Breach Response Readiness – What the C-Suite Needs to Know
"It’s no longer a case of ‘if you will be breached’, but instead how you’ll respond to and remediate the situation ‘once you are breached." – Kevin Mandia, CEO, FireEye
The FireEye 2017 M-Trends report indicates the average global dwell time of an attacker within a targeted environment is 99 days. This gives adversaries over three months to roam your network and steal sensitive data—before a breach is even detected.
Cyber security and incident response (IR) readiness is an evolving responsibility that has become a strategic priority for enterprises worldwide.
Given today’s cyber landscape, all C-suite leaders have an important role to play in their organization’s cyber security posture and IR plan. Their individual and departmental contributions must help protect vital assets, safeguard privacy and ensure uninterrupted operations.
Join the conversation as Troy Scavella, Principal Consultant of Mandiant, a FireEye company, talk to executives about:
• The current state of C-suite IR involvement, and how and why their status is evolving
• A best practice phased approach of executive contributions to be made before, during and after a breach
• Actionable tips for executives to apply and enforce across each phase of the IR process
• Protection of critical assets with IR preparation and improvement
RecordedMar 8 201856 mins
Your place is confirmed, we'll send you email reminders
Matt Shelton, Director, Technology Risk & Threat Intelligence, FireEye
FireEye relentlessly protects its customers. But who protects FireEye? Join us for an overview of how FireEye uses its own products and services to protect itself from the same threats faced by customers.
In this webinar, Matt Shelton, FireEye Director of Technology Risk and Threat Intelligence, will reveal how FireEye:
•Uses threat intelligence to proactively protect the organization
•Detects threats using FireEye Network Security products
•Responds to incidents with FireEye Endpoint Security
•Leverages Helix as its security operations platform
•Hunts for known and unknown threats within its environment.
A Breach Investigation Scenario Leveraging FireEye Endpoint Security
FireEye spends thousands of hours annually investigating the world’s most impactful security breaches - you don’t have to stand alone when this happens to you. In this webinar, we will use a real-life scenario to dive deeper into how breaches are discovered and importantly, what security lessons can be learned.
Join FireEye’s Vinoo Thomas as we take a closer look at the discovery of credential harvesting and multiple compromised clients from a single compromised endpoint. Learn how investigation can be used to find and contain the impact of a breach in nearly any environment.
Rob van der Ende, VP APJ, FireEye Mandiant & Kelly Butler, Head of Cyber Practice, Marsh Pacific
Rapidly evolving threats and infiltration techniques have rendered traditional cyber defense strategies insufficient and ineffective. The emerging threat vectors and speed of change amplified by the digital transformation cannot be addressed by traditional means. Globally, laws are also changing to keep pace as cybercrime evolves, knowing no boundaries. Therefore, organizations must be nimble and agile to keep pace with policy changes, especially when expanding across different jurisdictions
Join us as we discuss three strategic imperatives to strengthen cyber resilience:
• Understand (know your threats) – Identify organization- and industry-specific cyber threats and regulations calls for robust strategies that include cross-disciplinary considerations.
• Measure (know yourself) – Quantify the potential financial impact of cyber exposures to compare against the level of risk appetite acceptable to the board. This will determine the amount of investment necessary to mitigate and transfer any residual risk.
• Manage (know what you can do) – Proactively manage cyber risks by having clear action plans based on your capabilities and capacities to protect against cyber criminals.
While cyber-attacks are inevitable, proper preparation is the essential element that sets resilient organizations apart from the rest in managing risk, minimizing damage, and recovering quickly from any incidents.
Stanley Parret, Principal Consultant, FireEye Managed Defense
The shortage of cybersecurity workers is a growing concern for the teams who are directly responsible for protecting the organization against cyber threats. It’s estimated that by 2021, 3.5 million cyber security positions will go unfilled.
Join Stanley Parret, Principal Consultant for FireEye Managed Defense, for a look at the unforeseen challenges and consequences of the growing cyber skills gap, especially around protecting against advanced threats. In this webinar, we’ll discuss:
-The impact of staffing shortages on security practitioners
-How they’re being required to protect more with less
-The options available to security teams who need to extend their capacity
Ben Forster, Sr. Product Marketing Manager, FireEye
Managing security operations is a challenge, and the technologies most organizations are using don’t provide the visibility, detection efficacy, or context they need. As their risk profile expands, organizations rely on hiring more analysts and purchasing more tools, often depending on manual processes to find and mitigate threats. The high volume of alert noise strains security teams’ resources and increases the probability they will miss an alert that matters. Organizations need a single solution that centralizes their security management, provides visibility, and allows them to quickly respond to threats with automation.
In this webinar:
- Understand the benefits of technology consolidation
- Learn about what a single platform can do for your people and processes
- Discover the untapped potential of your security investments
The numbers make stark reading. 281 billion emails sent daily to over 2 billion business users. 91% of all cyber-attacks start with an email and it only takes 1 with malicious intent to impact your organisation. With evolving methods used by the adversary, it’s becoming increasingly difficult not to get burned.
Join Gareth Fraser-King, Director, Product Marketing EMEA, to learn:
- The state of the cyber landscape, specific to email security.
- How the attack vector is changing with new tactics, techniques, procedures and what you need to look out for.
- Why is FireEye better at catching evolving attacks and how this can benefit you.
Managed Detection and Response (MDR) services should spot prevention failures and respond quickly. Good MDR services spot Red Teams and Pen Testers who are tasked with defeating preventative controls. A great MDR service knows when real, malicious threat actors are hiding their footprints amongst Red Team activity. In this war story, we discuss how Managed Defense, FireEye's MDR service, deals with such situations.
Matt Keane, Senior Director, Risk Management Services – FireEye Mandiant
Using Risk Management to Optimize Cybersecurity Costs: Best Practices for the C-Suite
Cyber risk management is increasingly becoming a strategic priority for executive leaders worldwide, though many organizations find it challenging to accurately anticipate, prioritize, and forecast risk mitigation costs.
C-level executives can meet these challenges by engaging their boards and their security teams to ensure they have the right data to scope risk-based focus areas. This allows the organization to plan effectively while keeping necessary security investments top of mind.
Join this webinar with Matt Keane, FireEye Mandiant Senior Director of Risk Management Services, as he explains how to:
• Identify the top risks to your organization based on threat intelligence—and communicate these trends to your board of directors in a way they’ll hear
• Ensure that the board’s security investment decisions support your organization’s appetite for risk
• Establish a framework that ensures the alignment of strategic priorities with security spending
• Track the right risk performance metrics to monitor changes in your unique risk profile, so that you can shift priorities and spending when needed
• Apply these lessons to a sample business scenario.
Register for this webinar to learn how executives like yourself can effectively implement these cyber risk management practices today.
Like most cyber criminals, advanced persistent threat (APT) groups try to steal data, disrupt operations, and destroy infrastructure. But unlike other attackers, APT attackers pursue their objectives over months or even years, adapting to defenses and frequently retargeting the same victim.
Join this webinar to hear David Grout, FireEye EMEA Chief Technology Officer explain how effective cyber threat intelligence (CTI) helps you understand APT groups’ intents and tactics so you can stay ahead of attacks, instead of just reacting to them. He’ll also provide:
•A high-level overview of the nation-state interests driving APT activity
•Insight into the most recent APT attacks investigated by FireEye
•A deep dive into the workings of APT40, a Chinese cyber espionage group that typically targets countries and organizations strategically important to the country’s “Belt and Road Initiative.”
Steve Ledzian, Vice President & Chief Technology Officer, APAC, FireEye
Red Team assessments help organizations identify weaknesses in their current detection and response procedures so they can update their existing security programs to better deal with modern threats. We'll look at a red team case study detailed in FireEye's MTrends 2019 report where consultants performed an objective-based assessment that emulated a real cyber attack of an advanced, nation state attacker across the entire attack lifecycle
Today, defeating cyber attackers and the techniques they employ requires real-time insight and intelligence. Staying ahead of attacks, instead of merely reacting, is the heart of cyber threat intelligence. To illustrate the importance of these capabilities to both public and private sector organizations, Tavis will draw from recent real-world intelligence findings, such as FireEye’s collaboration with Facebook and Google to identify Iranian government influence campaigns, as well as our identification of North Korean state-sponsored groups targeting the energy sector.
Nick Bennett, Director, FireEye Mandiant & Matt McWhirt, Sr. Manager, FireEye Mandiant
Many organizations struggle with how to prioritize hardening and protective security actions.
Based on 15+ years of frontline incident response experience, FireEye Mandiant consultants have identified a number of technical and programmatic defensive trends and best practices to help you prepare for incidents and mitigate their impact.
Join our webinar, where Mandiant incident response experts Nick Bennett and Matt McWhirt will discuss the following topics:
• Five technical categories to consider when implementing preventative security
• Proven tips to effectively execute network segmentation, endpoint hardening and other critical tasks
• Common pitfalls in evidence destruction, investigation techniques and remediation timing
• Recommendations for enabling effective remediation and the power of operational playbooks
Register today to learn how to better handle your organization’s next security incident.
Matt Shelton - Director of Technology Risk and Threat Intelligence
There is no doubt that insider threats pose a significant risk to organizations and government agencies, as they can compromise sensitive and confidential data. Any accidental or malicious act by an employee can potentially lead to catastrophic incidents that threaten an organization’s security and reputation. The ability to identify, combat and protect against insider threats is critical to your organization’s security posture.
Join FireEye’s Matt Shelton, Director of Technology Risk and Threat Intelligence as he discusses how organizations must stay vigilant against external threats while keeping a keen eye on the risk that insider threats pose.
Matt will also address:
•What an insider threat looks like to your organization
•What assets and systems are targeted by inside threat actors
•Steps to secure your organization against these threats
Long gone are the days when a single individual or team – whether IT not – would oversee cyber security at an enterprise. Savvy business leaders know that security is the responsibility of everyone, from the entry-level staffer on up to the board, and that a knowledgeable and prepared executive team can mean the difference between a minor incident and a major breach.
One of the most important decision-makers when it comes to cyber security is the General Counsel (GC). No one knows this better than Alexa King, EVP and General Counsel at FireEye. In this video, Alexa sits down with Karen Kukoda, FireEye Senior Director of Strategic Alliances, to discuss not only the role the GC plays in cyber security, but also the duties of the board of directors in overseeing cyber security.
Watch the video to learn about all of this and more:
-How cyber risk has evolved and how we need to start thinking about it
-Preventative measures GC should take and how they can educate their teams
-Incident response planning and preparedness
-How to include cyber risk partners to complement your team’s security strategy
FireEye analysts work to identify cyber espionage trends and gather the evidence needed to name APT groups.
The most recently named groups—APT38, APT39, APT40—exemplify the variety of state-sponsored threats that network defenders face today: a North Korean operator specializing in bank heists, an Iranian group tracking personal data and specific individuals and a long-established Chinese actor shifting its targeting to reflect changing geopolitics.
In this webinar, Fred Plan, Sr. Threat Intelligence Analyst at FireEye provides:
• A high-level overview on how nation-state interests are driving APT activity
• Insight into the most recent APT groups investigated by FireEye
• The latest adversary tactics, techniques and procedures (TTPs) these groups use
Code Triage: Why Healthcare is Facing More Cyber Attacks and How to Protect Your Organization
Healthcare organizations face a number of unique security concerns, including the increasingly interconnected systems between doctors’ offices, hospitals, insurance companies, suppliers, etc. As such, healthcare is being targeted by multiple types of attackers: nuisance attackers (such as the creators of commodity malware), advanced persistent threat (APT) attackers, and cyber criminals. To battle such attackers, healthcare security teams need to understand:
-Why healthcare is at risk / what threat actors are seeking / how they are doing it
-Why email is the #1 threat vector in Healthcare and how to defend against it
-Best practices and action items for a more robust security program
Ron Bushar, Vice President & CTO - Government Solutions
As departments and agencies move business operations to the cloud, protecting assets and data remains top priority. Identifying the steps and actions needed to structure, develop, and implement effective security controls in this new environment is the critical first step.
Where should you start? How do you prioritize activities? How can you leverage existing IT programs, processes, and policies that are already in place?
Join FireEye’s Ron Bushar, Vice President & CTO - Government Solutions, as he shares steps and best practices to building a cloud assurance program, including:
- Identifying roles and responsibilities of government, service provider, and third-party stakeholders
- Adapting existing data classification scheme for cloud services and establishing a cloud-adapted risk assessment process
- Implementing requirements baselines, risk assessments, and approaches to addressing unique risk scenarios
- Selecting a cloud service delivery and deployment model
Ken Bagnall, Vice President, Email Security, FireEye, moderated by Christopher Porter, Chief Intelligence Strategist, FireEye
FireEye research recently indicated that an average of 14 thousand malicious emails per month were being missed by most email security solutions. Email is the number one threat vector and with impersonation and credential phishing or URL-based attacks on the rise your email security solution must keep up with the evolving threat landscape. In this webinar:
-Get a brief overview on the latest email threat trends
-Learn about the must haves for email security solutions and the benefits of having one provider
-Find out about additional email security capabilities that can help you have an adaptable solution
-Hear about a use case where FireEye helped detect and block impersonation techniques that the incumbent solution missed
Chris Nutt, Managing Director, FireEye Mandiant and Nick Bennett, Director, FireEye Mandiant
Explore the latest developments behind today’s attacker techniques, behaviors, and motivations sourced from this year’s M-Trends 2019 Report, our annual publication based on FireEye Mandiant’s frontline investigations of the most interesting and impactful cyber attacks in 2018.
Join us for this webinar, as experts, Chris Nutt, Managing Director, FireEye Mandiant and Nick Bennett, Director, FireEye Mandiant discuss highlights and case studies from this year’s edition, including:
• Evolving attack trends in today’s threat landscape
• New advanced persistent threat (APT) groups that emerged in 2018
• Hidden risks found across M&A business activities
• Best practices lessons learned from the front lines of incident response