Browse communities
Presenting a webinar?
Share this content

SIEM is Dead: Changing The Approach to Enterprise Security Monitoring

Paul Stamp, Dir, Product Mktg, RSA, Josh Corman, Dir, Security Intelligence, Akamai, JJ Thompson, Rook Consulting,
A wise man once said "If you keep doing what you're doing, you keep getting what you're getting" and this applies to enterprise monitoring as well. Let's face it, the landscape of threats and risks has outpaced our efforts to monitor and respond to them. The SIEM market is into its second decade already, and is showing signs of its age. Keeping up with the evolving threatscape means making changes in how we observe and react to our attackers. The adversary continues to change their game in response to our defenses and it is time we changed our methods as well. Join (ISC)2 and RSA Security on July 19, 2012 at 1:00pm Eastern for a roundtable webinar where we explore models and methods for improving our situational awareness.
Jul 19 2012
62 mins
SIEM is Dead: Changing The Approach to Enterprise Security Monitoring
SIEM RSA (ISC)2 Security
Join us for this summit:
Next-Generation Network Security
February 19-20, 2014 View summit
More from this community:

IT Security

Webinars and videos

  • Live and recorded (4257)
  • Upcoming (152)
  • Date
  • Rating
  • Views
  • Channel
  • Channel profile

(ISC)2 ThinkTank

Up Down
  • Countering Adversaries Part 3: Hacktivists and SQL Injection Attacks May 22 2014 5:00 pm UTC 75 mins
    Activists break into organizational web applications and databases to find personal and organizational data in order to expose this private information. The Verizon Data Breach investigations report says “Hacktivists generally act out of ideological motivations, but sometimes just for the fun and epic lutz.” In this third webcast of a three part series, (ISC)2 and Oracle will examine their number one tool of choice: SQL injection attacks. SQL injection attacks are both simple to perform and difficult to detect. We’ll discuss detecting and blocking SQL injection attacks in order to protect your most sensitive customer and organizational data from “epic lutz”.​
    Attend
  • Countering Adversaries Part 2: Organized Crime and Brute Force Apr 24 2014 5:00 pm UTC 75 mins
    Hailing from Eastern Europe and North America, organized criminals have a penchant for using brute-force hacking and multiple strands of malware to target financial and retail organizations for monetary gain, according to the Verizon DBIR. It is common for these cybercriminals to directly access databases and extract payment cards, credentials, and bank account information. Join (ISC)2 and Oracle as we discuss tactics employed by these cybercriminals and how organizations should implement a defense in depth database security strategy to help mitigate the threat.
    Attend
  • Countering Adversaries Part 1: Espionage and Stolen Credentials Mar 27 2014 5:00 pm UTC 75 mins
    By profiling criminal activity, the Verizon Data Breach Investigations Report has been able to identify three distinct threat actors including espionage, organized crime, and activists. Organizations can take proactive steps to mitigate potential risks by understanding each threat actor’s methods and targets. In this three part series, (ISC)2 and Oracle will examine these three threat actors, the industries they target, and how to protect sensitive customer and organizational data. We begin with countering espionage threats and their preference for using stolen credentials.
    Attend
  • Quick decisions - Using Real Time Security Management to Make the Right Call Mar 20 2014 5:00 pm UTC 75 mins
    Ferris Bueller famously said “Life moves pretty fast. If you don’t stop and look around once in a while, you could miss it”. The same can be said of security practitioners. Their job and responsibilities move quickly and change suddenly based on shifting threats, business pressures and constant auditing. Today's security professional has to make quick “reads” and decisions about how to react. Real-time security management tools can assist in “looking around” several critical security areas such as defenses, awareness, monitoring and response. The data and critical information distilled help to inform the quick and decisive decisions needed when acting on a security incident or threat where speed is important. Join (ISC)2 and McAfee for our Roundtable on March 20, 2014 at 1PM Eastern when we look at the use of real-time security management to make quick and correct decisions for your organization. ​
    Attend
  • Keeping Pace with PCI Changes Recorded: Feb 18 2014 58 mins
    With the release of of PCI DSS v3.0 in November, the PCI Standards Council has raised the bar for retailers, card processors and application developers. While the Council allows 14 months for companies to shift to the new standard, the analysis needs to begin now. Join (ISC)2 and Bit9 on February 18, 2014 at 1PM Eastern for a Roundtable discussion where we'll go beyond just enumerating the changes and dive into how this latest release will impact your organization in 2014.
    Play
  • Security Series Part 6: Unleashing the Power of Big Data through Secure APIs Recorded: Feb 13 2014 62 mins
    Quite often what makes an organization unique can be found in the volumes of data it has stored and hidden from the outside world. But while access is prevented and data is protected, new revenue streams are prohibited. Please join us to learn how securely externalizing your core Big Data assets through a Secure API Data Lens can result in new business models and revenue streams never attainable until now.
    Play
  • Security Series Part 5: Key Takeaways from 2013 & Predictions for 2014 Recorded: Jan 16 2014 59 mins
    Opening up the enterprise to enable new, revenue generating ways of engaging employees, partners, and customers, while still protecting the business and privacy continues to present new opportunities and evolve in the marketplace. As 2014 starts out, it’s time to review which important trends have emerged or shifted in the last year, and predict what we expect will happen in the world of identity and cyber-security in the coming year. Our takeaways and predictions are based on gathering thoughts and ideas from many practitioners and industry experts, and synthesizing it down to a key set of insights that provide a clear understanding of where the world of identity and security is going. Please join us for a thought provoking, actionable discussion on where we’ve come and where we are heading in the identity marketplace.
    Play
  • Security Series Part 4: The Economics of Digital Identity Recorded: Dec 19 2013 61 mins
    Digital identities help solve a crucial problem in today’s highly interconnected IT world-namely knowing the identity of the individual interacting with you. Unfortunately, there are no ways to perfectly determine the identity of a person or thing in cyberspace. Even though there are numerous attributes associated to a person’s identity, these attributes or even identities can be changed, masked or dumped. This session will look at how organizations can leverage these existing digital identities in a manner that does not increase risk or impede user productivity and satisfaction and also share some recent research from the Ponemon Institute on this topic.
    Play
  • Crime Scene Investigation Recorded: Dec 17 2013 61 mins
    While breaches happen more often than infosecurity practitioners would like, no two breaches are the same. Some breaches are simply nuisance incidences where nothing of value is accessed and remediation is put in place. Others reveal themselves as a full blown criminal act and require a full investigation, forensic examination and the involvement of law enforcement. However, many breaches fall in a “gray area” in which the decision to investigate fully becomes a difficult call. Join (ISC)2 on Tuesday, December 17th at 1pm for a roundtable discussion on when to deploy forensics tools, what digital evidence to gather and how and why to bring in law enforcement.
    Play
  • Protecting Patient's Sensitive Data - Dealing With The Final HIPAA Omnibus Rule Recorded: Dec 12 2013 61 mins
    On September 23, 2013, the HITECH Omnibus Final Rule went into effect. The final ruling has far reaching authority and penalties for noncompliance; unfortunately, most are unclear what the requirements mean for their organization and how to protect their sensitive customer data. Join (ISC)2 and Oracle on December 12, 2013 at 1PM Eastern for a roundtable discussion covering the following:

    • The important legal requirements surrounding breach notifications
    • Business Associates’ responsibility and “willful negligence”
    • What healthcare organizations are doing to secure the 66% of sensitive and regulated data that resides in their databases.
    Play
  • Security Series Part 3: Accelerate Mobile App Delivery: API Security for DevOps Recorded: Nov 21 2013 61 mins
    The relationship between Development and Operations continues to become more intertwined as cloud and mobile service expectations rise. Faster application release cycles and improved quality equates to improved operational performance and customer satisfaction. But how can good API Security & Management practices help to accelerate the delivery of mobile apps? And what’s the most effective way to secure them? Please join us to discuss API Security & Management practices to improve your DevOps application delivery process.
    Play
  • Hiding in the Clouds Recorded: Oct 31 2013 61 mins
    The mad rush to cloud services, coupled with the "consumerization of IT" has brought about the perfect storm for the enterprise, but what about the risks to the consumers themselves. Join (ISC)2 and Capella University for this Security Leadership Series Roundtable on October 31, 2013 at 1:00pm Eastern where we will explore the legal and technical risks faced by your friends, family and co-workers and how we, as Security professionals, can help them identify a safe and sound on-line experience for themselves and our enterprises that they inhabit.
    Play
  • Security Series Part 2: IAM as Cloud Services: Right Fit for Your Organization? Recorded: Oct 24 2013 62 mins
    Cloud computing services offer significant potential economic and operational efficiencies. However, these efficiencies are often accompanied by new regulatory requirements around the security of applications and data that are stored in the cloud.

    In addition, many organizations are seeing an explosion in the numbers of users that are interacting with their services, whether these are existing customers conducting transactions or ‘fans’ who are interacting with your services through social media. And while there are clear benefits from consuming IAM services from the cloud, there are important risk factors that have to be considered as well.

    This session will review the pros and cons of IAM Cloud Services and provide guidance and best practices based on specific use cases to help guide organizations to a model that meets their risk profile.
    Play
  • Security Series Part 1: Unifying the Fractured Enterprise One Channel at a Time Recorded: Sep 19 2013 62 mins
    As the enterprise expands and becomes more interconnected through the adoption of social identities, SaaS and mobile technologies, IT and Security practices must change. As the perimeter has evolved into a more connected and open environment, security has been fractured. This now requires the CIO and the entire IT and Security organization to quickly embrace a new identity-centric security model that enables continued business agility, all while protecting the business. During this webinar we will discuss the following topics:
    •Security implications of the new open enterprise and challenges dealing with the interconnectivity of users, apps and machines
    •Securely delivering new business services across multiple channels including Web, APIs and mobile
    •Enabling your new mobile and cloud business to connect through security standards such as OAuth and OpenID Connect
    Play
  • The Challenges and Benefits of Continuous Monitoring and BYOD Recorded: Sep 12 2013 57 mins
    They say knowledge is power. Possessing the ability to have increased visibility into your network traffic, devices, systems, apps and users can only increase your security, resilience and knowledge of what’s happening in your infrastructure. Join (ISC)2 along with sponsors Gigamon and ForeScout on September 12, 2013 at 1:00pm Eastern for our next roundtable webinar where we’ll examine key requirements and technologies for IT to gain enterprise visibility, control and automation. We’ll also discuss common network visibility, access and endpoint compliance gaps; BYOD, policy and security automation; and approaches to leveraging infrastructure and security investments that effectuate IT-GRC security controls.
    Play
  • Using New Design Patterns to Improve Mobile Access Control Recorded: Aug 29 2013 61 mins
    Security Briefings Part 3 - Using New Design Patterns to Improve Mobile Access Control

    The widespread popularity of consumer mobile applications continues to influence how corporate applications are being created and deployed. IT teams who initially deployed web gates to manage HTTP based web applications are under pressure to support a whole new set of native mobile communications and security protocols.

    On August 29, 2013 at 1PM Eastern, (ISC)2 and Oracle conclude their Security Briefings series with Part 3 as Oracle expert Sid Mishra joins Moderator Brandon Dunlap to discuss the patterns of mobile application access and the impact they have on your existing application infrastructure.
    Play
  • (ISC)2 Security Congress 2013 - Sneak Preview Recorded: Aug 21 2013 60 mins
    (ISC)2 will hold its 3rd Annual Security Congress at the Annual ASIS Conference this September in Chicago, IL. This year’s conference promises to be bigger and better as it brings together thought leaders in traditional and information security for three days of educational sessions and an exhibit floor featuring over 350 solution providers. Join (ISC)2 and several of the conference speakers who’ll be presenting at the Security Congress on August 21, 2013 at 1:00pm Eastern as we discuss their sessions, get a preview of what will be discussed at the event and examine some of the “hot button” issues facing security practitioners today.
    Play
  • Optimizing Directory Architecture for Mobile Devices and Applications Recorded: Jul 25 2013 58 mins
    Security Briefings Part 2 - Optimizing Directory Architecture for Mobile Devices and Applications

    Directories are the data stores of all modern Identity Management systems. Traditional directory architecture focused on a low number of directory writes and a very high level of reads.

    The advent of mobile devices and applications has dramatically changed the access load patterns on modern directories. Mobile applications are connected 24/7 and brings significant new features such as location-based services. This has created a new performance demand for an increased number of directory writes and updates. Join (ISC)2 and Oracle on July 25, 2013 at 1PM Eastern for Part 2 of our Security Briefings series where moderator Brandon Dunlap and Etienne Remillon examine how load patterns are changing best practices to install and how to optimize your directory architecture to meet the demand.
    Play
  • The Buck Stops Here – Determining Ownership at the Edges of Your Enterprise Recorded: Jul 18 2013 59 mins
    As the datacenter continues to fracture across your partner ecosystem, BYOD mobile devices, outsourcers and more, security professionals can't help but wonder where the ultimate responsibility for the data should fall. Is it IT? What about the vendors? Your partners? Your employees? All of them are responsible, but the end of the day, you are accountable.

    Join (ISC)2, McAfee and their partner DynTek on July 18, 2013 at 1:00pm Eastern time as we discuss the shifting ownership of your data, and explore opportunities to gain valuable oversight and control before it's too late.
    Play
  • Identity Auditing: Techniques for Reducing Operational Risk and Internal Delays Recorded: Jun 26 2013 58 mins
    Security Briefings Part 1: Identity Auditing: Techniques for Reducing Operational Risk and Internal Delays

    Provisioning user identities and application accounts has evolved from the days of Helpdesk tickets and spreadsheet mapping to a new proactive standard of self service access requests, business based workflow approvals and automated certification.

    Businesses that manage accounts throughout their lifecycle can lower risk due to access abuse and fraud, and can improve their compliance profile. Join (ISC)2 and Oracle on June 26, 2013 at 1PM Eastern for Part 1 of a new Security Briefings series. Moderator Brandon Dunlap and identity expert Jim Taylor of Oracle will discuss and identify common governance gaps, and explains how to take an intelligent risk based approach to account lifecycle management.
    Play
ThinkTank
(ISC)2 hosts a monthly panel discussion around different thought engaging topics within the information security sector.
  • Upcoming webinars (4)
  • Recorded webinars (73)
  • Subscribers (18,387)
Channel RSS feed
Up Down
Try a powerful marketing platform for your videos and webinars. Learn more  >

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: SIEM is Dead: Changing The Approach to Enterprise Security Monitoring
  • Live at: Jul 19 2012 5:00 pm
  • Presented by: Paul Stamp, Dir, Product Mktg, RSA, Josh Corman, Dir, Security Intelligence, Akamai, JJ Thompson, Rook Consulting,
  • From:
Your email has been sent.
or close
You must be logged in to email this
OK