Cómo evitar que la legislación retrase iniciativas empresariales
La adopción del software como servicio (SaaS por sus siglas en inglés) está avanzando mucho más rápido de lo esperado. Sin embargo, a medida que avanza la adopción del SaaS, las empresas se están dando cuenta de que deben también hacer frente a numerosas responsabilidades jurídicas y legislativas de cumplimiento con respecto a los datos. Estas responsabilidades representan un desafío, ya que no son fáciles de solucionar o, por otra parte, podrían ralentizar su adopción de aplicaciones SaaS y potencialmente también su capacidad de innovar.
• Cómo las empresas pueden sacar el máximo partido de las aplicaciones SaaS y, a la vez, cumplir con las complejas normativas referentes a los datos, sin que ello afecte la utilidad de la aplicación SaaS. También cómo proteger sus datos más confidenciales y beneficiarse de todas las ventajas de su aplicación SaaS sin entorpecer su funcionalidad, como por ejemplo, a la hora de buscar, organizar y reportar sus datos confidenciales.
• Diferentes métodos de ofuscación de datos como la “tokenización de los datos” y el “cifrado de los datos”; y los detalles para responder y demostrar su cumplimiento con las normativas referentes a los datos en los entornos SaaS.
• Si puede confiar en el cifrado de una aplicación de un proveedor de SaaS para cumplir con los requisitos normativos de su empresa relativos a los datos, concretamente cuando se cifran los datos únicamente estando almacenados. ¿Sabe cuáles son las implicaciones de implementar una administración de claves y quién controla las claves del cifrado?
RecordedNov 8 201660 mins
Your place is confirmed, we'll send you email reminders
Darren Thomson, EMEA CTO, Symantec and Dr Chris Brauer Goldsmiths University
Complexity, technological change, regulation and the growing power and resources are increasing the pressure on security professionals. Over half feel paralysed by the overwhelming volume of threat alerts, with a quarter saying the sheer volume of alerts makes it more difficult to keep their business safe. Over a quarter say they are vulnerable to avoidable incidents.
A brand new survey of over 3,000 cyber security professionals reveals that intense pressure is affecting decision making and increasing the risk of critical mistakes. Put simply, today’s constant state of high alert is unsustainable.
Join leading psychologist Dr Chris Brauer from Goldsmith’s College, University of London, and Symantec EMEA CTO Darren Thompson, as they present the survey findings, and analyse what they mean for organisations like yours.
Join this High Alert Summit and discover:
-What cyber security leaders and professionals really feel abut their roles in 2019
-How to build a plan to reduce stress and improve cyber security effectiveness
-Why the Symantec Integrated Cyber Defense Platform can help put your plan into action.
Securing Web Access & Protecting Data with Cloud-Delivered Enterprise Security
Increased cloud adoption, mobile device use, and the dramatic growth in the number of remote and home workers is putting pressure on existing security infrastructures.
In this environment, enterprise security teams are wrestling with questions like:
- How can I consistently enforce policies governing the use of the web and cloud?
- How can I effectively protect my users from web-based threats?
- How can I secure my sensitive data and comply with legal regulations?
Enterprises are turning to a comprehensive cloud-delivered security solution to tackle these challenges.
Join us to learn how Symantec’s Cloud Security Services can be leveraged to protect users, data and devices, addressing the challenges of the cloud generation.
Mentre il ransomware mostra i primi segni di declino, nuove forme di attacco sono pronte a prenderne il posto. I criminali si stanno orientando verso tecniche subdole con cui riescono ad agire inosservati, accrescendo il rischio per le aziende. Unisciti a noi per seguire le discussioni su queste tendenze e altri temi:
•Nel 2018 il declino di cryptojacking e ransomware ha coinciso con l'esordio del Formjacking. Le imprese, tuttavia, continuano a scontrarsi con il problema dei ransomware mirati.
•Oggi gli attacchi "living off the land" e alle supply chain sono divenuti un cardine del nuovo panorama delle minacce.
•Gli utenti del cloud si trovano a combattere su più fronti, dal rischio di perdere i dati dagli storage sul cloud alle vulnerabilità dei chip di basso livello.
•I gruppi di attacchi mirati mostrano un crescente interesse per gli obiettivi operativi, e sempre più gruppi adottano malware distruttivi.
Laurent Heslault, Directeur Stratégie Sécurité, Symantec France
Le ransomware montre quelques signes de déclin, mais de nouvelles formes d’attaques font leur apparition pour le remplacer. En s’appuyant sur des techniques furtives, les attaquants peuvent passer sous le radar, ce qui accroît le risque pour les entreprises. Suivez notre webcast pour en savoir plus sur ces tendances et bien d’autres :
•Le formjacking (ou piratage de formulaires) a fait une percée en 2018, tandis que le cryptojacking et le ransomware amorcent un déclin. Les entreprises continuent néanmoins de se heurter au problème du ransomware ciblé.
•Les attaques qui exploitent les ressources disponibles et celles qui visent la chaîne logistique sont désormais incontournables dans le paysage des menaces
•Pour les utilisateurs du cloud, les risques se multiplient sur plusieurs fronts, avec notamment les fuites de données à partir du stockage cloud et les vulnérabilités processeur de bas niveau.
•Les groupes menant des attaques ciblées montrent un intérêt croissant pour les cibles opérationnelles ; de plus en plus de ces groupes adoptent des malwares destructeurs.
We chat about a slew of stolen online account data found for sale on the dark web, malware targeting Macs, and container vulnerabilities. Also this week, we look at a Wi-Fi connected USB cable that can allow for remote attacks on targeted computers.
We discuss a bad week for cryptocurrencies, the new Google Chrome extension that will let you know if your password has been breached, why parents should be wary of kids’ smartwatches, and why we all should be wary of phone apps that promise to make you look beautiful. Plus, we chat about the experience of one Illinois family who felt the heat after their suite of Nest devices was hacked.
El nuevo panorama de las amenazas: Informe sobre amenazas a la seguridad en Internet 2019 (ISTR)
A medida que el ransomware está mostrando ciertas señales de debilidad, están emergiendo nuevas formas de ataque para ocupar su terreno. De hecho, las técnicas habilidosas de estos atacantes les permiten pasar desapercibidos, lo cual pone a las empresas ante un grave peligro. Únase a nuestro seminario web para comentar estas tendencias y mucho más, como por ejemplo:
•La amenaza de mayor impacto en 2018 fue Formjacking, mientras que el hackeo de criptomonedas y el ransomware mostraron ciertos signos de debilidad. Sin embargo, las empresas tienen que seguir enfrentándose al problema del ransomware dirigido.
•Los ataques del mundo salvaje y contra las cadenas de suministro son el pan de cada día del nuevo panorama de las amenazas.
•Los usuarios de la nube se enfrentan a diversos desafíos en múltiples frentes como consecuencia de las fugas de datos a partir de los almacenamientos en la nube y las vulnerabilidades de bajo nivel tipo chip.
•Los grupos que desarrollan ataques dirigidos muestran un interés cada vez mayor en los objetivos operacionales, constatándose un mayor número de grupos que emplean malware destructivo.
Are you storing sensitive data and running business-critical operations in AWS? The news is full of stories about data exposure and loss involving misconfigurations, misuse, or compromised accounts in AWS. Analysts are urgently advising organizations to get automated controls and centralized management in place to secure their IaaS operations.
As a result, IT organizations are increasingly looking for solutions that provide visibility, behavior monitoring, access controls, data security, and threat protection for AWS.
Join us to learn how to get security in place fast and the Top 5 things to consider when securing AWS.
Discover how Symantec CloudSOC CASB can help you:
- Monitor activity and security configurations
- Control access and prevent risky changes or privileged misuse
- Detect malicious insiders and compromised accounts
- Keep S3 buckets private and secure confidential data with DLP
- Defend S3 buckets from advanced malware threats
Anand Visvanathan, Director of Product Management, and LindaPark, Senior Manager, IaaS, Security & Compliance, Symantec
Cloud computing enables companies to be more agile and squeeze the inefficiencies out of the development cycle, such as procuring compute resources on demand rather than waiting for IT. But as companies move fast to deliver new products, security must move faster to keep up with new regulations and threats – or risk slowing down the business.
Cloud configuration errors can lead to gaping holes in cloud infrastructure deployments and present low hanging fruit for hackers. Security and DevOps teams need a proactive, automated approach to monitoring and securing their cloud management plane.
Join us for this informative webinar on how to achieve security compliance for public cloud Infrastructure-as-a-Service (IaaS) platforms such as AWS and Microsoft Azure.
During this webinar, you'll learn:
- Why traditional security monitoring tools cannot provide visibility into cloud compliance risks
- Why Security and DevOps teams need automated cloud security
posture management (CSPM) tools to remove compliance bottlenecks
- How to migrate your legacy infrastructure to the cloud without compromising security and compliance
Advanced phishing attacks and ransomware continue to plague organizations worldwide. Email continues to be the number one vector for malware, including ransomware, and users continue to be easily social engineered into opening phishing emails. What are organizations doing to prevent phishing attachs that can steal confidential data, including credentials?
Combating these threats requires a powerful combination of advanced protection and user security awareness. Join this webinar to learn about email threat isolation, a paradigm shift in the fight against phishing attacks and ransomware.
Viewers will learn more about how to:
- Isolate malicious threats in links and attachments to prevent malware payloads and credential theft.
- Pre-empt phishing attacks with real-world simulations and built-in user security awareness tools, tracking readiness over time
- Anticipate future campaigns with comprehensive security analytics gathered from previous attacks against your organization
- Fully secure your Office 365 or Google G Suite apps with integrated DLP and CASB for both advanced data and threat protection
In addition, see Symantec Email Threat Isolation in action, with a demo that showcases safe rendering of links.
Mike Chen, Tim Murphy, Robert Arandjelovic | Live Q&A with Karthik Ramakrishnan
Cyber security professionals are at a crossroads. The game has changed, and the bad guys are getting more aggressive and inflicting more and more damage on corporate assets—and reputations—worldwide.
Ransomware is through the roof, zero-day exploits are exploding, threats are hiding in encrypted traffic and email is riddled with malware. There is no perimeter anymore. Data, devices and employees are mobilized and traffic is increasingly going to the internet and cloud applications. So, the question now is, how do you protect a castle—by which we mean your enterprise—when the walls are tumbling down?
In this webinar we'll discuss:
- Why you should embrace cloud-based network security
- The tools you need to provide protection against a variety of attacks
- Why a proxy belongs at the center of your cloud service
- Cloud migration strategies
- Integrations that orchestrate defenses across control points and attack vectors
Deena Thomchick, Senior Director of Cloud Security, Symantec Linda Park, Senior Manager, IaaS Security & Compliance, Symantec
Organizations are using more cloud services for more business-critical activities. At the same time organizations face growing privacy regulations, a high rate of data loss (accidental exposures and breaches), and ever-increasing attacks on their cloud assets.
It is challenging to get the visibility and security you need to protect your Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS) clouds as cloud security offerings have been both limited in scope and fragmented across point products.
Discover what’s new and the best solutions for the most complete visibility, data security, threat protection and compliance management for your public cloud services with integrated cloud security.
Learn more about the latest innovations in cloud security for SaaS, PaaS, and IaaS, including:
- New Integrated Compliance Management for IaaS – the first Cloud Security Posture Management (CSPM) solution integrated with Cloud Access Security Broker (CASB) and Cloud Workload Protection Platform (CWPP) offering detailed compliance remediation.
- Fastest Acting Cloud App Security – the first API-based CASB that can remediate security issues in seconds, with new Fast APIs for Microsoft and Box.
- Broadest & Deepest Cloud App Coverage – CASB data security and threat protection for any cloud app, including custom apps.
- Best DLP and Threat Protection for IaaS Storage – Gartner Magic Quadrant leading Data Loss Prevention (DLP) and threat protection now integrated with Cloud Workload Protection(CWP) and Gartner Magic Quadrant leading CloudSOC CASB
Darren Thompson, Vice President and CTO EMEA, Symantec
Businesses today are learning that migrating to the cloud does not happen over night. It takes time and many businesses face the challenge of having to manage both on-premise and cloud solutions. Discover what’s driving businesses to transition to the cloud, the reality of today’s cloud, and best practices from the frontline.
Join Darren Thompson, Vice President and CTO in EMEA, as he walks the audience through “a day in the life of a cloud migration”.
Viewers will be able to learn more about:
- The drive to digital transformation
- Today's "Cloud reality"
- What businesses are up against
- Best practices from the frontline
Lee Neely, Mentor Instructor, SANS Institute and Mic McCully, Senior Solutions Consultant, Symantec
The ubiquitous use of mobile devices has radically changed the landscape of data protection and the abundance of applications only complicates the situation.
How, then, can mobile device data be protected? This webcast reviews the current and emerging services and practices designed to help secure and protect the data on these devices, and identifies areas where solutions are needed to fill the remaining gaps and provides recommendations for a holistic approach including mobile threat protection.
Join this webinar to learn more about:
- What role security tools such as analytics can play in managing mobile devices
- How mobile devices and data are currently protected and how effective those protections are
- Common attack vectors and possible mitigation strategies
- Features and capabilities that a solution should have to provide organizations with ideal mobile security and visibility
Robert Arandjelovic, Director Product Marketing, Symantec and Featuring Guest Speaker, Heidi Shey, Senior Analyst, Forrester
Traditional perimeters vanish as organizations move to the cloud and employees work in a world of both sanctioned and unsanctioned applications. Companies must rethink their approach to securing data in this new environment.
Join Robert Arandjelovic, Director Product Marketing, Symantec and Heidi Shey, Director Product Marketing, Forrester as they discuss:
- The inherent security challenges of cloud
- Security strategies and imperatives
- How organizations are approaching and need to approach cloud security today
Raj Patel: Vice President Cloud Platform Engineering, Symantec and Sameer Vasanthapuram: Partner Solutions Architect,AWS
There is a natural tension between decentralized, distributed DevOps and the traditional command-and-control approach of classic security management. When moving to the cloud, organizations must learn how to decentralize and democratize the security process.
Join Raj Patel, Vice President Cloud Platform Engineering, Symantec and Sameer Vasanthapuram, Partner Solutions Architect, AWS to learn how to automate security into the DevOps toolchain and strike a balance between agility and security in the cloud.
In this webinar we'll discuss:
-How DevOps and InfoSec teams can align to the new DevSecOps paradigm
-Why continuous compliance management is a new business imperative
-How to build security in to your Continuous Integration/Continuous Development pipeline
Symantec threat researcher Stephen Doherty joins us to discuss our recently published research into a wave of attacks against financial institutions in West Africa. We also discuss some new research that found that many free mobile VPNs could actually compromise people’s privacy, a hitman who was convicted thanks to evidence found on his smartwatch, and an embarrassing compromise of the ATLAS MMO game. Also this week, Russia is back in the headlines again, with the DNC revealing it was targeted once again by a spear-phishing campaign originating in Russia in November last, while Facebook also removed a number of “inauthentic” accounts that it says were based in Russia and involved in spreading misinformation on the social media platform.
Symantec protects information wherever it’s stored or accessed. from your company’s most important information to your family photos.Everything we do begins with what we’ve learned about keeping people’s information secure.
We operate a worldwide cyberintelligence threat network that positions us to proactively address where you’re most vulnerable. This network captures worldwide security intelligence data that gives Symantec analysts unparalleled sources of data to identify and analyse, to deliver protection and provide informed commentary on emerging trends in attacks, malicious code activity, phishing and spam.