Hi [[ session.user.profile.firstName ]]

Applying the Top 20 Critical Security Controls to the Cloud

The 20 Critical Security Controls for Effective Cyber Defense (the Controls) is a list of best practices guidelines for IT security, developed and maintained by hundreds of security experts from across the public and private sectors. The list gives practical, actionable recommendations for cyber security, but do you best apply these guides to the new reality of cloud-based or virtualized infrastructures?

Attend this webcast to learn:
- Which Controls are particularly vital to cloud security
- Real-life examples of how the Controls can be implemented
- Tips for measuring your organization’s security practice against the Controls
Recorded Dec 10 2014 47 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Bart Westerink, CloudPassage, Director of Security and Compliance
Presentation preview: Applying the Top 20 Critical Security Controls to the Cloud

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • The 2017 Threatscape Jan 6 2017 3:00 pm UTC 45 mins
    Amar Singh
    There is only one threat that you need to fight and conquer in 2017. We can write a few lines about how threats are changing or about the dynamic threat landscape. However, let’s spare you the pain of reading the same old blurb and instead let’s do the right thing and share with you the one single, biggest threat facing every single business. It’s been around forever however in 2017 exploiting this threat is most certainly going to cause increased financial pain and reputation damage.

    Join Amar Singh, CEO of Cyber Management Alliance and founder of the Insights with Cyber Leaders series and other distinguished cyber leaders as they lay bare the severity of this threat.

    Note: 30 Minutes webinar only with 15 minutes of interactive questions from the audience at the end.
  • Redefining Endpoint Incident Response with Behavioral Analysis Dec 15 2016 7:00 pm UTC 60 mins
    Michael Angelo Vien, CounterTack Cyber Response Expert
    Cybersecurity teams and incident responders struggle to gather the most accurate intelligence on threats, and targeted, specific security incidents. Teams need technology to drill down into information on incidents, often to respond quickly, and in doing so, determine root cause.

    Is it malware? Are there other indicators that you are blind to? Are your systems maligned with attack residue that you can’t analyze in-memory?

    The art of incident responses contains three key components typically:

    1)Understanding your threat landscape to the point where you can effectively begin to eradicate threats quickly and with confidence
    2)Determining through deep investigation the root cause of security incidents, and the broader impact incidents that are not triaged
    3)Applying forensic-level analysis to add a layer of intelligence based on what was found, and what can be predictably analyzed

    CounterTack delivers incident response capabilities built for analyzing today’s threats, and for drilling down forensically into incidents that might stem from varying levels of malicious code associated with malware and other IOC’s. Leveraging behavioral traits and predictive analytics through its solutions, CounterTack is dedicated to continually improving IR for organizations globally.

    This webinar will feature key trends on how the discipline of incident response has shifted toward needing more definitive analysis. The presentation will convey a few real-world use cases, leveraging CounterTack technology across multiple common and uncommon types of threats from a forensic point of view, so attendees can learn new techniques to elevate their IR workflow.

    As a takeaway, we’ll leave you with an endpoint IR checklist and a set of best practices, and a special incentive to acquire Responder PRO for detailed incident investigation.
  • When Things Misbehave: How to Mitigate Massive DDOS Attacks Dec 13 2016 6:00 pm UTC 45 mins
    Moshe Elias, Director of Product Marketing and Scott Poretsky, AVP Solutions Architect
    The Distributed Denial of Service (DDoS) attack launched Friday, October 21, against Dyn - one of the largest managed DNS infrastructure providers - was the most destructive attack to date launched from an IoT botnet. The threat of mega attacks launched from infected connected devices is now a reality that dramatically changes the paradigm for mobile and fixed operators whose core infrastructure is susceptible to global attacks that are large enough to significantly disrupt subscriber quality of experience (QoE).

    Join us in this webinar to learn:
    •The impact of IoT driven DDoS mega attacks
    •Architectural approaches to volumetric DDOS mitigation
    •How to measure and maintain subscriber quality of experience during an attack
  • It’s My Life but I no Longer Have Control Over it! Recorded: Dec 8 2016 49 mins
    Gavin Chow, Network and Security Strategist
    We all know that technology plays a role in our everyday life but do you know the extent of that role? Advertising tells us to spend more and more of our life online and embrace technology in our homes, cars and everywhere else a microchip can be placed.

    But nowhere is there a message about the consequences of the misuse of that technology. 2016 has seen a rise in the number of incidents involving ransomware, IoT, and simply well intentioned connectivity gone wrong. That momentum is set to continue into 2017 and beyond.

    Although past performance does not guarantee future results, this session will focus on what we have seen this year and what we expect to see in the near future.
  • Talking to the Board About Cyber Risk – A Metrics-based Approach Recorded: Dec 7 2016 48 mins
    Ariel Evans, CEO, Innosec
    The rise of attacks resulting in huge business losses have brought cyber security into the board room. Prior to the Target breach, the board of directors was not very interested in cyber security. However, things have changed, and we see more and more CISOs reporting into the CRO, CFO, or CEO and not the CIO. Put simply, if you report into the board more than once or twice a year you have to be speaking their language.

    Cyber breaches have impactful results. In 2015, Target’s CEO Gregg Steinhafel, a 35-year employee of the company with the last six at the helm, was forced to resign in light of the recent holiday-season credit-card security breach that affected 40 million customers.

    As a result, we are seeing a major shift in corporate cybersecurity policy. The board of directors is no longer interested in check box compliance. They are understanding their role much better. They are responsible to ensure that cyber controls are in place that protect business assets of the firm in alignment with their risk tolerance.
  • Insider Threats and Critical Infrastructure: Vulnerabilities and Protections Recorded: Dec 7 2016 41 mins
    Lydia Kostopoulos, PhD, Principal Consultant - Cybersecurity (Human Risk), @LKCyber
    As the sophistication of encryption and technical defences rises each year, so do the attacks against the people in organizations. Hence the rise in PICNIC = Problem In Chair, Not In Computer.

    This session gives an overview of the latest insider threats facing critical infrastructures and how they can compromise air-gapped networks. It provides proactive, preventative and defensive measures to manage the risk, and concludes with a discussion of the responsibilities organizations who manage critical infrastructures have to support national security, the well-being of society and economic prosperity.
  • Make 2017 a Year of Countering the Evolving Threat Landscape Recorded: Dec 7 2016 37 mins
    Josh Goldfarb, VP, CTO - Emerging Technologies, FireEye, Inc.
    Tis the season of predictions looking ahead to 2017 and paying lip service to the threat landscape. Not a fan of either of those? You’re not alone. Join FireEye in this BrightTalk webinar where we’ll discuss more than just the threats that may or may not be awaiting us in 2017. We’ll discuss real attacker tactics and techniques, along with how you can actually counter the risk they present.
  • 2017 Threat Landscape: Increased Sophistication, or More of the Same? Recorded: Dec 7 2016 45 mins
    SecureWorks Counter Threat Unit Research Team
    As 2016 draws to a close, security professionals worldwide will be left pondering another year of publicised breaches, vulnerabilities and threats. So what are the key takeaways and how can global security events from the past 12 months inform your plans for 2017?

    We’ve asked a panel of experts from the SecureWorks Counter Threat Unit (CTU), our highly-trained team of experienced security researchers, to paint a picture of threat actors and their tradecraft across the globe by sharing their views on 2016’s most significant security events. The panel will end the session by providing actionable insights and recommendations for organisations to factor into their security strategy in 2017.

    Join this exclusive webcast to gain CTU insight on the following topics and more:

    - eCrime trends including the rise of ransomware, business email compromise and the Mirai IoT botnet activity
    - Nation state sponsored threats and whether organisations are set up to defend against them
    - How organisations can use threat intelligence gathered in 2016 to improve security
  • [Video Interview] The Cyber Year in Review: Troels Oerting, CISO, Barclays Recorded: Dec 7 2016 21 mins
    Troels Oerting, CISO, Barclays & Josh Downs, Community Manager - Information Security, BrightTALK
    Join this engaging session as BrightTALK conducts an in-depth interview with Troels Oerting, CISO, Barclays.

    It's been a crucial year for cyber security with big breaches and newsworthy hacks. BrightTALK's Information Security Community Manager Josh Downs will be quizzing Troels for his thoughts on the cyber security industry and in particular:

    - The big breaches of 2016 and lessons to be learnt
    - The current threatscape
    - The big vulnerabilities on the horizon
    - Troels's insights into how to keep your company secure in 2017

    We look forward to you joining us for the session.
  • The Threat Landscape – Cybersecurity Trends in 2016 and Beyond Recorded: Dec 7 2016 45 mins
    Sian John (Chief Strategist) - Symantec
    We’re starting to see the refining of techniques that have been built over a number of years. The past 5 years have been dominated by ransomware and economic espionage. While they haven’t gone away, cybercrime has gotten bigger and bolder and the financial rewards have gotten much bigger. Cyber attacks have also started to become a part of the political landscape which has been particularly evident during US election where we have seen them being used for subversive purposes.

    This webcast will review the threat landscape of 2016 with a focus on what we need to remember as we move into 2017.
  • It’s My Life but I no Longer Have Control Over it! Recorded: Dec 7 2016 45 mins
    Simon Bryden, Consulting Systems Engineer
    We all know that technology plays a role in our everyday life but do you know the extent of that role? Advertising tells us to spend more and more of our life online and embrace technology in our homes, cars and everywhere else a microchip can be placed.

    But nowhere is there a message about the consequences of the misuse of that technology. 2016 has seen a rise in the number of incidents involving ransomware, IoT, and simply well intentioned connectivity gone wrong. That momentum is set to continue into 2017 and beyond.

    Although past performance does not guarantee future results, this session will focus on what we have seen this year and what we expect to see in the near future.
  • [Video Interview] The Cyber Year in Review: Ian Glover, President, CREST Recorded: Dec 6 2016 28 mins
    Ian Glover, President, CREST & Josh Downs, Information Security Community Manager, BrightTALK
    Join this engaging session as BrightTALK conducts an in-depth interview with Ian Glover, President of CREST.

    It's been a crucial year for cyber security with big breaches and newsworthy hacks. BrightTALK's Information Security Community Manager Josh Downs will be quizzing Ian for his thoughts on the cyber security industry and in particular:

    - The big breaches of 2016 and lessons to be learnt
    - The current threatscape
    - The big vulnerabilities on the horizon
    - Ian's insights into how to keep your company secure in 2017

    We look forward to you joining us for the session.
  • The 2017 Threatscape Recorded: Dec 6 2016 39 mins
    Steve Durbin, Managing Director, ISF Ltd
    The pace and scale of information security threats continues to accelerate, endangering the integrity of trusted organisations. Although cyberspace offers opportunities for leading organisations, this environment is uncertain and potentially dangerous. It is a place where hacktivists and cybercriminals are honing their skills and governments are introducing new regulation and legislation in response to major incidents and public concerns. Organisations are forced to continually adapt and rapidly respond.

    In this webinar, Steve Durbin Managing Director at the ISF, will discuss the rapidly changing threat landscape, identify the key cyber challenges for 2017 and suggest ways of managing the associated risks.
  • [Cybersecurity] Our Indigenous Apps: Securing Critical Business Data Recorded: Dec 6 2016 29 mins
    Senior Security Consultant, Christopher Cooper
    Despite the rise of the cloud and increased reliance on web applications, native desktop applications are still highly relevant and often the delivery method of choice in enterprise IT. As penetration testers, we still see a number of very poorly architected native applications being used to protect extremely sensitive information.

    This webcast will discuss some of the core issues relating to native desktop applications, why they are so frequent, and the severe impact that their insecurity can cause.

    In the 2017 threat landscape, we propose that these flaws are not going away, and the industry isn't currently in a position to help developers resolve them effectively.
  • Akamai Q3 2016 State of the Internet Security Report Recorded: Dec 6 2016 34 mins
    Jay Coley, Senior Director, Enterprise Security Architecture, Akamai Technologies
    Akamai sees more than 2 trillion Internet interactions every day and mitigates 40 – 50 DDoS attacks every month. Our security experts analyse this information and share trends, observations, and findings in the quarterly State of the Internet Security report.

    Join Jay Coley, Senior Director, Enterprise Security Architecture at Akamai Technologies for an overview of what we found after analysing data from Q3 of 2016.

    Key topics covered will include:
    · Why DDoS of over 100 Mbps increased over the past quarter
    · Which country is the new leader for most sourced Web application attacks
    · Tactics Akamai used to mitigate two of the largest DDoS attacks we’ve seen
  • Live Demo: Advanced Endpoint Protection Recorded: Dec 2 2016 53 mins
    Christiaan Groenhof, Inside Systems Engineer at Palo Alto Networks
    Attackers are getting more targeted and advanced, deploying unknown exploits and unique malware that current day endpoint security is not equipped to prevent or even detect. Existing approaches simply can’t protect against these attacks because they don’t have known signatures, known strings –and in many cases, no previously known behavior-so they go straight through, resulting in compromised endpoints waiting for detection and remediation to step in, which is too little too late.

    Palo Alto Networks Advanced Endpoint Protection is a complete paradigm shift from detection remediation to pure prevention, designed to close the door on these threats, which manage to evade detection by network-based security or take advantage of blind spots, well before any damage can be done.

    Join Palo Alto Networks® for a Live Webinar to learn about the breakthrough advanced endpoint technology that redefines endpoint security as we know it
  • Live Demo: AutoFocus Recorded: Dec 2 2016 45 mins
    Ronald den Braven, Consulting Engineer at Palo Alto Networks
    Join us for a live demo and learn how AutoFocus threat intelligence service helps security teams identify and prevent targeted attacks. We will explain the key concepts of AutoFocus and benefits the service provides.
  • Live Demo: VM-Series for AWS Recorded: Dec 2 2016 37 mins
    Tom Welling, Systems Engineer at Palo Alto Networks
    Securing public cloud environments has never been more challenging. Cyberattacks are on the rise, targeting your business-critical data using applications commonly found on every network. Compounding your data security challenge is the lack of application visibility and control features available in existing cloud security offerings.

    The VM-Series for AWS addresses these challenges with a complete set of next-generation firewall and advanced threat prevention features that allow you to identify and control your AWS-based applications and protect your data from known and unknown threats.
  • Live Demo: Safely Enable SaaS Applications with Aperture Recorded: Dec 2 2016 45 mins
    Omar Amarin, Inside Sales Engineer at Palo Alto Networks
    The adoption of SaaS applications continues to grow at an exponential pace. You do not want to clamp down on these applications because they are valuable tools for many of your employees. However, because the data and usage of these SaaS applications is invisible to IT administrators, they do expose your organization to potentially disastrous security and data theft risks.

    Join us for a live webinar where you will learn how your organization can enable safe usage of SaaS applications and:

    •Gain visibility and granular, context-based control of SaaS applications.
    •Protect corporate data from malicious and inadvertent exposure after it has left the traditional corporate perimeter.
    •Protect against new insertion and distribution points for malware.
    •Satisfy compliance requirements while still maintaining the benefits of SaaS based application services.

    The challenges of SaaS applications are already here whether they are enabled by IT or end users themselves. Find out how to take back control and safely enable their use.
  • The Big Challenge of Big Data: Untangling the Security Conundrum Recorded: Dec 1 2016 39 mins
    Alex Hanway, Marketing Manager for Encryption at Gemalto
    Between 2005 and 2020, data volumes will grow by a factor of 300 – enough data to stack CDs from the earth to the moon 162 times. This has come to be known as the ‘big data’ phenomenon. Unfortunately, traditional approaches to handling, storing and analyzing data aren’t adequate at this scale: they’re too costly, slow and physically cumbersome to keep up. Fortunately, in response a new breed of technology has emerged that is cheaper, faster and more scalable. Yet, in meeting these new needs they break many of the traditional security approaches and spark questions like:

    With massive volumes of data, how are organizations going to ensure that their customer information is safe from people looking to exploit it?

    Is it possible to adopt big data technologies while demonstrating compliance with industry regulations?

    Will security get in the way of the analytics tools?

    How can security apply to different data consumption technologies like Hadoop and NOSQL?

    Join Gemalto on Thursday, December 1, 2016 as we discuss what’s in store for the ‘big data’ technologies of the future and how security models like encryption can solve the security conundrum.
For Certified Members and Information Security Professionals Globally
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Applying the Top 20 Critical Security Controls to the Cloud
  • Live at: Dec 10 2014 6:00 pm
  • Presented by: Bart Westerink, CloudPassage, Director of Security and Compliance
  • From:
Your email has been sent.
or close