Hi [[ session.user.profile.firstName ]]

How to Build a Robust Incident Response Capability for Financial Institutions

Michelle Drolet CEO of Towerwall will be discussing the need for developing a solid Incident Response Program and doing Tabletop exercise throughout the year. An Incident Response Plan (IRP) will ensure information security incidents, once identified, will be handled and communicated appropriately. Consistency of how incidents are handled and communicated is paramount to a successful incident response.

The IRP provides a quick, organized, and effective response to computer-related and physical security incidents. The IRP’s mission is to prevent a serious loss of information, information assets, property, and customer confidence by providing an immediate, effective, and informed response to any event involving your information systems, networks, workplace, or data.

Security incident response is an organized approach to address and manage activities during and after a security breach. The goal of security incident response is to handle any information security incident in an organized and effective manner that limits damage to the organization and reduces recovery time and cost.
Recorded Aug 16 2018 40 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Michelle Drolet, CEO, Towerwall, Inc.
Presentation preview: How to Build a Robust Incident Response Capability for Financial Institutions

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Key Steps to Identify Risk and Master Vendor Risk Management Apr 25 2019 5:00 pm UTC 75 mins
    Colin Whittaker with panelists from Bitsight, Lockpath, OneTrust, and ProcessUnity.
    In today’s interconnected technology ecosystem, companies increasingly rely on third party vendors to meet their operational needs. However, the current state of vendor risk management (VRM) is bleak. More than half of all information security breaches are caused by third-party vendors, and according to Deloitte 83% of today’s business leaders lack confidence in third party VRM processes.

    Understanding and managing cyber risk posed by vendors, suppliers, and third parties has proven to be a difficult task. The right mix of people, processes, and technology result in the most effective and comprehensive program. Join this CPE accredited panel webinar as our expert panel address some key steps to master VRM, including:

    - Implementing a scalable VRM program from the ground up
    - Mapping the digital supply chain
    - Tips on managing vendor data
    - Assessing third, fourth, and fifth-party risk
    - Performing quantifiable vendor security analyses
    - Establishing pre-procurement standards
  • Top Threats To Endpoints And How To Stay Protected Apr 18 2019 10:00 am UTC 45 mins
    Kelvin Murray, Sr. Threat Research Analyst, Webroot
    The largest threat of organisational breach occurs at the Endpoint level. Hacks, phishing, malware and untrained end users are a constant risk that need safeguards and monitoring to protect individuals and businesses with strong IT security. Small changes to your endpoints can drastically improve your protection. However, when you manage one or more businesses and need to implement and maintain these changes across multiple machines or environments, different complications will arise.

    Join Webroot’s Threat expert as he discusses topics such as:

    · Malware
    Information Stealers
    · End user education
    · Best policies and settings for your Endpoints
    · Endpoint monitoring
  • How Organizations Use Threat Intelligence To Boost Security Apr 15 2019 3:00 pm UTC 60 mins
    Panelists TBA
    What is cyber threat intelligence, and how can organizations leverage it to identify threats and potential malicious activity in advance? Discover the best ways organizations can arm themselves with actionable threat intelligence to block cyber attacks or mitigate their impact.

    Join this panel of experts to learn more about:
    - Cyber threat intelligence: What it is and how you can use it
    - What's new in phishing, banking trojans, Mirai, ransomware
    - Emerging threats and what to do about them
    - Best practices for a more secure enterprise
  • Implementing a NIST Framework for Adaptive Cybersecurity Mar 21 2019 5:00 pm UTC 75 mins
    Colin Whittaker, with Sam Abadir, Lockpath; Allan Liska, Recorded Future; and Gina Mahin, CEO of Lynx Technology Partners.
    In an age where cybersecurity threats are an everyday fact of life, organizations are looking for solutions that enable them to predict, prepare and react to the shifting landscape of cyber threats, and implementation of adaptive cyber security strategies is becoming inevitable to achieve that goal.

    Adaptive cyber security methods allow for the simultaneous defense of multiple attack surfaces against this new wave of advanced cyber attacks targeting businesses and services. The NIST Cybersecurity Framework enables organizations — regardless of size, degree of cybersecurity risk, or cybersecurity sophistication — to apply the principles and best practices of risk management to improving security. Attend this CPE webinar to gain insights on:

    - Getting a clear picture of the current health of your organizations' defenses
    - Defining your security road map using NIST CSF as a framework
    - Conducting gap analysis and executing remediation actions
    - Mapping the NIST CSF with security controls and built-in reporting templates that align with the framework.
  • Operationalizing Cybersecurity Mar 19 2019 3:00 pm UTC 60 mins
    Panelists TBA
    Cybersecurity, much like safety, cannot be achieved - it is an ongoing process that changes and adjusts to respond to the threat landscape, business needs and resources. As essential a cybersecurity strategy is to the enterprise, so is the implementation of it.

    Join us for an interactive Q&A panel with security leaders to learn more about how to operationalize cybersecurity.

    Topics up for discussion:
    - Making information security relatable
    - Building security programs
    - Defining your cybersecurity strategy
    - Translating your cybersecurity strategy into a risk management plan
    - Operationalizing your cybersecurity strategy
    - Using the maturity capability model for measuring success
  • Cybersecurity in the Boardroom Mar 19 2019 1:00 pm UTC 45 mins
    Mark Chaplin, Principal, ISF
    Global spend on cybersecurity solutions will grow 33%, reaching $134 billion annually by 2022. Attackers are becoming more sophisticated and the threat of data breaches is bigger than ever. CISOs from around the world will discuss why security is a key focus for investment and how to employ the best strategy for your enterprise.

    In this webinar, Mark Chaplin, Principal, ISF will discuss how to communicate your security strategy to the board.
  • Cyber Risk Management - From the Board to the Operational Level Mar 19 2019 12:00 pm UTC 60 mins
    Sebastian Hess, Cyber Risk Advisor, AIG
    Cyber Risk Management is a topic of continuous growing importance for businesses across the globe. While oftentimes being perceived as an IT issue, cyber risks are impacting business on a much larger scale.

    This talk will give some insights into the multiple facets of cyber risk, covering different viewpoints from the board members all the way over to cyber security professionals.

    Starting with a short look at cyber from a geo-political perspective, this session will dive into an organizations perception of cyber risks by looking at:

    - the board of director’s angle;
    - the enterprise risk management angle;
    - as well as the operational cyber security angle.

    This talk will show how the various viewpoints interact in order to find a good balance between business needs and security needs.
  • Best Practices in Threat Hunting: Optimizing the Anomalous Activity Search Mar 13 2019 3:00 pm UTC 60 mins
    Brenden Bishop, Data Scientist, the Columbus Collaboratory
    Join us for this webinar that will present an advanced data science approach to detecting anomalous behavior in complex systems like the typical corporate network that your IT Security team is trying to defend. Generalized anomaly detectors, without tuning for a specific use case, almost always result in high false alarm rates that lead to analyst alert fatigue and a detector which is effectively useless. In this session, Brenden Bishop, Data Scientist at the Columbus Collaboratory, will present an open source tool and best practices for building specific, repeatable, and scalable models for hunting your network’s anomalies. Through iteration and collaboration, defenders can hone in on interesting anomalies with increasing efficiency.
  • Revitalizing Access Control Programs: Intelligent Automation Mar 7 2019 6:00 pm UTC 60 mins
    Colin Whitaker, Informed Risk Decisions; Phil Shomura, Senior Product Manager, ACL
    No organization’s suite of business applications is static, especially for businesses that have committed to non-stop innovation. It is not uncommon for businesses to integrate only their high-impact applications with their existing identity and access management (IAM) systems. This can cause a huge surge in manual work, and oftentimes enterprises dedicate hundreds of human agents to manage accounts, adding more as new business applications are added. Enterprises can sidestep significant costs, increase efficiency, manage risk and deliver undiscovered value, by properly leveraging automation technologies across IAM systems.

    Robotic process automation (RPA) is a powerful technology that harmonizes different systems across an organization’s environment, reduces human errors, provides 24/7 operations, and relieves employees from repetitive tasks so they can focus on more valuable activities. For example, data quality management in the risk and compliance processs has been a traditional pain area for many institutions, as it is very time consuming and manual. However, a cognitive RPA solution which combines machine learning capabilities can enable fast automated remediation of data quality issues, and the system can learn from the final decisions taken by the data analyst as well. Attend this CPE webinar for insights on:

    - Getting started with an access management program.
    - Evaluating the right configuration and system-based tools to automate processes at a task level, and align to your process automation strategy.
    - Leveraging advanced analytics in risk management, compliance, and continuous monitoring programs.
    - Embedding governance, risk management, and controls into your enterprise’s mobilization and deployment of RPA, so you can catch issues before they arise.
  • Distinguish Signal from Noise: Find Threats in Your Security Sensor Data Feb 27 2019 4:00 pm UTC 60 mins
    Slava Nikitin, Data Scientists the Columbus Collaboratory
    Join us for this webinar that will recommend how to deal with your “big data” problem when dealing with the massive volume of raw, unprocessed data points from your network security sensors. Hint: don’t start with the data and attempt to drill down to the problem. Instead, as Slava Nitikin, Data Scientist from the Columbus Collaboratory will explain, you must start by the defining problem, building a threat model, and then focusing on the corresponding signals in your sensor data. We will walk through the use case for an Active Directory password spraying attack to demonstrate how to define and apply appropriate filters to your security data for faster detection, more accurate threat scoring and more effective security overall.
  • Benchmarks for Corporate Cybersecurity Feb 26 2019 6:00 pm UTC 60 mins
    Marilia Wyatt (WSJ Pro Cybersecurity), Lou Celi (ESI ThoughtLab) and Kim Landgraf (Security Industry Association / SIA Women
    Presented by WiCyS and SIA...

    This webinar from Women in CyberSecurity (WiCyS) and the Security Industry Association (SIA) will present the findings of The Cybersecurity Imperative research project produced by WSJ Pro Cybersecurity and ESI ThoughtLab and sponsored by SIA. We will share insights into how 1,000-plus organizations around the globe measure their cybersecurity preparedness and how they are preparing for future cyber threats.

    In this 45-minute program, we’ll also share a new tool that allows you to compare your own organization’s preparedness to the aggregated data of study participants.

    Expect to Learn:
    •Current threats organizations are facing
    •Cyber risk management approaches
    •Where organizations plan technology and staffing investments for cybersecurity
    •The impact of cybersecurity “maturity”
    •The costs of cybersecurity breaches

    •Marilia Wyatt (WSJ Pro Cybersecurity)
    •Lou Celi (ESI ThoughtLab)
    •Kim Landgraf (Security Industry Association / SIA Women in Security Forum)

    •Taly Walsh, Executive Director (WiCyS)
  • Rethinking the Human Risk Feb 21 2019 11:00 am UTC 45 mins
    Flavius Plesu, Head of Information Security, Bank of Ireland (UK)
    Are traditional awareness raising campaigns (e.g. CBT, phishing simulations) affording sufficient protection against ever evolving cyber-attacks? With human errors being the #1 cause of security incidents and data breaches, it is now a CISO imperative to tackle behavioural change and effectively manage the human risk. This recognised need reflects the acceptance that how the workforce behaves is dependent on the shared beliefs, values and actions of its employees, and that this includes their attitudes towards cybersecurity.

    Key topics covered in this presentation:
    • People-related challenges and frustrations the industry is facing
    • Why a new approach to awareness and culture is required
    • Innovative approaches adopted by leading organisations

    Your organisation can only be secure if you make people your strongest defence. Attend this session to discuss how to turn your human risk into your biggest advantage in cyber security!

    Flavius Plesu:
    A business-focused cyber security leader, Flavius has held senior security positions both within the public and the private sector and has lead a number of enterprise-wide security transformation programmes, in complex global organisations. Passionate about solving real industry problems, cultivating and building teams to deliver on the organisation’s mission, values and goals.

    Alongside his role as a Head of Information Security at Bank of Ireland UK, Flavius is also one of the Founders of OutThink, a team of CISOs and security practitioners who are changing the way in which organisations engage with their employees to shape behaviours and manage human risk in the context of cyber security.
  • Critical Actions to Prevent a Data Breach in 2019 and Beyond [Recording] Feb 20 2019 6:00 pm UTC 76 mins
    Panelists: Nick Hayes, Forrester; Idan Shoham, Hitachi-ID; Jason Bonds, Ping Identity; Perry Carpenter, KnowBe4
    * This is a recording so CPE credit is unavailable.

    Today’s organizations face a cybersecurity landscape more difficult to navigate than ever before. When it comes to data breaches, the risk for organizations is high, from the easily calculable costs of notification and business loss to the less tangible effects on a company's brand and customer loyalty. With large-scale data breaches continuing to make the headlines in 2018, organizations must be proactive, not reactive, in the face of looming cyber threats. Proactive threat intelligence can enable organizations to prevent breaches or compromises before they occur.

    On this webinar our panel of experts will discuss some critical actions organisations can consider to prevent a data breach, and attendees will learn:

    - Strategies you can implement now to help you protect against a breach.
    - Best practices for gathering the intelligence to predict and prevent attacks.
    - How to use threat intelligence to improve your organization’s security posture and reduce the risk of an attack.
    - Steps to fortify your last line of defense.
  • The Orchestration Journey in Incident response Feb 20 2019 2:00 pm UTC 45 mins
    Andy Yeates, Solutions Architect, IBM Resilient
    Organisations today need to be agile, and dynamic in responding to the most advanced cyber threats, and although automation has it's place in improving SOC efficiencies, human intelligence is still one of the most important aspects in effective incident response.

    In this session learn more about the journey to Intelligent orchestration and how leveraging it in an uncertain world can empower your organisation.
  • Delivering an Effective Cyber Security Exercise: Enhanced Breach Response Feb 20 2019 1:00 pm UTC 45 mins
    Daniel Norman, Research Analyst, ISF
    Organisations are constantly under threat with over two-thirds of them experiencing data breaches in 2018. As a result, preparedness and resiliency are paramount to protecting an organisation’s information from cyber attacks.

    Business leaders and their security teams can improve their ability to handle cyber attacks by running cyber security exercises. These exercises should help the organisation identify areas of improvement in people, process and technology, reducing the impact should a real cyber attack occur.

    In this webinar Daniel Norman, Research Analyst, ISF will share how organisations should approach running internal cyber security exercises to support breach identification, prevention and response.
  • Best Practices for Protecting Your Business from Cybercrime Feb 19 2019 4:00 pm UTC 60 mins
    Michelle Drolet (Towerwall), Michael Thelander (Venafi), William Peteroy (Gigamon), Kalani Enos (kenos)
    Cybercrime has evolved from random activities being carried out by individuals into a billion dollar illegal industry that continues to grow. How is cybersecurity keeping up with the rise of cybercrime?

    Join this panel of security experts to learn more about:
    - Trends in cybercrime and lessons learned in 2018
    - The cost of data breaches
    - Rise of cryptojacking and ransomware
    - Who are the players who make up the world of cybercrime (e.g. programmers, distributors, fraudsters, etc.)
    - The CISO vs the cybercriminal
    - Best practices for protecting your business

    - Michelle Drolet, CEO, Towerwall
    - Michael Thelander, Director of Product Marketing, Venafi
    - William Peteroy, Security CTO, Gigamon
    - Kalani Enos, Founder & CEO, kenos Technologies (Moderator)
  • Top Cybersecurity Threats and 2019 Predictions Feb 19 2019 11:00 am UTC 45 mins
    Kelvin Murray, Sr. Threat Research Analyst, Webroot
    Small and medium-sized businesses are major targets for cybercriminals. To stay safe, today’s businesses must understand the different types of cyberattacks they may encounter and implement strong cybersecurity practices.

    Register for this 30-minute webinar on the key threats businesses faced this year and what's upcoming in 2019 to get details and tips that will help you keep your business and clients safe. Our Threat expert will be discussing ransomware, banking Trojans, phishing and all the crypto-crime that’s wreaking havoc on IT pros.

    Book your place and get some key insights, including:

    · 2019 Threat Landscape Predictions
    · Observed business trends (how businesses worry about the wrong threats)
    · Where stolen data/information ends up
    · Long term effects of data theft
  • IoT Series [Ep.3]: IoT Essentials -- Selecting a Vendor Recorded: Feb 12 2019 49 mins
    Johna Till Johnson, CEO & Founder, Nemertes Research
    Selecting a vendor partner (or partners) is one of the most critical decisions enterprises will make on their IoT journeys. The right partner makes all the difference: enterprises with top-ranked partners report greater success in generating revenue, cutting costs, and optimizing business processes via IoT.
    • Who are the right providers?
    • What are the critical factors to consider in selecting one?

    This webinar reviews the provider landscape and highlights critical selection factors for companies of all sizes and industries.
  • Moving the Needle - Women in CyberSecurity Recorded: Feb 8 2019 61 mins
    Taly Walsh, Executive Director, WiCyS
    A new study has updated the ratio of women to men in the cybersecurity workforce – from 11% to 20%. Yet more than 300,000 cybersecurity jobs are unfilled today, a number that is exponentially growing into the millions. Let's do something to move the needle to 50% women in cybersecurity!

    Women in CyberSecurity (WiCyS), a non-profit organization with deep roots in academia, government and industry, is driving to increase recruitment, retention and advancement of women in cybersecurity.

    During this engaging webinar for diversity recruiters and women in various stages of cybersecurity careers, we will interview two WiCyS Board Members who offer stats and important guidelines for recruitment and retention of women in cybersecurity.

    Dr. Janell Straach, Chairman of the Board, WiCyS - Director, Center for Engaging Women in Cybersecurity, University of Texas Dallas

    Dr. Costis Toregas, Treasurer, WiCyS - Director, Cyber Security and Privacy Research Institute, George Washington University

    Interviewer: Taly Walsh, Executive Director, WiCyS
  • Panel Discussion - Future of Cyber Security Recorded: Feb 7 2019 46 mins
    Britta Glade, Wendy Nather, Rich Mogull, Diana Kelley, Ryan Berg
    Join RSA Conference Director of Content Curation and four Program Committee Members for a panel discussion about the topics they’re most excited about at RSA Conference 2019. Plus, some hints at the big discussions to take place in areas like Blockchain, security strategy and more:

    * Is Blockchain bulletproof?
    * Are there technical risks related to cryptocurrencies?
    * How to assess the coverage and gaps in your security portfolio
    * The theme of “acceptance” in security strategy
    * Exciting sessions in our Hackers & Threats track from chipset to containers, as well as smart contracts
    * Closing the enterprise gaps when it comes to moving to the cloud

    You’ll have a chance to ask questions during this live webcast. Join us for this exclusive preview of what you’ll hear about at RSA Conference 2019, March 4-8 in San Francisco.

    Britta Glade, Director Content & Curation, RSA Conference
    Wendy Nather, Director, Advisory CISOs, Duo Security
    Rich Mogull, Analyst & CEO, Securosis
    Diana Kelley, Cybersecurity Field CTO, Microsoft
    Ryan Berg, Fellow, Alert Logic
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: How to Build a Robust Incident Response Capability for Financial Institutions
  • Live at: Aug 16 2018 12:00 pm
  • Presented by: Michelle Drolet, CEO, Towerwall, Inc.
  • From:
Your email has been sent.
or close