Hi [[ session.user.profile.firstName ]]

Cyber Hygiene: 1 dollar solution to a Million dollars problem

In this webinar, I will be sharing the necessity of Cyber Hygiene which can help organizations in preventing Cyber Breach. This could be a 1-dollar solution to a million-dollars cyber breach. Most of the organization are now focusing on latest cybersecurity tools/solution to better plan, monitor, and respond to cyber breach but they still lack in fundamentals to secure the organizational assets including humans factor. Before we invest in advanced solutions like AI, Threat Intelligence, XDR, SOAR, etc., fundamentals need to be corrected. One of the items is CIS controls to start with. Join this webinar to learn more about these and start practicing them before it's too late.
Recorded Feb 8 2021 57 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Muhammad Ahmad, Head Information Security | CISO at FINCA Microfinance Bank Limited, Pakistan
Presentation preview: Cyber Hygiene: 1 dollar solution to a Million dollars problem

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • How the best CISOs build cyber strategies to get the budgets they need Apr 6 2021 1:00 am UTC 45 mins
    Ian Yip, Chief Executive Officer, Avertro
    One of the most difficult things to do for any cybersecurity leader is to build a defensible strategy and business case for investment that can be properly measured and tracked using relevant metrics and data. Today’s security leaders need a broader set of skills and influencing approaches to advance a winning cyber strategy.

    Based on a combination of real-world experience, case studies, and research conducted with a targeted set of C-level executives, this session will show the audience how to frame the problems and outcomes they want to achieve, what metrics they should be tracking, and how to ground a cybersecurity investment plan in a business justification.

    The session will walk through example business cases for cybersecurity investment, including explanations of the component parts, and how each is related. Attendees will come out of this session with tried-and-tested skills for leading change, for influencing people who know they need a stronger security strategy, but do not always understand why and how to solve the problems specific to the organisation.

    Key Takeaways
    • Understand the components and metrics that make up an effective cybersecurity strategy and business case for investment.
    • Learn how to articulate cybersecurity outcomes in the language of the C-suite and board.
    • Understand how to tell a cyber story that leads real strategic change.
  • Your people are not as secure as you think Apr 6 2021 12:00 am UTC 45 mins
    Hilary Walton, CISO, Kordia Group
    Independent research commissioned by Aura Information Security reveals staff are not as secure as their managers may think. While 62 percent of New Zealand businesses say they carry out security training exercises with their staff, only 37 percent of Kiwis say they have received training on good cyber security practices. Hilary Walton, a security culture expert, digital influencer and CISO of Kordia Group provides her perspective on:

    • How to get started,
    • Do’s and don’t, and
    • How to build into your security strategy an employee education programme that resonates.
  • Design a Mentoring Program That Delivers! Mar 23 2021 4:00 pm UTC 60 mins
    Sushila Nair, Joy Harrison, Kwasi Mitchell, and Virginia "Ginger" Spitzer
    Mentoring programs can increase knowledge and build skills for future goals and milestones, allowing your workforce to grow their skills organically and create cultures of collaboration and success.

    Join Part 1 of our series to learn how to design a mentoring program for women and minorities in security that actually delivers for everyone involved.
    - Learn from experts on how to design a mentoring program that delivers
    - Understand how to make mentoring meaningful for your organization
    - Learn what strategic planning steps are critical to make the plan a success

    - Virginia "Ginger" Spitzer, Executive Director | ISACA, One In Tech Foundation
    - Joy Harrison, Director, Leadership Development Center for Excellence | NTT DATA Services
    - Sushila Nair, VP Security Services, Chief Digital Officer | NTT DATA Services
    - Kwasi Mitchell, Chief Purpose Officer | Deloitte
    This is Part 1 of our new series on mentorship produced by BrightTALK. Sign up for Part 2 via the link in the attachments.
  • Identity-Centric Security: The Zero Trust Perspective Mar 18 2021 5:00 pm UTC 60 mins
    Jason Garbis, SVP of Products at Appgate
    In this session we explore the limitations of traditional security architectures, and explain how Zero Trust is best achieved with a new, open, and identity-centric model – the Software-Defined Perimeter (SDP) – which can significantly improve enterprise security, and finally let organizations bridge the gap between identity and network security. SDP verifies and secures all access to all resources, strictly limits network access, and literally makes network resources invisible to unauthorized users. We’ll explain how SDP avoids the limitations of traditional security architectures, delivers fine-grained network access control in a way that’s tied to each user’s context, and is dynamically responsive to changes in enterprise environments. We’ll conclude with an enterprise case study, showing how one organization obtained technical, business, and compliance benefits.

    After this presentation, attendees will:
    - Understand the core principles of Zero Trust security, and why it’s important to adopt them now
    - How enterprises can achieve Zero Trust via a Software-Defined Perimeter architecture
    - See a customer case study of how they’ve used this approach to obtain significant business, technical, and security benefits in the cloud
    - Understand the ways in which their organization can quickly begin a Zero Trust journey, integrating with and enhancing their existing IT and Security infrastructure
  • What to Expect: Future Trends in Identity and Access Management Mar 18 2021 3:00 pm UTC 60 mins
    Pankul Chitrav and Leena Bongale, TD Bank Group
    Considering how much—and frequently—security shifts in the customer landscape, we believe Identity Management is at the epicenter of digital transformation and the next generation of enterprise IT. The changes in identity systems and services over the next five years are expected to be as disruptive as the new business models, applications and ecosystems they are supporting.

    In our presentation we will look ahead to the future of identity & access management, talk about specific projections as to where we believe Identity Management will be going over the next five years and describe a model for identity abstraction that provides an extensible services oriented architecture. We include newer disruptive models such as DevOps/microservices in identity systems, cloud-based IAM, self-sovereign identity leveraging blockchain, IoT support, evolving privacy regulations, and new governance and provisioning models.
  • Identities, Privileged Access & Cloud Security Mar 18 2021 11:00 am UTC 58 mins
    Brandon S. Dunlap; Jeremy Snyder, Rapid 7; Morten Boel Sigurdsson, Omada; Corey Williams, CyberArk
    Securing the access to cloud data assets has never been more important. According to the latest Verizon DBIR, 73% of cloud breaches involved an email or web application server, while 77% of these cloud breaches also involved breached credentials. What does this mean for enterprise cloud security, especially in the time of COVID19 and remote working?

    Join this keynote panel to learn more about:
    - How the landscape has changed in 2020
    - Why attackers are focused on identities
    - Understanding privileged user behavior and securing identities
    - Discover how organizations are doing IAM, and what's needed for a more secure enterprise
    - Best practices and recommendations by the experts
  • Cloud Supply Chain Integrity - Lessons learned from SolarWinds Hack Mar 17 2021 5:00 pm UTC 60 mins
    Valentin Bercovici, Chainkit Founder and Chief Executive Officer
    The CIA triad’s Integrity pillar is back in the spotlight. Thanks to the biggest cyber attack in history, amplified by hybrid cloud security complexity.

    Integrity in software supply chains is now a board level conversation. As software underpins any digital transformation, the importance of ensuring that every line of code is free from tampering by hackers or malicious insiders is paramount.

    In this talk we'll cover the depth of technologies supporting objectively provable software integrity.
    We’ll explore the breadth of deployment models including SaaS, PaaS, IaaS and on-premises software. Finally, we’ll discuss Integrity automation for CloudSecOps, and share best-practices architecture, and operations recommendations to help you mitigate old, and new supply chain risks.
  • The Future is Identity-Centric Mar 17 2021 4:00 pm UTC 60 mins
    Diana Kelley, SecurityCurve | Joseph Carson, Thycotic | Dave Farrow, Barracuda | Jeremy Snyder, Rapid7
    Instead of the traditional "castle and moat" model of the past, today the security perimeter is being defined around the identity of the person or the device requesting access. What are organizations doing to protect digital identities in the age of breaches? How are the current trends in identity and access management helping address this issue?

    Join this interactive roundtable discussion with notable security experts to learn more about:
    - The shift to identity-centric security
    - The zero trust mindset
    - What constitutes strong and effective authentication and authorization
    - The role of policy orchestration and enforcement
    - Best practices for protecting identities and managing access across the enterprise

    - Joseph Carson, Chief Security Scientist and Advisory CISO at Thycotic
    - Dave Farrow, VP, Information Security at Barracuda
    - Jeremy Snyder, Sr. Director, Corporate Development, Rapid7

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • [Panel] Cloud Security Hurdles and How to Overcome Them Mar 17 2021 3:00 pm UTC 60 mins
    Michelle Drolet, Towerwall; Jeff Foresman, Digital Hands; David LeBlanc, SecureCloudDB; Martin Holste, FireEye
    The push to remote work in response to the 2020 pandemic pressured many businesses to quickly move to the cloud, often resulting in security decisions being made on the spot. What are the long-term implications for enterprises, the common mistakes made along the way and the ways to overcome them?

    Join this panel of experts to learn about the security side of cloud transformation and the best practices for improving cloud security in 2021.

    The topics up for discussion during this interactive session will include:
    - Security considerations when moving to the cloud
    - Rethinking your threat model
    - Addressing the complexity of managing hybrid or multi-cloud environments
    - Governance and compliance considerations
    - Fostering a robust security culture and tighter collaboration between teams
    - Best practices and recommendations for moving security operations to the cloud
  • Simplifying Cloud Security Concepts Mar 17 2021 9:00 am UTC 60 mins
    Milica Lijeskic, Security Cloud Architect, KyberStorm
    As more organizations embrace distributed working environments, we see a rapid acceleration of cloud adoption. However, we notice that this adoption is typically done without a strategic migration plan causing more challenges in already complex environment.
    Many organizations don’t have a good handle on who should bear a burden of ensuring proper security in the cloud, much less a strong end-to-end vision of what technologies are required to secure their cloud deployments.
    In this session you will learn about:
    • The current security challenges in the cloud
    • How to integrate security throughout the IT life cycle
    • How to take a holistic, continuous, and defense-in-depth approach to security
    • Technologies that can help you securely adopt cloud

    About Milica Lijeskic:
    Milica serves a Cloud Security Architect and Compliance Subject Matter Expert at KyberStorm. During her career she has worked across wide range of technologies and industries to implement countermeasures to mission-critical systems hosted in the cloud or on-premises. Her portfolio of work includes the authorship of strategic cybersecurity plans and policies and system architecture designs for federal government agencies and private companies. Her forward looking approach, resourcefulness, and passion for continued education has helped her resolve complex and provide unmatched services to her customers.
    Milica holds Bachelor’s degree in Business Leadership from George Mason University, as well as a variety of technical certifications: CISSP, Amazon Web Services (AWS) Solutions Architect, and CompTIA Security +.
  • Multi-Cloud Security: A concern for providers and consumers Mar 16 2021 9:00 pm UTC 60 mins
    Dr. George Edeh, UMGC, Founder, Technology Impact Associates, a Technology Consulting Company
    Cloud computing is not going anywhere and the demand for Cloud services quadruple as seen in the demand for Multi-Cloud implementation. Multi-Cloud have many advantages but its complexity creates security challenges that consumers and providers should be concerned about.
    This presentation will take you through the tools you need to enable visibility across the entire platforms through a single view point.

    Dr. George Edeh, Assistant Professor Cybersecurity Program, UMGC, Founder, Technology Impact Associates, a Technology Consulting Company:gedeh@teiassociates.com
  • Cloud Security – a dynamic approach to cloud risk monitoring and reporting Mar 16 2021 3:00 pm UTC 45 mins
    Benoit Heynderickx, Principal Analyst, ISF
    On Tuesday 16th March at 15:00 GMT, Benoit Heynderickx Principal Analyst at the ISF will be hosting a live webinar exploring cloud security and a dynamic approach to cloud risk monitoring and reporting.

    In this session we will be looking at:

    - Some of the new challenges faced by security and risk function when it comes to monitoring the risks posed by the multitude of cloud services recently acquired
    - The various solutions at-hands for cloud risk monitoring and reporting across the whole multi-cloud environment
    - Future trends leveraging the use of AI techniques for cloud risk monitoring.

    Benoit is a principal analyst at the ISF. He is the project lead for the ISF’s Supply Chain suite of products and the research lead for cloud security. Benoit has over 20 years’ experience in information security risk and assurance and has worked across various industries and large organisations. Benoit also has a special interest in the emerging quantitative techniques in risk analysis.
  • Cloud Security Threat - Cloud Monitoring and Breach Prevention Mar 16 2021 11:00 am UTC 60 mins
    James Johnson, Cloud Security Specialist, Proofpoint
    In this session we explore the threats associated with cloud security, breach monitoring and prevention.

    We also explore how organizations can protect themselves both from a denial of service, information leak, data theft.

    With all the limitations of traditional security architectures, we explain how a CASB with Unified Information Protection can achieve cloud & data security detection through to remediation.

    Significantly improving enterprise security, bridging the gap between cloud and information security.

    After this presentation, attendees will:
    - Understand the core principles of people-centric cloud security, and why it’s important to adopt them now.
    - How enterprises can achieve a unified, layered defence to cloud and resultant data impact issues.
    - Understand how their organization can adapt a people-centric cloud security strategy, integrating with and enhancing their infrastructure.
  • Thinking Like A Hacker Mar 15 2021 11:00 pm UTC 60 mins
    Josh Stella, Fugue Co-Founder, CEO and CTO
    When it comes to cloud misconfiguration vulnerabilities, compliance frameworks and monitoring tools aren’t always going to help you. If you’re using the cloud, odds are your security model is broken.
    The cloud changed the way hackers think and operate: Rather than targeting an organization and then searching for vulnerabilities to exploit, hackers use automation to scan the internet looking for cloud misconfigurations to exploit.

    Once an attacker has access to your environment, they use IAM resources like a network to move laterally, find data, and extract it. We’ve graduated from simple misconfiguration mistakes to techniques bad actors are using today to breach data out from under the most advanced cloud security teams—often without detection.

    In this talk, Josh Stella Fugue Co-Founder , CEO and CTO, will put you into the hacker mindset so you can think more critically about fixing your broken cloud security.

    Specifically, this talk will cover:
    - Common cloud misconfigurations that compliance won’t catch
    - How attackers take advantage of IAM misconfigurations
    - How to find advanced misconfiguration vulnerabilities and fix them
    - Strategies for remediation and building security into cloud design
  • Security Issues and Solutions in Cloud Computing Mar 15 2021 11:00 pm UTC 60 mins
    Pankul Chitrav and Leena Bongale, TD Bank Group
    Cloud computing’s security is an area of concern for organizations all over the world in today’s increasingly remote world. As we have send in the recent years security breaches in large organizations point out that some of these security problems present as data breaches while others deal with access control. Whatever the issue, it concerns decision makers greatly when making a choice of software or solution.

    Organizations should take note that these security challenges are well documented. At the same time, each presents its own solution to vulnerabilities found in using cloud computing to meet business challenges and customer demands. In short, if you take the right precautions, cloud computing can be both safer and more satisfying for your business needs.

    Our presentation is an introduction to some of the security challenges you can mind while relying on cloud computing for your business. We speak on at least four common concerns and their solutions, i.e Data Breaches, Access Control, Data Loss & Denial Of Service.
  • Cyber Resilience in Multiple Cloud Environments Mar 15 2021 5:00 pm UTC 60 mins
    Bincy Ninan-Moses, Director of Cybersecurity, Integral Consulting Services, Inc.
    Over the past year, we have seen a lot of unprecedented changes to our usual way of life with everything and everyone going remote as a result of the COVID-19 pandemic. This has led to various technology disruptions including adoption of multiple cloud environments across the globe. The shift to multiple cloud environments and a fully remote workforce that adds endpoints to access data and networks leads to location-agnostic operations and calls for heightened security that has broken the traditional perimeter-based network security model.

    In this session, we will discuss the current proliferation of multiple cloud environments and explore how best to adopt these disruptive multi cloud environments through holistic cloud security solutions and zero trust.

    About Bincy Ninan-Moses:
    Bincy Ninan-Moses is an enterprise technology solutions and cybersecurity subject matter expert (SME) leading Integral’s cybersecurity and cloud computing practices. She works to build Integral’s technical capabilities through innovative solutions and industry partnerships. She has worked for over 13 years in various roles in technology, cybersecurity, research and analysis, and as a technical solutions architect working at the intersection of business and emerging technology. Bincy has published research on national critical infrastructure security, cyber economic incentives, U.S. national and international innovation ecosystems, science and technology (S&T) policy, and S&T prediction markets. She holds a Bachelor’s degree in Electronics and Communication Engineering from Visvesvaraya Technological University, a Master of Business Administration (MBA) degree from Ohio University, and an Executive certificate in Cybersecurity from Harvard University. Bincy is a Certified Ethical Hacker (CEH) and holds professional certifications in penetration testing, cloud computing, and cybersecurity.
  • [Panel] Securing a MultiCloud Environment Mar 15 2021 3:00 pm UTC 60 mins
    Jo Peterson, Clarify360; Ed Featherston, HPE; Nissim Pariente, Radware; Stan Lowe, formerly Zscaler and PerkinElmer
    According to the Flexera 2020 State of the Cloud Report, 93 percent of enterprises have a multi-cloud strategy.

    In this session we’ll explore some of the critical challenges that a multi cloud environment can present around security such as access, hypercomplexity and reduced visibility.

    We’ll review options around:
    - Cloud Security Frameworks
    - Multi-Cloud Security Best Practices
    - Specific Tips to Strengthen Cloud Security Configurations
  • Preventing & Detecting Cloud Security Incidents Mar 15 2021 11:00 am UTC 56 mins
    Jeff Foresman, VP of Security Operations & CISO, Digital Hands
    We have seen explosive growth in organizations moving applications, services and systems to the Cloud but unfortunately many do not understand how to secure these environments. Numerous IT and Security departments approach security in the cloud as they were securing individual servers in a data center and do not understand how to prevent data breaches or accidental data disclosers. Organizations are also struggling with how to effectively get full visibility into the cloud environment to monitor for malicious activity or configuration errors.

    This presentation will focus on how to prevent and detect cloud security incidents including:

    - Cloud Security Threats
    - Review of Cloud Data Breaches
    - How to Prevent Cloud Security Incidents
    - How to Detect Cloud Security Incidents

    Attendees to this discussion will come away with an understanding of the threats to cloud platforms and how an organization can develop solutions to effectively prevent and detect cloud data breaches. We will also provide best practices and native cloud solution recommendations to harden and monitor their applications, services and systems.
  • Cyber Authors Ep.3: How to Do Application Security Right Mar 10 2021 6:00 pm UTC 60 mins
    Ted Harrington, Author of Hackable & Executive Partner at ISE | Sushila Nair VP Security Services at NTT DATA
    If you don’t fix your security vulnerabilities, attackers will exploit them. It’s simply a matter of who finds them first. If you fail to prove that your software is secure, your sales are at risk, too.

    Whether you’re a technology executive, developer, or security professional, you are responsible for securing your application. However, maybe you’re uncertain about what works, what doesn’t, how hackers exploit applications, or how much to spend. Or, maybe you think you do know, but don’t realize what you’re doing wrong.

    To defend against attackers, you must think like them. Join Ted Harrington, author of HACKABLE: How to Do Application Security Right and learn:
    - how to eradicate security vulnerabilities
    - establish a threat model
    - build security into the development process

    You’ll leave knowing how to build better, more secure products, gain a competitive edge, earn trust, and win sales.

    This episode is part of Cyber Authors, a new series with Sushila Nair. We welcome viewer participation and questions during this interactive interview.
  • Succeeding as a CISO in 2021 Recorded: Feb 17 2021 62 mins
    Diana Kelley, SecurityCurve | Patricia Titus, Markel Corp | Jonathan Nguyen-Duy, Fortinet | Gerald Mancini, Fidelis
    This month's episode of The (Security) Balancing Act will look at how the CISO role has evolved in the last few years, what today's expectations are and what it takes to succeed as a CISO.

    Some of the topics to be covered during this roundtable discussion with security and tech leaders include:
    - How has the CISO role evolved over the last few years and what is expected of CISOs in 2021?
    - CISO vs BISO
    - How to see ROI on your cybersecurity investment?
    - How to get the business to understand risk and care about security?
    - How to keep cyber employees happy. The churn is exhausting and costly for companies, and it’s exacerbated by employee burnout and a “grass is greener” approach.

    - Patricia Titus, Chief Privacy and Information Security Officer, Markel Corporation
    - Jonathan Nguyen-Duy, Vice President, Global Field CISO Team at Fortinet
    - Gerald Mancini, Chief Operating Officer of Fidelis Security

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Cyber Hygiene: 1 dollar solution to a Million dollars problem
  • Live at: Feb 8 2021 11:00 am
  • Presented by: Muhammad Ahmad, Head Information Security | CISO at FINCA Microfinance Bank Limited, Pakistan
  • From:
Your email has been sent.
or close