Hi [[ session.user.profile.firstName ]]

Using MITRE ATT&CK In Cloud and Hybrid Environments

The MITRE ATT&CK Framework provides an excellent structure for security professionals to identify the strengths and gaps in their ability to detect attacker tactics, techniques, and procedures (TTPs) in the environment. The framework is applicable for cloud, on-premises, and hybrid environments. Join ExtraHop and (ISC)² on March 5, 2020 at 1:00PM Eastern for a discussion on the MITRE ATT&CK Framework as we look at:

• How to get the most value from the MITRE ATT&CK Framework in a hybrid environment

• How upcoming changes in MITRE ATT&CK may affect utilization of the framework by SecOps teams

• How MITRE ATT&CK fits into an overall framework-driven strategy for improving detection coverage and security maturity in hybrid enterprises of all sizes.
Recorded Mar 5 2020 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Vince Stross, Princ. Security SE, ExtraHop; Blake Strom, ATT&CK Leader, MITRE; Chip Wagner, Cybersecurity Leader, IBM
Presentation preview: Using MITRE ATT&CK In Cloud and Hybrid Environments

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • The Infinite Variety of Phishing Attacks & the Security Controls to Address Them Dec 15 2020 6:00 pm UTC 60 mins
    Brian Thornton, Enterprise Solution Engineer, Mimecast; Tim Campo, Director, Applications & Security, (ISC)2
    Every organization receives unwanted email and various forms of phishing on a daily basis. Most are common and some are quite unique. Protecting against malicious attachments and links on inbound email is now security table stakes. But with the continuous evolution of cybercriminals, what’s old is new and what’s new is new. They never stop recycling or reinventing. And the cybercrime-as-a-service ecosystem never stops making it easier and cheaper to setup and launch phishing-based campaigns to deliver ransomware, RATs, steal credentials, spread internally, impersonate your executives, or exploit your brand online. Mimecast and (ISC)2 will discuss both popular phishing related techniques as well as newly emerging ones on December 15, 2020 at 1:00pm Eastern. We’ll also discuss various types of defensive techniques, emerging analytics, and user training strategies that can be applied today to better protect your organization.
  • Technology Sprawl: The Hidden Disease of IT and What to do About it Dec 3 2020 6:00 pm UTC 60 mins
    John Matthews, CIO, ExtraHop; Michael Weisberg, CISO, Garnet River; Eric Gauthier, VP, Technical Ops, Burning Glass, B Dunlap
    In most enterprises, you have the phenomenon of tool sprawl - the overlapping abundance of technology in which only 20-30% of a product’s functionality is being used. A product is acquired for a particular use case, then another use case and another, resulting in a potpourri of tools with overlapping capabilities and features. Whether its instances in the cloud, security tools, network management or even the proliferation of personal productivity and LOB SaaS applications, the consequence of technology sprawl is not only financial waste, but also user frustration, security risks, operational inefficiencies, technical debt and lack of visibility into the organization’s processes and functions. Join ExtraHop and (ISC)2 on December 3, 2020 at 1:00pm Eastern as a panel of IT and Security executives discuss the root causes of technology sprawl, a path out of this cycle and the benefits to be achieved.
  • Security Congress 2020 Preview Recorded: Nov 6 2020 25 mins
    Wesley Simpson; Sharon Smith; Brandon Dunlap; James McQuiggan
    A panel discussion about (ISC)2 Security Congress 2020
  • Don't Miss the BIGGEST (ISC)2 Security Congress Yet! Recorded: Nov 3 2020 1 min
    (ISC)2
    Join thousands of cybersecurity professionals at all levels for three days of industry discussion, continuing education and networking, November 16 – 18. Get your passes at: https://securitycongress.brighttalk.live/passes/
  • Your Data Held Hostage: Understanding the Extensive Ransomware Threat Recorded: Oct 29 2020 57 mins
    Tarik Saleh, Senior Security Engineer & Malware Researcher, Domain Tools; Spencer Wilcox; Brandon Dunlap, Moderator
    There can be many ramifications of a ransomware incident on an
    organization. Financial, reputational and downtime are just some of the more damaging effects a ransomware attack can have. Organizations need to have a plan to deal with such incidents and to understand the marketplaces, economics and latest trends to be prepared. How do you prepare for such an incident? Set aside some money to pay if it happens? Will accounting or even legal allow you to do that? Join DomainTools and (ISC)2 on Thursday, October 29, 2020 at 1:00 PM Eastern for a discussion on the current state of ransomware. We’ll examine traditional ransomware vs RaaS (Ransomware as a Service), how RaaS is being leveraged by threat actors, what Blue teams should know and what to consider about planning, response and cyber/business interruption insurance.
  • Improving Threat Detection & Data Protection in Public Clouds Recorded: Oct 1 2020 61 mins
    Itir Clarke, Sr. Product Mktg Mgr Proofpoint; John Yeoh, Global VP, CSA; Michael Weisberg, CISO Garnet Rive,
    Beyond just capturing “shadow IT” have you reached the full potential of your CASB? With a continuous stream of feature enhancements from User Entity Behavior Analysis to Data Loss Prevention, you may have more capabilities that are going untapped. Leveraging your CASBs to its fullest potential can result in a better security posture for your organization. Join Proofpoint and (ISC)2 on October 1, 2020 at 1:00 p.m. eastern for a discussion centered around CASBs, their potential for better security via threat protection and data protection.
  • Privacy's Increasing Role in Cybersecurity: A View from Spirion and the IAPP Recorded: Sep 30 2020 63 mins
    Bob Lewis, IAPP, Cathy Scerbo, IAPP, Scott Giordano, Spirion, Brandon Dunlap (Moderator)
    Every organization today is in some state of digital transformation. While the understanding of security needs in the digital age has matured significantly in the last 2 decades, the implication for data privacy and in particular, its interaction with security, are still not well understood. As data regulations and laws continue to evolve, here in the U.S. and globally, organizations require increased understanding of privacy requirements and their impact to technology solutions. Join IAPP and (ISC)2 on September 30, 2020 at 1:00 p.m. Eastern as Bob Lewis and Cathy Scerbo from IAPP, along with Scott Giordano from Spirion, will share the evolution of privacy, discuss key privacy topics like Privacy by Design and the NIST Privacy framework, share their perspectives of the overlap between Security and Privacy and highlight the criticality of understanding the current implications of data privacy today.
  • The Ripple Effect: Latent Vulnerabilities to Be Felt for Years to Come Recorded: Sep 17 2020 60 mins
    Matt Cauthorn, VP Sales Eng, ExtraHop; Kevin McNamee, Dir Threat Intel, Nokia; Graham Speake Sr. Sec Mgr, Brandon, Moderator
    Have you heard about Ripple20? It’s a series of 19 vulnerabilities detected in a widely used TCP/IP stack (Treck) could expose hundreds of millions of devices in healthcare and industrial settings to remote code execution and more. The Treck stack has been used in embedded devices for more than twenty years. These devices are hard to identify and more difficult to patch. Should you remove and/or replace these devices? That can get pricey. Join ExtraHop and (ISC)2 on September 17, 2020 at 1:00 p.m. Eastern as we explore the ramifications of this, how to detect vulnerable devices and determine if you should patch or replace.
  • The Ups and Downs of Cybersecurity Asset Management Recorded: Sep 3 2020 59 mins
    Lenny Zeltser, CISO, Axonius; Bruce Beam, CISO, (ISC)2; Spencer Wilcox, CSO, PNM Resources; Brandon Dunlap, Moderator
    As IT environments become increasingly complex, teams struggle to keep up and understand the asset management process and that can impact an organization’s cybersecurity posture. Companies spend millions on security solutions, but oftentimes cannot validate that they are deployed or preforming as they should. Join Axonius and (ISC)2 on September 3, 2020 at 1:00p.m. Eastern as we discuss the hurdles associated with implementing a cybersecurity asset management program at your company — and why it’s more important than ever to have a foundational understanding of the assets in your environment. We’ll look at:

    · The challenges that come along with implementing modern asset management for cybersecurity
    · Real-life stories that highlight the successes seen with cybersecurity asset management programs

    · The pitfalls, hurdles, and lessons learned about cybersecurity asset management from industry leaders and practitioners
  • Navigating the Career Maze—Where Do I Go Next? Recorded: Jul 21 2020 64 mins
    Rob Ayoub, Sharon Smith, Deidre Diamond, Erik Von Geldern, John Esparza
    This webinar will feature several industry professionals within the information security industry who've held a variety of roles ranging from security architect, consultant and sales engineer to marketer to recruiter and CISO. The panel will discuss career direction and offer attendees new ideas and provocative thoughts on the various roles available throughout a security career. Join (ISC)2 on July 21, 2020 at 1:00PM Eastern for a discussion of the daily tasks involved in each respective area, the joys and the pitfalls, the qualifications typically necessary, and ways to go about getting different positions.
  • Rage Against the Machine: When Attackers Use Machine Learning On Offense Recorded: Jul 16 2020 60 mins
    Sean McNee, Dir of Research, DomainTools; Dr. Chuck Easttom, CISSP, Scientist; Winn Schwartau
    Many of us have embraced machine learning (ML) and even artificial intelligence (AI) for decreasing the time in detection and response for attacks, but our adversaries have also seen the promise of this technology. Offensive Machine Learning has bad actors using these tools to optimize tasks (like password cracking and other brute force methods), as well as creating “Deep Fakes” (for targeted impersonation and phishing attempts). Adversarial Machine Learning sees attackers using their understanding of machine learning to find blind spots and biases in ML platforms and models and exploit those. Join Domain Tools and (ISC)2 on July 16. 2020 at 1:00PM Eastern for a discussion on how organizations can better position their blue, red and purple teams to understand these automated platforms to protect themselves and do their tasks more effectively.
  • Time to Adapt – Integrating SecOps and NetOps Recorded: Jun 25 2020 58 mins
    Matt Cauthorn, VP Cyb. Eng, ExtraHop; Caroline Saxon, Dir, Cyber Governance, Global Payments; Andrew Boyle, Booz Allen
    We know that integrating security operations (SecOps) and network operations (NetOps) teams can lead to faster response and improved productivity. And in the current situation we find ourselves (with budgets slashed and personnel laid off or furloughed), collaboration and shared visibility between the two teams can help IT and cybersecurity organizations adapt to changing requirements. Integrating the two operations can help you eliminate redundant tools, break down data silos, streamline processes, and optimize your budget. Join Extrahop and (ISC)2 on June 25, 2020 at 1:00PM Eastern for a discussion on why now is a great time to tackle this challenge and how you can go about doing so.
  • Automation or Hesitation? Recorded: May 28 2020 58 mins
    Dave Pack, SVP, Customer Exp, Swimlane; Alan Rynarzewski, Faculty, Purdue Global Uni.; Kristy Westphal, VP, MUFG Union Bank
    Many organizations are leaning into automation of key security processes such as threat detection, response speed and supplementing the human workforce. But is automation the panacea and the right fit for your environment?Planning for the introduction of automation into the security infrastructure needs to be considered carefully. For example, you don’t want to automate a broken process. You don’t want your automation to be redundant with duties that are already being done (and done effectively). Join Swimlane and (ISC)2 on May 28, 2020 at 1:00PM Eastern for a discussion on security orchestration,automation and response, what the “low hanging fruit” may be to target for automation and how to make sure the introduction of automation goes smoothly at your organization.
  • Continuing the Conversation: What We’ve Learned From the COVID-19 Outbreak Recorded: May 19 2020 62 mins
    John Carnes, Erik von Geldern, Kris Rosson, Brandon Dunlap, Moderator
    On April 28, 2020, (ISC)2 hosted a diverse panel of cybersecurity professionals who discussed the impact the COVID-19 pandemic has had on their IT operations and cybersecurity teams. The first webcast, in this series, generated a great deal of interest, discussion and questions from the audience. We will continue the conversation on May 19, 2020 to tackle the questions and discussions that continue to be raised during this ongoing crisis. This second webcast will be devoted to the economic impact (budgets slashed with no revenue coming in) due to the shutdown caused by COVID-19. In addition, we’ll discuss what re-opening an office may look like and how the current situation affects individuals both physically and emotionally. Join the conversation to share your thoughts and gain insight into how your team can continue to handle this changing situation.
  • Protect Your Plumbing-Securing Your DNS Architecture Recorded: Apr 30 2020 60 mins
    Chad Anderson, DomainTools; Dan York, Internet Society; Dave Lawrence; Brandon Dunlap (Moderator)
    The Domain Name System (DNS) is a foundational pillar of the Internet. Nearly every bit of traffic has its origin in a DNS query and as such DNS remains a critical source for information and insights into the operation of the Internet and of attackers. The flexibility and redundancy of DNS has been used in numerous ways from building out CDNs to reflective DNS attacks. Hidden inside all of this data lies crucial evidence that can be used for network defense and investigations. Join DomainTools and (ISC)2 April 30, 2020 at 1:00PM Eastern for a discussion on DNS security, monitoring, and the attacks that target DNS.
  • Gamechanger! What We’ve Learned (So Far) from the COVID-19 Outbreak Recorded: Apr 28 2020 62 mins
    John Carnes, Erik von Geldern, Kris Rosson, Brandon Dunlap, Moderator
    The world seemingly changed overnight. Offices and business shut down. Stay-at-home orders. A remote workforce appearing out of nowhere needing equipment and support. Cybersecurity professionals are facing challenges and situations none would have dreamed about even 90 days ago. Join (ISC)2 on Tuesday, April 28, 2020 at 1:00PM Eastern for a panel discussion examining what security practitioners are experiencing during the COVID-19 health crisis. The webcast will include results from an (ISC)2 pulse survey that asked cybersecurity professionals to share how their jobs have been impacted, issues faced securing a "work from home" workforce and more. Panelists will share the challenges they face, what lessons have been learned and the “sliver-lining” they may have discovered as they and their teams jumped into the unknown and transformed their operations in response.
  • Office Shutdown: Securing an Increased Remote Workforce Recorded: Apr 16 2020 64 mins
    John Smith, ExtraHop; Glenn Leifheit, Microsoft; Tim Campo, (ISC)2; Diane Brown, Ulta; Brandon Dunlap (Moderator)
    The COVID-19 virus outbreak has put immense pressure on IT organizations who now need to scale remote access quickly to thousands of users working from home. Many organizations did not have a plan in place for this and are doing the best they can. Many remote workers haven’t been issued laptops or are using unmanaged devices that may not have adequate protections. Some companies are running into licensing issues for things like their VPN connections. Join ExtraHop and (ISC)2 on April 16, 2020 at 1:00PM Eastern for a timely discussion on how you can deal with performance and security implications of this shift and receive tips and best practices on how to deal with the situation we find ourselves in.
  • Forging an Effective Insider Threat Management Program Recorded: Apr 2 2020 62 mins
    Sai Chavali, Senior Prod Mktrg Mgr, ObserveIT; Nick Cavalancia, Fndr & Chief Techvangelist; Michael Weisberg
    Playing defense against the myriad of outside threats that an organization needs to worry about can take all the attention of a cybersecurity team. But it’s critical that they don’t lose sight of the threat that insiders – employees, contractors, partners and business associates can bring to bear. Often time, these parties need legitimate access to systems within the enterprise, but that access can carry significant risk. Taking a proactive approach to detecting risky user behaviour, protecting against data exfiltration and accelerating the investigation time of insider-led data breaches is critical. The development of an Insider threat management program to manage such functions can help an organization get visibility into the problem and streamline these efforts. But where does an organization start when building such a program? What underpinnings need to be in place in order to have success with a program? Is the risk worth the investment? Join Proofpoint and (ISC)2 on April 2,2020 at 1:00PM Eastern for a discussion on how to build an effective insider threat program.
  • Diversity, Equity and Inclusion: Create a Winning Security Company Culture Recorded: Mar 5 2020 57 mins
    Jennifer Steffens, Ericka Chickowski, Jennifer Minella, Karen Worstell, Manju Mude,
    The conversation around diversity in security and closing the massive workforce gap with more women is nothing new. It is common knowledge that security is a male-dominated field with women making up only 11% to 24% of cybersecurity jobs, depending on which study you read. At this point, diversity must be a way of life, so we need to move the conversation forward to focus less on recruitment of diverse teams and more on building a culture of inclusion at micro and macro levels. Building a company culture that supports mentorship programs, career building, employee training and more will open up new doors for both a happier workforce and lower turnover employee rate.
  • Using MITRE ATT&CK In Cloud and Hybrid Environments Recorded: Mar 5 2020 59 mins
    Vince Stross, Princ. Security SE, ExtraHop; Blake Strom, ATT&CK Leader, MITRE; Chip Wagner, Cybersecurity Leader, IBM
    The MITRE ATT&CK Framework provides an excellent structure for security professionals to identify the strengths and gaps in their ability to detect attacker tactics, techniques, and procedures (TTPs) in the environment. The framework is applicable for cloud, on-premises, and hybrid environments. Join ExtraHop and (ISC)² on March 5, 2020 at 1:00PM Eastern for a discussion on the MITRE ATT&CK Framework as we look at:

    • How to get the most value from the MITRE ATT&CK Framework in a hybrid environment

    • How upcoming changes in MITRE ATT&CK may affect utilization of the framework by SecOps teams

    • How MITRE ATT&CK fits into an overall framework-driven strategy for improving detection coverage and security maturity in hybrid enterprises of all sizes.
Moderated roundtable discussions on a variety of infosecurity topics.
(ISC)2 hosts regular panel discussions on hot button infosecurity topics featuring thought leaders and visionaries from the industry who answer questions from the audience.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Using MITRE ATT&CK In Cloud and Hybrid Environments
  • Live at: Mar 5 2020 6:00 pm
  • Presented by: Vince Stross, Princ. Security SE, ExtraHop; Blake Strom, ATT&CK Leader, MITRE; Chip Wagner, Cybersecurity Leader, IBM
  • From:
Your email has been sent.
or close