SIEM is Dead: Changing The Approach to Enterprise Security Monitoring

A wise man once said "If you keep doing what you're doing, you keep getting what you're getting" and this applies to enterprise monitoring as well. Let's face it, the landscape of threats and risks has outpaced our efforts to monitor and respond to them. The SIEM market is into its second decade already, and is showing signs of its age. Keeping up with the evolving threatscape means making changes in how we observe and react to our attackers. The adversary continues to change their game in response to our defenses and it is time we changed our methods as well. Join (ISC)2 and RSA Security on July 19, 2012 at 1:00pm Eastern for a roundtable webinar where we explore models and methods for improving our situational awareness.

Recorded Jul 19 2012 62 mins

Your place is confirmed,
we'll send you email reminders

Watch for free

Presented by
Paul Stamp, Dir, Product Mktg, RSA, Josh Corman, Dir, Security Intelligence, Akamai, JJ Thompson, Rook Consulting,

Presentation preview: SIEM is Dead: Changing The Approach to Enterprise Security Monitoring

Network with like-minded attendees

Add a photo
- [[ session.user.profile.displayName ]]
- [[ session.user.profile.jobTitle ]]
- [[ session.user.profile.companyName ]]
- [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
- [[ card.displayName ]]
- [[ card.jobTitle ]]
- [[ card.companyName ]]
- [[ userProfileTemplateHelper.getLocation(card) ]]

Channel
Channel profile

(ISC)2 ThinkTank

Using Managed Security Services? You Need Identity Management! Nov 9 2017 6:00 pm UTC 75 mins

Naresh Persaud, Sr. Dir. Security, Prod. Mgmt.; Greg Shanton, Global Cyber Security Lead, Neoverra; Brandon Dunlap, Moderator

Set to double in the next two years, the managed security services market is being driven by the rising cost of security. One MSP found the formula for success by using Identity Management not only to streamline internal security controls but to also help customers reduce risk. If you are using or planning to use managed security services, join CA and (ISC)2 on November 9, 2017 at 1:00PM Eastern to discover the security requirements that require identity and access. We'll discuss use cases managed security companies are addressing and provide insight on how best of breed companies are adapting.

Save your seat
Reducing the Attack Surface via Internet Reconnaissance, Automation & Mitigation Oct 26 2017 5:00 pm UTC 75 mins

Benjamin Powell, Technical Marketing Manager; Brandon Dunlap (Moderator)

Business digital transformation has outpaced conventional cyber defenses. Adversaries no longer attack Firewalls or maneuver laterally between systems to wreak havoc on operations, customers and brands. External threats are the root cause for the majority of today’s incidents and breaches. A recent IDG survey revealed that 70% of enterprises have zero to modest confidence in the ability to reduce their digital attack surface. VA scanners, pen testing and systems tools all provide visibility and control of internal assets, but they fail on the vast number of dynamic web systems, web apps and other components connected to a business and are blind to subsidiaries, ecosystem, global and hosted sites, and service providers - all with possible susceptibility. How can SOC and GRC teams gain the active discovery and direct insight needed to respond to exposed external facing exposed assets - even those not under control of IT? Join RiskIQ and (ISC)2 on October 26, 2017 at 1:00PM Eastern as we explore how to leverage advanced internet reconnaissance, automation, and mitigation to address mounting digital attack surface gaps.

Save your seat
A NIST Guide on How Identity Management is Reshaping Cyber Security Oct 12 2017 5:00 pm UTC 75 mins

Bill Newhouse, Deputy Director, NICE; Naresh Persaud, Sr. Dir. Security; Prod Mktg, CA; Brandon Dunlap (moderator)

Did you know that 80% of data breaches implicate lost, stolen and weak credentials, as well as excessive access as culprits? The NIST Cybersecurity Center of Excellence (NCCoE) is on the cutting edge of shaping standards and is blazing a trail of how businesses can adapt and drive IT security controls. Join CA and (ISC)2 on October 12, 2017 at 1:00PM Eastern for our ThinkTank where our expert panel will take an in depth look at how Identity Management is shaping the recommendations and requirements for the next generation of cyber security controls.

Save your seat
Shoring up Your Defenses by Leveraging Analytics and Machine Learning Recorded: Aug 24 2017 65 mins

Mark McGovern, VP, Product Mgmt., CA; John Carnes, Infosecurity Senior Adviser, Anthem; Erik Von Geldern, FXCM

Attackers are getting quicker and more sophisticated. Today's enterprise defenders aren’t able to withstand the pace and complexities of the threats they face. Automated tools and intelligence are being deployed to breach your IT infrastructure and access your priceless data by targeting privileged accounts. In playing defense, security teams must become proactive, not reactive and use data and analytics in a meaningful way, being more effective and agile in detecting attackers and quickly thwarting them. Join CA Technologies and (ISC)2 on August 24, 2017 at 1:00PM Eastern for a discussion on emergence of machine learning and security analytics as tools that organizations can leverage to defend their data and some practical ways it can be used to protect key assets such as privileged accounts.

Watch now
Scaling Up Network Security: Shifting Control Back to the Defenders Recorded: Aug 10 2017 60 mins

Shehzad Merchant, CTO, Gigamon; Mat Gangwer, CTO, Rook Security; Paulo Shakarian, ASU; Brandon Dunlap (Moderator)

Network threats and data breaches continue to grow in number, sophistication and speed, overwhelming current defensive capabilities. Security teams, limited in staff, resources and time, suffer from diminished effectiveness and enterprise protection. To stay ahead, organizations must create an adaptive ecosystem of network defenses; much like the body leverages its immune system. A Defense Lifecycle Model speeds threat identification and mitigation by incorporating machine learning and artificial intelligence into these security processes. Join Gigamon and (ISC)2 on August 10, 2017 at 1:00PM Eastern for a discussion on automated prevention, detection, prediction and containment and how it can help to fortify your defense.

Watch now
Security Practices for a More Secure Cloud Recorded: Jun 22 2017 60 mins

Kurt Hagerman, CISO, Armor; Raj Goel, CTO, Brainlink; Keith Young, Security Official, Montgomery Cty Govt. Brandon Dunlap

The cloud is full of potential – but also unwanted risks and guests. Threat actors of all skill levels and intentions seek to disrupt, destroy and derail your utilization of cloud hosting for your critical data workloads. How do you defend against this menace? Join Armor and (ISC)2 on June 22, 2017 at 1:00PM Eastern for a discussion on securing and maximizing your cloud investment. We’ll examine the expertise needed, the need to share responsibilities, leveraging proven and emerging technologies and the role integration and automation plays.

Watch now
The Human Target – The Tip of Spear is Aimed at You Recorded: Jun 8 2017 58 mins

Ira Winkler, Secure Mentem, Sylvester Gray, Sophos; Johnny Deutsch, E&Y; Brandon Dunlap, Moderator

While Phishing schemes continue to bedevil organizations and security teams, cyber criminals have become more selective and refined about their targets and methods of trying to reel them in. Senior executives have become the “Whales” of the phishing industry, as scammers develop specific, targeted campaigns aimed at value rich individuals like CEOs, CFOs and others with organizational power and access to secured information and financial/personal data. How can security teams educate their upper management on these schemes and keep them from “leaking” details on social platforms criminals can use to bait these well designed traps? Join Sophos and (ISC)2 on June 8, 2017 at 1:00PM for an examination of Spear Phishing and how to secure and educate your executive team from becoming a victim.

Watch now
Unifying Data Protection both To and In the Cloud Recorded: May 25 2017 60 mins

Dave Bull, Dir, Data Protection Srvs, McAfee, Raj Goel; Keith Young, Brandon Dunlap

Organizations continue to adopt cloud strategies and technologies at a dizzying pace. Many organizations now look at new IT projects with cloud optics. With the volume of data being transmitted to, from and existing in the cloud ever increasing, protecting that data can be challenging. How can this data, which is always on the move and in myriad locations, have a coordinated security strategy? Join McAfee and (ISC)2 on May 25, 2017 at 1:00PM Eastern for a discussion on how to unify data security across applications, clouds and various locations.

Watch now
Machine Learning and Malware: What You Need to Know Recorded: Apr 27 2017 59 mins

Robert Leong, Dir, Prod Mgmt., McAfee Labs; Raf Los, Optiv; Dr. Paulo Shakarian; Brandon Dunlap (Moderator)

The seismic jolt in the Threat Landscape caused by the success of threats like ransomware combined with the geometric rise of so-called zero-day malware (i.e. malware for which no AV signature defenses exist) has given rise to all manner of innovation in the Cybersecurity industry. But a lot of what is being said and presented in the market is really confusing and that’s a problem for practitioners. One of the most-frequently-used phrases in security today is “Machine Learning” or “Math-Based” and “Artificial Intelligence” or “AI”. These phrases are entering the security conversation to describe capabilities, approaches, and strategies, but in reality, they are confusing a great many people. Which begs the question: “What on Earth does it mean?” and “How can Machine Learning be used in Enterprise Security?” Join McAfee and (ISC)2 on April 27, 2017 at 1:00PM Eastern as we clear the confusion, explore the answers to these questions and discuss what this means for dealing with threats.

Watch now
Building a Blueprint for an Insider Threat Program Recorded: Mar 16 2017 58 mins

Jadee Hanson, Dir of Security, Code 42; Joji Montelibano, Rockwell; Chris Walcutt, Black & Veatch; Brandon Dunlap (Moderator)

While infosecurity teams are playing defense against external threats, they cannot lose sight of the threat that insiders at their organization pose. Employees, contractors and business associates can all have accounts which provide them legitimate access to systems within the enterprise, but that access can carry significant risk. Detecting, monitoring and preventing such unauthorized access and exflitration is critical. Building an Insider threat program to manage such functions can help an organization get visibility into the problem and streamline these efforts. But where does an organization start when building such a program? What underpinnings need to be in place in order to have success with a program? Get an inside scoop on what it is really like to build and run these types of programs; what are insiders really doing and what are they stealing. Join Code42 and (ISC)2 on March 16, 2017 at 1:00PM Eastern for a discussion on how to construct an effective insider threat program.

Watch now
Information Overload - Making Sense of Threat Intelligence Sources Recorded: Mar 2 2017 62 mins

John Carnes, Anthem; Mat Gangwer, CTO, Rook Security; Erik Von Geldern, FXCM; Brandon Dunlap (Moderator)

There's an overwhelming amount of information that comes from the connected world. Information sources are endless, but their credibility can be questionable. Cyber security teams can often relate with an overload of threat data from a variety of sources. Building an effective threat intelligence capability requires drilling down through all of information to find the data that is most relevant to you. So where do you start? To avoid information overload, an organization needs to be selective about the sources that they need to stay ahead of the threats and exploits that can compromise them. Join (ISC)2 and our sponsor Recorded Future for a From the Trenches webcast on March 2, 2017 at 1:00 PM ET for a discussion on threat intelligence sources, what's available out there, and how to separate the signal from the noise so you can spend less time on data collection and more time on analysis.

Watch now
Cross Talk: How Network & Security Tools Can Communicate For Better Security Recorded: Feb 23 2017 59 mins

Craig Sanderson, Sr. Dir. Prod Mktg, Infoblox; Dan York, Internet Society; Raghu Gadam, Security Analyst (ISC)2; B. Dunlap

Working in silos, while never a good idea, is a reality in many organizations today. Security and network operations teams have different priorities, processes and systems. Security teams use various controls and tools to mitigate different kinds of threats which provides them with thousands of alerts on a daily basis. They often find it difficult to prioritize the threats to address first. What they may not know is that there is a whole piece of the puzzle they could be missing - core network services like DNS, DHCP and IPAM. These can provide a wealth of information and context on threats, which can help prioritize response based on actual risk and ease compliance. Join Infoblox and (ISC)2 on February 23, 2017 at 1:00PM Eastern for a roundtable discussion on how to use ecosystem integrations between network and security tools for better security and compliance.

Watch now
Be Vewy, Vewy Quiet... I'm Hunting Threats! Finding & Dealing with Threats Recorded: Jan 26 2017 60 mins

Lance Cottrell; Dominique Kilman; Aamir Lakhani; Brandon Dunlap

Threats. They are everywhere and one of those things that keep security practitioners awake at night. However, the exposure to and damage from the myriad threats out there can be mitigated via a number of steps. These include threat hunting and detection, investigation and timely and effective response. If your security is synchronized it can help to reduce the response times and the resources that are used. Join (ISC)2 and our sponsor Sophos for our first From the Trenches webcast of 2017 on January 26, 2017 at 1:00PM Eastern for a discussion about threats and how to cut the time in detecting and responding to them.

Watch now
Pragmatic Cyber Risk Quantification Recorded: Jan 25 2017 60 mins

Jack Jones, Risk Lens; Cody Whelan, Risk Lens; Brandon Dunlap - Moderator

Quantitative risk analysis is achievable, can be pragmatic, and can actually out-perform qualitative risk analysis in the face of complex issues like intelligent adversaries. Join Jack Jones, the original author of the Factor Analysis of Information Risk (FAIR) framework and (ISC)2 to learn more about FAIR. Jack will highlight both the quantitative use-cases as well as the ways in which FAIR can be leveraged to improve qualitative risk analysis. This will be followed by a demonstration on how to quantify cyber risk with the RiskLens Cyber Risk Quantification software platform.

Watch now
Visibility and Security - Two Sides of the Same Coin Recorded: Jan 19 2017 60 mins

Cricket Liu, Exec VP, Infoblox; Dan York, CISSP, DNS Sec Prog Mgr, Internet Society;

You can't secure what you can't see and not knowing what's on your network can be damaging. While security is about proactively detecting and mitigating threats before they cause damage, it is also about gaining deep visibility into today's complex networks which may include diverse platforms and architectures. A truly enterprise grade DNS, DHCP and IPAM (DDI) platform can provide that visibility because of where it sits in networks. On the downside, DNS is a top threat vector but it can be used as strategic control points to block malicious activity and data exfiltration. Join Infoblox and (ISC)2 on January 19, 2017 at 1:00PM Eastern for a round table discussion featuring Cricket Liu, a well known authority on the Domain Name System and the co- author of all of O'Reilly & Associates' Nutshell Handbooks on DNS, as we examine how strategic DNS can be used for visibility and security.

Watch now
Threats - The Wolf that Never Leaves the Door Recorded: Dec 20 2016 60 mins

Michael Rodriguez, Digital Forensics/IR Consultant, Intel Security; Dominique Kilman, Crowdstrike; Dr, Lance Cottrell

Insiders. Targeted attacks. Bad actors. Malware. Organized crime. Ransomware. The threats to your IT infrastructure and organization are many and come from multiple vectors. Detecting, assessing and managing these threats are paramount to the well being of the organization. If the worse does happen and there is an incident, quick and efficient response is critical. Join Intel Security and (ISC)2 on December 20, 2016 at 1:00PM Eastern for our final ThinkTank roundtable of the year where we will discuss threats, threat management and incident response.

Watch now
Your Security Team is a Thing of the Past Recorded: Dec 15 2016 60 mins

Mark Nunnikhoven, VP, Cloud Research; Trend Micro; Deidre Diamond, CEO, BrainBabe; Kevin Hutchison, Cerner Corp.

It's said that teamwork makes the dream work. And the dream is a secure organization. While you and the rest of your team works towards that, it takes everyone to achieve comprehensive and effective security. But achieving this degree of security thinking within in an organization is fraught with challenges - ensuring the consistent application of controls across the enterprise and across, to outside partners and vendors, the changing skill set and diversity of the workforce & security staff and the hiring of talent to maintain security. Join Trend Micro and (ISC)2 on December 15, 2016 at 1:00PM Eastern for a roundtable discussion as we examine this topic and how best to manage these issues.

Watch now
Your Money or Your Data - Ransomware is Here Recorded: Nov 10 2016 61 mins

Deepak Patel, Director of Product Marketing, Imperva; John Carnes, Anthem; Rob Ayoub, IDC; Brandon Dunlap, Moderator (ISC)2

If it bleeds, it leads and the headlines these days indicate that more and more companies are succumbing to ransomware. A user clicks the wrong link and the next thing you know, you’re your data is being held hostage...for a price. It leads to nonproductive downtime, tests the limits of your back-up strategy, and saps your bottom line. How do you combat a threat like ransomware? Do you pay up? Join Imperva and (ISC)2 on November 10, 2016 at 1:00PM Eastern for a discussion on ransomware, its impact and how organizations should respond.

Watch now
Why Targeting Is the Next Big Trend in Attacks Recorded: Nov 4 2016 43 mins

Dr. Lance Cottrell, CISSP®, Chief Scientist, Ntrepid Corp.

While we will never see the end of generalized mass attacks, the real damage is being done through highly targeted attacks. In discussing why targeted attacks are so effective and economically advantageous to the attacker, we'll learn why that trend is likely to continue. Timely case studies of targeted and integrated attacks will contribute to understanding the trade-offs for the adversaries. Some suggestions for countermeasures against this strategy will be provided.

Watch now
Quantifying Cloud Risk Recorded: Nov 4 2016 54 mins

Jack Jones, CISSP, CRISC, CISM, CISA EVP R&D, RiskLens Inc.

Business executives are unlikely to ever really understand risk statements like “High risk”, “Medium risk” and “Low risk”. As a result, they sometimes discount higher risk situations as “infosec conservatism.” Risk quantification can be a powerful tool to help them better understand and appropriately prioritize infosec risk scenarios. In this session, Jack will walk participants through an analysis of a specific cloud service leveraging the Factor Analysis of Information Risk (FAIR) framework. The analysis results will be described in business terms that any executive would understand. This session will demonstrate a pragmatic approach to quantifying cloud-related risk.

Watch now