More and more organizations are exploring the ramifications of Big Data on their enterprises. Deployments of Smart Meters to better manage the electric grid, Industrial Control Systems (ICS) across a variety of sectors, and the promise of always on and always connected systems are pushing organizations to gather more data than previously imagined. What are the implications from a privacy and intellectual property perspective and how can we as security professionals provide a level of control and risk management over the coming wave of The Internet of Things? Join (ISC)2 and Capella University on May 23, 2013 at 1:00pm Eastern for a discussion on these important concerns.
RecordedMay 23 201362 mins
Your place is confirmed, we'll send you email reminders
John Carnes, Anthem; Terry Olaes, Neiman Marcus; Rob Ayoub, IDC; Brandon Dunlap, Brightfly
Detecting and investigating malicious or unintentional activity is a time consuming effort and an inefficient use of our limited resources. All too frequently, we discover something is amiss and realize that problem has existed for a long time, yet it's just come to your attention. How can an organization increase the speed of detection of malicious activity? Can detection and investigation processes benefit from "hitting the afterburners"? Join RSA Security and (ISC)2 on June 30, 2016 at 1:00PM Eastern for a discussion on detection and investigation visibility and what to leverage to make threat detection effective.
Scott Montgomery, VP & CTO, Intel Security; Doug Cahill, Sr. Analyst, ESG; John Yeoh, Senior Research Analyst, CSA
IaaS, PaaS, SasS? Private, Public, Hybrid? Regardless of the deployment model, you likely have some key services and data spread across some combination of all of these, not to mention what is still on premises. How can your security team keep tabs on all of this? There needs to be uniform management, visibility and control of the various clouds or vulnerabilities and errors are going to put data at risk. Join Intel Security and (ISC)2 on June 16, 2016 at 1:00PM Eastern for a Roundtable discussion on this issue and how to manage your clouds.
Greg Mayfield, Director, Product Marketing, Blue Coat; Spencer Wilcox, Excelon; Sammy Basu, Warner Bros. Entertainment Group;
Starting in earnest after the "Snowden Revelations" 2013, more and more service providers such as Google, Yahoo and Amazon have been embracing SSL by default. Whether in search, cloud services or webmail access, these providers have been instrumental in their support of a more secure and obfuscated web. But what does that mean for the enterprise information security professional? While the providers have "seen the light", have we become blinded by it? To ensure the inspection and subsequent protection of data streams in and out of our organizations, we need the ability to inspect encrypted traffic for policy violations or other malicious activity while still ensuring multi- jurisdictional rights to privacy. Join Blue Coat and (ISC)2 on May 26, 2016 for a roundtable discussion exploring methods and mechanisms for addressing SSL inspections and the search for malicious activity.
Ted Sherrill, Oracle; Graham Jackson, (ISC)2; Harvey Nusz, 4IT Security
The General Data Protection Regulation (GDPR) is being instituted to improve data protection and privacy for individuals in the European Union (EU). Additionally, it addresses the export of data outside the EU, which will impact all multi-national businesses operating in the EU. Almost 3/4 of US Privacy professional believe that this is the most significate change to privacy regulations in the last 20 years. What should an organization be doing now to prepare for this new regulation to avoid non-compliance, fines and increased spending? Join Oracle and (ISC)2 on April 14, 2016 at 1:00PM Eastern for a discussion on this new regulation and how your organization could be impacted.
Steven Hernandez, CISSP, Vice Chair, (ISC)2 Board of Directors
In this infosession (ISC)² Board of Directors, Vice Chair, Steven Hernandez, discusses the challenges that CISSPs are seeing in their workforce today and how creating a culture of security within your organization can help fill the cybersecurity workforce shortage.
Mike Pittenger, VP, Product Strategy, Black Duck; John Overbaugh, CISSP, CISO, CyberVista; Brandon Dunlap
Open source software and code has become common place in application development, as have the use of vulnerability assessment tools. After all, no one wants to be the victim of the next Heartbleed, Poodle or Logjam. But vulnerability assessment tools, while helpful, have blind spots. How can you ensure that you are protecting your networks and applications from newly disclosed vulnerabilities? Join Black Duck Software and (ISC)2 on March 22nd, 2016 at 1:00PM Eastern for a discussion on VA Tools, Open Source Assets and secure application development.
Christian Macdonald, Solutions Architect, Intel Security; Brad Antoniewicz, Principal Consultant, Foundstone; JJ Thompson
It's an infosecurity department's worst nightmare. There's been a breach and information is missing. After determining what's been compromised, you need to discover how the data was accessed and exfiltrated from your enterprise. Threats vary from system to system and include malicious insiders, organized crime and accidental disclosure. Data involved can include customer and/or employee information, intellectual property and financial records. Join Intel Security and (ISC)2 on March 17, 2016 at 1:00PM Eastern for a look into Intel Security's recent Data Exfiltration Study and discover how data is being stolen, what the bad guys are focusing on and what detection and prevention technologies might be working.
Spencer Wilcox, Constellation Energy; Patrick Miller, EnergySec; Chris Walcutt; Black & Veatch; Brandon Dunlap
Train like you fight. Fight like you train. We could do well to heed this old military axiom and regularly drill for a variety of incident scenarios in the most realistic means as possible. During this (ISC)2 roundtable, we will explore the role of incident management simulation and testing from the world of critical infrastructure and provide some concrete and immediately actionable methods you begin incorporating into your own preparedness program. As the saying goes, “No plan survives first contact with the enemy,” so please join us On February 11, 2016 at 1:00PM Eastern in learning how to become a more resilient organization in the face of disaster.
Ondrej Krehel, CISSP, Founder & CEO/Paul Kluber, CISSP, Digital Forensics Examiner, Lifars, LLC
A major company has been hacked, suffering a data breach. How do companies the size of Sony handle such situations? Various departments, including legal, tech and PR come together to meet with the management and workout a plan on how to handle the crisis. This presentation will focus on both -- companies with a data breach response plan and those without one. We'll shed some light on what the first 24 hours post-breach looks like for a major company.
Regional Directors Dan Waddell (NCR), Clayton Jones (APAC); Adrian Davis (EMEA) & Gina Van Dijk (LATAM)
As a truly global organization, (ISC)2 membership stretches to over 110,000 members in over 160 countries. To help serve the needs of the membership, (ISC)2 has regional offices to oversee the operations and efforts in North America (NA), Asia-Pacific (APAC), Europe, Middle East, & Africa (EMEA) and Latam America (Latam). These offices are managed by regional directors with their own teams to offer regional support and resources and to be the voice of the region. On January 28, 2016 at 1:00PM Eastern you'll have the opportunity to discover what's going on in each of these regions as we gather our three Regional Directors Dan Waddell (NA), Clayton Jones (APAC), Adrian Davis (EMEA) and Gina Van Dijk (Latam) for a view into what they have planned for 2016.
Mike Flouton, VP & Global Head of Solutions Marketing, BAE Systems; Robert Westervelt; IDC; Sonny Discini; Brandon Dunlap
Corporate e-mail. It’s safe to say that no organization can survive without it. Making sure it’s available, compliant and secure can be challenging for any security team. Add Office 365 and the Cloud to the mix and the potential issues multiply significantly. E-Mail protection services can make the tasks much less complicated by providing protection against inside and outside threats, reducing downtime and adding encryption. Join BAE Systems and (ISC)2 on January 21, 2016 at 1:00PM Eastern – our first ThinkTank of the year – where we’ll discuss e-mail protection services, Office 365 and the Cloud and how to keep your e-mail up and running.
Anurag Kahol, CTO, BitGlass; Adam Gordon, CISSP, CISO/CTO, New Horizons Computer Learning Center; Mike Webb, SmartVault
As more companies jump on the cloud bandwagon and migrate core services to cloud apps like Office 365, native app security has proved lacking. Enter Cloud Access Security Brokers. CASBs augment corporate identity and access controls to Cloud services, enabling better visibility, more granular data security, threat protection and compliance. What are the best strategies when making the move to public cloud applications? Join Bitglass and (ISC)2 on December 3, 2015 at 1:PM where we will discuss CASBs and how they can help secure cloud apps like Office 365.
Dan Kennedy, Research Director for Information Security at 451 Research
Last year we spoke about enterprise perceptions towards advanced persistent threats, or as 451 Research terms them adaptive persistent threats. The acknowledgement that there are threat classes that can not be rebuffed by preventative security controls has led to a refocus on security monitoring for many enterprise heads of information security, but the approach is not without its challenges, including notably complexity and manpower. Join Dan Kennedy, Research Director for Information Security at 451 Research on November 10, 2015 to review portions of two end user studies on enterprise perception towards major security monitoring platforms: SIEM and IDS/IPS. The presentation will draw on results of over two thousand surveys conducted with enterprise information security managers.
Javvad Malik CISSP®, Security Advocate, Alien Vault
I used to be a security professional, but even my boss didn’t remember my name. My brilliant ideas weren’t listened to, I was never invited to speak at conferences and not even my mother visited my blog." In this talk, we've distilled the key skills and traits taken from personal experience as well as industry professionals to present strategies you can employ to increase your stock internally within an organization as well as within the industry. Simply being hard working and skilled in your job is not enough.
Ismael Valenzuela, IR Technical Practice Mgr, Foundstone; Mat Gangwer, Rook Security; Jack Walsh, ICSA Labs;
While some indicators of compromise (IoCs) can be incredibly helpful in gaining visibility into the details and breadth of a breach, others can be noise. How do you decipher the difference between the good, the bad and the just plain ugly? Join Intel Security and (ISC)2 on November 5 at 1:00PM Eastern for a discussion on IoCs as we discuss what threat intelligence provides the most value along with where IoCs are going and should go next to better enable investigations and defend organizations.
Dave Lewis, CISSP, Global Security Advocate, Akamai Technologies
This talk will examine the tools, methods and data behind the DDoS attacks that are prevalent in news headlines. Using information collected, the speaker will demonstrate what attackers use to cause their mischief and mayhem and examine the timeline and progression of attackers as they move from the historical page defacers to the motivated DDoS attacker. We'll also look at motivations and rationale to detect patterns and build better protections.
It’s probably not too often that you’ll get this perspective. Star Wars was really all about information disclosure threats! You’ll want to find out more as noted presenter and author Adam Shostack, references one of George Lucas’ epic sagas to deliver lessons on threat modeling. Not only was the Death Star badly threat modeled, the politics between Darth Vader and Gran Moff Tarkin distracted incidence response after the plans were stolen. This session will provide you with proven foundations for effective threat modeling as you develop and deploy systems. Adam will help you understand what works for threat modeling and how various approaches conflict or align. The force is strong with this session.
Jim Taylor, Oracle; Darin Reynolds, John Carnes, Brandon Dunlap, Moderator
By 2020, more than 7bn inhabitants of Earth will be using over 35bn devices to communicate, collaborate, negotiate and perform transactions.
To put it into perspective, there are only about 8.7bn connected devices now.
The surge will come quickly and organizations will scramble to take advantage of monetizing this digitally connected world. Identities are at the forefront as the digital passport to an online world of goods and services because a single view of an individual customer is the key to knowing that person better and building a deeper personal and business relationship with them. Join Oracle and (ISC)² on October 8, 2015 at 1:00PM Eastern to learn about the new identity economy.
Michelle Waugh, VP Security Solutions, CA Technologies; Brandon Dunlap, Brightfly
Rarely has the landscape of security changed as dramatically as in the past year. Applications are now rightfully driving security strategy across organizations of all sizes. Attacks against your critical systems and information are more insidious than ever before. Your customers are demanding access from a variety of devices, across access channels, along with a consistent, intuitive, and convenient user experience. If that wasn't enough, you need to engage with your developer communities to help build those complementary solutions that you need to grow your business. Join CA Technologies for this first part of a six-part webcast series on September 17, 2015 at 1:00PM Eastern to learn how security leaders can rise to the top of the pack by leveraging these new realities, and grow their business through an innovative security vision and strategy.
Torry Campbell, CTO, Endpoint & Mgmt Tech Intel; JJ Thompson; Rook Security; Michael Cloppert, Chief Analyst, Lockheed Martin
Emergency responders often talk about the "Golden Hour", the period of time where there is the greatest likelihood that prompt attention will mitigate impact and damage. The same holds true for the Cyber Attack Chain. At what phase in the chain should you concentrate on to get the best protection for your organization or credible threat intelligence information? Join Intel Security and (ISC)2 on Thursday, September 10, 2015 at 1:00PM Eastern for a discussion on the chain and where it might be best to focus your attention on the links of the chain to best defend your organization.
Las presiones de seguridad continúan aumentando – hoy más que nunca. Sabemos que probablemente usted esté bajo estrés, no satisfecho, y bajo ataques. Trustwave encuesto a 1.414 profesionales de seguridad informática para entender los factores emocionales que contribuyen a sus dolores de cabeza y desafíos. Súmate a aprender como aliviar esos puntos de dolor y escaparle a la presión.
Durante este webinar compartiremos resultados del 2016 Security Pressures Report e incluiremos:
• ¿Los profesionales de seguridad sienten que tienen suficientes habilidades y personal?
• ¿Cómo han cambiado año a año las presiones de seguridad en general?
• ¿Cuáles son algunas recomendaciones prácticas que puedes implementar en tu organización para reducir la presión?
Random numbers are the lifeblood of crypto but are often taken for granted. Poor randomness makes keys more predictable and weakens security. Getting random number generation right is already a challenge, and in the virtualized world of cloud computing and constrained devices of the IoT, the situation is likely to get worse.
Join our live webinar to learn how you can easily upgrade your systems to take the uncertainty out of random number generation.
*Assess your current systems – learn why random numbers are so critical, how they are generated and if you can prove that everything is working
*Learn about ways to generate entropy, improve random numbers and test for compliance
*Deploy solutions to strengthen your data center and distributed applications without expensive changes or operational burden
Over the last decade, cyber security has evolved from a niche concern confined to IT professionals to a major priority for CEOs and boards of directors. Company leaders are now charged with managing cyber risk with the same urgency that they have managed traditional business risk.
The emergence of cyber risk as a centerpiece of risk management is being fueled by new and increasingly complex threats. Organizations must deal with a quickly evolving set of threats to their information systems and data. Many of these threats were unimaginable just a few years ago.
In this discussion, we explain the different forms of cyber risk and show how the threat level has risen in recent years. We also provide a basic framework for managing cyber risk, and finally, we pose five key questions business leaders should ask themselves to ensure their security posture is sufficiently robust and resilient to meet evolving threats.
Register for this webinar today. As usual, we’ll leave time for Q&A.
Your identity and governance practices are well established, but they might not be as comprehensive as they need to be. Going beyond the basics is critical to greatly reduce security risk and improve efficiencies.
Join CA Technologies security expert, John Hawley, to examine how to broaden the scope of governance to include privileged users, contractors, and business partners, as well as controlling access to physical assets. You’ll also learn the important role of identity performance analytics in a governance deployment.
Excited about the new Windows 10 features? We are, too! Join this session to learn about how Microsoft Intune and System Center Configuration Manager are going to support and enhance new features in Windows 10 that unlock new scenarios and management options which weren't previously possible. Plus, explore improvements for deployment and upgrade in System Center Configuration Manager, Microsoft Intune, and Windows 10. Learn how Microsoft is gearing up to make the deployment and upgrade of Windows 10 using Configuration Manager or Intune the easiest yet.
Discover the Anatomy of Multivendor Security Orchestration
Multivendor integration can improve operational efficiencies, accelerate threat response, boost security ROI and greatly improve a company’s network security and compliance posture. In this webinar, Ms. Geisler breaks down the anatomy of security orchestration. In addition, you’ll learn how ForeScout is extending the visibility and control capabilities of ForeScout CounterACT® to its partners’ security management products, as well as:
- The role ForeScout ControlFabric® Architecture and ForeScout Extended Modules play in achieving rapid security orchestration
- Real-world security orchestration use cases
- Specific examples of how ForeScout helps leading security management vendors share information and automate security workflows and response
Jennifer Geisler , Vice President of Marketing, ForeScout Technologies
With 20 years of industry experience, Jennifer drives ForeScout’s corporate branding, content marketing and sales enablement initiatives. Prior to joining ForeScout, Jennifer held senior marketing positions at Packeteer (acquired by Blue Coat Systems), Cisco and Intel Security. Jennifer holds a bachelor’s degree in business from Wright State University.
Headlines and the increasing need for cyber security solutions are fuelling unprecedented growth in the sector. The vibrant and innovative start-up sector is seeing the development of new and exciting tools and products. But how does a start-up raise the finance it needs to take the business to the next level and turn this innovation into revenue and business success?
This panel of venture capitalists and successful entrepreneurs will share best practice and insight into how cyber security start-up can gain access to finance including:
•Demystify the objectives of venture capitalists and understand what they are looking for when considering investment in cyber security start-ups
•Understand the nuances and challenges of series A and series B funding
•Gain tactical insight into how to present your business model effectively to potential investors
•Understand how to evaluate a potential investor and determine whether they are right for your organisation
As the leader in traffic visibility and classification, Allot helps you extract and leverage granular usage data from your own network so you can make data-driven business decisions that create new opportunity for customer engagement and service monetization. From Streaming Data Records to Smart Data Source, Allot Data Science professionals save you time and money by curating exported data to the needs of your use case, BI system, big data or regulatory project.
Our Mandiant consultants have responded to and investigated many of 2015's biggest security incidents. The insights gained from these consultancies provide us with a unique vantage point when it comes to understanding the ever-evolving cyber threat landscape.
This webinar will discuss key trends, statistics, and case studies to illustrate the evolution of the advanced threat actors over the last year in EMEA.
Register for the webinar and join Mandiant's VP for Security Consulting Services, Bill Hau as he delivers the top findings from this report and explains how to prepare and respond to a breach when it occurs.
The panel will be discussing:
- Brexit's impact on the technology industry
- What IT and information security can do to prepare for Brexit
- Who else we should work with in our organisation to prepare
- Any legal angles (e.g. storing data in the cloud in Ireland) we need to investigate
- Legal obligations, such as GDPR, we may still have to prepare to meet.
Moderator: Adrian Davis, Managing Director (ISC)² EMEA
David Evans, Membership Director at BCS
Lars Davies, Founder & CEO at Kalypton Group Limited
Louisa-Jayne O'Neill, Vice Chairman, Information Assurance Advisory Council (IAAC)