Accelerating Cloud Adoption Using Virtualization Mgmt Standards

The SolarWinds Hack and response is creating new cyber security science and awareness of survivorship bias. Since Dec 13th, 2020 DHS/CISA has issued elaborate, regularly updated guidance to all government agencies and private sector organizations on how to respond, contain, recover and mitigate unprecedented and immeasurable insider data breach risk posed by the Russian Intelligence APT29 group. To address newly discovered stealth operations and privileged identity exploits, MITRE has also concluded new techniques need to be defined and added to their popular ATT&CK framework. We will review key CISA guidance to both Organizational Leaders and SOC teams, sharing new best-practices and suggested new ATT&CK techniques for threat hunters, compliance groups and DFIR practitioners.

About Valentin Bercovici:
Val is founder and CEO at Chainkit, democratizing trust throughout digital transformation. Previously, Val was co-founder, now senior advisor at Peritus.ai, focused on AIops via machine learning. A Cloud, Big Data & DevOps pioneer, Val was a founding member of the governing board at the Cloud Native Compute Foundation (CNCF), the Linux Foundation’s home for Google’s Kubernetes, and most popular open source project. Val has enjoyed a long leadership career. Previously, at NetApp/SolidFire, he launched multibillion-dollar storage and compliance products, created the competitive team and strategy, directed new research investments for the NetApp Data Fabric roadmap, and served as SolidFire’s CTO. A pioneer in the cloud industry, Val led the creation of NetApp’s cloud strategy and introduced the first international cloud standard to the marketplace as CDMI (ISO INCITS 17826) in 2012. Val advises numerous data-driven start-ups and is passionate about improving diversity within the tech industry. He has several patents issued and pending around data centre applications of augmented reality and data authenticity.

Working from home has caused many firm’s attack surface to grow exponentially overnight. Where there might have been three locations prior to the advent of COVID19, there could now be 300 or 3,000.

Many firms are concerned with this and have shored up their security around remote access significantly. But what if the risk was still located inside their network. From careless staff to rogue employees, the consequences your business could face if tampered by an insider are unfathomable.

Research has suggested that 75% of all breaches could be avoided by better management of third party access and insider threats.

The principles of Zero Trust and least privilege is a method by which each employee is provided access to just what is needed for their job and nothing more.

The term “Zero Trust” was coined by Forrester Research analyst and thought-leader John Kindervag, and follows the motto, “never trust, always verify.” His ground-breaking point of view was based on the assumption that risk is an inherent factor both inside and outside the network.

Come hear some practical examples of how to get started utilizing zero trust in your organization to protect yourself from internal risk of employees and third parties accessing your network.

Dealing with the threats from insiders who have administrative privilege in your systems is a challenge enough, but how do you handle the risk that comes from vendors and other third parties such as contractors who need privileged access? These are usually trusted vendors and have undergone some vetting but it isn't usually as rigorous as your internal processes and your visibility into their employee’s background and activities within your systems can be opaque. We will go over why this kind of access represents an outsized risk to security and compliance, the challenges of managing these “Inside-Outsiders” and give some best practices to make sure that their access is as secure, compliant and efficient as your internal employees.

About Tony Howlett:
Tony Howlett is a published author and speaker on various security, compliance, and
technology topics. He serves as President of (ISC)2 Austin Chapter and is an Advisory Board
Member of GIAC/SANS. He is a certified AWS Solutions Architect and holds the CISSP, GNSA
certifications, and a B.B.A in Management Information Systems. He has previously served at
CTO for Codero, a managed cloud hosting provider and CTO of Network Security Services, a
security and compliance consulting firm, as well as founding InfoHighway Communications, one
of the nation’s first high speed internet access providers. Tony is currently the CISO at
SecureLink.

The COVID-19 Pandemic has amplified cybersecurity concerns particularly related to the cloud. Threat actors have recognized a unique opportunity to exploit pandemic-related vulnerabilities through social engineering attacks, business email compromise, work from home or other remote weak points. This results in increased risk and occurrence of ransomware attacks and data breaches that can disrupt or totally compromise organizations’ ability to conduct business. These security incidents can also subject victims to liability for violations of privacy and data breach notification laws. Join this webcast as SNIA experts will discuss:
• Changing threat landscape due to COVID
• Recent attacker exploits
• Common security failures and their consequences
• Data Protection (Mounir)
o Strategies to combat malware
o Minimizing ransomware risks
• How emerging technologies (5G, IoT, AI, etc.) expand the threat landscape

The 2020 US presidential election is behind us, but the key cybersecurity issues surrounding election integrity could linger for years to come. From ransomware attacks on local governments, to the untamed spread of disinformation, to experimenting with online voting apps and the myriad of vulnerabilities uncovered across election infrastructures, cybersecurity had never before taken such a central place in the national conversation as it did in 2020.

So, what have we learned in the aftermath? And how can we apply it to better protect upcoming elections as well as enterprises, customers and employees?

Join this interactive panel with security experts and tech leaders to learn the biggest lessons from the election from a cybersecurity and privacy standpoint. Discover what went down, what could have gone better and how to prepare for the midterm elections in 2022.

- Can we build a hack-free election
- Does misinformation on social sites impact how people vote and what can be done to stop the spread
- What was new this time and what should security leaders keep in mind for their organizations
- Would it be safer if we brought the voting process online or in app
- Can nation state actors change voter rolls or polling data
- What the biggest election threats mean for industry
- Key takeaways for cybersecurity leaders

Panelists:
- Jim Richberg, Public Sector Field CISO at Fortinet
- W. Curtis Preston, Chief Technical Evangelist, Druva

This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.

The MITRE ATT&CK framework has become an excellent way for security professionals to understand and describe threats. However, most of the time, it is used to describe the actions of external threats.

But what about the insider threats? According to Forrester, 25% of breaches resulted from internal incidents, and almost half of them were malicious. In the past few years, insider threats have evolved in several aspects from how sensitive data leaves the organization to ways in which privilege access gets misused, creating risks for organizations to mitigate. The proliferation of cloud applications and the current remote work setup make tracking and protecting sensitive data extremely challenging.

Can we use the MITRE ATT&CK framework to help us describe, understand, and finally detect and protect against insider threats? If the framework often describes and supports threat detection of external threats, does it also help deal with insider threats? What organizations should expect from this exercise, and what do they need to do differently to achieve the desired results?

Join Augusto Barros, VP of Solutions at Securonix, to learn about:

• How insider threats have evolved and the new challenges they present?
• How the MITRE ATT&CK framework supports threat detection practices?
• How the MITRE ATT&CK framework can also help to address the issues related to insider threats?

Augusto Barros was the Research VP in the Gartner for Technical Professionals (GTP) Security and Risk Management group. He has over 20 years of experience in the IT security industry as an analyst and a security architect and officer for large enterprises.

This webcast, Tackling Insider Threat with Open Source Intelligence (OSINT), will demonstrate how OSINT can be leveraged to help identify and prevent insider threat.

Rachel will discuss the critical role OSINT can play in effective business risk management, specifically in managing insider threat.

In particular, Rachel will describe how companies can make more informed decisions about the people they employ and do business with by embedding OSINT within their recruitment and screening purposes, thereby minimising the risk of taking on high risk personnel.

Rachel will also discuss how OSINT can be used to understand an individual’s vulnerability to being an unconscious insider by, for example, inadvertently clicking on a link to a malicious website through a specifically targeted email.

Lastly, the webcast will examine the way in which organisations are using continuous OSINT methods combined with machine learning to identify and alert them to early indicators of insider threat, for example negative attitudes towards work, excessive spending, or a close association with a competitor. Indicators which when fused with other information regarding an individual such as a change in working hours or excessive data extraction, can start to build a picture of risk.

Key takeaways:
- The principles of OSINT
- The types of freely available information on people and companies
- The value OSINT brings to business risk management, specifically in managing insider threat
- How OSINT can be embedded within recruitment processes to help prevent companies taking on high risk personnel
- How understanding a company’s and individual’s online footprint can help reduce the harm caused by unconscious insiders
- How machine learning and continuous OSINT methods can help detect insider threat and provide an early warning of potential harm

Join SonicWall expert John Aarsen as he goes through the anatomy of social engineering attacks to demonstrate how people are manipulated into performing actions or divulging confidential information. These attacks have become more frequent and aggressive as attackers attempt to exploit the circumstances surrounding COVID-19. In the case of both users and organizations, overconfidence can lead to complacency, allowing such attacks to succeed. That’s why it’s crucial that you consider social engineering as your company builds its boundless cybersecurity strategy.

Threat actors are clever adversaries who prey on human error in your employee workforce to execute successful cyberattacks. They use social engineering to trick your teams into giving them access to your files and network. That’s why having a team of experienced security analysts on your side that work 24/7 is a crucial defense. When you’re up against real people who are targeting your employees, the solution isn’t a computer program but other people who know to combat these attackers.

Join Randy Pargman, Senior Director of Threat Hunting and Counterintelligence at Binary Defense and former FBI Computer Scientist, in this discussion that covers real stories from his experience with attacks targeting employees, how attackers attempt to deceive analysts, and ways to educate your workforce to defend against these attacks.

In this webinar you will learn:
- How threat actors target employees
- What next steps cyber criminals take to continue their attacks
- Examples of attacks on businesses
- Ways that an experienced SOC can combat these attacks

Improve your relationship with your developers and auditors, protect your environment, and go from frenemy to friend through streamlined processes and automated detective and corrective controls.

This session will cover tips on ways to address human error elements for development within your Google Cloud environment.

In this webinar, Changiz will cover:

- Description of cyber attacks and statistics from known and published attacks
- The most common types of attacks including phishing, ransomware, DDOS, Drive-By-Downloads, Dumpster Diving
- Why cyber attackers target people to set their attacks such as human senses, feelings, emotions, etc. with examples such as affection, kindness, greed, political and religious views, financial and employment needs
- Examples of common attacks such as phishing, social engineering, social media attacks, etc. and how they target those human senses
- Distinguishing the fake communications from the real ones
- Solutions and the importance of the SETA (Security Education, Training, and Awareness) programs for individuals and organizations

In today’s world of intense cybersecurity awareness, the daunting task of securing your workforce while employees are working from home can be very overwhelming. To address this issue most Information Technology and Information Security staff focus on digital factors, but it is important to not overlook the human factors.

The biggest human factor in Cyber Security is human behavior and the issues that result directly and indirectly from how we think, behave, and act. In this presentation I will cover the most common digital and non-digital threats I have encountered that are designed to take aim at exploiting human nature and are designed to “steer” how we act and react, as well as common mistakes in configurations and policies that can drastically impact any organizations “readiness” to protect against cyber attack. The goal of this presentation is that by the end of it you will be in a much better place of understanding the threats you and your organization face, and what you can do to resolve these issues through unified threat management, utilization of a multilayer cybersecurity approach, automation platforms in the cloud, and end user education.

Ransomware-as-a-service and big game hunting: Gain a basic understanding of the two most popular Ransomware extortion methods used by Ransomware gangs and employed to create a product to extract revenue from the victims (customers). See for yourself how to gain a foothold and understand a shift in defense posture in order to prevent catastrophic Ransomware damage.

Join this webinar to learn more about Ransomware as a business model that needs to be understood in the proper context. In that context, you are the product.

Every year top security companies, industry thought-leaders, and tech media publications come out with their predictions for the upcoming year, and every year Dan Lohrmann publishes his roundup of these security industry reports, forecasts, themes and trends.

This BrightTalk webinar will dig into the 2021 prediction report in detail.

In addition to counting down (and referencing) the top 21 security prediction reports from the leading vendors, this webinar will examine:
- Where is their agreement on what’s coming next?
- Where is their major disagreement?
- Where will cyberattacks come from next?
- Which vendors have the best reports (and why)?
- Who are the award-winners for most creative, most likely, most scary and other security industry predictions?

We'll discuss security and tech predictions on Covid-19 and working from home as well as major security incidents such as attacks on global events (like the 2021 Olympics), cyber incident response and much, much more.

We will take your questions at the end, and may even ask you to vote for your favorite predictions (or offer one of your own to share.) Join us now!

This webcast discusses the Human errors factor of cybersecurity. Organizations often focus on the processes and technology and leave out the Human aspect. Many industries embrace Human factor programs in addressing challenges and cybersecurity can learn a lot from these programs and utilize them to improve security and reduce risks.

During this webinar we will discuss; HFACS-Cyber, the need for Human Factors Programs in Cybersecurity, targeting human risk factors, and the business value of Human Factors.

Participants will take away the following:
1. The importance of including Human Factors
2. The risks removed once you include Human Factors
3. The business value and some tips on how to obtain executive support for such a program

With a greater number of organizational activities relying on technology, the focus on how to protect the use of technology is primal for all organizations. Institutions are right to focus on external threat actors to safeguard their assets. But more importantly, it is imperative that the internal structures of organizations are tuned into the strategies used to protect their activities and assets. An overwhelming majority of cyber breaches are as a result of human actions within the organization. That is a fact.

Conventional defenses are bound to fail due to the human element in the process of securing organizational infrastructure. Human behavior is only predictable to some extent. A recent report by Cyberchology notes that 80% of companies see an increased cybersecurity risk resulting from the human factor as a major challenge during the COVID-19 pandemic.

The Human Factor, therefore cannot be ignored as we formulate strategies to secure organizational infrastructure.

In this presentation, we will attempt to cover the following questions:
• What is “The Human Factor?”
• By the Numbers – Why should we worry about this Factor
• Strategies to mitigate the Human Challenges
• Case Studies

Humans are the primary target for Cyber Attackers. Most cyber-attacks against businesses start by luring humans into making errors and thus allowing attackers a foot inside the target organization’s network. Impact of such attacks can range from monetary loss to even shutting down of businesses

In this presentation, we will discuss why human errors cause so many breaches, and how security solutions are bypassed in these cases? We will also look at the story behind human error and address them to improve employee cyber behaviour in an organization

Key takeaways:
- Why cyber attackers target humans
- Impact of human errors
- How such attacks bypass Cyber Security solutions
- Steps that organizations can take to address the gaps
- Make employees your best defence against Cyber Attacks

Cloud migration is at the peak, and so the data breaches are in the cloud. The most common culprit of these breaches are human errors like improper security controls, misconfigurations etc. Complexity of security controls in public cloud providers and presence of multiple cloud providers within an organization makes it almost impossible for humans to do flawless deployments.

This webinar presents case studies on high profile data breaches that happened due to human errors. In order to tackle human errors from cloud operations, the human factor needs to be completely removed.

In this webinar you will learn how security control, operations and auditing can be baked into the deployment pipeline and make the pipeline as the only gateway for service operations.

It will discuss implementation challenges and other considerations of the deployment pipeline to achieve complete immutability of deployment.