Hi [[ session.user.profile.firstName ]]

2 Minutes on BrightTALK: Security Versus Usability

"If security doesn't work for the legitimate users, it won't be used. So when you go to the enterprise, the first thing security has to do is not annoy people too much." Renowned security blogger and pundit Bruce Schneier discusses the problems with security and usability and details what must be done to make a more secure interface.
Recorded Apr 9 2013 3 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Bruce Schneier, Security Technologist and Author
Presentation preview: 2 Minutes on BrightTALK: Security Versus Usability

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Secure Your Digital Business: Managing Authorization and Authentication Jul 12 2016 4:00 pm UTC 60 mins
    Elizabeth Lawler, CEO Conjur, Inc.
    With the rise of the digital business, organizations see a clear value in automating infrastructure. While automation provides more agility and speed, it also introduces new security risks. Organizations are no longer simply worried about controlling human access; authorization and authentication must be managed for every job, container, VM, service, and user. In this talk, we’ll discuss the security challenges organizations face in this new environment, and some strategies to help organizations manage, curate, and constrain cloud system resources and people when these entities are too numerous or dynamic to be managed by hand.
  • Virtual Data and Data Masking: The New Approach to Data Security Jul 12 2016 3:00 pm UTC 60 mins
    Matthew Yeh, Delphix, Product Marketing & Olivia Zhu, Delphix, Business Technology Consultant
    A new, data-centric approach to security is taking hold. Rather than establishing perimeter defenses in hopes of repelling breach attempts, security-minded organizations are investing in technologies that protect the interior--the data itself. In particular, the combination of virtual data and data masking is proving to be a powerful way for enterprises to safeguard sensitive data from both insider and outsider threats.

    View this webinar to learn:

    How data masking is superior to solutions based on encryption and firewalls
    What virtualized data is, and how it forms the foundation for an effective security strategy
    Why integrating data masking with virtual data reduces your surface area of risk by 90%
  • Ransomware: All your files now belong to us Jul 12 2016 10:00 am UTC 45 mins
    Peter Wood
    Ransomware is dominating the headlines, and with good reason - it is one of the biggest threats to business in 2016. It hase evolved into a self-replicating and network-aware criminal attack that can destroy smaller organisations and cause havoc in businesses of all sizes. Learn how ransomware is developing, the attack vectors and what you can do to minimise your exposure.
  • Are ransomware attacks holding the healthcare industry hostage? Jun 29 2016 4:00 pm UTC 60 mins
    Barry Fisher, Sr. Product Manager at OpenDNS
    Healthcare has become criminals most lucrative target. Why? Because medical records are worth 10 times that of credit cards. The recent digitization of the healthcare industry has rapidly expanded the attack surface to include electronic healthcare records, patient portals, IoT-enabled medical devices and more.

    Imagine losing access to all of your patient data—only to find out you are being extorted by criminals who require payment to get it back. This type of attack can disrupt life & death technologies that medical practitioners rely on to perform their jobs. Ransomware adds up to a significant threat to the healthcare industry.

    But, there are steps you can take to actively reduce the number of ransomware infections across your organization. OpenDNS and Cisco are on the forefront of helping our healthcare customers against various versions of ransomware.

    Hear from Barry Fisher, Sr. Product Manager at OpenDNS, to learn the simplest way for healthcare security practitioners to stay ahead of Ransomware attacks. You’ll learn how to:

    -Reduce ransomware infections across your organization
    -Identify the infrastructure used by attackers to connect, control and transfer the encryption keys
    -Protect medical IoT endpoints, patients’ devices and even devices that don’t run agents, like heart monitors and infusion pumps

    Register now to learn how to start covering your healthcare security gaps.
  • Understanding Account Takeover Attacks Recorded: Jun 23 2016 54 mins
    Mike Milner, CTO and Co-founder of IMMUNIO
    Over the last few years, there are a known 620 million user accounts that have been compromised across hundreds of sites. Organized cybercrime have figured out that this is the fastest, most reliable method to infiltrate organizations, as well as achieve financial gain. Since users share passwords across multiple sites, it is easier to find logins that work on a target site than try to bypass firewalls, find software flaws, or even run spearphishing campaigns.

    These types of attacks are collectively coming to be known as “Account Takeover” (ATO). Some are simple, while others are sophisticated. Some can be stopped relatively easily, and others require much more effort.

    ATO attacks (via stolen credentials) were cited as the #1 method of confirmed data breaches in both 2014 and 2015, for web applications, which itself was the #1 vector for data breaches.

    Come learn what these ATO threats are, their impact to your business, how to detect them, and what you can do about it.
  • Secure Unified Access Layer – Creating Universal Solutions Recorded: Jun 23 2016 36 mins
    Ben Wilson, Senior Director, Product Management, Fortinet
    During the past 15 years, access layer solutions have evolved, especially in terms wireless connectivity.

    Today's wireless connectivity has multiple approaches, each better meeting the specific requirements of organisations through a choice of different architectures. Whether its a refresh, redeployment, change of application or a brand new site, there are a lot of options.

    During this webinar we’ll examine different approaches and how to apply them to different verticals or deployment scenarios. As wireless connectivity continues to evolve, we will also look to the future and see how trends in new hardware can provide cutting edge solutions to meet the potential needs of tomorrow's organisations.

    The presentation will end with an overview of Fortinet's Secure Access Architecture and how it can meet today's and tomorrow's wireless requirements.
  • Data Protection and OpenStack Mitaka Recorded: Jun 22 2016 59 mins
    Sam Fineberg, Distinguished Technologist, HPE, Ben Swartzlander, OpenStack Architect, NetApp, Thomas Rivera, SNIA DPCO Chair
    This Webcast will focus on the data protection capabilities of the OpenStack Mitaka release, which includes multiple resiliency features. Join Dr. Sam Fineberg, Distinguished Technologist (HPE), and Ben Swartzlander, Project Team Lead OpenStack Manila (NetApp), as they discuss:
    - Storage-related features of Mitaka
    - Data protection capabilities – Snapshots and Backup
    - Manila share replication
    - Live migration
    - Rolling upgrades
    - HA replication

    Our experts will be on hand to answer your questions.

    This Webcast is co-sponsored by two groups within the Storage Networking Industry Association (SNIA): the Cloud Storage Initiative (CSI), and the Data Protection & Capacity Optimization Committee (DPCO).
  • Combating Targeted Attacks to Protect Payment Data and Identify Threats Recorded: Jun 22 2016 61 mins
    Moderator: Colin Whittaker, PCI Industry Alumni; George Rice, HPE Security; Mike Urban, Javelin, Miguel Gracia,CardConnect
    The face of the threat landscape is becoming increasingly sophisticated and highly targeted. Advanced threats are succeeding in their effort to gain access to payment data of target organizations. CISOs, CXOs, and other executives need to become knowledgeable about the potential impacts of targeted attacks and advanced persistent threats. They need to become actively engaged in developing and implementing effective protective strategies.

    During this webinar we will discuss recommendations and best practices to help organizations develop a sustainable security program designed to respond quickly to targeted attacks and minimize the consequences of any data breaches.
  • Next-Generation Security: Don’t Go Soft on Security in SDN Recorded: Jun 22 2016 50 mins
    Stan Mesceda, Sr Product Manager – Gemalto
    Technologies like software defined networking (SDN) provide flexibility and efficiency, but where does security fit in? SDN, like any network can be attacked at each network component. And as bandwidths increase to 100G and beyond, the rate of data transfer and the risks escalate, both on the physical and virtual plane. So what can you do to protect your networks and the data that travels through them?
  • In or Out? The Cybersecurity Impact of the UK Leaving the EU Recorded: Jun 22 2016 301 mins
    Peter Wood
    What will be the impact on cybersecurity in the UK if Brexit becomes a reality? Cybersecurity professionals and UK government have voiced their opinions and Peter Wood has distilled the key arguments into this independent analysis.
  • Malware Attack "Fan-out" Effect in the Cloud Recorded: Jun 21 2016 60 mins
    Krishna Narayanaswamy, Founder and Chief Scientist, Netskope
    The rapid rise in cloud adoption – of which corporate IT has underestimated the scope by as much as 10x - has created a new effect: a “cloud attack fan-out.” Between many connected devices, which increase the attack surface, and capabilities like sync and share, which increase data velocity in the cloud, both the propensity and the severity of a breach rise.

    Join Krishna Narayanaswamy, Founder and Chief Scientist of cloud security company Netskope, as he takes an in-depth look at data breaches involving cloud services and how they come about. Krishna will take a fun, CSI-like presentation approach and draw upon unique, anonymized data seen in the cloud to illustrate:

    - The multiplier effect that that the cloud can have on the probability of a data breach
    - Three real-world examples in which the cloud can play a role in data breaches, including a step-by-step review of a recent exploit found in a cloud storage app
    - How to identify data breaches in an enterprise cloud environment using advanced anomaly detection techniques
    - A forensic walk-through in the reconstruction of a complex audit following a data breach
    - Best practices for mitigating breaches as well as monitoring and protecting sensitive enterprise data in the cloud
  • Empower your Mobile Workforce: Secure and Protected Mobile Environment Recorded: Jun 20 2016 53 mins
    Alex Shteynberg & David Hansford, Microsoft
    29% of today’s global workforce use 3+ devices, work from multiple locations and use multiple apps, while 80%+ employees admit to using non-approved software-as-a-serve (SaaS) applications in their jobs. How do you boost productivity, collaboration, and agility with real-time access to business tools and information while keeping it all secure?

    Join this webcast to learn:
    •How to protect your mobile productivity tools
    •How to save money and set up quickly
    •Keep your data secure on the move
    •Protect everything—across devices, operating systems and applications
  • Windows 10: Digital Transformation through Affordable Innovation Recorded: Jun 16 2016 17 mins
    Peter Gossin, Digital Transformation Manager, Microsoft
    Digital transformation is the process of using today’s technology to modernize outdated processes and meet the most pressing needs of your business.

    Thanks to recent advances in lower cost tablet technology and Microsoft’s suite of cloud and productivity services, complete digital transformation is more accessible now than ever before. A new class of affordable devices is revolutionizing the way businesses and their employees work and interact with customers.

    Sign up now to:
    •Engage your customers
    •Empower your employees
    •Optimize your operations
    •Transform your products
  • Deception as Threat: Targeted Attack Detection and Mitigation Recorded: Jun 16 2016 48 mins
    Kevin O'Brien, CEO, GreatHorn
    As detection of malware and exploits at the perimeter and endpoint becomes more effective, attackers are increasingly using a combination of social engineering and direct end-user outreach to bypass technological controls. The most common source for cyberattacks today is not malicious code, but exploits of trust, typically over email.
    In this session, cybersecurity veteran Kevin O'Brien (@stake, Thomson Reuters, CloudLock, GreatHorn) will look at these new patterns, and provide a general framework for response to defend your organization.
  • Supporting Legacy Infrastructure on the Way to the Cloud Recorded: Jun 16 2016 47 mins
    Andras Cser, Principal Analyst at Forrester; David Meyer, VP Product at OneLogin
    Join featured speaker Forrester Principal Analyst Andras Cser and OneLogin VP Product David Meyer as they discuss how to protect legacy investments, while securely expanding cloud application portfolios and extending identity management to devices.

    The following topics will be covered:

    – Benefits of a unified cloud directory
    – Support for IT protocols including LDAP, RADIUS, and more
    – Support for directory consolidation
    – Secure access to WiFi, VPN, SSH, on-prem and cloud applications
    – Extending identity management to the device
    – Cloud-based replacement for on-premises Active Directory and LDAP directories
    – Demonstration of key IDaaS features
    – Q&A
  • IT Security: Incident Planning and Response Recorded: Jun 16 2016 59 mins
    Mark Essayian, Microsoft
    It’s critical to know what is going on inside your network, what technology is being snuck into your firm, and how to educate employees about security precautions. IT management has a clear responsibility to protect, defend and remain vigilant over all systems and it doesn’t stop at antivirus on the desktop and a firewall to the Internet.

    Join this webcast to learn:
    •Why SMB’s are a prime target
    •How to help prevent your employees from being your biggest security threat
    •Proper asset inventory – you cannot protect what you do not know about
    •Protection and planning to prevent and/or mitigate a breach
  • Prescription for Protection - Avoid Treatment Errors To The Malware Problem Recorded: Jun 15 2016 47 mins
    Eric Vanderburg, Director, Information Systems & Security and Bogdan Salamakha, Security Analyst, JURINNOV LLC
    Malware is an ailment many companies suffer from but the prescription for protection is simpler than you think. In this presentation, Vanderburg and Salamakha apply the five rights for avoiding drug errors to the malware problem.
    1) Right client – Authentication
    2) Right route – Gaps and strategies
    3) Right drug – Security controls
    4) Right dose – Security/business balance
    5) Right time – Staying up to date. Stay healthy, stay safe.

    Presenters:
    Eric Vanderburg, Director, Information Systems & Security
    JURINNOV LLC

    Bogdan Salamakha, Security Analyst
    JURINNOV LLC
  • Infosecurity 2016: The Insider Threat is still the Most Dangerous Recorded: Jun 15 2016 3 mins
    Martin Sugden, CEO, Boldon James
    - Infosecurity Europe 2016 -

    BrightTALK was delighted to catch up with Boldon James' CEO Martin Sugden to hear his thoughts on the cyber security industry.

    Martin covered topics including the San Bernadino iPhone unlock case and the surrounding influence on encryption. He also addressed how financial institutions can better protect themselves from data breaches and cyber criminals; who the principal threat actors are these days, especially the insider threat and he covered the bright future for data-driven security.
  • Infosecurity 2016: Tristan Liverpool, F5 Networks Recorded: Jun 15 2016 3 mins
    Tristan Liverpool, Director of Systems Engineering, F5 Networks
    - Infosecurity Europe 2016 -

    BrightTALK got the chance to speak with F5 Networks' Tristan Liverpool and hear his thoughts on the current cyber landscape.

    Tristan gave his insights into application security; the challenges around data protection and the regulations from government; the potential influence of a UK Brexit from Europe on cyber security; how to protect the financial industry from cyber criminals; developments in social engineering and improving your perimeter security.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: 2 Minutes on BrightTALK: Security Versus Usability
  • Live at: Apr 9 2013 12:45 pm
  • Presented by: Bruce Schneier, Security Technologist and Author
  • From:
Your email has been sent.
or close