For many businesses, security, compliance and data protection in the cloud have been a major challenge due to the shared responsibility model and automation of public cloud infrastructure. Trying to force fit traditional security tools into an agile infrastructure like AWS can be time consuming and clumsy, and ensuring consistent security controls requires new practices for security and auditing teams.
Register for this impactful webinar presented by Oliver Pinson-Roxburgh, EMEA Director of Solutions Architecture at Alert Logic, as he walks through the vital AWS security best practices you need to know about and how to design your application security strategy so that it integrates with AWS.
Securing AWS Tried and Tested Continuous Security Strategy:
• Tradition is out: where traditional security does and doesn’t fit
• Where to start: what to do within the first 5 minutes of setting up your AWS account
• Visibility into your AWS infrastructure where to go to get security value
• Top AWS Security Best Practices
RecordedJul 21 201654 mins
Your place is confirmed, we'll send you email reminders
Patrick Grillo, Senior Director, Security Solutions, Fortinet
Although overused, Next Generation Security still means keeping up with the challenges of securing today’s networks. The fundamental rule of keeping up with those challenges is having both a vision and an architecture that provides the foundation, regardless of how the market or the threats themselves change.
This session will focus on what is needed in an evolving security architecture to provide Next Generation Security in a constantly changing environment.
During this presentation, you'll learn about deep learning, the history of artificial intelligence, the history of malware management, and the current approach to eliminating malware threats to the enterprise using AI.
Data protection has always been important, but with the GDPR deadline looming and data sharing scandals shaking consumer confidence, securing personal data has never been more vital. The GDPR is leading businesses across the world to evaluate, and in many cases modify their data processing activities in line with upcoming law.
So what if you’ve left it too late? What are the key steps you can take to work towards GDPR compliance, even after deadline day?
Join us in this webinar with Alex Jordan, Senior Analyst at the Information Security Forum as he shares:
-The ISF’s phased approach to GDPR implementation
-Ways to determine the criticality of data and how to protect it appropriately
-The urgent actions that a business can take to get GDPR compliance started
-Common myths surrounding the GDPR, and guidance on cutting through the noise.
Cyber has become a strategic issue and for many companies is now a business enabler and increasingly a form of competitive advantage. However it is clear that it remains difficult for Board's to get the “right” management information to support their cyber risk discussions and decision making.
So how can Board's ensure that they are asking the right questions when it comes to an organisation’s cyber posture and how can CISOs maintain and improve the Board’s attention in this fast-moving space? This webinar will look at the challenges faced by CISOs and Board members and offer insights into how to successfully approach cyber security at Board level.
About the presenter:
Steve Durbin is Managing Director at the Information Security Forum (ISF). His main areas of specialism include strategy, information technology, cybersecurity and the emerging security threat landscape across both the corporate and personal environments.
Rob Shapland, Principal Cyber Security Consultant, First Base Technologies
How to make your staff your first and last line of defence.
Learn how to:
•Identify your enemy and their tactics
•Discover why technological defences will lose to hackers
•Learn how to make staff genuinely care about security
About Rob Shapland BSc (Hons) OSCP OSWP CRT Principal Cyber Security Consultant, First Base Technologies
Rob Shapland is an ethical hacker with 9 years’ experience conducting penetration tests for hundreds of organisations, from small businesses to major international organisations.
He specialises in simulating advanced cyber attacks against corporate networks, combining technical attacks with his other hobby of dressing up and tricking his way into company headquarters using social engineering techniques.
He is also a regular speaker at events and conferences around Europe, and has appeared on both BBC and ITV as a cyber security adviser. He holds qualifications from SANS, Offensive Security and CREST, and has been trained in social engineering techniques by Chris Hadnagy, one of the world's leading practitioners and researchers.
The expectation from the start of 2017 – that we hadn’t seen the back of ransomware – was justified. 2017 was plagued with global attacks such as Petya, WannaCry, Bad Rabbit and many others. Unfortunately, 2018 could be even worse.
With ransomware continuously developing new delivery techniques, organisations must learn how to prepare and protect themselves from the threat of ransomware, but how can they do this?
In this webinar, Nick Frost, Principal Consultant at the ISF, will explore the latest threats in ransomware and what organisations can do to minimise vulnerabilities to reduce risks of an attack.
About the presenter:
Nick is currently the Principal Researcher for the Information Security Forum (ISF) Ltd. He has more than 15 years’ experience designing and implementing a risk-based approach to securing information. He has developed leading solutions for evaluating risk across both internal and supplier environments.
In the age of Digital Transformation, SD-WAN is on the lips of all enterprises and service providers. While the operational and commercial benefits of SD-WAN are clear, the focus on these as THE consideration is dangerous, as along its benefits comes a greater cyber security risk.
This session will focus on Secure SD-WAN and the built-in benefits it provides, from both the operational and security points of view.
This webinar will detail how to apply AI and automation to assist security team members, from CISOs to SOC/IR operators, allowing the team to become proactive in defense and best serve the new needs of innovative companies. We will cover:
o Considerations of implementing automation without an increase in workload
o How to reduce risk by 98% with current staff and no longer "overlooking" a de-prioritized or quarantined alert
o What it takes to go from alert triage to incident response and remediation in less than 10 minutes
o How to become proactive in defense by utilizing knowledge from investigations to increase network defense
o An ROI template allowing you to justify costs for new budget
Travin Keith, Managing Director at Agavon, Co-Founder at SICOS, and Administrator at BitcoinMarkets
With the burst of interest into cryptocurrencies, there have been a lot of new users into this innovative world. However, the rush into the space has caused many users to skip key steps in joining the cryptocurrency community, such as understanding what basic security practices they should follow in order to keep themselves and their money secure.
While there are technical steps to take to secure one's funds, there's also a number of things to keep in mind while interacting with the community.
This webinar discussion aims to give beginners in the world of cryptocurrencies tips to better protect themselves, their money, and their sanity.
As more of our physical world becomes digital, from thousands of websites sites being hacked, to malware attacks, 2017 saw a myriad of devastating cyber-attacks and hacks. Given this, you can’t help but wonder if you are at risk and if you are really prepared?
Organizations today are becoming increasingly concerned about the accelerating pace of change — and also, sophistication — in the global cyber threat landscape.
Join us for this webinar as we explore ways to more effectively mitigate risks, respond to attacks, and recover. Key Takeaways include:
- How to Predict, Prevent, detect & Respond to sophisticated threats including Ransomware
- Key Elements of a Risk-Based IT Security Strategy
- Best Practices and Proactive Strategies to Mitigate Cyber threats
Cybersecurity Skills Are in High Demand, Yet in Short Supply. The growing number of recent cybersecurity attacks highlights a shortage of skilled workforce in the cybersecurity industry, predicted to reach around 1.8 million workers by 2022. These challenges will also be impacted by evolution of IoT/ IoE and Artificial intelligence, which represents an unprecedented opportunity to connect people, processes, data, and things.
Key Takeaways include:
- Is Automation an answer to the skill gap?
- Maintaining security in the face of growing cyber risks and threats
- How the arrival of AI & IoT in both our personal and business lives will create a skills gap that will require both the retooling of people’s existing skillsets and the wide-scale hiring of new workers
Patrick Grillo, Senior Director, Security Solutions, Fortinet
While some hackers crave the attention of a high profile attack or data breach, others prefer to work in shadows either trying to hide their tracks or are indifferent all together.
Regardless, accurately understanding where an attack comes from is very helpful in defending against future attacks. More importantly, when companies and key organizations work together it is possible to tie together a multitude of individual footprints into a single, conclusive trail back to the originator.
This session will focus on the importance of attribution and includes a case study of how a major cyber criminal was taken down, from the lowest foot soldier to the kingpin himself.
Cyber risk isn't new, but the stakes grow higher every day. An incident is no longer likely to be an isolated event, but a sustained and persistent campaign. There is no single solution that will offer protection from an attack, but a Cyber Resilience strategy can provide a multi-layered approach that encompasses people, processes and technology.
Pete Wood will talk about eliminating the gap between IT and the business to present a united front against threats. This is a paradigm shift that uses security intelligence to guide decisions and support agility.
Rob Anderson, Head of Field Operations (Privitar),Tim Hickman, Associate (White & Case)
Today's modern businesses gain competitive edge and remain innovative by using advanced analytics and machine learning. Utilising big data can build customer loyalty by improving personalised marketing campaigns; optimises fraud detection; and improves products and services by advanced testing. However, the data sets required for advanced analytics are often sensitive, containing personal customer information, and therefore come with an inherent set of privacy risks and concerns.
This roundtable will cover a few key questions on data utility and privacy:
- In what ways advanced analytics help businesses gain competitive edge?
- What is defined as sensitive data?
- Will GDPR affect the way you're allowed to use customer data?
- What opportunities are there to utilise sensitive data?
Unlocking the data’s true value is a challenge, but there are a range of tools and techniques that can help. This live discussion will focus on the data analytics landscape; compliance considerations and opportunities for improving data utility in 2018 and beyond.
- A view of the data protection landscape
- How to remaining compliant with GDPR when using customer data
- Use cases for advanced analytics and machine learning
- Opportunities for maximising data utility in 2018
The new business reality of GDPR and how you use customer data is inexorably approaching, if you work in or are doing business with anyone in the EU you must deal with this regulation.
With data protection, there are really only two options: protection of data through ever-more data centralization and security or turning the customer data paradigm on its head and decentralize the data.
We have a new model: give your customers full control over their data, gain their trust, and lower your costs with the open-source Pillar Business Wallet. Join our conversation Thursday, 30th of November.
Governments continue to try to regulate cyberspace, often with little effective impact. Security professionals struggle to design and operate infrastructure that will comply with rules written with Semantically Intentional Ambiguous Meaning (SIAM). Learn from the classrooms of one of the world's great universities the new methods for navigating those challenges and putting in place rules that are effective for managing infrastructure.
Louise Beaumont (Publicis.Sapient & techUK), Bernard Harguindeguy (Elastic Beam), Chris Ward (Mapa Research)
This discussion focuses on delivering a secure API layer and how Open Banking will deliver a secure Open Future..
Open Banking will affect every layer of the bank:
-It will stretch and stress banks’ brands – resulting in both the potential for significantly increased reach, and reputational enhancement and risk
-It will change and complicate how banks talk to consumers and SMEs – whether direct, intermediated, invisible, or all three simultaneously
-The ecosystem environment will radically change how services are designed - with a flood of ideas and data available for those banks which successfully attract, seed and enrich the ecosystem within which they are a player
-And the ecosystem environment will fundamentally change how these services are delivered – whether by companies with whom the bank has a partnership, or companies with whom the bank has absolutely no relationship
-And finally, it also demands a rich, growing - and secure - API layer to enable the Open Future
Candid Wueest, Principal Threat Researcher, Symantec
Financial institutions are increasingly facing attacks on multiple fronts.
Cyber criminals continue to target online banking using malware to hijack customer transactions and banking sessions. While there has been an overall drop in infections related to these consumer threats, financial institutions are now facing new types of attacks in the form of large-scale financial heists.
Attack groups such as Fin7 and Lazarus are deliberately targeting financial institutions in audacious attacks that are reaping large rewards. They are using living off the land and fileless attack tactics similar to APT groups. But also extortion with DDoS attacks or business email compromise (BEC) scams are increasingly bothering financial corporations.
In this webcast on the current financial threat landscape, Symantec takes a look at the most prevalent and significant financial threats.
In this webcast we will review:
- The top threats facing financial institutions with statistics and examples
- Explore the most common techniques employed in financial attacks
- Provide case studies of the most high-profile financial attacks of the past 12 months
Dynamic, volatile, innovative. Cloud security is all of these and more. Join this webinar to learn more about:
- How can cloud service vendors turn the constant parade of new threats into a continuing opportunity to increase customer loyalty?
- How can customers gain trust in their service vendors despite the parade?
For Certified Members and Information Security Professionals Globally
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.