Panel: The Single Greatest Challenge in Data Security for 2013
In this thought-provoking panel session, 4 leading security experts will discuss what they think is the greatest challenge in data security for 2013.
Peter Judge, UK editor for TechWeekEurope (moderator)
Sarb Sembhi, Director of security consultancy Incoming Thought
Stilianos Vidalis, Lecturer in digital forensics and cyber security at Staffordshire University
David Willson, Attorney at law and owner of Titan Info Sec Group
Following a 40min discussion, the panelists will answer your questions during a live Q&A.
RecordedJan 16 201358 mins
Your place is confirmed, we'll send you email reminders
Brandon Cook and Srini Gurrapu of Skyhigh Networks
Office 365 usage has tripled in the last 9 months as more and more companies enable anytime, anywhere access to Microsoft’s suite of cloud services. But security and compliance require a new level of granularity when users access cloud-based systems of record from a variety of networks, locations, and devices.
In today’s cloud-first, mobile-first world, IT Security teams are creating variable trust models based on user, device, activity, and data sensitivity. In this session, we’ll share the proven 4-layer trust model for security and compliance in O365.
Data breaches are on the rise. The constant threat of cyber attacks combined with the high cost and a shortage of skilled security engineers has put many companies at risk. There is a shift in cybersecurity investment and IT risk and security leaders must move from trying to prevent every threat and acknowledge that perfect protection is not achievable. PCI DSS 3.2 is out with an important update on data discovery and requirements to detect security control failures.
In this webinar, cybersecurity expert Ulf Mattsson will highlight current trends in the security landscape based on major industry report findings, and discuss how we should re-think our security approach.
Changed business practices, such as employees working on the move and the adoption of the cloud and cloud resources, should be mirrored by a change in security strategies. Organizations are commonly reluctant to adopt cloud technologies over concerns with security and control over enterprise data. However at the same time, many of these same organizations opened up access to applications for employees on the move, users on personal devices, external contractors, and other third parties that created a significantly larger attack surface than cloud services would have. To combat these threats, a number of cloud-friendly segmentation and application isolation techniques can be deployed to allow organizations to safely use the cloud whilst reducing their attack surface. Specifically, application segmentation via software-defined security represents a technique to accommodate borderless applications, adoption of the cloud, and modern user behaviours.
Paul German, VP in EMEA, will discuss how the challenges presented by the next generation of information security can be overcome with practical examples and best practice tips.
Sian John (Chief Strategist) & Zoltán Précsényi (Senior Manager Government Affairs) - Symantec
When a breach occurs the most damaged areas for the business are reputation, revenue and repeat business. Protecting these means having strong controls in place to prevent the breach, and clear communications if (when) it happens. The EU-GDPR requires a breach to be notified within 72 hours of discovery, strong protection process allows the business to control what/who needs to be notified, and limit potential damage.
Join this webcast to find out the latest on the General Data Protection Regulation.
Mary Jane Kelly, Security Consultant - RMG at NCC Group
While social engineering is an age-old tactic employed by con artists and attackers alike, increasing interconnectedness of social media accounts has made it easier than ever to obtain enough information to launch successful attacks such as spear phishing.
In this talk, MJ Kelly explores the emerging dangers of information exposure through social media and its increasing attack surface. She presents practical strategies for protecting yourself and your company, including social media security awareness, identity verification, and recovery from hijacked online identity.
Dr. Srinivas Mukkamala, Co-founder and CEO, RiskSense Inc.
While organizations spend huge sums of money every year to maintain a security perimeter designed to fend off cyber and insider threats, reports about breaches at organizations such as Hyatt, DNC, Twitter, and SWIFT are raising doubts about the effectiveness of these investments. In turn, cyber security insurance has emerged as a stop-gap to protect stakeholders from the shortcomings of siloed risk management processes. However, insurance policies are not a replacement for improving a company’s cyber security posture.
In this session, renowned cyber security expert Dr. Srinivas Mukkamala will outline the challenges posed by today’s dynamic threat landscape. He will explain how organizations can operationalize cyber risk management and implement a pro-active, rather than reactive, approach to threat prevention, detection and response. Dr. Mukkamala will reveal best practices in how to identify, quantify, and remediate imminent cyber risk across a growing attack surface.
Enabling secure BYOD has long been a challenge for IT. Attempts to secure these devices with agents and device management tools like MDM have been met with widespread employee concerns about privacy and usability, and as a result, organizations see low rates of adoption. Requiring that employees use these install these cumbersome device management tools or access data solely from managed devices are solutions fraught with issues. Employees need the flexibility to work from any device, anywhere.
In this webinar, we'll discuss how IT can limit risk of data leakage amid changing user habits. Learn how organizations across all industries are enabling secure mobility and productivity with a zero-touch, agentless solution.
Mark Weatherford, Chief Cybersecurity Strategist, vArmour
As the global cyber threat environment continues to evolve, organizations need to begin thinking differently about information security and the protection of their infrastructure. The evolution from perimeter-centric, hardware-based environments to virtualized data centers and the cloud is underway and many organizations are late to the game. As CIO’s and CISO’s are driven to transition their CapEx investments to OpEx spending, the economic efficiencies of the cloud provide a rational path to those goals. From a security perspective however, security models that don’t sufficiently address workload and application-aware segmentation, lateral traffic visibility, and network-based threat detection of on-premises data center and public cloud-based environments leave a huge gap in the overall security posture.
This talk will provide CIO's and CISO's struggling with decisions about migration to the cloud with some thoughts about how the cloud can be the catalyst that improves security while also reducing costs and technology footprint.
With the rise of the digital business, organizations see a clear value in automating infrastructure. While automation provides more agility and speed, it also introduces new security risks. Organizations are no longer simply worried about controlling human access; authorization and authentication must be managed for every job, container, VM, service, and user. In this talk, we’ll discuss the security challenges organizations face in this new environment, and some strategies to help organizations manage, curate, and constrain cloud system resources and people when these entities are too numerous or dynamic to be managed by hand.
Matthew Yeh, Delphix, Product Marketing & Olivia Zhu, Delphix, Business Technology Consultant
A new, data-centric approach to security is taking hold. Rather than establishing perimeter defenses in hopes of repelling breach attempts, security-minded organizations are investing in technologies that protect the interior--the data itself. In particular, the combination of virtual data and data masking is proving to be a powerful way for enterprises to safeguard sensitive data from both insider and outsider threats.
View this webinar to learn:
How data masking is superior to solutions based on encryption and firewalls
What virtualized data is, and how it forms the foundation for an effective security strategy
Why integrating data masking with virtual data reduces your surface area of risk by 90%
Ransomware is dominating the headlines, and with good reason - it is one of the biggest threats to business in 2016. It hase evolved into a self-replicating and network-aware criminal attack that can destroy smaller organisations and cause havoc in businesses of all sizes. Learn how ransomware is developing, the attack vectors and what you can do to minimise your exposure.
Healthcare has become criminals most lucrative target. Why? Because medical records are worth 10 times that of credit cards. The recent digitization of the healthcare industry has rapidly expanded the attack surface to include electronic healthcare records, patient portals, IoT-enabled medical devices and more.
Imagine losing access to all of your patient data—only to find out you are being extorted by criminals who require payment to get it back. This type of attack can disrupt life & death technologies that medical practitioners rely on to perform their jobs. Ransomware adds up to a significant threat to the healthcare industry.
But, there are steps you can take to actively reduce the number of ransomware infections across your organization. OpenDNS and Cisco are on the forefront of helping our healthcare customers against various versions of ransomware.
Hear from Barry Fisher, Sr. Product Manager at OpenDNS, to learn the simplest way for healthcare security practitioners to stay ahead of Ransomware attacks. You’ll learn how to:
-Reduce ransomware infections across your organization
-Identify the infrastructure used by attackers to connect, control and transfer the encryption keys
-Protect medical IoT endpoints, patients’ devices and even devices that don’t run agents, like heart monitors and infusion pumps
Register now to learn how to start covering your healthcare security gaps.
Istvan Rabai, Chief IT Security Officer (CISO) at Signalhorn
Signalhorn’s Chief IT Security Officer (CISO) Istvan Rabai presents an overview of present-day IT security.
The focus of this webinar will be on identifying specific vulnerabilities and measures to improve the security of a communication network.
Istvan will show - from his own first-hand experience, how an actual incident became the catalyst for the implementation of a state-of-the-art secure infrastructure that currently serves an impressive number of Government, NGO and security sensitive Corporate customers.
The webinar will cover several key aspects, but as there is no blueprint solution for all security issues, you will have the opportunity to address yours individually in the Q&A discussion at the end of the session.
This is what you will learn in this session:
- Main aspects of IT security
- Essential steps to guarantee IT security
- Typical preventive measures
- Typical redundant managed networks
- Case study: The Signalhorn IT security story
Over the last few years, there are a known 620 million user accounts that have been compromised across hundreds of sites. Organized cybercrime have figured out that this is the fastest, most reliable method to infiltrate organizations, as well as achieve financial gain. Since users share passwords across multiple sites, it is easier to find logins that work on a target site than try to bypass firewalls, find software flaws, or even run spearphishing campaigns.
These types of attacks are collectively coming to be known as “Account Takeover” (ATO). Some are simple, while others are sophisticated. Some can be stopped relatively easily, and others require much more effort.
ATO attacks (via stolen credentials) were cited as the #1 method of confirmed data breaches in both 2014 and 2015, for web applications, which itself was the #1 vector for data breaches.
Come learn what these ATO threats are, their impact to your business, how to detect them, and what you can do about it.
Ben Wilson, Senior Director, Product Management, Fortinet
During the past 15 years, access layer solutions have evolved, especially in terms wireless connectivity.
Today's wireless connectivity has multiple approaches, each better meeting the specific requirements of organisations through a choice of different architectures. Whether its a refresh, redeployment, change of application or a brand new site, there are a lot of options.
During this webinar we’ll examine different approaches and how to apply them to different verticals or deployment scenarios. As wireless connectivity continues to evolve, we will also look to the future and see how trends in new hardware can provide cutting edge solutions to meet the potential needs of tomorrow's organisations.
The presentation will end with an overview of Fortinet's Secure Access Architecture and how it can meet today's and tomorrow's wireless requirements.
Sam Fineberg, Distinguished Technologist, HPE, Ben Swartzlander, OpenStack Architect, NetApp, Thomas Rivera, SNIA DPCO Chair
This Webcast will focus on the data protection capabilities of the OpenStack Mitaka release, which includes multiple resiliency features. Join Dr. Sam Fineberg, Distinguished Technologist (HPE), and Ben Swartzlander, Project Team Lead OpenStack Manila (NetApp), as they discuss:
- Storage-related features of Mitaka
- Data protection capabilities – Snapshots and Backup
- Manila share replication
- Live migration
- Rolling upgrades
- HA replication
Our experts will be on hand to answer your questions.
This Webcast is co-sponsored by two groups within the Storage Networking Industry Association (SNIA): the Cloud Storage Initiative (CSI), and the Data Protection & Capacity Optimization Committee (DPCO).
Moderator: Colin Whittaker, PCI Industry Alumni; George Rice, HPE Security; Mike Urban, Javelin, Miguel Gracia,CardConnect
The face of the threat landscape is becoming increasingly sophisticated and highly targeted. Advanced threats are succeeding in their effort to gain access to payment data of target organizations. CISOs, CXOs, and other executives need to become knowledgeable about the potential impacts of targeted attacks and advanced persistent threats. They need to become actively engaged in developing and implementing effective protective strategies.
During this webinar we will discuss recommendations and best practices to help organizations develop a sustainable security program designed to respond quickly to targeted attacks and minimize the consequences of any data breaches.
Technologies like software defined networking (SDN) provide flexibility and efficiency, but where does security fit in? SDN, like any network can be attacked at each network component. And as bandwidths increase to 100G and beyond, the rate of data transfer and the risks escalate, both on the physical and virtual plane. So what can you do to protect your networks and the data that travels through them?
What will be the impact on cybersecurity in the UK when Brexit becomes a reality? Cyber security professionals and UK government have voiced their opinions and Peter Wood has distilled the key arguments into this independent analysis.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.
The pervasiveness of shadow IT is a result of the tremendous value these SaaS applications are providing to end users. Because of data exposure and threat insertion risks, users can’t run unchecked. A sledgehammer approach of simply blocking applications is not the right approach. Disrupting business critical applications while blocking risky applications will have significant business impact since users have become accustomed to using these applications to do their daily jobs. This has never been truer than with Office 365. This puts a spotlight on the existing challenge of securing SaaS applications that can no longer be ignored.
Enable safe usage of SaaS applications, including Office 365, with complete visibly and granular enforcement across user, folder and file activity within the applications to prevent data risk and compliance violations.
This webinar will show you how to:
● Satisfy compliance requirements while still maintaining the benefits of SaaS based application services.
● Protect corporate data from malicious and inadvertent exposure after it has left the traditional corporate perimeter.
● Protect against new insertion and distribution points for malware.
● Gain visibility and granular, context-based control of SaaS applications.
Outsourcing is a critical strategy for supporting user productivity and business growth. Remote third-party access to an organization’s internal systems is an inherent requirement for outsourced services, maintenance, and support.
Many companies overlook this remote vendor access as an area that requires tight security controls. But the fact is, 63% of attacks are caused by security vulnerabilities introduced by a third party.
Join CyberArk and (ISC)2 on Jun 29, 2016 at 2:00p.m. (Singapore Time) for a Security Briefing that you will learn more about this hidden security weak spot – and discover 5 ways to mitigate risk of attack through remote third-party access.
The only thing that is constant is change. As we face a change in the administration and possible changes in the SES framework, it is important to realize that change can bring about creativity and innovation. Join us for this viewcast as we explore some the potential changes that are unique to federal government agencies, and examine organizations that, despite the negative impacts of change, reinvented themselves or their processes to meeting increasing demands.
As organizations compete for the same consumers, many companies are turning to live-streaming video content to better engage their online audience. But to deliver the live streaming experience viewers expect, organizations need a technical plan that will support successful live-streaming to viewers around the globe on any device.
Whether you are delivering live-streaming events now or are looking to add them to your existing VOD workflow, join us for this live webinar where our expert will outline key considerations for delivering live-streaming video to ensure the highest Quality of Experience for viewers.
This webinar will cover:
• Advanced planning you must do before live-streaming events
• Execution pitfalls to avoid
• Designing an efficient workflow
• Delivering to a diversity of devices
• Protecting your content from unauthorized access or theft
In the borderless world of Cloud computing, everything changes from anywhere access to anything as-a-service. While organizations are keen to reap the benefits the cloud offers, many fall shy of adoption for two reasons: security and control. Cloud computing imposes significant security risks on the corporation, network, IT and the day to day activities of the business. How do organizations maintain compliance, control and ownership of sensitive data as they move from the physical environment to a cloud world when the distribution of data may not be completely controlled by the data owner, and there is liability confusion as cloud service providers take on a larger role? Join HPE Security - Data Security and (ISC)2 on June 28, 2016 at 1:00PM Eastern for Part 1 of a 3 part Security Briefings series examining the key security challenges faced when moving to the Cloud.
Financial firms of all shapes and sizes are facing advanced threats on a daily basis – rarely a day goes by without seeing another headline about a cyberattack or data breach. Cybercriminals are going after the most sensitive data knowing how and where to find it.
With compliance standards and audit regulations becoming more stringent, and the rising prevalence of cyber threats, the need to protect vulnerable critical information has never been more important. During this webinar, CounterTack and Proficio will discuss the growing need for financial institutions to have next-generation endpoint security solutions combined with 24x7 security monitoring and alerting.
During this session you learn:
• Why endpoints have become the focus for attackers
• What you can do to secure endpoints in today’s threat landscape
• Best practices for meeting security regulation and compliance standards
• The role of security monitoring and alerting in keeping critical assets safe
Las presiones de seguridad continúan aumentando – hoy más que nunca. Sabemos que probablemente usted esté bajo estrés, no satisfecho, y bajo ataques. Trustwave encuesto a 1.414 profesionales de seguridad informática para entender los factores emocionales que contribuyen a sus dolores de cabeza y desafíos. Súmate a aprender como aliviar esos puntos de dolor y escaparle a la presión.
Durante este webinar compartiremos resultados del 2016 Security Pressures Report e incluiremos:
• ¿Los profesionales de seguridad sienten que tienen suficientes habilidades y personal?
• ¿Cómo han cambiado año a año las presiones de seguridad en general?
• ¿Cuáles son algunas recomendaciones prácticas que puedes implementar en tu organización para reducir la presión?
Random numbers are the lifeblood of crypto but are often taken for granted. Poor randomness makes keys more predictable and weakens security. Getting random number generation right is already a challenge, and in the virtualized world of cloud computing and constrained devices of the IoT, the situation is likely to get worse.
Join our live webinar to learn how you can easily upgrade your systems to take the uncertainty out of random number generation.
*Assess your current systems – learn why random numbers are so critical, how they are generated and if you can prove that everything is working
*Learn about ways to generate entropy, improve random numbers and test for compliance
*Deploy solutions to strengthen your data center and distributed applications without expensive changes or operational burden
Over the last decade, cyber security has evolved from a niche concern confined to IT professionals to a major priority for CEOs and boards of directors. Company leaders are now charged with managing cyber risk with the same urgency that they have managed traditional business risk.
The emergence of cyber risk as a centerpiece of risk management is being fueled by new and increasingly complex threats. Organizations must deal with a quickly evolving set of threats to their information systems and data. Many of these threats were unimaginable just a few years ago.
In this discussion, we explain the different forms of cyber risk and show how the threat level has risen in recent years. We also provide a basic framework for managing cyber risk, and finally, we pose five key questions business leaders should ask themselves to ensure their security posture is sufficiently robust and resilient to meet evolving threats.
Register for this webinar today. As usual, we’ll leave time for Q&A.
Your identity and governance practices are well established, but they might not be as comprehensive as they need to be. Going beyond the basics is critical to greatly reduce security risk and improve efficiencies.
Join CA Technologies security expert, John Hawley, to examine how to broaden the scope of governance to include privileged users, contractors, and business partners, as well as controlling access to physical assets. You’ll also learn the important role of identity performance analytics in a governance deployment.