Hi [[ session.user.profile.firstName ]]

PCI Dream Team - PCI Compliance with Non-supported Software & Hardware

Being left at the payment altar is not easy.

PCI DSS requirements 6.1 and 6.2 address the need to keep systems up to date with vendor-supplied security patches in order to protect systems from known vulnerabilities. But what do you do if you have an in-scope application and it is no longer supported by the vendor?

Many payment applications, gateway and software are long past end-of-life, yet still processing cardholder data. Can such a setup be PCI compliant?

This PCI Dream Team webinar will detail the issue, challenges dealing with unsupported hardware/software, and suggest strategies for compensating controls.

Our panelists are some of the top PCI QSA’s in the country, with decades of combined PCI and card processing experiences. They’ve seen it all: the good, bad and ugly; and lived to tell the tale.

Join Ben Rothke, David Mundhenk, Arthur Cooper, and Jeff Hall for an interactive Q&A session, and get answers to your most vexing PCI questions. No PCI question is out of bounds.
Recorded Jul 28 2020 61 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Ben Rothke | David Mundhenk | Jeff Hall | Arthur Cooper "Coop"
Presentation preview: PCI Dream Team - PCI Compliance with Non-supported Software & Hardware

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • A deep dive into current cyber-crime trends and capabilities Nov 9 2020 10:00 pm UTC 45 mins
    James Alexander Grandoff, Senior Researcher, CyberPulse inc.
    In this webinar viewers will learn what about what is going on within the cyber-crime community. Most importantly they will gain an understanding of current trends so blue teamers can adjust their security model.

    Historically it has always been a complication for defenders to keep up with seasoned exploit developers and bug hunters. However, I’m going to do my best to fill that gap.
  • The 2021 Threat Forecast Nov 9 2020 4:00 pm UTC 60 mins
    Panel of experts including John Bambenek, Bambenek Consulting and Luke Hull, BlackBerry
    With the current threat landscape evolving at a rapid pace and based on everything that has happened throughout 2020, businesses need to take a more proactive approach to cybersecurity in 2021.

    Join this panel of security experts and industry leaders to learn more about:
    - 2020: The year of COVID, remote working and breaches
    - Biggest lessons from 2020 and the path forward
    - New threats on the horizon
    - Strategies for dealing with ransomware, phishing attacks
    - Recommendations for CISOs for the year ahead
  • Cyber Threats in 2021: Real impact of COVID on Cyber Security Nov 9 2020 9:00 am UTC 45 mins
    Himanshu Dubey, Director of Security Labs and Harshad Bhujbal, Technical Architect, Quick Heal Technologies Ltd.
    2020 has seen many Cyber Attacks using the COVID-19 pandemic as the central theme. For most
    part though these have been the same attacks that have existed since the last few years; just
    the packaging was changed.

    We expect the real cyber security repercussions of changes brought in by the COVID-19
    pandemic to be felt in 2021. In this talk we explore what the repercussions might be and what we
    can do to prepare and protect ourselves against them.

    We will cover:
    - Major Cyber Attack trends of 2020
    - What can be expected to continue in 2021
    - Potential repercussions of COVID-19 induced changes and new attack types in 2021
  • CISO Challenges and Opportunities Nov 9 2020 5:00 am UTC 60 mins
    Panel of experts
    What keeps CISOs up at night? What challenges are they facing on a daily basis? And what opportunities are they seeing in the industry?

    Join experts from leading security organisations as they discuss strategies, solutions and technologies CISOs use in the face of on-going security challenges:

    - Strategies for breach prevention
    - Strategies for making the most of AI technology and human talent
    - New technologies on the horizon
    - Security strategy recommendations
  • Storage Networking Security Series: Securing Data in Transit Oct 28 2020 5:00 pm UTC 75 mins
    Claudio DeSanti, Dell; Ariel Kit, NVIDIA; Cesar Obediente, Cisco; Brandon Hoff, Broadcom; Alex McDonald, SNIA NSF Vice Chair
    Whether traveling by car, plane or train, it is critical to get from here to there safely and securely. Just like you, your data must be safe and sound as it makes its journey across an internal network or to an external cloud storage device. It's well known that data is often considered less secure while in motion, and attackers are finding increasingly innovative ways to compromise data in flight. And the risks associated with data in transit are dependent on the security measures that are in place. So how do you adequately protect data in transit?

    In this webcast, we'll cover what the threats are to your data as it's transmitted, how attackers can interfere with data along its journey, and methods of putting effective protection measures in place for data in transit. Included in this webinar will be:

    •What you should expect to happen to secure data in transit; what are the trade-offs
    •What transport layer security protocols (SSL, TLS, etc.) are best for protecting data in transit?
    •Different encryption technologies and their role in protecting data in transit
    •Which criteria should be used?
    •How do you know which encryption to use?
    •What’s applicable to different workloads?
    •Best practices for data protection in transit

    Join us on a journey to provide safe passage for your data by registering today!
  • Securing WhatsApp - What You Need to Know Today Oct 28 2020 5:00 pm UTC 60 mins
    Cosimo Mortola, Senior Intelligence Analyst, GroupSense
    Already a popular platform, WhatsApp, the Facebook-owned smartphone instant messaging service, posted the biggest gains due to COVID-19 according to Tech Crunch. Learn why this ubiquitous messaging app could be a security risk and what you need to know to secure WhatsApp.
    In this session, you’ll discover:
    + How metadata and message data storage expose you to critical risk
    + Why the legal agreement should give you pause
    + Why WhatsApp is an effective platform for spreading disinformation
    + How the phones and humans using them increase your vulnerability
    + How to increase secure use of the app and mitigate your risk
    + Why WhatsApp leveraged by sophisticated threat actors

    Speaker: Cosimo Mortola is a senior intelligence analyst at GroupSense. Cosimo previously tracked threat actors at MassMutual, and Russian disinformation and associated threat activity at FireEye. Cosimo is fluent in Russian, French, and Italian.
  • Cyber Authors Ep.1: Inside the Cyberwar to Hijack Elections & Distort the Truth Oct 27 2020 5:00 pm UTC 60 mins
    Theresa M Payton - CEO & Founder of Fortalice Solutions & Sushila Nair - VP, Security Services NTT DATA
    Theresa Payton, leading cybersecurity expert and first female Whitehouse CIO, discusses her book "Manipulated: Inside the Cyberwar to Hijack Elections and Distort the Truth."

    Theresa Payton tells battlefront stories from the global war being conducted through clicks, swipes, internet access, technical backdoors and massive espionage schemes. She investigates the cyberwarriors who are planning tomorrow’s attacks, weaving a fascinating yet bone-chilling tale of Artificial Intelligent mutations carrying out attacks without human intervention, “deepfake” videos that look real to the naked eye, and chatbots that beget other chatbots.

    In this session, Theresa is joined by Sushila Nair where they will take a look inside the Cyberwar to hijack elections & distort the truth.

    Join this webinar and learn:
    - About our new era of hacked elections and non-stop disinformation campaigns
    - From battlefront stories the effect of cyber conflict and its risks
    - Who are the cyberwarriors who are planning tomorrow’s attacks
    - The attacks of tomorrow including Artificial Intelligent mutations, “deepfake” videos that look real to the naked eye, and chatbots that beget other chatbots
    - To build a plan so that individual citizens, big tech corporations, governments and the international community can push back

    This episode is part of Cyber Authors, a new series with Sushila Nair. We welcome viewer participation and questions during this interactive interview.
  • 2021 Cybersecurity Budget Must Haves for Every SMB Oct 27 2020 4:00 pm UTC 30 mins
    Alex Nette, President & CEO, Hive Systems + Michael Cardman, CFO, Hive Systems
    The pressure is on to maximize - possibly reduce - your IT spend, but you know that cybersecurity is critical. As many as 60% of hacked small and medium-sized businesses go out of business after six months. But, how much is right to spend? This 30-minute live discussion between Alex Nette, one of the leading cybersecurity experts for small-medium businesses, and Michael Cardman, a results-oriented financial expert will help you determine:
    + What are the must-haves for your 2021 cybersecurity budget? How do you calculate what to spend?
    + Given your business and your systems, applications and software, what’s the right approach for you?
    + How do you do more with less?

    This webinar draws on years of experience in working with business and IT professionals to help them craft the right spend strategy. Both Alex and Michael will provide a number of best practices for you to consider, but also show you the behind the scenes tools they’ve used for years! See what happens when IT and cybersecurity gets real with a CFO.
  • [*CPE] Accelerating Threat Detection with Real-Time Security Intelligence Oct 22 2020 5:00 pm UTC 75 mins
    Brandon Dixon, RiskIQ; Francois Lacelles, Ping Identity; Teju Shyamsundar,Okta; and Allan Liska, Recorded Future.
    *Attend live for 1.5 CPE Credits

    Many organizations rely on governance, risk, and compliance (GRC) technology to consolidate risk information from internal sources (such as finance, IT, and operations) and external sources to understand their threat landscape. Yet as vendor ecosystems grow in size and complexity, risk management teams are increasingly struggling to procure and maintain high-quality, real-time data to feed their GRC systems.

    Creating a threat intelligence strategy is essential for a company to identify and prioritize threats effectively. But when it comes time to choose threat intelligence services and products it can be hard to know where to start. In this webinar, our expert panel will discuss how to use real-time threat intelligence to accelerate threat detection, including how to:

    - Understand the important distinction between threat data and intelligence.
    - Establish what types of intelligence will prove beneficial to your organization and be critical for ROI.
    - Gain complete visibility into all of your organization’s API traffic, and analyze relevant intelligence effectively from large volumes of threat data.
    - Empower your teams to leverage automation to detect and block threats to your organization. 
  • Ransomware Negotiation Do’s and Don’ts with an Expert Negotiator Oct 21 2020 5:00 pm UTC 60 mins
    Kurtis Minder, GroupSense and Jessica Gulick (Host), Katzcy
    No one ever expects it to happen to them. But with ransomware and cybercrime on the rise, it’s more likely than ever to discover that ransomware has locked down your system and cybercriminals are holding your data hostage. Kurtis Minder, an expert ransomware negotiator, advises executive teams when their worst cybersecurity nightmares come to life. Join us for an interview with Kurtis as we discuss:

    + What most people don’t realize about ransomware and the cybercriminals that run these exploits
    + Immediate do’s and don’t if your systems are being held captive
    + How to limit potential damage like data loss, overpaying threat actors, tarnished brand reputation, and compliance violations
    + Team Event: who to involve and when
  • If Security is a people problem, are our teams the weakest link? Recorded: Oct 15 2020 41 mins
    Daniel Clayton, VP of Global Support and Services, Bitdefender
    It's well known that security is not just a technology problem, but a people problem too. In this session we'll examine the latest ways that bad actors can exploit information found online about your team, and use it to weaponize their email against the business. We'll also explore the ways that businesses can protect themselves and when necessary fight back.

    In this webinar we will:
    - Examine some of the latest uses of social engineering in phishing and spear phishing campaigns
    - Explore some options to manage the risk
    - Take a look at how we can protect the business when our defensive mechanisms fail

    Daniel Clayton has been responsible for building and delivering global operations for the National Security Agency (NSA), the Government Communications Headquarters (GCHQ), Rackspace and Bitdefender over a 30-year career.

    As VP of Global Support and Services, he is responsible for Bitdefender’s global operations in support of customers, including the strategy, service delivery and oversight of Services and Support Operations, including the Security Operations Center, Customer Success Operations and associated engineering functions.
  • Best Practices for reducing email compromise (except for eliminating humans) Recorded: Oct 15 2020 38 mins
    Sean Letona, Director of Professional Services at Abacode, Inc
    Other than eliminating humans, what are the best practices for reducing business email compromise?

    Join this session to learn how to:

    - leverage the cloud
    - take advantage of SaaS security features
    - implement email security controls, monitor and respond to incidents, and
    - empower your workforce to be the first line of defense

    Presented by Sean Letona, Director of Professional Services at Abacode, Inc.
  • Email Security in the Age of Remote Work Recorded: Oct 15 2020 61 mins
    Jo Peterson, Clarify 360; Dr Richard Ford, Cyren; Geoff Vaughan, Security Innovation & Mariana Pereira, Darktrace
    There are an estimated 1.5 billion people working remotely due to COVID-19 and email is one of the ways businesses are communicating and staying connected with customers, employers and vendors. Ransomware, phishing and email exploits are continuing to rise. According to Security Magazine, over 96% of all security attacks begin with an email.

    Today’s panel will focus on:
    - the current state of email security and tools,
    - best practices for email safety, resilience planning, brand protection and thoughts on training
  • Defense in Depth - Catch them where you can! Recorded: Oct 15 2020 30 mins
    Sawan Joshi, Information Security Executive | Speaker | Blogger, FirstPort (UK)
    Aligning the need for Cyber defense technology has to be with business goals that define the problem statement today, the impacts to the business, and how the investments not only mitigate those risks but will include an ROI in the Security Roadmap Strategy.

    In this webinar you will learn how to:
    - identify and articulate those gaps convincingly
    - make implementation quick to keep the C-suite audience interested
    - do Defense in depth for threats presented via email
    - maintain and continually monitor a defense in depth strategy
    - demonstrate ROI to C-suite/stakeholders

    Sawan Joshi – Information Security Executive | Speaker | Blogger
    Qualifications held – CISM, TOGAF, CND, CYSA+ GDPR
    Practitioner, ISO 27001 LI, MCSE x3 AWS Architect
    www.linkedin.com/in/sawanjoshi
    www.sawanjoshi.com
  • Uncertainties Fuel Ransomware Attacks into Corporate: Are You Prepared? Recorded: Oct 15 2020 53 mins
    Ritesh Agarwal, Co-Founder and CEO, Airgap Networks
    COVID-19 has slowed the economy down, but hackers are busy as usual—looking to take advantage of the pandemic to breach systems, steal data, and profit by holding both systems and data hostage.

    More than 51% of the organizations have been impacted with Ransomware in the last 12 months.

    What is your defense strategy? How do you fight against the most potent lateral threat propagation within your network during outbreak? In the virtual session, learn how Zero Trust isolation provides the best defense against Ransomware. It’s time to get to the root causes in your network and introduce the agentless Zero Trust Isolation platform that protects your
    organization even if your endpoints are breached, even if you have vulnerable and unpatched applications, and even if you are operating legacy and insecure protocols.
  • Understanding Open Source Risk Recorded: Oct 14 2020 27 mins
    Brittany O’Shea, Senior Product Marketing Manager, Veracode
    Companies accelerate software development and release new features that delight their customers and help them gain market share in large part through leveraging open source code. Nearly all modern applications are built at least in part with open source code, yet recent research by Veracode revealed that 70% of applications have open source security flaws. With the third-party code introduced by developers directly as they build an application comes vulnerabilities introduced indirectly. Use of open source libraries helps developers and sparks innovation - the security threat comes with a lack of awareness into whether open source vulnerabilities are impacting applications.

    Attendees will learn what open source software is, understand risks that open source software introduces, and how their organization can mitigate these risks with secure code and improve overall security.
  • Application Security Vulnerability – a risk-based approach Recorded: Oct 14 2020 40 mins
    Christopher Peters, Application Security Engineer, Premiere Global Services
    Security teams can become overwhelmed with vulnerability reports. A myriad of tools exist that provide all kinds of reporting on suspected vulnerabilities in software. False positives (and negatives) are usually present in the data. For the security team, this can create a situation where more time is spent managing the data and reports than fixing things or helping other teams focus their patching efforts.

    In order to triage and focus effort on the greatest risk to the business, a different approach may be
    needed than the traditional compliance-based ones or systems based on CVSS scores.

    In this webinar we’ll start out by defining what exactly the term vulnerability means, how to measure that, and then explore a more risk-based approach.
  • How To Do Application Security Right Recorded: Oct 14 2020 39 mins
    Ted Harrington, Executive Partner, Independent Security Evaluators (ISE)
    You're building an application and need to prove it's secure, and to do that you need to find vulnerabilities and fix them. However, there's so much confusion about what that even means, let alone how to do it right, that it can be an uncertain and overwhelming endeavor. Author Ted Harrington takes you to the front lines of ethical hacking and security research, blending real-world exploit stories with actionable insights in order to help you understand how to break -- and fix -- applications. You'll walk away with practical guidance about how to:

    - Abuse functionality
    - Chain vulnerabilities
    - Choose a testing approach & methodology
    - And much more
  • Securing Identity - 1 Year Check-In Recorded: Oct 14 2020 59 mins
    Diana Kelley | Aidan Walden | Shareth Ben | Doug Simmons
    According to Verizon’s 2020 Data Breach Investigation Report (DBIR), over 80% of hacking-related breaches involved the use of lost or stolen credentials - and approximately 35% of all breaches were initiated due to weak or compromised credentials.

    Last year, we kicked off The (Security) Balancing Act series with a panel of identity experts to help us understand the landscape. Join us for this 1 year check-in to learn what has changed for organizations in the last 12 months and the security implications of shifting to a more remote workforce.

    - 2020 vs 2019: Key changes & challenges for cybersecurity
    - How work from home has opened the door to attackers
    - Regulatory updates that may impact identity management programs
    - Why attackers are focused on credentials and authentication systems
    - What businesses can do to keep track of all endpoints, manage identities and privileged access, protect their data and maintain compliance

    Panelists:
    - Aidan Walden, Director, Public Cloud Architecture & Engineering at Fortinet
    - Shareth Ben, Executive Director, Insider Threat & Cyber Threat Analytics at Securonix
    - Doug Simmons, Principal Consulting Analyst, Managing Director, Consulting at TechVision Research

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Application Security for the Modern Enterprise Recorded: Oct 14 2020 61 mins
    Peter Jones, 3B Data Security Limited; Jack Mannino, nVisium; Garrett Gross, Rapid7 and Rodrigo Araujo, Bell Canada
    Web applications continue to be a popular vector for cyber attacks. According to the most recent Verizon Data Breach Investigations Report (DBIR), 43% of breaches analyzed in the report targeted web application vulnerabilities, more than double the number from last year. What does this mean for businesses in the era of remote working?

    Join this interactive keynote panel to learn more about:
    - How the shift of valuable data to the cloud, including email accounts and business-related processes has opened the door to attackers
    - The impact of COVID-19 on enterprise security posture
    - The role of compromised credentials in breaches
    - Application security challenges and the path forward
    - Best practices for a more secure enterprise
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: PCI Dream Team - PCI Compliance with Non-supported Software & Hardware
  • Live at: Jul 28 2020 4:00 pm
  • Presented by: Ben Rothke | David Mundhenk | Jeff Hall | Arthur Cooper "Coop"
  • From:
Your email has been sent.
or close