Countering Adversaries Part 2: Organized Crime and Brute Force

Roxana Bradescu, Director of Product Management, Database Security, Oracle & Brandon Dunlap, Brightfly
Hailing from Eastern Europe and North America, organized criminals have a penchant for using brute-force hacking and multiple strands of malware to target financial and retail organizations for monetary gain, according to the Verizon DBIR. It is common for these cybercriminals to directly access databases and extract payment cards, credentials, and bank account information. Join (ISC)2 and Oracle as we discuss tactics employed by these cybercriminals and how organizations should implement a defense in depth database security strategy to help mitigate the threat.
Apr 24 2014
60 mins
Countering Adversaries Part 2: Organized Crime and Brute Force
Join us for this summit:
More from this community:

IT Security

  • Live and recorded (5629)
  • Upcoming (134)
  • Date
  • Rating
  • Views
  • Channel
  • Channel profile
  • Turning the Human Firewall on Jun 30 2015 12:00 pm UTC 60 mins
    Adrian Davis, Managing Director (ISC)2 EMEA; Bruce Hallas, Founder of the Analogies Project; Craig Goodwin, Deputy CISO at Wo
    Securing change in employee behaviour, to ensure compliance with organisational policy and to reduce risk to an organisation, relies on employees making a discretionary effort with a positive security outcome. How can security leaders secure not just employee awareness but most importantly positive security behaviours to support embedding security into corporate culture?
  • 5 Key Steps to Enabling Secure Data Sharing & Analytics in Hadoop Jun 11 2015 5:00 pm UTC 75 mins
    Reiner Kappenberger, Global Product Mgmt, HP Security Voltage; William Peterson, Director, Product Marketing, MapR Tech
    Security Briefings Part 1 - Big data analytics and Hadoop environments come with myriad benefits-but also new risks to enterprises. In the past, cyber-attackers had to search for high-value information across a wide range of systems. But with centralized data, hackers can focus on a known, single target. Even when key information is consider secure, there's still a high risk that sensitive information can be re-identified by utilizing multiple data sets. Join HP Security Voltage and (ISC)2 on June 11, 2015 at 1:00PM Eastern for 5 steps in protecting critical data and learn how to build a strategy and methodology to secure big data in Hadoop.
  • Ponemon Study: True Cost of a Data Breach Jun 10 2015 12:00 pm UTC 60 mins
    Adrian Davis, Managing Director (ISC)2 EMEA | Gavin Kenny, Associate Partner IBM Security
    Join IBM and (ISC)2 to learn about the latest Cost of a Data Breach study and discuss the implications of the study for today's businesses.
    In this live webinar, you will learn the key findings of the Cost of a Data Breach study, including:
    -Major factors that affect the financial consequences of a data breach
    -How companies changed their operations and compliance following a breach
    -Most common cybersecurity governance challenges
    -Why companies failed to stop data breaches
  • Securing Your Open Source Assets Jun 4 2015 5:00 pm UTC 75 mins
    Mike Pittenger, VP Product Strategy, Black Duck Software, Dan Cornell, Founder-CTO, Denim Group; Brandon Dunlap
    Open source tools and code have become pervasive in applications development and infrastructure alike. In just the past year, over 5000 vulnerabilities have been reported against open source components, so it may not be as secure as one would think. Such vulnerabilities can lead to security bugs like Heartbleed and Poodle. Knowing the components you are using and their possible vulnerabilities is critical to maintaining the security at your organization. Join (ISC)2 and Black Duck Software on June 4, 2015 at 1:00PM Eastern for a discussion on securing open source tools.
  • Inside (ISC)2 With David Shearer, Executive Director, (ISC)2 May 28 2015 5:00 pm UTC 75 mins
    David Shearer, Executive Director (ISC)2
    As an (ISC)2 member or a practitioner considering certification or membership, wouldn't you like to have the ability to interact with an (ISC)2 Board Member, Director or Manager to ask questions or discover what's being worked on within the organization that will benefit the members or the industry in general? Our new webinar series, Inside (ISC)2 will feature various key personnel within the organization interacting with and answering questions from members and non-members alike in a moderated webcast setting. This is chance to find out, first hand, what's going at (ISC)2 and ask your questions of the key people making decisions at the organization. First up, join us on May 28, 2015 at 1:00PM as David Shearer, Executive Director, stops by to answer your questions.
  • From the Trenches - Leading Practices in Securing Electronic Healthcare Records Recorded: May 21 2015 58 mins
    Brian Rappach, IS Security Project Leader, TriHeath; Ray Potter, SafeLogic, CEO; Eric Walters, Dir & CISO U of Kansas Medical
    Electronic Healthcare Records (EHRs) and the information they contain have become the top target of cybercriminals around the world. Several high profile healthcare-related data breaches have made the headlines in recent months and more are sure to come. What is it about the information contained in EHRs that is so enticing and how can it be better secured? Join (ISC)2 and Sophos on May 21, 2015 at 1:00PM Eastern for a discussion of the security of healthcare data and approaches on how to better protect this type of information.
  • IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence Quarterly Recorded: May 20 2015 60 mins
    Simon Smith, Security Technical Specialist, IBM UK
    2014 brought significant change for the internet security industry. According to IBM's latest X-Force report:
    - Over 1 billion records of PII were leaked in 2014
    - Vulnerability disclosures rocketed to a record high in 2014, and designer vulns like Heartbleed and Shellshock revealed cracks in the foundation of underlying libraries on nearly every common web platform
    - Crowd-sourced malware continues to mutate, resulting in new variants with expanding targets
    - App designer apathy is negatively impacting security on mobile devices.
    Join (ISC)2 and IBM to learn more about the findings of the latest IBM X-Force report and X-Force Interactive Security Incident website, designed to help users gain in-depth understanding of security breaches publicly disclosed over time.
  • Briefings Part 3: Effective Identity & Access Mgmt for Today’s Modern Cloud Recorded: May 14 2015 62 mins
    Kurt Johnson, VP Corp. Development, Courion; Frank Aiello Exec Dir and CISO, American Red Cross
    Your users demand access everywhere, any time, via any device. Whether it’s cloud or traditional on-premise applications, it’s critical that organizations provide access to those who need it while mitigating access risk and maintaining compliance. Join (ISC)2, Courion and the American Red Cross on May 14, 2015 at 1:00PM Eastern for an informative session that will show how the American Red Cross is addressing this issue with a strategy around provisioning, governance, federation, and single sign-on via a seamless and integrated IAM solution for managing cloud and enterprise access.
  • Running Windows Server 2003 in a Post-Support World Recorded: May 14 2015 62 mins
    Christopher Strand, Sr. Global Director of Compliance - IT Governance, Risk, and Security Audit Programs, Bit9
    Even with the imminent end of support for Windows Server 2003 (W2K3), you may still be planning to continue running W2K3 in production. But with a never-ending stream of new exploits, vulnerabilities, and zero-day malware, how can you continue to maintain control and keep those systems safe and secure? (ISC)2 and Bit9 are hosting this webcast which will focus on looking at how to help prevent, detect and respond to advanced threats on endpoints and ensure continued compliance of W2K3 systems.
  • In Clouds We Trust: Making the transition to Office 365 Recorded: May 7 2015 61 mins
    Nate Fitzgerald, Intel Security: Chuck Gaughf, (ISC)2; Matt Gamgwar, Rook Security; Brandon Dunlap
    Moving to the cloud is always a difficult decision, but when you look at the impact of solutions as broad reaching as Office 365, chances are your primary concern is going to be about security. There are a number of facets and features (e-mail, OneDrive, Lync) to Office 365 and the security issues can be myriad. Join Intel Security and (ISC)2 on May 7, 2015 at 1:00PM Eastern for a discussion on how to overcome these challenges through critical protection and often overlooked best practices to build the confidence you need to securely deploy Office 365.
  • State of the Industry - (ISC)2's Global Workforce Study Recorded: Apr 30 2015 61 mins
    Julie Peeler, (ISC)2 Foundation Director; Mark Aiello, President, Cyber 360 Inc.; Elise Yacobellis, (ISC)2
    Every two years, (ISC)2 surveys infosecurity practitioners from around the world about the profile of the global information security workforce. This year, over 12,000 professionals from 135+ countries responded to the survey to provide invaluable insight about their careers, positions and organizations. Join Julie Peeler, (ISC)2 Foundation Director and other industry experts on April 30, 2015 at 1:00pm Eastern for an examination and discussion of the survey results, gain insight into what hiring managers and looking for in job candidates, the areas of expertise in demand and the challenges facing infosec pros around the world.
  • Briefings Part 2: Harvard Pilgrim Health Care Case Study Recorded: Apr 28 2015 61 mins
    Mark Teehan Manager IT Security, Harvard Pilgrim Health Care; Kurt Johnson, Courion
    Keeping Compliance in Check & Controlling Access Risk:

    Learn how one of the nation's largest health insurers provides access to users efficiently and effectively while also assuring that private constituent data is protected in compliance with HIPAA, HITECH and other federal and state privacy and security regulations. Join (ISC)2, Courion and Harvard Pilgrim Health Care on April 28, 2015 at 1:00pm Eastern to learn how the information security team is able to identify and remediate user access risks such as unnecessary privileged access, orphaned and abandoned accounts, and system or non-human accounts that call for administrative oversight.
  • Is CISSP Right For Me? Recorded: Apr 16 2015 49 mins
    Adrian Davis, (ISC)2 EMEA - Moderator; Mark Ampleford, Barclay Simpson; Marko van Zwam, Deloitte; Neil Breden, Fujitsu
    More than 100,000 information security professionals have invested time, effort and resources to achieve what has long been considered the Gold Standard security certification – The CISSP. Now that the security industry is growing and career trends are shaping the current job market, there is a bigger need to understand where the CISSP fits and what value it brings to any professional undertaking the path to become certified.

    During this panel session you'll hear different perspectives, including that of the hiring manager, recruiter and credential holders themselves around the following questions:

    - How is the CISSP viewed in the market place?
    - Which career paths are worth exploring with a CISSP?
    - What skillset does a CISSP have?
    - Is the CISSP a differentiator for a candidate?
    - How does the CISSP help the professional perform his job?
  • Changing Your Mindset for Better Security Recorded: Apr 9 2015 59 mins
    Michelangelo Sidagni, NopSec, Javvad Malik, 451 Research; Tom Gorup, Rook Security; Brandon Dunlap
    It's been said that defensive driving is about "driving for the other cars on the road." The same can be said for setting your organization's security strategy and "to think like your enemy". It's a sound practice which focuses on infosecurity practitioners putting themselves in the shoes of their attackers and anticipating where the next threat may be coming from. Using advanced analytics to compile simplified reporting can help to streamline your these efforts, enabling you to more clearly see the threats the attackers may be using and helping you to react faster. Join (ISC)2and NopSec on April 9, 2015 at 1:00PM for a discussion on vulnerability and threat analytics to better secure an organization.
  • Survey Results: The Need for Improved Software Quality Recorded: Apr 7 2015 60 mins
    Michael Osterman; Phil Casesa, (ISC)2; Noah Gray, (ISC)2; Katie Moussouris, HackerOne; Glenn Leifheit, Microsoft
    Osterman Research and (ISC)2 recently conducted a survey of individuals in mid-sized and large organizations on how they choose off-the-shelf applications, how they develop custom applications, and how they select third-party application developers. Join (ISC)², Michael Osterman and a panel of experts for a discussion about the findings from the survey and the state of software development quality on Tuesday, April 7th at 1:00pm Eastern. Attendees will also have the opportunity to download the entire survey report.
  • From the Trenches: Being Your Own "Expert Witness" Recorded: Mar 26 2015 59 mins
    Spencer Wilcox, CISSP, Excelon; Herbert Joe, Certified Forensics Consultant, Yonovitz & Joe, LLP; Andrew Neal, TransPerfect
    With data breaches and data leakage incidents becoming front page news, cyber investigations are taking on more importance within organizations. This calls for a new set of skills to be developed such as the ability to work with all levels of law enforcement, lawyers and attorneys and within the judicial system. Many of these investigations will call for the cybersecurity practitioner to be a witness and give testimony. What's the best way to do this to protect yourself and the organization, while also providing the information that will help law enforcement and the justice system to get the information they need? Join (ISC)2 on March 26, 2015 at 1:00PM Eastern for our next "From the Trenches" webcast where we'll talk about what it means to be an expert witness and the best practices for serving as one.
  • Briefings Part 1: Insights from the latest IBM CISO Assessment Recorded: Mar 24 2015 61 mins
    Martin Borrett, Director, IBM Institute of Advanced Security in Europe
    Already tasked with protecting companies from a vast domain of ever-changing threats, Chief Information Security Officers (CISOs) and other security leaders must now prepare for more avenues of attack as well as more sophisticated attackers. Research from the IBM Centre for Applied Insights pinpoints what worries today’s security leaders and what they’re doing to address those concerns. We also identify several actions that security leaders can take to help their companies manage the approaching uncertainties in information security.


    Martin Borrett, Director, IBM Institute of Advanced Security in Europe

    Martin Borrett is the Director of the IBM Institute of Advanced Security in Europe. He leads the Institute and advises at the most senior level in clients on policy, business, technical and architectural issues associated with security. Martin leads IBM's Security Blueprint work and is co-author of the IBM Redbooks Introducing the IBM Security Framework and IBM Security Blueprint to Realize Business-Driven Security and Understanding SOA Security . He is Chairman of the European IBM Security User Group community and a member of the board of EOS, the European Organisation for Security. He is a Fellow of the British Computer Society, and a Chartered Engineer (CEng) and member of the IET. Martin has a passion for sailing and has represented Great Britain; he is also a keen tennis player.
  • Using SIEM to Improve Threat Discovery & Response: From Theory to Practice Recorded: Mar 19 2015 58 mins
    Ian Jones, Enterprise Tech Specialist; Raj Goel, CTO Brainlink; Derin Beechner, Infosec Analyst, Kansas City Power & Light
    Threat and adversarial information has become easily accessible and gone mainstream in the last couple of years. However managing the threat lifecycle, can still be challenging for organizations continuously under pressure for the next attack and low on resources. Prioritizing threats, managing incidents and neutralizing the attackers successfully requires dedicated tools, processes as well as broad adoption by the IT Security staff. Join (ISC)2 and Intel Security at 1:00PM on March 19, 2015 as we discuss leveraging SIEM and effective means for improving your discovery and responses to today's emerging threats.
  • Briefings Part 1: Building the Business Case for Risk-Aware IAM Recorded: Mar 12 2015 59 mins
    Kurt Johnson, VP Corp. Development, Courion; Brandon Dunlap, Moderator
    Today's business initiatives include developing stronger security to help protect against vulnerabilities, minimizing corporate risk and meeting compliancy requirements. Investments in intelligent Identity and Access Management (IAM) can help organizations meet these objectives, lower IT operating costs, and improve productivity. Join (ISC)2 and Courion Corp on March 12, 2015 at 1:00PM Eastern for the 1st part of a 3 part series where we'll provide guidelines to help you create a compelling business case for IAM technology and the ability to provide continuous monitoring that makes you aware quicker and react faster to risk.Also included will be real-life examples of how investments IAM infrastructure technology can enhance your security posture.
  • Streamlining Security: Strategies for Improving Effectiveness and Efficiency Recorded: Feb 19 2015 58 mins
    Simon Crosby, CTO, Bromium; JJ Thompson, Rook Security, Chuck Gaughf, (ISC)2; Brandon Dunlap, Brightfly (Moderator)
    For many of us, current information security operations are largely manual and therefore inefficient. This increases costs and results in lower effectiveness of our hard won efforts. In this interactive session, we will explore opportunities to streamline processes and make effective use of the technologies available to us, and establish ourselves as worthy custodians of our limited resources bestowed upon us. Join us at 1:00PM Eastern on February 19, 2015, with our event sponsor, Bromium, for this spirited panel discussion.
(ISC)2 hosts a monthly panel discussion around different thought engaging topics within the information security sector.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Countering Adversaries Part 2: Organized Crime and Brute Force
  • Live at: Apr 24 2014 5:00 pm
  • Presented by: Roxana Bradescu, Director of Product Management, Database Security, Oracle & Brandon Dunlap, Brightfly
  • From:
Your email has been sent.
or close
You must be logged in to email this