Addressing BYOD Security and Compliance through Mobile Risk Management
The invasion of employee-owned devices, consumer-grade OS's, and unsanctioned mobile apps is exposing organizations to a new wave of security threats and compliance concerns. But the shift to a BYOD world also presents a unique opportunity to re-invent your endpoint security and data protection
The invasion of employee-owned devices, consumer-grade OS's, and unsanctioned mobile apps is exposing organizations to a new wave of security threats and compliance concerns. But the shift to a BYOD world also presents a unique opportunity to re-invent your endpoint security and data protection strategies with a greater focus on securing and managing the apps and the data, rather than the devices themselves, and providing employees with greater flexibility without compromising on security and compliance.
Join Dan Ford from Fixmo to learn about the following topics:
- Security and compliance impacts of BYOD
- Threats and vulnerabilities in iOS, Android and BlackBerry
- Preventing jailbroken OS's, policy hacking and other dangerous exploits
- Protecting your data on BYOD through an IT-controlled secure sandbox approach
- Mobile Risk Management as a strategic approach to security and compliance in a BYOD world
RecordedJul 12 2012
Your place is confirmed, we'll send you email reminders
Pierre Suhrcke (Pascal Capital), Deepak Dutt (Zighra)
- All goes mobile
- Cybersecurity Threats such as identity thefts , hacking on the rise
- Security the key success driver for FinTech and InsurTech
- What are the solutions?
- Overview of main players
- Can the industry win the battle against the fraudster?
- How does the future look like?
Every person on the planet has a mobile phone, but 2 Billion people are “Un-banked”.
Banks and telecoms are in a Gold Rush to bank the unbanked, but many obstacles remain. Money transfers are some of the most popular transactions made by both the banked and the unbanked. However, building trust in this new service is definitely a challenge.
Join this panel where discussion points will include:
-Who has the upper hand: Banks or Carriers?
-How can Fintech companies ensure trust and security when it comes to mobile money transfers?
-Global ISO Standards Authenticate ID and Asset Verification
-ISO Reduces Fraud and Speeds up Asset Transfers
-What are some of the security challenges new payment services are able to overcome?
-Are “Standards” emerging to reduce implementation and compliance costs?
-How do you create cross-border and Inter-bank/carrier transactions?
-How can banks and telecoms successfully bank the unbanked?
With more and more people using their phones to conduct business and make transactions, concerns around security have also increased.
During the session, we will discuss:
Is hardware security a thing of the past?
Will tokenisation solve security issues or introduce new problems?
How do you secure your app?
How do you balance security with convenience?
Will biometrics make secure solutions easier to use?
The end user perspective - are consumers driven by security or by trust?
Future outlook - are we heading in the right direction security wise?
John Morgan (Sales Representative), Jeff Melnick (Manager of Sales Engineering)
According to the Global State of Information Security Survey 2016, in 2015, the number of security incidents grew by 38% compared to 2014’s levels. Today, it is clear that traditional security measures are no longer as effective as they need to be and that even advanced techniques can be bypassed. Companies have realized the need to develop new security strategies that will help them address contemporary cyber-threats.
Join Netwrix experts John Morgan (Sales Representative) and Jeff Melnick (Manager of Sales Engineering) to learn how IT auditing helps solidify your security strategy. During the session, we will talk about:
• Today’s data breaches and security experts’ predictions;
• How auditing complements cyber-threat defense mechanisms;
• Proven recommendations for what should be audited and why.
Stick around for a live Q&A session for answers to your questions!
Don Smith, SecureWorks, Ian Glover, CREST & Peter Wood, First Base Technologies
The rise in targeted threats means that security teams must move beyond a general understanding of the threat landscape, to a detailed understanding of their own context and the ability to spot threats targeted at their specific organisation.
In a world of information-overload and an explosion in communication channels, how do you sift through the noise and identify true threats to your business?
•The challenges faced by organisations from the rise in targeted threats
•Limitations of security processes in protecting from targeted threats
•How to gain early visibility into the threats targeting your particular organisation
Don Smith leads the CTU™ Cyber Intelligence Cell: a team of experienced threat analysts who, through the application of established intelligence practices, deliver actionable and timely intelligence products on the threats most relevant to SecureWorks clients. Don also leads the CTU research team in EMEA.
Don joined SecureWorks in 2005 and, since then, has been instrumental in establishing a CTU presence in EMEA and building important relationships for SecureWorks in the region. His enthusiasm and threat expertise means that he regularly represents SecureWorks at industry events in EMEA. Don has 24 years’ experience in the IT industry and was previously responsible for security architecture and operations for a multi-billion enterprise, where he took a lead role in successfully integrating 14 acquisitions. He is a recognized subject-matter expert many areas of cybersecurity and advises SecureWorks and SecureWorks’ clients globally.
Sunil Choudrie, Solution Marketing and Paul Murgatroyd, Solutions Expert - Symantec
As recent high profile reports have shown, advanced threats are high on the security agenda. These complex attacks are defeating traditional defences and organisations need a different approach. Advanced attacks are exploiting people, technology and system vulnerabilities and to defeat this, you need an integrated approach. Point security products are not providing the required visibility: Security needs to evolve.
In this webcast, we discuss using customer examples, the nature of the new advanced threats, how to mitigate the impact of these attack, using advanced intelligence and correlation. And, should the worst happen, how you can be prepared with effective detection and recovery plans.
Patrick Grillo, Senior Director, Security Strategy
More and more solutions are crowding into the market but data breaches are still happening and there’s no end in sight. Is an over reliance of technology creating a false sense of “everything’s okay”? This session will focus on the three key aspects of comprehensive advanced threat protection; technology, awareness and in particular the role of threat intelligence.
Today’s threat environment is too complex and there is no way to prevent infection in the organization. The question now is how are you handling the threats already in your network? The presentation will focus on the changing security mindset; from ‘keep them out’ to ‘they’re in! Find them and deal with them.’ We will present the most advanced deception and detection technologies aimed at minimizing the time between infection and resolution, along with lessons learned from real-life deployments.
Distributed Denial of Service (DDoS) Attacks are a real threat for today’s organizations. Current trends indicate that these attacks are becoming increasingly more sophisticated, persistent and larger in scale, causing potential damage to your revenue, brand and productivity. Is your organization prepared for the next evolution of DDoS attacks?
Join Nishit Sawhney, Director, Product Management, Verisign to learn about the latest DDoS attack trends including attacker behavioral shifts, attack vectors and increased attack sizes. Nishit will also dissect a real-world example of a recent DDoS attack and best practices on how to prepare and defend against increasingly complex and sophisticated DDoS attacks that can overwhelm even the best equipped systems.
Every year, enterprises spend record levels of money on new IT security technology – yet major breaches and compromises are more prevalent than ever. The concept of “layered security” – in which enterprises support a wide variety of security technologies in order to discourage attackers – doesn’t seem to be working.
It’s time to rethink IT security – not just the technology, but the way enterprises approach it from a strategic, architectural perspective. There are ways for organizations to build a comprehensive set of defenses – a security architecture – that can not only discourage attackers, but actually prevent them from penetrating your IT environment.In this webcast, you will learn some of the basics of building a next-generation IT security architecture, including:
How the foundational architecture of a next-gen firewall and security platform “matters” in enabling the business, and protecting it against a wide variety of attacks.
How the architecture enables unique and specific security scenarios.
How the architecture supports a prevention-oriented approach.
Patrick Grillo, Senior Director, Security Solutions, Fortinet
IoT is everywhere these days and like most new and shiny things our attention is focused on its coolness factor.
However, behind that pleasing and shining exterior lurks a potentially devastating menace. In the rush to bring product to market, very few if any manufacturers are security conscious, and as more and more of these products are deployed in the enterprise, the risk of a successful network breach increases exponentially.
This session will focus on the potential dangers with IoT and look at the question of how and why IoT security is different from traditional IT security.
Jonathan Bailey, Rami Essaid, Katie Sunstrom, Orion Cassetto
Web scraping - the process of using bots to systematically lift content from a website - is either loved or hated. Startups love it because it’s a cheap and powerful way to gather data without the need for partnerships. Large companies use web scraping to gain competitive intelligence, but try to block others from doing the same. However, new legislation and high profile court cases have called into question the legality of web scraping.
In this lively conversation, diverse panelists will discuss the origin of web scraping, the changing legal landscape, and the legal and technical best practices for protecting your website content.
The discussion on privacy and security of mobile devices has become an explosive topic. With the Snowden revelations leading the way and mobile vulnerabilities like Stagefright and XcodeGhost following behind, the question of is it necessary or even possible to secure voice and data on mobile devices remain the subject of hot debate. With the focus of attackers shifting to these devices, organizations need to be ready to protect their employees and themselves.
This seminar examines the security risks associated with mobile computing devices and infrastructures, and suggested controls for mitigating those risks. It examines the key guidelines from NIST and other organizations and the best practices for mobile security.
Dynamic analysis of android apps is all about analyzing apps in real time, for the purpose of detecting application level vulnerabilities and for the sake of manipulating applications while they execute. It is often used as a last resort due to its complexity, when other pentesting techniques mainly focused on static analysis are not enough. Common usages of dynamic analysis are extraction of sensitive data from application memory variables, stealing encryption keys, manipulating signature mechanisms and so on.
During this talk we will focus on memory dumps, remote debugging, small debugging, native debugging, usage of ReFrameworker platform and other interesting things.
This talk is based on a similar chapter as part of the Android application hacking course given by the speaker at recent BlackHat USA 2015
Today's workforce is mobile, with employees demanding access to more resources from more remote devices and platforms than ever before. Global networks connect employees, partners and customers over multiple Internet, intranets and VoIP channels. Even the smallest organization is now competing globally. IT organizations are struggling to keep up with mobile worker demand for access to more resources from more device types without compromising security and data.
Join this panel discussion where info security leaders Florian Malecki and Amar Singh will be covering how you can get ahead of the next wave of mobile access and security challenges.
Most organisations are surprised by the ease with which social engineering defeats their security. The human factor provides a simple and effective route to bypass even the best hardware and software security controls, yet is commonly overlooked or considered too difficult to solve. Peter will share a number of real examples to reinforce his opinion: as more and more data breaches are published, perhaps it’s time to become creative and strengthen the human firewall.
Your Resource for Information Security Trends & Education
With over 280,000 members, the Information Security Community is the largest community of cybersecurity professionals in the industry. Let's build a network that connects people, opportunities, and ideas. If you are involved in purchasing, selling, designing, marketing ... or using information security solutions - this group is for you. Covered topics include compliance, encryption, anti-virus, malware, cloud security, data protection, hacking, network security, virtualization, and more.