Hi [[ session.user.profile.firstName ]]

Securing the Internet of Everything: The war of the coffee machines

The Internet of Everything affects everyone from multi-nationals to private citizens. The universal adoption of machine to machine communications in every aspect of our lives offers criminals a hugely expanded attack surface. How do we defend ourselves without undermining the benefits of the IoE?
Recorded Jun 20 2017 47 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Peter Wood
Presentation preview: Securing the Internet of Everything: The war of the coffee machines

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Succeeding as a CISO in 2021 Feb 17 2021 5:00 pm UTC 60 mins
    Diana Kelley, SecurityCurve | Jonathan Nguyen-Duy, Fortinet
    This month's episode of The (Security) Balancing Act will look at how the CISO role has evolved in the last few years, what today's expectations are and what it takes to succeed as a CISO.

    Some of the topics to be covered during this roundtable discussion with security and tech leaders include:
    - How has the CISO role evolved over the last few years and what is expected of CISOs in 2021?
    - CISO vs BISO
    - How to see ROI on your cybersecurity investment?
    - How to get the business to understand risk and care about security?
    - How to keep cyber employees happy. The churn is exhausting and costly for companies, and it’s exacerbated by employee burnout and a “grass is greener” approach.

    - Jonathan Nguyen-Duy, Vice President, Global Field CISO Team at Fortinet
    - Others TBA

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • AppSec is dead. Long live DevSecOps! Feb 9 2021 6:00 pm UTC 45 mins
    Matias Madou, Ph.D., Co-Founder and CTO, Secure Code Warrior
    In the ancient times of software creation, we had AppSec, and we had developers.

    Generally, AppSec was aware of security problems, their impact, and code-level fixes. However, these remedies would rarely work in the custom tech stack of the company. Developers cranked out software features in a fast, functional and reliable way, but also released their code for security review as late as possible. Why? To shorten the AppSec feedback window, ensuring their out-of-context security recommendations would bounce back well after the release window and not halt proceedings. A little dysfunctional, to say the least.

    Fast-forward to today, and our demand for software is greater than ever before, as is the risk of data breaches from common vulnerabilities. This fractured process cannot work, and the DevSecOps movement is here to change the game. DevSecOps creates an environment of shared responsibility for security, where developers become responsible for effective deployment, and the lines between AppSec and development teams are increasingly blurred and more collaborative.

    The days of a hands-off security approach for developers are over, and with the right training and tools, they can take advantage of this process, upskill their security awareness and stand out among their peers.

    Delivered by security expert Matias Madou, Ph.D., he will demonstrate:
    The changes the industry has faced in the journey from Waterfall to DevSecOps
    How developers can navigate change and become a powerful piece of the DevSecOps pipeline
    Why DevSecOps doesn't have to compromise the work developers love most
    How sharing the responsibility for security works in a team environment
    Why upskilling as a security-aware developer will help bridge the cybersecurity skills gap, and make them a sought-after engineer in the process.
  • Election Takeaways for Cybersecurity Leaders Jan 20 2021 5:00 pm UTC 60 mins
    Diana Kelley | Jim Richberg | W. Curtis Preston
    The 2020 US presidential election is behind us, but the key cybersecurity issues surrounding election integrity could linger for years to come. From ransomware attacks on local governments, to the untamed spread of disinformation, to experimenting with online voting apps and the myriad of vulnerabilities uncovered across election infrastructures, cybersecurity had never before taken such a central place in the national conversation as it did in 2020.

    So, what have we learned in the aftermath? And how can we apply it to better protect upcoming elections as well as enterprises, customers and employees?

    Join this interactive panel with security experts and tech leaders to learn the biggest lessons from the election from a cybersecurity and privacy standpoint. Discover what went down, what could have gone better and how to prepare for the midterm elections in 2022.

    - Can we build a hack-free election
    - Does misinformation on social sites impact how people vote and what can be done to stop the spread
    - What was new this time and what should security leaders keep in mind for their organizations
    - Would it be safer if we brought the voting process online or in app
    - Can nation state actors change voter rolls or polling data
    - What the biggest election threats mean for industry
    - Key takeaways for cybersecurity leaders

    - Jim Richberg, Public Sector Field CISO at Fortinet
    - W. Curtis Preston, Chief Technical Evangelist, Druva

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • 2021 Readiness: Balancing Security in a Post-COVID World Recorded: Dec 9 2020 60 mins
    Diana Kelley | Mark Weatherford | Ted Harrington | Amir Shaked
    Earlier this year many companies experienced an incredible shift to fully remote work almost overnight, in response to the COVID-19 pandemic. This accelerated the “digital transformation” journey for many companies compressing what was a multi-year timeline into a few months and making 2020 different than any other previous year. In this episode we’ll explore how the balance between security, privacy and productivity was tipped this year, and what can we expect to see in 2021 as some, but not all, organizations head back to office work with a post-pandemic mindset.

    The audience will hear from CISOs and Security Directors about how this year was different, what they're going to do differently going forward, and what they expect (or have already seen) as organizations get back to pre-COVID levels.

    Topics covered:
    - 2020 in review
    - The hard lesson that a mobile workforce is not the same as a remote workforce
    - How the attack surface expanded and what CISOs are doing to ensure risk doesn’t expand too
    - How digital transformation sped up and what they meant for security, privacy and productivity
    - During the speedy journey to the cloud - what mistakes were made?
    - Lessons learned that will be carried forward for security teams
    - What CISOs are doing to prepare for whatever 2021 may bring

    - Mark Weatherford, Chief Strategy Officer and Board Member, National Cybersecurity Center
    - Amir Shaked - VP, R&D, PerimeterX
    - Ted Harrington, Executive Partner, Independent Security Evaluators [ISE]

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Election Recap & Cybersecurity Lessons Learned Recorded: Nov 19 2020 49 mins
    David Morris | Lee Imrey | Mick Baccio | Harrison Morris
    The 2020 U.S. presidential election has brought cyber security to the forefront for many in the U.S.

    From shedding light on disinformation campaigns aimed at disrupting the election, to testing voting machines and pentesting online voting apps, to raising awareness around the risk of ransomware and other attacks to local governments, voter registration databases, poll books and election reporting websites - security researchers and practitioners have been raising red flags throughout the election cycle.

    Join this episode of the Election Hacking series to learn about:
    - The 2020 election takeaways from a cybersecurity viewpoint: What went down, what could have gone better and how to better prepare for the midterm election in 2022
    - What the biggest election threats mean for your industry and organization
    - What have we learned and will it change anything in time for 2022
    - Post-election cybersecurity lessons for tech leaders

    - Lee Imrey, Security Strategist at Splunk
    - Harrison Morris, PhD Candidate Georgia Tech researching the intersection of Cybersecurity and Cognitive & Brain Sciences
    - Mick Baccio, Security Advisor, Splunk

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • Deceiving the Attacker Recorded: Nov 17 2020 56 mins
    Diana Kelley | Chris Roberts | Christina Fowler
    When it comes to deception technology, the industry is evolving beyond simple honeypots to a more automated, scalable, and effective approach.

    Join this episode of The (Security) Balancing Act to discover how deception technology can be used by organizations to detect, investigate and respond to malicious intruders. How does deceiving the attacker save your company and buy you time?

    During this episode, we'll go over:
    - What is deception technology and what does it help with?
    - How does it work? (e.g. Deception decoys, lures, honeytokens, traps, grids)
    - Is your organization ready to adopt deception?
    - What do you need to do before you buy the technology / build it in-house?
    - Key benefits of using deception for threat hunting
    - What else can deception be used for?
    - Deception use cases
    - The role of AI in deception (e.g. dynamic deception)

    - Chris Roberts, vCISO, Researcher, Hacker, Consultant, Devils Advocate
    - Christina Fowler, Chief Cyber Intel Strategist at MITRE Corporation

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Moving Target Defense: The Future of Cybersecurity Recorded: Nov 10 2020 43 mins
    Ron Nixon, VP Global Defense and Government, Polyverse
    Join Polyverse VP of Global Defense Ron Nixon, as he explains:
    · What is Moving Target Defense and where did it come from
    · Where it can be applied in your Linux systems
    · Why it works when traditional methods of defense fail
  • The 2021 Threat Forecast Recorded: Nov 9 2020 60 mins
    John Bambenek, Bambenek Consulting; Etay Maor, IntSights; Luke Hull, BlackBerry; Andrew Tsonchev, Darktrace
    With the current threat landscape evolving at a rapid pace and based on everything that has happened throughout 2020, businesses need to take a more proactive approach to cybersecurity in 2021.

    Join this panel of security experts and industry leaders to learn more about:
    - 2020: The year of COVID, remote working and breaches
    - Biggest lessons from 2020 and the path forward
    - New threats on the horizon
    - Strategies for dealing with ransomware, phishing attacks
    - Recommendations for CISOs for the year ahead
  • Pre-Election Check-In Recorded: Oct 29 2020 55 mins
    David Morris | Mick Baccio | Harrison Morris
    With the 2020 U.S. presidential election less than a month away, let's take a look at the current state of this election from a tech and cybersecurity perspective. What are the new challenges and threats to democracy that we have not seen in previous election cycles?

    Join this panel to ask your questions and learn more about:
    - Things to keep in mind ahead of Election Day
    - Lessons from recent cyber attacks in the public & private sector
    - Securing voter databases and election infrastructure
    - Election reporting websites and when to expect to hear the results of the election
    - Weeding through election interference and disinformation
    - What to expect after Election Day

    - Mick Baccio, former CISO at Pete for America, and White House Threat Intelligence Branch Chief, Security Advisor at Splunk
    - Harrison Morris, PhD Candidate Georgia Tech researching the intersection of Cybersecurity and Cognitive & Brain Sciences

    Moderator: David Morris, Executive Director at Digital Risk Management Institute

    This episode is part of the Election Hacking Original series examining the threats to democratic elections, the technologies used to power and hijack elections, and what's needed to educate and empower voters before Election Day.
  • Life and times of a CISO in a web app world Recorded: Oct 27 2020 61 mins
    Malcolm Harkins Cymatic Chief Security & Trust Officer
    Trust is the cornerstone of the digital economy. In this talk Malcolm will cover what we need to do to generate trust. He will discuss the current state of trust in the web apps we use as well as the ones we provide to customers. He will cover today's reality with data from across the industry and his own experiences discussing the challenges/difficulties the CISO/CSO faces in securing web applications.

    Next, using the “9-box of controls” paradigm from the 2nd edition of his book, Managing Risk & Information Security, Malcolm will explain the economic principle of efficiency and how our current approach to information security is not only economically inefficient but also jeopardizes our ability to engender the trust we so desperately need. He will dive into the total cost of controls in the web app world: what it looks like today and where it will go if we do not transform our current security architecture.

    Throughout this webinar, Malcolm will share insight gleaned from the data, frameworks, and stories from industry experts to draw valuable lessons CISOs can bring back to their teams. In the end, he will offer hope and a roadmap to help participants transform their web application security to deliver real business outcomes that generate trust organically.
  • Email Security in the Age of Remote Work Recorded: Oct 15 2020 61 mins
    Jo Peterson, Clarify 360; Dr Richard Ford, Cyren; Geoff Vaughan, Security Innovation & Mariana Pereira, Darktrace
    There are an estimated 1.5 billion people working remotely due to COVID-19 and email is one of the ways businesses are communicating and staying connected with customers, employers and vendors. Ransomware, phishing and email exploits are continuing to rise. According to Security Magazine, over 96% of all security attacks begin with an email.

    Today’s panel will focus on:
    - the current state of email security and tools,
    - best practices for email safety, resilience planning, brand protection and thoughts on training
  • Securing Identity - 1 Year Check-In Recorded: Oct 14 2020 59 mins
    Diana Kelley | Aidan Walden | Shareth Ben | Doug Simmons
    According to Verizon’s 2020 Data Breach Investigation Report (DBIR), over 80% of hacking-related breaches involved the use of lost or stolen credentials - and approximately 35% of all breaches were initiated due to weak or compromised credentials.

    Last year, we kicked off The (Security) Balancing Act series with a panel of identity experts to help us understand the landscape. Join us for this 1 year check-in to learn what has changed for organizations in the last 12 months and the security implications of shifting to a more remote workforce.

    - 2020 vs 2019: Key changes & challenges for cybersecurity
    - How work from home has opened the door to attackers
    - Regulatory updates that may impact identity management programs
    - Why attackers are focused on credentials and authentication systems
    - What businesses can do to keep track of all endpoints, manage identities and privileged access, protect their data and maintain compliance

    - Aidan Walden, Director, Public Cloud Architecture & Engineering at Fortinet
    - Shareth Ben, Executive Director, Insider Threat & Cyber Threat Analytics at Securonix
    - Doug Simmons, Principal Consulting Analyst, Managing Director, Consulting at TechVision Research

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Application Security for the Modern Enterprise Recorded: Oct 14 2020 61 mins
    Peter Jones, 3B Data Security Limited; Jack Mannino, nVisium; Garrett Gross, Rapid7 and Rodrigo Araujo, Bell Canada
    Web applications continue to be a popular vector for cyber attacks. According to the most recent Verizon Data Breach Investigations Report (DBIR), 43% of breaches analyzed in the report targeted web application vulnerabilities, more than double the number from last year. What does this mean for businesses in the era of remote working?

    Join this interactive keynote panel to learn more about:
    - How the shift of valuable data to the cloud, including email accounts and business-related processes has opened the door to attackers
    - The impact of COVID-19 on enterprise security posture
    - The role of compromised credentials in breaches
    - Application security challenges and the path forward
    - Best practices for a more secure enterprise
  • Securing Your Connected Devices at Home & at Work Recorded: Oct 13 2020 59 mins
    Chris Hazelton, Brandon Hoffman, Rick Moy & Jack Mannino
    Connected devices are everywhere. More than 83 million U.S. households have at least one smart device, according to a study by the Consumer Technology Association. In fact, U.S. households own an average of 11 Internet-connected devices, according to a study from Deloitte, including seven with screens to view content (e.g. smartphones, tablets, laptops, TVs). 

    With so many devices on the home network, how is security keeping up? What is needed to make device security easier and faster?

    Find out why attackers are targeting internet-connected devices, some common attack vectors, and what to do to reduce the risk of breach at the endpoint.

    Join this panel of security experts to learn more about the security risks connected devices pose to your home and office, and what can be done about it:
    - Connected devices - the gateway for attackers
    - The likelihood that you or your company will be breached via connected devices 
    - Steps to mitigate the risk of breach
    - What is needed to close the gap in device security
    - Best practices for protecting your smart home from online threats

    This panel is part of National Cyber Security Awareness Month (NCSAM) 2020.

    We welcome and encourage audience participation and questions.

    Chris Hazelton, Director of Security Solutions, Lookout (Moderator)
    Brandon Hoffman, CISO, Netenrich
    Rick Moy, Vice President of Marketing, Tempered Networks
    Jack Mannino, CEO, nVisium
  • How to Tie Up Loose Ends with Endpoint Security Recorded: Oct 13 2020 54 mins
    Simon Ratcliffe, Ensono; Brian Robison, BlackBerry, Jason Allen, Digital Hands and Darrin Nowakowski, CGI
    As organizations are making plans to extend working from home through next summer, what are some things employees and IT teams can do to better protect their devices and networks? Learn more about how endpoint security can be implemented and improved to protect your organization from breaches.

    Join this interactive keynote panel with security experts and industry leaders to learn more about:
    - COVID-19’s impact on home network security
    - Why attackers are targeting the endpoint
    - Why your connected devices may be at risk and what to do about it
    - How to seamlessly integrate your endpoint security with existing solutions
    - Identifying threats, solutions and breach prevention best practices
  • Cyber Attack Trends & Threat Forecast for 2021 Recorded: Oct 12 2020 60 mins
    Eric Adams, Kyriba; Roland Dobbins, NETSCOUT; Ed Adams, Security Innovation;Jeff Foresman, Digital Hands;Bryson Bort, SCYTHE
    So far, 2020 has been a challenging year for everyone. COVID-19 and the push for a more remote workforce have left many organizations vulnerable to the risk of a cyber attack. With IT and security teams struggling with the challenges created by remote access attackers are rushing in to capitalize on the chaotic environments created by the pandemic. 

    Application security is becoming increasingly important. According to the Verizon 2020 DBIR, there has been an increase in cyber attacks on web applications, both in terms of percentage and in the raw number of breaches.

    So, what else is on the horizon for 2021?

    Join this panel of security experts and industry leaders to learn more about:
    - The COVID-19 impact on organizations and trends in recent cyber attacks
    - Phishing, ransomware, DDoS and other cyber threats
    - Why web applications are a top target for attackers
    - Lessons from the front-lines and recommendations for dealing with a cyber attack
    - What organizations need to prepare for in 2021
    - How best to enable teams and secure the enterprise
  • Protecting Connected Devices from Cyber Threats Recorded: Oct 7 2020 57 mins
    Rick Holland, Mark Lynd, Terence Jackson & Dirk Schrader
    The proliferation of connected devices at home and in the workplace has opened the door to attackers, who often find poorly protected IoT devices as easy targets and entry points.

    This panel of security experts and industry leaders will explore the security risks that connected devices pose for individuals and organizations in the U.S. and what can be done to secure devices, deter attackers and overall minimize the risk of breach.
    - How connected devices have changed the game from a cybersecurity perspective?
    - Why connected devices are easy targets for attackers
    - Other cyber threats to be aware of when it comes to connected devices
    - What you can do to secure your devices at home and at work
    - Understanding the risk of breach
    - Best practices & how to #BeCyberSmart

    This panel is part of National Cyber Security Awareness Month (NCSAM) 2020.

    We welcome and encourage audience participation and questions.

    Terence Jackson, Chief Information Security Officer, Thycotic (Moderator)
    Rick Holland, CISO, Vice President of Strategy, Digital Shadows
    Mark Lynd, Head of Digital Business - CISSP, ISSAP & ISSMP, NETSYNC
    Dirk Schrader, Global VP of Product Marketing & Business Development, NNT
  • CISO Insights: How to Practice Cyber Hygiene & #BeCyberSmart Recorded: Oct 5 2020 61 mins
    Dan Lohrmann | Earl Duby | Keith Hollender | Adam Ford
    By popular demand, the CISO Insights series is back in October for National Cyber Security Awareness Month with a new episode on securing connected devices.

    Join this interactive Q&A discussion with CISOs to learn more about:
    - Why connected devices are a popular target for attackers
    - Steps for easy cyber hygiene at home and at work
    - Building a security culture together
    - CISO recommendations & best practices

    - Dan Lohrmann, CSO & Chief Strategist, Security Mentor, Inc.
    - Earl Duby, CISO, Lear Corporation
    - Keith Hollender, former CISO; Partner, Global Cybersecurity Practice Lead at MorganFranklin Consulting
    - Adam Ford, CISO of Illinois

    This panel is part of National Cyber Security Awareness Month (NCSAM) 2020.

    We welcome and encourage audience participation and questions.
  • Controlling the Chaos of Vulnerability Management Recorded: Sep 29 2020 54 mins
    Steve Carter and Scott Kuffer (founders of Nucleus Security)
    With unpatched vulnerabilities causing one-third of breaches, most security professionals agree that effective, timely vulnerability management is imperative to keeping organizations safe. However, keeping every OS and every application, across every device in an enterprise environment, correctly configured and up-to-date, takes Herculean effort. The recent explosion of new vulnerability scanning tools, combined with widespread adoption of cloud and DevOps, demands a completely new approach to the vulnerability management process.

    In this talk, Nucleus co-founders Steve Carter and Scott Kuffer will discuss the concept of vulnerability management maturity, and how to structure your VM program to keep up with the speed of business. Learn the importance of leveraging orchestration and automation to design a vulnerability management program that scales to support the needs of large enterprises.
  • 6 ways CISOs are securing and navigating the cloud Recorded: Sep 24 2020 61 mins
    Jo Peterson, Clarify 360; Brian ThompsonVP, Veeam Software; Michael Goldgof, Barracuda Networks; Carl Eberling, Forcepoint
    Cloud Adoption is on the rise again. According to IDG’s 2020 Cloud Computing Survey, 59 percent of respondents said their organizations would be mostly or all in the cloud within 18 months. Cloud changes our approach on so many levels—new technology, new shared responsibility model and new cybersecurity considerations

    In today’s session, we’ll explore 6 ways CISOs are navigating the cloud:
    - Securing an extended perimeter
    - Upskilling the team
    - Balancing Risk Management in Third Party Relationships
    - Defining the Shared Roles in a Shared Responsibility Model
    - Enhancing Visibility
    - Taking Advantage of Automation

    Jo Peterson, Vice President, Cloud and Security Services, Clarify360
    Brian Campbell--VP, Cyber Security Architect, Veeam Software
    Mike Goldgof--Senior Director, Product Marketing at Barracuda
    Carl Eberling-- CIO/CISO- Forcepoint
For Certified Members and Information Security Professionals Globally
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Securing the Internet of Everything: The war of the coffee machines
  • Live at: Jun 20 2017 10:00 am
  • Presented by: Peter Wood
  • From:
Your email has been sent.
or close