Application Defender can provide consistent and centralized logging of application use and abuse to SOCs or others tasked with Security Monitoring. Learn about the Application Logging categories and use cases that will enable you to gain visibility into application activity across the whole enterprise without changing source or parsing logs.
The Industrial Internet of Things is rapidly evolving, both in terms of its business requirements and the enabling technologies needed to improve decision-making and gain competitive advantage. The ideal technical solution should be able to fuse streaming Fast Data coming from IoT devices and sensors with static Big Data about customers and assets.
In this webinar, hosted by Brian Clark of Objectivity and analyst Jason Stamper of 451 Research, we’ll discuss how to augment these critical categories:
We’ll explain the technical challenges involved when supporting massive volumes of data in a mixed workload environment, and how to leverage open technologies, such as Spark and HDFS, to enable real-time IoT intelligence.
Security practitioners must take a proactive, inside out approach to managing their organization’s cyber risk. But the challenges lie in effectively measuring the overall risk posture of the business. The manual process tied to analyzing security data today is demanding and error prone. To address this, the security and risk department needs an automated and repeatable process that makes sense of the volumes of security data from their existing solutions. This would allow them to effectively communicate a traceable and actionable view of cyber risk to line of business owners and the board of directors.
Please join us on Thursday, April 28, 2016 at 10:00 a.m. PT for a live Bay Dynamics webinar as Humphrey Christian, Vice President, Product Management, explains how your organization can obtain a 360 degree view of your cyber risk posture.
Recent high profile data breaches have made it obvious that organizations often underestimate the risk their vendors present, and struggle to evaluate third party cyber risk.
In this webinar Mike Rothman, Analyst & President of Securosis, and Tom Turner, President and COO of BitSight describe how organizations can build a systematic means to evaluate their IT risk presented by business partners and vendors.
Viewers will learn about:
- Understanding Third Party IT Risk
- Structuring Vendor Risk Management Programs
- Evaluating Vendor Risk
- Ongoing Vendor Monitoring and Communication
How do you keep track of large number of diverse data objects in your data lake that continue to increase every day? Now that Apache Hadoop has become a critical component of your data architecture, how do you know with confidence which piece of data came from which source and how did it change over time? Moreover, how do you use this valuable information to secure your Hadoop ecosystem?
Join us on this webinar on April 28, 2016 at 9:00 AM PST to learn what are the latest developments for data governance and security in Hadoop and how organizations can leverage metadata-based governance controls to effectively address compliance and security requirements.
Cradlepoint, the global leader in software-defined 4G LTE network solutions for enterprises, has announced the world’s first suite of LTE Advanced (LTE-A) routing platforms for branch and in-vehicle networks.
As carriers are introducing Category 6 LTE-A technology into their networks to increase bandwidth speeds and coverage, Cradlepoint is the first to empower businesses to leverage these capabilities with an enterprise-grade WAN solution.
Join Cradlepoint product managers for an exclusive live webinar on Thursday, April 28, at 11:30am ET/16.30 BST to explore various ways that Cradlepoint’s Spring Launch is poised to boost performance and cost efficiencies for enterprise networks, including:
First to Support LTE Advanced
— New LTE Advanced modem technology enables improved speed and WAN resilience
— Auto-carrier selection simplifies deployments and installations
Enhancements to Industry-Leading Failover with Out of Band Management
— Enhanced failover/failback with CP Inline Failover and Modem Standby Mode
— OOBM capability extended to additional devices on the LAN
Improved In-Vehicle & Fixed Edge Routing Capabilities
— Advanced Routing protocols bring enterprise routing capabilities to edge platforms
— Home Station Fast Data Offload optimizes vehicle investments
— New Enterprise Cloud Manager features enable better network visibility and management
Join us for our next customer webinar covering the new features available in Black Duck Hub 3.0.
The latest version is designed to help Hub and Protex users streamline Continuous Integration (CI) and DevOps processes through robust policy management and rapid scanning. These capabilities provide complete visibility into the open source in apps and containers, accelerating development through early and continuous detection of vulnerabilities and out-of-policy code.
During this webinar, we’ll show you how to leverage Hub 3.0 to establish policies around the use of open source software in order to lower your organizational security, license and operational risk.
Following the demonstration, we’ll leave plenty of time for you to ask our product experts questions.
You will learn:
•Overview of the new features, including policy management, improved scanning, additional Linux distribution support, and integration with TeamCity
•How to quickly establish open source security policies for existing and new projects
•Ways to leverage policy violations to flag or fail builds in a continuous integration environment (such as Jenkins)
The initial signs that you have a security incident on your hands are rarely black and white. The first questions you have to ask yourself are "Is this a real incident?" and "How should I respond?" Based on our first-hand experience, a rapid response in the first 72 hours is critical.
In this webinar we will discuss the main response tactics to contain and understand an incident, and offer best practise on investigation, identification and containment of the incident before responding.
*What are the difference between incursion and persistent detection
*Identify key activities to perform in the first 72 hours
*Understand why immediately stopping the attacker may cause more disruption .
Like many organisations, Prudential has to ensure it protects sensitive data. Getting it right results in satisfied customers, regulators and shareholders and avoids the reputational damage and legal penalties associated with a data breach. With the forthcoming EU General Data Protection Regulation now agreed for implementation, we think now is the right time for organisations to review their data governance and protection requirements. During this webinar we will cover today’s challenges in ensuring good data governance and enter into a panel discussion with Prudential about their approach and lessons learned, including their implementation of Symantec Data Loss Prevention and Boldon James data classification technology. There will also be an opportunity to engage in a Question and Answer session.
So if you want to give your data governance program a head start, register today.
Security is not rocket science. Developing an effective and efficient enterprise security program starts with strong culture and risk communication. Ditch the old school security ways and embrace the millennial approach. The pillars of the millennial approach to security are: developing a positive security culture, making secure business processes easy, fostering enduring business relationships, constant communication with executives, and getting the biggest bang for your limited bucks with risk prioritization.
There is an assumption that the more you spend on security technology, the more secure you will be. However, it is evident from the media that even though organisations are spending many on security products they are still being breached. Majority of organisations are falling back on 'historical, layered defence strategies’ with the tendency to think that by merely upgrading software and building up walls, their organisation is safe, but what if the attacker dug underneath the wall?. Does this demonstrate they are spending effectively and keeping their organisation secure?
In this webinar, we will discuss why organisations don't need to spend more on security to be better protected but need to spend wisely with the budget they already have. Organisations continually need to think about how they readjust and refocus on strategies that enable them to be resilient and recover from a cyber-attack. The webinar will cover:
Spend vs Resiliency – is it proportionate?
Strategy for protecting what really matters
Focusing on the 5% of alerts that really matter
Join Richard Turner, FireEye President of EMEA, as he continues his discussion around taking the ‘Risk message of Cyber Secuirty to the board’
Ransomware is on the rise. Only in the first quarter of 2016 a dozen of new families have emerged with Locky leading the way. This webinar will summarize who are the new players, and their technical ability to perform in the ransomware market against the well-established TeslaCrypt and Cryptowall. We will also dive in on how companies can protect themselves against ransomware in general and some of this malware in particular.
Hadi Hosn, Head of Security Strategy & GRC Consulting, EMEA
For many organisations, investments in new processes and technologies is on top of the priorities list. From behavioural analytics, big data solutions, and “one touch” processes that require no manual intervention, companies are always on the lookout for technology innovations that can achieve a considerable return on investment. When companies consider Cyber Security in such a technology dependent world, most ask, “How can we secure our business and comply with the changing legal and regulatory standards?” instead of “How do we make business focused, intelligent investments given the cyber security risks we face today?”
In this webcast, Hadi Hosn, Head of Security Strategy & GRC Consulting at Dell SecureWorks, will discuss the risk based Cyber Security operating model to help companies identify and protect their most critical information assets and business processes. Hadi will focus on the most critical actions for any organisation building a risk based security programme.
Key topics covered include:
· Prioritising information assets based on value to the organisation
· Identifying and prioritising risks to the assets
· Reduce risks with quick wins
· Build and deliver a security plan that aligns business and technology
· Ensure continuous business engagement on the topic of cyber security
Most organisations are surprised by the ease with which social engineering defeats their security. The human factor provides a simple and effective route to bypass even the best hardware and software security controls, yet is commonly overlooked or considered too difficult to solve. Peter will share a number of real examples to reinforce his opinion: as more and more data breaches are published, perhaps it’s time to become creative and strengthen the human firewall.
As cyber security risks increase in sophistication and number, organisations need to switch from responding to incidents, to identifying them to prevent them before they occur.
Developing a robust risk based approach to security needs to focus on supporting organisations to prioritise threats, understand the techniques that may be employed as part of the attack and evaluate the capability of controls to prevent, detect and respond to an attack. Without this knowledge, an organisation would struggle to determine the level of exposure to particular threats and if their cyber incident response plans are structured and ready to address these threats when they arise.
During this webinar, Steve Durbin, Managing Director of ISF, will discuss the need for a risk based approach to security and why it is an essential component to today’s business.
Keyaan Williams, Senior Executive, C|CISO Programs at EC-Council
Join Keyaan Williams, Senior Executive, C|CISO Programs at EC-Council for his Corporate Governance for CISOs webinar series! The second webinar in the series will cover the topic of Board Presentations from an IS executive perspective.
J. Trent Adams, Director of Ecosystem Security, PayPal
Secure clouds don't exist in a vacuum. The very nature of a secure cloud relies on effective standardized, interoperable, and scalable Internet security. As the cloud metaphor displaces the concept of proprietary point-to-point networked servers, the key to its value can be found in the interoperability of service protocols. Securing these connections requires understanding and deploying standards such as TLS HSTS, CT, CSP, DMARC, and FIDO. Each protocol addresses specific security concerns encountered when you extend your security perimeter to include external cloud services. Developing and deploying technologies like these requires a holistic view of the security landscape, and working within a robust Internet security ecosystem.
Key Talking Points:
- Cloud security relies on standardized Internet security protocols.
- Developing Internet security protocols requires multistakeholder involvement.
- Key areas of focus include securing: transport, content, communication, and authentication.
- Case studies presented in developing CT, CSP, DMARC, FIDO, and TLS 1.3
- Internet security is constantly evolving; adapt or perish.
Keyaan Williams, Senior Executive, C|CISO Programs at EC-Council
Join Keyaan Williams, Senior Executive, C|CISO Programs at EC-Council for his Corporate Governance for CISOs webinar series! The first webinar in the series will cover the topic of Asset Management from an executive perspective.
Jim Reavis of CSA, David Baker and Arturo Hinojosa of Okta
According to the 2016 Top Threats report from CSA, the ramifications of poor cloud computing decisions is no longer an IT issue but rather a boardroom issue. Executives at the highest levels are under scrutiny about security posture, and their response to a breach, from stakeholders, regulators and consumers.
The growth of cloud and mobile technologies in the workplace has forced IT and security professionals to re-think their security strategy. A traditional network perimeter built on firewalls, VPNs, IDS, and DLP does not address the new threat landscape of phishing, social engineering, and data breaches.
Join CSA CEO, Jim Reavis and Okta CISO, David Baker, for a discussion on the top threats organizations face, how the landscape is changing and best practices for improving the security of your organization.
You’ll take away:
-Highlights from the CSA 2016 Top Threats report
-How to build a new security perimeter based on user identity, capable of detecting and stopping attacks in real time
-How to improve visibility into user behavior and implement controls without sacrificing productivity
Karna Bojjireddy Security Product Manager, SoftLayer, Manish Aggarwal Product Manager, IBM Cloud, Sunil Jain, Tech Lead Intel
Cloud security remains one of the top barriers to the adoption of cloud computing (Gartner top 3) and drives a need for new and broader security measures that go beyond traditional enterprise IT security tools and practices.
Join security experts from IBM, SoftLayer and Intel® for a comprehensive webinar about the cutting-edge products and services that deliver unparalleled control and data security in the cloud. In this webinar, you will receive:
Practical and technical advice can be applied immediately to help secure your organization's IT environment using SoftLayer's security-rich environment for deploying and running customer workloads.
A full overview of the chip-level Intel®TXT security available first in the cloud at SoftLayer. Lastly learn more about IBM Cloud Data Encryption Services™ about Data protection, resiliency, security and storage.
As organizations transition from on-premise data storage and device-centric security to the cloud, the need for a data-centric solution becomes critical. Organizations need the ability to protect data in the cloud, at access, on the network, and across all devices. While cloud app vendors now offer robust functionality, they lack the level of granular control and deep visibility many organizations need, either for compliance purposes or simply to enable an increasingly mobile workforce.
In this webinar, we'll discuss how CASBs leverage APIs and proxies to control data on both managed and unmanaged devices, enabling secure SaaS and BYOD. Join us to learn how Cloud Access Security Brokers can help protect data in the cloud by providing comprehensive security and real-time data protection.
Throwing a safety net over mobile cloud app usage leaves the enterprise having to balance manageability and security against the user experience. This session covers how you can gain visibility into mobile cloud app usage, defend against malware and threats, and enforce corporate policies for mobile—all while enabling BYOD and protecting the user experience.
Michael Kaczmarek, Sr. Director of Product Management, Verisign
Cyberattacks are a threat to businesses worldwide, and they are getting larger and more sophisticated. The industry’s approach to protecting against these threats must change fundamentally to stay ahead of this growing threat. For too long, the problem has been tackled piecemeal, using isolated devices or services, but protecting against advanced cyberattacks requires communication and coordination among many components – from networking equipment, to specialized appliances, cloud-based services, as well as actionable threat intelligence.
A shift in security architecture is needed, to an open platform where devices and services from different vendors can share, and act, on threat intelligence information, all in concert and in the proper context. It must be a hybrid platform; allowing on-premises security appliances to detect and mitigate attacks, locally, while automating alerts, and switchover, to cloud-based services should an attack threaten to swamp the business’ network connection.
Join Michael Kaczmarek, Sr. Director of Product Management, and learn how to assist with designing a resilient security ecosystem by maximizing an API-centric approach. In this session, Mike will discuss how to:
· Evaluate the Threat Landscape
· Design for Both Security and Flexibility
· Prepare for Incidents – Orchestrate Responses
· Expand to a Hybrid Premise and Cloud Security Architecture
Ransomware is an ever-increasing threat to enterprises and new strains are being seen on a regular basis. This presentation starts by tracing the history of ransomware from its roots as being not much more than an annoyance, to the current highly sophisticated encrypting varieties.
Following this will be a deep dive into how the malware is delivered to the victim, and an analysis of the different stages of an attack.
Finally, we will look at methods of mitigating the attack in order to minimise or eliminate the damage done.
Mitch Sherfey, Principal Product Manager, Data Center Automation
Join us for an exclusive preview of the new BMC product developed to address your security needs! Watch and see how you can eliminate risks and reduce your attack surface by providing Operations teams with actionable data combined with automation. Help your Security and Operations teams address threats and vulnerabilities based on impact and priority.
Watch as Principal Product Manager Mitch Sherfey demonstrates how the tool:
- Provides a customized “to do” list to address threats based on policy and impact – ensuring the most critical issues are fixed first
- Offers Security teams a first-time ever view into operational plans – providing visibility into planned actions, predictive SLAs, and burndown views
- Creates an automated and standard process for Security and Operations teams to enable the relentless pursuit of threats
Scott Simkin, Palo Alto Cybersecurity Team and Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute
There are two ends of the spectrum of an attack: the cost of a breach to the victim, and the economic motivation of the cybercriminal. Much focus has been spent on understanding the increasing cost of breaches, and potential damages they can cause organizations. As cybercrime has increasingly become a business, we must also understand the relationship between time, cost and potential profit for an attacker. Like any business, it is a simple math problem, the benefit must outweigh the cost. Security decision makers can use this information to increase the cost of conducting successful data breaches to their organization, taking away the economic incentive, and majority of motivation for attackers.
This session will present compelling new research, including:
• Average time to breach an organization
• Typical yearly earnings of a cybercriminal
• Cost of conducing a breach for an attacker
• Most effective methods for dissuading or preventing attacks
Kasper Lindgaard – Director of Secunia Research at Flexera Software
Every year, Secunia Research at Flexera Software releases a review of the global vulnerability landscape, based on their large vulnerability database and data from the Personal Software Inspector user base.
The data in this research provides security professionals around the world with perspective on the impact and evolution of the threat landscape and what has trended throughout the year.
In this webinar, Director of Secunia Research at Flexera Software, Kasper Lindgaard will discuss the data presented in the Vulnerability Review 2016 and answer questions. The review itself is released on March 16.
-The number of vulnerabilities and zero-days detected in 2015
-How quick vendors are to respond to vulnerabilities
-Which programs have the most vulnerabilities
How safe are you from an insider attack? Despite the numerous press reports of devastating outsider attacks, insider attacks—deliberate or accidental—put corporations at risk. Often organizations don’t even know how much or what data is at risk, let alone how to detect, respond to and neutralize insider threats.
In this 20/20 webcast, James Carder, CISO of LogRhythm and VP of LogRhythm Labs, will discuss the challenges organizations face from a variety of insider threats and what you can do about them.
Breaches on Sony and Target released millions of customer records. As a custodian of highly sensitive client data, get a better understanding of your responsibility, and what we can do to better protect your clients’ information.
For Certified Members and Information Security Professionals Globally
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.