Regulation and Legislation: Keeping abreast of a moving landscape
Most governments have already created, or are in the process of creating, regulations that impose conditions on the safeguard and use of Personally Identifiable Information (PII), with penalties for organizations who fail to sufficiently protect it. Organizations need to treat privacy as both a compliance and business risk issue, in order to reduce regulatory sanctions as well as reputational damage and loss of customers due to privacy breaches.
So how will organisations manage infrastructure across multiple domains without falling foul of emerging privacy and data management legislation, particularly when cloud services and personal devices are the norm?
During this webinar, Steve Durbin, Managing Director of ISF, will discuss how the security function and the board will need to work together to ensure that current regulatory trends and emerging technologies are aligned to maintain business effectiveness and connectivity.
RecordedOct 6 201544 mins
Your place is confirmed, we'll send you email reminders
Rob Anderson, Head of Field Operations (Privitar),Tim Hickman, Associate (White & Case)
Today's modern businesses gain competitive edge and remain innovative by using advanced analytics and machine learning. Utilising big data can build customer loyalty by improving personalised marketing campaigns; optimises fraud detection; and improves products and services by advanced testing. However, the data sets required for advanced analytics are often sensitive, containing personal customer information, and therefore come with an inherent set of privacy risks and concerns.
This roundtable will cover a few key questions on data utility and privacy:
- In what ways advanced analytics help businesses gain competitive edge?
- What is defined as sensitive data?
- Will GDPR affect the way you're allowed to use customer data?
- What opportunities are there to utilise sensitive data?
Unlocking the data’s true value is a challenge, but there are a range of tools and techniques that can help. This live discussion will focus on the data analytics landscape; compliance considerations and opportunities for improving data utility in 2018 and beyond.
- A view of the data protection landscape
- How to remaining compliant with GDPR when using customer data
- Use cases for advanced analytics and machine learning
- Opportunities for maximising data utility in 2018
Privva AutoAssess is an Artificial Intelligence solution to automate the process of responding to the security assessments you receive from your clients. AutoAssess learns from each and every assessment processed, so the Security Assessment responses generated are increasingly more accurate and consistent -- with fewer revisions required over time.
Responding to security assessments can be a time consuming and sometimes frustrating process, due to complex variations of similar questions in multiple formats. Unfortunately, this process is only getting worse. As enterprises take a more proactive approach to data security, completing third-party vendor assessments has become a necessary cost of doing business.
Privva can turn this time-consuming endeavor into an easy process, saving you hours per client and enabling you to focus on other critical areas of data protection. The Privva AutoAssess solution has reduced the time spent per client from 5 hours to under 30 minutes.
Join Privva on December 11th to learn more about Privva AutoAssess.
The new business reality of GDPR and how you use customer data is inexorably approaching, if you work in or are doing business with anyone in the EU you must deal with this regulation.
With data protection, there are really only two options: protection of data through ever-more data centralization and security or turning the customer data paradigm on its head and decentralize the data.
We have a new model: give your customers full control over their data, gain their trust, and lower your costs with the open-source Pillar Business Wallet. Join our conversation Thursday, 30th of November.
Governments continue to try to regulate cyberspace, often with little effective impact. Security professionals struggle to design and operate infrastructure that will comply with rules written with Semantically Intentional Ambiguous Meaning (SIAM). Learn from the classrooms of one of the world's great universities the new methods for navigating those challenges and putting in place rules that are effective for managing infrastructure.
Gary Marsden, Senior Director of Data Protection Solutions at Gemalto
Cybersecurity is at a crossroads and requires a dramatic shift to adequately support the needs of business owners and security administrators as digital transformation challenges their needs and investments. Managing multiple cloud providers and dramatic increases in the number of endpoints generating data and the subsequent volume of data means enterprise security teams no longer have the requisite skills and bandwidth to deal with complicated security products. Building in security from the beginning quickly and cost-effectively is an industry game changer, especially with new growth markets like Big Data, Blockchain, Cloud Computing, Internet of Things and Digital Payments.
Multi-cloud environments and government regulations and industry compliance add to the complexity of maintaining a manageable and effective data protection strategy. Transforming encryption and key management (data protection in general) into a click and deploy model reduces internal business barriers between security teams, DevOps and product teams and alleviates disparate security policies, so you know where your data is and that it is secure. The way people consume security is changing by taking an on-demand approach similar to the Netflix philosophy. In this webinar, we will discuss how cloud-based security is simplifying workflow processes, changing cost/benefit models to drive us towards a pervasiveness of encryption and key management that will de-risk data and connectivity in similar ways to anti-virus and firewalls.
Join this interactive presentation to learn about:
• The role of security in today's connected world
• The drivers for and impact of simplifying security on business and workflow
• How security is providing valuable business intelligence through connected systems and meeting compliance mandates
• Gemalto’s solution to solving on-demand data protection
• Upcoming cybersecurity trends and how to prepare
Louise Beaumont (Publicis.Sapient & techUK), Bernard Harguindeguy (Elastic Beam), Chris Ward (Mapa Research)
This discussion focuses on delivering a secure API layer and how Open Banking will deliver a secure Open Future..
Open Banking will affect every layer of the bank:
-It will stretch and stress banks’ brands – resulting in both the potential for significantly increased reach, and reputational enhancement and risk
-It will change and complicate how banks talk to consumers and SMEs – whether direct, intermediated, invisible, or all three simultaneously
-The ecosystem environment will radically change how services are designed - with a flood of ideas and data available for those banks which successfully attract, seed and enrich the ecosystem within which they are a player
-And the ecosystem environment will fundamentally change how these services are delivered – whether by companies with whom the bank has a partnership, or companies with whom the bank has absolutely no relationship
-And finally, it also demands a rich, growing - and secure - API layer to enable the Open Future
Candid Wueest, Principal Threat Researcher, Symantec
Financial institutions are increasingly facing attacks on multiple fronts.
Cyber criminals continue to target online banking using malware to hijack customer transactions and banking sessions. While there has been an overall drop in infections related to these consumer threats, financial institutions are now facing new types of attacks in the form of large-scale financial heists.
Attack groups such as Fin7 and Lazarus are deliberately targeting financial institutions in audacious attacks that are reaping large rewards. They are using living off the land and fileless attack tactics similar to APT groups. But also extortion with DDoS attacks or business email compromise (BEC) scams are increasingly bothering financial corporations.
In this webcast on the current financial threat landscape, Symantec takes a look at the most prevalent and significant financial threats.
In this webcast we will review:
- The top threats facing financial institutions with statistics and examples
- Explore the most common techniques employed in financial attacks
- Provide case studies of the most high-profile financial attacks of the past 12 months
Dynamic, volatile, innovative. Cloud security is all of these and more. Join this webinar to learn more about:
- How can cloud service vendors turn the constant parade of new threats into a continuing opportunity to increase customer loyalty?
- How can customers gain trust in their service vendors despite the parade?
Effective responses to modern IT risks requires a transition from cyber security to cyber defense. This presentation introduces analysis based on proven military tools to understand, assess, and defend against cyber-attack. See how Petya worked its way in, and how to defend against it. Take away valuable tools and frameworks to develop your defenses.
Griff is trained as a Canadian Infantry Officer and is a graduate of the Johnson-Shoyama Graduate School of Public Policy. After a two-year stint as a Strategic Policy Analyst at the Treasury Board Secretariat in Ottawa, he moved to London where he completed a Master’s Degree at the LSE. Unable to find “real” work, he got into software development as a Scrum Master, leading the development of a web based application. This experience fostered an interest in cybersecurity, and Griff went on to a boutique start-up providing application security to Fortune 500 companies. Frustrated by the disconnect between technologies and poor analysis within cyber security, Griff founded cyber defense firm Damrod Analysis in 2017. He is London based, where he and his wife are expecting their first child shortly.
What have we learned from 2017's biggest breaches and how will we deal with 2018's emerging threats? Attempting to look both backward and forward over the cyber landscape, Peter Wood will review lessons learned and apply them to the evolving threatscape.
Nicolas Thomas, Fortinet Consulting System Engineer
Software Defined everything (SDx) relies heavily on automation. As organizations adopt SDx, daily tasks become more automated and traditional security architectures (such as DC perimeter security) are not enough.
Constant changes automated throughout the system and the integration and separation of responsibilities shake our security habits. In this session, we will look at how security architecture and solutions can adapt to those moving targets and provide the automated approach to make these environments even more secure.
Join us on November 7th to learn how to ensure your operations team don’t put security in too late in the automation game.
As organizations continue to ramp-up their migration to cloud-based environments, they will need to account for the associated security and control risks. There are hidden dangers and blind spots that arise through the use of virtualization technology in the data center. These hidden dangers and blind spots become more prevalent as business-critical applications are increasingly deployed on the public cloud. This is a problem considering that an organization’s operations are dependent on a cloud environment that inherently has a huge visibility gap.
Many are now making the necessary changes to keep data secure in the cloud. This talk will focus on how to pragmatically accomplish cloud security through increased emphasis on cloud network visibility and cloud access security brokers. Enterprises that can properly implement appropriate cloud network visibility and cloud access security brokers will experience a third fewer security failures. Learn about practical steps and tools that you can use for accomplishing cloud security in your organization.
Cloud computing is an increasingly vital element of information security. It’s used to protect sensitive data; for identity and access management; for network security and to aid with incident response. However it’s not without it’s own set of risks and has been hit in the past with significant and newsworthy breaches.
Join this interactive Q&A panel with top cloud and security experts as they discuss the future of the cloud and considerations to take for protecting sensitive data when it's held in the Cloud.
Our current security architecture is broken. We need a new approach to address the evolving IoT endpoint. Join Armis CTO Nadir Izrael as he discusses:
-Where current architecture is falling short
-What next-generation architecture should look like
-How to address vulnerabilities found in IoT devices/the unmanaged endpoint.
Armis eliminates the IoT security blind spot, protecting enterprises from the threat of unmanaged or rogue devices and networks. Customers including Samsung Research America and IDT Corporation trust Armis’ agentless IoT security platform to see and control any device or network. Armis is a privately held company and headquartered in Palo Alto, California.
Technology will underpin all aspects of modern society by 2019, profoundly impacting the way people live and work. Business leaders face a stark dilemma; should they rush to adopt new technology and risk major fallout if things go wrong; or wait and potentially lose ground to competitors. Organisations that are well informed about emerging technologies and corresponding threats will be best placed to make winning decisions.
In this webinar, Steve Durbin, Managing Director, ISF, will examine the threats that organisations will be dealing with over the next two years and will provide advice on the best ways of handling them.
If your processing and data is in the cloud, how can you deliver assurance, compliance and governance? How do you find the flaws and soft spots that criminals will exploit? From browser to database, through human factors and end points, this presentation will take a threat-based approach to securing the cloud.
Bitcoin is all the rage right now. But many question the security behind this popular cryptocurrency.
Join this session where Anupam's agenda will include:
-Anonymity Vs. Pseudonymity
-Bitcoin working mechanics and cryptography involved
-Transaction conduct and types
-Wallets and types
Ahmed Banafa, Lecturer and IoT Expert, College of Engineering, San Jose State University
As the Internet of Things (IoT) adds more and more devices to the digital fold every day, organizations of all sizes are recognizing the IoT's potential to improve business processes and, ultimately, accelerate growth.
Meanwhile, the number and variety of IoT solutions has expanded exponentially, creating real challenges. Chief among them: the urgent need for a secure IoT model for performing common tasks such as sensing, processing, storing information, and communicating. But developing such a model involves overcoming numerous hurdles.
Of course, there are multiple ways of looking at the IoT. For instance, the system view divides the IoT into blocks, such as connected things, gateways, network services, and cloud services, while the business view consists of platform, connectivity, business model, and applications. But one common thread connects all these views: security is paramount
IoT applications and devices is the next wave of technology, but security is a big concern. This webinar will explain the convergence of IoT and Blockchain technology.
Lisa Forte, Cyber Protection Officer, South West Police Cyber Crime Unit
The South West Regional Cyber Crime Unit are involved in fighting cyber crime along with other national and international law enforcement agencies.
As such they see certain traits, methodologies and vulnerabilities over and over again. Lisa Forte, the Cyber Protect Officer for the Unit, will be explaining how businesses should adapt their thinking to "see what the hackers see" to better defend themselves against the threat she sees every day.
Lisa will also be talking about the importance of planning and war gaming out cyber attack scenarios. The businesses that have a plan are the businesses that survive to tell the tale. Lisa will be using real life cases that the Cyber Crime Unit have dealt with to highlight how quickly things can go wrong as well as providing some simple steps businesses can apply to reduce their vulnerability.
Lisa Forte is the Cyber Protection Officer for the South West Police Cyber Crime Unit. Her role involves helping businesses of all shapes and sizes defend against the ever growing cyber threat. Prior to working in the Cyber Crime Unit Lisa worked in intelligence for Counter Terrorism agencies in the UK.
Your Resource for Information Security Trends & Education
With over 280,000 members, the Information Security Community is the largest community of cybersecurity professionals in the industry. Let's build a network that connects people, opportunities, and ideas. If you are involved in purchasing, selling, designing, marketing ... or using information security solutions - this group is for you. Covered topics include compliance, encryption, anti-virus, malware, cloud security, data protection, hacking, network security, virtualization, and more.