Hi [[ session.user.profile.firstName ]]

Go Forth & Comply: New virtualisation guidelines from PCI Council

The PCI DSS council has recently published guidance on the use of virtualisation within the cardholder data environment. The guidance was necessary because the PCI Data Security Standard failed to address how virtual environments could be assessed for compliance against the Security Standard thus leaving merchants, service providers, banks and the assessors in the uncomfortable position of having to make up their own rules and use best judgement.

Many organisations have been putting off virtualisation projects precisely because they were uncertain on how to demonstrate compliance in a virtualised environment – even a well secured one.

The newly released guidelines do not add any additional requirements but serve to provide much needed clarification and advice to assessors and their customers to allow virtualised environments to be assessed for compliance against the individual requirements of the Data Security Standard.

Gavin Weir, a principal security consultant at Dell SecureWorks, will discuss the main issues confronting organisations who wish to use virtualisation technologies within their Cardholder Data Environment. Gavin will then summarise and clarify the recommendations from the PCI council and suggest how virtual environments should be configured to comply and improve upon the recommendations presented in the guidelines.
Recorded Jul 21 2011 38 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Gavin Weir, Dell SecureWorks
Presentation preview: Go Forth & Comply: New virtualisation guidelines from PCI Council

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • 2017 Threat Landscape: Increased Sophistication, or More of the Same? Recorded: Dec 7 2016 45 mins
    SecureWorks Counter Threat Unit Research Team
    As 2016 draws to a close, security professionals worldwide will be left pondering another year of publicised breaches, vulnerabilities and threats. So what are the key takeaways and how can global security events from the past 12 months inform your plans for 2017?

    We’ve asked a panel of experts from the SecureWorks Counter Threat Unit (CTU), our highly-trained team of experienced security researchers, to paint a picture of threat actors and their tradecraft across the globe by sharing their views on 2016’s most significant security events. The panel will end the session by providing actionable insights and recommendations for organisations to factor into their security strategy in 2017.

    Join this exclusive webcast to gain CTU insight on the following topics and more:

    - eCrime trends including the rise of ransomware, business email compromise and the Mirai IoT botnet activity
    - Nation state sponsored threats and whether organisations are set up to defend against them
    - How organisations can use threat intelligence gathered in 2016 to improve security
  • When Hackers Use Your Security Tools Against You Recorded: Nov 2 2016 44 mins
    Daniel Gortze, Delivery Manager, SecureWorks Incident Response & Forensics Consulting Team
    You have spent significant financial and human resources to configure and protect your network and digital assets, purchased several new security tools and software, and now you're wondering if those technologies will be able to protect your organisation against potential cyber intrusions.

    Join this webcast and hear from Daniel Gortze, Delivery Manager for the SecureWorks Incident Response & Forensics Consulting Team, who will examine real-life scenarios in which security technologies failed, and even worst cases where threat actors used an organisations' own security technologies against them.

    Key Topics Covered Include:

    - Examples of Threat Actor Abuse of Security Technology in real-world Incidents
    - Anti-Virus Abuse
    - Exploiting Whitelisting Misconfiguration
    - The Human Weak link
    - Lessons learned and actionable insights
  • 2016 Threat Analysis: Learning from Real-World Attacks Recorded: Sep 6 2016 44 mins
    Matt Webster, CTU Security Researcher, SecureWorks
    SecureWorks® incident responders assist hundreds of organisations annually with the containment and remediation of threats during suspected security incidents.

    Visibility of these incidents provides the SecureWorks Counter Threat Unit™ (CTU) research team with a unique view of emerging threats and developing trends. This Threat Intelligence is then continuously provided to clients, arming them with the information they need to stay one step ahead of adversaries trying to compromise their networks.

    In this webcast Matt Webster, CTU Security Researcher, will discuss developments in the threat landscape observed through SecureWorks’ Incident Response engagements from April to June of 2016, including;

    - Key developments of the APT threat
    - Criminal cyber threat trends
    - Developments in Ransomware

    Matt will also discuss observations of how the affected organisations could have better prepared for the threats they encountered.
  • You’re The One That They Want: Targeted Threats and You Recorded: Jun 15 2016 46 mins
    Don Smith, SecureWorks, Ian Glover, CREST & Peter Wood, First Base Technologies
    The rise in targeted threats means that security teams must move beyond a general understanding of the threat landscape, to a detailed understanding of their own context and the ability to spot threats targeted at their specific organisation.

    In a world of information-overload and an explosion in communication channels, how do you sift through the noise and identify true threats to your business?

    Key themes:

    •The challenges faced by organisations from the rise in targeted threats
    •Limitations of security processes in protecting from targeted threats
    •How to gain early visibility into the threats targeting your particular organisation

    Don Smith leads the CTU™ Cyber Intelligence Cell: a team of experienced threat analysts who, through the application of established intelligence practices, deliver actionable and timely intelligence products on the threats most relevant to SecureWorks clients. Don also leads the CTU research team in EMEA.

    Don joined SecureWorks in 2005 and, since then, has been instrumental in establishing a CTU presence in EMEA and building important relationships for SecureWorks in the region. His enthusiasm and threat expertise means that he regularly represents SecureWorks at industry events in EMEA. Don has 24 years’ experience in the IT industry and was previously responsible for security architecture and operations for a multi-billion enterprise, where he took a lead role in successfully integrating 14 acquisitions. He is a recognized subject-matter expert many areas of cybersecurity and advises SecureWorks and SecureWorks’ clients globally.
  • 6 Steps to Risk-Based Security in a Hyper-Connected World Recorded: Jun 13 2016 14 mins
    Hadi Hosn, Head of Security Strategy and GRC Consulting, EMEA
    Achieving total security in an organisation is impossible. Security controls need to be pragmatic and investments prioritised. In this presentation, Hadi Hosn, Head of Security Strategy and GRC Consulting in EMEA, discusses six steps to implementing and operating a risk-based model to help companies identify and protect their most critical information assets and business processes.
  • How Hackers are using Social Media for Cyber-Espionage Recorded: Jun 13 2016 13 mins
    Mark Osborn, CTU Senior Researcher, SecureWorks
    In this short video, Mark Osborn, a threat researcher with the world-class SecureWorks Counter Threat Unit™ (CTU), discusses the recent investigation into a cyber-espionage campaign, covering the tools and tactics used by the threat actors and exploring the intent behind the activity.

    SecureWorks CTU researchers uncovered a set of fake profiles on a popular professional social media networking site supporting a suspected Iran-based threat group's cyber operations.

    This social engineering campaign is just one example of the kind of malicious activity the SecureWorks CTU are tracking on a daily basis. This Threat Intelligence is constantly being gathered on prominent threat groups across the globe, and is fed into SecureWorks services to ensure their clients stay one step ahead of the Techniques, Tactics and Procedures (TTP) being employed by their adversaries.
  • Strategy Talks: Evolutions in APT Tactics Recorded: Jun 13 2016 26 mins
    Lee Lawson, Counter Threat Unit, Special Operations
    Lee discusses the rise of advanced persistent threats, how the security threat landscape is evolving and what you can do to keep pace. The presentation examines techniques deployed for intrusion, persistence, lateral expansion and exfiltration and highlights where changes to the detective or preventative control frameworks could have prevented attackers from achieving their objectives.

    Lee covers off three types of evolutions recently observed:

    - Defensive Evasion
    - “Living Off the Land”
    - Virtualisation
  • Top 5 Emerging Trends in Information Security Recorded: Jun 13 2016 18 mins
    Chris Yule, Senior Principal Consultant, Security Strategy
    As Information Security continues to evolve, cybercriminals are busier than ever, and when organisations are faced with an ever-evolving range of increasingly sophisticated attacks from threat actors, they turn to SecureWorks for help.

    As a Senior Principal Consultant at SecureWorks, Chris works with a range of clients from different industries and of varying sizes, to help them formulate and hone their security strategy. In this presentation, Chris provides an overview of the five key information security trends that he has seen emerge during his conversations with clients over the past 12 months.

    During this presentation, Chris covers the following five trends;

    - Organisation
    - Threat Intelligence
    - Securing the Cloud
    - Emerging security controls
    - Intelligence-led testing
  • InfoSec 2016 - What is risk-based security? Recorded: Jun 8 2016 2 mins
    Hadi Hosn
    InfoSec 2016 - What is risk-based security?
  • Risk Based Security in a Hyper-Connected World Recorded: May 10 2016 43 mins
    Hadi Hosn, Head of Security Strategy & GRC Consulting, EMEA
    For many organisations, investments in new processes and technologies is on top of the priorities list. From behavioural analytics, big data solutions, and “one touch” processes that require no manual intervention, companies are always on the lookout for technology innovations that can achieve a considerable return on investment. When companies consider Cyber Security in such a technology dependent world, most ask, “How can we secure our business and comply with the changing legal and regulatory standards?” instead of “How do we make business focused, intelligent investments given the cyber security risks we face today?”

    In this webcast, Hadi Hosn, Head of Security Strategy & GRC Consulting at Dell SecureWorks, will discuss the risk based Cyber Security operating model to help companies identify and protect their most critical information assets and business processes. Hadi will focus on the most critical actions for any organisation building a risk based security programme.

    Key topics covered include:

    · Prioritising information assets based on value to the organisation

    · Identifying and prioritising risks to the assets

    · Reduce risks with quick wins

    · Build and deliver a security plan that aligns business and technology

    · Ensure continuous business engagement on the topic of cyber security
  • Securing Your Network & Endpoints Recorded: Apr 13 2016 47 mins
    Phil Burdette, Senior Security Researcher, Dell SecureWorks Counter Threat Unit, Special Ops
    Unifying Visibility, Capabilities and Intelligence for Action

    Advanced and evasive threats are growing exponentially and getting harder to detect. Adversaries are continuing to get more sophisticated and targeted in their attacks even sometimes gaining access to your company’s network by “living off the land” and using little to no malware at all. Unified visibility and interpretation of all of the data across your network and endpoints has never been so valuable to ensure that your team is able to accurately detect and quickly respond threats to your organisation.

    Attend this webinar to learn more about the benefits of unifying visibility across your network and endpoint with the right intelligence, people and processes to enable you to reduce the time to detect and effort to respond by answering the following questions:

    - Is there an advanced threat actor present on my network or endpoints?
    - Who is behind the attack?
    - How did they get in?
    - What did they take?
    - Which systems have been compromised?
    - How do I best repair the damage quickly and get them out?

    In addition, we’ll go over analyst insights and predictions about industry trends as well as specific use cases examples from the SecureWorks Counter Threat UnitTM research team that showcase how our clients are leveraging endpoint and network visibility to significantly reduce their risk as well as costs to respond to identified threats.
  • From RAM to Reality Recorded: Mar 8 2016 56 mins
    Tom Finney and Matthew Webster, Counter Threat Unit security researchers at Dell SecureWorks
    Observations of Geopolitical Conflicts Transitioning to Cyberattacks

    Geopolitical conflicts are more publicly transitioning into the cyber realm. With current conflicts, a cyber-component is almost always included – and the outcome can be observed in the physical world. What is the impact of these events? Can it expose trade secrets? Shut down financial markets? Or worse?

    During this interactive webinar, Tom Finney and Matthew Webster, Counter Threat Unit security researchers at Dell SecureWorks, will cover known events, discuss the actors behind them and generally talk about the potential impacts from these threats.

    In addition you will:

    - Understand the relationship between specific geopolitical events and cyberattacks
    - Learn about the actors behind these cyberattacks and the impact to your businesses
    - Get insight into the latest attack trends
    - Receive recommendations on security solutions and threat intelligence to help protect your network
  • Top Five Information Security Trends for 2016 Recorded: Jan 19 2016 44 mins
    Chris Yule, Senior Principal Consultant
    Information Security continues to evolve, with cybercriminals busier than ever. Targeted attacks like the recent TalkTalk breach continue to make headlines and increase the fear factor among senior executives at organisations.

    As executives keep asking new questions of their teams, so those teams continue to ask new questions of Dell SecureWorks.

    In this webcast Chris Yule, Senior Principal Consultant at Dell SecureWorks, will discuss the top 5 trends identified over the past few months which we have identified from these discussion and expect to continue throughout 2016.

    These are the topics security professionals should be prepared to talk about this year, and will include 5 different perspectives on security:

    1. Organisation: How are enterprises organising and preparing themselves to respond to the latest threats?

    2. Intelligence: What’s being done to utilise Threat Intelligence effectively?

    3. Expansion: Key areas to focus on as information security expands to cover suppliers and cloud services

    4. Control: What new technologies and services are emerging to better control your information and environment?

    5. Testing: How can all of the above be combined to effectively test the security you have in place?
  • Advanced Incident Investigation: Lessons Learned From APT Victims Recorded: Dec 1 2015 45 mins
    Don Smith, Technology Director, Dell SecureWorks
    The increased complexity and frequency of attacks, combined with reduced effectiveness of detective or preventative control frameworks, elevate the need for organisations to roll out enterprise wide incident response initiatives to ensure rapid containment and eradication of threats.

    In this webcast, Don Smith, Technology Director at Dell SecureWorks, describes three organisation’s experience with “APT” actors, examining techniques deployed for intrusion, persistence, lateral expansion and exfiltration.

    Don will highlight where changes to the detective or preventative control frameworks could have prevented the attackers from achieving their objectives and outline key steps to building a robust incident response plan.

    Webcast takeaways include:

    · Real-world examples of APT attacks from the coalface

    · The latest tools and techniques that advanced threat actors are using

    · Recommendations for preventing and responding to APTs
  • Red Team - Train How You Fight Recorded: Oct 29 2015 51 mins
    Chris Carlis, Principal Consultant, Dell SecureWorks Red Team
    Every day your organisation is under attack. External adversaries are probing your defences, malicious insiders are looking to exploit their trusted positions and users are fighting to correctly identify the latest phishing attack.

    Your adversaries are not going to play by the rules. They will use whatever methods are available to compromise your security and hit you where it hurts the most. Red Team testing can identify gaps in your defences, show how minor vulnerabilities can result in large compromises and demonstrate the need for solid planning and preparation.

    Red Team testing simulates a real-world attack by combining intelligence gathering, network and physical testing with social engineering to target your organisation’s critical assets. This goal-based testing provides a depth of findings that vulnerability scanning and conventional penetration testing can’t achieve.

    Attendees will:
    1.Learn How Red Team testing complements your existing security program.
    2.Hear real-world examples of Red Team engagements.
    3.Find out if a Red Team test is right for your organisation.
  • Are Advanced Persistent Threats Hiding in Your Network? Recorded: Sep 14 2015 52 mins
    Justin Turner, Delivery Team Manager, Targeted Threat Hunting & Response
    How Targeted Threat Hunting Inspects Your Network for Cyber Attacker Presence.

    Many organisations have some form of information security protection in place but also wonder "Have I already been compromised?" A cyber threat such as malware or even a large scale Advanced Persistent Threat could be hiding in file systems and several other areas of your network that may go unnoticed by the untrained eye. A deep inspection of your networks is an excellent way to identify the presence of compromises and entrenched threat actors operating in your environment.

    During this interactive webinar, Justin Turner, Delivery Team Manager from the Targeted Threat Hunting & Response Team, will share why it is critical to identify targeted threat indicators of attacker presence and leverage threat intelligence to provide context to determine how to engage and resist the adversary.

    In addition you will:

    - Learn what Targeted Threat Hunting is and why it is important.
    - Hear real-world examples of previous incidents and how targeted threat hunting was used to remove entrenched adversaries.
    - Receive a standard list of questions that should be answered during an engagement.
  • Complex Incident Response Investigations: How to Minimise Breach Impact Recorded: Jul 8 2015 55 mins
    Rafe Pilling, Senior Security Researcher, Dell SecureWorks
    How prepared are you for a data breach?

    With the threat environment growing more complex, and the rise in advanced and targeted attacks, how does your response plan hold up? Threat actors have changed their tactics; so must you.

    During this webcast, Rafe Pilling, Senior Security Researcher for Dell SecureWorrks Counter Threat Unit (CTU), will share advice based on real-world examples to help ensure your organisation is infinitely better prepared to respond to a security breach.

    Key topics covered include:

    · A view of the evolving threat landscape and how this could impact you


    · Examples of critical mistakes Dell SecureWorks has viewed in real-world cases


    · Developing a robust incident response plan


    · Maximising the value of current controls and improving your overall security posture
  • Five steps to improving security: A pragmatic approach Recorded: Jun 9 2015 46 mins
    Hadi Hosn, Managing Principal Consultant, Dell SecureWorks
    Information security is becoming more and more vital to organisations in an ever changing landscape with the role of the Chief Information Security Officer (CISO) growing in magnitude with hacker based activity, cloud computing, and work-from-anywhere initiative adding to the complexity. New privacy regulations, social media and BYOD have added further challenges and put additional strains on compliance…

    In this webcast, Hadi Hosn, Managing Principal Consultant at Dell SecureWorks, will discuss the five key areas we believe a CISO should focus today to help shape and drive a security programme. Hadi will focus on the most important areas that are applicable in all market sectors and centre in on those activities that, in his experience, deliver the most value, security improvement and return on investment.

    Key topics covered include:

    •Understanding your organisation’s extended enterprise

    •How to improve visibility into what’s going on in your environment

    •Building a culture of security in your organisation
  • Dell SecureWorks at InfoSecurity Europe 2015: Lee Lawson Presentation Recorded: Jun 5 2015 42 mins
    Lee Lawson, CTU Special Operations
    Detecting and Responding to Advanced Threats: Exposing the Skeleton in Your Closet
Webcasts from the SecureWorks Team
SecureWorks provides an early warning system for evolving cyber threats, enabling organisations to prevent, detect, rapidly respond to and predict cyberattacks. Combining unparalleled visibility into the global threat landscape and powered by the Counter Threat Platform – our advanced data analytics and insights engine – SecureWorks minimizes risk and delivers actionable, intelligence-driven security solutions for clients around the world.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Go Forth & Comply: New virtualisation guidelines from PCI Council
  • Live at: Jul 21 2011 11:00 am
  • Presented by: Gavin Weir, Dell SecureWorks
  • From:
Your email has been sent.
or close