Hi [[ session.user.profile.firstName ]]

From the Trenches: Being Your Own "Expert Witness"

With data breaches and data leakage incidents becoming front page news, cyber investigations are taking on more importance within organizations. This calls for a new set of skills to be developed such as the ability to work with all levels of law enforcement, lawyers and attorneys and within the judicial system. Many of these investigations will call for the cybersecurity practitioner to be a witness and give testimony. What's the best way to do this to protect yourself and the organization, while also providing the information that will help law enforcement and the justice system to get the information they need? Join (ISC)2 on March 26, 2015 at 1:00PM Eastern for our next "From the Trenches" webcast where we'll talk about what it means to be an expert witness and the best practices for serving as one.
Recorded Mar 26 2015 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Spencer Wilcox, CISSP, Excelon; Herbert Joe, Certified Forensics Consultant, Yonovitz & Joe, LLP; Andrew Neal, TransPerfect
Presentation preview: From the Trenches: Being Your Own "Expert Witness"

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Cross Talk: How Network & Security Tools Can Communicate For Better Security Feb 23 2017 6:00 pm UTC 75 mins
    Infoblox and (ISC)2
    Working in silos, while never a good idea, is a reality in many organizations today. Security and network operations teams have different priorities, processes and systems. Security teams use various controls and tools to mitigate different kinds of threats which provides them with thousands of alerts on a daily basis. They often find it difficult to prioritize the threats to address first. What they may not know is that there is a whole piece of the puzzle they could be missing - core network services like DNS, DHCP and IPAM. These can provide a wealth of information and context on threats, which can help prioritize response based on actual risk and ease compliance. Join Infoblox and (ISC)2 on February 23, 2017 at 1:00PM Eastern for a roundtable discussion on how to use ecosystem integrations between network and security tools for better security and compliance.
  • Visibility and Security - Two Sides of the Same Coin Jan 19 2017 6:00 pm UTC 75 mins
    Infoblox and (ISC)2
    You can't secure what you can't see and not knowing what's on your network can be damaging. While security is about proactively detecting and mitigating threats before they cause damage, it is also about gaining deep visibility into today's complex networks which may include diverse platforms and architectures. A truly enterprise grade DNS, DHCP and IPAM (DDI) platform can provide that visibility because of where it sits in networks. On the downside, DNS is a top threat vector but it can be used as strategic control points to block malicious activity and data exfiltration. Join Infoblox and (ISC)2 on January 19, 2017 at 1:00PM Eastern for a round table discussion featuring Cricket Liu, a well known authority on the Domain Name System and the co- author of all of O'Reilly & Associates' Nutshell Handbooks on DNS, as we examine how strategic DNS can be used for visibility and security.
  • Threats - The Wolf that Never Leaves the Door Dec 20 2016 6:00 pm UTC 75 mins
    Michael Rodriguez, Digital Forensics/IR Consultant, Intel Security; Dominique Kilman, Crowdstrike; Dr, Lance Cottrell
    Insiders. Targeted attacks. Bad actors. Malware. Organized crime. Ransomware. The threats to your IT infrastructure and organization are many and come from multiple vectors. Detecting, assessing and managing these threats are paramount to the well being of the organization. If the worse does happen and there is an incident, quick and efficient response is critical. Join Intel Security and (ISC)2 on December 20, 2016 at 1:00PM Eastern for our final ThinkTank roundtable of the year where we will discuss threats, threat management and incident response.
  • Your Security Team is a Thing of the Past Dec 15 2016 6:00 pm UTC 75 mins
    Mark Nunnikhoven, VP, Cloud Research; Trend Micro; Deidre Diamond, CEO, BrainBabe; Keith Hutchison, Cerner Corp.
    It's said that teamwork makes the dream work. And the dream is a secure organization. While you and the rest of your team works towards that, it takes everyone to achieve comprehensive and effective security. But achieving this degree of security thinking within in an organization is fraught with challenges - ensuring the consistent application of controls across the enterprise and across, to outside partners and vendors, the changing skill set and diversity of the workforce & security staff and the hiring of talent to maintain security. Join Trend Micro and (ISC)2 on December 15, 2016 at 1:00PM Eastern for a roundtable discussion as we examine this topic and how best to manage these issues.
  • Your Money or Your Data - Ransomware is Here Recorded: Nov 10 2016 61 mins
    Deepak Patel, Director of Product Marketing, Imperva; John Carnes, Anthem; Rob Ayoub, IDC; Brandon Dunlap, Moderator (ISC)2
    If it bleeds, it leads and the headlines these days indicate that more and more companies are succumbing to ransomware. A user clicks the wrong link and the next thing you know, you’re your data is being held hostage...for a price. It leads to nonproductive downtime, tests the limits of your back-up strategy, and saps your bottom line. How do you combat a threat like ransomware? Do you pay up? Join Imperva and (ISC)2 on November 10, 2016 at 1:00PM Eastern for a discussion on ransomware, its impact and how organizations should respond.
  • Safe & Secure Online Program Orientation Recorded: Nov 4 2016 71 mins
    Patrick Craven, Dir, Center for Cyber Safety & Education Ciera Lovitt, Education Specialist, Center for Cyber Safety & Edu.
    Learn all about the NEW Safe and Secure Online (SSO) program! Are you interested in volunteering to educate children, parents, and senior citizens in your community about how to be safe online all while earning CPEs? Want to learn how to bring Garfield to your local school? Then join us at the Safe and Secure Online (SSO) Program Orientation Session at (ISC)² Security Congress. You’ll earn 1 CPE for attending.
  • Why Targeting Is the Next Big Trend in Attacks Recorded: Nov 4 2016 43 mins
    Dr. Lance Cottrell, CISSP®, Chief Scientist, Ntrepid Corp.
    While we will never see the end of generalized mass attacks, the real damage is being done through highly targeted attacks. In discussing why targeted attacks are so effective and economically advantageous to the attacker, we'll learn why that trend is likely to continue. Timely case studies of targeted and integrated attacks will contribute to understanding the trade-offs for the adversaries. Some suggestions for countermeasures against this strategy will be provided.
  • Quantifying Cloud Risk Recorded: Nov 4 2016 54 mins
    Jack Jones, CISSP, CRISC, CISM, CISA EVP R&D, RiskLens Inc.
    Business executives are unlikely to ever really understand risk statements like “High risk”, “Medium risk” and “Low risk”. As a result, they sometimes discount higher risk situations as “infosec conservatism.” Risk quantification can be a powerful tool to help them better understand and appropriately prioritize infosec risk scenarios. In this session, Jack will walk participants through an analysis of a specific cloud service leveraging the Factor Analysis of Information Risk (FAIR) framework. The analysis results will be described in business terms that any executive would understand. This session will demonstrate a pragmatic approach to quantifying cloud-related risk.
  • Hiring, Building, and Retaining Top Security Talent Recorded: Oct 13 2016 72 mins
    David Shearer, (ISC)2; Kevin Flanagan, RSA, Deidre Diamond, Cyber Security Network; Anne Saita (Moderator)
    The shortage of information security professionals and high turnover can derail even the best security programs. This session will cover proven strategies for recruiting, retaining and building a team of top security professionals.
  • 2016 (ISC)2 Security Congress – Member Town Hall – Part 2 Recorded: Oct 13 2016 69 mins
    David Shearer, Steven Hernandez, Patrick Craven, Dan Waddell, Mirtha Collin, Dr. Casey Marks
    Hear from your association membership from a panel made up of (ISC)2 executive management, senior staff and board members addressing members inquires at the 2016 Security Congress Town Hall session. This was originally held on September 11, 2016.
  • 2016 (ISC)2 Security Congress – Member Town Hall – Part 1 Recorded: Oct 13 2016 30 mins
    David Shearer CISSP, (ISC)2 CEO; Patrick Craven, Director, Center for Cyber Safety& Education; Dan Waddell, CISSP,
    Meet the newest members of your association membership management team as David Shearer, (ISC)2 CEO interviews Patrick Craven the new Director for the Center for Cyber Safety and Education (formally (ISC)2 Foundation and Dan Waddell the newest (ISC)2 Managing Director for the North America region. This was originally held on September 11, 2016. (NOTE: Due to length of presentation, this video DOES NOT qualify for a CPE)
  • SOC Operations: Orchestrating for Optimization Recorded: Sep 29 2016 61 mins
    Victor Lee, CISSP, Intel Security; Mat Gangwer, Rook Security; Brandon Dunlap, Brightfly; Tim O'Brien
    As a wise person once said, a man with one watch knows what time it is, a man with two isn't so sure. Despite the myriad of tools at our disposal in the SOC, how do you accurately identify and triage security Events, escalate those that need it to the status of Incident, and mange them through remediation or response effectively? Join Intel and (ISC)2 on September 29, 2016 at 1:00PM Eastern as we bring a panel of SOC operational experts to discuss strategies and opportunities to orchestrate SOC operations for peak performance.
  • The 5 Keys for Boosting Cloud Security Confidence Recorded: Sep 9 2016 52 mins
    Holger Schulze; Javvad Malik, Dan Waddell, Afir Agasi, Rich Campagna, Sami Laine, Patrick Pushor, Alvaro Vitta
    Hear from a panel of experts including Afir Agasi, Rich Campagna, Sami Laine, Javvad Malik, Patrick Pushor, Alvaro Vitta and Dan Waddell as they review the results of the 2016 Cloud Security Spotlight Report. This report highlights cloud security concerns and what security best practices are evolving with the increasing adoption of cloud computing. Get the report here: cert.isc2.org/cloud-security-spotlight-report/
  • Taming Application Apprehension in the Cloud Recorded: Aug 11 2016 61 mins
    Mark Nunnikhoven, Trend Micro; Dave Lewis, Global Security Advocate, Akamai; Chris Nicodemo, Global Dir App Sec & Arch, Time
    Moving and integrating multiple applications across both on-premise and into the cloud is a daunting task. Whether it is the "lift and shift" of existing workloads into IaaS or the federation of identities between your traditional enter isle and SaaS providers, the task is monumental. Join Trend Micro and (ISC)2 on August 11, 2016 at 1:00PM for a spirited roundtable webinar where we'll dig into the important security implications of your cloud strategy and how to ensure that you are considering all of the angles as you make the change.
  • GDPR - Brexit Means More Changes Recorded: Jul 28 2016 59 mins
    Darrin Reynolds, Reynolds Privacy; Graham Jackson, General Counsel, (ISC)2; Harvey Nusz, CISO, 4IT Security
    The EU's General Data Protection Regulation (GDPR) was adopted on April 14, 2016 and threw infosecurity and privacy teams into chaos. While teams were trying to get their arms around the new regulations and rules, the UK voted to leave the EU, throwing another big wrinkle into the mix. What does all of this mean to you and your compliance and regulation efforts? What does the Brexit vote mean for the GDPR and for the UK's infosecurity and privacy rules? Imperva sponsors an (ISC)2 From the Trenches webinar discussion on this and answers questions from the audience on July 28, 2016 at 1:00PM Eastern.
  • The Need for Speed: Hitting The Afterburners on Detection and Investigation Recorded: Jun 30 2016 61 mins
    John Carnes, Anthem; Terry Olaes; Rob Ayoub, IDC; Brandon Dunlap, Brightfly
    Detecting and investigating malicious or unintentional activity is a time consuming effort and an inefficient use of our limited resources. All too frequently, we discover something is amiss and realize that problem has existed for a long time, yet it's just come to your attention. How can an organization increase the speed of detection of malicious activity? Can detection and investigation processes benefit from "hitting the afterburners"? Join RSA Security and (ISC)2 on June 30, 2016 at 1:00PM Eastern for a discussion on detection and investigation visibility and what to leverage to make threat detection effective.
  • Cloud Omnipotence - The All Seeing Eye for the Cloud Recorded: Jun 16 2016 59 mins
    Scott Montgomery, VP & CTO, Intel Security; Doug Cahill, Sr. Analyst, ESG; John Yeoh, Senior Research Analyst, CSA
    IaaS, PaaS, SasS? Private, Public, Hybrid? Regardless of the deployment model, you likely have some key services and data spread across some combination of all of these, not to mention what is still on premises. How can your security team keep tabs on all of this? There needs to be uniform management, visibility and control of the various clouds or vulnerabilities and errors are going to put data at risk. Join Intel Security and (ISC)2 on June 16, 2016 at 1:00PM Eastern for a Roundtable discussion on this issue and how to manage your clouds.
  • Blinded By the Light - The Need for SSL Inspection in the Age of Enlightenment Recorded: May 26 2016 58 mins
    Greg Mayfield, Director, Product Marketing, Blue Coat; Spencer Wilcox, Excelon; Sammy Basu, Warner Bros. Entertainment Group;
    Starting in earnest after the "Snowden Revelations" 2013, more and more service providers such as Google, Yahoo and Amazon have been embracing SSL by default. Whether in search, cloud services or webmail access, these providers have been instrumental in their support of a more secure and obfuscated web. But what does that mean for the enterprise information security professional? While the providers have "seen the light", have we become blinded by it? To ensure the inspection and subsequent protection of data streams in and out of our organizations, we need the ability to inspect encrypted traffic for policy violations or other malicious activity while still ensuring multi- jurisdictional rights to privacy. Join Blue Coat and (ISC)2 on May 26, 2016 for a roundtable discussion exploring methods and mechanisms for addressing SSL inspections and the search for malicious activity.
  • The Only Constant is Change – GDPR and Data Privacy Recorded: Apr 14 2016 59 mins
    Ted Sherrill, Oracle; Graham Jackson, (ISC)2; Harvey Nusz, 4IT Security
    The General Data Protection Regulation (GDPR) is being instituted to improve data protection and privacy for individuals in the European Union (EU). Additionally, it addresses the export of data outside the EU, which will impact all multi-national businesses operating in the EU. Almost 3/4 of US Privacy professional believe that this is the most significate change to privacy regulations in the last 20 years. What should an organization be doing now to prepare for this new regulation to avoid non-compliance, fines and increased spending? Join Oracle and (ISC)2 on April 14, 2016 at 1:00PM Eastern for a discussion on this new regulation and how your organization could be impacted.
  • CISSPs: Information Security Isn’t Just Your Responsibility Recorded: Apr 4 2016 66 mins
    Steven Hernandez, CISSP, Vice Chair, (ISC)2 Board of Directors
    In this infosession (ISC)² Board of Directors, Vice Chair, Steven Hernandez, discusses the challenges that CISSPs are seeing in their workforce today and how creating a culture of security within your organization can help fill the cybersecurity workforce shortage.
Regular roundtable discussion on infosecurity topics
(ISC)2 hosts regular panel discussion on hot button infosecurity topics featuring thought leaders and visionaries from the industry.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: From the Trenches: Being Your Own "Expert Witness"
  • Live at: Mar 26 2015 5:00 pm
  • Presented by: Spencer Wilcox, CISSP, Excelon; Herbert Joe, Certified Forensics Consultant, Yonovitz & Joe, LLP; Andrew Neal, TransPerfect
  • From:
Your email has been sent.
or close