Martin McKeay, Security Advocate, Akamai Technologies
They say old protocols never die. Okay, no one really says that, but it’s what happens in reality. If you look around a little, you can still find organisations with token ring networks while dial-up modems still account for a small, but significant part of Internet usage worldwide. And then there are the current protocols that simply never get updated. DNS and NTP are staples of the Internet that are absolutely necessary.
Martin McKeay, Akamai’s Security Advocate for EMEA, will explore the dangers of some of the outdated and unpatched protocols on the Internet today. These antiquated communication methods are being used and abused by malicious actors to send traffic and attacks against your network. Explore how to protect yourself, and learn good network hygiene practices to make sure your organisation is not part of the problem.
Organisations worldwide continue to struggle to attract and retain skilled information and cybersecurity professionals. Overcoming this challenge requires a more imaginative, business and people-centric approach to the recruitment of security professionals. However, once you have the right people in place, it is imperative to retain them and use their skills to embed positive-information security behaviours throughout the organisation.
So in an era where cyber security is a C-suite business challenge, how can board colleagues work with security professionals and others within the enterprise to address these issues?
Join Steve Durbin, Managing Director of ISF Ltd, for a 45 minute webcast, where he will discuss how organisations can develop and implement an information security awareness culture that will engage with employees at all levels.
Grady Boggs, Principal Security Specialist, Microsoft
The consumerization of IT, bring your own device (BYOD), and software-as-a-service (SaaS) provide organizations with impressive productivity gains, but bring with them the challenge of secure management. Grady Boggs, Principal Security Specialist, illustrates the Microsoft comprehensive cloud solution, the Enterprise Mobility Suite (EMS), and details how users can stay productive while keeping corporate information safe and secure.
Identity Access Management is a complex matrix of requirements meant to assure that only the right people have access to your data. This requires the creation of a rules, roles, and a method for preserving information about access rights. In other words, we create 'big data' that then must be mined to find the most risky individuals and risky behaviors. By starting with a risk-based approach, finding those behaviors and individuals is easier. Explore with us as we examine how risk values can be assigned as you build the database so that analyzing and reporting become easier.
Debbie Umbach, Director of Product Marketing at BitSight
As mitigating third party risk becomes an essential business function across many industries, business relationships will be tested. Organizations must now subscribe to a “trust, but verify” philosophy to ensure their third parties are secure. To verify vendor security, organizations now use BitSight Security Ratings, which are gathered externally and don’t rely on any vendor input.
On August 27 at 1:00 pm EST join Debbie Umbach, Director of Product Marketing at BitSight as she discusses the best practices for implementing vendor security ratings. Viewers will learn:
- different approaches for incorporating BitSight Security Ratings into vendor risk management (VRM) programs, whether your program is just getting started or is well underway
- how companies have used BitSight Security Ratings to notify key vendors of security incidents
- how vendor ratings can allow for more effective communication and thus greater transparency
Wade Woolwine, Manager of Strategic Services at Rapid7 | Mike Scutt, Senior Consultant, Strategic Services at Rapid7
Non-targeted, opportunistic, targeted, and insider are 4 threat types, or groupings, that have been understood by the security community at large for years. These groupings of threats are largely based on motivation, prevention, detectability, cost, and impact to those affected. On the defensive side, the concept of defense in depth where you secure the outer perimeter to prevent threats, monitor the interior perimeter for anomalous behavior, and apply tight restrictions to the most sensitive data and system has also been a proven approach to minimizing the impact of threats.
Join Wade Woolwine and Mike Scutt from Rapid7’s threat detection and incident response team to discuss how making threat groupings, the attack lifecycle, and defense in depth part of your overall security program planning can help you apply your resources in a way to maximize prevention, detection, and response for a more effective ROI.
When did we forget that old saying, “prevention is the best medicine”, when it comes to cybersecurity? The current focus on mitigating real-time attacks and creating stronger defensive networks has overshadowed the many ways to prevent attacks right at the source – where security management has the biggest impact. Source code is where it all begins and where attack mitigation is the most effective.
In this webinar we’ll discuss methods of proactive threat assessment and mitigation that organizations use to advance cybersecurity goals today. From using static analysis to detect vulnerabilities as early as possible, to managing supply chain security through standards compliance, to scanning for and understanding potential risks in open source, these methods shift attack mitigation efforts left to simplify fixes and enable more cost-effective solutions.
John Meegan, Mike Edwards & Claude Baudoin from the Cloud Standards Customer Council
When considering a move to cloud computing, customers must have a clear understanding of potential security benefits and risks associated with cloud computing, and set realistic expectations with their cloud provider. "The Security for Cloud Computing: 10 Steps to Ensure Success" webinar provides a practical reference to help enterprise IT and business decision makers analyze the security implications of cloud computing on their business. The presentation will provide guidance and strategies designed to help these decision makers evaluate and compare security offerings from different cloud providers in key areas
Tony Themelis, VP of Product Strategy, Digital Guardian
Are you ready for your next security audit from one of your most important customers? This webinar will help you gauge your readiness and identify areas you need to improve.
Sophisticated cybercriminals have identified third party suppliers and service providers as a lucrative back door to steal sensitive corporate information. Consequently, many companies are facing increasing pressure to meet stringent data protection audits from their largest clients.
Based on our experience with a range of customers who have had to meet stringent partner data protection security audits, we’ve identified the most common data protection audit questions.
– The 12 most common questions in a client data protection audit
– What the client is really looking for with each question
– Guidance on your “audit readiness”
Mike Saurbaugh, IANS Faculty Member and Rakesh Shah Senior Director of Product Marketing and Strategy, Arbor Networks
Availability is one of the core principles in the security CIA triad and one which business leaders tend to grasp more so than other technical risks associated with security. Customers want and expect access to their finances anytime and from anywhere. How is the financial industry grappling with distributed denial of service (DDoS)? What is the financial impact to an institution under DDoS attack? Are financial services firms witnessing an increase in DDoS attacks and duration? If so, what countermeasures are in place to ensure availability does not suffer?
Lastly, what is the financial services industry relying on as sources of intelligence?
Join us to hear answers to these questions and more as IANS Research and Arbor Networks present poll results from financial services’ security executive management surveyed.
Patrick Foxhoven, VP & CTO of Emerging Technologies at Zscaler and Frank Gillett, VP Principal Analyst at Forrester Research
A recent report by Forrester Research identified security as being the "top concern" for enterprise technology and business decision-makers for IoT*. While the Internet of Things offers great potential for businesses to create new services and improve operational efficiencies, it offers a greater potential for security breaches.
Join us for a compelling webcast that will walk you through the latest security insights for combating IoT risks.
We will also discuss:
- Key trends driving IoT
- Vulnerabilities within your organization that you need to be aware of
- The latest strategies and techniques cyber-criminals are using today
- What your organization can do to address these security risks
Gautam Aggarwal, Chief Marketing Officer, Bay Dynamics
Organizations spend billions on data security solutions and tools. Yet, high profile data breaches continue unabated. Join our live webinar on Tuesday, August 25, 2015 at 10:00 am PT/1:00 pm ET to find out how to identify and tackle these blind spots that put your business at risk.
Rajneesh Chopra, VP of Product Management, Netskope and Todd Partridge, Director of Product Marketing, Intralinks
Be honest: you don’t know how your employees are sharing sensitive information outside the company.
You’re not alone. Half of respondents to a recent Ponemon Research survey acknowledged they don’t have visibility into how employees are using file sharing applications. Cloud collaboration solutions make your business more productive, but without proper controls they can quickly lead to data loss, security breaches, and regulatory failures.
Join Intralinks, a leader in secure content collaboration solutions, and Netskope, a pioneer and leader in safe cloud enablement, as they discuss:
· How to uncover and secure file sharing applications being used in the organization
· Ways of enforcing regulatory compliance and governance across the enterprise, to ensure that information is always within your control
· Approaches that will help support pending data privacy legislation
Microsoft Office 365 is quickly establishing itself as the go-to productivity suite used in organizations today. However, even Microsoft maintains that Office 365 security is a shared responsibility between itself and the customer. Office 365 provides some capabilities natively, but at the end of the day, Microsoft does not take responsibility for managing mobile access, enforcing access policies, and meeting compliance requirements. Join us for an informative webinar where you’ll learn how to define, develop, and execute an Office 365 security plan while meeting all of your compliance obligations.
Rob Sobers, Director of Inbound Marketing, Varonis
Target lost 40,000,000 records in 2014 in a breach that cost them $148 million dollars. Ouch. They had lots of fancy tools watching the perimeter, but fell short when it came to securing insider access.
Protecting against insider threats, whether malicious or accidental, is extremely difficult, especially when 71% of employees say that they have access to information they aren’t supposed to see.
Florian Malecki, International Director, Dell Security
Today's workforce is mobile, with employees demanding access to more resources from more remote devices and platforms than ever before. Global networks connect employees, partners and customers over multiple Internet, intranets and VoIP channels. Even the smallest organization is now competing globally. IT organizations are struggling to keep up with mobile worker demand for access to more resources from more device types without compromising security and data.
Join this webinar to learn how you can get ahead of the next wave of mobile access and security challenges.
Abstract: Demonstrating compliance with PCI DSS is far from a trivial exercise. With the deadline for complying with the new PCI DSS 3.0 requirements coming up soon, are you sure you can document your compliance? Join us for this demo-based customer training where we will show you how to get the most out of USM for your PCI DSS compliance efforts, and your overall security posture.
Core USM capabilities that map to specific PCI DSS requirements
NEW PCI DSS reports added in the latest product release
Specific use cases illustrating how to use USM to ensure compliance and improve security
Grayson Milbourne, Security Intelligence Director at Webroot, Inc.
This year’s BlackHat conference was the largest ever in both attendance and vulnerabilities disclosed. From the Fiat Chrysler recall of 1.4 million vehicles due to a remote hacking security gap, to the nearly billion Android devices that needed updating against an MMS flaw in the Stagefright engine, the issues facing our digital world are only becoming more severe. This presentation will review the hottest discussion topics from BlackHat, as well as provide updates and insights on the current threat landscape and the security issues the future may hold.
The era of digital business is bringing a lot of opportunities for organizations. At the same time, it is bringing new challenges for those in charge of securing companies’ assets: customer data, intellectual property, and infrastructure.
The digital business environment requires a new approach to security. An approach that focuses on supporting the business to achieve its desired outcomes while ensuring that what really matters is protected from the reach of hackers and criminals.
In this webinar we will look into two distinct areas of IT: Enterprise Application and Mobility and the vulnerability landscape around those to discuss some of the challenges security professionals are facing today.
John Hawley; VP of Security Strategy at CA Technologies & Hila Gvir; Senior Principal Product Manager at CA Technologies
A successful Consumer-Scale Identity Management Deployment is far more than just adding more users. The user experience becomes critical in the success of the deployment as a new type of user begins to interact directly with the identity infrastructure. This webcast will show how to sell these projects to the business and how to create a user experience that will help ensure its success.
For Certified Members and Information Security Professionals Globally
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.