Hi [[ session.user.profile.firstName ]]

Why Do We Victim Shame? The Post-Breach Finger Pointing Phenomenon

It plays out over and over after a major cybersecurity breach makes headlines. Questions are asked: Why was the victim organization vulnerable? Could this have been avoided? What did they do wrong? What policies do they need to change? Who should be held responsible? In most cases, the spotlight only peripherally touches on the attacker. On April 29, 2021 at 1:00PM Eastern, (ISC)2 will bring together a panel of cybersecurity leaders to discuss why our first reaction is to blame the victim, rather than examining the threat ecosystem, how many attacks have already been thwarted and where the true blame should reside.
Recorded Apr 29 2021 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jill Aitoro, EIC ,SC Magazine; Erik von Geldern, CISO, FXCM; Spencer Wilcox, Chief Security Officer; Brandon Dunlap, Mod
Presentation preview: Why Do We Victim Shame? The Post-Breach Finger Pointing Phenomenon

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Seek, Pursue, Contain: Effective Threat Hunting Nov 18 2021 6:00 pm UTC 60 mins
    Barry Rellis, Enterprise Solutions Engineer, GOSI, DomainTools; Brandon Dunlap, Moderator
    Despite the rise in threat hunting across organizations in nearly all industries, few understand how to not only build a threat hunting strategy, but how to then optimize and maximize its effectiveness. To do this, you must start with asking the question, “What defines success?” and “What metrics can you use to drive performance and report to leadership and stakeholders to illustrate whether or not the investment in threat hunting is worth it?” Join DomainTools and (ISC)2 on November 18, 2021 for a discussion on how to determine if threat hunting is something you should invest in, how to be effective in your threat hunting methodology and what metrics can be used to measure success when communicating up the chain.
  • The Keys to Start with To Secure Your Cloud Recorded: Oct 7 2021 58 mins
    Michael Sanders, ExtraHop; Karl Ots, Head of Cloud Security; Craig Olsen, Cybersecurity Architect; Brandon Dunlap, Moderator
    Cybersecurity has never been easy, and as enterprises expand their footprints in the cloud, they often run into issues and friction that can weaken security and leave them vulnerable to advanced threats. Cloud environments are highly dynamic, and many security tools struggle to match the scale and elasticity the cloud provides. Security teams need to take a frictionless approach to regain the advantage over attackers. Join ExtraHop and (ISC)2 on October 7, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific for a discussion on the keys to securing your cloud environment and how the power of Network Detection and Response solutions can help you reclaim the upper hand in your cloud environments.

    · Knowing your datasource
    · Logs vs agents vs network packets
    · Investigating and hunting threats
    · Take advantage of the power of network forensics in the cloud
    · Detect and immediately respond to advanced threats
    · How to “break the ice" under attackers
  • Don’t Take the Bait! Defending Against Phishing and BEC Attacks Recorded: Sep 30 2021 58 mins
    Taylor Wilkes-Pierce, DomainTools; Shelly Epps, Duke Health; Aamir Lakhani, Security Strategist; Brandon Dunlap, Moderator
    From ransomware to Business Email Compromise (BEC) adversaries are relying on phishing to take advantage of the increasingly distributed surface area defenders have to cover. What are we missing when it comes to phishing, and what can we learn from how these campaigns are deployed in 2021? Join DomainTools and (ISC)2 on September 30, 2021 at 1:00 p.m./10:00 a.m. for a discussion on detecting attacks both in the wild and in your network.
  • Inside (ISC)2: Updates on Global Events Program Recorded: Aug 31 2021 59 mins
    Clar Rosso, CEO, (ISC)2; Megan Gavin, Director, Events, (ISC)2
    Clar Rosso, CEO of (ISC)2 shares her insights on what’s happening at our association. Join us for this quarterly update in which we cover the latest developments at (ISC)2, ranging from certification to member benefits, continuing education and events, to major milestones and achievements. On August 31, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific, Megan Gavin, Director of Events at (ISC)2 joins Clar to provide an overview of what to expect at this year’s annual Security Congress taking place this October 18-20, as well as the new global (ISC)2-hosted events being planned for 2022.
  • Redefining Modern Data Loss Prevention (DLP) Recorded: Aug 26 2021 56 mins
    John Checco,Resident CISO,Financial Services,Proofpoint; JJ Thompson; Michael Weisberg,CISO,Garnet River; Brandon Dunlap,Mod
    For decades, perimeter-based security was the starting point for cybersecurity programs. But in today’s environment of cloud-based, mobile and remote work, that perimeter has all but dissolved. Insider risk and data loss prevention (DLP) are a top concern for organizations with a distributed workforce and increasing reliance on technology. Join Proofpoint and (ISC)2 on August 26, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as we explore how legacy approaches to information protection by building walls around critical data fails in today’s always-connected all-remote world. We’ll also discuss:

    · Shortcomings (perhaps some horror stories) of legacy DLP approaches

    · Actionable recommendations for protecting information in a borderless ecosystem

    · Redefining your DLP strategy to amplify people and data protection through CASB, ITM, Social Media Content Capture, et al.
  • Inside (ISC)² Quarterly Board Update, 2021 (Q3) Recorded: Aug 20 2021 14 mins
    Zachary Tudor, CISSP, (ISC)² Board of Directors Chairperson and Clar Rosso, CEO, (ISC)²
    (ISC)² Board of Directors Chairperson, Zachary Tudor, CISSP and CEO Clar Rosso update members on accomplishments in Q3 of 2021 including the association’s strategic roadmap, new achievements and milestones, the latest on our certifications, new professional development opportunities, member offers and more. The Q3 2021 update includes membership milestones, association accreditations and new executive leadership focused on member benefits and advocacy. (ISC)² continues to concentrate on global diversity, equity and inclusion initiatives and examining the workforce gap.
  • Detecting Advanced Persistent Threats in a World of Encrypted Traffic Recorded: Aug 12 2021 59 mins
    Jesse Munos, Tech. Mktg. Mgr., ExtraHop; Frans Schippers, Amsterdam Univ of Applied Science; Richard Tychansky, Sec Architect
    Cyber security doctrine established the need to encrypt data while in transit and at rest. Between 80% and 90% of Internet traffic is now encrypted, providing invaluable security benefits, but also limiting the SecOps team's ability to rapidly detect, investigate, and respond to security incidents. Join ExtraHop and (ISC)2 on August 12, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific for a roundtable discussion on the various approaches to overcoming the security concerns created by the proliferation of encryption technologies. We’ll also examine:

    · Why encryption of data in transit is critical to organizational security

    · The visibility gap created by encryption

    The benefits and limitations of:

    · Deep Packet Inspection

    · What is TLS and why is it Important to be up-to-date

    · Encrypted Traffic Analytics

    · Decrypting Traffic (both in and out of band)
  • The Cloud Gambit: Advanced Moves for a Cloud Security Career Recorded: Aug 3 2021 59 mins
    Keatron Evans, Dave Hatter, Charlie Platt
    Taking the step toward earning the (ISC)² Certified Cloud Security Professional (CCSP) credential puts you on a path to excel as an expert in cloud security. CCSP empowers individuals and organizations with the highest level of mastery in cloud security.

    But how do you get started? How do you prepare? And why…what tangible benefits will you gain? Join (ISC)² for a panel discussion as industry professionals share their stories, experience and tips toward preparing for the Certified Cloud Security Professional certification. Areas for discussion will include:

    - Why you should consider CCSP
    - How to prepare for CCSP
    - How CCSP can accelerate your career progression
  • It Takes Two: A Two-Stage Approach to Mitigating Cyber Risk & Strengthening Recorded: Jun 29 2021 61 mins
    Scott Register, VP Security Solutions; Spencer Wilcox, CSO; Cameron Fischer, CISSP; Brandon Dunlap, Mod
    Defending your IT/OT assets is becoming more difficult every day, as illustrated by the ease with which a ransomware gang was able to knock out half the gasoline supply for the Eastern seaboard. And despite the billions we spend every year on cybersecurity, the breaches keep happening. It’s time to rethink our approach and improve security, not by spending more money on point solutions but by getting the most out of what we have. On June 29, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific, Keysight and (ISC)2 for a discussion on a holistic approach to IT and OT security by maximizing existing investment by optimizing deployed tools, continually optimizing SIEM rules to decrease MTTR and easily validating defenses against late-breaking headline threats rather than disrupting SecOps workflow.
  • Igniting Passion for Diversity, Equity and Inclusion (DEI) Recorded: Jun 23 2021 59 mins
    Clar Rosso, CEO, (ISC)2; Dr. Kevin Charest and Samara Moore, (ISC)2 Board Members
    With the onset of social justice movements and awareness of racial and gender inequality around the globe, many organizations and leaders are recognizing the need to dig deeper and lead the charge for their stakeholders and communities for lasting transformation. Yet, what makes diversity and inclusion—seemingly so simple—so complicated and difficult to achieve? What are some of the key challenges and tensions that often arise throughout the inclusion journey? And, how can leaders ignite the passion needed to face these challenges? Join (ISC)2 on June 23, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as Clar Rosso, (ISC)2 CEO joins with cyber industry leaders to explore these paradoxes, challenges and high-impact solutions and what it takes to achieve a truly diverse and inclusive cyber profession; one that weaves inclusion into everything it does.
  • Oh G, Can We Talk About What’s Happening With 5G Networks These Days? Recorded: Jun 15 2021 60 mins
    Rear Adm. (ret.) David Simpson, Virginia Tech; Kevin McNamee, Nokia Threat Intelligence; Anjali Gugle, Cisco; Anne Saita, Mod
    5G wireless connectivity is gaining momentum, with consumers and companies keen to adopt the newest generation of wireless for its fast speeds, low latency and innovation possibilities. Municipalities are moving 5G into smart buildings. Health systems are incorporating 5G to raise the bar on care decisions and treatments. And everyone wants to stream any and all media without any drag, whether live or on demand. This requires reappraisals of wireless network infrastructures, data management, access controls, location tracking and carrier contracts…just to name a few boxes that need to be checked. Join Infosecurity Professional’s Editor in Chief Anne Saita as she moderates a panel discussion at 1 p.m. Eastern/10 a.m.Pacific on Tuesday, June 15, 2021 on the biggest risks associated with 5G rollouts.
  • 3 Ways SecOps and NetOps Collaboration Saves Money & Stops Attackers Faster Recorded: Jun 3 2021 59 mins
    Chase Snyder, ExtraHop, JJ Thompson, Andrew Boyle, BAH; Brandon Dunlap, Moderator
    Call It NetSecOps, IT/Security Operations, SOC/NOC or SNOC. Whatever the name, better collaboration between security operations and network operations teams has enormous benefits for teams that follow through. Join Extrahop and (ISC)2 on June 3, 2021 at 1:00 p.m. Eastern for a discuss on how this union can help with tool consolidation, improve incident response time and effectiveness and adapt to the cloud, remote work, and beyond.
  • AI & ML: Both Your Organization’s Friend and Foe Recorded: May 27 2021 59 mins
    John Conwell, Principal Data Scientist, DomainTools; Ian Hill, Global Dir, CyberSec, Royal BAM Group, nv; Donnie Wendt
    While security departments are leveraging machine learning (ML) and artificial intelligence (A\I) to cut the time for detection and response, bad actors are using the same technology to try and breach your organization. Attacks using AI/ML have been optimized and can find the inherent vulnerabilities that exist in these types of platforms. On May 27, 2021 at 1:00pm ET/10:00 am PT, DomainTools and (ISC)2 will discuss how red, blue, and purple teams can use these automated tools to defend and understand how adversaries are using the same technologies to attack them.
  • Working with Law Enforcement and the FBI Recorded: May 25 2021 56 mins
    Supervisory Special Agent (SSA) Paul Vitchock, FBI; Special Agent (SA) Andrew Sekela, FBI; Spencer Wilcox; Brandon Dunlap
    The frequency of Incidents and breaches of companies and critical infrastructure continues to increase. Often, law enforcement (local/state/federal) will need to be brought in. But how do you decide if it has risen to that level? Where do you start? Do you bring in local law enforcement or reach out to an organization like the FBI (Federal Bureau of Investigation)? When you do, how do you work with them, what steps do you need to take to protect your organization and the evidence? Join (ISC)2 and representatives from the FBI on May 25, 2021 at 1:00PM Eastern for a discussion on when to bring in law enforcement, how to work with them and how to make vital pre-incident connections. Learn from and about cybersecurity professionals at the FBI and how they help secure and defend the country.
  • Building Your Cybersecurity Bench: (ISC)2’s Cybersecurity Career Pursuers Study Recorded: May 18 2021 59 mins
    Clar Rosso,(ISC)2 CEO;Emilie McLaughlin,VP,HR Centers of Excellence;John Carnes,Information Security Pro;Brandon Dunlap,Mod
    As organizations continue to struggle to find trained cybersecurity professionals to build out their teams, recruiters and hiring managers may need to adjust the tactics they use to proactively identify internal and external candidates. Developing bench strength by targeting candidates who have transferable skills can lead to long term depth and stability on security teams. Understanding who to look for and managing their expectations of what cybersecurity roles entail is critical to success. Join Clar Rosso, CEO of (ISC)2 on May 18, 2021 at 1:00 p.m, Eastern/10:00 a.m. Pacific as she provides an overview of the 2021 (ISC)2 Cybersecurity Career Pursuers Study, which surveyed both experienced cybersecurity professionals as well as jobseekers considering a career in the field. The study examines such topics as which tasks and experiences make a cybersecurity professional successful, the value of mentorship, at what point in their careers pursuers seem likely to seek a cybersecurity path, what attracts people to the profession and which qualities rank as strong indicators of future success for team members.
  • Why Do We Victim Shame? The Post-Breach Finger Pointing Phenomenon Recorded: Apr 29 2021 60 mins
    Jill Aitoro, EIC ,SC Magazine; Erik von Geldern, CISO, FXCM; Spencer Wilcox, Chief Security Officer; Brandon Dunlap, Mod
    It plays out over and over after a major cybersecurity breach makes headlines. Questions are asked: Why was the victim organization vulnerable? Could this have been avoided? What did they do wrong? What policies do they need to change? Who should be held responsible? In most cases, the spotlight only peripherally touches on the attacker. On April 29, 2021 at 1:00PM Eastern, (ISC)2 will bring together a panel of cybersecurity leaders to discuss why our first reaction is to blame the victim, rather than examining the threat ecosystem, how many attacks have already been thwarted and where the true blame should reside.
  • In the Bullseye: Healthcare and Email Threat Vectors Recorded: Apr 27 2021 62 mins
    Ryan Witt, Proofpoint; John Carnes, Information Security Professional; Shelly Epps, Duke Health; Brandon Dunlap, Moderator
    Threat actors are targeting individuals in the Healthcare industry and using email as their main entry point for cyber attacks. These attacks are aimed at specific people in an organization to steal money, data or sensitive healthcare information. Threat actors can gain access to legitimate mailboxes using tactics such as phishing, malware or social engineering to impersonate the victim. This leads to further infiltration into an enterprise system. What can those in the healthcare industry do to combat this targeting by cyber criminals? Join Proofpoint and (ISC)2 on April 27th at 1 pm ET / 10 am PT for a panel discussion focusing on email compromise/account takeovers and best practices for dealing with these threats in healthcare.
  • Measuring Cybersecurity: Metrics That Really Matter to the C-Suite and Beyond Recorded: Apr 1 2021 61 mins
    Lenny Zeltser, CISO, Axonious; Pete Lindstrom, VP, Sec Strategies, IDC; Gideon Rasmussen, vCISO; Brandon Dunlap, Moderator
    When it comes to security metrics, there are lots of variables. The company. The size and scale of that company. Measuring where things are at today and where you hope things will be in the future.
    There’s a lot at play, but one thing’s for certain: There’s a laundry list of security metrics you could be measuring. So how do you know where to start? And once you have your foundation, what’s next? On April 1, 2021 at 1:00PM Eastern, Axonious and (ISC)2 will host a webcast to examine:

    · Which security metrics are commonly used for executive-level reporting and to track progress across vulnerability management, security operations & incident response, and more
    · The foundational prerequisites to ensuring accuracy and context
    · How to evaluate vulnerability management, security operations, cloud security, and other programs.
  • SolarWinds Fallout Has Execs Asking: How Secure is Our Supply Chain? Recorded: Mar 30 2021 59 mins
    Thomas Scanlon, Carnegie Mellon Univ; Andrew Boyle, BAH; Shawn Harris, Starbucks; Brandon Dunlap, Moderator
    The ramifications of the SolarWinds incident continue to evolve as more details emerge about the impact it had on a wide range of organizations. A recent survey of more than 300 cybersecurity practitioners by (ISC)2reveals just how concerning the incident was and what these professionals recommend to shield organizations from similar supply chain threats. Join this panel discussion on March 30, 2021 at 1:00pm Eastern to hear anecdotes and best practices related to third-party technologies in the security stack, and how peers in cybersecurity leadership positions are future-proofing their defenses while planning for worst case scenario.
  • Time for an Upgrade? What Next Generation IDS Can Bring to the Enterprise Recorded: Mar 11 2021 60 mins
    Don Shin, Sr. PMM, ExtraHop; Matthew Waddell, Dir of DFIR, CBI; Brandon Dunlap, Moderator
    Traditional Intrusion Detection Systems rely on brittle signatures, and can be a major resource drain. As the internet continues to evolve, so do the methods and tactics of the adversary. Attackers are now more focused on your users rather than system vulnerability exploits. A new approach is needed….one that encompasses machine learning anomaly detection, cross platform visibility and cloud ready. Join ExtraHop and (ISC)2 on March 11, 2021 at 1:00pm for a discussion on Next Generation IDS and how it can provide more than just a compliance check off and provide context to the alerts you receive.
Moderated roundtable discussions on a variety of infosecurity topics.
(ISC)² hosts regular panel discussions on hot button infosecurity topics featuring thought leaders and visionaries from the industry who answer questions from the audience.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Why Do We Victim Shame? The Post-Breach Finger Pointing Phenomenon
  • Live at: Apr 29 2021 5:00 pm
  • Presented by: Jill Aitoro, EIC ,SC Magazine; Erik von Geldern, CISO, FXCM; Spencer Wilcox, Chief Security Officer; Brandon Dunlap, Mod
  • From:
Your email has been sent.
or close