Hi [[ session.user.profile.firstName ]]

Why Cybersecurity and Physical Security Belong Together

In this webinar from Women in CyberSecurity (WiCyS) and the Security Industry Association (SIA), cybersecurity consultants Min Kyriannis (Jaros, Baum & Bolles) and Valerie Thomas (Securicon) will explore the important relationship between cybersecurity and physical security.

Drawing lessons from real-world threats and attacks, our speakers will look at how cybersecurity vulnerabilities can be used to compromise physical security systems and why cybersecurity of IT systems depends on controlling physical security. We’ll discuss why CSOs, IT leaders, cybersecurity professionals and vendors/service providers all need to be paying attention to the cybersecurity of physical systems, and we’ll discuss what it means to drive security convergence at both strategic and operational levels, and how new technologies like AI factor into today’s converged security models.

Key Focuses:
•How to evaluate and improve the cybersecurity of cyber-physical systems
•How threat actors are targeting cyber weaknesses in physical security systems
•Why security convergence matters and what the relationship between cybersecurity and physical security teams can look like
•How new technologies like AI are evolving security

Key Topics: Cybersecurity, Physical security, Security convergence, Hacking, Hackers, cyber-physical systems, Security management
Recorded Sep 4 2019 51 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Min Kyriannis, Head of Cybersec, Jaros, Baum & Bolles & Valerie Thomas, Exec Information Security Consultant, Securicon
Presentation preview: Why Cybersecurity and Physical Security Belong Together

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • How Does Ransomware Fool Top Antivirus Products? May 27 2020 7:00 pm UTC 60 mins
    Nir Gaist, Founder and CTO of Nyotron
    Ransomware, ransomware, ransomware. Why are our current endpoint defenses so inefficient? We will take three leading endpoint security (antivirus) products and demonstrate live how ransomware developers use trivial techniques to bypass all of them. Often a single line of code is all that’s needed to render antivirus ineffective and all data lost.

    NOTE: This webinar is applicable to technical audience only. We will be digging right in the source code and compiling ransomware on the fly.

    Presenter:
    Nir Gaist, founder & CTO of Nyotron, is a recognized security expert and ethical hacker. Nir has worked with and pentested some of the largest Israeli organizations, such as banks, police and the parliament. He also wrote the cybersecurity curriculum for the Israel Ministry of Education.
  • Storage Networking Security Series: Protecting Data at Rest May 27 2020 5:00 pm UTC 75 mins
    Pierre Mouallem, Lenovo; Ahmad Atamli, Mellanox; Steve Vanderlinden, Lenovo
    One of the most important aspects of security is how to protect the data that is just “sitting there.” How easy is it to get to? Who can get to it? If someone does get access to the data, can they read it? What are the potential risks of the wrong people reading the data? These are just a few of the questions that we try to answer when we go through the process of securing data.

    Contrary to popular belief, however, securing “data at rest” is not simply encrypting the data. While it is true that data encryption plays a major role in securing “data at rest,” there are several other factors that come into play and are equally as important – if not more so.

    For this webcast, we’re going to talk about those other factors (Encryption is deserving of its own, specific webcast). We will present the end-to-end process to securing “data at rest,” and discuss all the factors and trade-offs that must be considered, and some of the general risks that need to be mitigated, discussing:

    • How requirements for “data at rest” differ from “data in flight”
    • Legal and regulatory reasons to protect (or delete) data at rest
    • Where and how data could be attacked
    • Understanding the costs of ransomware
    • How to protect cryptographic keys from malicious actors
    • Using key managers to properly manage cryptographic keys
    • Strengths and weaknesses of relying on government security recommendations
    • The importance of validating data backups... how stable is your media?
  • Privacy in the Time of COVID Recorded: May 22 2020 58 mins
    Chenxi Wang | Vishwanath Raman | Michelle Dennedy | Tom Pendergast
    In the fight against COVID-19, countries are taking urgent actions to address the crisis. Some are turning to tech to find solutions for containing the spread of the virus. Digital contact tracing, in particular, is gaining a lot of traction. For example, Apple and Google recently announced a rare collaboration to jointly facilitate contact tracing within their mobile platforms for public health monitoring applications.
    So, what does this mean for privacy? 
    While some efforts are being made to preserve user privacy, like not tracking user location or collecting other identifying information, digital contact tracing can still reveal more user information than necessary.

    Join this panel of security and privacy experts lead by Chenxi Wang to learn more about the different implications associated with digital contact tracing, how it is being used around the world, and the long-term effects of COVID-rushed decisions.

    Speakers:
    - Chenxi Wang, Founder & General Partner of Rain Capital
    - Vishwanath Raman, Lead, Privacy Technologies, Oasis Labs
    - Michelle Dennedy, CEO Drumwave
    - Tom Pendergast, Chief Learning Officer, MediaPRO
  • Privileged Access Management: A Zero-Trust Approach to COVID-19 Recorded: May 21 2020 76 mins
    Colin Whittaker with Chad Wood, Galvanize; Joseph Carson, Thycotic; Chad Carter, Wallix; and Ilia Sotnikov, Netwrix
    Security practitioners around the world are struggling to cope with the challenges posed by remote workers during the COVID-19 pandemic. With all users working from home simultaneously, there is a tremendous load and increased security risks across private networks and the cloud. In light of more workers accessing data from the cloud, many organizations are taking a "zero trust" approach, including the use of solutions such as Privileged Access Management (PAM).

    If your organization is just getting started with a Privileged Access Management (PAM) program, or you are focused on implementing advanced PAM strategies to align with a COVID-19 environment, this CPE accredited webinar will address what you need to know for data security. Our panel of experts will outline the key challenges and offer some clear recommendations that emphasize the critical role of people, processes and technology in effectively mitigating PAM risk, including:

    - Tracking and Securing Every Privileged Account
    - Governing and Controlling Access
    - Recording and Auditing Privileged Activity
    - Operationalizing Privileged Tasks
    - Creating a Zero Trust environment
  • Election Threats: Ransomware at the State & Local Level Recorded: May 21 2020 58 mins
    David Morris | Lee Imrey | Brett Foy | Lance James
    Crippling ransomware attacks are on the rise and U.S. cities are falling victim at alarming rates. The public sector is especially vulnerable because state and local governments tend to have outdated computer systems and maintain sensitive data which is highly desirable to attackers.

    Join this episode of the Election Hacking series to learn more about the ransomware threat to state and local governments and what this means for the 2020 U.S. presidential election.
    - The year of ransomware
    - How cities and states are coping with the scourge of ransomware
    - The ransomware dilemma: Pay the ransom or fight the infection
    - How AI is enabling - and helping fight - ransomware attacks
    - Ransomware as a threat to democracy

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    Panelists:
    - Lee Imrey, Cybersecurity Advisor, Splunk
    - Brett Foy, Global Vice President, Engineering, Datrium
    - Lance James, CEO of Unit 221B

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • Storage Networking Security Series – Encryption 101 Recorded: May 20 2020 60 mins
    Judy Furlong, Dell Technologies; Ed Pullin, Intel; Alex McDonald, NetApp
    Encryption has been used through the ages to protect stored secrets, authenticate messages, communicate secretly in broad daylight, and even to check that messages were properly transmitted and received without tamper. Now, it’s often our first go-to tool for making sure that data simply isn’t readable to prying eyes, ears or AI bots.

    But how does encryption actually work, what makes it tick, and how is it managed? How do we ensure compatibility? How do we protect the keys; i.e., “Who will guard the guards themselves?”

    It’s a big topic that we’re breaking down into three parts: Encryption 101, Key Management 101, and Applied Cryptography.

    Join us on May 20th for the first encryption webcast: Storage Networking Security: Encryption 101 where security experts will cover:

    •A brief history of Encryption
    •Cryptography basics
    •Definition of terms – Entropy, Cipher, Symmetric & Asymmetric Keys, Certificates and Digital signatures, etc.
    •Introduction to Key Management

    After you watch the webcast, check out the Encryption 101 Q&A blog at https://bit.ly/2ZGMisl
  • Cybersecurity Strategy and Leadership for the SMB Recorded: May 20 2020 56 mins
    Diana Kelley | Susan Whittemore | Jay Ryerse | Courtney Radke
    Smaller businesses have a common problem when it comes to cybersecurity - limited expertise, resources and budget.

    The board is asking for, clients are demanding to know whether the company is secure, IT team can't articulate the cybersecurity program, because there isn't one.

    Cybersecurity is sometimes an afterthought for a start-up, or delegated to one engineer. There's a tendency to think of cybersecurity as a set of tactical, technical implementations to cover obvious threats rather than a business problem.

    We'll discuss the role of the CISO in terms of providing the leadership and strategy for a cohesive, risk based program. Ideally, the role is not a technician.

    With an ever-evolving threat landscape and a growing business, where does a business start to build and maintain an affordable program? We'll discuss a baseline program, technologies required, focusing on fewest technologies for maximum benefit.

    This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.
  • Threat Analysis and Breach Protection Recorded: May 14 2020 36 mins
    Kalani Enos, Partner/VCISO/Threat Analysis, Immersion Security
    As the world continues the work-from-home initiative in order to combat the COVID-19 threat to humanity, organizations must also consider that threat actors (hackers, Advanced Persistent Threats, etc.) may take this opportunity to exploit existing vulnerabilities normally mitigated in an office environment behind a firewall, as an example, but not necessarily mitigated in a Telework environment. This presentation will discuss the following topics

    - Discuss the recent rise Threat Actor exploits of Telework applications, and provide a means of ‘visibility’ by organizations to detect, analyze and remediate threats attempting to exploit vulnerabilities.

    - Visibility into emerging threat capabilities to introduce ransomware and malware into a remote computer/mobile device. Example: COVIDLOCK ransomware on Android smart phones and how to detect and remediate.

    - How VPN is only a step in the right direction towards accessing and transmitting secure, sensitive data. How additional applications and best practices can assist organizations to maintain Confidentiality, Integrity and Availability (CIA) in the near-immediate term.

    - The advantage of educating employees on the dangers associated with working remote, and whether use of personal devices versus company-provided devices are viable options.

    - How Software as a Service (SaaS), Infrastructure as a Service (IaaS) providers can assist your organization in maintaining effective CIA in a Work From Home environment. The presenter will also discuss limitations and the often overlooked Shared Responsibility.
  • Securing your Cloud and Data with REAL best practices that really work…really! Recorded: May 14 2020 53 mins
    Tony Pietrocola, President, Agile1
    Every company in the world is being forced to digitize their customer and supplier interactions while enabling flexible work from home patterns. Just like trying to change a tire on a car going 60MPH, businesses are forced to adapt quickly because of today’s state of business. Hackers are licking their chops as more digitization happens quickly CIOs and IT Teams are more vulnerable than ever.

    Join us as our security experts discuss the following cyber-attack trends and recommended strategies for better security in 2020:

    1. The Digital Data Attack Surface
    2. Cloud / Endpoint Visibility Challenges
    3. De-Risk Data in the Cloud
    4. Incorporate CyberSecurity into Risk Management
    5. Six Practical Steps to beat Hackers
  • All You Need to Know about Secure Coding with Open Source Software Recorded: May 14 2020 51 mins
    Javier Perez, Product Management, Open Source and Security Advisor
    In this session you are going to hear about application security and open source software. A review of how open source software grows and how vulnerabilities are created. Vulnerabilities in open source software increase the risks of exploitation, it is critical then to understand the dynamics of how open source software is built and to have a plan in place to reduce risk. A security plan around visibility, early stage in the development lifecycle and policy governance.

    Open source sparks innovation, it provides bug fixes and security fixes, the solution is not to stop using open source software. All new technologies from AI and Machine Learning to Virtual Reality, self-driving cars and robotics are built in the open, so there’s no turn back. The best approach is to keep up with the progress in open source, to shift-left and automate application security.


    This session will provide:
    -Insight into how open source software works and grows
    -How to address security for open source components
    -How to keep up with constant changes and new vulnerabilities
  • Giving Security Operations a Brain Recorded: May 14 2020 47 mins
    Anas Hadidi, CISSP, Sr. SecOps Practice Lead – EMEA & LatAm, Micro Focus
    Firewalls and IPSs don’t replace but rather complement each other’s roles in securing the parameter, yet some are insisting that analytics, analysis, and Machine Learning are meant to replace each other when it comes to situational awareness. This Session will help explore how these concepts complement each other to help achieve better situational awareness.
  • The IoT Risk Factor – An IoT Risk Assessment Guide Recorded: May 14 2020 62 mins
    Joseph Carson, Chief Security Scientist, Thycotic
    Welcome to the world of IoT (Internet of Things) as more and more devices get connected online. With weak or almost no security these devices can easily become a victim, be turned into a BOT which can then be controlled and used to participate in a DDoS (Distributed Denial of Service) attack or turn systems into bricks along with the data.

    This session walks you through the reality check on the risks and threats that IoT devices introduce to the business and what you can do to reduce the risks. A best practice approach to an IoT Risk Assessment.

    - What are the biggest risks from IoT devices?
    - What are the biggest threats from IoT devices?
    - Best Practices in reducing the risks
    - Future of IoT Security
  • Wait! Where is everyone? Security in the Time of the Remote Workforce Recorded: May 13 2020 64 mins
    Vishnu Varma (Idaptive) & Senthil Palaniappan (Sennovate Inc.)
    A few months ago, security vendors were offering up cyber threat predictions for 2020 and product roadmaps indicating how solutions were evolving to address the shifting threat landscape. Market research firms were sharing revenue projections and providing guidance to end-user organizations intended to help them solidify their security strategy and budgets for the year. And then along came the coronavirus.

    The rapid on-set of a global pandemic has changed both the threat landscape and what organizations should be spending their security budgets on, almost overnight. An all-remote workforce opens the door to new opportunities for malicious activity by bad actors; stealing passwords and data is easier, and critical business applications are at greater risk as employees attempt to access both on-prem and cloud-based apps from home.

    In this webinar, Identity and Access Management (IAM) experts from Sennovate and Idaptive will address the role IAM and adaptive multi-factor authentication (MFA), in particular, can play in both enabling and securing the remote workforce. Adaptive MFA, based on the oh-so-important principles of Zero Trust—“never trust, always verify”—holds the keys to dramatically reducing risk and improving compliance, no matter where an organization’s employees are in the world. Best of all, adaptive MFA improves user productivity and happiness, while reducing IT and helpdesk overhead.

    Attendees will gain an understanding of: the new or increased threats caused by the surge in remote workers; the critical role that IAM and adaptive MFA can play in filling any security gaps that may still exist across a far-flung labor force; and the benefits of adaptive MFA, including improved user productivity and job satisfaction, and reduced IT and helpdesk burden.


    Speakers:
    Vishnu Varma, Sr. Director, Product Management, Idaptive
    Senthil Palaniappan, Founder & CEO, Sennovate Inc.
  • Resilience in the Cloud Recorded: May 13 2020 29 mins
    Greg Tomchick, Director of Proactive Advisory Services, Cyber Defense Labs
    With constantly changing physical and technological environments, companies and individuals are encountering the most difficult time in history to develop and maintain Resilience. As we to continue to build smart cities and smart nations, connecting our cloud-based networks to Internet-of-things (IOT) devices and other operational technologies, our lives are being impacted more and more and we have rapidly increasing risk, by virtually expanding our threat surface.

    With 83% of enterprise workloads being hosted in cloud-based environments, today's leaders are being exposed to extreme challenges in understanding and addressing the intangible risks that could cripple an organizations entire supply chain in real-time.

    In order to combat this growing threat, Greg Tomchick and his team at Cyber Defense Labs empower organizations to adopt a proactive approach to minimizing the connected risks across the enterprise, while meeting or exceeding regulatory requirements.

    Be sure not to miss this important conversion on what you can do to protect your corner of cyberspace, build operational resilience in the cloud and how we can work together to address this important issue as we voyage through 2020.
  • The PCI Dream Team Celebrates GDPR's 2nd Anniversary Recorded: May 13 2020 61 mins
    Ben Rothke | David Mundhenk | Jeff Hall | Arthur Cooper "Coop"
    May 2020 marks the 2nd anniversary since EU's General Data Protection Regulation (GDPR) came into effect. How has the world of regulations changed in the last two years, and what else can we expect on the privacy and compliance landscape?

    Join the PCI Dream Team as they celebrate GDPR's 2nd birthday - while social distancing from home - with a fun and insightful Q&A discussion on all things GDPR, CCPA & PCI DSS.

    Grab a seat, eat some cake and bring us your toughest compliance-related questions.

    Our panelists are some of the top PCI QSA’s in the country, with decades of combined PCI and card processing experiences. They’ve seen it all: the good, bad and ugly; and lived to tell the tale.
  • [PANEL] How to Simplify Cyber Risk Management? Recorded: May 13 2020 60 mins
    Kalani Enos (Immersion Security), Terence Jackson (Thycotic), Rick Holland (Digital Shadows), Joseph Carson (Thycotic)
    In today’s multi-cloud and hybrid environments, CISO's are struggling to secure assets, manage security policies across clouds, monitor and mitigate risks, while also supporting the business. How are CISOs solving the challenge of complexity?

    Join this panel of experts to learn how to simplify cyber risk management as well as maximize the value of your team and technology.
    - Risk scoring and security controls
    - How to identify risks for organizations and their third-party vendors
    - How to prevent, detect, and respond to, privacy and network security incidents
    - Best of vulnerability and risk management in a multi-vendor environment
    - Best practices and use cases across industries

    Speakers:
    Kalani Enos, Partner/VCISO/Threat Analysis, Immersion Security (Moderator)
    Terence Jackson, Chief Information Security Officer, Thycotic
    Rick Holland, CISO, Vice President Strategy, Digital Shadows
    Joseph Carson, Chief Security Scientist, Thycotic
  • New Regulations and the Evolving Cybersecurity Technology Landscape Recorded: May 13 2020 62 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    As the cyber threat landscape continues to evolve, organizations worldwide are increasing their spend on cybersecurity technology. We have a transition from 3rd party security providers into native cloud security services. The challenge of securing enterprise data assets is increasing. What’s needed to control Cyber Risk and stay Compliant in this evolving landscape?

    We will discuss evolving industry standards, how to keep track of your data assets, protect your sensitive data and maintain compliance to new regulations.
  • Network Model driven Risk Management & Compliance Recorded: May 13 2020 48 mins
    Anas Hadidi, CISSP, Sr. SecOps Practice Lead – EMEA & LatAm, Micro Focus
    As assumption is the mother of all mistakes, the blind believe that everyone will do the right thing every time the needs to be revisited as it gives both a false feeling of safety and creates blind spots. This session will discuss how to build an understanding of your network, how to integrate it in your security practice, and how to identify deviations from that understanding.
  • Cloud Privacy: A Journey to Profitability or Just a Cost of Business? Recorded: May 13 2020 56 mins
    Paul Benedek, Director, Excis Networks Ltd
    With exponential growth in Cloud technology adoption, there are emerging security and privacy threats that need to be managed. The law is almost always playing catch up with technology advancements and regulators across the globe are starting to drive changes to bring more accountability and transparency in Cloud Privacy. It started with the GDPR and there is a lot more regulation to come.

    This session looks at some of the emerging international compliance regulation and considers the impact on Cloud Privacy. It factors costs and benefits and seeks to determine if it is the regulators or consumers of Cloud services that are the driving force behind the demands for more accountability and transparency. We discuss buyer, supplier and organisational behaviour and ask the question, will the drive for Cloud Privacy ultimately lead organisations to profitability or is Privacy just another cost of doing business in the modern world?

    About the speaker:

    Paul, is often described as the missing link between legal, business and technology as he is one of the few people to bridge the gap in compliance, translating complex legislative requirements into privacy and security deliverables as well as delivering successful privacy and training programs.

    Paul specialises in cloud privacy and has many years of international experience working in regulated and non-regulated industries, working on compliance projects and programs. He is a Certified Information Privacy Professional (CIPP/E), a certified international DPO (University of Maastricht) a Certified Cloud Auditor and is also certified in Cloud Security (CCSK).
  • Malware in Disguise: The New Normal Recorded: May 12 2020 61 mins
    Alex Holden, CISO, Hold Security LLC
    Examination of the threats and advances of malware in 2020. New techniques from existing threat groups and emerging trends. Examination of popular botnets, attack techniques, and current defenses.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Why Cybersecurity and Physical Security Belong Together
  • Live at: Sep 4 2019 5:00 pm
  • Presented by: Min Kyriannis, Head of Cybersec, Jaros, Baum & Bolles & Valerie Thomas, Exec Information Security Consultant, Securicon
  • From:
Your email has been sent.
or close