Website Threats: It’s Not All About the Hacker Anymore
Website Security Series Part 3
The external threat landscape is evolving; web-based malware and legitimate website hacking is continuing to fluctuate as we learn and adapt our network defence strategies, or externalise our infrastructure to mitigate risk. However, do these initiatives around protection extend to our customers?
Every organisation has a web presence and increasingly this presence is not just for broadcasting corporate brands and products; it is used to collect and socialise personal information from customers and constituents and process regulated financial transactions.
In this session Symantec will discuss:
- Top threats that target customer identities
- How the Trust model of SSL has survived the last 18 months
- Why the Internet’s top brands are moving to Always-On SSL
- Why not all SSL certificate infrastructures are created equal and how this can influence business growth
- How to manage an expanding cryptography infrastructure effectively
Mike Smart is the Senior Manager of International Product and Solutions at Symantec.
In his role, Mike is responsible for driving Symantec’s Trust Services business across International and emerging markets. He joined Symantec in 2012 from SafeNet where he was Director of Products and Solutions in EMEA.
Mike has a strong history in the SMB and Enterprise IT Security arena and has been at the forefront of introducing new technologies and solutions to the market in areas such as Cloud Security Solutions, Information Leakage Detection and Prevention and Unified Threat Management. Mike is an active member of the UK’s Get Safe Online not-for-profit organisation which provides a leading source of unbiased, authoritative information on protection against fraud, identity theft, viruses and many other problems encountered online.
RecordedJun 21 201240 mins
Your place is confirmed, we'll send you email reminders
Enterprises spend millions of dollars on cyber security tools and services, but still many of them cannot distinguish the legitimate users from the attackers with legitimate, but stolen credentials. This fact and the fact the users reuse their passwords across multiple services, allows attackers to easily get into an organization using the front door instead of using vulnerabilities to compromise the IT infrastructure. The security of an organization is heavily dependent on the security of the other organizations where its employees or customers have accounts.
In this talk, you will learn how attackers are able to compromise accounts of secure organizations which do not have vulnerabilities; and as an admin, what you can do to protect your organizations from those attacks. We will look at case studies of organizations whose accounts have been breached and those that took proactive measures to keep their employees’ and customers’ accounts safe.
Matthew Cook, Co-Founder of Panopticon Laboratories
The activities of cheaters, hackers, and fraudsters are killing virtual worlds for online game players, publishers, and developers. This presentation outlines the tools and techniques that bad guys have adapted from other industries to attack online games, why they're so financially motivated to do so, and what the consequences of allowing them to continue to operate were for a large, international Facebook and mobile game publisher.
As today’s technology becomes more and more sophisticated, human error remains the weak point. The most state of the art security technology is still hampered by human error and lack of awareness.
In this insightful and action-oriented session, Wes Stillman, CEO of RightSize Solutions and a leading industry thought-leader on cybersecurity will offer actionable tips that firms can implement right away to drastically improve security including:
· Survey Your Technology Infrastructure
· Set Up Awareness Training
· Run a Mock Disaster Recovery
· What is BYOD and why it’s so important
As one of the premiere providers of IT Outsourcing to RIA Firms and the Wealth Management community, this presentation ideal for COOs, CTOs or anyone interested in understanding how effective policies and procedures can be your best line of defense for the security of your firm and clients.
John Bambenek, Threat Systems Manager at Fidelis Cybersecurity
Nearly 1 million new malware threats are released every day. The sheer deluge of unique malware samples makes it difficult for incident responders to keep up to protect their networks. Even more difficult is the task for investigators and law enforcement to keep up with the size and number of command-and-control networks and criminal operations.
Join this presentation to learn about the solutions and tools you can employ to monitor criminal infrastructure and make it easy for incident handlers to identify problems on their network, for security analysts to protect their networks and for law enforcement to have reliable near-time information for their operations.
Roderick Flores, Founder & CEO of Sikernes Risk Management, Inc.
What are your security risk assessments really telling you? Do you know how much a change in security or business operations will change your exposure? Do you know how changes in threat activity affect your risk over the long term?
Chances are you will not be able to answer these questions unless you have quantitatively calculated your Annualized Loss Expectancy (ALE). Join this presentation and learn about the factors that drive the determination of ALE and how this approach will allow you to better understand and manage your exposure to cybersecurity risks.
Evolving tactics, techniques and procedures (TTPs) of online criminal actors have left a number of notable victim organizations in their wake and raised the bar for the security teams and law enforcement agencies that have sworn to protect them. From the migration of online criminal markets to an even deeper underground, to online extortion making a big comeback in novel ways, to increasingly effective malware crafted to steal more money and private information, if you are a potential target for online criminals, you are up against a greater cyber criminal threat than in years past.
Ayaz Hussain Abro, Information Security & GRC Consultant
The main areas covered in this webinar will be the latest smartphone threats and malicious back doors. How Hackers are gaining access into user's mobile phone and reach into financial information just by deceiving user just with one application.
We all make transactions through smartphone apps, and these need to be safe and alert. The audience will learn about how to defeat hackers by using smartphone smartly.
Ina Yulo (BrightTALK), John Erik Setsaas (Signicat), John Egan (Anthemis Group), Jason Peto (360global net)
When it comes to analysing and managing insurance claims, the market still runs in a very old school manner — human intervention, lots of paperwork and phone calls. This unfortunately also poses a real threat when it comes to fraudulent claims and applications. With digital advances and the rise of InsurTech, these risks can be minimised and fraudulent applications detected way before they can do any harm.
Join this panel where we’ll discuss:
-How predictive analytics can help spot fraudulent applications before they can do proper damage
-How new technologies can help investigate and monitor specific claims
-The need for more transparency throughout the claiming process and the importance of identity validation
-Improving the customer journey by empowering the individual to report and settle claims online or through mobile devices
JP Vergne (Scotiabank Lab, Ivey B-School), Alexander Hinchliffe (Palo Alto), Samee Zafar (Edgar Dunn) Mark Lavender (BT)
Bitcoin has been making remarkable breakthroughs in the currency world. Its ability to allow users to be fully in control of their transactions along with its no-borders transfer policy have made it attractive to both investors and consumers alike.
However, recent reports have revealed a darker side to Bitcoin. The cryptocurrency is being hoarded by financial institutions as ransom money to pay off potential cyber attackers. Has Bitcoin officially crossed the line and now become a black market currency? Has its untraceable nature inspired the new generation of cyber criminals to initiate unprecedented levels of targeted Ransomware attacks?
Join this panel of industry-leading speakers, who'll be discussing the following:
-Why has Bitcoin-related ransomware become more popular in recent years?
-How can you prevent a Ransomware outbreak in your organisation?
-Is it possible to catch and subsequently prosecute blockchain criminals?
-How can authorities and financial institutions adopt and adapt in the face of rising levels of Ransomware threats?
Oliver Pinson-Roxburgh, EMEA Director of Solutions Architecture
For many businesses, security, compliance and data protection in the cloud have been a major challenge due to the shared responsibility model and automation of public cloud infrastructure. Trying to force fit traditional security tools into an agile infrastructure like AWS can be time consuming and clumsy, and ensuring consistent security controls requires new practices for security and auditing teams.
Register for this impactful webinar presented by Oliver Pinson-Roxburgh, EMEA Director of Solutions Architecture at Alert Logic, as he walks through the vital AWS security best practices you need to know about and how to design your application security strategy so that it integrates with AWS.
Securing AWS Tried and Tested Continuous Security Strategy:
• Tradition is out: where traditional security does and doesn’t fit
• Where to start: what to do within the first 5 minutes of setting up your AWS account
• Visibility into your AWS infrastructure where to go to get security value
• Top AWS Security Best Practices
Rob Laurence, Michael Gronager (Chainalysis), Lory Kehoe (Deloitte), John Erik Setsaas (Signicat), Leda Glyptis (Sapient)
It goes without saying that compliance and security have the highest of priorities within an organisation. In the digital world, however, effective compliance and security comes at a high cost. In this session we consider the value of Blockchain technology in ensuring compliance and security in digital transactions.
Join the panel where the following points will be discussed:
· Where is Blockchain being used to deliver compliance and security?
· Does Blockchain actually improve compliance and security?
· What case studies exist to actually demonstrate this?
· What role does Blockchain have with device-to-device communications and the IOT?
· Can Blockchain improve the customer experience in user-centric digital services or is it just an underlying technology?
· Is Blockchain better than existing technologies and approaches or is it really just hyped up by the tech industry?
Tom Meredith (SmartToken Chain), Ali Raza (CCG Catalyst)
Every person on the planet has a mobile phone, but 2 Billion people are “Un-banked”.
Banks and telecoms are in a Gold Rush to bank the unbanked, but many obstacles remain. Money transfers are some of the most popular transactions made by both the banked and the unbanked. However, building trust in this new service is definitely a challenge.
Join this panel where discussion points will include:
-Who has the upper hand: Banks or Carriers?
-How can Fintech companies ensure trust and security when it comes to mobile money transfers?
-Global ISO Standards Authenticate ID and Asset Verification
-ISO Reduces Fraud and Speeds up Asset Transfers
-What are some of the security challenges new payment services are able to overcome?
-Are “Standards” emerging to reduce implementation and compliance costs?
-How do you create cross-border and Inter-bank/carrier transactions?
-How can banks and telecoms successfully bank the unbanked?
Maya Malevich - Director, Product Marketing Tufin and John Parmley- Area Vice President - US West, Tufin
For many financial services organizations, security and risk management is a necessary evil that slows down IT's ability to keep up with business needs. The conflict between security and agility becomes even greater with adoption of hybrid cloud platforms. While agility should be maintained, security and compliance become even more challenging.
By automating and orchestrating network security policies across physical and hybrid cloud platforms, it is possible to maximize both agility and security simultaneously.
Join us for this session to understand how network security change automation with inherent policy controls can help you stop the balancing act between agility and security and maximize both for your business.
As data breaches are becoming more prevalent, and more organizations are becoming targets for malicious attacks, the stakes are especially high for the healthcare industry.
Join this presentation to learn about the current cybersecurity threats and the tactics for defense organizations need to deploy for early detection and incident response. Mac McMillan, CEO and co-founder of CynergisTek will illustrate what an attack looks like, the phases of the hack, and how to use technology as well as policy to aid in detection, and then how to construct a disciplined incident response process. Lastly, learn how all of this should be integrated into a comprehensive information security strategy.
Conventional security solutions have been failing in preventing advanced threats. Join to learn how web isolation is revolutionizing cyber-security by indisputably eliminating critical attack vectors including browsers, emails and documents
Nancy Bennis, Director of Alliances, Cleversafe an IBM Company, Alex McDonald, Chair, SNIA Cloud Storage Initiative, NetApp
Object storage is a secure, simple, scalable, and cost-effective means of embracing the explosive growth of unstructured data enterprises generate every day.
Many organizations, like large service providers, have already begun to leverage software-defined object storage to support new application development and DevOps projects. Meanwhile, legacy enterprise companies are in the early stages of exploring the benefits of object storage for their particular business and are searching for how they can use cloud object storage to modernize their IT strategies, store and protect data while dramatically reducing the costs associated with legacy storage sprawl.
This Webcast will highlight the market trends towards the adoption of object storage , the definition and benefits of object storage, and the use cases that are best suited to leverage an underlying object storage infrastructure.
In this webcast you will learn:
•How to accelerate the transition from legacy storage to a cloud object architecture
•Understand the benefits of object storage
•Primary use cases
•How an object storage can enable your private, public or hybrid cloud strategy without compromising security, privacy or data governance
Brandon Cook and Srini Gurrapu of Skyhigh Networks
Office 365 usage has tripled in the last 9 months as more and more companies enable anytime, anywhere access to Microsoft’s suite of cloud services. But security and compliance require a new level of granularity when users access cloud-based systems of record from a variety of networks, locations, and devices.
In today’s cloud-first, mobile-first world, IT Security teams are creating variable trust models based on user, device, activity, and data sensitivity. In this session, we’ll share the proven 4-layer trust model for security and compliance in O365.
Data breaches are on the rise. The constant threat of cyber attacks combined with the high cost and a shortage of skilled security engineers has put many companies at risk. There is a shift in cybersecurity investment and IT risk and security leaders must move from trying to prevent every threat and acknowledge that perfect protection is not achievable. PCI DSS 3.2 is out with an important update on data discovery and requirements to detect security control failures.
In this webinar, cybersecurity expert Ulf Mattsson will highlight current trends in the security landscape based on major industry report findings, and discuss how we should re-think our security approach.
Changed business practices, such as employees working on the move and the adoption of the cloud and cloud resources, should be mirrored by a change in security strategies. Organizations are commonly reluctant to adopt cloud technologies over concerns with security and control over enterprise data. However at the same time, many of these same organizations opened up access to applications for employees on the move, users on personal devices, external contractors, and other third parties that created a significantly larger attack surface than cloud services would have. To combat these threats, a number of cloud-friendly segmentation and application isolation techniques can be deployed to allow organizations to safely use the cloud whilst reducing their attack surface. Specifically, application segmentation via software-defined security represents a technique to accommodate borderless applications, adoption of the cloud, and modern user behaviours.
Paul German, VP in EMEA, will discuss how the challenges presented by the next generation of information security can be overcome with practical examples and best practice tips.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.