Hi [[ session.user.profile.firstName ]]

Rise of the Targeted Attacks: How to Prevent Them Breaching Your Defences

Organised cybercrime is a serious issue for private organisations and government agencies alike. As new technologies emerge, so do new ways to exploit them. Cybercriminals have shifted the way they target organisations, abandoning large-scale, generalised attacks, such as phishing, in favour of more targeted, lucrative techniques with bigger payoffs. Because targeted cybercrime is so profitable, perpetrators are highly motivated to find new ways to gather sensitive data for illicit monetary gain or to give a competitive leg up to governments or companies.
In the last several months M86 Security Labs has seen a surge in targeted attacks against organisations for a variety of reasons - whether they are after customer information, intellectual property or simply to monitor a particular email address. This session reviews the methods and tactics used in these recent attacks. We then look at how and why these attacks are successful, even against world leading IT Security organisations, to identify any potential holes in your organisation’s security architecture.

What delegates will learn at this session:
• The two different types of attack methods used to hit intended target organisations
• Email and Web methods that have been used to successfully steal information from organisations
• The role of social engineering for targeting and manipulating individuals
• Recent examples of targeted attacks to illustrate common vulnerabilities.

Bradley is responsible for Technical Strategy at M86 Security and primary spokesperson for the company on aspects related to the evolution of the technical and strategic product direction beyond the immediate roadmap. In this role he evaluates new technologies and products that could enhance or extend the core M86 product line. Bradley also serves as the primary spokesperson on all topics relevant to the M86 Security Labs.
Recorded Mar 14 2012 49 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Bradley Anstis, VP Technical Strategy, M86 Security
Presentation preview: Rise of the Targeted Attacks: How to Prevent Them Breaching Your Defences

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • [Earn CPE] Automating GRC to Increase Business Value Feb 13 2020 6:00 pm UTC 75 mins
    Matt Kunkel, LogicGate; James Rice, Greenlight Technologies; Scott Brigden, OneTrust; and Allan Liska, Recorded Future.
    GRC is neither a project nor a technology, but a corporate objective for improving governance through more-effective compliance and a better understanding of the impact of risk on business performance. GRC can vary dramatically depending on the businesses vertical market, and even further complexity can be found from one business unit to another. This complexity drives the need for different, highly specialized tools, which raises a huge set of cost, integration, and management issues.

    To address this challenge, many businesses are opting for an automated GRC (eGRC) solution, which aims to resolve the challenges associated with scattered and disconnected operational security processes through the centralization of data, alignment of processes and workflows, and clear enterprise-level visibility with trend and analysis metrics and reporting. The benefits of Automating GRC are substantial when businesses have a mature GRC program in place. Attend this expert CPE webinar to gain insights on:

    - Understanding the GRC Business Drivers.
    - Defining Your GRC Strategy.
    - Developing a GRC Roadmap that is aligned with the Mission, Value, and Strategic Agenda of Your Business.
    - Getting Leadership Support and Enabling Cross-Departmental Collaboration.
  • New Threats on the Block - What does the cyber future look like? Feb 13 2020 6:00 pm UTC 60 mins
    Joseph Carson, Chief Security Scientist, Thycotic
    Cyber security is a hot topic as the world has witnessed a rapid increase in cyber-attacks, data breaches, data leaks and espionage. Governments are taking cyber security seriously, increasing investment in both defensive and offensive capabilities, and introducing regulations to support legal frameworks.

    Unfortunately, cyber-attackers don't sleep or take vacations and this means you must be prepared and ready at any time during the day or night.

    Join this webinar to learn about the following:
    Which cyberattack is most likely the one that will hit you?
    What are the top threats in 2020?
    What are the latest threats?
  • [PANEL] Protecting the Enterprise from Threats in 2020 Feb 13 2020 4:00 pm UTC 60 mins
    Jo Peterson, Tyler Cohen Wood, Carlos Valderrama & Athar Awan
    2019 was the worst year to date for data breaches. Phishing, misconfiguration mistakes, third party risk, and insider threats continue to plague organizations across industry verticals. So, what are some proactive approaches organizations can take to address old and new security threats in 2020?

    Join this panel of security experts and industry leaders to learn more about:
    - The biggest threats to the enterprise in 2020
    - What keeps CISOs up at night
    - How to stay ahead of the threats
    - Proactive security strategies and best practices
    - Avoiding misconfiguration mistakes and minimizing the risk of insider threats
    - Solutions available today and what to expect in the near future

    Speakers:
    Jo Peterson, Vice President Cloud Services, Clarify360 (Moderator)
    Tyler Cohen Wood, Cyber Security Expert, Former Senior Intelligence Officer, Private Consultant
    Carlos Valderrama, SOC Director, Proficio
    Athar Awan, Cyber Security Consultant, Security Solutions Consultants
  • Beset on All Sides: People Process and Technology Threat Management Feb 13 2020 1:00 pm UTC 60 mins
    Jason Allen, CISO, Northern Kentucky University
    Life for the security practitioner today is complex and moving faster than ever. Cybersecurity language is big and impactful. Sometimes we also get caught up in the hype, swept away looking for the next state-sponsored terrorist attack, or nefarious hive of elite hackers who are surely gunning for us.

    It's important that modern security practitioners don't lose sight of the basic material people, processes, and technology that provide most of the organization's protection. In this presentation, we'll introduce, compare, and contrast some of the new security technology and services against established security people, processes, and technologies.

    Attendees takeaways include:
    1) Exposition and discussion around next-gen MDR, and IAM technology
    2) Overview and context to harmonize or evolve current and future people, processes, and technology and 3) Considerations, resources, and information to assist in decision making for implementing or upgrading an organization's security posture as we enter a new decade.
  • Software Defined Segmentation at the Edge Feb 12 2020 10:00 pm UTC 60 mins
    Predrag "Pez" Zivic, Security Solutions Architect, Pensando Systems
    A lot of organizations are trying to implement some kind of segmentation in their data centers. Different approaches to segmentation deployment have exposed many challenges. During this talk approach to segmentation at the edge will be considered. When implementing segmentation at the edge disruption to existing infrastructure is minimal and performance of the network is improved. Attendees will learn about this new software defined segmentation at the edge approach benefits.
  • Unifying data: A simpler approach to cybersecurity Feb 12 2020 8:00 pm UTC 60 mins
    Jon Abbott, CEO, ThreatAware
    The cybersecurity industry is flooded with tools that protect different aspects of your network, your supply chain, your critical data.
    In this webinar, ThreatAware CEO Jon Abbott will examine how to identify the most effective tools for your organisation, available on the market today. Furthermore, he’ll explore how consolidating the information they provide makes their power even greater.

    Key takeaways
    How to identify the tools that will best suit your organisation’s cybersecurity needs
    How cybersecurity tools can complement each other to produce better quality information
    How to effectively use data collated in a single pane to best protect your organisation
  • SOC (R)Evolution Feb 12 2020 6:00 pm UTC 60 mins
    Carlos Valderrama, SOC Director, Proficio
    The Security Operations Center was born from its parent, the Network Operations Center, inheriting its philosophy, structure, methodologies and even roles. The SOC, of course, has been evolving over the last few years but only by updating old concepts, technologies, processes and roles coming from the NOC.

    In 2020 is when we're going to start the SOC Revolution, being independent from its parent, creating its own model (new roles, new technology and new processes), being proactive instead of reactive, risk and threat-based and becoming even more strategic: a business loss safeguard and growth enabler for all the organizations globally.
  • [PANEL] IoT Security in 2020 Feb 12 2020 4:00 pm UTC 60 mins
    Peter Wood, Terence Jackson, Brian Russell, Kalani Enos, & Alexandre Blanc
    With the proliferation of the Internet of Things, IoT devices are often added into enterprise environments without due consideration for the security and privacy risks they pose to the business. Oftentimes, IT security teams do not have full visibility into how many IoT devices are connected to the network. This creates security gaps, as IoT devices are notoriously vulnerable to hacks and attacks.

    Join this interactive panel experts to learn about how enterprises can enhance endpoint, and therefore IoT security.

    Attendees will learn more about:
    - IoT and today's enterprise
    - What's on your network? How do you evaluate IoT devices?
    - Why visibility is key
    - Controlling access to your IoT environment
    - Vendor risk and holding vendors accountable for their IoT equipment
    - Areas for automation and where to reduce your IT security team's involvement
    - Patching and upgrading
    - Expert recommendations for enhancing IoT security

    Speakers:
    Peter Wood, Partner, Naturally Cyber LLP (Moderator)
    Terence Jackson, CISO, Thycotic
    Brian Russell, IoT Working Group Co-Chair, Cloud Security Alliance (CSA)
    Kalani Enos, Founder & CEO, KEnos Technologies LLC
    Alexandre Blanc, Director of Security, Adaware (an Avanquest company)
  • Don’t Get Kicked While You're Down! Is your BCP (Cyber) Battle-Tested? Feb 11 2020 6:00 pm UTC 60 mins
    Shinesa Cambric, CISA, IT Security and Identity Governance Architect, Fossil Group Inc.
    Many businesses have put tremendous effort in automating processes and
    security controls that protect their data. However, in the case of a disaster, your business continuity plan (BCP) likely relies on manual processes that may open a side door to threat actors and leave your business and data more vulnerable than before.

    Learn the things you should be considering as part of your BCP to help keep your data protected.
  • [PANEL] Proactive Security Strategies and Best Practices Feb 11 2020 4:00 pm UTC 60 mins
    Roselle Safran, Sean Webb, Michelle McLean, Michelle Drolet & Chris Calvert
    In today’s business landscape it is important to take a proactive approach to security rather than a reactive approach. Join leading security experts as they discuss the safest ways to protect your organisation in 2019 and beyond.

    Join this Q&A panel to learn more about:

    - Key organisational benefits to practising proactive security
    - Technologies powering security
    - Best practices and recommendations for a more secure organization

    Speakers:
    Roselle Safran, President, Rosint Labs (Moderator)
    Sean Webb, Information Security Manager, Patriot One Technologies Inc.
    Michelle McLean, Vice President of Product Marketing, StackRox
    Michelle Drolet, CEO & Co-Founder, Towerwall
    Chris Calvert, VP of Product Strategy, Respond Software
  • Compromised Data – The Risk of Re-identification Attacks Feb 11 2020 1:00 pm UTC 60 mins
    Gabe Gumbs, Chief Innovation Officer, Spirion
    Monetizing, managing, and securing patient health data that has been de-identified is common practice for research purposes. But, recent studies have revealed that current de-identification methods may not provide sufficient protection when that same anonymized data falls into the hands of cybercriminals. Gabe Gumbs, Chief Innovation Officer for Spirion, will discuss the implications of re-identification attacks and how to increase protections that limit the disclosure of personally identifiable information.
  • A Security Program's 5 Foundational Attributes: Mitigating Risk & Lowering Cost Feb 10 2020 6:00 pm UTC 60 mins
    Scott Smith, Senior Partner, Cirrus CyberSecurity Group
    Join this webinar as we discuss the foundational processes and tools associated with very successful security programs that also prevent serious incidents and events to lower the overall costs of a breach.

    Learn how prevention is the “secret sauce” to lowering costs!
  • Breach Response & Incident Response, They Both Start With a Plan Feb 10 2020 4:00 pm UTC 60 mins
    David Froud, Director, Core Cncept Security Ltd.
    The rapid rise of breach response capability as an absolute necessity has GDPR to thank/blame. But what should have been an extension of every organisation's existing incident response / disaster recovery program, is now an excuse to reach into your pockets. Like everything in security, breach response is not complicated - or even difficult in most cases - it just has to be 'appropriate'.

    In this webinar you will learn that:
    -Breach response is not a product, and it's certainly not a technology, it's a collection of procedures;
    -If you don't have decent incident response, breach response is pointless;
    -Most organisations trying to sell you breach response out of the gate are doing you no favours
    -Asking the right questions is your responsibility!
  • Cybersecurity Mitigating the Cost - What is the true cost of security? Feb 10 2020 11:00 am UTC 60 mins
    Joseph Carson, Chief Security Scientist, Thycotic
    Most businesses fail or suffer significant losses not because they have experienced a breach but because they are unable to respond to a cybersecurity incident promptly and effectively. They simply do not have the information or the metrics in place to help contain, reduce, and remediate rapidly evolving, sophisticated threats to today’s enterprises. This webinar will look at the costs today of cybersecurity and lessons learned from past data breaches.

    Join this webinar to learn:
    Where the costs from Cybersecurity comes from?
    What can be done to reduce such costs?
  • How To Go from Waterfall AppDev to Secure Agile Development in 2 Weeks Jan 31 2020 5:00 pm UTC 60 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    Waterfall is based on the concept of sequential software development—from conception to ongoing maintenance—where each of the many steps flowed logically into the next.

    Join this webinar presentation to learn:
    - Why DevOps cannot effectively work in waterfall
    - How to use DevOps tools to optimize processes in either development or operations through automation

    We will also discuss what is needed to support full DevOps optimization and create a Secure Agile Development process.
  • How to Add Security in DataOps and DevOps Jan 29 2020 5:00 pm UTC 60 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    The emerging DataOps is not Just DevOps for Data. According to Gartner, DataOps is a collaborative data management practice focused on improving the communication, integration and automation of data flows between data managers and consumers across an organization.

    The goal of DataOps is to create predictable delivery and change management of data, data models and related artifacts. DataOps uses technology to automate data delivery with the appropriate levels of security, quality and metadata to improve the use and value of data in a dynamic environment.

    This session will discuss how to add Security in DataOps and DevOps.
  • What to expect in 2020: Regulatory Compliance in Privacy & Cybersecurity Recorded: Jan 28 2020 46 mins
    Kevin Kim, CIPP/C, CIPT, CIPM, FIP former Chief Privacy Officer, Canadian Western Bank Financial Group
    The General Data Protection Regulation (GDPR) has been making far more influence on the privacy landscape online than expected since its enactment by the European Union (EU) on May 25th, 2018.

    Google and Facebook, two of the most powerful digital platforms, were heavily scrutinized and penalized with hefty fines for their non-compliance in the European market. GDPR has also driven many countries, such as Japan, Brazil, and South Korea, to follow suit by strengthening their privacy laws. All 50 states in the United States have also joined the camp by amending their privacy laws - albeit to varying degrees - to make privacy breach reporting mandatory.

    Most notably, the State of California developed its own GDPR-style privacy law called “California Consumer Protection Act” (CCPA) and will enact in January 2020. Moreover, two federal privacy bills were recently submitted to the Congress aiming to be the very first federal-level, comprehensive privacy law in the U.S. Canada is no exception in this privacy-aware trend. The ruling liberal party made clear that modernizing privacy legislation to protect citizens online will be one of the party’s priorities.

    This presentation will talk about current trends in privacy field in terms of regulatory requirements in the U.S., Canada, and Europe, discuss what to expect in 2020, and what to do to make sure that all the organizations and institutions are compliant with applicable laws and regulations in their jurisdiction.
  • Holistic InfoSec: Achieving Real Information Security Program Results Recorded: Jan 28 2020 37 mins
    Diane Jones, Director of Cyber Risk, Kalles Group
    Too often, Information Security means technical point solutions. This approach leaves enterprises exposed and management and customers disillusioned.

    Join us to learn:

    - Why security programs remain on the margins of business adoption in spite of heightened threats and acknowledged need
    - Why security by technology alone is a dead end
    - The secret sauce for a vibrant, effective information security program
  • Data De-identification: Protecting Privacy While Preserving Utility Recorded: Jan 28 2020 48 mins
    John Noltensmeyer, Head of Privacy and Compliance Solutions, TokenEx
    As organizations evaluate their de-identification and data minimization practices to satisfy an expanding landscape of regulatory obligations there are a number of factors to consider. Various technologies will be considered as part of a data-centric security strategy for de-identifying and securing sensitive information such as statistical tools, cryptographic solutions, suppression, pseudonymization, generalization, and randomization. Further, we will examine the capability of these technologies to preserve business utility within a Zero Trust data security model.

    Listen to this session and you will take away:

    • An understanding of the definition of de-identification as it relates to international and industry privacy regulations, including the difference between pseudonymization and anonymization
    • A strategy for balancing privacy and security concerns with business needs, such as evaluating and prioritizing risk
    • How various methods of de-identification can help meet the privacy requirements of applicable compliance obligations
  • Data Privacy Day - PCI Dream Team: Ask Us Your Toughest Questions Recorded: Jan 28 2020 60 mins
    Ben Rothke | David Mundhenk | Jeff Hall | Arthur Cooper "Coop"
    The PCI Dream Team is back for another interactive Q&A session.

    Join us with your toughest questions and learn more about the various Payment Card Industry (PCI) standards and requirements, with a focus on PCI DSS v4.0.

    Our panelists are some of the top PCI QSA’s in the country, with decades of combined PCI and card processing experiences. They’ve seen it all: the good, bad and ugly; and lived to tell the tale.

    Join Ben Rothke, David Mundhenk, Arthur Cooper, and Jeff Hall for an interactive Q&A session, and get answers to your most vexing PCI questions. No PCI question is out of bounds.

    Speakers:
    - Ben Rothke, Senior Information Security Specialist at Tapad
    - David Mundhenk, Senior Security Consultant at Herjavec Group
    - Jeff Hall, Senior Consultant with Online Business Systems
    - Arthur Cooper "Coop", Senior Security Consultant at NuArx
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Rise of the Targeted Attacks: How to Prevent Them Breaching Your Defences
  • Live at: Mar 14 2012 2:00 pm
  • Presented by: Bradley Anstis, VP Technical Strategy, M86 Security
  • From:
Your email has been sent.
or close