Hi [[ session.user.profile.firstName ]]

PCI Compliance From Virtualization Perspectives

PCI compliance has become a business requirement for any company involved in the processing of credit card information. It requires strong security controls over all systems and applications that process or store cardholder information. The PCI Council released new Guidelines for Virtual Environments on June 2011 that include new requirements for PCI compliance. These new requirements require security capabilities not mandated by the original PCI Guidelines. In this session we will review the new requirements and see how CA Security solutions may help customer complying those new challenges.

Guy Balzam has over 12 years of experience in IT and Information Security both as a developper and consumer of IS products. In his past roles Guy specialized in enterprise security, managed the ELAL airlines IT security unit and led their PCI certification process. With his vast knowledge of identity and access management Guy is now a Principal Product Manager of leading security products for CA Technologies.

Eric Chiu is CEO and co-founder of HyTrust, Inc. (http://www.hytrust.com/), a virtualization security company based in Mountain View, CA. He brings significant executive experience in high tech management and finance to this role. Previously serving as Vice President of Sales and Business Development at Cemaphore Systems, a leader in disaster recovery for Microsoft Exchange, Chiu built these departments from the ground up, consistently delivering significant quarter-over-quarter revenue growth and putting in place key OEM partnerships. Before that, he led Business Development at MailFrontier until its successful acquisition by SonicWALL. Formerly a Venture Capitalist for Brentwood (now Redpoint) and Pinnacle, he also served in the M&A Group for Robertson, Stephens and Company. Chiu holds a BS in Materials Science and Engineering from UC Berkeley.
Recorded Dec 1 2011 48 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Guy Balzam, Principal Product Manager, CA Technologies; Eric Chiu, Founder and President, HyTrust
Presentation preview: PCI Compliance From Virtualization Perspectives

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • [PANEL] Proactive Security Strategies and Best Practices Nov 5 2019 4:00 pm UTC 60 mins
    Panelists TBA
    In today’s business landscape it is important to take a proactive approach to security rather than a reactive approach. Join leading security experts as they discuss the safest ways to protect your organisation in 2019 and beyond.

    Join this Q&A panel to learn more about:

    - Key organisational benefits to practising proactive security
    - Technologies powering security
    - Best practices and recommendations for a more secure organization
  • Ask the Expert – Can Security be an Innovation Enabler? Nov 4 2019 1:30 pm UTC 30 mins
    Sherelle Farrington, Cloud Security Solutions Architect, Fortinet
    Join this live interactive Q&A session with Sherelle Farrington, Cloud Security Solutions Architect, Fortinet, where we'll be tackling key topics such as:

    1. How can we change security from a blocker into a digital innovation enabler?

    2. Isn’t a diverse, disparate mix of platforms a security nightmare?

    3. Can security even keep up with these dynamic, agile environments?

    4. How do we shift towards a more proactive, risk-focused approach?

    5. What impact are these evolving technologies having on overall infrastructure design?
  • Live Video Panel - Securing Your Hybrid and Private Cloud Networks Nov 4 2019 10:30 am UTC 60 mins
    David Welch, House of Brick | Sherelle Farrington, Fortinet | Curtis Preston, Druva
    "Network architectures moving to the cloud, so knowing how to secure them is crucial. Join this live expert panel to discuss all things virtual and cloud networking; from security, network virtualization, and beyond.

    Topics include:

    - Micro-segmentation and securing your application infrastructure
    - Readying today's hybrid and private cloud networks for tomorrow
    - SD-WAN, IoT and Edge computing: how they are changing the cloud network landscape"

    Sherelle Farrington, Cloud Security Solutions Architect, Fortinet
    Curtis Preston, Chief Technologist, Druva

    Moderated by David Welch, CTO, House of Brick
  • Ask the Expert - How to Secure Your Hybrid and Private Cloud Networks Nov 4 2019 9:30 am UTC 15 mins
    Curtis Preston, Chief Technologist, Druva
    Join this live interactive Q&A session with Curtis Preston, Chief Technologist, Druva where we'll be tackling key questions including;

    1. What are the data protection requirements of a hybrid cloud environment?

    2. Does a private cloud environment require a different type of data protection system?

    3. What are the advantages and disadvantages of protecting data using the cloud?

    4. Isn't it more secure to store your backups on-premises?

    5. What about the physics of using the cloud for backup? How do you backup and restore large amounts of data?
  • [Earn CPE] Key Steps to Mature Your Third-Party Risk Management Program Oct 31 2019 5:00 pm UTC 75 mins
    Colin Whittaker with Todd Boehler, Process Unity; Jason Sabourin, OneTrust; Mark Deluca, Coupa; and Chris Poulin, BitSight
    High-Profile Data Breaches have placed a spotlight on the risk of cyber security breaches with vendors and subcontractors, expanding the need to have greater rigor in third party risk management and ongoing risk assessments. Maintaining an effective third-party risk management program doesn't happen overnight. It's a journey that involves continual learning, refinement and evolution.

    And as a program matures over time, it results in the management of vendors and other third parties with fewer risks, lower costs, better performance and stronger compliance. Since every company is at a different place in their journey towards better vendor management, it's important to identify steps that you can follow as you mature your program, and to consider your vendor risk ecosystem and the data and services that can have an enormous impact on risk reduction. On this CPE accredited webinar our panel of experts will address some key steps to mature your third-party risk management program, including how to:

    - Create a third-party risk-management maturity roadmap.
    - Connect with enterprise systems to create a centralized data repository and enable seamless vetting activities across processes
    - Incorporate external content sources for a more wholistic view of your vendors plus more sustainable ongoing monitoring
    - Strengthen and streamline your third-party risk management efforts.
  • CCS [Ep.6]: Next-Generation Cybersecurity - Policy Process and Organization Oct 31 2019 3:00 pm UTC 60 mins
    Johna Till Johnson, CEO and Founder, Nemertes Research
    Cloud and Cybersecurity Series [Ep.6]: Next-Generation Cybersecurity: Policy Process and Organization

    Resources are finite. So deploying them wisely is what differentiates successful cybersecurity organizations from those that are less successful. Find out how these successful cybersecurity organizations are structured, what policies they have in place, and what strategies they do—and don’t—follow to protect their enterprise organizations.
  • [PANEL] Security as a Service Oct 30 2019 4:00 pm UTC 60 mins
    Panelists TBA
    As in-house security becomes increasingly complex and costly, organizations are in need of a reliable and safe security provider. Join industry experts as they discuss the latest trends in SEaaS, including:

    -Why your organisation needs to move towards SEaaS
    -The different models of security as a service
    - SEaaS solutions and strategies
  • CCS [Ep.5]: Application Security Meets Multicloud Oct 23 2019 5:00 pm UTC 60 mins
    John Burke, CIO and Principal Research Analyst, Nemertes Research
    Cloud and Cybersecurity Series [Ep.5]: Application Security Meets Multicloud

    Enterprises are developing and buying applications to run everywhere: across multiple clouds, multiple data centers, desktops, mobile devices, and IoT devices. In a multicloud environment, IT needs to take a multipronged approach to securing applications.

    We'll how organizations approach securing their applications for the multicloud, ranging from changes in the development process to the embrace of security technologies including IAMaaS, microservice authentication, and enterprise secure cloud access and policy enforcement (ESCAPE).

    This webinar presents data from Nemertes' in-depth research study of 335 organizations in 11 countries across a range of vertical industries.
  • Getting Inside Insider Threats: Building a Chain of Evidence Oct 23 2019 3:00 pm UTC 60 mins
    Ryan Lai, EVP of Professional Services, Nisos
    Insider threats can wreck your network, your business, and your company's reputation. But stopping malicious or simply incompetent insiders from doing damage isn't just an exercise in analyzing where the damage came from. This forensic investigation may become part of a criminal investigation, and therefore requires careful, step-by-step analysis and traceability. You must identify and attribute the actions taken but the insider while confirming to legal requirements, privacy concerns, and the requirements of a chain of evidence. Join Ryan Lai, EVP of Professional Services at Nisos, as he discusses the wide-ranging complexities of an insider threat investigation.
  • What Software Defined Storage Means for Storage Networking Oct 22 2019 5:00 pm UTC 75 mins
    Ted Vojnovich, Lenovo; Fred Bower, Lenovo; Tim Lustig, Mellanox
    Software defined storage, or SDS, is growing in popularity in both cloud and enterprise accounts. But what makes it different from traditional storage arrays? Does it really save money? Is it more complicated to support? Is it more scalable or higher-performing? And does it have different networking requirements than traditional storage appliances?

    Watch this SNIA webcast to learn:
    •How software-defined storage differs from integrated storage appliances
    •Whether SDS supports block, file, object, or all three types of storage access
    •Potential issues or pitfalls with deploying SDS
    •How SDS affects storage networking
    •Scale-up vs. scale-out vs. hyperconverged vs. cloud
  • Getting Started with WiCyS Student Chapters and Making an Impact Recorded: Oct 16 2019 61 mins
    Dr. Vitaly Ford, Professor Pauline Mosley, and the Tennessee Tech Chapter Students
    In this webinar, we will talk about how to get started as a Women in CyberSecurity (WiCyS) Student Chapter and share ideas on activities, funding, sustainability, competitions, and resources.
  • The Future of AI in Security Recorded: Oct 10 2019 37 mins
    MuckAI Girish, Appnomic and Muck.AI | Rohini Kasturi, Pulse Secure
    AI and ML are playing an outsize role in myriad fields. However, in cybersecurity, it hasn’t had the same share as in several other areas, despite high potential and a growing need. The security companies have been focused more on the core problems and industry experts generally tend to believe that AI will make further foray into various aspects of the security ecosystem. In this webinar, we will discuss the role of AI in different realms of security products and services, such as identity & access management, malware detection and incident response & forensic analysis.

    Key takeaways:
    - How should enterprises look at leveraging AI to improve their security posture
    - Which areas are more likely to see higher adoption of AI and where vendors should place their bets
    - What challenges have to be overcome for broader adoption of AI

    MuckAI Girish, Chief Business Officer, Appnomic and CEO, Muck.AI
    Rohini Kasturi, Chief Development Officer, Pulse Secure
  • Machine Learning and AI in a Brave New Cloud World Recorded: Oct 10 2019 61 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    Machine learning platforms are one of the fastest growing services of the public cloud. ML, an approach and set of technologies that use Artificial Intelligence (AI) concepts, is directly related to pattern recognition and computational learning. Early adopters of AI have now rolled out cloud-based services that are bringing AI to the masses.

    How are AI, deep learning, machine learning, big data, and cloud related? Can machine learning algorithms enable the use of an individual’s comprehensive biological information to predict or diagnose diseases, and to find or develop the best therapy for that individual? How is Quantum Computing in the Cloud related to the use of AI and Cybersecurity?

    Join this webinar to learn more about:
    - Machine Learning, Data Discovery and Cloud
    - Cloud-Based ML Applications and ML services from AWS and Google Cloud
    - How to Automate Machine Learning

    Join BrightTALK's LinkedIn Group for IT Security Insights: http://bit.ly/2IsbauU
  • Practical Risk Management for the Multi-Cloud Recorded: Oct 10 2019 62 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    This session will take a practical approach to IT risk management and discuss multi cloud, Verizon Data Breach Investigations Report (DBIR) and how Enterprises are losing ground in the fight against persistent cyber-attacks. We simply cannot catch the bad guys until it is too late. This picture is not improving. Verizon reports concluded that less than 14% of breaches are detected by internal monitoring tools.

    We will review the JP Morgan Chase data breach were hackers were in the bank’s network for months undetected. Network configuration errors are inevitable, even at the largest banks as Capital One that recently had a data breach where a hacker gained access to 100 million credit card applications and accounts.

    Viewers will also learn about:
    - Macro trends in Cloud security and Micro trends in Cloud security
    - Risks from Quantum Computing and when we should move to alternate forms of encryption
    - Review “Kill Chains” from Lockhead Martin in relation to APT and DDoS Attacks
    - Risk Management methods from ISACA and other organizations

    Speaker: Ulf Mattsson, Head of Innovation, TokenEx

    Join BrightTALK's LinkedIn Group for IT Security Insights: http://bit.ly/2IsbauU
  • The Role of AI in IoT Security Recorded: Oct 9 2019 60 mins
    May Wang, CTO & Co-founder of Zingbox
    Artificial Intelligence, machine learning, and deep learning are the raves in network security. It's perceived as the only practical approach to staying ahead of today's cyberthreats.

    The various steps used by Artificial Intelligence is not so different than a physician’s approach to treating a patient. You must first understand the patient (or device), monitor and assess that all organs (or components) are behaving as intended, and proactively treat (or remediate) viruses and other harm.

    In this session, Dr. May Wang will explore:
    - The latest advancements in AI for IoT security using healthcare as an example
    - The top security threats to healthcare organizations and how to address them.
  • Applying Machine Learning in Cyber Security Recorded: Oct 9 2019 59 mins
    Dr. Umesh Rao Hodeghatta, Chief Data Scientist, NU-Sigma Analytics Labs
    With the increasingly connected world revolving around the revolution of internet and new technologies like mobiles, smartphones, and tablets, and with the wide usage of wireless technologies, the information security risks have increased. Both individuals and organizations are under regular attacks for commercial or non-commercial gains. The objectives of such attacks may be to take revenge, malign the reputation of a competitor organization, understand the strategies and sensitive information about the competitor, simply have fun of exploiting the vulnerabilities. Hence, the need to protect information assets and ensure information security receives adequate attention.

    In this session, Dr. Umesh Rao Hodeghatta will discuss:
    - How AI and Machine Learning can be applied in detecting, predicting and preventing cyber security / information security vulnerabilities
    - The benefits of using Machine Learning and AI
    - Tools available to perform the same.
  • Stop Watching and Start Blocking: Affordable Machine-Learning Enabled Defense Recorded: Oct 8 2019 58 mins
    John Bambenek, VP of Security Research and Intelligence at ThreatSTOP, Inc.
    The chief problem with cybersecurity is that most of our tools and workforce is geared to waiting for adverse events, detecting those events (sometimes months after the fact), investigating the breach that has already occurred, and then cleaning up. This slow and reactive process ensures breaches happen and security staff us overwhelmed under the noise.

    This talk will focus on automation and machine learning techniques that can proactively identify threats seen in the wild based on the latest academic research. This techniques allow organizations to identify suspect infrastructure before it is used to attack them. The key to making this work is infusing machine learning with knowledge of how actual attacks work and the threat landscape. Machine learning without intelligence is merely gussied up mensa math exercises.

    It isn't enough to know what the attacker will use to attack, however. Armed with this knowledge, organizations now need to safely automatically block these attacks before they occur so breaches never happen to begin with. The goal of automation must be to stop attacks before they are launched, not merely speeding up incident response. Several case studies will be discussed showing how this all can work together in the real world.

    - How to use machine learning and why it is essential to use strong intelligence to create models
    - Techniques to use automation to block attacks before they are launched against a victim organization
    - Cost-effective and safe ways to whitelist and blacklist infrastructure to insure against false positives
  • AI in security operations: What we’ve learned so far. Recorded: Oct 8 2019 46 mins
    Chris Morales, vectra.ai
    Time and talent are key factors in preventing a data breach. Join Vectra, the leader in AI powered Network Detection & Response (NDR) to explore how enterprises are evolving their security capabilities to become more agile, efficient, and dramatically reduce attacker dwell time through the application of AI.

    Join this session to learn:
    - How should we balance defensive controls against a need to build detection and response capabilities?
    - How is cloud adoption impacting security architectures?
    - What roles should automation play within security operations?
  • Understanding Storage Security and Threats Recorded: Oct 8 2019 51 mins
    Pierre Mouallem, Lenovo; John Kim, Mellanox; J Metz, Cisco; Steve Vanderlinden, Lenovo
    What does it mean to be protected and safe? You need the right people and the right technology. This presentation is going to go into the broad introduction of security principles in general. This will include some of the main aspects of security, including defining the terms that you must know, if you hope to have a good grasp of what makes something secure or not. We’ll be talking about the scope of security, including threats, vulnerabilities, and attacks – and what that means in real storage terms. In this live webcast we will cover:

    •Protecting the data (Keeping “the bad” out)
    •Threat landscape, Bad actors/hackers
    •Attack vectors, attack surfaces, vulnerabilities
    •Physical security issues
    •Layers of protection (encryption – last line of defense)
    •Remediation after a breach/incident
  • [PANEL] Automating Threat Detection and Response Recorded: Oct 8 2019 47 mins
    Diana Kelley, Microsoft | Michelle Drolet, Towerwall | Peter Dougherty, MantisNet
    As the average monetary cost of a malware attack continues to increase and currently costs an organization an average of $2.4 million, it is essential to be up to date on detection and prevention best practices. Join leading industry experts as they discuss the biggest security threats and how to detect and prevent them:

    -New on the threat landscape
    -How to deploy automated threat detection
    -Breach prevention best practices

    Diana Kelley, Cybersecurity Field CTO, Microsoft (moderator)
    Michelle Drolet, CEO, Towerwall
    Peter Dougherty, CISSP, CEO, MantisNet
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: PCI Compliance From Virtualization Perspectives
  • Live at: Dec 1 2011 12:00 pm
  • Presented by: Guy Balzam, Principal Product Manager, CA Technologies; Eric Chiu, Founder and President, HyTrust
  • From:
Your email has been sent.
or close