ISA 62443 Patch Management Overview and Methods for Zero-Day Threat Protection
The growing presence of widely known and used Commercial Off-the-Shelf (COTS) systems in Industrial Control Systems (ICS) provides an increased opportunity for cyber attacks against ICS equipment. Such attacks, if successful, could have severe impact to not only process availability but also safety. Patch management is one particular area of cybersecurity which requires special attention when applied to ICS. It is part of a comprehensive cybersecurity strategy that increases cybersecurity through the installation of patches that resolve bugs, operability, reliability, and cyber security vulnerabilities. The ISA-TR62443‑2‑3 technical report, developed by the ISA 99 Working Group 6, addresses the patch management aspect of ICS cyber security. Also part of an effective strategy is the use of compensating cybersecurity controls to protect ICS systems from exploits and malware in between often long patching cycles. Novel network and host based technologies have recently become available to address even zero-day threats which bypass conventional signature-based approaches.
Attendees of this webinar will leave with a better understanding of:
-The unique aspects of ICS that entail a different and more rigorous approach to patch management than that used in business networks
- An overview of the ISA 99 standards efforts with detail review of the main aspects of the ISA-TR62443-2-3 Technical Report on Patch Management in IACS
- Advancements in compensating cybersecurity controls for protecting systems from zero-day threats
RecordedApr 8 201567 mins
Your place is confirmed, we'll send you email reminders
Lydia Kostopoulos, PhD, Principal Consultant - Cybersecurity (Human Risk), @LKCyber
As the sophistication of encryption and technical defences rises each year, so do the attacks against the people in organizations. Hence the rise in PICNIC = Problem In Chair, Not In Computer.
This session gives an overview of the latest insider threats facing critical infrastructures and how they can compromise air-gapped networks. It provides proactive, preventative and defensive measures to manage the risk, and concludes with a discussion of the responsibilities organizations who manage critical infrastructures have to support national security, the well-being of society and economic prosperity.
There is only one threat that you need to fight and conquer in 2017. We can write a few lines about how threats are changing or about the dynamic threat landscape. However, let’s spare you the pain of reading the same old blurb and instead let’s do the right thing and share with you the one single, biggest threat facing every single business. It’s been around forever however in 2017 exploiting this threat is most certainly going to cause increased financial pain and reputation damage.
Join Amar Singh, CEO of Cyber Management Alliance and founder of the Insights with Cyber Leaders series and other distinguished cyber leaders as they lay bare the severity of this threat.
Note: 30 Minutes webinar only with 15 minutes of interactive questions from the audience at the end.
The pace and scale of information security threats continues to accelerate, endangering the integrity of trusted organisations. Although cyberspace offers opportunities for leading organisations, this environment is uncertain and potentially dangerous. It is a place where hacktivists and cybercriminals are honing their skills and governments are introducing new regulation and legislation in response to major incidents and public concerns. Organisations are forced to continually adapt and rapidly respond.
In this webinar, Steve Durbin Managing Director at the ISF, will discuss the rapidly changing threat landscape, identify the key cyber challenges for 2017 and suggest ways of managing the associated risks.
These days, almost every business is a digital business: modern technologies are unlocking competitive advantage, enabling efficiencies, flexible & agile – all to enhance the relationship businesses have with their new and existing customers. But yet securing that digital infrastructure, and the data that resides on it, is still a major issue. According to a recent survey of UK senior ITDMs by IDG, over a third of respondents stated that managing security was one of the biggest issues faced when implementing digital transformation.
Cloud requires a different approach to security as traditional tools and methods are no longer sufficient to protect against vulnerability or attack.
In this webinar you will hear Dee Chadha, EMEA Director for Rackspace Manage Security (RMS) Services and Oliver Pinson-Roxburgh, EMEA Technical Director, discuss:
• Insight into real-life customer use-cases
• Practical guidance on next steps for securing your digital transformation journey
• The role security currently plays in digital transformation projects, and how it needs to change
• Security maturity, and the different ways to approach securing workloads across multiple infrastructures
Register for this must-attend webinar as we discuss how security can enable your digital transformation journey
Ryan Farmer - Delivery Manager at Acumin Consulting
Join Acumin’s Delivery Manager, Ryan Farmer on a guided tour through the wilderness of the infosec recruitment landscape. The way is fraught with danger, but using his 8 years of experience in this environment, Ryan will help you to identify and navigate the pitfalls. The insights and advice in this handy guide will help you cut through the myths and overcome the challenges in keeping your own ranch full of unicorns.
Peter Wood, First Base Technologies; Florian Malecki, Dell; Jonathan Armstrong, Cordery & Kristian Norsgaard Rieper-Holm
According to a global survey on the European Union’s new General Data Protection Regulation (GDPR) commissioned by SonicWALL in September 2016, reveal that surveyed organizations ‒ both SMBs and large enterprises ‒ lack general awareness of the requirements of the new regulation, how to prepare for it, and the final impact of non-compliance on data security and business outcomes.
Don’t wait until it is too late: join Kristian Norsgaard Rieper-Holm from Globalsequr, Florian Malecki from SonicWALL, Jonathan Armstrong from Cordery and moderated by First Base Technology's Peter Wood as they shed some light on the ins and outs of the new GDPR requirements and how to increase your overall data security posture to minimise the cyber risks and potential financial fines.
In your eco-systems with apps across numerous platforms, and where you possibly are fielding millions of IoT devices, preventing mistrust, and avoiding damaging malware targeting your customers is priority one. We will talk about challenges of remediation when things go wrong, and suggest some solutions to the complexities of managing code-signing and keys at scale.
Josh Goldfarb, VP, CTO - Emerging Technologies, FireEye, Inc.
When many people think about data protection, they tend to think about a few different things. Encrypting data at rest. Encrypting data in transit. Data residency requirements. Unfortunately, attackers do not abide by these best practices and regulations. When attackers gain access to sensitive, confidential, and proprietary information, that data often ends up in places it shouldn’t. Monitoring for and quickly containing and remediating theft of critical data is an oft-overlooked but no less important piece of the data protection puzzle.
Have your say and share your experience and expertise in this highly interactive incident response workshop, titled Cyber Incident Planning & Response or CIPR. The CIPR workshop will deconstruct the prevailing approach to planning, incident response and the wider field of incident management and identify where and how you can improve and build a more resilient business. This is your chance to get involved and learn from your peers and contribute your own thoughts and opinions in this highly interactive workshop.
Note: This is not your typical webinar where one, two or three sparks stand on the podium and proclaim their mastery. Rather, Cyber Management Alliance’s unique and interactive approach to webinar’s allows everyone to have a say and share their knowledge. The host, Amar Singh firmly believes that every member of the audience has valuable input and that each attendee brings their own context and perspective. So, join in, share and learn.
Sunil Choudrie, Global Solutions Marketing Mngr - Symantec & Ravi Pather, VP EMEA, Cloud Data Protection Solutions - Bluecoat
The adoption of SaaS is accelerating faster than expected. However, as this SaaS adoption accelerates, enterprises are discovering various legal and regulatory data compliance responsibilities that maybe challenging to address in a seamless manner or potentially slow down the adoption of SaaS applications and potentially innovation.
• How enterprises can leverage the full value of SaaS applications such but fully meet complex data compliance needs without impacting the usability of the SaaS application. Learn how sensitive data can be protected yet leverage the full benefits of the SaaS application without breaking SaaS application functionality such as searching, sorting and reporting of sensitive data.
• The different methods of data obfuscation such as 'data tokenization' and 'data encryption' and understand the specifics when meeting and demonstrating data compliance in a SaaS environment.
• If SaaS vendor application encryption can be relied upon to address your enterprises data compliance requirements when the sensitive data is encrypted just at rest. What are the data compliance implications of key management and who controls the encryption keys?
Tiago Pereira – Threat Intel Researcher, at AnubisNetworks
Nivdort is a malware family that has been around for several years. Over these years it has been subject to several improvements and, as a result, today it is a very interesting piece of malware with an uncommonly large number of features that has steadily kept a few botnets running with a high number of infections.
Join us on this webinar to learn more about the Nivdort family and some of its extensive list of tricks (e.g. DGA, P2P, information stealing, email spam, instant messaging spam, bitcoin mining), and about its worldwide infection distribution.
Ransomware has spread epidemically in 2016. Analysts, IT pros and corporate staff list it among the top IT security threats. According to a report prepared by the Cyber Threat Alliance (CTA), CryptoWall, version 3.0, alone has already cost its victims $325 million. Malicious software R&D is funded profusely through sources ranging from the proceeds of criminal activity to money raised through crowdfunding services. Under crowdfunding, those who pay the developer receive a copy and can try using it.
Join our new webinar “Withstanding a ransomware attack: A step-by-step guide” and learn:
-What you should do to ensure your data’s availability,
-How to train your colleagues to avoid being caught on the hook of ransomware,
-How to moderate the aftermath of a ransomware attack,
Contrary to the fear around malicious insiders and external hackers, the Information Commissioner's Office recently reported that the most common data security incidents reported to them are all due to inadvertent human error (incidents like misaddressed emails and laptops being left on trains). In the face of game-changing regulatory changes like GDPR, it's crucial that information security and data protection professionals prioritise addressing the most prevalent risks first, not the ones that appear the scariest.
Patrick Grillo, Senior Director, Security Solutions, Fortinet
The firewall wars have caused nothing but confusion in the market. Lines have been drawn between UTM and NGFW; are they different or are they the same thing? Unfortunately that confusion has led to introducing complexity and vulnerability in enterprise networks. There is a better way. Rather than fighting through a sea of acronyms, focus on what’s really important - How can I simplify my security infrastructure and improve my ability to fight off advanced attacks, no matter where they occur in the network?
This session will present a new way of thinking about firewalls, one without the confusion, acronyms and complexity.
Victor Acin, Malware Analyst, Blueliv Threat Intelligence Research Labs
Vawtrak is a serious threat to the banking eco-system and is predicted to be the next major banking Trojan.
Blueliv’s Threat Intelligence Research Labs team has published new research based on in-depth analysis of Vawtrak, including the results from tracking the cybercriminal group infrastructure and a technical investigation which analyzes the evolution of the botnet.
The CrimeServer infrastructure behind the Vawtrak banking Trojan thrives on basic sharing of information to maintain a highly resilient criminal network. So, sharing is a large part of the problem. But it is also part of the solution.
We believe sharing intelligence strengthens our defences against the ever-evolving cyber threats of today.
Join us as we explore the distribution and execution of the Vawtrak banking Trojan, how attackers are collecting stolen data and the relevance of cyber threat intelligence to the finance sector in the context of Vawtrak.
This webinar includes detailed technical analysis of cybercriminal network infrastructures and an in depth look at how the malware is executed. The research is of special interest to malware researchers and threat intel analysts. The webinar is aimed at listeners with a degree of technical understanding about malware and banking Trojans.
While their cyber tactics may be continuously changing, bad actors can’t avoid interacting with core components of the internet. These interactions leave a trail that when connected through rigorous threat infrastructure analysis, can reveal the full scale of an attack and provide the information needed to determine the best response. The key to this analysis is access to a variety of global datasets and the ability to correlate and pivot between them in your investigation.
In this two part series we will look at a range of global datasets and how each can be used to shed additional light on your adversary’s infrastructure. This session will focus on SSL Certs, Host Pairs and Trackers. We will also demonstrate how security analysts can use the free community version of RiskIQ’s PassiveTotal to gain access to and pivot across these global datasets.
Web gateways and proxies are losing to malware and other advanced threats and are generating troubling operational overhead. Join us to learn the top 5 reasons why gateways are falling behind and experience a live demo of web isolation which prevents malware from ever reaching the corporate network.
Greg Foss, Head of Global Security Operations, LogRhythm and Sarah Miller Threat Intelligence Analyst, Carbon Black
Security operations is all about understanding and acting upon of large amounts of data. When you can pull data from multiple sources, condense it down and correlate across systems, you are able to highlight trends, find flaws and resolve issues.
This webcast will cover the importance of monitoring endpoints and how to leverage endpoint data to detect, respond and neutralize advanced threats.
- Why endpoints are the new perimeter
- How employees can strengthen your security operations strategy
- Techniques to test and validate security awareness program
- How to take the data that Carbon Black collects, correlate it against thousands of endpoints, and dynamically neutralize threats using the LogRhythm security intelligence and analytics platform
Register now to learn how LogRhythm and Carbon Black can help you strengthen your overall security operations strategy—all within a single interface.
Oliver Pinson-Roxburgh, EMEA Director of Solutions Architecture
Do you know if your workloads are secure? Do you have the same security and compliance coverage across all of the cloud platforms and datacenters running your critical applications? Are you having to design your security framework each time you deploy to a new region or datacentre?
Whether you’re working with multiple cloud environments or exclusively on Azure, there are certain things you should consider when moving assets to Azure. As with any cloud deployment, security is a top priority, and moving your workloads to the cloud doesn’t mean you’re not responsible for the security of your operating system, applications and data. Building on the security of the Azure infrastructure, this shared security responsibility starts with making sure your Azure environment is secure.
Register for this impactful webinar as we discuss step-by-step what you need to do to secure access at the administrative, application and network layers.
In this webinar, we will take a look at:
• The Shared Security Model: What security you are responsible for to protect your content, application, systems and networks
• Best practices for how to protect your environment from the latest threats
• Learn how traditional security approaches may have limitations in the cloud
• How to build a scalable secure cloud infrastructure on Azure
JP Vergne (Scotiabank Lab, Ivey B-School), Nik Walser (EY), Mario Maawad (CaixaBank), Lawrence Chin (Palo Alto Networks)
As holders of valuable client and financial data, banks have been prime targets for hackers and thieves. Entire payment systems can be compromised in the blink of an eye and clients also risk having their identities stolen.
Join this panel session where our experts will discuss:
-Best practices for preventing cyberattacks at every stage
-Top mistakes banks and financial institutions make when dealing with valuable data
-What makes you a target?
-Using real-time analytics to identify anomalies and act on them immediately
-Malware, threat prevention, next-generation security — what are they, what do you need to know?
For Certified Members and Information Security Professionals Globally
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.