Hi [[ session.user.profile.firstName ]]

A Practical Guide for Managing Today’s Targeted Phishing Attacks

Phish or no phish? That’s the question that employees—and executives in particular—have been asking themselves more frequently. They’ve heard about how high profile organizations and even government agencies have fallen prey to attacks that stemmed from seemingly harmless emails. Has the door been left wide open?

Join Websense on June 20th as we provide guidance on how you can recognize advanced threats and protect yourself from them. Attendees will gain practical insights into:

· Recent Email Phishing Schemes

· Telltale Signs of Advanced Targeted Attacks

· Best Practice Principles to Educate Users

· Technology Capabilities to Minimize Risk of Compromise
Recorded Jun 20 2012 41 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jason Woo, Product Marketing Manager, Websense
Presentation preview: A Practical Guide for Managing Today’s Targeted Phishing Attacks

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • The Not So Same-Origin Policy & Web Security Jul 18 2017 6:00 pm UTC 60 mins
    David Petty, Network Security Analyst at Independent Security Evaluators
    The same-origin policy (SOP) remains one of the most important security mechanisms of the web, protecting servers from malicious pages interacting with their APIs through cross-site requests. However, the subtle details of the policy can be overlooked, so our talk aims to show how limitations in the application of the same-origin policy can undermine security.

    Join this talk in the "Threat Hunting" series as David Petty, Network Security Analyst at Independent Security Evaluators, explains in depth how the same-origin policy works and how it can be bypassed to exploit cross-site vulnerabilities, including examples of Java, Flash, Silverlight, and Cross-Origin Resource Sharing (CORS) misconfigurations.

    As the same-origin policy and cross-site request forgery (CSRF) are inherently connected, we will also show both simple and complex cross-site request forgery attacks and how CSRF functions within the context of the same-origin policy. This will include classic CSRF attacks that work within the confines of the same-origin policy and more complicated attacks that utilize server misconfigurations to bypass the same-origin restrictions altogether.

    About the Threat Hunter:
    David Petty is an Associate Security Analyst at Independent Security Evaluators (ISE), a security consulting company in Baltimore, MD. He has recently graduated from Northwestern University with a B.S. in Computer Science, and discovered his interest in security while working for ISE during college. He specializes in breaking web and native applications and uses these skills to conduct custom security assessments of software products. His interests also include reverse engineering and digital forensics.
  • Using Windows Security Events to Detect Intruders in Your Network Jul 4 2017 9:00 am UTC 90 mins
    Randy Franklin Smith (Windows Security expert), Chris Martin (Security Engineer), Caitlin NoePayne (LogRhythm Sr. TPM)
    Over time, any given computer on your network will establish a pattern of systems it does and doesn’t talk to. If you can properly baseline that behaviour and detect when the computer deviates from normal activity you can produce critical early warnings of a potential incident.

    In this webcast, LogRhythm’s senior technical product manager, Caitlin NoePayne, and principal sales engineer, Chris Martin, join Randy Franklin Smith, Windows Security subject matter expert, to discuss detecting computers on your network talking for the first time using Windows Security Events. They will also demonstrate LogRhythm behavioural analytics rules and case management features that help analysts follow up on suspicious activity alerts.

    Learn how to:

    • Configure your audit policy to generate relevant security events
    • Establish baseline behaviour of the machines on your environment
    • Monitor and detect traffic patterns to detect an attacker embedded in your network using Windows Security Events
    • Speed up investigation and response with Security Automation and Orchestration

    Watch now to learn how to use Windows Security Events and LogRhythm to detect when two computers on your network talk to each other for the first time.
  • Data-Centric Security for GDPR Compliance Jun 27 2017 5:00 pm UTC 75 mins
    Moderated by Brandon Dunlap, Amazon; Carole Murphy, HPE; Les McMonagle, Blue Talon; Cheryl Tang, Imperva; Mark Chaplin, ISF.
    In today’s threat landscape, traditional approaches to securing data are falling short. Since 2015 we have seen some of the largest data breaches ever and it is clear that no industry or organization is immune from cyber attacks. The threat landscape is increasingly dangerous, while new technologies are distributing sensitive data farther across locations, devices and repositories. Starting in May 2018, enforcement will kick in on the European Union’s General Data Protection Regulation (GDPR), a move that could have a stronger privacy/security standardization effect than any technological effort has to date. Globalization efforts will make GDPR compliance essential for global companies wherever they are located.

    The development of a comprehensive data-centric security program, including data discovery, classification, encryption, and file protection, can uniquely position your organization to protect what matters most, and make security move with your data to comply with global regulations such as GDPR. On this webinar our panel of experts will discuss the key points that you should consider when developing such a program for your organization.
  • Your Car Is Betraying You -- Why Robust Security is Essential on the Road Recorded: Jun 22 2017 58 mins
    Toby Weir-Jones, CEO, Weir-Jones and Associates
    Modern vehicles are, as Bruce Schneier recently put it, actually computers with wheels rather than cars with a computer added on. Every part of the vehicle's operation is supervised, logged, and managed by digital signals on a complex vehicle network. If you have a crash, your car will tell investigators if you were speeding or swerved to avoid the impact. If you spend too long dawdling at the convenience store instead of visiting your customers, your employer will know about it. If you waste fuel, drive dangerously, or don't turn your lights on when you should, it'll be recorded.

    This introduces a lot of familiar debates in security circles. Who owns the data? What counts as personally identifiable? What are acceptable standards for logging, retention, and disclosure? What happens if we get it wrong?

    The bad news is the vehicle landscape, like enterprise security, is badly fragmented. The good news is we've learned a lot of useful lessons over the past 20 years which can be brought to bear on the problem, so solving it shouldn't take another 20.

    In this presentation we'll review some of the mechanics of how vehicle data is generated, who can see it, and how it can be used and abused. We'll then talk about points of leverage for the industry, the manufacturers, the owners, and law enforcement, and see what common ground exists. Finally, we'll lay out some basic ideas any fleet operator or concerned individual can use to make decisions about what vehicles to use and how to manage the data footprints they generate.
  • Building Secure Vehicular Software Recorded: Jun 22 2017 36 mins
    Dr. Mark Sherman, Technical Director, CERT / Software Engineering Institute, Carnegie Mellon University
    Software plays an expanding and critical role in the success of future vehicles such as automobiles and trucks. Novel technologies that depend on the flexibility of software create new vulnerabilities and new ways to attack systems. This talk explores the expanding landscape of vulnerabilities that accompany the increasing reliance on software and then examines some key steps to help mitigate the increased risk: development of appropriate requirements from an analysis of risks, techniques that can be applied during development, and evaluation approaches for existing systems. The talk will conclude with a view of emerging approaches to further improve the delivery and sustainment of such critical software.

    About the Presenter:
    Dr. Mark Sherman is the Director of the Cyber Security Foundations group at CERT within CMU’s Software Engineering Institute. His team focuses on foundational research on the life cycle for building secure software and on data-driven analysis of cyber security. Before coming to CERT, Dr. Sherman was at IBM and various startups, working on mobile systems, integrated hardware-software appliances, transaction processing, languages and compilers, virtualization, network protocols and databases. He has published over 50 papers on various topics in computer science.
  • Rebooting the Auto Industry: When Security Affects Safety Recorded: Jun 22 2017 55 mins
    Craig Smith, Founder, Open Garages; Research Director of Transportation Security, Rapid7
    We are surrounded by 2-ton IoT devices on wheels. The auto industry has rapidly evolved in the last five years; vehicles now have phone apps for remote control, built-in WiFi hot spots, heads-up displays, lane correction systems, and other Advanced Driver Assistance Systems. These convenience and road safety features are in high demand, but they also introduce cybersecurity concerns.

    Automakers are now software companies, and this talk will address some of the cybersecurity-related issues faced by the transportation industry, including some of the growing pains a “traditional” industry has when it starts to become internet connected to the outside world. Mr. Smith will share techniques currently used by hackers and show some of the security defenses being put into place. You will see the vulnerabilities of vehicles on the road today, as well as take a peek into the future of fully autonomous cars. And if your head isn’t spinning already, learn what it will mean to "own" a car in the future. Key topics will include:
    •What makes car hacking so intriguing?
    •Who are the adversaries in this space and what are they after?
    •How self-driving cars can be used as a model for corporate infrastructure.
    •How IoT can be locked down without locking out the customer.

    About the Presenter:
    Craig Smith is the Founder of Open Garages and Research Director of Transportation Security at Rapid7. Open Garages is a distributed collective of performance tuners, mechanics, security researchers and artists. Craig is also the author of the Car Hacker's Handbook and runs a Security Consulting firm that specializes in automotive reverse engineering. Craig has developed many open source utilities to teach CAN bus to students and well as security penetration tools that can uncover vulnerabilities in vehicle and diagnostic systems. He has worked in the security field for over 20 years with the last 5 years focused on automotive.
  • The Future of Cybersecurity and the Internet of Things Recorded: Jun 21 2017 61 mins
    Demetrios "Laz" Lazarikos (Blue Lava), Mark Weatherford (vArmour), Robert M. Lee (Dragos)
    With the proliferation of the Internet of Things (IoT) into every aspect of our society, cyber attacks on a massive scale are becoming a possibility, and in some cases, a reality. Attackers can take out city grids, hijack control systems and engage in cyber war remotely.

    This panel of top cybersecurity experts will discuss how connected devices are affecting our critical infrastructure security, the IoT and cyber warfare, and what we need to do today to address the security challenges posed by IoT devices.

    - Demetrios "Laz" Lazarikos, Three Time CISO, Founder of Blue Lava
    - Mark Weatherford, Chief Cybersecurity Strategist at vArmour
    - Robert M. Lee, CEO and Founder of Dragos, Inc.
  • IoT and Critical Infrastructure: Why We Need Intelligence Exchange Recorded: Jun 21 2017 44 mins
    Paul Kurtz, CEO & Co-Founder of TruSTAR
    Today we fight adversaries individually, not collectively. Companies are working in silos to defend their individual infrastructures. Security operators and defense teams do not have visibility into cyber security incident information from their peers, even though they may be seeing the same attack methods or adversaries. The lack of an effective exchange and collaboration between companies is the Achilles heel our enemies continue to exploit.

    Come and join a discussion about a new cybersecurity model that maximizes the use of the network (much like the bad guys) and incentivizes the exchange of actionable threat incident data.

    We'll look at recent critical infrastructure hacks such as Grizzly Steppe, WannaCry and CrashOverride and discuss how we can better protect ourselves for future attacks.
  • When thermostats become critical infrastructure, what will you do? Recorded: Jun 21 2017 57 mins
    Wieland Alge - GM EMEA - Barracuda Networks, Mark Harrison - Consultant - Pen Test Partners
    Would a hack on one Internet connected thermostat stop a nation? Maybe not, but imagine hundreds of connected devices being meddled with in order to cause havoc?

    Join our IOT experts to discuss the real impact of an IOT device hack. Wieland Alge, GM EMEA at Barracuda Networks and Mark Harrison, Consultant at Pen Test Partners, will look into why cyber criminals are interested in hacking IOT devices and the true impact of such an attack to organisations. Join this webinar to learn:

    • The true impact of an IOT hack
    • Methods used by hackers
    • Demos of IOT devices being hacked
    • Major challenges in protecting smart cities
    • How to mitigate these threats
  • [VIDEO] The Influence of AI & Machine Learning on the Security Industry Recorded: Jun 21 2017 13 mins
    Josh Downs, BrightTALK & Giovanni Vigna, Professor & CTO, University of Santa Barbara & Lastline
    BrightTALK caught up with Giovanni Vigna from University of Santa Barbara & Lastline for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

    Topics up for discussion:

    - The difference between traditional AI & Machine Learning and the tools when applied to cyber security

    - Whether the buzz surrounding the tools is legitimate

    - How the human still needs to fit into the picture when using machine learning based security techniques

    - How AI & Machine learning can be used for threat hunting purposes

    - The WannaCry virus and what it means for the ransomware landscape and how we protect ourselves from attacks

    - The value of security culture in an organisation

    - Trends in the techniques used in cyber warfare

    - The exponential growth of the IoT and what it means for securing the connected devices
  • Why Vendor Liability is Necessary to Secure Consumer IoT Recorded: Jun 21 2017 55 mins
    Tatu Ylonen, Founder & SSH Fellow, SSH Communications Security, Inc.
    We live in an IoT world. Connected devices now include TVs, refrigerators, security systems, phones, music players, smart assistants, DSL modems, cars, and even toothbrushes. Besides privacy and personal security concerns, these devices pose significant risk of cyber attacks. IoT devices have been used in devastating DDoS attacks that have paralyzed key Internet services, emergency services, and heating systems. In addition to run-of-the-mill hackers and hacktivists, they are the first line of attack in any low-to-medium scale cyber conflict between nation states.

    Vulnerable IoT devices represent a direct threat to safety, life, property, business continuity, and general stability of the society.

    This talk will discuss the security challenges surrounding IoT devices, and what is needed for a balanced framework that forces vendors to implement a reasonable level of best practice without causing them undue burden and risk.

    About the Presenter:
    Tatu Ylonen is a cybersecurity pioneer with over 20 years of experience from the field. He invented SSH (Secure Shell), which is the plumbing used to manage most networks, servers, and data centers and implement automation for cost-effective systems management and file transfers. He is has also written several IETF standards, was the principal author of NIST IR 7966, and holds over 30 US patents - including some on the most widely used technologies in reliable telecommunications networks.
  • The State of the Internet of Insecure Things in 2017 Recorded: Jun 20 2017 64 mins
    Jay Beale (InGuardians), John Bambenek (Fidelis Cybersecurity), Mike Hamilton (Ziften), Vince Tocce (VITB Podcast)
    Internet of Things devices are notoriously lacking in security, making them easy targets for attackers to hijack and leverage in DDoS attacks. How have cyber attacks evolved in the last few months? What is the impact of the IoT devices on cybersecurity across organizations and industries? How can we better protect our organizations when it comes to attacks coming from the IoT?

    This panel of security experts will discuss the current state of IoT security and the IoT trends seen across industries. Join this interactive Q&A session and discover where the vulnerabilities lie and how we can improve cybersecurity.

    - Vince Tocce, Founder of Vince in the Bay Podcast

    - Jay Beale, CTO of Inguardians
    - John Bambenek, Threat Systems Manager at Fidelis Cybersecurity
    - Mike Hamilton, SVP Product at Ziften Technologies
  • What Is the Value of Your Security Program? Recorded: Jun 20 2017 50 mins
    Joe Moles, Director of Detection Operations
    Many security teams find it challenging to prove their value and effectiveness, especially in the absence of compromise or breach activity. Learn how top-performing security teams take advantage of their visibility across the environment to provide ongoing, deeply insightful measurements and reporting that support broader business decisions. Applying these techniques can exponentially increase the overall value of your security team to the entire organization.

    In this webinar, you will learn:
    - A framework with actionable ways to report the effectiveness of your security program and tools
    - How to translate technical data into business objectives
    - Methods for identifying performance issues and opportunities across your team, processes, and tools
    - A simple calculation to systematically prioritize your alerts
    - Guidelines for driving strategic decisions based on the measurement of security tools

    About the Presenter: Joe Moles, Director of Detection Operations

    An IR and digital forensics specialist, Joe Moles has more than a decade of experience running security operations and e-discovery. As Director of Detection Operations at Red Canary, he leads a team of security analysts to help organizations defend their endpoints against threats. Prior to joining Red Canary, Joe built and led security operations, incident response, and e-discovery programs for Fortune 500 companies like OfficeMax and Motorola. He is regarded as an industry thought leader and regularly contributes to the Red Canary blog.
  • IoT: Security’s Brave New World Recorded: Jun 20 2017 55 mins
    Scott Crawford and Patrick Daly, 451 Research
    The IoT explosion means billions of new, “smart” devices gathering petabytes of data from a host of environments, many new and unfamiliar to IT. How can security possibly keep up with it all? Recent events such as the Mirai botnet suggest we’re already behind the curve – and that the need is not just to defend against threats to IoT, but to protect against threats arising from compromised IoT. In this talk, we’ll explore:

    - The primal forces pulling security in diametrically opposite directions (hint: “the cloud” isn’t everything)
    - The reality of IoT endpoints (many are far more complex than you’d suspect)
    - Breaking it down: Where is security making inroads? What are the areas to watch for innovation?
    - The road ahead: How will the evolution of IoT security impact society?

    About the Presenters:
    As a Senior Research Associate in 451 Research’s Information Security Channel, Patrick Daly covers emerging technologies in Internet of Things (IoT) security.

    Scott Crawford is Research Director for the Information Security Channel at 451 Research, where he leads coverage of emerging trends, innovation and disruption in the information security market. Well known as an industry analyst covering information security prior to joining 451 Research, Scott has experience as both a vendor and an information security practitioner.
  • IoT Devices are a Bargain These Days. Aren’t They? Recorded: Jun 20 2017 62 mins
    Ted Harrington, Executive Partner, ISE | Debra Farber, Founder, Orinoco | Chris Robers, Chief Security Architect, Acalvio
    We live in a world enabled by and surrounded by technology - and each day there's a new device to hit the market designed to make our lives easier, more convenient, and perhaps even healthier. As a society - both as individuals and as organizations serving us - we snatch up these new devices as quickly as they hit the shelves and use them with open arms, unknowingly putting privacy and safety at risk.

    > Ted Harrington, Executive Partner at Independent Security Evaluators
    > Debra J Farber, Security & Privacy Executive | Founder of Orinoco.io & WISP
    > Chris Roberts, Chief Security Architect at Acalvio Technologies

    > Sean Martin, CISSP, Founder and Editor-in-Chief, ITSPmagazine

    This expert panel will look at a variety of these connected things - from connected cars to automated homes to the IoT-enabled medical devices we will have implanted in our bodies.

    Join us for this expert, engaging conversation where we’ll explore:
    - What personal data must we share with these devices to get the most out of them?
    - What price are we willing to pay for an easier, smarter, connected life? Are we willing to sell our soul for a digital future? Because, willingly or not, we are.

    - Do we actually know that we are doing that? Do we know what are we giving up in return for this streamlined world we live in? Are we able to make an informed, conscious decision? Will we ever be?

    Be sure to join us for this exciting and engaging conversation!
  • Sharing the Data of IoT Security Incidents: 5 Keys to Improved Security Recorded: Jun 20 2017 40 mins
    Jeffrey Ritter
    Bad things happen, but the potential of IoT will be limited if those in any connected system of devices cannot share data of adverse incidents more effectively. This webcast introduces 5 keys to doing so successfully, all toward improving security across those systems.
  • Securing the Internet of Everything: The war of the coffee machines Recorded: Jun 20 2017 47 mins
    Peter Wood
    The Internet of Everything affects everyone from multi-nationals to private citizens. The universal adoption of machine to machine communications in every aspect of our lives offers criminals a hugely expanded attack surface. How do we defend ourselves without undermining the benefits of the IoE?
  • [VIDEO] Dr Jessica Barker on the Human Side of Cyber Security Recorded: Jun 20 2017 9 mins
    Josh Downs, BrightTALK & Dr Jessica Barker
    BrightTALK caught up with Dr Jessica Barker for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

    Topics up for discussion:

    - The WannaCry ransomware, what it means for the cyber threatscape and how to protect against similar attacks in the future

    - Improving security culture in the workplace for all your staff

    - AI & Machine Learning in the cyber security realm

    - The explosion of the IoT and how to protect all the devices on the network

    - Hacking back - the ethical standpoint
  • Understanding Latest Data Breaches: Risk & Cost Analysis Recorded: Jun 20 2017 63 mins
    John Pironti, president of IP Architects, and Michael Dalgleish, director of sales engineering at LogRhythm
    The perils of security breaches are widely publicised, but do you know exactly how an attack or breach would affect your business?

    In this webinar John Pironti, president of IP Architects, and Michael Dalgleish, director of sales engineering at LogRhythm, will discuss the costs of recent data breaches and illustrate the best ways to determine your organisation’s cyber risk profile. The duo will also teach you about the security tools and processes you can implement to strengthen your security operations.

    Watch now to learn how to take your security operations to the next level.
  • [VIDEO] Ransomware Lessons and Preparing for GDPR Recorded: Jun 19 2017 4 mins
    Chris Hodson, EMEA CISO, Zscaler Inc
    BrightTALK caught up with Zscaler's Chris Hodson for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

    Topics up for discussion:

    - The WannaCry malware and the lessons to be learned from the outbreak

    - Steps that cyber security and data protection professionals need to take to be ready for GDPR in 2018

    - The development of cyber warfare and what it means for the security industry
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: A Practical Guide for Managing Today’s Targeted Phishing Attacks
  • Live at: Jun 20 2012 5:00 pm
  • Presented by: Jason Woo, Product Marketing Manager, Websense
  • From:
Your email has been sent.
or close