Defining and Justifying an Advanced Security Program

Code Triage: Why Healthcare is Facing More Cyber Attacks and How to Protect Your Organization

Healthcare organizations face a number of unique security concerns, including the increasingly interconnected systems between doctors’ offices, hospitals, insurance companies, suppliers, etc. As such, healthcare is being targeted by multiple types of attackers: nuisance attackers (such as the creators of commodity malware), advanced persistent threat (APT) attackers, and cyber criminals. To battle such attackers, healthcare security teams need to understand:

-Why healthcare is at risk / what threat actors are seeking / how they are doing it
-Why email is the #1 threat vector in Healthcare and how to defend against it
-Best practices and action items for a more robust security program

As departments and agencies move business operations to the cloud, protecting assets and data remains top priority. Identifying the steps and actions needed to structure, develop, and implement effective security controls in this new environment is the critical first step.

Where should you start? How do you prioritize activities? How can you leverage existing IT programs, processes, and policies that are already in place?

Join FireEye’s Ron Bushar, Vice President & CTO - Government Solutions, as he shares steps and best practices to building a cloud assurance program, including:

- Identifying roles and responsibilities of government, service provider, and third-party stakeholders
- Adapting existing data classification scheme for cloud services and establishing a cloud-adapted risk assessment process
- Implementing requirements baselines, risk assessments, and approaches to addressing unique risk scenarios
- Selecting a cloud service delivery and deployment model

FireEye research recently indicated that an average of 14 thousand malicious emails per month were being missed by most email security solutions. Email is the number one threat vector and with impersonation and credential phishing or URL-based attacks on the rise your email security solution must keep up with the evolving threat landscape. In this webinar:

-Get a brief overview on the latest email threat trends
-Learn about the must haves for email security solutions and the benefits of having one provider
-Find out about additional email security capabilities that can help you have an adaptable solution
-Hear about a use case where FireEye helped detect and block impersonation techniques that the incumbent solution missed

Explore the latest developments behind today’s attacker techniques, behaviors, and motivations sourced from this year’s M-Trends 2019 Report, our annual publication based on FireEye Mandiant’s frontline investigations of the most interesting and impactful cyber attacks in 2018.

Join us for this webinar, as experts, Chris Nutt, Managing Director, FireEye Mandiant and Nick Bennett, Director, FireEye Mandiant discuss highlights and case studies from this year’s edition, including:

• Evolving attack trends in today’s threat landscape
• New advanced persistent threat (APT) groups that emerged in 2018
• Hidden risks found across M&A business activities
• Best practices lessons learned from the front lines of incident response


Register for the webinar NOW!

FireEye Chat
Front and Center with Today’s Leading Cyber Security Experts

FireEye Chat is a new quarterly talk show that brings guest experts front and center to cover today’s most important cybersecurity topics.

Episode #1: Front and Center with Kevin Mandia and the Evolution of M-Trends

Our inaugural episode celebrates the 10-year anniversary of M-Trends, our annual report on the latest developments that define today’s threat landscape. Join host Vasu Jakkal, FireEye CMO and special guest Kevin Mandia, FireEye CEO as they discuss the report’s origin story and the people behind it. They also cover:
• Key milestones in the evolution of the report
• How M-Trends has raised awareness about the importance of cyber security
• The most significant trends in today’s cyber threat landscape.

Watch now to get unique insights, direct from the frontlines, in what promises to be a series of lively and thought-provoking exchanges.

Attackers will continue to be effective through an increase in sophistication, but they will also be successful due to the challenges organizations face in recruiting and retaining skilled cyber professionals.

During this webinar we will discuss the benefits and challenges of in-house vs. outsourcing of cyber security operations, and how this has been affected by a cyber-skills shortage within the industry with ‘on-demand’ resource being readily available when needed with real time insight and expertise of cyber breaches.

"As cyber threats continue to grow, cyber vigilance is more critical than ever. How are CISOs and their security teams addressing the threat of cyber attacks like phishing, IoT-powered DDoS attacks, crippling ransomware or other attacks? How prepared are today's businesses to detect an attacker or launch the appropriate response?

Join top security leader and experts as they discuss:
- Top 5 cyber threats businesses face today
- Notable cyber attack methods and strategies and how to protect against them
- Solutions for network visibility, breach detection and response
- Recommendations for improving security and steps to take today"

The cyber security landscape is constantly evolving, with attackers becoming more and more aggressive. Companies need to know what they’re up against to ensure they are fully prepared for when a breach occurs. Over the last decade, consultants from FireEye Mandiant have shared the latest cyber security investigations and trends from the front lines with the release of the annual M-Trends Report.

Learn more about the latest developments from the newly launched M-Trends 2019 report. Get direct insight from Jurgen Kutscher, Executive Vice President, Service Delivery, FireEye as he highlights some of the report’s most interesting and impactful findings.

Discussion topics will include:
- Which trends in the cybersecurity landscape should we be more mindful of than in previous years
- New/emerging security technologies and solutions becoming more important
- Innovative ways the industry is addressing the skills gap
- Examples of attackers taking advantage of cloud-related weaknesses

When EDR gives you Answers and not Alerts

On February 13, MITRE released the results of its evaluation of FireEye Endpoint Security in a simulation of real-world attacks by APT3 (a Chinese government-backed adversary). Based on this evaluation and an independent scoring methodology, FireEye delivered the highest efficacy scores and the highest number of behavior-based detections and provided the most relevant contextual information about an attack.

During this session, our EMEA CTO David Grout will present the MITRE Methodology and how to interpret it. We will discuss about metrics and capabilities highlighted during this process and how FireEye has been ranked the number #1 EDR in this test.

Through 2022, at least 95% of cloud security failures are predicted to be the customer’s fault (Gartner). But change how you think about cloud security, and you can be a success story.

Our webinar on Thursday, February 28, helps debunk several common myths that jeopardize your fast, secure, migration to the cloud:

• The cloud is unsafe
• My organization doesn’t use the cloud
• My cloud provider will keep me secure
• The cloud is just someone else’s computer
• Advanced adversaries aren’t attacking the cloud

You’ll also learn how to identify a trusted advisor for cloud migration so you can confidently take advantage of cloud advancements.


Presented by: Martin Holste, Cloud CTO at FireEye

Many breached organizations—of all sizes—believed they had effective security programs and incident response plans. Reality proved otherwise.
Now, executive leaders are far more concerned with incident preparedness. When the Board asks, ‘How ready are we, really?’ your security team must have a defensible response.

In this webinar, Jeff Laskowski, Security Consulting Director of FireEye Mandiant, explains how to achieve effective preparation:

• Test your team’s detection and response capabilities to protect key assets against real-world targeted attacks—without the consequences of a real incident
• Assess your organization’s crisis management capabilities through the lens of an executive team
• Improve your team’s detection and response capabilities in accordance with the latest attacker tactics, techniques, and motivations

Join this webinar today to learn what it takes for your team to know how they would perform under a real threat, before they actually have to.

As the door closes on 2018, we walk away armed with knowledge about what’s to come in 2019 and beyond. We know attackers will attack and defenders will be tasked with stopping them, but there is a lot more we can do to be prepared for upcoming threats and ensure we’re innovating faster than bad actors.

Join Christopher Porter, Chief Intelligence Strategist at FireEye, as he shares his thoughts about cyber security in 2019. During the webinar, Christopher will touch on various topics discussed in our Facing Forward: Cyber Security in 2019 and Beyond report, which was developed based on insights from our senior leaders, FireEye Threat Intelligence, Mandiant incident responders, and FireEye Labs. Tune in to learn about:

•Threats to the aviation industry, including cyber espionage and cybercrime
•What to expect from established and emerging nation states
•How threat actors are changing their tactics to stay ahead of defenders

Register today to learn what lies ahead and stay one step ahead of cyber security threats.

As the cyber threat landscape evolves, lawmakers are prompting organizations to protect their networks and handle sensitive information more mindfully with cyber security and breach notification laws that are stricter, carry higher penalties and result in further enforcement.

Companies are spending more time and resources managing cyber security risks—but where should organizations focus their time, talent and spend? And how does a multinational organization navigate these complex regulatory requirements?

Join Ron Bushar, VP and CTO of Government Solutions at FireEye, Michael Trevett, Director of Professional Services at FireEye Mandiant, and Heather Sussman, Partner at Ropes & Gray, as they share their security and legal expertise:

• Executive perspectives on the impact changing security regulations has on how organizations are thinking about cyber security
• Regional overviews of existing and upcoming regulations in North America, EMEA, and APAC
• Impact of GDPR on regional business landscapes since its formal release in May
• Influence of the SEC’s recent interpretive guidance on security risks and incident disclosures
• Best practices for making cyber security a strategic priority and a competitive advantage


Also don't miss "Leading with Threat Intelligence – How to Select the Right Security Provider," the first webinar in this two-part series aimed to help you be better prepared for what's to come in 2019. Register Now - https://www.brighttalk.com/webcast/7451/342393

Today’s sophisticated attackers often hide within the noise of abundant alerts generated by a myriad of security products. Limited budgets, a shortage of skilled security staff, and rigid regulatory requirements make it difficult for organizations to effectively identify and understand these threats—negatively affecting risk-based decision making and asset protection.

Effective cyber security requires an understanding of who is likely to target you, and how they operate.

As security leaders and executives turn to service providers to evaluate their security maturity, manage business risks and build sustainable security programs, they often ask ‘how do I select the right security partner for my organization?’

Join Nick Flores, Security Consulting Director at FireEye Mandiant, as he shares insights and expertise on:

• Selecting the right service provider for your organization
• Realizing limitations of providers who apply traditional and compliance-focused approaches
• Working with providers who intimately monitor attackers across the evolving threat landscape
• Understanding the role of cyber threat intelligence in effective cyber security services
• Asking the right questions of your security providers to enable critical business decisions

Also, don't miss "Navigating Today’s Global Cyber Regulations – Regional Perspectives," the second webinar in this two-part series aimed to help you be better prepared for what's to come in 2019. https://www.brighttalk.com/webcast/7451/337259

As cyber threats continue to proliferate and expand, so does the arsenal of tools organizations employ to protect against the attackers. With most security solutions equipping to solve only narrow problems, it has become the norm for organizations to deploy an unbearable amount of technologies. Join Misha Sokolnikov, Director of Product Marketing, FireEye as he provides:

• An overview of why security solutions today are not integrated and cause complexity, inefficiencies and excessive alert noise
• The tactics that threat actors use to take advantage of disjointed, complex security technologies
• The most critical threat vectors and how the consolidation and integration of security tools can help you improve your security posture

Register Now!

Cyber threats plague the financial services industry:
• Advanced persistent threat (APT) actors seek to support economic reforms and reach state goals
• Financial threat actors seek financial gain through the direct theft of funds or the sale of stolen information
• Disruptive threat actors and hacktivists seek to gain publicity, divert banks' attentions, or demonstrate a political motive

Any one of these threats would increase activity in an industry, but the presence of all three likely accounts for the large number of intrusions in financial services organizations.

Join us for a live video panel and get executive insights for critical topics relevant to the financial services industry, including the:
• Nature of threats, as well as their motivations and tactics, techniques and procedures (TTPs)
• Ripple effect consequences of geopolitics
• Cost of a breach and importance of risk awareness in the boardroom
• Need to keep GDPR a high priority

Mandiant responded to an incident in 2017 at a critical infrastructure organisation where an attacker deployed malware designed to manipulate industrial safety systems. The targeted systems provided emergency shutdown capability for industrial processes. This malware, called TRITON, is an attack framework built to interact with Triconex Safety Instrumented System (SIS) controllers.

Join David Grout, our Technical Director for South EMEA, for a live session and get insights into the technical framework details and the potential outcomes.

In many ways, public cloud is more secure than a traditional data center. And yet, assets on the public cloud are still being compromised just as those stored in traditional data centers. Mandiant, the industry leader in incident response consulting, estimates that 15 percent of all of its incident response involves public cloud assets. So, if the cloud is more secure, why is it still getting hacked?

In this session, we will discuss
• the challenges in Cloud Security
• how to design an effective strategy to tackle them