Hi [[ session.user.profile.firstName ]]

Cybersecurity in the New World

Organizations are affected by changes in the external environment. The ongoing COVID-19 pandemic has demonstrated our vulnerabilities. Companies are stretched financially and operationally as they have to adjust to a new business model. Many countries have implemented lockdowns and restriction on travel and logistics. Employees are working from home and some businesses have shut down if they cannot remodel their services. Past major events such as the terror attacks in beginning of this century, the hacks of critical infrastructure in the last decade, major data breaches in the last 20 years, global financial markets crash in 2008 and others have impacted many countries and companies that are not prepared.

As most of our systems and processes depends on digital technologies, it leaves us open to cyber attacks. We need to be prepared for the next external change that may leave us vulnerable to an attack. In the presentation some of the ways to increase our cyber resilience will be discussed. Cybersecurity must continuously evolved and be proactive. It must be top down and bottom up. The governance of Operational Technology and Information Technology needs to be holistic and seamless to prevent gaps in the environment. Just as important is the situation awareness on the ground and the control mechanism to bring to management attention when things go wrong or are likely to. In the presentation, some of the best practices of Cybersecurity to address the problems will be covered.

Presenter Biography:
John Lee is the Managing Director of Global Resilience Federation Asia Pacific. He manages the Operational Technology Information Sharing Analysis Centre (OT-ISAC). It is a membership driven community with organizations from public and private sectors managing OT critical assets and infrastructure. He has more than 20 years of experience in Information Security and ICT industry having managed teams in APAC and Middle East for MNCs.
Live online Aug 17 8:00 am UTC
or after on demand 45 mins
Your place is confirmed,
we'll send you email reminders
Presented by
John Lee, Managing Director, Global Resilience Federation ASIA-PACIFIC Pte Ltd
Presentation preview: Cybersecurity in the New World

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Does Your Storage Need a Cyber Insurance Tune-Up? Aug 27 2020 5:00 pm UTC 75 mins
    Eric Hibbard, SNIA Security Technical Work Group Chair; Casey Boggs, ReputationUS; Paul Talbut, SNIA EMEA
    Protection against cyber threats is recognized as a necessary component of an effective risk management approach, typically based on a well-known cybersecurity framework. A growing area to further mitigate risks and provide organizations with the high level of protection they need is cyber insurance. However, it’s not as simple as buying a pre-packaged policy.

    This webcast will provide an overview of how cyber insurance fits in a risk management program. It will identify key terms and conditions that should be understood and carefully negotiated. Cyber insurance policies may not cover all types of losses, so it is critical to identify what risks and conditions are excluded from a cyber insurance policy before you buy.

    Join this webcast to learn:
    •General threat tactics, risk management approaches, cybersecurity frameworks
    •How cyber insurance fits within an enterprise data security strategy
    •Nuances of cyber insurance – exclusions, exemption, triggers, deductibles and payouts
    •Challenges associated with data stored in the cloud
  • Hacking The Election: The Human Side [Part 1] Aug 20 2020 4:00 pm UTC 60 mins
    David Morris | Lee Imrey | Midori Connolly | Lance James
    In the age of data collection and targeting by the campaigns, what can we learn from Gen Z? When it comes to data sharing, privacy and security awareness, what has changed in the population mindset since 2016? Are the lessons from the Cambridge Analytica scandal still applicable today? A soft preview of what's to come in the November election.

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • Network Traffic Analysis and the ATT&CK Framework Aug 20 2020 12:00 pm UTC 45 mins
    Stephen H Campbell, Risk and Controls Analyst, eosedge Legal
    The internet has enabled the perpetration of crimes at huge distances with impunity. But defenders can inspect network traffic for signs of malicious activity and where it originates.

    This session examines how we can use the MITRE ATT&CK framework to codify and share intelligence on attacker behaviors derived from network traffic analysis. We will look at how traffic is collected, stored and analyzed. We provide an overview of tools for analysis of network packets and flows, and explain how these tools can help us identify the malicious use of non-standard protocols, protocol abuse, tunneling, port scanning, lateral movement, command and control, and data ex-filtration. We will also discuss automated detection of suspicious traffic using signature-based, behavior-based, rule-based, and anomaly-based algorithms. Finally, we will introduce Security Onion, a Linux distro similar to Kali Linux, but for defenders.
  • Securing DevOps - Should We Start Shifting-Center? Aug 19 2020 9:00 pm UTC 45 mins
    Rodrigo Araujo, Security Advisor, Bell Canada
    Due to some conflicts related to the responsibilities expected from the CISO structure, it is very difficult to find the right balance to really implement a DevSecOps culture. Some even say that fully shift-left is unreachable.

    In this presentation we will:
    - Go deep on these twisted expectations
    - Understand how to achieve the perfect balance on the shift-left approach

    About the speaker:
    Rodrigo holds a Master’s Degree in Computer Science and has more than 12 years dedicated to the IT industry, embracing challenges with his clients and helping them during their Digital Transformation journey.
  • DevOps & Security in 2020 Aug 19 2020 3:00 pm UTC 60 mins
    Rachel Veal, Ad Hoc | Ido Safruti, PerimeterX | Josh Kirkwood, CyberArk | Max Heinemeyer, Darktrace
    Sacrificing data security for faster innovation is one of the main causes of tension between cybersecurity and IT professionals on the one side and DevOps teams on the other. So, how should organizations bridge this divide and what do they need to implement?

    Join this exclusive keynote panel to learn more about:
    - Why securing DevOps pays off in the long run
    - Shifting left: What is it, how it works and why your organization needs it
    - How to make security an integral part of the DevOps process
    - DevOps security checklist
    - Recommendations for tools and workflows that enable better security

    Panel:
    Rachel Veal, IT & Security Program Manager, Ad Hoc (moderator)
    Ido Safruti, Chief Technology Officer, PerimeterX
    Josh Kirkwood, Solution Engineering Manager, CyberArk
    Max Heinemeyer, Director of Threat Hunting, Darktrace
  • Rapid Moves to the Cloud: Securing the New Normal Aug 18 2020 5:00 pm UTC 45 mins
    Sushila Nair, Security Portfolio Senior Director, NTT DATA
    COVID-19 has accelerated the move to the cloud. Organizations have been propelled into a new paradigm. The cloud offers many advantages and some challenges in a work from anywhere environment. This session focuses on how to leverage the strength of the cloud whilst reducing risk and increasing governance.

    Join this session to learn about:

    - Tactical steps to get immediate risk reduction and lower operational cost
    - Leverage conditional access and stop shadow IT
    - Manage multiple clouds from a technical and cost perspective
    - Leverage automation whilst addressing the risks posed by bots and scripts
    - Bring governance into your cloud environment
    - Build a security roadmap for controls
    - Use Zero Trust to secure the work from home model
  • Supply Chain Security Aug 18 2020 4:00 pm UTC 60 mins
    Diana Kelley | Kiersten Todt | Nick Charpentier
    According to new research from Risk Ledger, 60% of security breaches originate in the organization's supply chain; including third party vendors and applications. No matter what business an organization is in, supply chain security and resilience must be factored into business planning to ensure secure, ongoing operations even during times of crisis and disruption.

    Join this panel to learn more about:
    - Types of supply chains (hardware, software, services)
    - Common vulnerabilities in the supply chain
    - Assessing where your security gaps lie and addressing the risk
    - Impact of the COVID-19 pandemic on supply chain security
    - Recommendations for improving security in your supply chain and your risk management program
    - Benefits of Supply Chain Risk Management (SCRM)
    - What is the Cybersecurity Maturity Model (CMM), and how it can improve supply chain security
    - Solutions and approaches that can improve supply chain security

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Threat Analysis and Breach Protection Aug 18 2020 3:00 pm UTC 35 mins
    Kalani Enos, Partner/VCISO/Threat Analysis, Immersion Security
    As the world continues the work-from-home initiative in order to combat the COVID-19 threat to humanity, organizations must also consider that threat actors (hackers, Advanced Persistent Threats, etc.) may take this opportunity to exploit existing vulnerabilities normally mitigated in an office environment behind a firewall, as an example, but not necessarily mitigated in a Telework environment. This presentation will discuss the following topics

    - Discuss the recent rise Threat Actor exploits of Telework applications, and provide a means of ‘visibility’ by organizations to detect, analyze and remediate threats attempting to exploit vulnerabilities.

    - Visibility into emerging threat capabilities to introduce ransomware and malware into a remote computer/mobile device. Example: COVIDLOCK ransomware on Android smart phones and how to detect and remediate.

    - How VPN is only a step in the right direction towards accessing and transmitting secure, sensitive data. How additional applications and best practices can assist organizations to maintain Confidentiality, Integrity and Availability (CIA) in the near-immediate term.

    - The advantage of educating employees on the dangers associated with working remote, and whether use of personal devices versus company-provided devices are viable options.

    - How Software as a Service (SaaS), Infrastructure as a Service (IaaS) providers can assist your organization in maintaining effective CIA in a Work From Home environment. The presenter will also discuss limitations and the often overlooked Shared Responsibility.
  • Securing the Cloud in 2020: Threats, Visibility & Privileged Access Aug 18 2020 12:00 pm UTC 57 mins
    Diana Kelley, Andy Givens, Manav Khanna & Tim Bach
    Cloud security remains a challenge for enterprises, especially in the new post-COVID-19 reality of 2020 and the shift to remote working. What are the new threats on the horizon and compliance considerations to keep in mind?

    Join this interactive panel of cloud security experts and industry leaders to learn more about:
    - New and old cloud security threats to keep in mind
    - Why visibility is key for cloud security
    - Know your cloud: Who is accessing what and when? How was their identity verified?
    - Privileged identities and what's needed for secure privileged access
    - Compliance challenges and considerations
    - Best practices for securing your data in the cloud

    Speakers:
    Diana Kelley, Cybersecurity Field CTO, Microsoft
    Andy Givens, VP Solutions Engineers, North America, CyberArk
    Manav Khanna, Senior Director of Product Management Identity & Access Management, Thales
    Tim Bach, Vice President of Engineering, AppOmni
  • Business is still good for cyber criminals. How about yours? Aug 17 2020 6:00 pm UTC 45 mins
    Stella Igwenazor, IT Security Consultant, Syberficial
    Following international arrests of some cyber criminals, online criminal markets are adding security features to protect themselves from cops and additionally devising new means to continue prying on users and companies’ data in order to further their criminal behaviour.

    This session will provide some insight on:
    - The means the cyber criminals are using to obtain the information they need, and
    - The steps businesses and individuals alike can take to protect themselves.

    At the end of this session, the participants will take away:
    - Three key information the cyber criminals are after
    - Cyber criminals and their targets
    - Steps businesses (and individuals) can take to protect themselves from cybercrime

    About the speaker:
    Stella is an experienced, performance driven and result oriented Certified Information Systems Auditor
    (CISA) with over 13 years experience providing consulting services in SAP Security and Controls,
    Governance Risk and Compliance, IT Risk Management, and Auditing in public and private sector under
    her consulting firm Ellar Consulting Inc. She has also been involved in various cybersecurity initiatives
    which motivated her to start Syberficial in order to help those intimidated by CyberSecurity get
    acquainted with the topic.

    During the course of her career Stella, an MSc. holder in Business Applications of Computer Science has
    worked with stakeholders at various levels including C-level executives and senior leadership to create
    policies and procedures, develop strategies and deliver solutions to meet business objectives.

    When not occupied with security tasks, Stella being a fitness enthusiast and avid runner, likes to spend
    her time working out or on the running trail. She has completed a good number of half and full
    marathons and has it on her bucket list to run all six world major marathons.
  • Cybersecurity Threat Detection and Prevention Aug 17 2020 3:00 pm UTC 60 mins
    Jo Peterson | Adi Pradeep | Stan Lowe | Dr. Richard Ford | Homayun Yaqub
    Cyberthreats are viewed as a significant risk to organizations. They are capable of disrupting core operations and inflicting serious damage to brands and reputations.

    A study by Cybersecurity Ventures predicts these crimes will cost the world $6 trillion a year by 2021.

    Join this panel discussion to:
    - Review today’s expansive attack surface and the various ways bad actors penetrate networks
    - Discuss existing and emerging cyber threats
    - Understand policies, tools and best practices used to protect organizations as new threats emerge
    - Explore the roles that user training and education, skill development and governance play in defending against threats

    Panel:
    Jo Peterson, VP Cloud & Security Services, Clarify360 (moderator)
    Adarsh "Adi" Pradeep, Cybersecurity Consultant
    Stan Lowe, CISO, Zscaler
    Dr. Richard Ford, CTO, Cyren
    Homayun Yaqub, Global Security Strategist, Forcepoint
  • Police insight – How to protect your business from cyber threats Aug 17 2020 10:00 am UTC 60 mins
    Sean O’Neil L.Lb (Hon), MSyl | Carl Chapman, TiG | David Clarke, Guildhawk
    Cybercrime is at an all-time high.

    Businesses in the UK are under the constant threat of cyber security attacks, and there is an increasing risk of losing your data, money, and even the business itself. Hackers are experts at choosing vulnerable targets. Learn about the risks and best methods of defence by joining our security briefing with experts from the police, TiG and Guildhawk.

    In this briefing you will:
    - Hear how other businesses have been targeted
    - Understand the risks through real-life examples
    - Learn how to implement some simple defence strategies
    - Have the opportunity to ask questions
  • Cybersecurity in the New World Aug 17 2020 8:00 am UTC 45 mins
    John Lee, Managing Director, Global Resilience Federation ASIA-PACIFIC Pte Ltd
    Organizations are affected by changes in the external environment. The ongoing COVID-19 pandemic has demonstrated our vulnerabilities. Companies are stretched financially and operationally as they have to adjust to a new business model. Many countries have implemented lockdowns and restriction on travel and logistics. Employees are working from home and some businesses have shut down if they cannot remodel their services. Past major events such as the terror attacks in beginning of this century, the hacks of critical infrastructure in the last decade, major data breaches in the last 20 years, global financial markets crash in 2008 and others have impacted many countries and companies that are not prepared.

    As most of our systems and processes depends on digital technologies, it leaves us open to cyber attacks. We need to be prepared for the next external change that may leave us vulnerable to an attack. In the presentation some of the ways to increase our cyber resilience will be discussed. Cybersecurity must continuously evolved and be proactive. It must be top down and bottom up. The governance of Operational Technology and Information Technology needs to be holistic and seamless to prevent gaps in the environment. Just as important is the situation awareness on the ground and the control mechanism to bring to management attention when things go wrong or are likely to. In the presentation, some of the best practices of Cybersecurity to address the problems will be covered.

    Presenter Biography:
    John Lee is the Managing Director of Global Resilience Federation Asia Pacific. He manages the Operational Technology Information Sharing Analysis Centre (OT-ISAC). It is a membership driven community with organizations from public and private sectors managing OT critical assets and infrastructure. He has more than 20 years of experience in Information Security and ICT industry having managed teams in APAC and Middle East for MNCs.
  • Storage Networking Security Series: Applied Cryptography Recorded: Aug 5 2020 59 mins
    John Kim, NVIDIA; Eric Hibbard, SNIA Security TWG Chair; Olga Buchonina, SNIA Blockchain TWG Chair; Alex McDonald, NetApp
    The rapid growth in infrastructure to support the real time and continuous collection and sharing of data to make better business decisions has led to an age of unprecedented information access and storage. This proliferation of data sources and of high-density data storage has put volumes of data at one’s fingertips. While the collection of large amounts of data has increased knowledge and efficiencies for businesses, it has also made attacks upon that information—theft, modification, or holding it for ransom--more tempting and easier. Cryptography is often used to protect valuable data.

    This webcast will present an overview of applied cryptography techniques for the most popular use cases. We will discuss ways of securing data, the factors and trade-offs that must be considered, as well as some of the general risks that need to be mitigated, including:

    •Encryption techniques for authenticating users
    •Encrypting data—either at rest or in motion
    •Using hashes to authenticate/ Information coding and data transfer methodologies
    •Cryptography for Blockchain
  • Storage Networking Security Series: Security & Privacy Regulations Recorded: Jul 28 2020 61 mins
    Thomas Rivera, Co-Chair, SNIA Data Protection & Privacy; Eric Hibbard, SNIA Security TWG Chair; J Metz, SNIA Board Chair
    Worldwide, regulations are being promulgated and aggressively enforced with the intention of protecting personal data. These regulatory actions are being taken to help mitigate exploitation of this data by cybercriminals and other opportunistic groups who have turned this into a profitable enterprise. Failure to meet these data protection requirements puts individuals at risk (e.g., identity theft, fraud, etc.), as well as subjecting organizations to significant harm (e.g., legal penalties).

    This webcast highlights common privacy principles and themes within key privacy regulations. In addition, the related cybersecurity implications are explored. Lastly, the session will probe a few of the recent regulations/laws to outline interesting challenges due to over and under-specification of data protection requirements (e.g., “reasonable” security).

    After viewing this webcast, attendees should understand:
    •How privacy and security is characterized
    •Data retention and deletion requirements
    •Core data protection requirements of sample privacy regulations from around the globe
    •The role that security plays with key privacy regulations
    •Data breach implications and consequences
  • PCI Dream Team - PCI Compliance with Non-supported Software & Hardware Recorded: Jul 28 2020 61 mins
    Ben Rothke | David Mundhenk | Jeff Hall | Arthur Cooper "Coop"
    Being left at the payment altar is not easy.

    PCI DSS requirements 6.1 and 6.2 address the need to keep systems up to date with vendor-supplied security patches in order to protect systems from known vulnerabilities. But what do you do if you have an in-scope application and it is no longer supported by the vendor?

    Many payment applications, gateway and software are long past end-of-life, yet still processing cardholder data. Can such a setup be PCI compliant?

    This PCI Dream Team webinar will detail the issue, challenges dealing with unsupported hardware/software, and suggest strategies for compensating controls.

    Our panelists are some of the top PCI QSA’s in the country, with decades of combined PCI and card processing experiences. They’ve seen it all: the good, bad and ugly; and lived to tell the tale.

    Join Ben Rothke, David Mundhenk, Arthur Cooper, and Jeff Hall for an interactive Q&A session, and get answers to your most vexing PCI questions. No PCI question is out of bounds.
  • Ransomware: Are Your Vulnerabilities Exposing You? Recorded: Jul 22 2020 48 mins
    Troy Vennon, Director of Cybersecurity and Trustworthiness, Covail
    More mid-to-smaller companies are being targeted by cyber attackers with ransomware. According to a recent report, the average-sized company impacted has decreased from 2018 to about 650 employees in 2019. This trend will likely continue.

    Join Troy Vennon, who leads the Ohio security community of CISOs and security managers (ISAO), for a discussion about protecting your company with practical steps and tight budgets. Troy will discuss how knowing how vulnerable your company is to ransomware helps you better protect from it.
    You will learn from this discussion:
    + Top 3 steps your security team can take to protect your network on a budget
    + How to find, prioritize and close vulnerabilities that expose you to ransomware
    + What best practices other companies are deploying to defend their enterprise from attack
  • Your Pen Test Isn't a Pen Test Recorded: Jul 22 2020 49 mins
    Ted Harrington, Executive Partner at Independent Security Evaluators (ISE)
    What is penetration testing anyways?
    It's probably not what you think it is. You're building an application and need to prove it's secure, so you go get some penetration testing. But what are you actually getting?

    In this talk, author Ted Harrington takes you to the front lines of ethical hacking and security research, blending real-world exploit stories with actionable insights in order to help you understand what penetration testing is, what it isn't, how to tell the difference, and determine what you might actually need. You'll learn how hackers break applications, and you'll walk away with practical guidance about how to:
    - Abuse functionality
    - Chain vulnerabilities
    - And much more

    About the Speaker:
    Ted Harrington is the author of HACKABLE: How to Do Application Security Right, and the Executive Partner at Independent Security Evaluators (ISE), the company of ethical hackers famous for being the first to hack the iPhone. He’s overseen security research hacking medical devices, password managers, and cryptocurrency wallets. Ted has helped hundreds of companies fix tens of thousands of security vulnerabilities, including Disney, Amazon, Google, Netflix, Adobe, Warner Brothers, Qualcomm, and more. For his stewardship of security research that Wired Magazine says “wins the prize, hands down,” Ted has been named both Executive of the Year [by American Business Awards] and 40 Under 40 [by SD Metro].
  • Top Threats Campaigns are Facing and How to Address Them Recorded: Jul 22 2020 60 mins
    David Morris | Mick Baccio | Frank Snyder | Lance James
    As the 2020 U.S. presidential election draws near, let's take a look at the top cyber threats campaigns are facing this election cycle and what can be done to address them.

    The lessons can easily be applied to the private sector and enable organizations to take steps toward better security.

    Join this panel to ask your questions and learn more about:
    - Domain spoofing
    - Email threats
    - Information warfare
    - Cyber attacks

    Speakers:
    - Mick Baccio, Splunk
    - Frank Snyder, Yubico
    - Lance James, Unit 221B

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • Protecting Your Business from Nation State Attacks Recorded: Jul 21 2020 59 mins
    Diana Kelley | Matt Rider | Etay Maor
    Cyberattacks attributed to foreign governments have been on the rise for years, many against organizations all over the world. These attacks try to steal online account information, infect computers, and compromise the safety of networks. Targets of these attacks include think tanks, university staff, government employees, and even members of organizations focused on human rights issues.

    As these attacks increase in prevalence and sophistication, organizations are taking notice of the threats posed by hostile state actors and state-sponsored cybercriminal groups.

    So, how can businesses protect against them?

    Join today's episode of The (Security) Balancing Act with Diana Kelley to learn whether your business should be concerned about nation state attacks and what to do about it.

    The topics up for discussion will include:
    - State actors & rise in cyber crime
    - How the attackers get in
    - A review of recent nation-state campaigns
    - How does this impact organizations across different verticals (Financial vs Healthcare vs Government)
    - How industry and law enforcement are responding to these attacks
    - How AI and ML may change cybercriminal tactics
    - How to deal with threats from criminals and hostile states

    Panelists:
    - Etay Maor, Chief Security Officer, IntSights
    - Matt Rider, International Engineering Director, Rapid7

    We welcome viewer participation and questions during this interactive panel session.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Cybersecurity in the New World
  • Live at: Aug 17 2020 8:00 am
  • Presented by: John Lee, Managing Director, Global Resilience Federation ASIA-PACIFIC Pte Ltd
  • From:
Your email has been sent.
or close