Living in a State of Cyber Insecurity - Advanced Targeted Attacks

Aaron Sheridan, Sr. Systems Security Engineer
With the APT attacks in 2011, we have seen cyber criminals penetrate networks seemingly at will. This has been possible because of zero-day, targeted APT attacks utilizing sophisticated malware that infiltrates over multiple stages and multiple vectors like Web and Email.

In this webcast Aaron will discuss the cycle of cyber insecurity and provide key criteria as security professionals investigate next-generation threat protection, including:

1. Real-time defenses beyond signatures
2. Dynamic analysis of all phases of the attack lifecycle
3. Inbound and outbound filtering across protocols
4. Accurate, low false positive rates
5. Global intelligence to protect the local network
Mar 14 2012
33 mins
Living in a State of Cyber Insecurity - Advanced Targeted Attacks
Join us for this summit:
More from this community:

IT Security

  • Live and recorded (5242)
  • Upcoming (122)
  • Date
  • Rating
  • Views
  • Who has earned the bragging rights as the most secure college athletic conference?

    Colleges have rivals both on the football field and in the classrooms, but how do they fare in security performance? Watch this webinar featuring Stephen Boyer, CTO and Co-Founder of BitSight Technologies, and Rebecca Sandlin, CIO of Roanoke College, to learn how the major athletic conferences compared in key security performance metrics. There is also a discussion about why security benchmarking is so significant in education.

    Watch this webinar to discover:

    - The unique challenges higher education faces in securing their networks and how benchmarking can help
    - Why performance varies across the industry, and how that translates into actionable intelligence for security teams
    - How Security Ratings are enabling Roanoke College to gain tremendous insights about security strategy and performance issues that they can share with their board.
  • Who has earned the bragging rights as the most secure college athletic conference?

    Colleges have rivals both on the football field and in the classrooms, but how do they fare in security performance? Watch this webinar featuring Stephen Boyer, CTO and Co-Founder of BitSight Technologies, and Rebecca Sandlin, CIO of Roanoke College, to learn how the major athletic conferences compared in key security performance metrics. There is also a discussion about why security benchmarking is so significant in education.

    Watch this webinar to discover:

    - The unique challenges higher education faces in securing their networks and how benchmarking can help
    - Why performance varies across the industry, and how that translates into actionable intelligence for security teams
    - How Security Ratings are enabling Roanoke College to gain tremendous insights about security strategy and performance issues that they can share with their board.
  • Today’s threat actors are more sophisticated than ever, and organizations need live attack intelligence that alerts them to emerging threats long before they become full-blown attacks that lead to sensitive data loss. Furthermore, organizations need the most current threat data available in order to protect their networks from incursions – they need real-time actionable intelligence.

    Join us for the upcoming webinar, “Actionable Intelligence: A Threat Intelligence Buyer’s Guide” featuring Rick Holland, Principal Analyst at Forrester Research, and Jeff Harrell, Senior Director, Product Marketing at Norse, to learn how to evaluate the various threat intelligence offerings in the marketplace, and how to utilize them to prevent today’s advanced attacks.

    In this webinar you will learn about:
    * The criteria needed to effectively evaluate threat intelligence solutions that meet your organization's needs
    * The value of the different types and sources of internal and external threat intelligence
    * How best to utilize threat intelligence to realize a greater return on security investments and better protect your organization
  • Today’s threat actors are more sophisticated than ever, and organizations need live attack intelligence that alerts them to emerging threats long before they become full-blown attacks that lead to sensitive data loss. Furthermore, organizations need the most current threat data available in order to protect their networks from incursions – they need real-time actionable intelligence.

    Join us for the upcoming webinar, “Actionable Intelligence: A Threat Intelligence Buyer’s Guide” featuring Rick Holland, Principal Analyst at Forrester Research, and Jeff Harrell, Senior Director, Product Marketing at Norse, to learn how to evaluate the various threat intelligence offerings in the marketplace, and how to utilize them to prevent today’s advanced attacks.

    In this webinar you will learn about:
    * The criteria needed to effectively evaluate threat intelligence solutions that meet your organization's needs
    * The value of the different types and sources of internal and external threat intelligence
    * How best to utilize threat intelligence to realize a greater return on security investments and better protect your organization
  • Social engineering targets our most challenging assets - people! We'll share a case study on how a regulated, mid-sized company prioritized risks, developed a mitigation strategy, and delivered an innovative awareness campaign.

    What's unique about this example is the program we helped build to incorporate active control testing, user feedback, and metrics to improve employee training alongside traditional technical controls.
  • Social engineering targets our most challenging assets - people! We'll share a case study on how a regulated, mid-sized company prioritized risks, developed a mitigation strategy, and delivered an innovative awareness campaign.

    What's unique about this example is the program we helped build to incorporate active control testing, user feedback, and metrics to improve employee training alongside traditional technical controls.
  • In this webinar we will examine what information security and threat analysts can expect in 2015. Topics will include using threat intelligence before and after data breaches, information sharing, the Internet of Things, and the role of the CISO.
  • Attack Intelligence to Power Tomorrow’s Cyber Response.

    Preparing to combat every threat and vulnerability is a war that no cybersecurity professional can win today. Speed, accuracy and visibility of threats and active attacks is critical to defending against APTs and other sophisticated attacks responsible for today’s headline-grabbing data breaches. The next generation of advanced threat prevention solutions will require a significant shift in how we incorporate threat and attack visibility into everyday security operations, enabling incident responders to identify and stop campaigns as they happen.

    Join us as IDC’s Research Vice President for Security Products Services Charles Kolodgy shares his view of the threat landscape, including how threats are evolving, how cybercriminals are becoming more sophisticated and what new solutions are necessary to combat APTs.
  • Attack Intelligence to Power Tomorrow’s Cyber Response.

    Preparing to combat every threat and vulnerability is a war that no cybersecurity professional can win today. Speed, accuracy and visibility of threats and active attacks is critical to defending against APTs and other sophisticated attacks responsible for today’s headline-grabbing data breaches. The next generation of advanced threat prevention solutions will require a significant shift in how we incorporate threat and attack visibility into everyday security operations, enabling incident responders to identify and stop campaigns as they happen.

    Join us as IDC’s Research Vice President for Security Products Services Charles Kolodgy shares his view of the threat landscape, including how threats are evolving, how cybercriminals are becoming more sophisticated and what new solutions are necessary to combat APTs.
  • Mobile is no longer a supplementary channel for the enterprise; It is quickly becoming the primary channel to deliver business critical information and experiences to partners, customers and employees. Join Sarvesh Jagannivas, VP of Product Marketing at MuleSoft, and Uri Sarid, CTO at MuleSoft, as they discuss the mobile enterprise opportunity, and the biggest challenges preventing successful mobile delivery.

    Join this webinar to learn:
    - Why mobile applications are the new imperative for the enterprise
    - The top challenges preventing rapid, scalable and secure mobile application development
    - Three case studies of industry leaders who are building mobile enterprises
  • Channel
  • Channel profile
  • Maintaining Security in a Mobile World Mar 4 2015 6:00 pm UTC 45 mins
    The game has changed. Due to cost savings, and the privacy and mobility needs of employees, in just a few short years companies have loosened the mobile device leash. Enterprises are now shifting from traditional “company owned” devices, to allowing “Bring Your Own Device” in the workplace. According to Gartner, by 2017 fifty percent of companies will actually force employee to bring their own device to work.

    But if you’re tasked with securing devices, how do you accommodate BYOD? Where do you start and what kinds of security solutions should you be looking for?

    In this webinar, Chris Hines, Product Manager at Bitglass will teach you how to balance the needs of IT admins and employees when it comes to securing your mobile world.
  • The Profitable MSSP Series –Sandbox-as-a-Service for MSSPs Mar 3 2015 5:00 pm UTC 45 mins
    This webinar will outline methods of deploying Fortinet Sandbox solution as a hardware inclusive service and creating a compelling offering that will help build value in your portfolio and lead to high margin revenue. We will discuss the reasons for the renewed demand for Sandboxing, the deliverables of FortiSandbox, compare it to competitive solutions and discuss sizing, productizing and pricing models.
  • Security Rivals? The Value of Measuring & Comparing Network Security Performance Recorded: Feb 27 2015 50 mins
    Who has earned the bragging rights as the most secure college athletic conference?

    Colleges have rivals both on the football field and in the classrooms, but how do they fare in security performance? Watch this webinar featuring Stephen Boyer, CTO and Co-Founder of BitSight Technologies, and Rebecca Sandlin, CIO of Roanoke College, to learn how the major athletic conferences compared in key security performance metrics. There is also a discussion about why security benchmarking is so significant in education.

    Watch this webinar to discover:

    - The unique challenges higher education faces in securing their networks and how benchmarking can help
    - Why performance varies across the industry, and how that translates into actionable intelligence for security teams
    - How Security Ratings are enabling Roanoke College to gain tremendous insights about security strategy and performance issues that they can share with their board.
  • Actionable Intelligence: A Threat Intelligence Buyer’s Guide Recorded: Feb 26 2015 48 mins
    Today’s threat actors are more sophisticated than ever, and organizations need live attack intelligence that alerts them to emerging threats long before they become full-blown attacks that lead to sensitive data loss. Furthermore, organizations need the most current threat data available in order to protect their networks from incursions – they need real-time actionable intelligence.

    Join us for the upcoming webinar, “Actionable Intelligence: A Threat Intelligence Buyer’s Guide” featuring Rick Holland, Principal Analyst at Forrester Research, and Jeff Harrell, Senior Director, Product Marketing at Norse, to learn how to evaluate the various threat intelligence offerings in the marketplace, and how to utilize them to prevent today’s advanced attacks.

    In this webinar you will learn about:
    * The criteria needed to effectively evaluate threat intelligence solutions that meet your organization's needs
    * The value of the different types and sources of internal and external threat intelligence
    * How best to utilize threat intelligence to realize a greater return on security investments and better protect your organization
  • Assessing Risks & Solutions for Social Engineering Recorded: Feb 26 2015 32 mins
    Social engineering targets our most challenging assets - people! We'll share a case study on how a regulated, mid-sized company prioritized risks, developed a mitigation strategy, and delivered an innovative awareness campaign.

    What's unique about this example is the program we helped build to incorporate active control testing, user feedback, and metrics to improve employee training alongside traditional technical controls.
  • Attack Intelligence: The More You Know, The Less Damage They Can Do Recorded: Feb 26 2015 48 mins
    Attack Intelligence to Power Tomorrow’s Cyber Response.

    Preparing to combat every threat and vulnerability is a war that no cybersecurity professional can win today. Speed, accuracy and visibility of threats and active attacks is critical to defending against APTs and other sophisticated attacks responsible for today’s headline-grabbing data breaches. The next generation of advanced threat prevention solutions will require a significant shift in how we incorporate threat and attack visibility into everyday security operations, enabling incident responders to identify and stop campaigns as they happen.

    Join us as IDC’s Research Vice President for Security Products Services Charles Kolodgy shares his view of the threat landscape, including how threats are evolving, how cybercriminals are becoming more sophisticated and what new solutions are necessary to combat APTs.
  • Six Steps To a High-Performing IT Department Recorded: Feb 26 2015 53 mins
    What sets high-functioning IT organizations apart from the rest? That’s something every IT leader wants to know. After all, we live in a highly competitive business climate and IT performance can be the difference between success and failure. To conquer the challenge, we need to be informed and collaborative and we need to do this in a cost-effective manner.

    In this webcast, you will hear from two experts on some of the technology that’s driving today’s high-functioning IT organizations. Find out how your company can be aligned, agile and ready to respond to ever-changing business requirements and competitive pressures.
  • Applied Security Analytics Recorded: Feb 26 2015 45 mins
    Many organizations are looking at using big data to detect more advanced adversaries. We are collecting more information than ever before, but what are we doing with it? In this talk, we will look at some ways you can use data science and visualization tools to get more out of the data you collect. Visualizations will let you see what is happening at a high level: A picture is worth a thousand log entries. There are data science techniques that other industries, such as advertising, have used successfully. We can apply these techniques to find patterns of behavior that are out of the ordinary, and ultimately catch more bad guys.
  • Continuous Third Party Monitoring Powers Business Objectives Recorded: Feb 26 2015 48 mins
    While many companies focus their effort on reducing cybersecurity risk, more threats are being discovered daily. Point-in-time, subjective questionnaires are not in line with the new regulations requiring continuous monitoring of vendors, partners and other third parties.

    In “Continuous Third Party Monitoring Powers Business Objectives,” BitSight CTO and Co-founder Stephen Boyer and guest speaker, Forrester Research Senior Analyst Renee Murphy will discuss the value businesses are finding in using a solution that has a constant eye on third party cyber threats.

    Boyer and Murphy will also discuss:

    - The results of the study BitSight commissioned Forrester Consulting to undertake, examining how IT decision-makers feel about objective, reliable and continuous monitoring.
    - What can be done beyond compliance to increase security performance.
    - Which industries stand to benefit most from using automated, objective information security data.
    - Specific use cases for continuous monitoring and how they help companies improve information security performance.
  • Key Research Findings: How to Optimize Business Processes Recorded: Feb 26 2015 53 mins
    Based on recent research by analyst Bob Larrivee of AIIM, this webinar will address how organizations can leverage technology to identify, evaluate and optimize business processes to increase operational efficiency.

    Join us as we explore:
    - Drivers for problem-solving, tracking KPIs, process failures and workflow management
    - How technology can reduce errors and exceptions that lead to lost business and non-compliance
    - Increasing visibility to optimize processes, reduce costs and deliver a superior customer experience
  • Cost-effective Disaster Recovery Without a DR Site Recorded: Feb 25 2015 58 mins
    Achieving cost-effective disaster recovery (DR) services without a physical DR site — or having to extend your DR footprint — is possible. In this live webcast with Microsoft, see how you can use AppAssure software in combination with Microsoft® Azure® and disaster recovery as a service (DRaaS) from Dell partner, eFolder.

    The first half of the webcast will showcase how you can store AppAssure backup archives directly on Azure and perform item-level recovery from the archive without having to download the archive from the cloud. Then we’ll showcase ways to replicate AppAssure backup images to the eFolder® Storage Cloud® and enable multiple disaster recovery options.

    Join our webcast partnered with Microsoft® and see how easy it is to:
    • Manage the growth of your backup archives
    • Establish cost-effective disaster recovery without a DR site
    • Avoid extending your DR footprint

    What you will learn:
    • How to leverage Azure to directly store AppAssure backup archives
    • How to perform item-level recovery from the archive without downloading the archive from the cloud
    • How to replicate AppAssure backup images to the eFolder Storage Cloud
    • How to enable multiple disaster recovery options, including image download, overnight drive shipment or recovery in the eFolder® Continuity Cloud®
  • When Prevention Fails... Recorded: Feb 25 2015 13 mins
    When prevention fails, your only hope is detection. Security defense plans are relying on detection and response knowing preventive defenses are declining in effectiveness. The balance between preventive and detective defenses is the big security shift for 2015, and knowing the process cycles, skills and technologies is vital for success. Detection and response is more than a point solution, learn the four phases for detection on your network in this webcast.

    - Four detection phases for your network
    - Integrating key technologies required for detection
    - Processes to mine big data for actionable intelligence
    - Detection skills sets, costs and resource requirements
    - Analyzing all the data all the time, options for success
  • Protect Your Network From Today's Advanced Attack Methods Recorded: Feb 25 2015 42 mins
    Attackers have been employing a few very popular attack methods recently in their quest for profit: spear phishing, malvertising, ransomware, to name a few. Learn about these methods and others through real examples, and the tactics you can employ to reduce your risk and protect your network from advanced threats like these.
  • Clear and Present Danger Recorded: Feb 25 2015 50 mins
    Criminal activity is being reported before our eyes in the news and it could be infiltrating your organization -threatening your brands trust and even your job.

    There is clear and present danger - whether you know it or not.

    Hear from Kevin Kennedy, VP of Product at Agari, as he examines a real life phishing attack, what impact it had on the person and company who was phished, and what strategies CISOs need to know in order to protect their own organization.
  • Optimize SSL Certificate Management with Symantec and A10 Networks Recorded: Feb 25 2015 57 mins
    Managing a secure SSL environment is getting complex. Recent industry standards and security vulnerabilities required IT to migrate from SHA-1 to SHA-2 hash algorithm, find alternatives for certificates with non-fully-qualified domain (FQDN) names and replace certificates impacted by the Heartbleed vulnerability. In addition, initiatives like Google’s “HTTPS everywhere” or always-on SSL on Google search may increase the deployment of SSL certificates in an organization. All these changes add to the challenges of managing SSL certificates.

    In the meantime, IT managers have to continue to provide optimal system performance to meet their users’ needs while staying within their budget.

    Attend this exclusive webinar to:

    - Discover recent changes and challenges with SSL certificate management
    - Learn how you can minimize time and resources in monitoring and managing SSL certificates with Symantec Certificate Intelligence Center (CIC)
    - Find out how you can optimize the performance of SSL encryption and decryption with the A10 Thunder Application Delivery Controller (ADC) from A10 Networks
  • The 5 Misconceptions About the Modern DDoS Attack Recorded: Feb 25 2015 31 mins
    Distributed Denial of Service attacks, once dismissed as simple flood-based threats, are now regularly in the headlines for taking down the networks of one Fortune 500 corporation after another. For today's web-reliant businesses, understanding the modern DDoS attack is critical to maintaining availability and business continuity. DDoS is no longer a basic attack, but a complex one, targeting the application layer and the infrastructure itself.

    No security threat has a more immediate or high profile impact than a successful DDoS attack. If your website or online services go offline, everyone associated with your business knows, from customers to employees and yes, your competitors.

    In this 30 minute presentation, Arbor DDoS experts will review the five most common misconceptions about DDoS attacks, giving you a new perspective on this rapidly evolving threat and your organization's protection strategy.

    Attend this webinar to learn:
    -What has changed about the nature of DDoS attacks
    -Why your existing perimeter security tools may fail to protect you
    -How DDoS can be component of a full-blown attack campaign
  • Can a Certificate Improve Security? Recorded: Feb 24 2015 29 mins
    Security is a term commonly used in today's market place, but not all security is made equal. For many organizations, and for many vendors, security can mean many different things. Over the past few years a number of well-known brands and institutions have been breached despite having had a high level of assurance that their corporate security was more than good enough.

    So what's the answer? How can organizations prevent security breaches? Well while it may not be possible to completely prevent a breach, organizations can certainly make it difficult enough so that an attacker will go elsewhere. To that point, Public Key Infrastructure or PKI is an incredibly secure means of enhancing organizational security. Once considered by analysts as an obsolete technology, PKI is making a huge comeback, as we witness the huge rise in mobile workforces and the surge in IoT, PKI is a trusted solution proven over 20 years that can assure trust by assessing the authenticity of the multitude of devices that make up our interconnected world.

    Join us for this presentation where we will discuss the benefits of a PKI infrastructure, offer tips on considering how to implement one, and highlight areas where you can take advantage of PKI to greatly enhance the security of key corporate assets.
  • An Approach to Prioritize Threats for Government Agencies Recorded: Feb 24 2015 45 mins
    Government agencies face a constant stream of threats. Attackers are determined, frequent, and persistent. Equally confounding for the defender is an extraordinary set of options: security products and technology, training and certifications, vulnerability databases, risk management frameworks, threat intelligence feeds and alerts, and information sharing schemes. To effectively manage these threats, information security programs must be driven by prioritization.

    One way to approach this is by referencing a Threat and Vulnerability Management Maturity Model. Models like this help create an ongoing, repeatable, operational process to find relevant new information about attackers, assess the implications, make key decisions, and take action.

    Join us along with guest Geoff Hancock from Advanced Cybersecurity Group, as we talk about how to:

    -Mature and operationalize Threat and Vulnerability Management programs
    -Efficiently approach the Risk Management Framework
    -Establish well-defined processes, continuous monitoring, and risk assessments
  • AWS Security Fundamentals: Dos and Don’ts Recorded: Feb 24 2015 61 mins
    Enterprise-sanctioned application deployments on Infrastructure as a Service (IaaS) cloud platforms are fast becoming a reality. But while IaaS’s flexibility and cost-savings benefits are important, its success as a business solution hinges on its security.

    Presented by the renowned industry expert Dr. Avishai Wool, this technical webinar will cover security best practices for the Amazon Web Services (AWS) IaaS, including:

    • The AWS firewall: what is it, how it differs from traditional firewalls, how it works, and tips for how to use it based on your business and technical needs
    • AWS Security Groups: understanding them, recommendations for how to structure Security Groups to gain visibility and control of security polices effectively
    • Integrating AWS into your enterprise data center: recommendations for setup, organization and configuration considerations on AWS
    • Auditing and compliance: tools and techniques for tracking security policies across the hybrid data center
  • Will Drones Shoot Down Privacy? Recorded: Feb 24 2015 57 mins
    Drones are coming! Whether of the flying variety (quadricopters, etc.) or the driving variety (autonomous – i.e., self-driving - cars), they will soon be ubiquitous in the air and on our roads. However, there are a number of critical questions to be considered and resolved before we move into the is Brave New World. For example, are drones a threat to privacy?

    Jeff Kalwerisky, CTO of CPE Interactive and Stephen Wu, an attorney with Silicon Valley Law Group, will talk about how drones threaten privacy and more broadly the technological and legal issues arising from the manufacture, sale, and use of drones. Can companies be sued for selling or using drones? What laws bear on the use and sale of drones? This talk will cover technological and legal risk management methods companies can use to mitigate their privacy and liability risks.
Your Resource for Information Security Trends & Education
With over 200,000 members, the Information Security Community is the largest community of infosec professionals in the industry. Let's build a network that connects people, opportunities, and ideas. If you are involved in purchasing, selling, designing, marketing ... or using information security solutions - this group is for you. Covered topics include compliance, encryption, anti-virus, malware, cloud security, data protection, hacking, network security, virtualization, and more.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Living in a State of Cyber Insecurity - Advanced Targeted Attacks
  • Live at: Mar 14 2012 5:00 pm
  • Presented by: Aaron Sheridan, Sr. Systems Security Engineer
  • From:
Your email has been sent.
or close
You must be logged in to email this