Name: DIY PKI
Start: 2017-04-17T15:00:00Z
End: 2017-04-17T15:55:49.000Z
Location: BrightTALK
Rating: 4

With over 280,000 members, the Information Security Community is the largest community of cybersecurity professionals in the industry. Let's build a network that connects people, opportunities, and ideas. If you are involved in purchasing, selling, designing, marketing ... or using information security solutions - this group is for you. Covered topics include compliance, encryption, anti-virus, malware, cloud security, data protection, hacking, network security, virtualization, and more.

Although overused, Next Generation Security still means keeping up with the challenges of securing today’s networks. The fundamental rule of keeping up with those challenges is having both a vision and an architecture that provides the foundation, regardless of how the market or the threats themselves change.

This session will focus on what is needed in an evolving security architecture to provide Next Generation Security in a constantly changing environment.

What Does “Next Generation Security” Mean To You?

Malware detection and prevention solutions are necessary in any organization. But, antivirus and even next-generation antivirus solutions can miss unknown threats, giving malicious software free reign to your systems and data.  During this presentation, Nyotron’s Director of Product Marketing, Teresa Wingfield and Director, Solution Architects, Robert Zamani, will discuss why endpoint protection solutions relying on signatures, machine learning models and threat hunting can’t always cope with a never ending number of new attack methods and malware variants.   

While you won’t be able to stop all malware using endpoint security, you can stop the damage it intends to cause.  Join us to learn how.

What Can You Do When You Can’t Stop Malware?

With growing numbers of new vulnerabilities disclosed every year, increasing attacker sophistication, and a myriad of tools and teams that have to be synchronized for effective response, most organizations struggle with designing and implementing an effective vulnerability management program. In this webinar we discuss 3 key components that all modern vulnerability programs must address :  

- Knowledge: How to create actionable intelligence from business context, threat intelligence, and any other relevant data source 
- Automation: How to implement automation to streamline significant parts of the VM process 
- Analytics: How to effectively engage and inform all stakeholders

Modern Vulnerability Management : Knowledge, Automation, Analytics ﻿

The United States spent around $3.5 trillion or 18% of GDP on healthcare. According to FBI, the amount of this spending lost due to fraud, waste, and abuse (FWA) ranged between $90 billion and $330 billion! 

This talk will offer practical advice on how to effectively organize and join various healthcare data sources such as claim and clinical data, how to set-up the problem, and how to design an effective machine learning solution to identify FWA leads and expedite investigator review using intuitive visualization to understand the risk factors contributing to those leads.

Machine Learning and AI for Healthcare Fraud Detection and Prevention

Payment fraud prevention tools have existed since the end of the 90s and have improved continuously since. In the last 2 to 3 years we have seen a new paradigm come into the space - machine learning. 

This new technology is perfectly fitted for identifying fraud and is slowly being adopted by the market. Moving forward, using tools like this will no longer be a choice but rather an obligation for merchants. An obligation, as it will be at the origin of a competitive advantage which goes way beyond fraud prevention and will bleed into business intelligence fields.

In this session, Rodrigo Camacho, CCO at Nethone will walk you through the evolution  fraud prevention touching on the following key points;

How the problem is solved by a large part of the industry today
The revolution that is happening in the space today
The halo effect that this revolution is going to have on the rest of business processes

The Future of Payment Fraud Prevention

As corporate data moves into cloud applications like Office 365, Box, and Salesforce, organizations are forced to rethink their security posture. Modern threats to cloud data range from unauthorized access to uncontrolled BYO devices. IT leaders need a forward-thinking approach to cloud security and must consider best practices when expanding the enterprise's cloud footprint, including proper identity management, comprehensive visibility, and zero-day control to name a few.

Join cybersecurity experts Rich Campagna, Bitglass, Chief Marketing Officer and Salim Hafid, Bitglass, Product Marketing Manager for a deeper dive on these cloud security best practices. 

•Explore the tools and training you need to protect data in any application
•Learn how cloud-first organizations are securing corporate data
•Gain insights to better enable employee productivity and mobility

Cloud Security - 5 Best Practices To Use in 2018

In the age of Digital Transformation, SD-WAN is on the lips of all enterprises and service providers. While the operational and commercial benefits of SD-WAN are clear, the focus on these as THE consideration is dangerous, as along its benefits comes a greater cyber security risk. 

This session will focus on Secure SD-WAN and the built-in benefits it provides, from both the operational and security points of view.

SD-WAN is Dead. Long Live Secure SD-WAN!

With the burst of interest into cryptocurrencies, there have been a lot of new users into this innovative world. However, the rush into the space has caused many users to skip key steps in joining the cryptocurrency community, such as understanding what basic security practices they should follow in order to keep themselves and their money secure. 

While there are technical steps to take to secure one's funds, there's also a number of things to keep in mind while interacting with the community. 

This webinar discussion aims to give beginners in the world of cryptocurrencies tips to better protect themselves, their money, and their sanity.

Basic Security with Cryptocurrencies

Multi-party permissioned blockchains present a set of new security challenges for dev ops and system and network administration. 

This webinar will cover why a lot of what we already know from securing N-tier architectures also applies to securing permissioned blockchains.  It will also cover what is different and new and discuss strategies for the practical defense of these distributed systems.

Securing Permissioned Blockchains

While some hackers crave the attention of a high profile attack or data breach, others prefer to work in shadows either trying to hide their tracks or are indifferent all together.  

Regardless, accurately understanding where an attack comes from is very helpful in defending against future attacks.  More importantly, when companies and key organizations work together it is possible to tie together a multitude of individual footprints into a single, conclusive trail back to the originator.

This session will focus on the importance of attribution and includes a case study of how a major cyber criminal was taken down, from the lowest foot soldier to the kingpin himself.

Hunting the Hunters or Can you cover your cyber tracks to avoid being caught?

Cyber risk isn't new, but the stakes grow higher every day. An incident is no longer likely to be an isolated event, but a sustained and persistent campaign. There is no single solution that will offer protection from an attack, but a Cyber Resilience strategy can provide a multi-layered approach that encompasses people, processes and technology. 

Pete Wood will talk about eliminating the gap between IT and the business to present a united front against threats. This is a paradigm shift that uses security intelligence to guide decisions and support agility.

Smarter Security: Cyber Resilience, TARA and Red Teaming

Today's modern businesses gain competitive edge and remain innovative by using advanced analytics and machine learning. Utilising big data can build customer loyalty by improving personalised marketing campaigns; optimises fraud detection; and improves products and services by advanced testing. However, the data sets required for advanced analytics are often sensitive, containing personal customer information, and therefore come with an inherent set of privacy risks and concerns. 

This roundtable will cover a few key questions on data utility and privacy:

- In what ways advanced analytics help businesses gain competitive edge?

- What is defined as sensitive data?

- Will GDPR affect the way you're allowed to use customer data?

- What opportunities are there to utilise sensitive data?

Unlocking the data’s true value is a challenge, but there are a range of tools and techniques that can help. This live discussion will focus on the data analytics landscape; compliance considerations and opportunities for improving data utility in 2018 and beyond.

Key takeaways:

- A view of the data protection landscape

- How to remaining compliant with GDPR when using customer data

- Use cases for advanced analytics and machine learning

- Opportunities for maximising data utility in 2018

Big Data Analytics vs Privacy: Risks and Opportunities

Discover the trends and opinions about insider threats that your peers have revealed in the recently published Cybersecurity Insiders report. 

Join Rob Marti, Director of Privileged Access Management at CA Technologies, as he guides you through the report and examines technologies and preventative measures.
 
Selecting the right insider threat solution is a pivotal decision; make sure you know your options.

Insider Threats: Exclusive Peer Perspectives, Strategies and Tactics

Privva AutoAssess is an Artificial Intelligence solution to automate the process of responding to the security assessments you receive from your clients.  AutoAssess learns from each and every assessment processed, so the Security Assessment responses generated are increasingly more accurate and consistent -- with fewer revisions required over time. 

Responding to security assessments can be a time consuming and sometimes frustrating process, due to complex variations of similar questions in multiple formats. Unfortunately, this process is only getting worse.  As enterprises take a more proactive approach to data security, completing third-party vendor assessments has become a necessary cost of doing business.

Privva can turn this time-consuming endeavor into an easy process, saving you hours per client and enabling you to focus on other critical areas of data protection.  The Privva AutoAssess solution has reduced the time spent per client from 5 hours to under 30 minutes.

Join Privva on December 11th to learn more about Privva AutoAssess.

Privva AutoAssess - AI for Client Security Assessments

The new business reality of GDPR and how you use customer data is inexorably approaching, if you work in or are doing business with anyone in the EU you must deal with this regulation. 

With data protection, there are really only two options: protection of data through ever-more data centralization and security or turning the customer data paradigm on its head and decentralize the data. 

We have a new model: give your customers full control over their data, gain their trust, and lower your costs with the open-source Pillar Business Wallet. Join our conversation Thursday, 30th of November.

The New Business Reality of GDPR with David Siegel and Michael Shea

Governments continue to try to regulate cyberspace, often with little effective impact.  Security professionals struggle to design and operate infrastructure that will comply with rules written with Semantically Intentional Ambiguous Meaning (SIAM). Learn from the classrooms of one of the world's great universities the new methods for navigating those challenges and putting in place rules that are effective for managing infrastructure.

Navigating the Chasm of SIAM-Managing Infrastructure in 2018

Cybersecurity is at a crossroads and requires a dramatic shift to adequately support the needs of business owners and security administrators as digital transformation challenges their needs and investments. Managing multiple cloud providers and dramatic increases in the number of endpoints generating data and the subsequent volume of data means enterprise security teams no longer have the requisite skills and bandwidth to deal with complicated security products. Building in security from the beginning quickly and cost-effectively is an industry game changer, especially with new growth markets like Big Data, Blockchain, Cloud Computing, Internet of Things and Digital Payments. 

Multi-cloud environments and government regulations and industry compliance add to the complexity of maintaining a manageable and effective data protection strategy. Transforming encryption and key management (data protection in general)  into a click and deploy model reduces internal business barriers between security teams, DevOps and product teams and alleviates disparate security policies, so you know where your data is and that it is secure. The way people consume security is changing by taking an on-demand approach similar to the Netflix philosophy. In this webinar, we will discuss how cloud-based security is simplifying workflow processes, changing cost/benefit models to drive us towards a pervasiveness of encryption and key management that will de-risk data and connectivity in similar ways to anti-virus and firewalls. 

Join this interactive presentation to learn about: 
• The role of security in today's connected world 
• The drivers for and impact of simplifying security on business and workflow
• How security is providing valuable business intelligence through connected systems and meeting compliance mandates 
• Gemalto’s solution to solving on-demand data protection
• Upcoming cybersecurity trends and how to prepare

Security Heretic: What got us here, won't get us there

This discussion focuses on delivering a secure API layer and how Open Banking will deliver a secure Open Future..

Open Banking will affect every layer of the bank:
-It will stretch and stress banks’ brands – resulting in both the potential for significantly increased reach, and reputational enhancement and risk
-It will change and complicate how banks talk to consumers and SMEs – whether direct, intermediated, invisible, or all three simultaneously
-The ecosystem environment will radically change how services are designed - with a flood of ideas and data available for those banks which successfully attract, seed and enrich the ecosystem within which they are a player
-And the ecosystem environment will fundamentally change how these services are delivered – whether by companies with whom the bank has a partnership, or companies with whom the bank has absolutely no relationship
-And finally, it also demands a rich, growing - and secure - API layer to enable the Open Future

Delivering a Secure API layer with Open Banking

Public Key Infrastructure (PKI) is a well-known security protocol used by some of the world’s largest governments and top enterprises, but it’s a technology that also affords many possibilities in new and growing industries. Even small to medium sized businesses can greatly benefit from PKI.  However, PKI is also often mistakenly perceived as being difficult to deploy. Gemalto is addressing this common misconception.  The next webinar in our PKI series, DIY PKI, will walk attendees through the entire process of setting up a PKI environment and how to manage it. We have developed a five step process to make it easy for security professionals to get their PKI system up and running with minimal time spent. The five step implementation method will give you an idea of how to set up a two tier Microsoft PKI infrastructure with Gemalto SafeNet Authentication Manager and SafeNet Luna HSM to perform smart card log on for small to medium sized enterprises. 

Attendees of the DIY PKI webinar will learn:

-Challenges of PKI deployment 
-Overall PKI integration ecosystem
-Common use cases deployed in enterprises: Smart card logon – What happens in the backgrounnd, email encryption/signing

Step by step implementation steps
oInstall and configure a Hardware Security Module (HSM)
oInstall the root CA and configure it with the HSM
oInstall and configure the issuing CA
oConfigure the permissions of users and create certificate templates
oInstall and configure an authentication manager



For the purpose of this webinar and using Gemalto’s five step propriety approach, we will use our SafeNet line of technologies to demonstrate the implementation of the PKI solution.

DIY PKI

authentication

enterprise security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

DIY PKI

Presented by

About this talk

More from this channel