Name: Securing Your Open Source Assets
Start: 2015-06-04T17:00:00Z
End: 2015-06-04T17:58:57.000Z
Location: BrightTALK

(ISC)²  hosts regular panel discussions on hot button infosecurity topics featuring thought leaders and visionaries from the industry who answer questions from the audience.

Cloud computing is critical to most organizations around the world. Information security teams have reduced visibility and even fewer controls to deal with shadow IT and third party cloud risks at an enterprise-wide level. Advantages of cloud computing, like quick, low-cost and easy setup, end up creating problems for information security practitioners.
 
Join (ISC)² and Proofpoint on Thursday, May 12 at 1:00 p.m. Eastern / 10:00 a.m. Pacific to learn how to wrangle in all the shadow IT in your organization and get your cloud presence under control.

Extending Governance to Your First & Third Party Cloud Environments

The US Securities and Exchange Commission (SEC) proposed new rules to increase the transparency around cybersecurity incident reporting. Is the four-business day deadline to disclose certain incidents even possible? Coupled with new legislation mandating critical infrastructure operators disclose cyber attacks and ransomware payments, how do we shift our security programs? There are many more of these rules under discussion affecting companies across a wide spectrum of industries. How does the “ticking clock” impact an organization’s ability to effectively investigate an incident?

Join DomainTools and (ISC)2 on April 28, 2022 at 1:00 p.m. Eastern/10:00 a.m. Pacific for a round table discussion on these new regulations, their impact, and what may be coming in the future.

Can You Beat the Clock?: The New Regulations on Breach Notification Reporting

The Inside (ISC)2 webinar series gives attendees access to the leaders and decision makers within the association to hear the latest insights from the Board and executive levels, including a look at recent successes and plans for upcoming programs. Join (ISC)2 CEO Clar Rosso on April 27 at 1:00 p.m. EST as she is joined by Board Chairperson Zach Tudor, CISSP and (ISC)2 Chief Qualifications Officer Dr. Casey Marks, who will provide an update on the new entry-level cybersecurity certification pilot program as well as the online proctored CISSP exam pilot.

Inside (ISC)2: Quarterly Board Update and the Latest on Exams

Every company makes a huge investment in building and maintaining their brand. In some ways, the brand and brand reputation your company has can be more valuable than the data an organization holds, and that means it must be protected. Brand threats range from counterfeit goods, cybersquatting, and fake apps to hijacked domains used for phishing attacks. It’s a big job and not only is the infosecurity team involved, but you’ll also find that your legal team is needed to help control and mitigate these threats. Join DomainTools and (ISC)2 on March 1, 2022 at 1:00p.m. EST for a roundtable discussion on the threats to your brand and the actions you can take to protect it.

Defending the Brand

Enterprises are shifting left in the cloud by building security into workload and application code. It’s a smart first line of defense, but no code—no matter how secure—is bulletproof. That’s why enterprises are turning to east-west visibility and post-compromise threat detection as part of a defense-in-depth strategy. By identifying attack techniques like lateral movement and detecting advanced threats, you can reduce dwell time and mitigate the blast radius of ransomware, software supply chain attacks, and more.

Join ExtraHop and (ISC)² on March 24, 2022, for a panel discussion on the benefits of taking a defense-in-depth approach to cloud security built on east-west visibility and post-compromise detection.

Shifting Left Isn’t Enough: Own the East-West Corridor to Secure Your Cloud

The conflict between Russia and Ukraine is sending shockwaves throughout the world. Cybersecurity and privacy practitioners and departments are being impacted significantly by what’s happening. As the digital footprint fractures in the region with companies leaving and services pulling out, what does that mean for your organization? If you have operations in the region, how are you exfiltrating & protecting your data, when services are down or diminished and ensuring you are following the local laws on data preservation and handling? What about the threat landscape? What does it currently look like and how might that shift as the geopolitical circumstances change? What are you seeing as the immediate, mid term and long term impacts that you will have to cope with and plan for? Join (ISC)2 on March 23, 2022 at 10:00am Eastern for a discussion-based webcast examining these questions and exploring the “new normal” of how to approach risk management and security in this new global environment.

The Fallout: The Russia/Ukraine Conflict and Its Impact on Cybersecurity

The Inside (ISC)2 webinar series gives attendees access to the leaders and decision makers within the association to hear the latest insights from the Board and executive levels, including a look at recent successes and plans for upcoming programs. Join (ISC)2 CEO Clar Rosso on March 21, 2022 at 1:00p.m. EST as she is joined by Board Chairperson Zach Tudor, CISSP, and (ISC)2 CISO Jon France, CISSP, who will provide his perspective on some of the big news affecting the cybersecurity community, including the invasion of Ukraine, Log4j and emerging trends in 5G security.

Inside (ISC)2 Quarterly Board Update & Insights on Emerging Cybersecurity Issues

As we continue to embark on our multi-year DEI initiative, we’re excited to officially launch our new DEI webinar series. Throughout the year, we’ll feature inclusion-focused events to elevate diverse voices and perspectives within cyber, highlight best practices to build a more inclusive cyber profession and provide tools and strategies to help diverse professionals succeed.    

In celebrating Women’s History Month in March and to honor International Women’s Day our first webinar of 2022 will feature a panel of new women cyber professionals and young women leaders in cybersecurity as they discuss how they’ve broken through gender biases to forge their career paths, and how we can all help young women in the profession to succeed.

Tackling Gender Bias - The Young Women's Perspectives

It’s said that you can’t really test your security until you’ve been attacked or breached. Finding and remediating internal and external attack vectors before they are exploited can help to harden your defenses and shrink your attack surface. However, you also need to verify that your security fixes have solved the problem and not caused issues somewhere else. Join Horizon3.ai and (ISC)2 on January 13, 2022, at 1:00 p.m. Eastern/10:00 a.m. Pacific for a discussion on fortifying your security posture, making sure your remediation efforts are successful and the importance of measuring your security posture over time to report to the board and regulators.

Train like You Fight-Continuous Evaluation of Your Security Posture

In a previous (ISC)2 webcast, we had a speaker say that organizations should look at ransomware “as an inevitable event or incident”. Ransomware attacks not only hit companies financially, but can impact their data, access and operations. And it has a ripple effect as we’ve seen disruptions in supply lines for fuel, utilities, food supply and other supply chains. Organizations need to focus on not just their security and threat awareness for their employees and partners, but also building resiliency and reducing unnecessary access. Join ProofPoint and (ISC)2 on December 16, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific for a discussion on the seismic waves that can be generated from a ransomware attack, the resulting collateral damage and how to better defend your organization from such attacks.

Thinking Beyond Ransomware – It’s Not All About the Bitcoin

Enterprises both small and large continue to move to the cloud to accelerate digital transformation and achieve scale never before thought possible. At the same time, they struggle with enabling the right cloud security tools and strategies. For example, teams regularly report that they are challenged by disparate point solutions, operational complexity, and an incomplete view of cloud risk. On December 2, 2021 at 1:00 p.m. Eastern/ 10:00 a.m. Pacific, join Palo Alto and (ISC)2 for a discussion about the evolving cloud security landscape and solutions that are addressing these challenges head on.

Why You Need a Platform for Cloud Security Success

(ISC)² officially launched our Diversity, Equity and Inclusion (DEI) initiative at this year’s Security Congress event. The conference featured DEI keynote speaker Jane Frankland on the importance of women in cybersecurity, as well as breakout sessions in our InclusionREADY track. These sessions generated great conversations and we received many questions. We’re excited to continue the inclusion conversation on December 1, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as we address many of those questions with our panel.

Continuing the Inclusion Conversation: Your Security Congress Questions Answered

Despite the rise in threat hunting across organizations in nearly all industries, few understand how to not only build a threat hunting strategy, but how to then optimize and maximize its effectiveness. To do this, you must start with asking the question, “What defines success?” and “What metrics can you use to drive performance and report to leadership and stakeholders to illustrate whether or not the investment in threat hunting is worth it?” Join DomainTools and (ISC)2 on November 18, 2021 for a discussion on how to determine if threat hunting is something you should invest in, how to be effective in your threat hunting methodology and what metrics can be used to measure success when communicating up the chain.

Seek, Pursue, Contain: Effective Threat Hunting

Cybersecurity has never been easy, and as enterprises expand their footprints in the cloud, they often run into issues and friction that can weaken security and leave them vulnerable to advanced threats. Cloud environments are highly dynamic, and many security tools struggle to match the scale and elasticity the cloud provides. Security teams need to take a frictionless approach to regain the advantage over attackers. Join ExtraHop and (ISC)2 on October 7, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific for a discussion on the keys to securing your cloud environment and how the power of Network Detection and Response solutions can help you reclaim the upper hand in your cloud environments.

· Knowing your datasource
· Logs vs agents vs network packets
· Investigating and hunting threats
· Take advantage of the power of network forensics in the cloud
· Detect and immediately respond to advanced threats
· How to “break the ice" under attackers

The Keys to Start with To Secure Your Cloud

From ransomware to Business Email Compromise (BEC) adversaries are relying on phishing to take advantage of the increasingly distributed surface area defenders have to cover.  What are we missing when it comes to phishing, and what can we learn from how these campaigns are deployed in 2021? Join DomainTools and (ISC)2 on September 30, 2021 at 1:00 p.m./10:00 a.m. for a discussion on detecting attacks both in the wild and in your network.

Don’t Take the Bait! Defending Against Phishing and BEC Attacks

Clar Rosso, CEO of (ISC)2 shares her insights on what’s happening at our association. Join us for this quarterly update in which we cover the latest developments at (ISC)2, ranging from certification to member benefits, continuing education and events, to major milestones and achievements. On August 31, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific, Megan Gavin, Director of Events at (ISC)2 joins Clar to provide an overview of what to expect at this year’s annual Security Congress taking place this October 18-20, as well as the new global (ISC)2-hosted events being planned for 2022.

Inside (ISC)2: Updates on Global Events Program

For decades, perimeter-based security was the starting point for cybersecurity programs. But in today’s environment of cloud-based, mobile and remote work, that perimeter has all but dissolved. Insider risk and data loss prevention (DLP) are a top concern for organizations with a distributed workforce and increasing reliance on technology. Join Proofpoint and (ISC)2 on August 26, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as we explore how legacy approaches to information protection by building walls around critical data fails in today’s always-connected all-remote world. We’ll also discuss:

· Shortcomings (perhaps some horror stories) of legacy DLP approaches

· Actionable recommendations for protecting information in a borderless ecosystem

· Redefining your DLP strategy to amplify people and data protection through CASB, ITM, Social Media Content Capture, et al.

Redefining Modern Data Loss Prevention (DLP)

(ISC)² Board of Directors Chairperson, Zachary Tudor, CISSP and CEO Clar Rosso update members on accomplishments in Q3 of 2021 including the association’s strategic roadmap, new achievements and milestones, the latest on our certifications, new professional development opportunities, member offers and more. The Q3 2021 update includes membership milestones, association accreditations and new executive leadership focused on member benefits and advocacy. (ISC)² continues to concentrate on global diversity, equity and inclusion initiatives and examining the workforce gap.

Inside (ISC)² Quarterly Board Update, 2021 (Q3)

Open source software (OSS) has become pervasive in applications development and infrastructure alike. Indeed, enterprise deployment of OSS has doubled since 2010, and today 8 in 10 organizations report running their businesses on OSS. With broader deployment, both technology companies and enterprise IT have gained comfort with integrating and deploying OSS. At the same time, of the 8000-9000 IT security vulnerabilities catalogued annually, approximately 40% target open source code. The extent of this threat is underscored by critical vulnerabilities like Heartbleed, Poodle, Logjam and Venom.  Join (ISC)2 and Black Duck Software on June 4, 2015 at 1:00PM Eastern for a discussion of the state of open source software security and the best ways keep your open-source based applications and infrastructure safe.

Securing Your Open Source Assets

Heartbleed

poodle

(isc)2

open source

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Health IT

The research and development community on BrightTALK brings together leading professionals in healthcare, technology and manufacturing to present on current topics in their fields. From big data in healthcare to online forensics training and medical research practices, the community is an exceptional resource for those looking to expand their knowledge. Be part of the conversation by joining the community and participating in interactive live webinars.

Securing Your Open Source Assets

Presented by

About this talk

More from this channel