The Need for Speed: Hitting The Afterburners on Detection and Investigation
Detecting and investigating malicious or unintentional activity is a time consuming effort and an inefficient use of our limited resources. All too frequently, we discover something is amiss and realize that problem has existed for a long time, yet it's just come to your attention. How can an organization increase the speed of detection of malicious activity? Can detection and investigation processes benefit from "hitting the afterburners"? Join RSA Security and (ISC)2 on June 30, 2016 at 1:00PM Eastern for a discussion on detection and investigation visibility and what to leverage to make threat detection effective.
RecordedJun 30 201661 mins
Your place is confirmed, we'll send you email reminders
Ron Nevo, CTO, cPacket Networks; Brandon Dunlap (Moderator)
Ferris Bueller famously said, “Life moves pretty fast. If you don’t stop to look around once in a while, you could miss it.” With complex data flows now reaching speeds 100G, what are your security tools missing? Can they handle the increased volume of information that’s coming in? By making use of packet brokers, you can get the visibility you need and not miss out on life. Join cPacket Networks and (ISC)2 on March 14, 2019 at 1:00PM for a discussion on packet brokering visibility across the network, the need for pre-egress filtering and how the convergence of NetOps and SecOps can help protect your company’s top-line revenue and productivity.
Shimon Oren, Deep Instinct; Jared Peck, Financial Services; Rob Armstrong; Colossal Technologies, LLC; B. Dunlap (Moderator)
Cyber-attacks and the threat actors behind them are becoming more and more sophisticated. Today’s attackers adopt existing techniques, modify them and develop new capabilities much faster than ever before. This translates not only to more attacks, but also to a bigger share of attacks which are highly evasive and stealthy, and inevitably more challenging to prevent or detect over-time. How does an organization stay up-to-speed with the varied attacks that are aimed at them? Join Deep Instinct and (ISC)2 on February 14, 2019 at 1:00PM Eastern when we’ll review several common and emerging evasion techniques in today’s threat-landscape and discuss the best avenues to counter them in terms of technology and cost-effectiveness.
Tarik Saleh, Snr Sec Engnr, DomainTools; John Carnes, Info Sec Healthcare; Aamir Lakhani, Sen Sec Strat & Rsrchr; Dr. Chaos
Scam and Phishing emails continue to put organizations of all sizes at risk. A favored vector of attack is the use of a malicious Office document attachment or PDFs to gain a foothold into a targeted system. These types of threats can put account credentials, financial, healthcare information, and other highly sensitive data at risk. How can an organization defend against the onslaught of such attacks that continue to plague them unabated? Join DomainTools and (ISC)2 on January 31, 2019 at 1:00 PM Eastern for a roundtable discussion on mitigating the prevalence and distribution of malicious documents and their payload.
Josh Bartolomie, Dir, Res & Dev, Cofense; Sharon Smith, Fndr, C-Suite Results; Theresa Frommel, Act Dep CISO, State of MO
Process automation delivers a lot of promises. A car can be assembled in less than a day and vegetables can go from vine to can in hours. Sensors look for obvious flaws, but at points in the production process there is human oversight in the form of quality control. The same holds true for protecting against phishing threats. Automation can help weed out some of the bad stuff, but bad actors and new threats constantly outsmart the latest sensors. Join Cofense and (ISC)2 on January 17, 2019 at 1:00PM Eastern for a panel discussion examining strategies on how to enable your workforce to be quality control when it comes to malicious emails to know when something isn’t right and what to do when they see something.
John MacInnis, Prd Mktg Mgr, IAMS, HID Global; Tariq Shaikh, Sr. Security Adv., IAM, Aetna; Erik Von Geldern, CISO, FXCM
With the multiple points of access to an organization, both internal and external, as well as physical and electronic, identity and access control is a critical security concern. Practitioners need to constantly monitor and assess the organization’s security posture, access provisioning and even the on boarding of employees, partners and customers. Join HID Global and (ISC)2 at 1:00pm Eastern Thursday, December 6, 2018 for a discussion on why identity has become the center of security and how to better manage identity, access management and authentication in your enterprise.
Jason Garbis, VP of Cyb. Products, Cyxtera; Mike Brannon, Dir. Infra. & Sec., National Gypsum; Spencer Wilcox, B. Dunlap
Like a good rollercoaster, a journey to the cloud can be both exhilarating and terrifying. Unlike a rollercoaster, however, a cloud journey is a long-term commitment and requires thoughtful planning, especially the need to ensure security and compliance controls. Join Cyxtera and (ISC)2 on November 29, 2018 at 1:00PM Eastern for a discussion on making a secure journey to the Cloud and the benefits of a software-defined perimeter.
Matt Gardiner, Dir. Prd Mkg, Mimecast; Derrick Butts, CIO/CO, Truth Init.; Bruce Beam, Dir Infr & Sec (ISC)²; Brandon Dunlap
According to the Verizon Data Breach Investigations Report 2018, 99% of malware, such as ransomware, trojans, and RATs, were delivered via malicious email attachments or via the web. With the vast majority of all security incidents and breaches using email and the web -- and the necessity of these services to your organization’s day-to-day operations -- how can you protect yourself? What are the best practices for defending against these types of threats? What are the best methods of acquiring, deploying and managing these protections? Join Mimecast and (ISC)2 on November 8, 2018 at 1:00PM Eastern for a discussion of these questions and the methods attackers are currently using to accomplish their goals, how attackers are using email and the web against organizations, why email and web security should be considered together and the benefits of cloud delivered security solutions, including improved security efficacy and reduction in overall costs.
Jadee Hanson, CISO, Code42; Andrew Neal, Pres; InfoSec/Compliance, TransPerfect; Greg Braunton, Catholic Health Initiatives
As the time and complexity associated with incident investigations increase, response times become more critical. The longer detection and remediation take, the higher the cost to the business and the greater the risk of a cyberattack expanding across the organization. Organizations have to react with speed and precision. How can an organization reduce the time and effort it takes to investigate and resolve an incident successfully? Join Code42 and (ISC)2 on October 25, 2018 at 1:00PM Eastern for a roundtable discussion on why time matters when conducting an investigation, where gaps may be in the incident response process and how to get the most out of your investigation and response efforts.
It’s no secret that limited visibility into user actions keeps cybersecurity professionals up at night. The right level of visibility into user action and access can produce positive insights that enable business results. Additionally, indicators of out of policy activities can stop an insider threat before it becomes a full-blown incident. Research from The Ponemon Institute showed that financial services institutions faced the highest insider threat costs of any other industry (at $12.05 million annually) -- a very concrete reason to address an otherwise invisible problem. Join ObserveIT and (ISC)2 on September 13, 2018 at 1:00PM Eastern for a roundtable discussion on insider threats including the most important components to gaining full cyber visibility: user activity, data activity, and analytics, best practices for managing insider threats and the key question organizations should be asking to mitigate insider threats.
Tim Helming, Director of Product Management, DomainTools; Aamir Lakhani; Andrew Neal, TransPerfect; B Dunlap (Moderator)
While the tools, techniques and procedures that threat actors employ are evolving, these threat actors often take the shortcut of reusing code and files on multiple domains (because it’s easier than setting different ones up each time). It’s these “tells” and habits that can help an organization more quickly identify and deal with a threat, by examining and pivoting through related infrastructure. Join DomainTools and (ISC)2 on August 30, 2018 at 1:00PM Eastern as we learn how to identify these pieces of evidence and how the threat intelligence space is changing, as well as what techniques security practitioners can learn and employ to stay ahead of threat actors.
Sharon Smith, Founder & Princ Consultant, C-Suite Results; Rob Ayoub, Program Dir, IDC; Derrick Butts, Truth Initiative
(ISC)2 will hold its Security Congress 2018 in New Orleans, Oct. 8 – 10. This conference will bring together 2000+ attendees and more than 100 educational sessions. One of the 13 tracks at the conference will focus on Professional Development and the challenges practitioners face advancing their careers, and staying ahead of the latest best practices and strategies with ongoing education. On Aug. 21, 2018 at 1 p.m. Eastern, join (ISC)2 and several speakers who’ll be presenting in the Professional Development track at Security Congress as we preview their sessions and discuss why professional development is so critical to advancing a career and knowledge.
Ken Wilson, Dir, Sales Central U.S., Skybox, Michael Roling, CISO, State of MO; Curtis Dukes, CIS; Brandon Dunlap (Moderator)
Security automation technologies can help drive improvements in managing security policies, including their implementation in firewalls and other network devices. However, whether you’re struggling with continuous compliance, auditing and reporting or managing firewall changes, deciding what to automate can be challenging. Join Skybox Security and (ISC)2 on August 16, 2018 at 1:00PM Eastern for a discussion where we’ll examine which automated processes in security policy management deliver the biggest rewards while introducing the least risk to your organization. Areas to be examined include why automation, visibility and context should be the indivisible, foundational components of any security policy management solution, which processes in security policy management are ripe for automation and where human intervention is still valuable. We’ll also explore how to educate security stakeholders in your organization on what’s needed to make automation initiatives a success.
Jeff Costlow, Dir of Security, ExtraHop; Kristy Westphal, VP, MUFG Union Bank; Melissa Duncan, Sr Sys Sec Eng, Charles Schwab
They say “Packets don’t lie”. Instead of waiting to respond to incidents and anomalies, SecOps teams are using the network to enable proactive measures such as threat hunting, auditing encryption and other suspicious and out-of-policy behaviors existing in the dark alleys of the traffic corridor. Real time network traffic analytics (NTA) tools can help an organization shift from defensive to offensive and cut investigation time, enabling analysts to quickly correlate activities and test hypotheses. Join ExtraHop and (ISC)2 on August 2, 2018 at 1:00PM Eastern as we discuss proactive measures that can work for an organization, what activities to look for and how machine learning can help speed up these efforts.
Mike Brannon, Dir, Infrastructure & Security, National Gypsum; Tim Sills,Accudata; Tyler Smith, IT Analyst, John Deere
(ISC)2 will hold its Security Congress 2018 in New Orleans, LA, October 8th – 10th. This conference will bring together 2000+ attendees and over 100 educational sessions. One of the 13 tracks that are being offered with focus on Cloud Security and challenges practitioners face when dealing with all things cloud. On July 24, 2018 at 1:00PM Eastern, join (ISC)2 and several of the speakers who’ll be presenting in the Cloud track as we preview their sessions, get an idea of what will be discussed and discuss the state of cloud security today.
Human error. Unintentional security incident. It’s going to happen at every organization. Sooner or later, someone will click on a rogue link or open an attachment they shouldn’t, exposing your organization to malware, phishing and ransomware. Old-school training, testing and policies can only go so far. Actions need to replace rhetoric. Join KnowBe4 and (ISC)2 on July 19, 2018 at 1:00PM Eastern for a discussion on how to build a security-centric culture than can benefit any size organization. We’ll examine how to establish a solid foundation, making sure everyone is on the same page and leveraging leadership to help with accountability.
Wesley Simpson, (ISC)² COO, Mirtha Collin, (ISC)² Sr. Ed. & Training Mgr., Michelle Schweitz, (ISC)² Media Mgr.
(ISC)² is committed to delivering value to our members, providing a transparent view of the organization’s developments and plans for the future. To that end, please join (ISC)² for a virtual Town Hall meeting on July 17, 2018 at 1:00PM Eastern to review many of our new member benefits, service offerings and look at what is still to come in 2018, including enriching professional development opportunities, Security Congress and more. Members and non members alike will enjoy the opportunity to learn how (ISC)² is delivering on its value promise.
Chris McCormack, Sen Prod Mgr, Sophos; Bruce Beam, Dir, TPO, (ISC)2; Brandon Dunlap, Moderator
Your network firewall isn’t being honest with you. According to a recent survey conducted by Sophos that gathered responses from 2,700 IT managers at mid-sized organization, network firewalls can’t disclose what up to 45% of the bandwidth is being consumed by. Additionally, they are failing to protect the organizations they are deployed in and this inefficiency is costing time and money. Why is this happening? What can be done to correct it? Join Sophos and (ISC)2 on June 14, 2018 at 12:00PM Eastern for a wide ranging discussion about this survey, the results and what can be done to get the best information and performance from your network firewall.
David Shearer, CEO, (ISC)2; Jim Reavis, CEO, CSA; Kevin Jackson, GovCloudNetwork ; Rich Mogull, Securosis; B. Dunlap (Mod)
Certain things go together to make the sum of their parts that much better. Peanut Butter and Jelly. Lennon and McCartney. Batman and Robin. In the ever-changing world of the cloud, cyber security professionals need continuous training and certifications to stay up-to-speed and pairing (ISC)2’s CCSP (Certified Cloud Security Professional) with CSA’s CCSK (Certificate of Cloud Security Knowledge) can put any cyber security practitioner ahead in terms of knowledge, skills and job opportunities. On June 12, 2018 at 1:00PM Eastern, join David Shearer, (ISC)2’s CEO and Jim Reavis, CSA’s CEO, along with other subject matter expects as we explore the differences between each program, the training options available for each, and how these programs are synergistic in nature and together were designed to build on one another.
Markus Jakobsson, Chief Scientist, Agari; John Carnes, Anthem; Terry Zink, Microsoft; Brandon Dunlap (Moderator)
Targeted email attacks continue to escalate as organizations deal with increasing numbers of phishing, spear phishing and ransomware attempts. But another attack vector, Account Takeovers (ATO), is affecting 44% of organizations (source: Agari research) and is posing a significant risk. This silent invasion occurs when a cybercriminal gains unauthorized access to a trusted email accounts to launch additional attacks that compromise various areas of an organization (such as gaining access to financial information, PII or enabling a larger data breach). How does an organization go about identifying such attacks, mitigating them and ensuring they don’t occur in the future? Join Agari and (ISC)2 on May 10, 2018 at 1:00PM Eastern for a discussion on Account Takeover attacks and what you can do to defend against them.
Chris Witter, Sen Mgr, Falcon Overwatch; Aamir Lakhani, Dr. Chaos; Tom Gorup, Rook Security; Brandon Dunlap (Moderator)
Organizations of all sizes continue to be targets of cyber criminals and the threats that they present. However, some organizations are taking a proactive approach and are hunting for these threats. But what exactly is “threat hunting"? How does it fit into the SOC? Should my organization be threat hunting? How could it help us? Do I leverage oustide expertise to augment my staff? Join Crowdstrike and (ISC)2 on March 15, 2018 at 1:00PM Eastern to learn how to go from being a guppy to a shark by exploring these questions and an examine the resources needed to threat hunt and the tools that can be employed to be successful.
The Need for Speed: Hitting The Afterburners on Detection and InvestigationJohn Carnes, Anthem; Terry Olaes; Rob Ayoub, IDC; Brandon Dunlap, Brightfly[[ webcastStartDate * 1000 | amDateFormat: 'MMM D YYYY h:mm a' ]]61 mins