Hi [[ session.user.profile.firstName ]]

PCI DSS Reporting Requirements for People Who Hate PCI DSS Reporting

If you're like most IT practitioners, you are busy. You have a million things to do and preparing the reports needed to prove PCI DSS compliance requires time you just don't have. It doesn't have to be so hard. Join compliance experts from Terra Verde Services and AlienVault for this practical session on how to take the pain out of PCI DSS reporting.

You'll learn:
- The key reporting requirements of the PCI DSS standard
- The security technologies you need to collect the required data
- How AlienVault USM can generate these reports in minutes, not days
- How to use your audit reports to improve security on an on-going basis
Recorded Dec 10 2014 51 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Patrick Bedwell, VP of Product Marketing
Presentation preview: PCI DSS Reporting Requirements for People Who Hate PCI DSS Reporting

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Navigating the Chasm of SIAM-Managing Infrastructure in 2018 Nov 21 2017 3:00 pm UTC 60 mins
    Jeffrey Ritter
    Governments continue to try to regulate cyberspace, often with little effective impact. Security professionals struggle to design and operate infrastructure that will comply with rules written with Semantically Intentional Ambiguous Meaning (SIAM). Learn from the classrooms of one of the world's great universities the new methods for navigating those challenges and putting in place rules that are effective for managing infrastructure.
  • The 2018 Threatscape: Cyber clairvoyance and divination Nov 14 2017 11:00 am UTC 45 mins
    Peter Wood
    What have we learned from 2017's biggest breaches and how will we deal with 2018's emerging threats? Attempting to look both backward and forward over the cyber landscape, Peter Wood will review lessons learned and apply them to the evolving threatscape.
  • Achieving Digital Trust: Turning New Threats into Customer Loyalty Oct 26 2017 2:00 pm UTC 45 mins
    Jeffrey Ritter
    Dynamic, volatile, innovative. Cloud security is all of these and more. How can cloud service vendors turn the constant parade of new threats into a continuing opportunity to increase customer loyalty? How can customers gain trust in their service vendors despite the parade? Learn how in this webcast.
  • Seeing through the Clouds: How Visibility Reduces Security Failures Oct 25 2017 3:00 pm UTC 45 mins
    Dominic Vogel, Chief Security Strategist, Cyber.SC
    As organizations continue to ramp-up their migration to cloud-based environments, they will need to account for the associated security and control risks. There are hidden dangers and blind spots that arise through the use of virtualization technology in the data center. These hidden dangers and blind spots become more prevalent as business-critical applications are increasingly deployed on the public cloud. This is a problem considering that an organization’s operations are dependent on a cloud environment that inherently has a huge visibility gap.

    Many are now making the necessary changes to keep data secure in the cloud. This talk will focus on how to pragmatically accomplish cloud security through increased emphasis on cloud network visibility and cloud access security brokers. Enterprises that can properly implement appropriate cloud network visibility and cloud access security brokers will experience a third fewer security failures. Learn about practical steps and tools that you can use for accomplishing cloud security in your organization.
  • The Future of Cloud Security: Next Generation Threat-based Testing Oct 24 2017 10:00 am UTC 45 mins
    Peter Wood
    If your processing and data is in the cloud, how can you deliver assurance, compliance and governance? How do you find the flaws and soft spots that criminals will exploit? From browser to database, through human factors and end points, this presentation will take a threat-based approach to securing the cloud.
  • Using Windows Security Events to Detect Intruders in Your Network Jul 4 2017 9:00 am UTC 90 mins
    Randy Franklin Smith (Windows Security expert), Chris Martin (Security Engineer), Caitlin NoePayne (LogRhythm Sr. TPM)
    Over time, any given computer on your network will establish a pattern of systems it does and doesn’t talk to. If you can properly baseline that behaviour and detect when the computer deviates from normal activity you can produce critical early warnings of a potential incident.

    In this webcast, LogRhythm’s senior technical product manager, Caitlin NoePayne, and principal sales engineer, Chris Martin, join Randy Franklin Smith, Windows Security subject matter expert, to discuss detecting computers on your network talking for the first time using Windows Security Events. They will also demonstrate LogRhythm behavioural analytics rules and case management features that help analysts follow up on suspicious activity alerts.

    Learn how to:

    • Configure your audit policy to generate relevant security events
    • Establish baseline behaviour of the machines on your environment
    • Monitor and detect traffic patterns to detect an attacker embedded in your network using Windows Security Events
    • Speed up investigation and response with Security Automation and Orchestration

    Watch now to learn how to use Windows Security Events and LogRhythm to detect when two computers on your network talk to each other for the first time.
  • From Self-parking to Self-loathing: Innovation and Risk in Connected Cars Jun 22 2017 12:00 pm UTC 45 mins
    Ken Munro, Partner, Pen Test Partners LLP
    While autonomous driverless cars are still a work-in-progress connected cars and the IoT are becoming the norm. Whether that relates to communications infrastructure, on-board services for vehicle management, or mobile device connectivity, more and more new cars come equipped as standard with some sort of "connected" element. Typically the cost of new technology is in the buying price, but with modern cars it could be insurance hikes, loss of privacy, or even loss of life.

    Ken Munro, Partner and Security Consultant and Pen Test Partners, breaks down the key technologies and examines the security implications for drivers, insurers and manufactures alike.

    Viewers will learn about:
    - The attack surface that a connected car presents
    - What those attacks look like
    - The implications for everyday drivers
    - What manufacturers need to be doing
  • Sharing the Data of IoT Security Incidents: 5 Keys to Improved Security Jun 20 2017 2:00 pm UTC 45 mins
    Jeffrey Ritter
    Bad things happen, but the potential of IoT will be limited if those in any connected system of devices cannot share data of adverse incidents more effectively. This webcast introduces 5 keys to doing so successfully, all toward improving security across those systems.
  • Securing the Internet of Everything: The war of the coffee machines Jun 20 2017 10:00 am UTC 45 mins
    Peter Wood
    The Internet of Everything affects everyone from multi-nationals to private citizens. The universal adoption of machine to machine communications in every aspect of our lives offers criminals a hugely expanded attack surface. How do we defend ourselves without undermining the benefits of the IoE?
  • Understanding Latest Data Breaches: Risk & Cost Analysis Jun 20 2017 9:00 am UTC 105 mins
    John Pironti, president of IP Architects, and Michael Dalgleish, director of sales engineering at LogRhythm
    The perils of security breaches are widely publicised, but do you know exactly how an attack or breach would affect your business?

    In this webinar John Pironti, president of IP Architects, and Michael Dalgleish, director of sales engineering at LogRhythm, will discuss the costs of recent data breaches and illustrate the best ways to determine your organisation’s cyber risk profile. The duo will also teach you about the security tools and processes you can implement to strengthen your security operations.

    Watch now to learn how to take your security operations to the next level.
  • Splunk and Gartner: Use an Analytics-Driven SIEM for Targeted Attack Detection Jun 7 2017 11:00 am UTC 60 mins
    Girish Bhat, Splunk Director of Security Product Marketing; Kelly Kavanaugh, Research Analyst,Info Security & Privacy,Gartner
    Description : It's no longer a question whether an organization will be breached -- it's a matter of when. According to Gartner, organizations are failing at early breach detection, with fewer than 20% of breaches detected internally.* The time to detect a compromise can takes days, or even months.

    Join this webinar to hear Splunk and Gartner discuss the strategic role of SIEM as a centralized solution and why organizations need to move from prevention only solutions to detection, response and remediation.

    In this session, Gartner research analyst Kelly Kavanagh will address:
    - Challenges facing organizations when it comes to advanced threats
    - The resources and technologies needed
    - Best practices on how organizations can leverage SIEM and lean-forward technologies like user and entity behavior analytics
  • What Security Logs Tell You About Attackers in Your Network Jun 6 2017 9:00 am UTC 45 mins
    Seth Goldhammer, Dir. Product Management at LogRhythm & Randy Franklin Smith, Windows Security Expert
    Preventing attackers from gaining control of network endpoints is difficult. Your preventative controls might stop such an event, but defence-in-depth best practices recommend a multi-layered security approach to protect your organisation.

    In this webcast, Seth Goldhammer, Director of Product Management at LogRhythm, joins Randy Franklin Smith, Windows Security subject matter expert, to discuss how to detect attackers in various stages of the Cyber Attack Lifecycle. The duo examines Windows and Windows Firewall events including:

    * 4798—A user's local group membership was enumerated
    * 4799—A security-enabled local group membership was enumerated
    * 4627—Group membership information
    * 6416—A new external device was recognised by the system

    They also show how LogRhythm’s analytics can recognise progression along the Cyber Attack Lifecycle, while increasing risk scoring with each progression, and how LogRhythm can infer additional context about a user during analysis.

    Watch now to learn how to take your security operations to the next level.
  • The Role of the End User: your strongest line of defence against cyber-attack Jun 1 2017 12:00 pm UTC 45 mins
    Steve Durbin, Managing Director, ISF LTD
    People remain a wild card to the cyber security of an organisation. Many businesses recognise people as their biggest asset, yet still fail to recognise the need to secure the human element of information security.

    In this webinar Steve Durbin, Managing Director of the ISF, tackles the question: How can organisations make people their strongest line of defence against cyber attack?
  • [VIDEO] Man & Machine: Analytics as a Defence Against Advanced Cyber Threats May 24 2017 1:00 pm UTC 30 mins
    Ross Brewer, vice president and managing director EMEA, LogRhythm & Josh Downs, Senior Community Manager, BrightTALK
    As technology advances, so does the threat landscape, with cyber criminals effectively exploiting weak points on an almost daily basis. When malware infiltrates an organisation’s first layer of defence, it can spread quickly throughout the network, exposing data and weakening security - and in most cases this happens faster than analysts or administrators have time to react to. Indeed, with reams of data being generated and transferred over networks, organisations are having a hard time monitoring everything, which means potential threats can easily go unnoticed.

    Organisations need to rely on machines to detect and respond to threats more quickly and efficiently. Even enterprises with a dedicated security team that monitors the latest security threat trends and understands the blueprint of evolving attack vectors still need to continuously monitor all network activity. The sheer volume of processes, services and applications running on a corporate network is just too much for human beings to monitor alone. However, this doesn’t mean that human analysis is not important.

    User and entity behavioural analytics (UEBA) is essential in keeping up with continuously evolving threats and making sense of anomalous network behaviour. Security approaches that utilise both machine learning and human analysis enable all threats to be analysed for effective detection and response, ensuring all data is accounted for and including the human element to help reduce the opportunities for false positives. To keep up with the ever-changing security landscape, companies need to integrate internal and external threat context in their environment by updating processing rules for operating systems, applications, and network devices in order to strengthen the accuracy of real-time machine analytics.
  • Don’t let Smartphones Kill your PKI Security Strategy May 23 2017 3:00 pm UTC 60 mins
    Gregory Vigroux, Enterprise Mobility Expert at Gemalto
    Half of businesses admit security is their biggest concern to increasing user mobility. Securing enterprise mobility has been an ongoing and arduous topic for IT security professionals. Maintaining high-assurance security, while offering access to company resources to an on-the-go workforce has become a balancing act. So much so, a third of businesses actually prevent employee access to company resources via mobile. This is likely not a long term or sustainable solution to the problem.

    So how do you find a compromise that won’t kill your security strategy? There are currently many technologies from derived credentials to mobile PKI. IT professionals are feeling the pressure to find a viable, user friendly, easy-to-deploy and secure options. In this webinar, we will discuss the current solutions in-depth and how they impact your current IT security policies. Attendees will learn more about:
    -Software-based security versus hardware-based security
    -How this impacts your back-end systems
    -Technology such as derived credentials and mobile PKI
    -Implementing a mobile PKI solution
  • [Video Panel] Fighting Ransomware & Responding if the Worst Happens Recorded: May 18 2017 47 mins
    Josh Downs, BrightTALK; Adrian Taylor, FireEye; Ian Whiting, Titania & Bart Parys, PwC
    Ransomware was one of the biggest threats facing businesses in 2016 and that trend is expected to continue as we press further into 2017.

    As more and more cheap malware becomes available to cyber criminals the sheer amount of ransomware attacks is on the rise.

    However, cyber defences are beginning to catch up.

    This expert video panel will be discussing the ransomware landscape, what you can do to better protect your business from the threat and steps to take should the worst happen.

    Panelists:

    - Josh Downs, BrightTALK (moderator)

    - Adrian Taylor, Field CTO, FireEye

    - Ian Whiting, CEO, Titania

    - Bart Parys, Threat Intelligence Analyst, PwC
  • Politics and Cyber Attacks: Techniques, Prevention & Influence Recorded: May 18 2017 34 mins
    Indy Dhami, Director & Independent Security Consultant
    Focus of the talk:

    The current global political climate and the increased number of cyber attacks associated with nation states and revelations from whistleblowers such as WikiLeaks. The strategies and potential reasons for such attacks – We are seeing a focus shifting from financial gain
    to political power, control and mass surveillance.

    Audience learning:

    A view of the technologies utilised and targeted to perform the attacks such as malware targets such as iPhones, Android devices and smart TVs and malware on Windows, Osx, Linux etc

    Audience takeaways:

    The talk is aimed at those with a general interest in Cyber Security and how political gain is firmly intertwined and a tool utilised in state sponsored cyber attacks indiscriminately against corporations, criminals and citizens alike.

    ------------------

    Indy possesses over 14 years’ experience, having worked in both
    operational and consulting positions at FTSE100 and Fortune 500
    organisations including AXA, Deutsche Bank, PwC, Accenture,
    Mercedes-Benz, Jaguar Land Rover and many other world leading
    organisations.

    His experience includes leadership positions in information/
    cybersecurity transformation, risk assurance, crisis management
    (pre and post incident), assurance, audit, governance, risk and
    compliance programmes.
  • [Video Interview] Pentest Masterclass & Getting the Most of Your Security Spend Recorded: May 18 2017 8 mins
    Josh Downs, Senior Community Manager BrightTALK & Ian Whiting, CEO, Titania
    - BrightTALK at CRESTCON & IISP Congress -

    BrightTALK caught up with Titania's Ian Whiting for an in-depth conversation on the current state of information security, today's threatscape and a discussion on the cyber industry.

    Topics up for discussion:

    - How to run a comprehensive pentest to protect your business

    - How to get the most from your cyber security budget

    - AI & Machine learning and the influence it'll have on the security industry

    - The explosion of connected devices on the IoT and where networks are especially vulnerable
  • Block The Risk Of Ransomware Recorded: May 18 2017 34 mins
    Jonathan Korba, System Engineer, Symantec, and Q&A with Gavin Fulton and Robert Arandjelovic
    Ransomware is becoming a more prevalent problem and attackers are becoming more straightforward; not even bothering to masquerade as legitimate agencies anymore. You may be wondering what you can do. First we would encourage you not to pay and then put protection in place so you won’t be victimized again.

    Learn how Symantec Endpoint Protection 14 can help protect you from future ransomware attacks:

    • What are your options if you’re a victim of ransomware
    • Why Symantec Endpoint Protection 14 can address ransomware better than other solutions
    • How Symantec technologies work together for maximum protection
Your Resource for Information Security Trends & Education
With over 280,000 members, the Information Security Community is the largest community of cybersecurity professionals in the industry. Let's build a network that connects people, opportunities, and ideas. If you are involved in purchasing, selling, designing, marketing ... or using information security solutions - this group is for you. Covered topics include compliance, encryption, anti-virus, malware, cloud security, data protection, hacking, network security, virtualization, and more.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: PCI DSS Reporting Requirements for People Who Hate PCI DSS Reporting
  • Live at: Dec 10 2014 4:00 pm
  • Presented by: Patrick Bedwell, VP of Product Marketing
  • From:
Your email has been sent.
or close