Identity is the New Perimeter - Part II ­ The Role of Content and Context

Sumner Blount, Dir, Product marketing, Security & Compliance; Brandon Dunlap, Dir, Research, Brightfly
While traditional Identity and Access Management (IAM) solutions allow
control to access to key applications and information, they do not control
what an individual does once they get the information. Soft skill efforts
such as data classifications and information protection policies are still
critical, and provide a valuable foundation of your protection strategy,
but what tactics and technologies do they require to support the rest of
your efforts? Join (ISC)2 and CA Technologies for part 2 of our Security
Briefings series on August 30th at 1pm Eastern where content expert Sumner Blount discusses with moderator Brandon Dunlap and the audience these topics and presents case studies on IAM and content control.
Aug 30 2012
60 mins
Identity is the New Perimeter - Part II ­ The Role of Content and Context
(ISC)2 Security
Join us for this summit:
More from this community:

IT Security

Webinars and videos

  • Live and recorded (4543)
  • Upcoming (146)
  • Date
  • Rating
  • Views
  • Successful organizations run on key metrics and IT security should be no different. But which security metrics should operations, management and the boardroom be focused on? Factories focus on “days without an accident” Is the cyber parallel “days without a breach?”
    What to measure, how to measure, and how to communicate performance is key to improving the security team’s effectiveness and standing within the organization. Information like:
    - Which departments have access to which servers?
    - Who are the privileged users and when are they most active?
    - Where are the assets with vulnerabilities that can be reached from outside?
    - When are security defenses like firewalls likely to maxout?
    Join Dr. Larry Ponemon, Chairman & Founder of the Ponemon Institute, for key results of a new research study on security metrics and change management, and Jody Brazil, Founder, President and CTO of FireMon, for a pragmatic perspective on generating actionable metrics from your network security infrastructure and reducing the risks of relentless change.
  • Successful organizations run on key metrics and IT security should be no different. But which security metrics should operations, management and the boardroom be focused on? Factories focus on “days without an accident” Is the cyber parallel “days without a breach?”
    What to measure, how to measure, and how to communicate performance is key to improving the security team’s effectiveness and standing within the organization. Information like:
    - Which departments have access to which servers?
    - Who are the privileged users and when are they most active?
    - Where are the assets with vulnerabilities that can be reached from outside?
    - When are security defenses like firewalls likely to maxout?
    Join Dr. Larry Ponemon, Chairman & Founder of the Ponemon Institute, for key results of a new research study on security metrics and change management, and Jody Brazil, Founder, President and CTO of FireMon, for a pragmatic perspective on generating actionable metrics from your network security infrastructure and reducing the risks of relentless change.
  • You are invited to register for our upcoming COSO webinar, COSO 2013: Mapping Controls to Principles. Transitioning to the New COSO Framework is top of mind for many organizations. How do you get started? How do you map controls to principles or vice versa? What are some of the preliminary findings organizations are seeing as they head down the path to implement the framework?

    Please submit top-of-mind questions during the webinar registration process.

    CPE credits will be provided to qualifying attendees.
  • *On this webcast we're giving away a pass to our partner event: the Chicago Cyber Incident Response Summit, between June 21-23, 2014*

    Let’s face it, there’s unrelenting pressure on IT to enable competitive advantage through new technology and use of data assets‒-but the business is driving initiatives that can push sensitive production data into more and more exposed areas. The key question is ‘How can you enable the business to be agile AND take a more proactive, programmatic approach to security at the same time?’ With the advanced threats that are pervasive today, it’s becoming increasingly dangerous for organizations to deploy new technologies and processes, and then reactively address the implications for data security in the ecosystem. You need a blueprint to reverse this trend in your organization.

    In this webinar, William Stewart, Senior Vice President of Booz Allen Hamilton and Jeff Lunglhofer, Principal of Booz Allen Hamilton–a leading management technology and consulting firm driving strategic innovation for clients–will discuss the top trends in cyber threat mitigation, data privacy, data governance, and data security, with Mark Bower, VP Product Management and Solutions Architecture at Voltage Security.

    Attend this webinar to learn more about how to:
    •Increase responsiveness and security in your IT environment and architecture
    •Fight pervasive threats from inside and outside attack with data-centric technologies
    •Raise your organization’s overall data privacy, compliance, and security profile
    •Implement a new data de-identification framework across production, test & dev, and analytics use cases
    •Proactively enable critical business initiatives
    --Can't attend live? Register below to receive a link to the recorded webcast.
  • The future of work sees changes to how employees work, how managers lead, and how organizations are structured. However, technology still remains the central nervous system of organizations and things like enables flexible work, collaboration, communication, and BYOD. In short, IT helps organizations be competitive. But how is IT changing in the context of new work behaviors and expectations, a multi-generational workforce, the cloud, globalization, and many of the other trends that are shaping the world of work? Join us in this session as a panel of experts debates and explores how IT is changing and what the future of IT looks like.
  • Malware today is very different from just a few years ago. Traditional AV technology is no longer able to consistently and fully remediate or defend against today’s most advanced threats. New and emerging threats such as ransomware, social engineering driven attacks and micro variant financial threats are just some examples of difficult to remediate infections. This presentation will take a look at the malware landscape and explain why these tactics are so effective against traditional AV technology. We will examine three specific families of infections and highlight their tactics to evade detection and what issues occur with remediation. Lastly, we will talk about Webroot’s innovation and how our SecureAnywhere AV solution is capable of defending against, and remediating today’s most advanced threats.
  • Malware today is very different from just a few years ago. Traditional AV technology is no longer able to consistently and fully remediate or defend against today’s most advanced threats. New and emerging threats such as ransomware, social engineering driven attacks and micro variant financial threats are just some examples of difficult to remediate infections. This presentation will take a look at the malware landscape and explain why these tactics are so effective against traditional AV technology. We will examine three specific families of infections and highlight their tactics to evade detection and what issues occur with remediation. Lastly, we will talk about Webroot’s innovation and how our SecureAnywhere AV solution is capable of defending against, and remediating today’s most advanced threats.
  • Join us to hear from product expert Rob Singh to learn more about Mocana Atlas Certificate Enrollment
  • Collaboration is crucial when it comes to your marketing team. No matter if you're based locally or globally, the concept of work and the way we interact is completely changing. With smartphones and tablets taking over our lives, efficient collaboration, coordination, and consistency around marketing campaigns and messaging can be challenging when running a marketing organization.

    Join this webinar to discover:

    - The latest and greatest in marketing automation and file sharing platforms
    - Content collaboration tools that save time and keep branding consistent between teams
    - How centralizing assets can ease global content translation and localization
    - Real-time content and campaign sharing that can spark new ideas and educate your organization
  • Today’s Health IT leaders face a difficult task in handling mobile device security and policy compliance, particularly given the mobile transformation happening in healthcare today. Driven in part by the adoption of new care models like remote patient monitoring and telemedicine, and the Bring Your Own Device, or BYOD trend, the consumerization of IT is driving end-user demand for ubiquitous access – to networks, to clouds, to applications, to everything – from any device, anywhere at any time.

    In this webinar, we will highlight the challenges of mobile device security, management and policy today. We will consider the issues faced by Health IT teams when managing different operating systems across a myriad of devices, some of which are user-owned. Finally we’ll look at how Juniper Networks solutions address a broad spectrum of security and end-user experience issues, as we walk through a day in the life of a mobile clinician. Register now to attend!
  • Channel
  • Channel profile
Up Down
  • Countering Adversaries Part 3: Hacktivists and SQL Injection Attacks May 22 2014 5:00 pm UTC 75 mins
    Activists break into organizational web applications and databases to find personal and organizational data in order to expose this private information. The Verizon Data Breach investigations report says “Hacktivists generally act out of ideological motivations, but sometimes just for the fun and epic lutz.” In this third webcast of a three part series, (ISC)2 and Oracle will examine their number one tool of choice: SQL injection attacks. SQL injection attacks are both simple to perform and difficult to detect. We’ll discuss detecting and blocking SQL injection attacks in order to protect your most sensitive customer and organizational data from “epic lutz”.​
  • Out of Sight, Out of Mind? – Advanced Techniques of Evasion May 8 2014 5:00 pm UTC 75 mins
    The combination of several known evasion methods into new attack strategies, Advanced Evasion Technique (AET) attacks can provide attackers with unseen and undetectable access inside your network. AETs are exploiting weak detection points in firewalls and IDS, all the way down to the packet level. Even worse, AET’s are known to mutate, sometimes rapidly, as attackers drive innovation in their methods. Join (ISC)2 and McAfee for a discussion on the AET threat and how defend against it on May 8, 2014 at 1:00pm Eastern for our next roundtable webinar.​
  • Countering Adversaries Part 2: Organized Crime and Brute Force Apr 24 2014 5:00 pm UTC 75 mins
    Hailing from Eastern Europe and North America, organized criminals have a penchant for using brute-force hacking and multiple strands of malware to target financial and retail organizations for monetary gain, according to the Verizon DBIR. It is common for these cybercriminals to directly access databases and extract payment cards, credentials, and bank account information. Join (ISC)2 and Oracle as we discuss tactics employed by these cybercriminals and how organizations should implement a defense in depth database security strategy to help mitigate the threat.
  • From The Trenches: BYOD Program Deployments Recorded: Apr 10 2014 62 mins
    Join this unique roundtable chat with three InfoSec Professionals who have recently climbed the BYOD mountain and come back down to share their stories. We’ll discuss the industry and regulatory differences, managing user expectations of privacy, legal implications and technical pitfalls in this 60 minute Security Leadership Series webinar, brought to you on April 10, 2014 at 1PM Eastern in partnership with Capella University.
  • Countering Adversaries Part 1: Espionage and Stolen Credentials Recorded: Mar 27 2014 60 mins
    By profiling criminal activity, the Verizon Data Breach Investigations Report has been able to identify three distinct threat actors including espionage, organized crime, and activists. Organizations can take proactive steps to mitigate potential risks by understanding each threat actor’s methods and targets. In this three part series, (ISC)2 and Oracle will examine these three threat actors, the industries they target, and how to protect sensitive customer and organizational data. We begin with countering espionage threats and their preference for using stolen credentials.
  • Quick decisions - Using Real Time Security Management to Make the Right Call Recorded: Mar 20 2014 60 mins
    Ferris Bueller famously said “Life moves pretty fast. If you don’t stop and look around once in a while, you could miss it”. The same can be said of security practitioners. Their job and responsibilities move quickly and change suddenly based on shifting threats, business pressures and constant auditing. Today's security professional has to make quick “reads” and decisions about how to react. Real-time security management tools can assist in “looking around” several critical security areas such as defenses, awareness, monitoring and response. The data and critical information distilled help to inform the quick and decisive decisions needed when acting on a security incident or threat where speed is important. Join (ISC)2 and McAfee for our Roundtable on March 20, 2014 at 1PM Eastern when we look at the use of real-time security management to make quick and correct decisions for your organization. ​
  • Keeping Pace with PCI Changes Recorded: Feb 18 2014 58 mins
    With the release of of PCI DSS v3.0 in November, the PCI Standards Council has raised the bar for retailers, card processors and application developers. While the Council allows 14 months for companies to shift to the new standard, the analysis needs to begin now. Join (ISC)2 and Bit9 on February 18, 2014 at 1PM Eastern for a Roundtable discussion where we'll go beyond just enumerating the changes and dive into how this latest release will impact your organization in 2014.
  • Security Series Part 6: Unleashing the Power of Big Data through Secure APIs Recorded: Feb 13 2014 62 mins
    Quite often what makes an organization unique can be found in the volumes of data it has stored and hidden from the outside world. But while access is prevented and data is protected, new revenue streams are prohibited. Please join us to learn how securely externalizing your core Big Data assets through a Secure API Data Lens can result in new business models and revenue streams never attainable until now.
  • Security Series Part 5: Key Takeaways from 2013 & Predictions for 2014 Recorded: Jan 16 2014 59 mins
    Opening up the enterprise to enable new, revenue generating ways of engaging employees, partners, and customers, while still protecting the business and privacy continues to present new opportunities and evolve in the marketplace. As 2014 starts out, it’s time to review which important trends have emerged or shifted in the last year, and predict what we expect will happen in the world of identity and cyber-security in the coming year. Our takeaways and predictions are based on gathering thoughts and ideas from many practitioners and industry experts, and synthesizing it down to a key set of insights that provide a clear understanding of where the world of identity and security is going. Please join us for a thought provoking, actionable discussion on where we’ve come and where we are heading in the identity marketplace.
  • Security Series Part 4: The Economics of Digital Identity Recorded: Dec 19 2013 61 mins
    Digital identities help solve a crucial problem in today’s highly interconnected IT world-namely knowing the identity of the individual interacting with you. Unfortunately, there are no ways to perfectly determine the identity of a person or thing in cyberspace. Even though there are numerous attributes associated to a person’s identity, these attributes or even identities can be changed, masked or dumped. This session will look at how organizations can leverage these existing digital identities in a manner that does not increase risk or impede user productivity and satisfaction and also share some recent research from the Ponemon Institute on this topic.
  • Crime Scene Investigation Recorded: Dec 17 2013 61 mins
    While breaches happen more often than infosecurity practitioners would like, no two breaches are the same. Some breaches are simply nuisance incidences where nothing of value is accessed and remediation is put in place. Others reveal themselves as a full blown criminal act and require a full investigation, forensic examination and the involvement of law enforcement. However, many breaches fall in a “gray area” in which the decision to investigate fully becomes a difficult call. Join (ISC)2 on Tuesday, December 17th at 1pm for a roundtable discussion on when to deploy forensics tools, what digital evidence to gather and how and why to bring in law enforcement.
  • Protecting Patient's Sensitive Data - Dealing With The Final HIPAA Omnibus Rule Recorded: Dec 12 2013 61 mins
    On September 23, 2013, the HITECH Omnibus Final Rule went into effect. The final ruling has far reaching authority and penalties for noncompliance; unfortunately, most are unclear what the requirements mean for their organization and how to protect their sensitive customer data. Join (ISC)2 and Oracle on December 12, 2013 at 1PM Eastern for a roundtable discussion covering the following:

    • The important legal requirements surrounding breach notifications
    • Business Associates’ responsibility and “willful negligence”
    • What healthcare organizations are doing to secure the 66% of sensitive and regulated data that resides in their databases.
  • Security Series Part 3: Accelerate Mobile App Delivery: API Security for DevOps Recorded: Nov 21 2013 61 mins
    The relationship between Development and Operations continues to become more intertwined as cloud and mobile service expectations rise. Faster application release cycles and improved quality equates to improved operational performance and customer satisfaction. But how can good API Security & Management practices help to accelerate the delivery of mobile apps? And what’s the most effective way to secure them? Please join us to discuss API Security & Management practices to improve your DevOps application delivery process.
  • Hiding in the Clouds Recorded: Oct 31 2013 61 mins
    The mad rush to cloud services, coupled with the "consumerization of IT" has brought about the perfect storm for the enterprise, but what about the risks to the consumers themselves. Join (ISC)2 and Capella University for this Security Leadership Series Roundtable on October 31, 2013 at 1:00pm Eastern where we will explore the legal and technical risks faced by your friends, family and co-workers and how we, as Security professionals, can help them identify a safe and sound on-line experience for themselves and our enterprises that they inhabit.
  • Security Series Part 2: IAM as Cloud Services: Right Fit for Your Organization? Recorded: Oct 24 2013 62 mins
    Cloud computing services offer significant potential economic and operational efficiencies. However, these efficiencies are often accompanied by new regulatory requirements around the security of applications and data that are stored in the cloud.

    In addition, many organizations are seeing an explosion in the numbers of users that are interacting with their services, whether these are existing customers conducting transactions or ‘fans’ who are interacting with your services through social media. And while there are clear benefits from consuming IAM services from the cloud, there are important risk factors that have to be considered as well.

    This session will review the pros and cons of IAM Cloud Services and provide guidance and best practices based on specific use cases to help guide organizations to a model that meets their risk profile.
  • Security Series Part 1: Unifying the Fractured Enterprise One Channel at a Time Recorded: Sep 19 2013 62 mins
    As the enterprise expands and becomes more interconnected through the adoption of social identities, SaaS and mobile technologies, IT and Security practices must change. As the perimeter has evolved into a more connected and open environment, security has been fractured. This now requires the CIO and the entire IT and Security organization to quickly embrace a new identity-centric security model that enables continued business agility, all while protecting the business. During this webinar we will discuss the following topics:
    •Security implications of the new open enterprise and challenges dealing with the interconnectivity of users, apps and machines
    •Securely delivering new business services across multiple channels including Web, APIs and mobile
    •Enabling your new mobile and cloud business to connect through security standards such as OAuth and OpenID Connect
  • The Challenges and Benefits of Continuous Monitoring and BYOD Recorded: Sep 12 2013 57 mins
    They say knowledge is power. Possessing the ability to have increased visibility into your network traffic, devices, systems, apps and users can only increase your security, resilience and knowledge of what’s happening in your infrastructure. Join (ISC)2 along with sponsors Gigamon and ForeScout on September 12, 2013 at 1:00pm Eastern for our next roundtable webinar where we’ll examine key requirements and technologies for IT to gain enterprise visibility, control and automation. We’ll also discuss common network visibility, access and endpoint compliance gaps; BYOD, policy and security automation; and approaches to leveraging infrastructure and security investments that effectuate IT-GRC security controls.
  • Using New Design Patterns to Improve Mobile Access Control Recorded: Aug 29 2013 61 mins
    Security Briefings Part 3 - Using New Design Patterns to Improve Mobile Access Control

    The widespread popularity of consumer mobile applications continues to influence how corporate applications are being created and deployed. IT teams who initially deployed web gates to manage HTTP based web applications are under pressure to support a whole new set of native mobile communications and security protocols.

    On August 29, 2013 at 1PM Eastern, (ISC)2 and Oracle conclude their Security Briefings series with Part 3 as Oracle expert Sid Mishra joins Moderator Brandon Dunlap to discuss the patterns of mobile application access and the impact they have on your existing application infrastructure.
  • (ISC)2 Security Congress 2013 - Sneak Preview Recorded: Aug 21 2013 60 mins
    (ISC)2 will hold its 3rd Annual Security Congress at the Annual ASIS Conference this September in Chicago, IL. This year’s conference promises to be bigger and better as it brings together thought leaders in traditional and information security for three days of educational sessions and an exhibit floor featuring over 350 solution providers. Join (ISC)2 and several of the conference speakers who’ll be presenting at the Security Congress on August 21, 2013 at 1:00pm Eastern as we discuss their sessions, get a preview of what will be discussed at the event and examine some of the “hot button” issues facing security practitioners today.
  • Optimizing Directory Architecture for Mobile Devices and Applications Recorded: Jul 25 2013 58 mins
    Security Briefings Part 2 - Optimizing Directory Architecture for Mobile Devices and Applications

    Directories are the data stores of all modern Identity Management systems. Traditional directory architecture focused on a low number of directory writes and a very high level of reads.

    The advent of mobile devices and applications has dramatically changed the access load patterns on modern directories. Mobile applications are connected 24/7 and brings significant new features such as location-based services. This has created a new performance demand for an increased number of directory writes and updates. Join (ISC)2 and Oracle on July 25, 2013 at 1PM Eastern for Part 2 of our Security Briefings series where moderator Brandon Dunlap and Etienne Remillon examine how load patterns are changing best practices to install and how to optimize your directory architecture to meet the demand.
ThinkTank
(ISC)2 hosts a monthly panel discussion around different thought engaging topics within the information security sector.
Try a powerful marketing platform for your videos and webinars. Learn more  >

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Identity is the New Perimeter - Part II ­ The Role of Content and Context
  • Live at: Aug 30 2012 5:00 pm
  • Presented by: Sumner Blount, Dir, Product marketing, Security & Compliance; Brandon Dunlap, Dir, Research, Brightfly
  • From:
Your email has been sent.
or close
You must be logged in to email this