recommendations for improving IoT security

    Jason Soroko, CTO of IoT, Sectigo
    Jonathan Zulberg - Director of Sales Engineering - EMEA, LogRhythm
    Wallace Sann, VP Global Systems Engineering, Forescout Technologies
    Nigel Stanley, CTO - Global OT & Industrial Cyber Security CoE, TÜV Rheinland Group

    Moderated by Yotam Gutman, Founder & Community Manager, Cybersecurity Marketing Community
  • Livestream Video - Multi-Cloud Security and Compliance Jun 4 2019 10:30 am UTC 45 mins
    John Meakin, GSK | Patrick Grillo, Fortinet | Dave Barnett, Forcepoint EMEA | James Hughes, Rubrik
    The cloud strategy of today's enterprise spans across multiple clouds and hundreds of applications. Point security solutions no longer work, so enterprises are turning toward a more orchestrated approach to achieving security and compliance in the cloud.

    Join cloud and security leaders in an interactive discussion to learn about:
    - Key security and compliance challenges associated with a multi-cloud strategy
    - Recommendations for managing and automating security across multiple clouds and applications
    - The future of cloud
    - Improving enterprise security in an ever-changing threat landscape

    James Hughes, Field CTO, Rubrik
    Dave Barnett, Head of CASB, Forcepoint EMEA
    Patrick Grillo, Senior Director - Security Solutions, Fortinet
    John Meakin, Group Chief Information Security Officer, GlaxoSmithKline (GSK)

    Moderated by Alex Hilton, Chief Executive, Cloud Industry Forum
  • Ask the IoT Security Expert: How to Protect your Business in the IoT Jun 4 2019 9:30 am UTC 30 mins
    Jason Soroko, Sectigo | Yotam Gutman, Cybersecurity Marketing Community
    Today's digitally connected businesses require multi-layer defence against rising and more sophisticated web-based threats across websites, devices, infrastructure, and cloud.

    Join this interactive 1-2-1 discussion where IoT security expert, Jason Soroko, will share how to deal with IoT security challenges.

    - How to determine if IoT connected devices in your operations infrastructure are secure
    - What is the difference between symmetric tokens, PKI based certificates and device identities?
    - What is the role of trust models to enable third-party device interoperability?
    - What are some methods to provision a device with a x509 certificate?
    - How to secure a digital identity for devices that do not have a hardware secure element such as a TPM?

    Moderated by Yotam Gutman, Founder & Community Manager, Cybersecurity Marketing Community
  • Cybersecurity and Fraud: Securing the Financial Sector Jun 4 2019 8:30 am UTC 75 mins
    Andy Ramsden, G+D Mobile Security GmbH
    The Financial Services industry has a big target on its back when it comes to attacks by cyber criminals. How can financial institutions keep precious customer data safe whilst utilising technology to equip themselves with the tools to prevent fraud and financial crime?

    Join this panel to hear:

    - Lessons learned from recent breaches and hacks
    - AI-powered strategies to protect your financial institution
    - The unique security challenges of incumbent organisations vs. FinTechs
    - Best practices to fight fraud and financial crime

    Panelists include:
    Andy Ramsden, Global Solution Sales Lead – Mobile Authentication, G+D Mobile Security GmbH
  • Ask the Cyber Risk Expert: How to Minimise Cybersecurity Risk Factor in M&A Jun 4 2019 8:30 am UTC 30 mins
    Wallace Sann, VP Global Systems Engineering, Forescout Technologies
    Any merger or acquisition poses daunting challenges to IT leaders. Not only are they tasked with integrating people, processes and technology in the shortest possible time frame, they must also remain vigilant about addressing the added cybersecurity risks.

    Join this interactive 1-2-1 discussion where systems engineering expert, Wallace Sann will share how to minimise the cybersecurity risk factor in M&A including;

    Who are the key decision makers in the M&A process and what are the different/new challenges they’re facing?
    What has historically been the risk focus for acquiring companies, and how is that focus changing?
    How can companies as a whole minimize cyber risk and protect themselves during the M&A process?
    Are there any opportunities for IT teams to reduce cyber risk during an M&A?
    What does Forescout recommend companies do in order to enhance their cybersecurity posture when preparing for an acquisition?
    With the explosion of IoT devices across industries, should there be more concern around connected devices during an acquisition?
  • [Earn CPE] Enabling GRC with Secure Authentication across the Digital Ecosystem May 30 2019 5:00 pm UTC 75 mins
    Colin Whittaker, IRD; Richard Bird, Ping Identity; Teju Shyamsundar, Okta, Jerrod Chong, Yubico; and Andy Smith, Centrify.
    The days of securing a well-defined perimeter around your organization are gone. The cloud, mobile technologies, the internet of things (IoT) and diverse user groups freely exchange data across digital ecosystems, network and economies. This fluidity, however, means that organizations must secure access at multiple points throughout the organization, or risk letting in intruders seeking to hijack data.

    To manage the increasingly diverse digital landscape, IT and security managers need to move beyond usernames and passwords, and expand their use of multi-factor authentication (MFA) to help provide secure and convenient access to the critical data and systems users need. On this webinar our panel of experts will address how secure authentication can help enable GRC across the digital ecosystem, and they will share tips on:

    - Securing access at all points across applications, devices, users and environments.
    - Sharing insights across security systems to strengthen security.
    - Collecting and analyzing information to stop attacks.
    - How MFA can transform secure access—to any application, from any device, anywhere, at any time.
    - Strengthening identity assurance with privileged users.
  • Understanding Facial Recognition Technology and Consumer Privacy Implications May 23 2019 5:00 pm UTC 60 mins
    Brenda Leong, Senior Counsel & Director of Strategy, FPF & Gabriela Zanfir-Fortuna, Senior Counsel, FPF
    A discussion of how various facial detection and recognition systems operate, the privacy risks associated with different levels of identification, and the impact under GDPR. Facial recognition technology can help users organize and label photos, improve online services for visually impaired users, and help stores and stadiums better serve customers. At the same time, the technology often involves the collection and use of sensitive biometric data, requiring careful assessment of the data protection issues raised. Understanding the technology and building trust are necessary to maximize the benefits and minimize the risks.

    Equally relevant is the need to expand stakeholders’ awareness and understanding of the many types of facial scanning systems, as well as the impact of accuracy differences among the many systems available today.

    It is important to understand the distinctions between facial detection systems (which, when properly designed neither create nor implicate any Personally Identifiable Information) with full-scale facial identification programs (matching a person’s image to a database in order to identify the individual to a store clerk or stadium employee who otherwise wouldn’t recognize them).

    The consumer-facing applications of facial recognition technology continue to evolve, and the technology will certainly be used in new ways in the future, and the legislative environment under GDPR must consider how such uses should be implemented to protect consumer privacy rights.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: The Role of PCI in a Security Strategy
  • Live at: Apr 16 2009 2:00 pm
  • Presented by: Jack Danahy, Founder and CTO of Ounce Labs
  • From:
Your email has been sent.
or close