Hi [[ session.user.profile.firstName ]]

Surviving the Mobile Device Invasion – When Mobile Tries to Connect to IT

With the deluge of new mobile smartphones like Android, iPhone, and others hitting the streets, there are thousands of new attack vectors against a company's IT infrastructure that create potential security nightmares. When users download apps by the droves and then want to connect to core critical infrastructure, how should IT handle it? While there is a drive for increased off-hours and/or offsite productivity using mobiles, can we stomach the changes that are coming, and can our organizations remain (or become) secure?
Recorded Dec 7 2011 50 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Cameron Camp, ESET
Presentation preview: Surviving the Mobile Device Invasion – When Mobile Tries to Connect to IT

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Moving to Cloud? Assume Breach & Prepare Sep 8 2020 6:00 am UTC 60 mins
    Himanshu Dubey, Director Security Labs, Quick Heal Technologies Ltd.
    Countries, Cities and Companies have all traversed down the path of digitization in the hope of delivering on-demand services. In the case of enterprises, digital transformation has been engineered to drive process improvements, deliver newer customer experience, and biz model reengineering to capitalize on emerging trends

    At the centre of this transformation has been public cloud infrastructure, which has emerged as the backbone for innovation-driven growth. By embracing the cloud, enterprises can modernize their IT infrastructure and conjure solutions to serve customers digitally in new and innovative ways. Digital transformation & cloud adoption has further accelerated in recent times, as COVID-19 pandemic forced businesses to setup remote working at an unprecedented scale. Public Cloud services enabled fast & smooth migration to “working from home” by enabling connectivity from anywhere and supporting essential services such as video conferencing & real time communication

    This though exposes organizations to previously unseen cyber security risks. The increased attack surface alongside limited security capabilities, when it comes to public cloud, means organizations are more vulnerable than ever. To mitigate the risks, organizations must adopt a "assume breach" mentality and build a strong security culture within the organization

    In this talk I will discuss:
    Cloud security risks & challenges
    Some examples of vulnerabilities and how they have been used in attacks
    Assume breach mentality and how to use it to protect cloud workloads
    The need for Zero Trust. Made for the cloud!
    Security is everybody's business
  • Implementing Zero Trust Security – Keeping it Real! Sep 8 2020 4:00 am UTC 60 mins
    Lux Rao, Senior Director – Solutions & Consulting, NTT India
    Increasing cyber attacks are standing testimony to the fact that the best of technologies & traditional approaches for securing the network have not provided requisite protection from hackers.
    The increase in cloud adoption has only led to expansion of the threat landscape.

    Zero Trust framework has been touted as the silver bullet for some time now. At best, it has provided the guiding principles but mostly has been found wanting in implementation scenarios.
    While the promise & aspiration has been long understood, Enterprises struggle on where to start and how to implement.

    This webcast covers the practical scenarios, challenges & approach on how best to embark on the Zero Trust journey for Enterprises and in particular cutting out the Clutter & Noise around the much hyped concept.
  • Cloud Journey by Risk Mitigation in Financial Institutions/Banks Sep 8 2020 3:00 am UTC 55 mins
    Muhammad Ahmad, Head Information Security, FINCA Microfinance Bank Limited, Pakistan
    Cloud Migration Journey in Financial Institutions/Banks has been adapting the cloud services and is becoming the first choice due to its scalability, elasticity, cost-saving, reduced overhead, and Pay as you go model. But for financial institutes/Banks, they have more focus on privacy, security, confidentiality, and integrity of customer & financial institution.

    Join this session as we discuss:

    • Different aspects of Cloud migration throughout its journey while keeping our risks appetite within limits.
    • Common threats including data breaches, data loss, DDOS, insider threats, shared responsibility, and risk of insufficient due diligence/care throughout its life.
    • Continuous risk management strategy
    • Why financial institutes/banks are slow/reluctant in moving their customer/core data to cloud.
    • Legal & Regulatory aspects while dealing with cloud and mitigating the associated risks.
  • How To De-classify Data and Rethink Transfer of Data between US and EU Sep 2 2020 4:00 pm UTC 60 mins
    Ulf Mattsson, Chief Security Strategist, Protegrity
    Companies need immediate rethink on transfer data to the United States since the Privacy Shield transatlantic pact is declared invalid. The Court of Justice of the European Union found that the Privacy Shield does not meet the GPDR requirements and cannot ensure a level of protection.

    We will discuss how to achieve compliant pseudonymization, including protecting not only direct identifiers but also indirect identifiers and additional attributes, while still preserving the data’s utility for its intended use.

    We will also discuss different international privacy standards, the new Schrems II, clarify pseudonymization and other data privacy techniques.

    We will also discuss
    • Data privacy and working remotely
    • That GDPR does not apply to data that is no longer identifiable
    • Pseudonymization used nationally, as well as for trans-border communication
    • Pseudonymization use cases for privacy protection of personal health information
    • Re-identification attacks, full and partial
    • Extracting new information out of an anonymous or pseudonymous database through re-identification
    • Linkage mechanisms
    • The data de-classification process and workflow
    • Pseudonymization services best practices and trustworthy practices for operations
    • Policy framework for operation of pseudonymization services
    • When to use pseudonymization and/or anonymization
  • Hacking The Election: The Human Side [Part 2] Aug 28 2020 4:00 pm UTC 60 mins
    David Morris | Barak Engel
    Please join us for a special 2020 Hacking The Election episode where we will go beyond the traditional bits and bytes of hacking the upcoming election.

    In this episode we will explore the other side of Hacking The Election; the Human side, covering such topics as:

    - Manipulating the electorate
    - Seeding mistrust in the election process and results among the voters
    - Fermenting anger and disenfranchisement
    - Polarizing the electorate

    A soft preview of what's to come in the November election.

    - Barak Engel, Founder and Chief Geek, EAmmune
    - Other panelists TBA

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • [*CPE] Executive Tips to Modernize Your Compliance Program Aug 27 2020 5:00 pm UTC 75 mins
    Chase Hinson, OneTrust; Todd Boehler, ProcessUnity, Jason Rohlf, Onspring; and Kevin Jacobson of LogicGate.
    *Attend live for 1.5 CPE Credits

    Under the weight of new and changing regulations around the world, many organizations struggle to achieve compliance. They often lack a holistic view of their compliance profile and face increasing challenges due to digital transformation. Chief Compliance Officers who take a top-down approach are often met with resistance, but a successful program requires management to actively participate, not just sign off.  

    Organizations can no longer afford to apply check-the-box approaches to compliance. Executive management must take a variety of actions to demonstrate leadership and commitment to the company’s compliance management program. On this webinar our panel of experts will discuss the current compliance landscape and challenges facing today's organizations, and they will address best practices to modernize your compliance program, including how to:

    - Use a risk-based approach to meet regulatory demands.
    - Employ digital transformation in the management of compliance obligations.
    - Understand the impacts of regulatory changes and minimize resource-intensive manual processes.
    - Get buy-in from other departments and create a working group of stakeholders to develop and improve your compliance program.
  • Does Your Storage Need a Cyber Insurance Tune-Up? Aug 27 2020 5:00 pm UTC 75 mins
    Eric Hibbard, SNIA Security Technical Work Group Chair; Casey Boggs, ReputationUS; Paul Talbut, SNIA EMEA
    Protection against cyber threats is recognized as a necessary component of an effective risk management approach, typically based on a well-known cybersecurity framework. A growing area to further mitigate risks and provide organizations with the high level of protection they need is cyber insurance. However, it’s not as simple as buying a pre-packaged policy.

    This webcast will provide an overview of how cyber insurance fits in a risk management program. It will identify key terms and conditions that should be understood and carefully negotiated. Cyber insurance policies may not cover all types of losses, so it is critical to identify what risks and conditions are excluded from a cyber insurance policy before you buy.

    Join this webcast to learn:
    •General threat tactics, risk management approaches, cybersecurity frameworks
    •How cyber insurance fits within an enterprise data security strategy
    •Nuances of cyber insurance – exclusions, exemption, triggers, deductibles and payouts
    •Challenges associated with data stored in the cloud
  • Hacking The Election: The Human Side [Part 1] Aug 20 2020 4:00 pm UTC 60 mins
    David Morris | Lee Imrey | Midori Connolly | Lance James
    In the age of data collection and targeting by the campaigns, what can we learn from Gen Z? When it comes to data sharing, privacy and security awareness, what has changed in the population mindset since 2016? Are the lessons from the Cambridge Analytica scandal still applicable today? A soft preview of what's to come in the November election.

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • Network Traffic Analysis and the ATT&CK Framework Aug 20 2020 12:00 pm UTC 45 mins
    Stephen H Campbell, Risk and Controls Analyst, eosedge Legal
    The internet has enabled the perpetration of crimes at huge distances with impunity. But defenders can inspect network traffic for signs of malicious activity and where it originates.

    This session examines how we can use the MITRE ATT&CK framework to codify and share intelligence on attacker behaviors derived from network traffic analysis. We will look at how traffic is collected, stored and analyzed. We provide an overview of tools for analysis of network packets and flows, and explain how these tools can help us identify the malicious use of non-standard protocols, protocol abuse, tunneling, port scanning, lateral movement, command and control, and data ex-filtration. We will also discuss automated detection of suspicious traffic using signature-based, behavior-based, rule-based, and anomaly-based algorithms. Finally, we will introduce Security Onion, a Linux distro similar to Kali Linux, but for defenders.
  • Securing DevOps - Should We Start Shifting-Center? Aug 19 2020 9:00 pm UTC 45 mins
    Rodrigo Araujo, Security Advisor, Bell Canada
    Due to some conflicts related to the responsibilities expected from the CISO structure, it is very difficult to find the right balance to really implement a DevSecOps culture. Some even say that fully shift-left is unreachable.

    In this presentation we will:
    - Go deep on these twisted expectations
    - Understand how to achieve the perfect balance on the shift-left approach

    About the speaker:
    Rodrigo holds a Master’s Degree in Computer Science and has more than 12 years dedicated to the IT industry, embracing challenges with his clients and helping them during their Digital Transformation journey.
  • DevOps & Security in 2020 Aug 19 2020 3:00 pm UTC 60 mins
    Rachel Veal, Ad Hoc | Ido Safruti, PerimeterX | Josh Kirkwood, CyberArk | Max Heinemeyer, Darktrace
    Sacrificing data security for faster innovation is one of the main causes of tension between cybersecurity and IT professionals on the one side and DevOps teams on the other. So, how should organizations bridge this divide and what do they need to implement?

    Join this exclusive keynote panel to learn more about:
    - Why securing DevOps pays off in the long run
    - Shifting left: What is it, how it works and why your organization needs it
    - How to make security an integral part of the DevOps process
    - DevOps security checklist
    - Recommendations for tools and workflows that enable better security

    Rachel Veal, IT & Security Program Manager, Ad Hoc (moderator)
    Ido Safruti, Chief Technology Officer, PerimeterX
    Josh Kirkwood, Solution Engineering Manager, CyberArk
    Max Heinemeyer, Director of Threat Hunting, Darktrace
  • Rapid Moves to the Cloud: Securing the New Normal Aug 18 2020 5:00 pm UTC 45 mins
    Sushila Nair, Security Portfolio Senior Director, NTT DATA
    COVID-19 has accelerated the move to the cloud. Organizations have been propelled into a new paradigm. The cloud offers many advantages and some challenges in a work from anywhere environment. This session focuses on how to leverage the strength of the cloud whilst reducing risk and increasing governance.

    Join this session to learn about:

    - Tactical steps to get immediate risk reduction and lower operational cost
    - Leverage conditional access and stop shadow IT
    - Manage multiple clouds from a technical and cost perspective
    - Leverage automation whilst addressing the risks posed by bots and scripts
    - Bring governance into your cloud environment
    - Build a security roadmap for controls
    - Use Zero Trust to secure the work from home model
  • Supply Chain Security Aug 18 2020 4:00 pm UTC 60 mins
    Diana Kelley | Kiersten Todt | Nick Charpentier
    According to new research from Risk Ledger, 60% of security breaches originate in the organization's supply chain; including third party vendors and applications. No matter what business an organization is in, supply chain security and resilience must be factored into business planning to ensure secure, ongoing operations even during times of crisis and disruption.

    Join this panel to learn more about:
    - Types of supply chains (hardware, software, services)
    - Common vulnerabilities in the supply chain
    - Assessing where your security gaps lie and addressing the risk
    - Impact of the COVID-19 pandemic on supply chain security
    - Recommendations for improving security in your supply chain and your risk management program
    - Benefits of Supply Chain Risk Management (SCRM)
    - What is the Cybersecurity Maturity Model (CMM), and how it can improve supply chain security
    - Solutions and approaches that can improve supply chain security

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Threat Analysis and Breach Protection Aug 18 2020 3:00 pm UTC 35 mins
    Kalani Enos, Partner/VCISO/Threat Analysis, Immersion Security
    As the world continues the work-from-home initiative in order to combat the COVID-19 threat to humanity, organizations must also consider that threat actors (hackers, Advanced Persistent Threats, etc.) may take this opportunity to exploit existing vulnerabilities normally mitigated in an office environment behind a firewall, as an example, but not necessarily mitigated in a Telework environment. This presentation will discuss the following topics

    - Discuss the recent rise Threat Actor exploits of Telework applications, and provide a means of ‘visibility’ by organizations to detect, analyze and remediate threats attempting to exploit vulnerabilities.

    - Visibility into emerging threat capabilities to introduce ransomware and malware into a remote computer/mobile device. Example: COVIDLOCK ransomware on Android smart phones and how to detect and remediate.

    - How VPN is only a step in the right direction towards accessing and transmitting secure, sensitive data. How additional applications and best practices can assist organizations to maintain Confidentiality, Integrity and Availability (CIA) in the near-immediate term.

    - The advantage of educating employees on the dangers associated with working remote, and whether use of personal devices versus company-provided devices are viable options.

    - How Software as a Service (SaaS), Infrastructure as a Service (IaaS) providers can assist your organization in maintaining effective CIA in a Work From Home environment. The presenter will also discuss limitations and the often overlooked Shared Responsibility.
  • Securing the Cloud in 2020: Threats, Visibility & Privileged Access Aug 18 2020 12:00 pm UTC 57 mins
    Diana Kelley, Andy Givens, Manav Khanna & Tim Bach
    Cloud security remains a challenge for enterprises, especially in the new post-COVID-19 reality of 2020 and the shift to remote working. What are the new threats on the horizon and compliance considerations to keep in mind?

    Join this interactive panel of cloud security experts and industry leaders to learn more about:
    - New and old cloud security threats to keep in mind
    - Why visibility is key for cloud security
    - Know your cloud: Who is accessing what and when? How was their identity verified?
    - Privileged identities and what's needed for secure privileged access
    - Compliance challenges and considerations
    - Best practices for securing your data in the cloud

    Diana Kelley, Cybersecurity Field CTO, Microsoft
    Andy Givens, VP Solutions Engineers, North America, CyberArk
    Manav Khanna, Senior Director of Product Management Identity & Access Management, Thales
    Tim Bach, Vice President of Engineering, AppOmni
  • Business is still good for cyber criminals. How about yours? Aug 17 2020 6:00 pm UTC 45 mins
    Stella Igwenazor, IT Security Consultant, Syberficial
    Following international arrests of some cyber criminals, online criminal markets are adding security features to protect themselves from cops and additionally devising new means to continue prying on users and companies’ data in order to further their criminal behaviour.

    This session will provide some insight on:
    - The means the cyber criminals are using to obtain the information they need, and
    - The steps businesses and individuals alike can take to protect themselves.

    At the end of this session, the participants will take away:
    - Three key information the cyber criminals are after
    - Cyber criminals and their targets
    - Steps businesses (and individuals) can take to protect themselves from cybercrime

    About the speaker:
    Stella is an experienced, performance driven and result oriented Certified Information Systems Auditor
    (CISA) with over 13 years experience providing consulting services in SAP Security and Controls,
    Governance Risk and Compliance, IT Risk Management, and Auditing in public and private sector under
    her consulting firm Ellar Consulting Inc. She has also been involved in various cybersecurity initiatives
    which motivated her to start Syberficial in order to help those intimidated by CyberSecurity get
    acquainted with the topic.

    During the course of her career Stella, an MSc. holder in Business Applications of Computer Science has
    worked with stakeholders at various levels including C-level executives and senior leadership to create
    policies and procedures, develop strategies and deliver solutions to meet business objectives.

    When not occupied with security tasks, Stella being a fitness enthusiast and avid runner, likes to spend
    her time working out or on the running trail. She has completed a good number of half and full
    marathons and has it on her bucket list to run all six world major marathons.
  • Cybersecurity Threat Detection and Prevention Aug 17 2020 3:00 pm UTC 60 mins
    Jo Peterson | Adi Pradeep | Stan Lowe | Dr. Richard Ford | Homayun Yaqub
    Cyberthreats are viewed as a significant risk to organizations. They are capable of disrupting core operations and inflicting serious damage to brands and reputations.

    A study by Cybersecurity Ventures predicts these crimes will cost the world $6 trillion a year by 2021.

    Join this panel discussion to:
    - Review today’s expansive attack surface and the various ways bad actors penetrate networks
    - Discuss existing and emerging cyber threats
    - Understand policies, tools and best practices used to protect organizations as new threats emerge
    - Explore the roles that user training and education, skill development and governance play in defending against threats

    Jo Peterson, VP Cloud & Security Services, Clarify360 (moderator)
    Adarsh "Adi" Pradeep, Cybersecurity Consultant
    Stan Lowe, CISO, Zscaler
    Dr. Richard Ford, CTO, Cyren
    Homayun Yaqub, Global Security Strategist, Forcepoint
  • Police insight – How to protect your business from cyber threats Aug 17 2020 10:00 am UTC 60 mins
    Sean O’Neil L.Lb (Hon), MSyl | Carl Chapman, TiG | David Clarke, Guildhawk
    Cybercrime is at an all-time high.

    Businesses in the UK are under the constant threat of cyber security attacks, and there is an increasing risk of losing your data, money, and even the business itself. Hackers are experts at choosing vulnerable targets. Learn about the risks and best methods of defence by joining our security briefing with experts from the police, TiG and Guildhawk.

    In this briefing you will:
    - Hear how other businesses have been targeted
    - Understand the risks through real-life examples
    - Learn how to implement some simple defence strategies
    - Have the opportunity to ask questions
  • Cybersecurity in the New World Aug 17 2020 8:00 am UTC 45 mins
    John Lee, Managing Director, Global Resilience Federation ASIA-PACIFIC Pte Ltd
    Organizations are affected by changes in the external environment. The ongoing COVID-19 pandemic has demonstrated our vulnerabilities. Companies are stretched financially and operationally as they have to adjust to a new business model. Many countries have implemented lockdowns and restriction on travel and logistics. Employees are working from home and some businesses have shut down if they cannot remodel their services. Past major events such as the terror attacks in beginning of this century, the hacks of critical infrastructure in the last decade, major data breaches in the last 20 years, global financial markets crash in 2008 and others have impacted many countries and companies that are not prepared.

    As most of our systems and processes depends on digital technologies, it leaves us open to cyber attacks. We need to be prepared for the next external change that may leave us vulnerable to an attack. In the presentation some of the ways to increase our cyber resilience will be discussed. Cybersecurity must continuously evolved and be proactive. It must be top down and bottom up. The governance of Operational Technology and Information Technology needs to be holistic and seamless to prevent gaps in the environment. Just as important is the situation awareness on the ground and the control mechanism to bring to management attention when things go wrong or are likely to. In the presentation, some of the best practices of Cybersecurity to address the problems will be covered.

    Presenter Biography:
    John Lee is the Managing Director of Global Resilience Federation Asia Pacific. He manages the Operational Technology Information Sharing Analysis Centre (OT-ISAC). It is a membership driven community with organizations from public and private sectors managing OT critical assets and infrastructure. He has more than 20 years of experience in Information Security and ICT industry having managed teams in APAC and Middle East for MNCs.
  • Storage Networking Security Series: Applied Cryptography Recorded: Aug 5 2020 59 mins
    John Kim, NVIDIA; Eric Hibbard, SNIA Security TWG Chair; Olga Buchonina, SNIA Blockchain TWG Chair; Alex McDonald, NetApp
    The rapid growth in infrastructure to support the real time and continuous collection and sharing of data to make better business decisions has led to an age of unprecedented information access and storage. This proliferation of data sources and of high-density data storage has put volumes of data at one’s fingertips. While the collection of large amounts of data has increased knowledge and efficiencies for businesses, it has also made attacks upon that information—theft, modification, or holding it for ransom--more tempting and easier. Cryptography is often used to protect valuable data.

    This webcast will present an overview of applied cryptography techniques for the most popular use cases. We will discuss ways of securing data, the factors and trade-offs that must be considered, as well as some of the general risks that need to be mitigated, including:

    •Encryption techniques for authenticating users
    •Encrypting data—either at rest or in motion
    •Using hashes to authenticate/ Information coding and data transfer methodologies
    •Cryptography for Blockchain
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Surviving the Mobile Device Invasion – When Mobile Tries to Connect to IT
  • Live at: Dec 7 2011 6:00 pm
  • Presented by: Cameron Camp, ESET
  • From:
Your email has been sent.
or close