Hi [[ session.user.profile.firstName ]]

Advanced Persistent Threats - The Hacker's Latest Weapon or Just Marketing Spin?

A string of serious security breaches this year has caused many to believe that hackers are raising their game, and using far more sophisticated techniques to penetrate corporate systems. Victims speak of advanced persistent threats (APTs) that are increasingly hard to defend against. But some observers regard the term APT merely as a smokescreen to conceal a lack of basic security, and argue that if companies focus on getting the basics right, they will be immune to all but the most determined attacker.
Recorded Dec 7 2011 47 mins
Your place is confirmed,
we'll send you email reminders
Watch for free
Presented by
Ron Condon, SearchSecurity.co.UK, Warwick Ashford, ComputerWeekly.com; Vladimir Jirasek, WorldPay, David Perry, Trend Micro
Presentation preview: Advanced Persistent Threats - The Hacker's Latest Weapon or Just Marketing Spin?
Related topics:

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile

Information Security

  • 2021 Readiness: Balancing Security in a Post-COVID World Dec 9 2020 5:00 pm UTC 60 mins
    Diana Kelley | Mark Weatherford | Ted Harrington
    Earlier this year many companies experienced an incredible shift to fully remote work almost overnight, in response to the COVID-19 pandemic. This accelerated the “digital transformation” journey for many companies compressing what was a multi-year timeline into a few months and making 2020 different than any other previous year. In this episode we’ll explore how the balance between security, privacy and productivity was tipped this year, and what can we expect to see in 2021 as some, but not all, organizations head back to office work with a post-pandemic mindset.

    The audience will hear from CISOs and Security Directors about how this year was different, what they're going to do differently going forward, and what they expect (or have already seen) as organizations get back to pre-COVID levels.

    Topics covered:
    - 2020 in review
    - The hard lesson that a mobile workforce is not the same as a remote workforce
    - How the attack surface expanded and what CISOs are doing to ensure risk doesn’t expand too
    - How digital transformation sped up and what they meant for security, privacy and productivity
    - During the speedy journey to the cloud - what mistakes were made?
    - Lessons learned that will be carried forward for security teams
    - What CISOs are doing to prepare for whatever 2021 may bring

    Panelists:
    - Mark Weatherford, Chief Strategy Officer and Board Member, National Cybersecurity Center
    - Ted Harrington, Executive Partner, Independent Security Evaluators [ISE]

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
    Save your seat
  • To Trust, or Not to Trust the Cloud; That is Your Compliance and Risk Question Dec 9 2020 11:00 am UTC 45 mins
    Niamh Muldoon, Senior Director, Trust and Security, EMEA, OneLogin
    Many organizations struggle with digital transformation and cloud computing particularly when implementing a framework to meet their compliance requirements. In this session, we will discuss a framework and operational approach to support you to move your business forward delivering quality services balancing cost and risk.
    Save your seat
  • Protecting Against Public Cloud Data Breaches Using Confidential Computing Dec 8 2020 10:00 pm UTC 60 mins
    Seth Knox, Fortanix | Nelly Porter, Google | Dave Thaler, Microsoft | Mike Bursell, Red Hat | Aeva Black, Microsoft
    Today, data in the public cloud is often encrypted at rest in storage and in transit across the network, but not while in use in memory. Organizations that handle sensitive data such as Personally Identifiable Information (PII), financial data, or health information need to mitigate threats that target the confidentiality and integrity of either the application or the data in system memory.

    In this webinar, experts from the Confidential Computing Consortium (CCC) will define confidential computing, discuss how businesses are using Confidential Computing to protect against data breaches today, and review the ecosystem of solutions and open-source projects available to enable applications to make use of Confidential Computing.

    Key topics covered in the webinar include:
    ● The Confidential Computing definition and comparison to related technologies
    ● Key properties of Trusted Execution Environments (TEEs) to look for
    ● Threats mitigated by Confidential Computing technologies
    ● Utilization paradigms: using application SDKs vs. runtime deployment systems
    ● The ecosystem available to support Confidential Computing application development
    ● Common real-world use cases for Confidential Computing


    Seth Knox, VP of Marketing, Fortanix (Outreach Chair) (Linkedin https://www.linkedin.com/in/sethknox/, twitter @seth_knox)
    Nelly Porter, Lead Product Manager, Google
    Dave Thaler, Software Architect, Microsoft (TAC Chair)
    Mike Bursell, Chief Security Architect, Red Hat
    Aeva Black, Open Source Program Manager, Microsoft
    Save your seat
  • Cloud adoption has changed gears; your security needs to do the same Dec 8 2020 6:00 pm UTC 60 mins
    Miguel Carrero, Cybersecurity Executive and Board Member, Siemplify, WireX
    We all know that consumer and businesses are dramatically increasing the consumption of cloud based Information Technologies; either infrastructure, applications, services or even cybersecurity. The move to a cloud-based IT is unstoppable, with another wave of changes coming as 5G becomes more of an actual reality. While we have a new slew of acronyms and technologies coming our way (XDR, NDR, SaSe, etc) many companies struggle to address cloud from a cybersecurity perspective. In this webinar we will address key elements to be taken into consideration:

    - Full understanding on what cloud consumed IT means end to end, specially in the world of hybrid cloud
    - Provide security for the cloud consumed infrastructure, applications and services
    - Keeping a security posture that included traditional and cloud consumed IT. Key priorities and where to start
    - Providing security from the cloud itself
    - What is the role of the big cloud providers (aka AWS, Microsoft and Google) as they doubled down their efforts in cybersecurity
    - Looking ahead. How will (true) 5G impact cloud cybersecurity as the underlying telecommunications industry undergoes a major shift
    Save your seat
  • [PANEL] Cloud Security Risks and Solutions Dec 8 2020 4:00 pm UTC 60 mins
    Clarify360 | PerimeterX | Google Cloud | Appgate | Anitian
    In a recent report, the Cloud Security Alliance (CSA) outlined the top 11 threats to cloud computing for 2020. Data breaches, misconfiguration and inadequate change control, a lack of cloud security architecture and strategy, and insufficient identity and access management were among the biggest security challenges for all industries operating in the cloud.

    These issues are not unique to any particular industry, but fortunately, they have common solutions. It’s clear that protecting public cloud assets is key. COVID-19 pandemic was a major accelerant for organizations to quickly move forward with the migration of business infrastructure and applications to the cloud.

    Cloud Controls and Breach Prevention are top of mind for IT leadership and team alike.

    In this panel discussion, we’ll discuss the importance of cloud controls and breach protection during this accelerated move to the cloud

    - What the C Suite Needs to Know about Cloud Security
    - Why Cloud Security is not an IT problem, it’s a business problem
    - The Revenue and Brand ROI of Preventing Data Breaches
    - Real productivity results from correcting misconfiguration and inadequate change control
    - The importance of building a cloud security architecture and strategy
    - Why managing sufficient identity, credential, access, and key policies
    - Cross Training and Upskilling your team


    Moderated by: Jo Peterson, CEO & Co Founder, Clarify360

    Dr. Anton Chuvakin, Head of Solution Strategy, Google Cloud
    Ido Safruti, Co-founder and CTO of PerimeterX
    Tina Gravel, Senior Vice President, Appgate
    Charles Johnson, Cybersecurity Advocate, Anitian
    Save your seat
  • Shifting to a holistic cloud security strategy Dec 8 2020 11:00 am UTC 45 mins
    Jeremy Snyder, VP Business/Corporate Development & International Strategy, Rapid7
    As companies gain more cloud maturity, they learn that their 2 core security tool sets for on-premise infrastructure no longer apply. Additionally, they get the most value by changing their operating patterns. In this talk, we’ll talk about lessons learned in embracing cloud-native security practices, and discuss implications for changing tool sets around cloud security.
    Save your seat
  • The Corporate Dissolve of Centralized Security Dec 7 2020 11:00 pm UTC 45 mins
    Stan Golubchik, CEO and Founder, ContraForce
    Adopting to Secure the Mobile Workforce

    The shift to a widespread corporate mandate for employees to work from home has dynamically altered the threat landscape and how security applications and integrations are delivered. Data is more pervasive than ever. The expansive footprint of where data is accessed and stored, results in an ever evolving and growing attack surface.
    Our disrupted social normal has created one of the most nourishing environments for adversaries to target with phishing attacks, ransomware, and vulnerability exploits. Nearly 70% of attacks originate from the endpoint due to insufficient visibility, policies, and controls around the mobile work force.

    Are you implementing the proper defense in depth strategy with a Zero-Trust mindset to thwart attacks even at your weakest links? Digital sprawl has reached new heights in this new pandemic world and it’s important we focus on adapting to these new circumstances to keep our businesses safe and the outcomes they provide for social entitlement. Learn how your business can begin to work in a way to reduce operational strain of security and answer the question of how we can effectively secure our employees.
    Attendees will learn the following:
    1. Understand what your attack surface resembles in this current work from home climate.
    2. Identify best practices that can help assess your current security posture and take actionable results to invoke change.
    3. Which technologies can supplement your governance model to secure your business and employees.
    Save your seat
  • Closing Cybersecurity Skills Gap with Customized Training and Untapped Talent Dec 7 2020 10:00 pm UTC 60 mins
    Leah McLean | Malcolm Harkins | Mary Chaney | Diana Kelley | Ryan Clarque
    Not a day goes by in the cybersecurity industry without hearing about a talent shortage, skills gap, and necessity for training. A recent survey conducted by the Enterprise Strategy Group (ESG) and the Information Systems Security Association (ISSA) of cybersecurity professionals shows that 70 percent believe their organization has been impacted by the global cybersecurity skills shortage.
    We spent time talking to a number of people from human resources, managers, vendors, universities and end-users to get their perspective on cybersecurity skills, type of roles, and overall business needs.

    We discovered, it’s not just about skills gap, but also the communications gap between what employers think they are looking for and the talent that is available to them. During this discussion, dynamic experts from various organizations will share the following:

    • The needs across the technology vendors and end-user organizations, the education variance, and how to accommodate for the requirements and demands across the entire industry.
    • Most common type of roles to be fulfilled and the drivers behind the role types.
    • How we can make security built into the fabric of our culture, no matter the organization.

    Moderated by:
    Leah McLean, Head of Business Development and Marketing, Cyber Future Foundation
    https://www.linkedin.com/in/leahrmclean/

    Panelists:
    Malcolm Harkins, Chief Trust Officer, Cymatic
    https://www.linkedin.com/in/malcolmharkins/
    Mary Chaney, Esq, CISSP, CIPP/US
    https://www.linkedin.com/in/marynchaney/
    Diana Kelley – CTO and Founding Partner, SecurityCurve
    https://www.linkedin.com/in/dianakelleysecuritycurve/
    Ryan Clarque, Senior Manager, Global Cybersecurity at Levi Strauss & Co
    Save your seat
  • How Video Analytics is Changing the Way We Store Video Dec 2 2020 6:00 pm UTC 75 mins
    Kevin Cone, Intel; Glyn Bowden, HPE; Jim Fister, The Decision Place
    There is a new wave of cognitive services based on video and image analytics, leveraging the latest in machine learning and deep learning. In this webcast, we will look at some of the benefits and factors driving this adoption, as well as explore compelling projects and required components for a successful video-based cognitive service. This includes some great work in the open source community to provide methods and frameworks, some standards that are being worked on to unify the ecosystem and allow interoperability with models and architectures. Finally, we’ll cover the data required to train such models, the data source and how it needs to be treated.

    However, there are challenges in how we do this. Many archives were analog and tape based which doesn’t stand up well to mass ingestion or the back and forth of training algorithms. How can we start to define new architectures and leverage the right medium to make our archives accessible whilst still focusing on performance at the point of capture?

    We will discuss:

    •New and interesting use cases driving adoption of video analytics as a cognitive service
    •Work in the open source arena on new frameworks and standards
    •Modernizing archives to enable training and refinement at will
    •Security and governance where personal identifiable information and privacy become a concern
    •Plugging into the rest of the ecosystem to build rich, video centric experiences for operations staff and consumers
    Save your seat
  • Cybersecurity and Elections – Past, Present, and Future Dec 1 2020 5:00 pm UTC 60 mins
    Dan Lohrmann | Earl Duby | Joseph Carson
    The 2020 elections in the U.S. have been historic in numerous ways. With more email-in voting than ever before and very close results for the U.S. President and Congressional races, there is plenty to discuss about security.

    Was there voter fraud? Were the people, process and technology changes sufficient in states? How can we rebuild trust in elections? What is the future of voting in America?

    Join us for this interactive discussion with audience Q/A.

    This panel is part of the CISO Insights original series on BrightTALK with hosts Dan Lohrmann & Earl Duby. We encourage audience questions and participation.
    Save your seat
  • Data Breach – Tools and tips for managing a cyber attack Nov 26 2020 10:00 pm UTC 45 mins
    Paul Benedek, Consultant Director, Excis Networks Ltd and Bernadette Tyson, Consultant Director, Excis Networks Ltd
    Every day we see news of cyber-attacks. We get the impression that they may only be affecting
    larger companies, but this is far from the truth. In fact, the statistics clearly show that smaller
    companies are also being targeted. Cyber-attacks are not diminishing, and sadly whatever the size of
    your company, you are a target in today’s connected world. But despite this, many businesses are
    not prepared, technically or operationally to deal with the impact of cyber-attacks made against
    them.

    In this talk we look at the steps that all companies, small or large can take to mitigate and deal with
    cyber-attacks, as well as incident response and the human elements that feature in an attack. We
    also cover the key areas of cyber breach management and examine it from an attacker,
    organisational and customer perspective, revealing the impact not only your organisation but to
    others in your value chain.
    Save your seat
  • 5 Reasons CISOs are Turning to Security-as-a-Service Nov 26 2020 6:00 pm UTC 61 mins
    Jo Peterson, Clarify 360; Dan Bowden, Sentara Healthcare; Tyler Cohen Wood, Private Consultant; Mark Lynd, NETSYNC
    The global security as a service market size is expected to grow from USD 11.1 billion in 2020 to USD 26.4 billion by 2025, at a Compound Annual Growth Rate (CAGR) of 18.9% during that time period. Driven by a cloud-based delivery model, options abound for organizations in areas such as application security, data security, identity and access management, infrastructure protection and integrated risk management to name a few. These options include off the shelf security as a service products as well as those provided and managed by an MSSP.

    In today’s session we’ll explore these 5 key points:
    1. Security budgets and priorities in a post Covid-19 world
    2. When to outsource
    3. Selecting an MSSP
    4. Tools, Tools and More Tools
    5. Upskilling your team
    Save your seat
  • Cyber Threats in 2021: Real impact of COVID on Cyber Security Nov 26 2020 4:00 pm UTC 33 mins
    Himanshu Dubey, Director of Security Labs and Harshad Bhujbal, Technical Architect, Quick Heal Technologies Ltd.
    2020 has seen many Cyber Attacks using the COVID-19 pandemic as the central theme. For most
    part though these have been the same attacks that have existed since the last few years; just
    the packaging was changed.

    We expect the real cyber security repercussions of changes brought in by the COVID-19
    pandemic to be felt in 2021. In this talk we explore what the repercussions might be and what we
    can do to prepare and protect ourselves against them.

    We will cover:
    - Major Cyber Attack trends of 2020
    - What can be expected to continue in 2021
    - Potential repercussions of COVID-19 induced changes and new attack types in 2021
    Save your seat
  • I've Been Hit By Ransomware: Now What? Nov 26 2020 1:00 pm UTC 44 mins
    Mark D Rasch, Chief Legal Officer, Unit221B
    This session will focus on specific technical, legal and policy responses to ransomware attacks.

    Join to learn more about:
    * History of Ransomware
    * Most common forms of Ransomware
    * Costs of Ransomware and Mitigation
    * Ransomware Insurance
    * Ransomware prevention
    * Ransomware training and education
    * Legal Issues in Ransomware Payment (with October 2020 developments)
    * Ransomware mitigation
    * Threat intelligence and investigation in ransomware cases
    * Ransomware inoculation
    * Disaster recovery in ransomware
    Save your seat
  • CYA Toolkit for CISOs Nov 26 2020 11:00 am UTC 45 mins
    Michael Brooks, vCISO, Abacode Inc
    Perhaps you are like the 200 CISOs who shared their insights in the security leaders report, which revealed that organizations are using 57 separate security tools with 27% claiming they’re running a staggering 76 or more security products.

    These tools aren’t necessarily making your organization less vulnerable. In fact, many organizations find that they’re often flying blind when it comes to security.

    Join this session to learn:
    • Valuable techniques to optimize your cyber spend and offer risk balanced, cost effective security solutions for your organization
    • Key insights into the decision-making process to gain better visibility and control over your assets, attack surface and cyber defense posture
    • How to clearly define the business requirements and control objectives that should be driving your solution options and purchasing decision that will drive the most attractive ROI for your business and stakeholders
    Save your seat
  • Key Strategies to Reduce your Attack Surface in 2021 Nov 26 2020 9:00 am UTC 50 mins
    Sushila Nair, VP Security Services, Chief Digital Office and Brandon Swain, NTT DATA
    The year 2020 has accelerated organizations' digital transformations, particularly cloud migrations and the development of remote work capabilities. This rapid change has drastically altered the way that we work and consume data--creating exciting new paradigms, but also bringing new risks along with it. This session will analyze the security breaches that have occurred so far in 2020, and will discuss what defenses would have been vital for the prevention of these attacks. We’ll examine which security projects should be the “tip of the spear” in 2021 to help you reduce your attack surface, as well as look to the future to predict how the attack landscape may continue to change.

    Sushila Nair is on the board of the GWDC, the Greater Washington, D.C. Chapter of ISACA and plays an active role in supporting best practices and skills development within the cybersecurity community.

    Sushila has worked as a Chief Information Security Officer for ten years and has twenty years’ experience in computing infrastructure, business and security. Sushila has consulted in many diverse areas including telecommunications, risk analysis, credit card fraud, and has served as a legal expert witness. She has worked with the insurance industry in Europe and America on methods of underwriting e-risk insurance based on ISO27001.

    She has published numerous articles in the computing press on risk and security, and has spoken at Segurinfo, CACS, TechMentor, FinSec and many other global technical events on diverse subjects ranging from managing risk to designing security baselines.
    Save your seat
  • Election Recap & Cybersecurity Lessons Learned Recorded: Nov 19 2020 49 mins
    David Morris | Lee Imrey | Mick Baccio | Harrison Morris
    The 2020 U.S. presidential election has brought cyber security to the forefront for many in the U.S.

    From shedding light on disinformation campaigns aimed at disrupting the election, to testing voting machines and pentesting online voting apps, to raising awareness around the risk of ransomware and other attacks to local governments, voter registration databases, poll books and election reporting websites - security researchers and practitioners have been raising red flags throughout the election cycle.

    Join this episode of the Election Hacking series to learn about:
    - The 2020 election takeaways from a cybersecurity viewpoint: What went down, what could have gone better and how to better prepare for the midterm election in 2022
    - What the biggest election threats mean for your industry and organization
    - What have we learned and will it change anything in time for 2022
    - Post-election cybersecurity lessons for tech leaders

    Panelists:
    - Lee Imrey, Security Strategist at Splunk
    - Harrison Morris, PhD Candidate Georgia Tech researching the intersection of Cybersecurity and Cognitive & Brain Sciences
    - Mick Baccio, Security Advisor, Splunk

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
    Watch now
  • Compute Everywhere: How Storage and Networking Expand the Compute Continuum Recorded: Nov 17 2020 61 mins
    Jim Fister, SNIA CMSI/CSTI, Steve Adams, Intel: Chipalo Street, Microsoft; Eli Tiomkin, NGD Systems
    In modern analytics deployments, latency is the fatal flaw that limits the efficacy of the overall system.  Solutions move at the speed of decision, and microseconds could mean the difference between success and failure against competitive offerings.  Artificial Intelligence, Machine Learning, and In-Memory Analytics solutions have significantly reduced latency, but the sheer volume of data and its potential broad distribution across the globe prevents a single analytics node from efficiently harvesting and processing data.

    This panel discussion will feature industry experts discussing the different approaches to distributed analytics in the network and storage nodes.
    Watch now
  • Deceiving the Attacker Recorded: Nov 17 2020 56 mins
    Diana Kelley | Chris Roberts | Christina Fowler
    When it comes to deception technology, the industry is evolving beyond simple honeypots to a more automated, scalable, and effective approach.

    Join this episode of The (Security) Balancing Act to discover how deception technology can be used by organizations to detect, investigate and respond to malicious intruders. How does deceiving the attacker save your company and buy you time?

    During this episode, we'll go over:
    - What is deception technology and what does it help with?
    - How does it work? (e.g. Deception decoys, lures, honeytokens, traps, grids)
    - Is your organization ready to adopt deception?
    - What do you need to do before you buy the technology / build it in-house?
    - Key benefits of using deception for threat hunting
    - What else can deception be used for?
    - Deception use cases
    - The role of AI in deception (e.g. dynamic deception)

    Panelists:
    - Chris Roberts, vCISO, Researcher, Hacker, Consultant, Devils Advocate
    - Christina Fowler, Chief Cyber Intel Strategist at MITRE Corporation

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
    Watch now
  • Infrastructure Compliance Automation, Security & Management in your Cloud Recorded: Nov 12 2020 25 mins
    Adarsh Pradeep, CEO, Bakestack and Joseph Hale, CTO, Bakestack
    Are you moving or growing in the IaaS Cloud? The scale and pace with which this industry moves is both exhilarating and terrifying. There are broad implications for security in the cloud that are just starting to scratch the surface of things to come.

    In this talk, we will explore:
    - Security principles that stay the same & what changes in the cloud
    - How you can leverage Infrastructure Compliance Automation
    - How you can quickly get to the root of security problems - by analyzing contextual risk and evaluating your overall posture instead of just looking at a generic set of security controls

    After all, a great security program should be more than a checkbox. It's all about context, priority, and environment.

    About Adarsh Pradeep:
    Adarsh or "Adi" is a veteran professional who has built his career on pure-play cybersecurity. He has worked exclusively in critical infrastructure industries such as aviation & finance and has worn almost every security-related hat(not too common) in the book. This gives him a nuanced, technical yet business friendly approach to security that is hard to beat. Adarsh also holds a B.S. Degree in Information Technology and Assurance from George Mason University.

    About Joseph Hale:
    Joseph or "Joe" is a tech-leader and open-source expert. He has ingenious solutions to almost every problem you can think of and has helped architected and then built out massive high-performing middleware and cloud apps for numerous enterprises. His primary expertise lies in DevOps and Cloud Operations, but his ability to break down complex systems gives him great insight into security as well. He's also a huge math and statistics nerd. Joseph holds dual B.S. degrees in Computer Science and Mathematics from Dallas Baptist University.
    Watch now
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.
  • Upcoming webinars (36)
  • Recorded webinars (3,301)
  • Subscribers (167,393)
Channel RSS feed

Register for Free

 

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Advanced Persistent Threats - The Hacker's Latest Weapon or Just Marketing Spin?
  • Live at: Dec 7 2011 3:00 pm
  • Presented by: Ron Condon, SearchSecurity.co.UK, Warwick Ashford, ComputerWeekly.com; Vladimir Jirasek, WorldPay, David Perry, Trend Micro
  • From:
Your email has been sent.
or close