SIEM is Dead: Changing The Approach to Enterprise Security Monitoring
A wise man once said "If you keep doing what you're doing, you keep getting what you're getting" and this applies to enterprise monitoring as well. Let's face it, the landscape of threats and risks has outpaced our efforts to monitor and respond to them. The SIEM market is into its second decade already, and is showing signs of its age. Keeping up with the evolving threatscape means making changes in how we observe and react to our attackers. The adversary continues to change their game in response to our defenses and it is time we changed our methods as well. Join (ISC)2 and RSA Security on July 19, 2012 at 1:00pm Eastern for a roundtable webinar where we explore models and methods for improving our situational awareness.
RecordedJul 19 201262 mins
Your place is confirmed, we'll send you email reminders
Victor Lee, CISSP, Intel Security; Mat Gangwer, Rook Security; Brandon Dunlap, Brightfly; Tim O'Brien
As a wise person once said, a man with one watch knows what time it is, a man with two isn't so sure. Despite the myriad of tools at our disposal in the SOC, how do you accurately identify and triage security Events, escalate those that need it to the status of Incident, and mange them through remediation or response effectively? Join Intel and (ISC)2 on September 29, 2016 at 1:00PM Eastern as we bring a panel of SOC operational experts to discuss strategies and opportunities to orchestrate SOC operations for peak performance.
Holger Schulze; Javvad Malik, Dan Waddell, Afir Agasi, Rich Campagna, Sami Laine, Patrick Pushor, Alvaro Vitta
Hear from a panel of experts including Afir Agasi, Rich Campagna, Sami Laine, Javvad Malik, Patrick Pushor, Alvaro Vitta and Dan Waddell as they review the results of the 2016 Cloud Security Spotlight Report. This report highlights cloud security concerns and what security best practices are evolving with the increasing adoption of cloud computing. Get the report here: cert.isc2.org/cloud-security-spotlight-report/
Mark Nunnikhoven, Trend Micro; Dave Lewis, Global Security Advocate, Akamai; Chris Nicodemo, Global Dir App Sec & Arch, Time
Moving and integrating multiple applications across both on-premise and into the cloud is a daunting task. Whether it is the "lift and shift" of existing workloads into IaaS or the federation of identities between your traditional enter isle and SaaS providers, the task is monumental. Join Trend Micro and (ISC)2 on August 11, 2016 at 1:00PM for a spirited roundtable webinar where we'll dig into the important security implications of your cloud strategy and how to ensure that you are considering all of the angles as you make the change.
Darrin Reynolds, Reynolds Privacy; Graham Jackson, General Counsel, (ISC)2; Harvey Nusz, CISO, 4IT Security
The EU's General Data Protection Regulation (GDPR) was adopted on April 14, 2016 and threw infosecurity and privacy teams into chaos. While teams were trying to get their arms around the new regulations and rules, the UK voted to leave the EU, throwing another big wrinkle into the mix. What does all of this mean to you and your compliance and regulation efforts? What does the Brexit vote mean for the GDPR and for the UK's infosecurity and privacy rules? Imperva sponsors an (ISC)2 From the Trenches webinar discussion on this and answers questions from the audience on July 28, 2016 at 1:00PM Eastern.
John Carnes, Anthem; Terry Olaes; Rob Ayoub, IDC; Brandon Dunlap, Brightfly
Detecting and investigating malicious or unintentional activity is a time consuming effort and an inefficient use of our limited resources. All too frequently, we discover something is amiss and realize that problem has existed for a long time, yet it's just come to your attention. How can an organization increase the speed of detection of malicious activity? Can detection and investigation processes benefit from "hitting the afterburners"? Join RSA Security and (ISC)2 on June 30, 2016 at 1:00PM Eastern for a discussion on detection and investigation visibility and what to leverage to make threat detection effective.
Scott Montgomery, VP & CTO, Intel Security; Doug Cahill, Sr. Analyst, ESG; John Yeoh, Senior Research Analyst, CSA
IaaS, PaaS, SasS? Private, Public, Hybrid? Regardless of the deployment model, you likely have some key services and data spread across some combination of all of these, not to mention what is still on premises. How can your security team keep tabs on all of this? There needs to be uniform management, visibility and control of the various clouds or vulnerabilities and errors are going to put data at risk. Join Intel Security and (ISC)2 on June 16, 2016 at 1:00PM Eastern for a Roundtable discussion on this issue and how to manage your clouds.
Greg Mayfield, Director, Product Marketing, Blue Coat; Spencer Wilcox, Excelon; Sammy Basu, Warner Bros. Entertainment Group;
Starting in earnest after the "Snowden Revelations" 2013, more and more service providers such as Google, Yahoo and Amazon have been embracing SSL by default. Whether in search, cloud services or webmail access, these providers have been instrumental in their support of a more secure and obfuscated web. But what does that mean for the enterprise information security professional? While the providers have "seen the light", have we become blinded by it? To ensure the inspection and subsequent protection of data streams in and out of our organizations, we need the ability to inspect encrypted traffic for policy violations or other malicious activity while still ensuring multi- jurisdictional rights to privacy. Join Blue Coat and (ISC)2 on May 26, 2016 for a roundtable discussion exploring methods and mechanisms for addressing SSL inspections and the search for malicious activity.
Ted Sherrill, Oracle; Graham Jackson, (ISC)2; Harvey Nusz, 4IT Security
The General Data Protection Regulation (GDPR) is being instituted to improve data protection and privacy for individuals in the European Union (EU). Additionally, it addresses the export of data outside the EU, which will impact all multi-national businesses operating in the EU. Almost 3/4 of US Privacy professional believe that this is the most significate change to privacy regulations in the last 20 years. What should an organization be doing now to prepare for this new regulation to avoid non-compliance, fines and increased spending? Join Oracle and (ISC)2 on April 14, 2016 at 1:00PM Eastern for a discussion on this new regulation and how your organization could be impacted.
Steven Hernandez, CISSP, Vice Chair, (ISC)2 Board of Directors
In this infosession (ISC)² Board of Directors, Vice Chair, Steven Hernandez, discusses the challenges that CISSPs are seeing in their workforce today and how creating a culture of security within your organization can help fill the cybersecurity workforce shortage.
Mike Pittenger, VP, Product Strategy, Black Duck; John Overbaugh, CISSP, CISO, CyberVista; Brandon Dunlap
Open source software and code has become common place in application development, as have the use of vulnerability assessment tools. After all, no one wants to be the victim of the next Heartbleed, Poodle or Logjam. But vulnerability assessment tools, while helpful, have blind spots. How can you ensure that you are protecting your networks and applications from newly disclosed vulnerabilities? Join Black Duck Software and (ISC)2 on March 22nd, 2016 at 1:00PM Eastern for a discussion on VA Tools, Open Source Assets and secure application development.
Christian Macdonald, Solutions Architect, Intel Security; Brad Antoniewicz, Principal Consultant, Foundstone; JJ Thompson
It's an infosecurity department's worst nightmare. There's been a breach and information is missing. After determining what's been compromised, you need to discover how the data was accessed and exfiltrated from your enterprise. Threats vary from system to system and include malicious insiders, organized crime and accidental disclosure. Data involved can include customer and/or employee information, intellectual property and financial records. Join Intel Security and (ISC)2 on March 17, 2016 at 1:00PM Eastern for a look into Intel Security's recent Data Exfiltration Study and discover how data is being stolen, what the bad guys are focusing on and what detection and prevention technologies might be working.
Spencer Wilcox, Constellation Energy; Patrick Miller, EnergySec; Chris Walcutt; Black & Veatch; Brandon Dunlap
Train like you fight. Fight like you train. We could do well to heed this old military axiom and regularly drill for a variety of incident scenarios in the most realistic means as possible. During this (ISC)2 roundtable, we will explore the role of incident management simulation and testing from the world of critical infrastructure and provide some concrete and immediately actionable methods you begin incorporating into your own preparedness program. As the saying goes, “No plan survives first contact with the enemy,” so please join us On February 11, 2016 at 1:00PM Eastern in learning how to become a more resilient organization in the face of disaster.
Ondrej Krehel, CISSP, Founder & CEO/Paul Kluber, CISSP, Digital Forensics Examiner, Lifars, LLC
A major company has been hacked, suffering a data breach. How do companies the size of Sony handle such situations? Various departments, including legal, tech and PR come together to meet with the management and workout a plan on how to handle the crisis. This presentation will focus on both -- companies with a data breach response plan and those without one. We'll shed some light on what the first 24 hours post-breach looks like for a major company.
Regional Directors Dan Waddell (NCR), Clayton Jones (APAC); Adrian Davis (EMEA) & Gina Van Dijk (LATAM)
As a truly global organization, (ISC)2 membership stretches to over 110,000 members in over 160 countries. To help serve the needs of the membership, (ISC)2 has regional offices to oversee the operations and efforts in North America (NA), Asia-Pacific (APAC), Europe, Middle East, & Africa (EMEA) and Latam America (Latam). These offices are managed by regional directors with their own teams to offer regional support and resources and to be the voice of the region. On January 28, 2016 at 1:00PM Eastern you'll have the opportunity to discover what's going on in each of these regions as we gather our three Regional Directors Dan Waddell (NA), Clayton Jones (APAC), Adrian Davis (EMEA) and Gina Van Dijk (Latam) for a view into what they have planned for 2016.
Mike Flouton, VP & Global Head of Solutions Marketing, BAE Systems; Robert Westervelt; IDC; Sonny Discini; Brandon Dunlap
Corporate e-mail. It’s safe to say that no organization can survive without it. Making sure it’s available, compliant and secure can be challenging for any security team. Add Office 365 and the Cloud to the mix and the potential issues multiply significantly. E-Mail protection services can make the tasks much less complicated by providing protection against inside and outside threats, reducing downtime and adding encryption. Join BAE Systems and (ISC)2 on January 21, 2016 at 1:00PM Eastern – our first ThinkTank of the year – where we’ll discuss e-mail protection services, Office 365 and the Cloud and how to keep your e-mail up and running.
Anurag Kahol, CTO, BitGlass; Adam Gordon, CISSP, CISO/CTO, New Horizons Computer Learning Center; Mike Webb, SmartVault
As more companies jump on the cloud bandwagon and migrate core services to cloud apps like Office 365, native app security has proved lacking. Enter Cloud Access Security Brokers. CASBs augment corporate identity and access controls to Cloud services, enabling better visibility, more granular data security, threat protection and compliance. What are the best strategies when making the move to public cloud applications? Join Bitglass and (ISC)2 on December 3, 2015 at 1:PM where we will discuss CASBs and how they can help secure cloud apps like Office 365.
Dan Kennedy, Research Director for Information Security at 451 Research
Last year we spoke about enterprise perceptions towards advanced persistent threats, or as 451 Research terms them adaptive persistent threats. The acknowledgement that there are threat classes that can not be rebuffed by preventative security controls has led to a refocus on security monitoring for many enterprise heads of information security, but the approach is not without its challenges, including notably complexity and manpower. Join Dan Kennedy, Research Director for Information Security at 451 Research on November 10, 2015 to review portions of two end user studies on enterprise perception towards major security monitoring platforms: SIEM and IDS/IPS. The presentation will draw on results of over two thousand surveys conducted with enterprise information security managers.
Javvad Malik CISSP®, Security Advocate, Alien Vault
I used to be a security professional, but even my boss didn’t remember my name. My brilliant ideas weren’t listened to, I was never invited to speak at conferences and not even my mother visited my blog." In this talk, we've distilled the key skills and traits taken from personal experience as well as industry professionals to present strategies you can employ to increase your stock internally within an organization as well as within the industry. Simply being hard working and skilled in your job is not enough.
Ismael Valenzuela, IR Technical Practice Mgr, Foundstone; Mat Gangwer, Rook Security; Jack Walsh, ICSA Labs;
While some indicators of compromise (IoCs) can be incredibly helpful in gaining visibility into the details and breadth of a breach, others can be noise. How do you decipher the difference between the good, the bad and the just plain ugly? Join Intel Security and (ISC)2 on November 5 at 1:00PM Eastern for a discussion on IoCs as we discuss what threat intelligence provides the most value along with where IoCs are going and should go next to better enable investigations and defend organizations.
Dave Lewis, CISSP, Global Security Advocate, Akamai Technologies
This talk will examine the tools, methods and data behind the DDoS attacks that are prevalent in news headlines. Using information collected, the speaker will demonstrate what attackers use to cause their mischief and mayhem and examine the timeline and progression of attackers as they move from the historical page defacers to the motivated DDoS attacker. We'll also look at motivations and rationale to detect patterns and build better protections.
IT organizations have hit a breaking point in siloed management tools to address one of the most critical issues today - cybersecurity hygiene. In particular, numerous point solutions targeting the endpoints drive cost, complexity, and other challenges. New investments in cloud, distributed workforces and increasing numbers of connected devices only exasperate this problem. Addressing cybersecurity hygiene means that critical actions must be made on demand versus scheduled. Teams must also have confidence that assessment results and remediation actions are complete.
Come learn about the key issues why cybersecurity hygiene fails in most organization. We’ll discuss in depth how the platform approach and speed of Tanium are poised to fix this critical problem. Eric Hanselman, 451 Chief Analyst, and Erik Kristiansen, Senior Director of Product Marketing at Tanium will discuss.
Cyber attackers are going phishing in your network pond.
Learn how you can keep your people from taking the bait.
Nowadays there are as many ways to communicate as there are things to say. Even so, email continues to be the primary method to connect with others, and the preferred vector for cyber-attacks. The latest threat targeting higher learning institutions comes from Business Email Compromise, an emerging but sophisticated cyber-attack consisting of low-volume campaigns of highly targeted phishing emails.
In part 3 of our three-part Webinar series, we’ll take a deep dive into Business Email Compromise and explore the various approaches attackers are using to execute campaigns targeting higher education institutions. You’ll learn the indispensable tactics you need to protect your higher learning environment from Business Email Compromise phishing attacks. Register Now.
One in five businesses don’t test for security vulnerabilities. A recent study by Osterman Research found that many businesses fail to conduct frequent security testing despite believing that it’s critically important to securing their systems and data.
In this presentation Michael Osterman, President of Osterman Research, Inc., will discuss key findings from the “Security Testing Practices and Priorities: An Osterman Research Survey Report”, including:
•Common types of security issues experienced in the past 12 months.
•The extent to which organizations take a proactive approach to security testing.
•Types of security testing conducted during the past 6 months.
•How often organizations conduct detailed review of security tests.
•Challenges faced by organizations in the context of security testing.
As application security moves into the realm of monitoring and protecting applications in production, it’s becoming even more critical to adopt solutions that are automated, continuous and natural. New technology innovations from HPE Security Fortify enable practitioners to continuously discover, profile and assess application portfolios of all sizes.
Avec le degré de maturité et le niveau de menace atteint par les ransomwares au cours de l’an dernier, comment pouvez-vous être sûrs que votre infrastructure IT est réellement protégée et que vous êtes prêt à parer à une attaque ?
Aujourd’hui, les responsables sécurité sont confrontés à :
•un manque de renseignements exploitables sur les menaces, qui leur permettraient de mieux cerner les acteurs et les campagnes susceptibles de viser leurs entreprises
•une carence en analystes de sécurité qualifiés, capables d’identifier le nombre croissant de menaces pénétrant leurs organisations. Par exemple, les cryptoransomwares sont en augmentation constante (+35 % en 2015 ) et il faut encore en moyenne plus de 200 jours à une entreprise pour découvrir qu’elle victime d’une attaque.
•peu d’expertise spécialisée dans les techniques requises pour réagir à des menaces et les neutraliser une fois que celles-ci ont pénétré leur environnement IT
Les gangs de rançonneurs ne cessant d’affiner leurs tactiques, les entreprises ont besoin d’être parfaitement au courant des menaces et des risques qu’elles encourent. Symantec vous donne rendez-vous pour un webcast consacré aux attaques par ransomware. Vous y découvrirez ce qui est arrivé à une société et les mesures qu’elle a prises pour remédier à la menace.
The cyber threat landscape has never been more dynamic, than what we are seeing today. With an expanding surface area for attacks and a cybercriminal ecosystem worth billion of dollars on a global scale, cybercriminals are constantly pursuing new methods to obtain financial funds.
It is no different in the Nordics – a region that is well known for its natural resources, innovations in renewable energy and healthcare, proximity to the Arctic, and emphasis on transparency in government is also a prime target for cybercriminals. These unique attributes make the region a prime target for cyber threat groups looking to capitalize on Nordic countries’ robust economies and distinct geopolitical concerns.
Join Jens Monrad, Senior Intelligence Account Analyst at FireEye, who will discuss:
* The Threat Landscape in the Nordics
* Trends and Insights in Malware detections across the Nordics
* Geopolitical situations which can influence the threat landscape in the Nordics
* How having accurate and enriched threat intelligence can enable organisations to make tactical, operation and strategic decisions.
Register today and learn what tools, processes and information organisations need in order to allow them to fully reconstruct the attack scenario and help make the right decisions based on the attack, as well as prepare for the next one.
El año pasado, el ransomware alcanzó un nivel de peligrosidad y profesionalidad nunca visto hasta ahora: ¿cómo puede estar seguro de que su infraestructura informática está protegida y de que está preparado para gestionar un ataque?
En la actualidad, los líderes de los equipos de seguridad se enfrentan a los siguientes desafíos:
•Una falta de inteligencia procesable sobre amenazas para mejorar su comprensión sobre los ciberdelincuentes y campañas que podrían tener como objetivo a su empresa.
•Muy pocos analistas de seguridad cualificados que puedan identificar el creciente número de amenazas que se infiltran en su organización. Por ejemplo, el uso del ransomware de cifrado como herramienta de ataque por parte de los ciberdelincuentes continuó aumentando en 2015, con un crecimiento del 35 %. Sin embargo, las empresas que sufren un ataque siguen tardando más de 200 días en conocerlo.
•Pocos conocimientos especializados en las técnicas necesarias para responder a las amenazas y repararlas una vez han invadido su entorno informático.
Los grupos de cibercriminales especializados en ransomware continúan evolucionando sus tácticas, por lo que las organizaciones deben ser plenamente conscientes de las amenazas que estos representan. Únase a Symantec en un webinar que se centrará en un ataque de ransomware para conocer más detalles sobre el incidente y sobre las medidas que tomó la empresa para reparar la amenaza.
Lo scorso anno il ransomware ha raggiunto un nuovo livello di evoluzione e pericolosità: come essere certi che l'infrastruttura IT sia protetta e in grado di affrontare un attacco?
Oggi i leader della sicurezza hanno importanti sfide da risolvere:
•Un’intelligence sulle minacce insufficiente a individuare gli aggressori e le campagne che potrebbero attaccare la loro azienda.
•La penuria di analisti di sicurezza competenti in grado di identificare il numero crescente di minacce che penetrano all’interno delle aziende. Nel 2015, ad esempio, l’uso del crypto-ransomware come strumento di aggressione è aumentato del 35%, ma le aziende aggredite impiegano ancora più di 200 giorni per accorgersi del problema.
•Scarsa conoscenza specializzata delle tecniche di incident response e remediation per gli ambienti IT colpiti.
Gli autori dei ransomware continuano ad affinare le proprie tattiche, e le aziende devono imparare a conoscere bene le nuove minacce. Partecipa al webinar Symantec che descrive un attacco di ransomware, le sue conseguenze e la strategia di remediation adottata dall’azienda colpita.
Next Generation Firewalls are Next Generation Firewalls…or maybe NOT.
In the light of new advanced attacks and the demands to lower security infrastructure costs, just how can one get the most out of the Next Generation Firewall (NGFW) solutions? Are all NGFW solutions the same?
What criteria should one consider for a NGFW solution that is best for your distributed enterprise environment? Join Forcepoint™’s Michael Ferguson and find out key value points when selecting a network security solution catered to your environment:
• Latest trends in NGFW
• Addressing total cost of ownership
• Security effectiveness in increasingly complex threat landscape
• Challenges in policy management
Also, find out why Forcepoint Stonesoft NGFW has won NSS Labs' coveted highest rating of “Recommended” for the 4th year in a row. Learn how it can provide the scalability, protection and visibility needed to effectively manage your distributed networks. Plus, rapidly and easily deploy, monitor and manage thousands of firewalls from a single pane of glass.
Learn how all employees can work and collaborate securely! The new world of work demands that people collaborate faster and more seamlessly than ever before.
Your employees have access to cloud-based apps, personal devices, and pervasive internet connectivity. All these things are great for getting work done, but your company is still held to high standards around security, and auditing, and you can't afford to make a wrong move.
Join this webcast to explore some common security scenarios such as:
•How do you provide access when you can't always control the endpoint?
•How do you know where all your company's files are right now?
•If you terminate an employee, how would you know what files they had in their possession.?
•Could you wipe a terminated employee's corporate data while leaving their personal content alone?
This webcast is part of our Digital security in the modern world webcast series. Sign up for this session, or the entire series today!