Name: Defining and Justifying an Advanced Security Program
Start: 2014-03-17T19:15:00Z
End: 2014-03-17T19:59:16.000Z
Location: BrightTALK
Rating: 4.38

Mandiant provides public and private organizations and critical infrastructure worldwide with early threat insights through unmatched intelligence and response expertise for the highest-profile incidents.

“It’s not IF you get breached, it’s when,” making it all the more critical for organizations to have the solutions in place to ensure cyber readiness. Threat intelligence is a vital component in protecting organizations from innovative attackers and their evolving TTPs, enabling security practitioners to gain visibility into the threats that matter to their business.

Join us for a conversation between experts, with John Hultquist, VP, Mandiant Threat Intelligence, and guest, Ian Thompson, Head of the Cyber Intelligence team within BP Digital Security. Ian will share how BP leans on threat intelligence to provide his security team with the visibility needed to better defend against threats and proactively solidify response readiness on a global scale.  Our experts will also cover:  

• How to build a resilient cyber security program leveraging operationalized threat intelligence
• BP’s response to multinational threats including the Iran Missile Strike and the Colonial Pipeline
• Key considerations in identifying gaps and reducing risk

Solidify Cyber Readiness with Threat Intelligence

Mandiant is pleased to invite you to a webinar discussion on ransomware attacks with our panel of experts from Baker Hostetler, Marsh, and Coveware.

Throughout 2021, there was a significant increase in the number of ransomware attacks across industries, with an estimated 1/3 of all organizations worldwide having experienced a ransomware attack or some form of a breach. Once opportunistic hackers have evolved into highly sophisticated cyber criminals, and their ransom demands have now reached several millions of dollars per incident, on average. Due to their complexity, these incidents result in significant financial, operational, reputational, and legal consequences.

Today, organizations are expected to be prepared for a ransomware attack. We will provide practical takeaways that organizations from all industries can implement.
Discussion topics will include:

• Threat profile of a ransomware attack including prevention and recovery strategies
• Legal implications of a ransomware attack 
• Insurance measures available to mitigate cyber risk
• Considerations and requirements for ransomware recovery negotiations

Developing Your Ransomware Playbook: Best Practices and Legal Considerations

Threat Intelligence covers an incredibly broad scope when it comes to cyber operations. Too often this is reduced to threat data feeds aimed at enriching SIEM detection. 

This leads to reactive operations, focusing on an event after it has occurred. One of the largest challenges organizations face is leveraging threat intelligence in order to help them turn their Security Operations into a proactive program. 

In this webinar, Ben Cook and Ryan Roobian will discuss leveraging the MITRE ATT&CK framework to help operationalize threat intelligence in a more proactive way.

Register for our webinar to better understand: 
- How to focus on what matters to your organization?
- How to objectively map these actors to a framework that will allow you to accurately know how to prioritize time and efforts?
- A use case of the Mandiant Threat Intelligence module 
- How to test these use cases against your current controls through Mandiant Security Validation
- How to build procedures around the Threat Intelligence use cases developed
- How to measure your controls based on those procedures
- Understand what the different solutions to the gap analysis are

Leveraging the MITRE ATT&CK framework to operationalize threat intelligence

If you could predict the future, your job as a security professional would be much easier. You’d know who is planning to attack you, what they are looking for, and how they plan to infiltrate your defenses.

A digital risk protection solution gives you visibility into your global attack surface and dark web activity. It lets you neutralize threat actor campaigns before they impact your operations. In this session, Mandiant experts share how Mandiant solutions enable digital risk protection, by:

• Building a complete cyber threat profile 
• Monitoring the open, deep and dark web for malicious chatter with Digital Threat Monitoring
• Using Threat Intelligence to understand threat actor TTPs and prioritize investments
• Increasing visibility across your global attack surface with Attack Surface Management

Strengthen Your Cyber Risk Profile with Mandiant

With more frequent and sophisticated cyber-attacks, organizations face increased risk of missing critical threats. At the same time, the ability to find and retain expertise across cyber security functions continues to impact an organization's ability to implement effective cyber defenses.
Learn how a digital risk protection solution helps you identify who is targeting you, what they’re after and how they plan to compromise you, giving you an early warning to proactively adjust your defenses. 
In this webinar, Mandiant experts will explain the critical elements of digital risk protection and how it helps you mitigate cyber risk, by:
• Knowing who is targeting you and how they are planning to compromise you
• Seeing what potential attackers are targeting with increased visibility across your organization and supply chain
• Understanding threat actor methods and tools to prioritize your defensive actions

Uplevel Your Security with Digital Risk Protection

Legacy tools designed before the cloud era do not deliver comprehensive visibility into the entire external attack surface, leaving assets out of sight and potentially vulnerable. Confirming this, Mandiant observed 21K+ critical and high severity issues across the customer base from January to March 2022. 

Join Jonathan Cran and Nader Zaveri for a discussion on the common entry points identified by Attack Surface Management in Q1 2022. They’ll discuss:
• How organizations end up with exposed external assets
• The methodology behind issue identification at scale
• Actions the security team can take to harden the external attack surface 
• Where an attack surface management approach fits into the overall cyber defense program at any organization

Common Entry Points Exposed on the Internet

In recent years, Mandiant has observed a significant increase in threat activity within the OT/ICS space targeting industrial and critical infrastructure organizations - threats that have the potential to impact production and safety measures.

As we continue to observe actors targeting OT in different ways—ranging from opportunistic actors to ransomware operators and even nation-state sponsored groups —our ability to acquire valuable data increases and enables a holistic view of the threat landscape. 

Daniel Kapellmann Zafra, Sr. Analysis Manager for Cyber Physical Threat Intelligence, will share details on how through enhanced visibility into diverse data sources, we can help identify threat actor activity during the early stages of the attack lifecycle and prevent them from reaching production systems.

Learn how a Big Picture Viewpoint Helps Uncover Operational Technology Threats

Global geopolitical summits, elections and sporting events are some of the most visible international, national and regional events. They also present unique cyber security challenges with respect to critical supportive infrastructure. These major events can last from a single day to multiple weeks or months, necessitating variable capabilities and surge capacity.  
 
Join Jon Ford, Managing Director, U.S. Government Consulting and Matt Hurling Sr. Consultant EMEA Government Consulting as they discuss Mandiant’s recommended multi-faceted approach to event security.  
 
 Topics will include:  
• How to defend against cyber threats with active defenses informed by intelligence 
• The three phases and their components to provide event security
• Prepare, harden and exercise (understand the environment) 
• Test, monitor and defend (anticipate threats) 
• Respond, contain and remediate (impose costs and survive attacks)

Event Cyber Security: Defending against Cyber Threats with Whole World Watching

Establishing and maintaining a comprehensive internal and external view of enterprise infrastructure is largely manual. For red teams or penetration testers tasked with testing the security posture, it can take weeks to complete reconnaissance efforts before testing begins. 

Mandiant Advantage Attack Surface Management is trusted and relied upon by one of the most revered cyber security consulting teams in the industry, Mandiant Consulting.  Mandiant Consultants leverage Attack Surface Management to automate external asset discovery and reconnaissance efforts at the onset of and continuously throughout customer engagements. 

Join Mandiant experts for a discussion on how automating reconnaissance benefits the security posture of customers.  The team will discuss:
- How they achieve visibility into a customer’s distributed IT environment that surpasses the knowledge of the customer. 
- Where to prioritize immediate efforts with insight into the high-risk assets being targeted by threat actors 
- How security teams can benefit from increased external visibility

The Power of Automated Discovery for Testing Security Posture

In our fourth and final session in the webinar series "Move Beyond Attack Simulation to Validate Security Effectiveness”, we'll explore how security validation helps you achieve operational competency and business continuity. 

Register to attend and learn how to design and execute a strategic security validation program to protect your company’s financial position and reputation.

Refer to the attachment section of this webinar, to register for previous parts of this webinar series " Move Beyond Attack Simulation to Validate Security Effectiveness".

Mandiant Security Validation Speaker: 
Robert Potter, VP of Customer Success, Mandiant Security Validation 
Major General Earl Matthews USAF (Ret), Vice President, Strategy, Mandiant Security Validation

Achieving Operational Competency through  Security Validation

Join Mandiant and SimSpace as they showcase the Mandiant ThreatSpace Cyber Range Experience – a joint offering that combines Mandiant’s industry-leading cyber-attack simulations and threat intelligence with the power of the SimSpace cyber range platform. See how ThreatSpace training provides visibility into real-world cyber incidents and creates live-fire events based on IOCs and TTPs from actual attacks, all in a consequence-free cyber range.

Validating Cyber Readiness with the ThreatSpace Cyber Range Experience

The Biden Administration recently issued a statement warning of potential cyberattacks against U.S. organizations, as tensions rise between Russia and the rest of the world. Potential attacks to state and local critical infrastructure would disrupt the lives of millions of Americans, affecting lifeline services such as power, water, healthcare services, and supply chains. 

State, tribal and municipal government organizations need clear visibility into their risks and interconnected assets, IT governance and more. The federal government is zeroing in on what governors and mayors can do right now to protect their citizens, including funds available to strengthen cyber posture.

Join us as we share steps state, local and tribal governments can take to:
• Understand the current threat environment and associated risks to government infrastructure
• Learn about the cyber security baseline every state executive should be able to answer as described in the March 30th letter to every governor from the Biden Administration
• Access CISA Shields up, a repository of services, advisories, guidance, and best practices to help states get started strengthening their cyber security posture 
• Tap into $1B DHS Grants funding to protect state infrastructure through 2025
• Get started for free today with Mandiant Intel and Services

Tap Into DHS Cyber Grants Funding to Strengthen State & Local Infrastructure

Organizations pursue mergers and acquisitions (M&A) to develop strategic business advantages. As part of their due diligence, companies investigate the potential business impact and risks from the merger or acquisition in several areas, including financial, legal and intellectual property. But they don’t always fully explore the consequences of combining the cyber security practices and technologies of two different organizations.
 
Join Mandiant consultants as they discuss why organizations going through a merger & acquisition need to identify priorities and asses vulnerabilities and security gaps. Our experts will share real life examples of how organizations we work with have done just that, allowing them to:  
 
1. Drive greater accuracy in the value of an acquisition by taking business and security risks into account before closing a deal
2. Review active and dormant risks that can threaten the acquiring brand's reputation and trust if left undetected
3. Define an integration strategy for disparate environments that is safe, efficient, and cost effective

Mandiant Tales from the Trenches | M&A Security Due Diligence

In The Sample FLARE analysts present stories of notable malware samples they have reverse engineered. The FLARE team studies hundreds of malware samples each month and here they share highlights of real-world malware and analysis techniques. These talks aim to educate and entertain technical and non-technical attendees alike.

In this first iteration, join Chris Gardner of the FLARE team as he examines the malware gift that keeps on giving. Even after politely asking it to stop. This talk covers:
- How to analyze droppers that just won’t stop dropping more PE files.
- How to extract new payloads when a sample performs process injection.
- Why open-source intelligence is both beautiful and dangerous.
- What analysis tricks reduced analysis time to a mere 45 hours.

The Sample: Beating the Malware Piñata

Vulnerabilities are discovered, disclosed, weaponized, and exploited at scale at an alarming rate around the internet every day. As enterprises grow increasingly more complex, it becomes harder and harder to identify and prioritize vulnerabilities within the organization before they are exploited by attackers.  
 
In this webinar, Jared Semrau, Director of Vulnerability Intelligence at Mandiant will be joined by Steve Carter, Co-founder and CEO of Nucleus Security to discuss how vulnerability intelligence can inform vulnerability management prioritization and decision making to ensure that organizations are focusing on the right vulnerabilities at the right time. 
 
The discussion will cover:
1.       The value proposition for enriching scan results with 3rd party vulnerability intelligence
2.       A deep dive into Mandiant’s vulnerability intelligence offering
3.       Operationalizing Mandiant’s vulnerability intelligence and automating intelligence-led vulnerability remediation at scale.

Using Threat Intelligence to Stay Ahead of Vulnerability Exploitation

An evolving and escalating threat landscape requires us to challenge the status quo and elevate our diverse community of women in cyber security to rise to the occasion. 
Join Mandiant, Microsoft, Kraus Hamdani Aerospace a NightDragon Portfolio company, and AthenaAlliance for a live panel discussing the state of cyber security and the opportunity that it presents to “elevate” the essential role of women in the industry. 

Listen in to a candid conversation between top women leaders from across the cyber security industry addressing the following:
• How they have been breaking biases.
•  Elevating the next generation of female executives.
•  Bringing their unique perspectives and talents to inspire change.
•  Sharing professional insights about cyber threats and the state of security today.
•  Contributing personal anecdotes about leadership and authenticity as a woman in 
         the current  environment. 

Facilitating and moderating the event will be Erin Joe, SVP of Strategy and Alliances, Mandiant and Executive Sponsor of Elevate and Coco Brown, Founder and CEO of Athena Alliance, and the panel will feature female executives from companies committed to elevating women in cyber security: 
Sandra Joyce, EVP, Mandiant Intelligence
Vasu Jakkal, CVP Security, Compliance, Identity, and Management, Microsoft 
Fatema Hamdani, Co-Founder and CEO of Kraus Hamdani Aerospace Inc., NightDragon Portfolio Company

About Elevate
Elevate’s vision is to create a community of women leaders and advocates in the cyber security industry. Our mission is to inspire, educate, and elevate women leaders throughout their career journeys. Mandiant and the Elevate network are committed to helping women leaders thrive, and to growing and educating the next generation of cyber security industry leaders.

Elevate your Cyber Awareness: Question your Assumptions Webinar

With 70% of malware signatures only seen once, attackers are more sophisticated and evasive than ever before. They're at the top of their game, selecting their targets with precision, and moving with lightning speed to get what they want.

Join us for this webinar with Richard Bejtlich, Chief Security Strategist at FireEye and learn key steps to developing a resilient security program.

Why you should attend:

• Know why your organization is at risk of an attack.
• Learn 13 key points to consider when justifying security programs.
• Understand how to start thinking strategically about security and the technology you implement.

Defining and Justifying an Advanced Security Program

Security

advanced

threats

program

incident

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Defining and Justifying an Advanced Security Program

Presented by

About this talk

More from this channel