Interview: Martin Holste on the Future of Security in the Cloud

FireEye relentlessly protects its customers. But who protects FireEye? Join us for an overview of how FireEye uses its own products and services to protect itself from the same threats faced by customers.

In this webinar, Matt Shelton, FireEye Director of Technology Risk and Threat Intelligence, will reveal how FireEye:

•Uses threat intelligence to proactively protect the organization
•Detects threats using FireEye Network Security products
•Responds to incidents with FireEye Endpoint Security
•Leverages Helix as its security operations platform
•Hunts for known and unknown threats within its environment.

Through 2022, at least 95% of cloud security failures are predicted to be the customer’s fault (Gartner). But change how you think about cloud security, and you can be a success story.

Join our webinar, which helps debunk several common myths that jeopardize your fast, secure, migration to the cloud:

• The cloud is unsafe
• My organization doesn’t use the cloud
• My cloud provider will keep me secure
• The cloud is just someone else’s computer
• Advanced adversaries aren’t attacking the cloud

You’ll also learn how to identify a trusted advisor for cloud migration so you can confidently take advantage of cloud advancements.


Presented by: Martin Holste, Cloud CTO at FireEye

A Breach Investigation Scenario Leveraging FireEye Endpoint Security

FireEye spends thousands of hours annually investigating the world’s most impactful security breaches - you don’t have to stand alone when this happens to you. In this webinar, we will use a real-life scenario to dive deeper into how breaches are discovered and importantly, what security lessons can be learned.

Join FireEye’s Vinoo Thomas as we take a closer look at the discovery of credential harvesting and multiple compromised clients from a single compromised endpoint. Learn how investigation can be used to find and contain the impact of a breach in nearly any environment.

Rapidly evolving threats and infiltration techniques have rendered traditional cyber defense strategies insufficient and ineffective. The emerging threat vectors and speed of change amplified by the digital transformation cannot be addressed by traditional means. Globally, laws are also changing to keep pace as cybercrime evolves, knowing no boundaries. Therefore, organizations must be nimble and agile to keep pace with policy changes, especially when expanding across different jurisdictions

Join us as we discuss three strategic imperatives to strengthen cyber resilience:
• Understand (know your threats) – Identify organization- and industry-specific cyber threats and regulations calls for robust strategies that include cross-disciplinary considerations.
• Measure (know yourself) – Quantify the potential financial impact of cyber exposures to compare against the level of risk appetite acceptable to the board. This will determine the amount of investment necessary to mitigate and transfer any residual risk.
• Manage (know what you can do) – Proactively manage cyber risks by having clear action plans based on your capabilities and capacities to protect against cyber criminals.

While cyber-attacks are inevitable, proper preparation is the essential element that sets resilient organizations apart from the rest in managing risk, minimizing damage, and recovering quickly from any incidents.

The shortage of cybersecurity workers is a growing concern for the teams who are directly responsible for protecting the organization against cyber threats. It’s estimated that by 2021, 3.5 million cyber security positions will go unfilled.

Join Stanley Parret, Principal Consultant for FireEye Managed Defense, for a look at the unforeseen challenges and consequences of the growing cyber skills gap, especially around protecting against advanced threats. In this webinar, we’ll discuss:

-The impact of staffing shortages on security practitioners
-How they’re being required to protect more with less
-The options available to security teams who need to extend their capacity

Register now for the webinar

Managing security operations is a challenge, and the technologies most organizations are using don’t provide the visibility, detection efficacy, or context they need. As their risk profile expands, organizations rely on hiring more analysts and purchasing more tools, often depending on manual processes to find and mitigate threats. The high volume of alert noise strains security teams’ resources and increases the probability they will miss an alert that matters. Organizations need a single solution that centralizes their security management, provides visibility, and allows them to quickly respond to threats with automation.

In this webinar:
- Understand the benefits of technology consolidation
- Learn about what a single platform can do for your people and processes
- Discover the untapped potential of your security investments

Election security has become a growing priority for governments and citizens alike on a global scale.
While cyber-enabled interference and election tampering continues to make headlines, coverage of the root cause can seem unclear due to the wide range of differing threats facing entities within an election’s ecosystem.

Join this webinar with Luke McNamara, Principal Analyst of Threat Intelligence, as he uncovers:
• Frontline observances by FireEye of election-driven threat actors—and their key target areas
• A risk framework for organizations to categorize election threat activities and targets
• Beyond the enterprise, how these threats impact individuals and donors involved in political campaigns
• Best practices used by FireEye and implemented by election administrators to reduce targeted cyber risks
• The anticipated evolution of sophisticated attacker techniques in future elections

The numbers make stark reading. 281 billion emails sent daily to over 2 billion business users. 91% of all cyber-attacks start with an email and it only takes 1 with malicious intent to impact your organisation. With evolving methods used by the adversary, it’s becoming increasingly difficult not to get burned.

Join Gareth Fraser-King, Director, Product Marketing EMEA, to learn:
- The state of the cyber landscape, specific to email security.
- How the attack vector is changing with new tactics, techniques, procedures and what you need to look out for.
- Why is FireEye better at catching evolving attacks and how this can benefit you.

Managed Detection and Response (MDR) services should spot prevention failures and respond quickly. Good MDR services spot Red Teams and Pen Testers who are tasked with defeating preventative controls. A great MDR service knows when real, malicious threat actors are hiding their footprints amongst Red Team activity. In this war story, we discuss how Managed Defense, FireEye's MDR service, deals with such situations.

Using Risk Management to Optimize Cybersecurity Costs: Best Practices for the C-Suite

Cyber risk management is increasingly becoming a strategic priority for executive leaders worldwide, though many organizations find it challenging to accurately anticipate, prioritize, and forecast risk mitigation costs.

C-level executives can meet these challenges by engaging their boards and their security teams to ensure they have the right data to scope risk-based focus areas. This allows the organization to plan effectively while keeping necessary security investments top of mind.

Join this webinar with Matt Keane, FireEye Mandiant Senior Director of Risk Management Services, as he explains how to:

• Identify the top risks to your organization based on threat intelligence—and communicate these trends to your board of directors in a way they’ll hear
• Ensure that the board’s security investment decisions support your organization’s appetite for risk
• Establish a framework that ensures the alignment of strategic priorities with security spending
• Track the right risk performance metrics to monitor changes in your unique risk profile, so that you can shift priorities and spending when needed
• Apply these lessons to a sample business scenario.

Register for this webinar to learn how executives like yourself can effectively implement these cyber risk management practices today.

Like most cyber criminals, advanced persistent threat (APT) groups try to steal data, disrupt operations, and destroy infrastructure. But unlike other attackers, APT attackers pursue their objectives over months or even years, adapting to defenses and frequently retargeting the same victim.

Join this webinar to hear David Grout, FireEye EMEA Chief Technology Officer explain how effective cyber threat intelligence (CTI) helps you understand APT groups’ intents and tactics so you can stay ahead of attacks, instead of just reacting to them. He’ll also provide:

•A high-level overview of the nation-state interests driving APT activity
•Insight into the most recent APT attacks investigated by FireEye
•A deep dive into the workings of APT40, a Chinese cyber espionage group that typically targets countries and organizations strategically important to the country’s “Belt and Road Initiative.”

Red Team assessments help organizations identify weaknesses in their current detection and response procedures so they can update their existing security programs to better deal with modern threats. We'll look at a red team case study detailed in FireEye's MTrends 2019 report where consultants performed an objective-based assessment that emulated a real cyber attack of an advanced, nation state attacker across the entire attack lifecycle

Today, defeating cyber attackers and the techniques they employ requires real-time insight and intelligence. Staying ahead of attacks, instead of merely reacting, is the heart of cyber threat intelligence. To illustrate the importance of these capabilities to both public and private sector organizations, Tavis will draw from recent real-world intelligence findings, such as FireEye’s collaboration with Facebook and Google to identify Iranian government influence campaigns, as well as our identification of North Korean state-sponsored groups targeting the energy sector.

Recorded live at the AWS Public Sector Summit 2019, Tim Appleby, Director of Federal Programs at FireEye discusses how the public sector is embracing cloud and managing risk.

Recorded live at the AWS Public Sector Summit 2019, Martin Holste, Cloud Services CTO at FireEye discusses the future of security in the cloud.

FireEye and AWS hosted a Cloud Security Breakfast Briefing on June 12. During this briefing Stephen Alexander, AWS National Security Senior Solutions Architect and FireEye's Martin Holste, Cloud Security CTO, and Tim Appleby, Director of Federal Programs, addressed how organizations can achieve the security needed to protect user credentials, proactively identify vulnerabilities and centralize security monitoring.

This video features event highlights and tips from our panel of cloud security subject matter experts.

FireEye and AWS hosted a Cloud Security Breakfast Briefing on June 12. During this briefing Stephen Alexander, AWS National Security Senior Solutions Architect and FireEye's Martin Holste, Cloud Security CTO, and Tim Appleby, Director of Federal Programs, addressed how organizations can achieve the security needed to protect user credentials, proactively identify vulnerabilities and centralize security monitoring.

In this video, Martin Holste, Cloud Services CTO at FireEye helps debunk several common myths that jeopardize your fast, secure, migration to the cloud.

FireEye and AWS hosted a Cloud Security Breakfast Briefing on June 12. During this briefing Stephen Alexander, AWS National Security Senior Solutions Architect and FireEye's Martin Holste, Cloud Security CTO, and Tim Appleby, Director of Federal Programs, addressed how organizations can achieve the security needed to protect user credentials, proactively identify vulnerabilities and centralize security monitoring.