Hi [[ session.user.profile.firstName ]]

The State of IT Security and GRC in 2012

At this year's San Francisco BSides conference, BrightTALK gathered together thought leaders in the fields of IT security and GRC to get their perspectives on the challenges and opportunities facing their communities and industries in 2012.

After a series of enlightening interviews we've decided to bring the thought leaders back for an in-depth discussion. Join us for what will be a lively conversation among the top minds in their fields on cloud security, BYOD, PCI compliance and the GRC challenges that apply across them all.

The Panel:

Ron Ross, Computer Scientist, NIST Fellow (moderator)
Anton Chuvakin, Research Director, Gartner
Andrea Hoy, Director - International Board, ISSA International
Dr. Said Tabet, Chair of GRC-XML Project, OCEG
Recorded May 1 2012 63 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Ronald Ross, NIST; Anton Chuvakin, Gartner; Andrea Hoy, ISSA; Dr. Said Tabet, OCEG
Presentation preview: The State of IT Security and GRC in 2012

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • The 2017 Threatscape Dec 6 2016 2:00 pm UTC 45 mins
    Steve Durbin, Managing Director, ISF Ltd
    more info coming soon
  • Privacy vs. Security Oct 11 2016 1:00 pm UTC 45 mins
    Steve Durbin, Managing Director, ISF Ltd
    more info coming soon
  • Are you ready for the notification requirements of upcoming EU Legislation? Sep 23 2016 1:00 pm UTC 45 mins
    Danielle Kriz, Sr Director, Global Policy at Palo Alto Networks and Aravind Swaminathan Global Co-Chair, Orrick
    Doing business in the European Union is changing. By May 2018, companies must comply with the new General Data Protection Regulation’s (GDPR) data breach notification requirements and the Network and Information Security (NIS) Directive’s security incident notification requirements.

    Notification requirements make it imperative to prevent incidents before they happen. To help you prepare for these new requirements, Palo Alto Networks is hosting a webinar with cybersecurity and data privacy lawyers from Orrick Herrington & Sutcliffe to discuss:

    · What are the requirements and the deadlines under each law?
    · What are the thresholds for notification, and who needs to be notified?
    · How should companies prepare for their oncoming obligations? What strategies should be in place? What have other international companies done to prepare and communicate?
    · What might be the legal consequences of non-compliance?
  • State-of-the-Art Security Framework for Breach Prevention Sep 22 2016 2:00 pm UTC 60 mins
    Gregory Albertyn, Sr Director Cybersecurity & Privacy at PwC, Simon Mullis, Global Technical Lead GSIs at Palo Alto Networks
    Traditional approaches of detecting and remediating threats are becoming increasingly inadequate to effectively manage risk in today’s cyber threat landscape.

    Join a live webinar and Q&A to learn how PwC and Palo Alto Networks have formed a strategic partnership to help more customers achieve cyber resilience.

    The webinar will introduce

    •The emerging regulatory landscape that is driving the need for organizations to redesign their incident response and data compliance programs
    •A state-of-the-art security framework that serves as a guide for organizations to assess, develop, and implement a breach prevention security posture.
    •Recommended security architectures, organizational structures, and computing processes that enable breach prevention.
    •Live Q&A with cybersecurity experts from PwC and Palo Alto Networks, for practical insights and real world experiences.
  • Are you safe against threats with cyberinsurance? Sep 22 2016 12:00 pm UTC 60 mins
    Fred Streefland, Leaseweb Global and Dharminder Debisarun, Palo Alto Networks
    The cynical would suggest that cyber insurance is growing as some look for a cheaper route to manage risk. However many see the cyber insurance industry as potentially the new enforcer of good security practices.

    Palo Alto Networks customer Leaseweb is an organization that recently purchased cyber insurance. We invite you to join us on Thursday September 22 for an interview with Fred Streefland, IT Security Manager at Leaseweb Global. Palo Alto Network’s Dharminder Debisarun interviews him to learn more their decision to purchase cyberinsurance. You will hear what is generally covered and how it can be part of a prevention strategy. There will also be a chance to answer questions at the end of the session.
  • CASB Cases: How Your Peers are Securing Cloud Apps Sep 21 2016 5:00 pm UTC 60 mins
    Amish Kohli (Solutions Engineer, Bitglass)
    While cloud apps offer many benefits over premises-based apps, data security and compliance remain challenges. Unmanaged devices, unauthorized access, and unsanctioned apps are all significant threats that increase the risk of data leakage. To mitigate these threats, IT leaders have turned to Cloud Access Security Brokers (CASBs) to protect data across apps.

    In this webinar, we explore the core capabilities of CASBs, from contextual access controls to mobile data protection. We will also discuss real-world CASB deployments and how major organizations are leveraging these solutions to protect data end to end, from cloud to device.
  • Accelerating Digital Transformation through next generation security Sep 21 2016 8:30 am UTC 45 mins
    Greg Day, Chief Security Officer EMEA at Palo Alto Network
    Digital Transformation is the primary driver of business innovation for the rest of this decade. But security is in danger of being left behind, as mobile, big data and cloud solutions go mainstream. Security is often seen as the blocker to innovation, so businesses avoid talking to security professionals until it’s too late. A disregard for security exposes the business to risk at a time when data protection compliance regimes are tightening. This session shows how organizations can deploy next generation security approaches to accelerate digital transformation while increasing security and reducing risk.
  • Addressing The Challenges of the EU GDPR 2016 Sep 8 2016 1:00 pm UTC 60 mins
    Jonathan Armstrong: (Cordery Compliance), Florian Malecki; (Dell) & Luke Shutler (Absolute Software)
    The webinar will enable you to hear from an independent Legal Specialists on the real challenges and impacts of the EU GDPR and then the webinar will demonstrate how Dell & Absolute can support your business in overcoming these challenges.

    The webinar will focus on:
    • Implement a seamless, connected security strategy that works across the organisation, from device to data centre to cloud
    • Prove that a lost device is inoperable or has had its data completely wiped
    • Gain visibility of data breaches and contain and eradicate threats
    • Eliminate the blind spots between networks, identity and access management, data encryption, endpoint security and security managed services
    • Enable security decisions based on intelligence that takes into account user, content, location and context
  • Cybersecurity Risk: Addressing the Human Factor Sep 7 2016 5:00 pm UTC 45 mins
    Kirsten Liston, SVP Product & Market Strategy at Threat Ready Resources
    The majority of security breaches are due to attackers getting a hold of compromised credentials. Join this talk and learn the security risks associated with human errors, and how to minimize your organization's risk exposure.

    This presentation will cover:
    - Why it's crucial to train employees to recognize and defend against cyber threats
    - What many training initiatives get wrong
    - How you can leverage the science of learning to create engaging training that changes behavior
  • Are you having a mare with Ransomware? Sep 7 2016 2:00 pm UTC 45 mins
    Paolo Passeri, Consulting Systems Engineer Security at OpenDNS
    Ransomware has become a common and dramatic problem and the recent waves of attacks are demonstrating that new variants emerge each day in what seems an endless arms race where the attackers seem to prevail.

    However, even if the attack vectors are increasingly complex, the attackers cannot conceal themselves as the infrastructures used to launch these campaigns, despite extremely volatile, exploit elements of the internet, such as IP and domains, that cannot be hidden.

    Monitoring large scale data allows to identify these infrastructures, where attacks are staged, and to enforce a new predictive security model particularly effective against Ransomware.
  • Why visibility is a crucial part of any security strategy Sep 7 2016 2:00 pm UTC 45 mins
    Peter Smith, Regional Sales Manager - Europe & Russell McDermott, Sales Engineer, Netwrix
    With a recent increase in high-profile security breaches and compliance violations, traditional security mechanisms, such as firewalls, IDS, and antivirus are no longer enough to defend against external attackers, and insider threats. By having increased visibility into internal changes, configurations, access events, and permissions across the IT infrastructure, organizations can far more effectively defend against such attacks.

    So, please join our local auditing and compliance team from Netwrix, Pete Smith (Regional Sales Manager Europe) and Russell McDermott (Pre-Sales Engineer) and see how Netwrix Auditor can unlock the door into possible breaches in your IT environment.

    From our brief session you will learn:

    • How deeply security breaches and data leaks are really effecting organizations
    • How to protect your data from the insider threats
    • How to have “peace of mind”, and achieve complete visibility of your IT infrastructure
  • Exploring Russia’s Cyber Operations Sep 7 2016 1:00 pm UTC 45 mins
    Dan McWhorter, Chief Intelligence Strategist at FireEye
    Russia has a long history of utilising cyber actions to accomplish their information operations and national security goals. Organisations in Europe – in the private and public sector – are a top target of Russia-based cyber activity for espionage and crime. This talk will cover how some of Russia’s recent cyber actions were conducted, and it will highlight how well Russia has embraced the opportunities cyber provides when it comes to national security and foreign policy objectives. Dan McWhorter, Chief Intelligence Strategist at FireEye, will also discuss why organisations need to take note of these activities in Russia and steps to ensure your organisation is able to defend against these threats.
  • Data Protection 101: Follow and protect your critical data, wherever it lives Sep 7 2016 10:00 am UTC 45 mins
    Sunil Choudrie, Global Solutions Marketing Manager
    When it comes to your sensitive data, how can you be sure that it is protected and none of it is leaving your environment?

    Organizations today face the following challenges:
    •Identifying the type of data that needs to be protected
    •Controlling access to data & ensuring identities aren’t exposed, especially in the face of significant regulatory fines
    •Prevent sensitive data from leaving the organization, mega-breaches & data loss is increasing year on year. Over half a billion personal records were stolen or lost in 2015, spear phishing campaigns targeting company employees increased by 55% in 2015

    Answer: Firstly allow the right people to access the right data, anywhere, by controlling access, monitoring its flow, and keeping it out of the wrong hands. Secondly Easily apply policies to control access and usage―in the cloud, on mobile devices, or on the network.

    Join Symantec for a webinar on the lessons learned regarding data protection across the many applications in your environment.
  • Network security, seriously? 2016 Network Penetration Tests Sep 7 2016 10:00 am UTC 45 mins
    Peter Wood
    The results of all the network penetration tests conducted by the First Base team over the past year have been analysed by Peter Wood. The annual review covers clients in a variety of sectors including banking, insurance and retail. This presentation identifies the most common vulnerabilities, how they can be exploited and the consequences for each business. Learn in detail how criminals can take advantage of these weaknesses and how you can secure your networks using straightforward techniques.
  • Experts show how hackers perform web attacks which kills your site ranking Sep 6 2016 3:00 pm UTC 45 mins
    Leon Brown - Product Marketing, Symantec Website Security & Avishay Zawoznik - Security Researcher, Imperva Incapsula
    After a brief introduction to the world of SEO, we will dive into the different types of web application attacks and manipulations that are made to either degrade your competitor’s ranking or raise your own.
  • 2016 Threat Analysis: Learning from Real-World Attacks Sep 6 2016 1:00 pm UTC 45 mins
    Matt Webster, CTU Security Researcher, SecureWorks
    SecureWorks® incident responders assist hundreds of organisations annually with the containment and remediation of threats during suspected security incidents.

    Visibility of these incidents provides the SecureWorks Counter Threat Unit™ (CTU) research team with a unique view of emerging threats and developing trends. This Threat Intelligence is then continuously provided to clients, arming them with the information they need to stay one step ahead of adversaries trying to compromise their networks.

    In this webcast Matt Webster, CTU Security Researcher, will discuss developments in the threat landscape observed through SecureWorks’ Incident Response engagements from April to June of 2016, including;

    - Key developments of the APT threat
    - Criminal cyber threat trends
    - Developments in Ransomware

    Matt will also discuss observations of how the affected organisations could have better prepared for the threats they encountered.
  • Social Engineering - Are you the weakest link? Aug 30 2016 1:00 pm UTC 60 mins
    Greg Iddon, Technologist, Sophos
    Social Engineering has been around for as long as the crooks have but in a modern online world, running a con game has never been easier. And that’s why we need to be savvy.

    A social engineer can research you on Facebook and LinkedIn; read up about your company on its website; and then target you via email, instant messaging, online surveys…and even by phone, for that personal touch. Worse still, many of the aspects of a so-called “targeted attack” like this can be automated, and repeated on colleague after colleague until someone crumbles.

    Greg Iddon will take you into the murky world of targeted attacks, and show you how to build defences that will prevent one well-meaning employee from giving away the keys to the castle.
  • BrightTALK Network Security & Hacking Preview Recorded: Aug 24 2016 3 mins
    Various
    This September BrightTALK will be hosting some of the industry's leading cyber speakers as they discuss Network Security & Hacking.

    Click below to register for the Summit:

    https://www.brighttalk.com/summit/3453
  • Beyond the Sticker Price: Factors Impacting the Total Cost of Ownership of SIEM Recorded: Aug 24 2016 36 mins
    Michael Suby, Vice President of Research at Frost & Sullivan
    Unfortunately many organizations today are losing the race against the hacker community by a large margin. As noted in the Verizon 2016 Data Breach Investigation Report, the percent of compromises that transpired in “days or less” has risen from 67% to 84% over the last 10 years. Over this same time period, the percent of compromise discoveries that occurred in “days or less” also improved, but not enough to narrow the time gap between compromise and discovery. In other words, the bad guys are accelerating their exploits faster than the good guys are accelerating their ability to discover.

    The path to narrowing the time gap between compromise and discovery, and then neutralising business-impacting incidents, is through a comprehensive and mission-oriented Security Information and Event Management (SIEM). A well-designed SIEM not only advances security objectives, but it also works to direct personnel and process for maximum impact. With limited resources and a rising number of attacks, not all solutions are created equal. You need to ensure they are getting the best bang for your buck.

    In this webinar, Michael Suby, vice president of research at the global research and consulting organization Frost & Sullivan, will discuss the factors that contribute to SIEM’s total cost of ownership.

    You’ll learn:

    • How to calculate the total cost of ownership of a SIEM
    • The basic functionality that every SIEM should have to confidently breeze through preliminary activities
    • The SIEM attributes that will have a lasting impact on your organization’s cost efficiency in effectively managing risk

    Join us to learn the features that should be on the top of your scorecard when evaluating a SIEM for either first-time deployment or replacement.
  • Simplify Your Google Apps Collaboration and Management with IDaaS Recorded: Aug 18 2016 44 mins
    Nathan Chan, Solutions Architect at OneLogin
    Google Apps for Work is a preferred solution for productivity and collaboration in the modern enterprise. But with a large suite of tools, proper provisioning and maintenance is anything but easy. Attempting to roll out Google Apps to the right users with the right access often results in over-extended IT resources, delayed employee on- and off-boarding, and misallocated access to key documents and data.

    It doesn’t have to be this way. Hundreds of organizations are using OneLogin’s best-in-class directory integrations to achieve faster Google Apps time-to-value and on-going application security and automation.

    Join OneLogin for an informative webinar designed to get you through the most complex of Google Apps deployments.
Your Resource for Information Security Trends & Education
With over 280,000 members, the Information Security Community is the largest community of cybersecurity professionals in the industry. Let's build a network that connects people, opportunities, and ideas. If you are involved in purchasing, selling, designing, marketing ... or using information security solutions - this group is for you. Covered topics include compliance, encryption, anti-virus, malware, cloud security, data protection, hacking, network security, virtualization, and more.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: The State of IT Security and GRC in 2012
  • Live at: May 1 2012 5:00 pm
  • Presented by: Ronald Ross, NIST; Anton Chuvakin, Gartner; Andrea Hoy, ISSA; Dr. Said Tabet, OCEG
  • From:
Your email has been sent.
or close