Name: Open Source: Assessing and Managing External Code in Application Development
Start: 2011-12-15T17:00:00Z
End: 2011-12-15T17:59:15.000Z
Location: BrightTALK
Rating: 3.73

(ISC)²  hosts regular panel discussions on hot button infosecurity topics featuring thought leaders and visionaries from the industry who answer questions from the audience.

(ISC)² CEO Clar Rosso will provide strategic updates for our association, including recent accomplishments and milestones, as well as what members can expect in 2023 and beyond.
Bring your questions — a panel of representatives from the (ISC)² Board of Directors and management will answer inquiries about our association, membership, certifications and workforce trends, as well as the current issues and challenges facing cybersecurity.

(ISC)² Security Congress 2022 Town Hall

The 2022 Verizon Data Breach Investigation Report showed that supply chain was responsible for 62% of System Intrusion incidents in the past year. For cyberattackers, using the software supply chain is increasingly successful and popular, since it reduces the likelihood of detection and delivers privileged access into many targets at once. Incident responders can see major improvements by focusing on network activity. 

On September 1, 2022 at 1:00 p.m. Eastern/10:00 a.m. Pacific, ExtraHop and (ISC)² host a panel that will discuss how to intercept software supply chain attacker strategies, using recent and historical examples as a foundation. Join us to hear this timely discussion.

Ghosts in the Software Supply Chain: How To Stop Stealthy Cyberattacks

After two years of virtual events, (ISC)² is excited to be back in person for our upcoming Security Congress conference. Join us for this webinar to learn everything you need to know about the upcoming event, taking place at Caesars Palace in Las Vegas, Nevada October 10-12. Hear from (ISC)² staff on what you can expect from the year’s best opportunity to earn CPE credits, network with colleagues, learn from experts and hear from dynamic keynote speakers.
 
(ISC)² Security Congress will also be available for virtual registration as well, so if you’re not able to join us in Las Vegas, you can still learn and connect from home! Be sure to join us live to ask your questions about the conference and engage with (ISC)² leadership.

Face to Face Again! Preview for (ISC)² Security Congress - October in Las Vegas

Lifting and shifting workloads to the cloud without tooling changes is a losing proposition. Traditional tools and processes fail, don’t provide adequate visibility, or don’t provide appropriate cloud and workload context. And there’s the agent-based vs. agentless debate. It’s no wonder security teams can feel overwhelmed as they struggle to implement a solution that affords timely, reliable, and comprehensive security outcomes. Implementing a combination of agent-based and agentless cloud-native security tooling, an approach that provides outcomes far superior than either solution on its own.
 
On August 4, 2022 at 1:00 p.m. Eastern/10:00 a.m. Pacific Sysdig and (ISC)²  will discuss: 
• Eliminating blind spots in cloud environments to improve visibility
• Prioritizing the most critical alerts to address common root causes
• Remediating issues at the source, eliminating the job of repeatedly fixing the same issues
• Leveraging open standards such as Falco for runtime threat detection and cloud security monitoring
• Uncovering the risks of overly permissive API keys in cloud environments

Fortify Your Cloud-Native Security

You know the workforce gap numbers. Your team feels the effects, often working long hours and picking up the slack from an understaffed organization. There simply aren’t enough experienced cybersecurity professionals to go around. So how do you build a resilient, sustainable cybersecurity team? New research from (ISC)² finds that hiring managers are looking to entry- and junior-level pros. The 2022 (ISC)² Hiring Managers Report, released in June, faced the issue of a shortage of experienced cyber pros head on and dives into how managers can find and nurture the talent to strengthen their teams.
 
Hear from experienced cybersecurity leaders as they discuss this new report and share their own insights, experiences and advice on how to build a team that can reinforce your security operations and add fresh new perspectives to your approach. Join (ISC)² June 23, 2022 at 11:00 a.m. ET / 4:00 p.m. BST for this roundtable discussion moderated by Brandon Dunlap.

How to Hire and Develop Entry- and Junior-Level Cybersecurity Practitioners

Digital transformation and cloud migration projects are fundamental to enterprise growth. While both the Offices of the CIO and CISO play a crucial role in this journey, the mindsets of the two executives commonly differ. Friction occurs when the CIO line of business has a mandate to recognize the speed and efficiency of the cloud immediately, while the CISO line of business needs to ensure that the proper security policies and procedures are in place.
 
How can the CIO and CISO engage in a balancing act that is beneficial to the priorities of both parties?   Join ExtraHop and (ISC)² June 21, 2022 at 1:00 p.m. Eastern/ 10:00 a.m. Pacific as we discuss unique perspectives from both sides, learn about success stories, and discover ways to reduce friction in your enterprise.

The CIO-CISO Balancing Act In The Cloud

Cloud computing is critical to most organizations around the world. Information security teams have reduced visibility and even fewer controls to deal with shadow IT and third party cloud risks at an enterprise-wide level. Advantages of cloud computing, like quick, low-cost and easy setup, end up creating problems for information security practitioners.
 
Join (ISC)² and Proofpoint on Thursday, May 12 at 1:00 p.m. Eastern / 10:00 a.m. Pacific to learn how to wrangle in all the shadow IT in your organization and get your cloud presence under control.

Extending Governance to Your First & Third Party Cloud Environments

The US Securities and Exchange Commission (SEC) proposed new rules to increase the transparency around cybersecurity incident reporting. Is the four-business day deadline to disclose certain incidents even possible? Coupled with new legislation mandating critical infrastructure operators disclose cyber attacks and ransomware payments, how do we shift our security programs? There are many more of these rules under discussion affecting companies across a wide spectrum of industries. How does the “ticking clock” impact an organization’s ability to effectively investigate an incident?

Join DomainTools and (ISC)2 on April 28, 2022 at 1:00 p.m. Eastern/10:00 a.m. Pacific for a round table discussion on these new regulations, their impact, and what may be coming in the future.

Can You Beat the Clock?: The New Regulations on Breach Notification Reporting

The Inside (ISC)2 webinar series gives attendees access to the leaders and decision makers within the association to hear the latest insights from the Board and executive levels, including a look at recent successes and plans for upcoming programs. Join (ISC)2 CEO Clar Rosso on April 27 at 1:00 p.m. EST as she is joined by Board Chairperson Zach Tudor, CISSP and (ISC)2 Chief Qualifications Officer Dr. Casey Marks, who will provide an update on the new entry-level cybersecurity certification pilot program as well as the online proctored CISSP exam pilot.

Inside (ISC)2: Quarterly Board Update and the Latest on Exams

Every company makes a huge investment in building and maintaining their brand. In some ways, the brand and brand reputation your company has can be more valuable than the data an organization holds, and that means it must be protected. Brand threats range from counterfeit goods, cybersquatting, and fake apps to hijacked domains used for phishing attacks. It’s a big job and not only is the infosecurity team involved, but you’ll also find that your legal team is needed to help control and mitigate these threats. Join DomainTools and (ISC)2 on March 1, 2022 at 1:00p.m. EST for a roundtable discussion on the threats to your brand and the actions you can take to protect it.

Defending the Brand

Enterprises are shifting left in the cloud by building security into workload and application code. It’s a smart first line of defense, but no code—no matter how secure—is bulletproof. That’s why enterprises are turning to east-west visibility and post-compromise threat detection as part of a defense-in-depth strategy. By identifying attack techniques like lateral movement and detecting advanced threats, you can reduce dwell time and mitigate the blast radius of ransomware, software supply chain attacks, and more.

Join ExtraHop and (ISC)² on March 24, 2022, for a panel discussion on the benefits of taking a defense-in-depth approach to cloud security built on east-west visibility and post-compromise detection.

Shifting Left Isn’t Enough: Own the East-West Corridor to Secure Your Cloud

The conflict between Russia and Ukraine is sending shockwaves throughout the world. Cybersecurity and privacy practitioners and departments are being impacted significantly by what’s happening. As the digital footprint fractures in the region with companies leaving and services pulling out, what does that mean for your organization? If you have operations in the region, how are you exfiltrating & protecting your data, when services are down or diminished and ensuring you are following the local laws on data preservation and handling? What about the threat landscape? What does it currently look like and how might that shift as the geopolitical circumstances change? What are you seeing as the immediate, mid term and long term impacts that you will have to cope with and plan for? Join (ISC)2 on March 23, 2022 at 10:00am Eastern for a discussion-based webcast examining these questions and exploring the “new normal” of how to approach risk management and security in this new global environment.

The Fallout: The Russia/Ukraine Conflict and Its Impact on Cybersecurity

The Inside (ISC)2 webinar series gives attendees access to the leaders and decision makers within the association to hear the latest insights from the Board and executive levels, including a look at recent successes and plans for upcoming programs. Join (ISC)2 CEO Clar Rosso on March 21, 2022 at 1:00p.m. EST as she is joined by Board Chairperson Zach Tudor, CISSP, and (ISC)2 CISO Jon France, CISSP, who will provide his perspective on some of the big news affecting the cybersecurity community, including the invasion of Ukraine, Log4j and emerging trends in 5G security.

Inside (ISC)2 Quarterly Board Update & Insights on Emerging Cybersecurity Issues

As we continue to embark on our multi-year DEI initiative, we’re excited to officially launch our new DEI webinar series. Throughout the year, we’ll feature inclusion-focused events to elevate diverse voices and perspectives within cyber, highlight best practices to build a more inclusive cyber profession and provide tools and strategies to help diverse professionals succeed.    

In celebrating Women’s History Month in March and to honor International Women’s Day our first webinar of 2022 will feature a panel of new women cyber professionals and young women leaders in cybersecurity as they discuss how they’ve broken through gender biases to forge their career paths, and how we can all help young women in the profession to succeed.

Tackling Gender Bias - The Young Women's Perspectives

It’s said that you can’t really test your security until you’ve been attacked or breached. Finding and remediating internal and external attack vectors before they are exploited can help to harden your defenses and shrink your attack surface. However, you also need to verify that your security fixes have solved the problem and not caused issues somewhere else. Join Horizon3.ai and (ISC)2 on January 13, 2022, at 1:00 p.m. Eastern/10:00 a.m. Pacific for a discussion on fortifying your security posture, making sure your remediation efforts are successful and the importance of measuring your security posture over time to report to the board and regulators.

Train like You Fight-Continuous Evaluation of Your Security Posture

In a previous (ISC)2 webcast, we had a speaker say that organizations should look at ransomware “as an inevitable event or incident”. Ransomware attacks not only hit companies financially, but can impact their data, access and operations. And it has a ripple effect as we’ve seen disruptions in supply lines for fuel, utilities, food supply and other supply chains. Organizations need to focus on not just their security and threat awareness for their employees and partners, but also building resiliency and reducing unnecessary access. Join ProofPoint and (ISC)2 on December 16, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific for a discussion on the seismic waves that can be generated from a ransomware attack, the resulting collateral damage and how to better defend your organization from such attacks.

Thinking Beyond Ransomware – It’s Not All About the Bitcoin

Enterprises both small and large continue to move to the cloud to accelerate digital transformation and achieve scale never before thought possible. At the same time, they struggle with enabling the right cloud security tools and strategies. For example, teams regularly report that they are challenged by disparate point solutions, operational complexity, and an incomplete view of cloud risk. On December 2, 2021 at 1:00 p.m. Eastern/ 10:00 a.m. Pacific, join Palo Alto and (ISC)2 for a discussion about the evolving cloud security landscape and solutions that are addressing these challenges head on.

Why You Need a Platform for Cloud Security Success

(ISC)² officially launched our Diversity, Equity and Inclusion (DEI) initiative at this year’s Security Congress event. The conference featured DEI keynote speaker Jane Frankland on the importance of women in cybersecurity, as well as breakout sessions in our InclusionREADY track. These sessions generated great conversations and we received many questions. We’re excited to continue the inclusion conversation on December 1, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as we address many of those questions with our panel.

Continuing the Inclusion Conversation: Your Security Congress Questions Answered

If you are developing your own software and applications or having that process outsourced, chances are good that open source code is being used. While there are significant benefits from using open source code, it's not a free lunch. Open source software is code and code needs to be assessed and managed properly. How does a security department manage the technical and operational risks, regulatory/compliance issues and security and brand concerns the use of open source code can expose an organization to? Join (ISC)2 and Black Duck Software for our final ThinkTank Roundtable of 2011 on December 15, 2011 at 12:00 noon Eastern time as we examine these opportunities and challenges.

Open Source: Assessing and Managing External Code in Application Development

ThinkTank

(ISC)2

Security

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Health IT

The research and development community on BrightTALK brings together leading professionals in healthcare, technology and manufacturing to present on current topics in their fields. From big data in healthcare to online forensics training and medical research practices, the community is an exceptional resource for those looking to expand their knowledge. Be part of the conversation by joining the community and participating in interactive live webinars.

Open Source: Assessing and Managing External Code in Application Development

Presented by

About this talk

More from this channel