Hi [[ session.user.profile.firstName ]]

2 Minutes on BrightTALK: Application security? Don't play catch-up.

"Application security is the biggest vulnerability spot today. You've got developers who are trained to do application development, and there's a big push for them to meet deadlines. Security has not been part of their education, security is not pushed by the business units... it's all about revenue, dollars, getting the product out there."

Richard Greenberg, Information Security Officer, Los Angeles County Public Health, discusses the best ways to involve security in the application development process to avoid greater costs down the road.
Recorded Oct 29 2013 2 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Richard Greenberg, CISSP, Information Security Officer at Los Angeles County Public Health
Presentation preview: 2 Minutes on BrightTALK: Application security? Don't play catch-up.

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Understanding Facial Recognition Technology and Consumer Privacy Implications Recorded: May 23 2019 50 mins
    Brenda Leong, Senior Counsel & Director of Strategy, FPF & Gabriela Zanfir-Fortuna, Senior Counsel, FPF
    A discussion of how various facial detection and recognition systems operate, the privacy risks associated with different levels of identification, and the impact under GDPR. Facial recognition technology can help users organize and label photos, improve online services for visually impaired users, and help stores and stadiums better serve customers. At the same time, the technology often involves the collection and use of sensitive biometric data, requiring careful assessment of the data protection issues raised. Understanding the technology and building trust are necessary to maximize the benefits and minimize the risks.

    Equally relevant is the need to expand stakeholders’ awareness and understanding of the many types of facial scanning systems, as well as the impact of accuracy differences among the many systems available today.

    It is important to understand the distinctions between facial detection systems (which, when properly designed neither create nor implicate any Personally Identifiable Information) with full-scale facial identification programs (matching a person’s image to a database in order to identify the individual to a store clerk or stadium employee who otherwise wouldn’t recognize them).

    The consumer-facing applications of facial recognition technology continue to evolve, and the technology will certainly be used in new ways in the future, and the legislative environment under GDPR must consider how such uses should be implemented to protect consumer privacy rights.
  • Impact of GDPR on Go-To-Market Strategy Recorded: May 23 2019 80 mins
    Tim Hickman, Partner, White & Case
    One year since GDPR was introduced, many of us are wondering what the future will hold. We recently hosted an in-person event with well-known legal counsel Tim Hickman, Partner at White & Case as he walked us through how it has affected the way businesses go-to-market.

    With his background and extensive knowledge on the topic, Tim discussed what you can do next to minimize risks and ensure business growth, current privacy regulations and more.
  • [PANEL] The GDPR Effect on Privacy & Security Recorded: May 22 2019 61 mins
    Elena Elkina | Reuben Thompson | Matt Walmsley | James Chappell
    On the anniversary of GDPR, we will take a look at the current state of privacy and security, and dive into how organizations are addressing these challenges.

    Viewers will learn more about:
    - Effects of GDPR: One year later
    - Is GDPR just a checkbox for businesses
    - Are we closer to a Privacy-and-Security-by-Design reality
    - Other regulation on the horizon
    - How is CCPA different from GDPR
    - Best practices for achieving and maintaining compliance

    Join this panel of experts to get the answer to all of your privacy, security and compliance questions.

    - Elena Elkina, Partner at Aleada Consulting (Moderator)
    - Reuben Thompson, VP of Technology at Gospel Technology
    - Matt Walmsley, Head of EMEA Marketing, Vectra Networks
    - James Chappell, Founder and Chief Innovation Officer, Digital Shadows
  • GDPR - A new global standard? Recorded: May 22 2019 44 mins
    Guy Cohen, Strategy & Policy Lead, Privitar
    This year has seen an eruption of new data protection bills and laws, as many countries follow Europe's lead in enacting their first, or stronger, data protection laws. For many global organisations a fracturing of data protection law poses a costly compliance burden and many would like to enforce one standard across their operations. But to what extent are these countries responses similar? Is there a new global standard, and if so is it the GDPR? To what extent do these changes overlap, and what trends not seen in the GDPR are emerging too?

    This talk will explore how the world of data protection has changed since the GDPR was passed last year. In particular it will look at how the US policy landscape is changing and the extent to which GDPR concepts are coming through. The US is undergoing enormous change, with the CCPA coming into effect next year, various proposed federal bills, amendments to sector bills, and 16 state level bills all being debated. The talk will highlight some similarities between these various bills and amendments, as well as some of the areas of divergence. It will also draw on other changes, such as the emergence of data localisation laws in China, Indonesia, and India, and some of the laws closer to the GDPR such as Brazil.
  • Privacy and security: A symbiotic relationship Recorded: May 22 2019 33 mins
    Lee Bonham, Senior Privacy Engineer, Privitar
    The world is waking up to the fact that you need both strong security systems in place and privacy technology to ensure comprehensive data protection.

    To achieve this goal, CTOs, DPOs and CISOs have to work in unison. There is no privacy without security. But security alone is not enough to protect your customer’s sensitive data. Strong privacy protection helps to unlock data for new purposes and makes the job of the security team a lot easier.

    Find out how the two work hand in hand with Privitar’s Senior Privacy Engineer Lee Bonham.

    Join this session to learn:

    - How robust security controls are not enough to protect your data fully

    - How the focus is shifting from the perimeter to implementing privacy controls on the data itself

    - How privacy technologies and access controls work hand-in-hand to ensure your data is protected
  • The Monty Python Guide to Privacy Controls Recorded: May 22 2019 40 mins
    Rowenna Fielding, Senior Data Protection Lead, Protecture
    Data Protection might be a serious legal and business requirement, but that’s no reason not to have some fun doing it. Join Rowenna Fielding as she gives advice on protecting individuals privacy and establishing an acceptable risk position, using illustrations from the British comedy group ‘Monty Python’s Flying Circus.
  • [PANEL] Ensuring Continued Compliance – Data Protection Recorded: May 20 2019 53 mins
    Melanie Turek, Chris Pierson, Michelle Drolet & Ilias Chantzos
    Since the rollout of The General Data Protection Regulation (GDPR) in 2018, companies worldwide have had to implement new policies and procedures to protect data. Join leading compliances and security experts as they discuss why data protection is at the heart of GDPR compliance.

    Join this interactive Q&A panel to learn more about:
    - What GDPR means for data management
    - GDPR requirements around data collection and governance
    - Best Practices for achieving compliance
    - Recommendations for improving Data Management and ensuring Data Protection

    - Melanie Turek, Fellow & Vice President, Frost & Sullivan (Moderator)
    - Christopher Pierson, CEO & Founder, BLACKCLOAK
    - Michelle Drolet, CEO & Co-Founder, Towerwall
    - Ilias Chantzos, Senior Director, Global Government Affairs & Cybersecurity, Symantec
  • Privacy in the age of big data and algorithms Recorded: May 20 2019 49 mins
    Ivana Bartoletti, Head of Privacy & Data Protection, Gemserv
    One year after GDPR, the presentation will explore whether the provisions introduced are sufficient to deal with the challenges of big data and algorithms. Ivana will present a clear roadmap for organisations deploying AI covering governance, privacy and ethics harms and algorithmic impact assessments.
  • GDPR Starts With Your Data, Not With Lawyers Recorded: May 20 2019 43 mins
    David Froud, Founder & Director, Core Concept Security Ltd.
    In the panic leading up to May 25th 2018, many organisations did one of three things:

    1. Hired a lawyer first;
    2. Hired a data security expert first, or
    3. Absolutely nothing.

    All of these approaches are wrong, and regardless of the size/type of your organisation, the first steps were exactly the same; Go find your data.

    In this presentation we will simplify the process of achieving GDPR compliance so that anyone can get started.
  • Update your email defenses to meet the new threatscape Recorded: May 9 2019 53 mins
    Lysa Myers & Cameron Camp, Security Researchers
    Unless your organization handled classified information, it was once generally considered “good enough" to protect email with little more than a basic password. When spam floods hit, we all collectively understood that we needed to do a bit more in order to protect the sanity of email traffic (not to mention the sanity of our users). Fast-forward to the current threatscape, where protecting business email is mission critical, but the tools and techniques are tricky to understand, deploy and support with adequate staff training. There is a lot more we can and should be doing, but it can be challenging to navigate the security maze.

    In this webinar we’ll discuss a variety of techniques and technologies you can use to improve your email security to meet new threats:

    - Filtering unwanted/malicious email traffic
    - Why you need encryption on both the message- and network-level
    - Using more robust authentication options than just a password
    - How you can use authorization to decrease spoofed messages
    - Decreasing the risk of damage from software vulnerabilities
    - Creating a culture of security to help identify and thwart phishing

    Many of these strategies can be useful for protecting your own personal email account or traffic. But as an administrator of a company email infrastructure, there are quite a few other things you can do to meaningfully increase security, which don’t require you to shell out big bucks on fancy new products.
  • 2019 Verizon Data Breach Investigations Report - All Women Panel Discussion Recorded: May 8 2019 63 mins
    Mary Beth Borgwing, founder of Cyber Social Club and Uniting Women in Cyber
    The 2019 Verizon Data Breach Investigations Report, now in its twelfth year, is an industry benchmark for information on cybersecurity threats and vulnerabilities. Each year this report looks at tens of thousands of security incidents and confirmed breaches. Join our all-women panel of experts for the first look at some of the key findings of the 2019 report to understand and what it all means.
  • [Earn 1 CPE] Key Steps to Identify Risk and Master Vendor Risk Management Recorded: Apr 25 2019 78 mins
    Colin Whittaker, IRD; Jake Olcott, BitSight; Blake Brannon, OneTrust; Kelly White, RiskRecon; and Todd Boehler, ProcessUnity.
    In today’s interconnected technology ecosystem, companies increasingly rely on third party vendors to meet their operational needs. However, the current state of vendor risk management (VRM) is bleak. More than half of all information security breaches are caused by third-party vendors, and according to Deloitte 83% of today’s business leaders lack confidence in third party VRM processes.

    Understanding and managing cyber risk posed by vendors, suppliers, and third parties has proven to be a difficult task. The right mix of people, processes, and technology result in the most effective and comprehensive program. Join this CPE accredited panel webinar as our expert panel address some key steps to master VRM, including:

    - Implementing a scalable VRM program from the ground up,
    - Tips on managing vendor data and mapping the digital supply chain,
    - Assessing third, fourth, and fifth-party risk,
    - Performing quantifiable vendor security analyses,
    - Establishing pre-procurement standards.
  • IT Security Community Update Recorded: Apr 24 2019 63 mins
    Wesley Simpson, (ISC)²; Christopher Pierson, BLACKCLOAK & Marija Atanasova, BrightTALK
    Find out what's trending in BrightTALK's IT Security community and the challenges keeping security professionals up at night.

    Join Wesley Simpson, COO of (ISC)², Dr. Christopher Pierson, Founder & CEO of BLACKCLOAK and Marija Atanasova, Sr. Content Strategist from BrightTALK for an interactive Q&A session to learn more about:
    - Topic trends & key insights
    - What security professionals care about
    - Events in the community
    - What to expect in Q2 2019 and beyond
  • ESG Research: The Hybrid Cloud Tipping Point Recorded: Apr 23 2019 61 mins
    Scott Sinclair, ESG; Michelle Tidwell, IBM, Mike Jochimsen, Kaminario; Eric Lakin, Univ. of Michigan; Alex McDonald, NetApp
    Has hybrid cloud reached a tipping point? According to research from the Enterprise Strategy Group (ESG), IT organizations today are struggling to strike the right balance between public cloud and their on-premises infrastructure. In this SNIA webcast, ESG senior analyst, Scott Sinclair, will share research on current cloud trends, covering:

    •Key drivers behind IT complexity
    •IT spending priorities
    •Multi-cloud & hybrid cloud adoption drivers
    •When businesses are moving workloads from the cloud back on-premises
    •Top security and cost challenges
    •Future cloud projections

    The research will be followed by a panel discussion with Scott Sinclair and SNIA cloud experts Alex McDonald, Michelle Tidwell, Mike Jochimsen and Eric Lakin.
  • PCI Dream Team: Ask Us Your Toughest Questions [Part 6] Recorded: Apr 23 2019 61 mins
    Ben Rothke | David Mundhenk | Jeff Hall | Arthur Cooper "Coop"
    With hundreds of different requirements, the various Payment Card Industry (PCI) standards can be overwhelming. While the PCI Security Standards Council has provided lots of answers, the devil is often in the details. Our panelists are some of the top PCI QSA’s in the country, with decades of combined PCI and card processing experiences. They’ve seen it all: the good, bad and ugly; and lived to tell the tale.

    Join Ben Rothke, David Mundhenk, Arthur Cooper, and Jeff Hall for an interactive Q&A session, and get answers to your most vexing PCI questions. No PCI question is out of bounds.

    - Ben Rothke, Senior Security Consultant at Nettitude
    - David Mundhenk, Senior Security Consultant at Herjavec Group
    - Jeff Hall, Senior Consultant at Wesbey Associates
    - Arthur Cooper "Coop", Senior Security Consultant at NuArx
  • How to Keep Your Cyber Defenders Sharp: Do You have the right people? Recorded: Apr 23 2019 62 mins
    David Morris and Brian Markus
    Tune into this session to learn how to determine if you have the right people with the sharpest skills defending your organization through the use of a Cyber Training Range.

    Learn what are Persistent Cyber Training Range Environments, the benefits and value of a Cyber Training Range and how they help you answer the question ARE WE READY TO DEFEND AGAINST THE NEXT ATTACK?".
  • Your Adversary Within - The Need to Trust, but Verify Recorded: Apr 18 2019 30 mins
    Adam Mashinchi, VP of Product Management SCYTHE
    In this presentation we will give an overview of the current state of the power of an endpoint in the modern enterprise; and how modern advancements make the need for adversarial testing even more critical.

    Other topics to be covered:
    - New/modern consumer products
    - Increases in privacy & increased exfiltration options
    - Employee Trust & BYOD
    - State of endpoint monitoring
    - Controls Validation vs. Adversarial Testing
  • 5 Key Elements of an Effective Endpoint Security Strategy Recorded: Apr 18 2019 37 mins
    UJ Desai, Director of Product Management, Bitdefender
    While cyber attacks come from all directions, the majority of them originate on endpoints. In this webinar UJ Desai, Director of Product Management at Bitdefender will discuss why organizations are still struggling with endpoint security, and will explore the five critical elements of endpoint security that will allow organizations to effectively defend endpoints from both common and advanced cyber attacks.
  • Social Engineering, Phishing and Protecting the Enterprise Recorded: Apr 18 2019 55 mins
    John Bambenek (ThreatSTOP) | Jan Liband (SlashNext) | JP Bourget (Syncurity)
    Join security experts and practitioners for an interactive discussion on how to better secure the enterprise in 2019:
    - Top threats on the horizon and what's at risk
    - Cyber defenses and your employees
    - Basic cyber safety recommendations to protect against social engineering, phishing and email cyber attacks
    - Use cases and examples
    - Actions to take today to protect your employees and enterprise from cyber criminals
    - What to expect in 2019

    - John Bambenek, VP Security Research & Intelligence, ThreatSTOP
    - JP Bourget, Founder & Chief Security Officer, Syncurity
    - Jan Liband, CMO, SlashNext
  • Top Threats To Endpoints And How To Stay Protected Recorded: Apr 18 2019 45 mins
    Kelvin Murray, Sr. Threat Research Analyst, Webroot
    The largest threat of organisational breach occurs at the Endpoint level. Hacks, phishing, malware and untrained end users are a constant risk that need safeguards and monitoring to protect individuals and businesses with strong IT security. Small changes to your endpoints can drastically improve your protection. However, when you manage one or more businesses and need to implement and maintain these changes across multiple machines or environments, different complications will arise.

    Join Webroot’s Threat expert as he discusses topics such as:

    · Malware
    Information Stealers
    · End user education
    · Best policies and settings for your Endpoints
    · Endpoint monitoring
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: 2 Minutes on BrightTALK: Application security? Don't play catch-up.
  • Live at: Oct 29 2013 1:50 pm
  • Presented by: Richard Greenberg, CISSP, Information Security Officer at Los Angeles County Public Health
  • From:
Your email has been sent.
or close