Hi [[ session.user.profile.firstName ]]

Paul Henry’s 2011 Malware Trends

In 2010, we again saw the volume and sophistication of malware dramatically increase over the year before. Today, more than 1.6 million new malware signatures are identified each month and the volume of zero-day attacks continues to rise. Script kiddies have been replaced by cyber criminal syndicates looking to steal personal information and intellectual property for financial gain.

Join security and forensics expert, Paul Henry, to learn about the latest malware trends and more importantly, practical steps you can take to better protect your organization from evolving threats.

In this live webcast, he’ll examine:
• The unending arms race with financially motivated “bad guys”
• Evolving paths into your network including social media and removable devices
• Why traditional defenses are not effective
• How to ensure an effective depth-in-defense security strategy that includes application whitelisting
Recorded Mar 16 2011 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Paul Henry
Presentation preview: Paul Henry’s 2011 Malware Trends

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Election Takeaways for Cybersecurity Leaders Jan 20 2021 5:00 pm UTC 60 mins
    Diana Kelley | Jim Richberg | W. Curtis Preston
    The 2020 US presidential election is behind us, but the key cybersecurity issues surrounding election integrity could linger for years to come. From ransomware attacks on local governments, to the untamed spread of disinformation, to experimenting with online voting apps and the myriad of vulnerabilities uncovered across election infrastructures, cybersecurity had never before taken such a central place in the national conversation as it did in 2020.

    So, what have we learned in the aftermath? And how can we apply it to better protect upcoming elections as well as enterprises, customers and employees?

    Join this interactive panel with security experts and tech leaders to learn the biggest lessons from the election from a cybersecurity and privacy standpoint. Discover what went down, what could have gone better and how to prepare for the midterm elections in 2022.

    - Can we build a hack-free election
    - Does misinformation on social sites impact how people vote and what can be done to stop the spread
    - What was new this time and what should security leaders keep in mind for their organizations
    - Would it be safer if we brought the voting process online or in app
    - Can nation state actors change voter rolls or polling data
    - What the biggest election threats mean for industry
    - Key takeaways for cybersecurity leaders

    - Jim Richberg, Public Sector Field CISO at Fortinet
    - W. Curtis Preston, Chief Technical Evangelist, Druva

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Applying the MITRE ATT&CK Framework to Detect Insider Threats Jan 20 2021 4:00 pm UTC 60 mins
    Augusto Barros, VP of Solutions at Securonix
    The MITRE ATT&CK framework has become an excellent way for security professionals to understand and describe threats. However, most of the time, it is used to describe the actions of external threats.

    But what about the insider threats? According to Forrester, 25% of breaches resulted from internal incidents, and almost half of them were malicious. In the past few years, insider threats have evolved in several aspects from how sensitive data leaves the organization to ways in which privilege access gets misused, creating risks for organizations to mitigate. The proliferation of cloud applications and the current remote work setup make tracking and protecting sensitive data extremely challenging.

    Can we use the MITRE ATT&CK framework to help us describe, understand, and finally detect and protect against insider threats? If the framework often describes and supports threat detection of external threats, does it also help deal with insider threats? What organizations should expect from this exercise, and what do they need to do differently to achieve the desired results?

    Join Augusto Barros, VP of Solutions at Securonix, to learn about:

    • How insider threats have evolved and the new challenges they present?
    • How the MITRE ATT&CK framework supports threat detection practices?
    • How the MITRE ATT&CK framework can also help to address the issues related to insider threats?

    Augusto Barros was the Research VP in the Gartner for Technical Professionals (GTP) Security and Risk Management group. He has over 20 years of experience in the IT security industry as an analyst and a security architect and officer for large enterprises.
  • Tackling Insider Threat with Open Source Intelligence (OSINT) Jan 20 2021 11:00 am UTC 45 mins
    Rachel Carson, Analytical Development Director, Futurum
    This webcast, Tackling Insider Threat with Open Source Intelligence (OSINT), will demonstrate how OSINT can be leveraged to help identify and prevent insider threat.

    Rachel will discuss the critical role OSINT can play in effective business risk management, specifically in managing insider threat.

    In particular, Rachel will describe how companies can make more informed decisions about the people they employ and do business with by embedding OSINT within their recruitment and screening purposes, thereby minimising the risk of taking on high risk personnel.

    Rachel will also discuss how OSINT can be used to understand an individual’s vulnerability to being an unconscious insider by, for example, inadvertently clicking on a link to a malicious website through a specifically targeted email.

    Lastly, the webcast will examine the way in which organisations are using continuous OSINT methods combined with machine learning to identify and alert them to early indicators of insider threat, for example negative attitudes towards work, excessive spending, or a close association with a competitor. Indicators which when fused with other information regarding an individual such as a change in working hours or excessive data extraction, can start to build a picture of risk.

    Key takeaways:
    - The principles of OSINT
    - The types of freely available information on people and companies
    - The value OSINT brings to business risk management, specifically in managing insider threat
    - How OSINT can be embedded within recruitment processes to help prevent companies taking on high risk personnel
    - How understanding a company’s and individual’s online footprint can help reduce the harm caused by unconscious insiders
    - How machine learning and continuous OSINT methods can help detect insider threat and provide an early warning of potential harm
  • MINDHUNTER #1 - Social Engineering: The Threat Is Coming From Inside The House Jan 20 2021 9:00 am UTC 60 mins
    John Aarsen, SE - Benelux and Nordics, SonicWall
    Join SonicWall expert John Aarsen as he goes through the anatomy of social engineering attacks to demonstrate how people are manipulated into performing actions or divulging confidential information. These attacks have become more frequent and aggressive as attackers attempt to exploit the circumstances surrounding COVID-19. In the case of both users and organizations, overconfidence can lead to complacency, allowing such attacks to succeed. That’s why it’s crucial that you consider social engineering as your company builds its boundless cybersecurity strategy.
  • You Never Mean to Let Attackers in the Front Door… Jan 20 2021 12:00 am UTC 45 mins
    Randy Pargman, Senior Director of Threat Hunting and Counterintelligence, Binary Defense
    Threat actors are clever adversaries who prey on human error in your employee workforce to execute successful cyberattacks. They use social engineering to trick your teams into giving them access to your files and network. That’s why having a team of experienced security analysts on your side that work 24/7 is a crucial defense. When you’re up against real people who are targeting your employees, the solution isn’t a computer program but other people who know to combat these attackers.

    Join Randy Pargman, Senior Director of Threat Hunting and Counterintelligence at Binary Defense and former FBI Computer Scientist, in this discussion that covers real stories from his experience with attacks targeting employees, how attackers attempt to deceive analysts, and ways to educate your workforce to defend against these attacks.

    In this webinar you will learn:
    - How threat actors target employees
    - What next steps cyber criminals take to continue their attacks
    - Examples of attacks on businesses
    - Ways that an experienced SOC can combat these attacks
  • It’s Not You, It’s Me. Go From Frenemy to Friend With Security Automation. Jan 19 2021 11:00 pm UTC 45 mins
    Shinesa Cambric, Sr. Manager - Identity and Access Management Information Security, Fossil Group
    Improve your relationship with your developers and auditors, protect your environment, and go from frenemy to friend through streamlined processes and automated detective and corrective controls.

    This session will cover tips on ways to address human error elements for development within your Google Cloud environment.
  • Human Error & Cyber Security Jan 19 2021 10:00 pm UTC 45 mins
    Changiz Sadr, P.Eng., FEC, CISSP, Director of Engineers Canada
    In this webinar, Changiz will cover:

    - Description of cyber attacks and statistics from known and published attacks
    - The most common types of attacks including phishing, ransomware, DDOS, Drive-By-Downloads, Dumpster Diving
    - Why cyber attackers target people to set their attacks such as human senses, feelings, emotions, etc. with examples such as affection, kindness, greed, political and religious views, financial and employment needs
    - Examples of common attacks such as phishing, social engineering, social media attacks, etc. and how they target those human senses
    - Distinguishing the fake communications from the real ones
    - Solutions and the importance of the SETA (Security Education, Training, and Awareness) programs for individuals and organizations
  • Affects of Human Behavior in Cybersecurity Jan 19 2021 6:00 pm UTC 45 mins
    Nicholas Jahn, IT Administrator/Cyber Security Engineer, Fearing’s Audio·Video·Security
    In today’s world of intense cybersecurity awareness, the daunting task of securing your workforce while employees are working from home can be very overwhelming. To address this issue most Information Technology and Information Security staff focus on digital factors, but it is important to not overlook the human factors.

    The biggest human factor in Cyber Security is human behavior and the issues that result directly and indirectly from how we think, behave, and act. In this presentation I will cover the most common digital and non-digital threats I have encountered that are designed to take aim at exploiting human nature and are designed to “steer” how we act and react, as well as common mistakes in configurations and policies that can drastically impact any organizations “readiness” to protect against cyber attack. The goal of this presentation is that by the end of it you will be in a much better place of understanding the threats you and your organization face, and what you can do to resolve these issues through unified threat management, utilization of a multilayer cybersecurity approach, automation platforms in the cloud, and end user education.
  • Why the next Ryuk Ransomware will bypass your defenses Jan 19 2021 6:00 pm UTC 45 mins
    Walter Avendano, Solutions Architect for Nyotron
    Ransomware-as-a-service and big game hunting: Gain a basic understanding of the two most popular Ransomware extortion methods used by Ransomware gangs and employed to create a product to extract revenue from the victims (customers). See for yourself how to gain a foothold and understand a shift in defense posture in order to prevent catastrophic Ransomware damage.

    Join this webinar to learn more about Ransomware as a business model that needs to be understood in the proper context. In that context, you are the product.
  • CISO Insights - The Top 21 Security Predictions for 2021 Jan 19 2021 5:00 pm UTC 60 mins
    Dan Lohrmann CSO Security Mentor | Earl Duby CISO Lear Corporation | Tony Pepper CEO of Egress
    Every year top security companies, industry thought-leaders, and tech media publications come out with their predictions for the upcoming year, and every year Dan Lohrmann publishes his roundup of these security industry reports, forecasts, themes and trends.

    This BrightTalk webinar will dig into the 2021 prediction report in detail.

    In addition to counting down (and referencing) the top 21 security prediction reports from the leading vendors, this webinar will examine:
    - Where is their agreement on what’s coming next?
    - Where is their major disagreement?
    - Where will cyberattacks come from next?
    - Which vendors have the best reports (and why)?
    - Who are the award-winners for most creative, most likely, most scary and other security industry predictions?

    We'll discuss security and tech predictions on Covid-19 and working from home as well as major security incidents such as attacks on global events (like the 2021 Olympics), cyber incident response and much, much more.

    We will take your questions at the end, and may even ask you to vote for your favorite predictions (or offer one of your own to share.) Join us now!
  • Why did they click that? Human errors factor Jan 19 2021 4:00 pm UTC 60 mins
    Dennis E. Leber, CISO, University of Tennessee Health & Science Ctr, Dr Calvin Nobles, Cybersecurity Professional,Wells Fargo
    This webcast discusses the Human errors factor of cybersecurity. Organizations often focus on the processes and technology and leave out the Human aspect. Many industries embrace Human factor programs in addressing challenges and cybersecurity can learn a lot from these programs and utilize them to improve security and reduce risks.

    During this webinar we will discuss; HFACS-Cyber, the need for Human Factors Programs in Cybersecurity, targeting human risk factors, and the business value of Human Factors.

    Participants will take away the following:
    1. The importance of including Human Factors
    2. The risks removed once you include Human Factors
    3. The business value and some tips on how to obtain executive support for such a program
  • Managing the most vulnerable element in our cyber security strategy Jan 19 2021 1:00 pm UTC 45 mins
    Kojo Degraft Donkor, Cisco Systems - Technology Transformation Group (TTG) CX America & Charles Boateng, AmeriHealth Caritas
    With a greater number of organizational activities relying on technology, the focus on how to protect the use of technology is primal for all organizations. Institutions are right to focus on external threat actors to safeguard their assets. But more importantly, it is imperative that the internal structures of organizations are tuned into the strategies used to protect their activities and assets. An overwhelming majority of cyber breaches are as a result of human actions within the organization. That is a fact.

    Conventional defenses are bound to fail due to the human element in the process of securing organizational infrastructure. Human behavior is only predictable to some extent. A recent report by Cyberchology notes that 80% of companies see an increased cybersecurity risk resulting from the human factor as a major challenge during the COVID-19 pandemic.

    The Human Factor, therefore cannot be ignored as we formulate strategies to secure organizational infrastructure.

    In this presentation, we will attempt to cover the following questions:
    • What is “The Human Factor?”
    • By the Numbers – Why should we worry about this Factor
    • Strategies to mitigate the Human Challenges
    • Case Studies
  • Employees: weakest or strongest link in your Cyber Security posture? Jan 19 2021 11:00 am UTC 45 mins
    Srinath Vangari, Project Manager & Himanshu Dubey, Director of Security Labs, Quick Heal Technologies Ltd.
    Humans are the primary target for Cyber Attackers. Most cyber-attacks against businesses start by luring humans into making errors and thus allowing attackers a foot inside the target organization’s network. Impact of such attacks can range from monetary loss to even shutting down of businesses

    In this presentation, we will discuss why human errors cause so many breaches, and how security solutions are bypassed in these cases? We will also look at the story behind human error and address them to improve employee cyber behaviour in an organization

    Key takeaways:
    - Why cyber attackers target humans
    - Impact of human errors
    - How such attacks bypass Cyber Security solutions
    - Steps that organizations can take to address the gaps
    - Make employees your best defence against Cyber Attacks
  • Deployment Pipeline - Way to secure your workloads Jan 19 2021 9:00 am UTC 45 mins
    Pushkar Tiwari, Director Engineering, Symantec Division, Broadcom
    Cloud migration is at the peak, and so the data breaches are in the cloud. The most common culprit of these breaches are human errors like improper security controls, misconfigurations etc. Complexity of security controls in public cloud providers and presence of multiple cloud providers within an organization makes it almost impossible for humans to do flawless deployments.

    This webinar presents case studies on high profile data breaches that happened due to human errors. In order to tackle human errors from cloud operations, the human factor needs to be completely removed.

    In this webinar you will learn how security control, operations and auditing can be baked into the deployment pipeline and make the pipeline as the only gateway for service operations.

    It will discuss implementation challenges and other considerations of the deployment pipeline to achieve complete immutability of deployment.
  • Cyber Authors Ep.2: A Practical Guide for CISOs Recorded: Jan 13 2021 57 mins
    Bill Bonney President CISO DRG,Gary Hayslip CISO SoftBank,Matt Stamper CISO EVOTEK,Sushila Nair VP Security Services NTT DATA
    Organizations are keenly aware of the existential threat that cyber risks now pose. The authors of the CISO Desk Reference Guide, Bill Bonney, Matt Stamper, and Gary Hayslip, grasp that reality and use their many years of experience to provide practical advice about how to function effectively in this role.

    The unique multi-author approach of the CISO Desk Reference Guide has produced a wealth of insight into the complex and challenging role of the Chief Information Security Officer, a role that increasingly anchors organizational risk management in all things cyber and digital. It's essential reading for both aspiring and incumbent Chief Information Security Officers. The CISO Desk Reference Guide (Volumes 1 & 2), help fill a critical gap in the ever-evolving information security common body of knowledge.

    In this session, the authors, Bill Bonney, Matt Stamper, and Gary Hayslip, are joined by Sushila Nair where they discuss:

    -The evolving CISO role and how best to embed it in the organization
    -Fundamentals like data classification and controls
    -Advice on tools and techniques
    -Different perspectives on the foundations of organizational cybersecurity
    -and more!

    This episode is part of Cyber Authors, a new series with Sushila Nair. We welcome viewer participation and questions during this interactive interview.
  • Digital Storage Stars in the Media and Entertainment Industry Recorded: Jan 13 2021 56 mins
    Tom Coughlin, President, Coughlin Associates & SNIA CMSI Education Chair
    Digital storage is a critical technology for professional Media and Entertainment (M&E). With the Covid-19 pandemic much M&E work went remote, enabled by cloud based services and private and public cloud storage. NVMe SSDs and emerging memories are assuming increased use in high resolution, high frame rate, high dynamic range video content workflows. Between 2019 and 2025, about a 3X increase is expected in the required storage capacity in the industry and a 3.4X increase in storage capacity shipped per year. Cloud storage capacity for the M&E industry will increase 13X between 2019 and 2025.

    This webinar looks at the trends driving demand for digital storage in all parts of the M&E industry, with data from the 2020 Digital Storage in Media and Entertainment report from Coughlin Associates presented by Tom Coughlin, who also serves as the volunteer Education Chair for the SNIA Compute, Memory, and Storage Initiative.
  • 6 ways CISOs are securing and navigating the cloud Recorded: Dec 17 2020 60 mins
    Jo Peterson, Clarify 360; Brian ThompsonVP, Veeam Software; Michael Goldgof, Barracuda Networks; Carl Eberling, Forcepoint
    Cloud Adoption is on the rise again. According to IDG’s 2020 Cloud Computing Survey, 59 percent of respondents said their organizations would be mostly or all in the cloud within 18 months. Cloud changes our approach on so many levels—new technology, new shared responsibility model and new cybersecurity considerations

    In today’s session, we’ll explore 6 ways CISOs are navigating the cloud:
    - Securing an extended perimeter
    - Upskilling the team
    - Balancing Risk Management in Third Party Relationships
    - Defining the Shared Roles in a Shared Responsibility Model
    - Enhancing Visibility
    - Taking Advantage of Automation

    Jo Peterson, Vice President, Cloud and Security Services, Clarify360
    Brian Campbell--VP, Cyber Security Architect, Veeam Software
    Mike Goldgof--Senior Director, Product Marketing at Barracuda
    Carl Eberling-- CIO/CISO- Forcepoint
  • Cybersecurity Threat Detection and Prevention Recorded: Dec 10 2020 60 mins
    Jo Peterson | Adi Pradeep | Brad Moldenhauer | Dr. Richard Ford | Homayun Yaqub
    Cyberthreats are viewed as a significant risk to organizations. They are capable of disrupting core operations and inflicting serious damage to brands and reputations.

    A study by Cybersecurity Ventures predicts these crimes will cost the world $6 trillion a year by 2021.

    Join this panel discussion to:
    - Review today’s expansive attack surface and the various ways bad actors penetrate networks
    - Discuss existing and emerging cyber threats
    - Understand policies, tools and best practices used to protect organizations as new threats emerge
    - Explore the roles that user training and education, skill development and governance play in defending against threats

    Jo Peterson, VP Cloud & Security Services, Clarify360 (moderator)
    Adarsh "Adi" Pradeep, Cybersecurity Consultant
    Brad Moldenhauer, CISO, Americas, Zscaler
    Dr. Richard Ford, CTO, Cyren
    Homayun Yaqub, Global Security Strategist, Forcepoint
  • How to Fix Cybersecurity - From Patching Leaks to Building Better Dams Recorded: Dec 10 2020 59 mins
    Tatu Ylonen, Founder & SSH Fellow, SSH Communications Security, Inc.
    This talk will address how we need to develop and configure systems and software to eliminate common forms of malware and exploits. It is an engineering challenge that requires substantial change in tools and how we write applications and operating systems and how we design hardware. None of it is rocket science, but the pieces must be put together.

    Viewers will learn about:
    - Attack vectors and hidden risks
    - How to build better dams, rather than trying to patch every leak and crack

    Do we want our dams to be strong and safe, or is it more important to ensure that we can easily blow up the dams of any opponents, even if ours will break too? As a society increasingly living downstream of the dams, building better dams is a matter of survival.

    Presented by a 20+ year security pioneer and inventor of SSH (Secure Shell, the de facto standard for system administration) and the principal author of NIST IR 7966 (guidelines for managing SSH access).
  • All PCI and NOTHING about PCI DSS v4 Recorded: Dec 10 2020 61 mins
    Ben Rothke | David Mundhenk | Jeff Hall | Arthur Cooper "Coop"
    This session is Part 10 of the PCI Dream Team series on BrightTALK.

    Our panelists are some of the top PCI QSA’s in the country, with decades of combined PCI and card processing experiences. They’ve seen it all: the good, bad and ugly; and lived to tell the tale.

    Join Ben Rothke, David Mundhenk, Arthur Cooper, and Jeff Hall for an interactive Q&A session, and get answers to your most vexing PCI questions. No PCI question is out of bounds.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Paul Henry’s 2011 Malware Trends
  • Live at: Mar 16 2011 7:00 pm
  • Presented by: Paul Henry
  • From:
Your email has been sent.
or close