Hi [[ session.user.profile.firstName ]]

A private industry-public sector partnership to secure Cyberspace

Learn from Government and Industry how a new approach to establishing, maintaining and improving trust, visibility and resilience of critical IT infrastructure is a must for continuity of government and economic success. What kind of programs and efforts are being offered by the government and how can private organizations benefit from and participate with them? Conversely, how can Government learn from the private sector? For instance, Is cloud based security a reality? (ISC)2 together with Cisco invite you to our next ThinkTank Roundtable webinar where we will discuss these topics and more on November 16, 2010 at 12:00pm Eastern time.
Recorded Nov 16 2010 62 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Chris Coleman, Cisco; Marc Noble, (ISC)2; ; Dr. Ron Ross, NIST; Dan Waddell, Deloitte & Touche, LLC
Presentation preview: A private industry-public sector partnership to secure Cyberspace

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Time to Adapt – Integrating SecOps and NetOps Jun 25 2020 5:00 pm UTC 60 mins
    Matt Cauthorn, VP Cyb. Engineering, ExtraHop; Brandon Dunlap, Moderator
    We know that integrating security operations (SecOps) and network operations (NetOps) teams can lead to faster response and improved productivity. And in the current situation we find ourselves (with budgets slashed and personnel laid off or furloughed), collaboration and shared visibility between the two teams can help IT and cybersecurity organizations adapt to changing requirements. Integrating the two operations can help you eliminate redundant tools, break down data silos, streamline processes, and optimize your budget. Join Extrahop and (ISC)2 on June 25, 2020 at 1:00PM Eastern for a discussion on why now is a great time to tackle this challenge and how you can go about doing so.
  • Automation or Hesitation? Recorded: May 28 2020 58 mins
    Dave Pack, SVP, Customer Exp, Swimlane; Alan Rynarzewski, Faculty, Purdue Global Uni.; Kristy Westphal, VP, MUFG Union Bank
    Many organizations are leaning into automation of key security processes such as threat detection, response speed and supplementing the human workforce. But is automation the panacea and the right fit for your environment?Planning for the introduction of automation into the security infrastructure needs to be considered carefully. For example, you don’t want to automate a broken process. You don’t want your automation to be redundant with duties that are already being done (and done effectively). Join Swimlane and (ISC)2 on May 28, 2020 at 1:00PM Eastern for a discussion on security orchestration,automation and response, what the “low hanging fruit” may be to target for automation and how to make sure the introduction of automation goes smoothly at your organization.
  • Continuing the Conversation: What We’ve Learned From the COVID-19 Outbreak Recorded: May 19 2020 62 mins
    John Carnes, Erik von Geldern, Kris Rosson, Brandon Dunlap, Moderator
    On April 28, 2020, (ISC)2 hosted a diverse panel of cybersecurity professionals who discussed the impact the COVID-19 pandemic has had on their IT operations and cybersecurity teams. The first webcast, in this series, generated a great deal of interest, discussion and questions from the audience. We will continue the conversation on May 19, 2020 to tackle the questions and discussions that continue to be raised during this ongoing crisis. This second webcast will be devoted to the economic impact (budgets slashed with no revenue coming in) due to the shutdown caused by COVID-19. In addition, we’ll discuss what re-opening an office may look like and how the current situation affects individuals both physically and emotionally. Join the conversation to share your thoughts and gain insight into how your team can continue to handle this changing situation.
  • Protect Your Plumbing-Securing Your DNS Architecture Recorded: Apr 30 2020 60 mins
    Chad Anderson, DomainTools; Dan York, Internet Society; Dave Lawrence; Brandon Dunlap (Moderator)
    The Domain Name System (DNS) is a foundational pillar of the Internet. Nearly every bit of traffic has its origin in a DNS query and as such DNS remains a critical source for information and insights into the operation of the Internet and of attackers. The flexibility and redundancy of DNS has been used in numerous ways from building out CDNs to reflective DNS attacks. Hidden inside all of this data lies crucial evidence that can be used for network defense and investigations. Join DomainTools and (ISC)2 April 30, 2020 at 1:00PM Eastern for a discussion on DNS security, monitoring, and the attacks that target DNS.
  • Gamechanger! What We’ve Learned (So Far) from the COVID-19 Outbreak Recorded: Apr 28 2020 62 mins
    John Carnes, Erik von Geldern, Kris Rosson, Brandon Dunlap, Moderator
    The world seemingly changed overnight. Offices and business shut down. Stay-at-home orders. A remote workforce appearing out of nowhere needing equipment and support. Cybersecurity professionals are facing challenges and situations none would have dreamed about even 90 days ago. Join (ISC)2 on Tuesday, April 28, 2020 at 1:00PM Eastern for a panel discussion examining what security practitioners are experiencing during the COVID-19 health crisis. The webcast will include results from an (ISC)2 pulse survey that asked cybersecurity professionals to share how their jobs have been impacted, issues faced securing a "work from home" workforce and more. Panelists will share the challenges they face, what lessons have been learned and the “sliver-lining” they may have discovered as they and their teams jumped into the unknown and transformed their operations in response.
  • Office Shutdown: Securing an Increased Remote Workforce Recorded: Apr 16 2020 64 mins
    John Smith, ExtraHop; Glenn Leifheit, Microsoft; Tim Campo, (ISC)2; Diane Brown, Ulta; Brandon Dunlap (Moderator)
    The COVID-19 virus outbreak has put immense pressure on IT organizations who now need to scale remote access quickly to thousands of users working from home. Many organizations did not have a plan in place for this and are doing the best they can. Many remote workers haven’t been issued laptops or are using unmanaged devices that may not have adequate protections. Some companies are running into licensing issues for things like their VPN connections. Join ExtraHop and (ISC)2 on April 16, 2020 at 1:00PM Eastern for a timely discussion on how you can deal with performance and security implications of this shift and receive tips and best practices on how to deal with the situation we find ourselves in.
  • Forging an Effective Insider Threat Management Program Recorded: Apr 2 2020 62 mins
    Sai Chavali, Senior Prod Mktrg Mgr, ObserveIT; Nick Cavalancia, Fndr & Chief Techvangelist; Michael Weisberg
    Playing defense against the myriad of outside threats that an organization needs to worry about can take all the attention of a cybersecurity team. But it’s critical that they don’t lose sight of the threat that insiders – employees, contractors, partners and business associates can bring to bear. Often time, these parties need legitimate access to systems within the enterprise, but that access can carry significant risk. Taking a proactive approach to detecting risky user behaviour, protecting against data exfiltration and accelerating the investigation time of insider-led data breaches is critical. The development of an Insider threat management program to manage such functions can help an organization get visibility into the problem and streamline these efforts. But where does an organization start when building such a program? What underpinnings need to be in place in order to have success with a program? Is the risk worth the investment? Join Proofpoint and (ISC)2 on April 2,2020 at 1:00PM Eastern for a discussion on how to build an effective insider threat program.
  • Diversity, Equity and Inclusion: Create a Winning Security Company Culture Recorded: Mar 5 2020 57 mins
    Jennifer Steffens, Ericka Chickowski, Jennifer Minella, Karen Worstell, Manju Mude,
    The conversation around diversity in security and closing the massive workforce gap with more women is nothing new. It is common knowledge that security is a male-dominated field with women making up only 11% to 24% of cybersecurity jobs, depending on which study you read. At this point, diversity must be a way of life, so we need to move the conversation forward to focus less on recruitment of diverse teams and more on building a culture of inclusion at micro and macro levels. Building a company culture that supports mentorship programs, career building, employee training and more will open up new doors for both a happier workforce and lower turnover employee rate.
  • Using MITRE ATT&CK In Cloud and Hybrid Environments Recorded: Mar 5 2020 59 mins
    Vince Stross, Princ. Security SE, ExtraHop; Blake Strom, ATT&CK Leader, MITRE; Chip Wagner, Cybersecurity Leader, IBM
    The MITRE ATT&CK Framework provides an excellent structure for security professionals to identify the strengths and gaps in their ability to detect attacker tactics, techniques, and procedures (TTPs) in the environment. The framework is applicable for cloud, on-premises, and hybrid environments. Join ExtraHop and (ISC)² on March 5, 2020 at 1:00PM Eastern for a discussion on the MITRE ATT&CK Framework as we look at:

    • How to get the most value from the MITRE ATT&CK Framework in a hybrid environment

    • How upcoming changes in MITRE ATT&CK may affect utilization of the framework by SecOps teams

    • How MITRE ATT&CK fits into an overall framework-driven strategy for improving detection coverage and security maturity in hybrid enterprises of all sizes.
  • The Blame Game: Does Attribution Matter? Recorded: Feb 6 2020 58 mins
    John McClurg, Senior VP & CISO, BlackBerry; John McCumber; Matt Waddell; Brandon Dunlap (Moderator)
    You’ve been attacked and you’re defending your organization against the intrusion. Do you need to know who’s behind the attack, and why they’re targeting you? here have always been two schools of thought in response to this question. One school of thought believes that attributing the attack to a threat actor, i.e. attribution, is less important than figuring out how your defenses failed and focusing your efforts on mitigating the attack. The other school believes that identifying who the attackers are can help to inform the way an organization protects against such incidents. In the current geopolitical context, have the tides turned in favor of one or the other approach as the global security community grapples with an increasing volume of state-sponsored attacks? Is how the better question than who? Join BlackBerry Cylance and (ISC)2 on February 6, 2020 at 1:00PM Eastern for a discussion on attribution. We’ll debate the merits of both schools of thought and examine the possible costs and advantages of each approach.
  • Walking on the Wild Side: Exploring the Attacker Underground Recorded: Jan 30 2020 57 mins
    Tarik Saleh, DomainTools; Aamir Lakhani; Ju-Lie McReynolds; Brandon Dunlap, Moderator
    You don’t have to visit the dark web to find a black market where attackers and other bad actors trade information and can acquire tools & services that they can use to compromise your organization. Examples include things like Packer services (crypters, binders and packers), Malware services (RATs and silent doc kits) and Infrastructure services (such as VPSs, Domains and Shells). Join Domain Tools and (ISC)2 on Thursday, January 30, 2020 at 1:00PM Eastern for a discussion of attacker underground economy, how attackers see success with these tools and services and what defenders need to know to combat these threats.
  • Hijacked! The Perils of Business Email Compromise Recorded: Jan 16 2020 59 mins
    Ryan Terry, ProofPoint; Derrick Butts, Truth Initiative; Michael Weisberg, Garnet River, LLC; Brandon Dunlap (Moderator)
    According to the FBI’s Internet Crime Complaint Center, Business Email Compromise (BEC) resulted in more than $26 Billion in losses since 2016. Bad actors impersonating or using stolen trusted identities use a variety of attack vectors to defraud targets out of money and sensitive information. The problem is only getting worse, as these attacks are increasing due to a larger attack surface and the ability to move quickly through an organization. Detection can be difficult. What can be done to combat this fast growing and moving threat? Join ProofPoint and (ISC)2 on January 16, 2020 at 1PM Eastern for a Roundtable discussion on BEC, the threats it poses and strategies to defend against it.
  • All Together Now – Using Security Orchestration for Better Incident Response Recorded: Dec 19 2019 60 mins
    Nick Tausek, Security Research Engineer, Swimlane; Nate Zahedi; Lucie Hayward; Anne Saita, Moderator
    Most security departments suffer from the same issue – too many security alarms and not enough personnel to deal with them. Security Orchestration, Automation and Response (SOAR) can help by integrating your disparate tools and using modular workflows and playbooks to make incident response more effective by replacing the manual process. In many cases, the faster you respond and mitigate, the better your security posture. Join Swimlane and (ISC)2 on December 19, 2019 at 1:00PM Eastern for a discussion on SOAR and automated incident response and how this proactive approach can improve your security.
  • Hoodwinked! Why Users are the Preferred Target for Attackers Recorded: Nov 21 2019 60 mins
    Mark Guntrip, Group Prod. Mktg Director, ProofPoint; Chrysa Freeman, Sec Awareness Mgr., Code42; Charles Gaughf, (ISC)²;
    Manipulation of human beings has been going on since the dawn of time. With the multiple channels and speed that information and data are arriving to every individual, the opportunity to be manipulated or “conned” is at an all-time high. With the continued diligence in hardening system, the attackers have moved to the softer targets, the “human element”. But an educated and aware user is a resilient target. What can an organization due to better harden their users and make them aware of the myriad threats that target them? Join Proofpoint and (ISC)2 on November 21, 2019 at 10:00 AM PST/1:00 PM EST for a panel discussion on how to better defend against threat actors with a cybersecurity strategy that's focused on your organization's most valuable assets: your people.
  • Not Just Another Acronym: The Resurgence of PKI Recorded: Nov 14 2019 61 mins
    Chris Hickman, CSO, Keyfactor; Dallas Bishoff, Managing Partner, MANUS360; Scott Stephenson; Sen Mgr & PKI Architect
    Public key infrastructure (PKI) has been a core building block of IT for more than two decades. Whether it is securing a network, sensitive data, or a growing number of API connected services, IT leaders have turned to PKI as a proven technology to establish trust in their business. Yet, despite vast coverage that spans across the enterprise today, most IT and security leaders do not fully understand why PKI has become so critical to protecting their business. Additionally, the emergence of IoT in the enterprise has created its own challenges. Join Keyfactor and (ISC)2 November 14, 2019 at 1:00PM Eastern/10:00AM Pacific for a discussion on the increasingly important role of PKI in the enterprise, how it has evolved, and why getting it right can make the difference between a highly secure environment and a serious breach.
  • Nice to Have or Have to Have? The Case for Cyber Insurance Recorded: Oct 10 2019 59 mins
    John Smith, Prin. Sec. Engr, ExtraHop; Sean Scranton, RLI Cyber; William Boeck, Lockton; Brandon Dunlap, Moderator
    More and more companies are offering cyber insurance policies to help mitigate the financial losses an organization might suffer from a cyber incident. With the increase in breaches, intrusions and ransomware incidents, cyber insurance could be right for your organization as a part of the risk mitigation strategy. But there’s a lot of confusion for organizations in determining what a company’s exposure is and what exceptions and exclusions might be in a policy. Organizations are almost forced to think like an underwriter to address these concerns. Join ExtraHop and (ISC)2 October 10, 2019 at 1PM Eastern for a discussion on cyber insurance, demystifying the current insurance landscape and what are the right questions to answer.
  • Bothersome Bots: Dealing with the Swarm Recorded: Sep 26 2019 59 mins
    Joe Martin, F5; Xena Olsen; Kevin Mcnamee, Nokia; Brandon Dunlap (Moderator)
    Automation has brought great advances to computing. But automation has also brought forth the bot. While some bots are beneficial, being able to determine the difference between humans, good bots and bat bots has become extremely difficult. Bot creators are making their creations more sophisticated and with bots making up most of the traffic on the internet, the identification of malicious bots and the defense against them is becoming critical for organizations of all sizes. Join F5 and (ISC)2 on September 26, 2019 at 1:00PM Eastern for a discussion on the application threats driven by bots, how they infect an enterprise and the role an advanced web application firewall can play in defending an organization.
  • Hardening Office 365’s Email for Better Security & Availability Recorded: Sep 19 2019 56 mins
    Matthew Gardiner, Dir. Enterprise Sec. Campaigns, Mimecast; Bruce Beam, CIO, (ISC)²; Tina Meeker, Beacon Infosecurity;
    Organizations of all sizes are accelerating their move to the cloud and are shifting critical applications such as email to Office 365 as a first step. The security and resilience of such a critical application is paramount for an organization’s communications, data availability, and governance strategies. Organizations experience a significant productively hit when their email or email-based data becomes unavailable. And of course, there are no shortage of phishing attacks which leverage email and target Office 365. How can you ensure the security and availability of Office 365’s email and better defend against those threats that can bring it down? What role does awareness play in securing the organization? Join Mimecast and (ISC)2 on Thursday, September 19, 2019 at 1PM Eastern for a discussion on the topic of security and availability, as well as strategies for moving such applications to the cloud more easily and securely.
  • The Power of 2: How Automated Threat Hunting & ATT&CK Can Work Together Recorded: Aug 15 2019 59 mins
    Jason Bevis, VP Global Threat Hunting, Cylance; Alex Holden, CISO/Pres, Hold Security, Chip Wagner, Sec Analytics, IBM
    Many organizations are so busy responding to and remediating indents that they don’t have the time, resources or framework for being proactive and searching for these threats. Automation (artificial intelligence or machine learning) can provide actionable intelligence quickly without being a resource drain. Pairing automation with a threat hunting framework like the MITRE ATT&CK can help to build an overarching strategy for addressing this critical area. Join BlackBerry Cylance and (ISC)² on August 15, 2019 at 1:00PM Eastern for a discussion on how to better and more quickly identify malicious behaviors and how a model of continuous improvement can benefit an organization.
  • Want to be a Better Blue Teamer? Think Like an Attacker! Recorded: Jul 25 2019 59 mins
    Tarik Saleh, DomainTools; Rob Armstrong, Mathan Cyber Security, LLC; Keith Young, Mont. Co., MD; Brandon Dunlap, Moderator
    “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.”
    – Sun Tzu.

    The ability to understand your adversary is always a good skill for any security practitioner to have. But beyond understanding, one really needs to know how an attacker thinks. This enables better defense and cooperation between “Blue Teams” and “Red Teams”. Join DomainTools and (ISC)² on July 25, 2019 at 1:00PM Eastern for a discussion on defense and protection, how an attacker thinks and goes about breaching your enterprise, and the trend in “Purple Teaming”.
Regular roundtable discussions on a variety of infosecurity topics.
(ISC)2 hosts regular panel discussions on hot button infosecurity topics featuring thought leaders and visionaries from the industry who answer questions from the audience.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: A private industry-public sector partnership to secure Cyberspace
  • Live at: Nov 16 2010 5:00 pm
  • Presented by: Chris Coleman, Cisco; Marc Noble, (ISC)2; ; Dr. Ron Ross, NIST; Dan Waddell, Deloitte & Touche, LLC
  • From:
Your email has been sent.
or close