In the world of information security, the past isn’t dead; it isn’t even the past.
The 2015 edition of HP’s annual security-research analysis reveals a threat landscape still populated by old problems and known issues, even as the pace of new developments quickens. In 2014, well-known attacks and misconfigurations existed side-by-side with mobile and connected devices (the “Internet of Things”) that remained largely unsecured. As the global economy continues its recovery, enterprises continued to find inexpensive access to capital; unfortunately, network attackers did as well, some of whom launched remarkably determined and formidable attacks over the course of the year.
The 2015 edition of the HP Cyber Risk Report, drawn from innovative work by HP Security Research (HPSR), examines the nature of currently active vulnerabilities, how adversaries take advantage of them, and how defenders can prepare for what lies ahead. Jewel Timpe, HPSR’s senior manager of threat research, describes the report’s findings and explains how this intelligence can be used to better allocate security funds and personnel resources for enterprises looking toward tomorrow.
RecordedJun 9 201527 mins
Your place is confirmed, we'll send you email reminders
Your identity governance and administration relies on your organization’s ability to make informed decisions about user access and entitlements. There’s an old adage in data quality management that states ‘garbage in, garbage out.’ If your administrators and approvers don’t have the necessary intel, how can they be sure they are making the appropriate decisions.
This webcast will take a look at the importance of leveraging analytics to make informed decisions about identity and access. We will discuss the types of data that can be used, how it can be collected and how you can leverage this additional insight in order to better protect your organization.
Unleash the power to scale with ArcSight in a world of exponentially growing data and increasingly diversified sources. This webinar demonstrates how ArcSight’s new Instant Connector Deployment feature simplifies and improves efficiency of installation of Connectors. Onboarding new sources has never been easier!
Learn how you can improve efficiency of connector installation and increase scalability of your security operations center.
Today’s attacks are more complex and advanced, and data volume, variety and velocity are increasing every day with new data coming from IoT, mobile, IT, and other sources. To stay ahead of these threats, the Security Operations Centre must re-architect itself to embrace big data and analytics. ArcSight’s intelligent Event Broker message bus provides an open architecture that allows the use of clean, enriched security data with the best of breed technologies to prepare the enterprise for today’s threat scenario and that of the future. Learn how ArcSight’s Event Broker goes above and beyond Kafka to offer an open, highly scalable, easy-to-use, out-of-box security data collection and distribution solution.
Roundtable chaired by Doug Drinkwater, IDG, David Kemp, Micro Focus
In this Micro Focus roundtable, leading experts discuss how CISOs can prepare for these pivotal changes, from the need for security monitoring tools to the importance of liaising closely with regulators in the event of a security incident.
This new data protection legislation could actually help the business drive innovation, with the CISO at the forefront of this change.
From the potential threat of huge fines for non-compliance and data breaches to mandatory data breach notifications and stricter rules around the use of personal data, CISOs face a tough job to ensure compliance by the regulation’s effective date of 25 May 2018.
For more information visit https://www.gdprandbeyond.com/
Alexander Hoole, Manager, Software Security Research, Micro Focus Fortify
A single weak point in a line of code can create an open door for attackers. Threats originating from applications are now more pervasive than ever. We believe that the best defense against application vulnerabilities is a good offense.
In this webinar, we will share results from our recent primary research study that reveals:
• The top five application security risks
• Where these risks originate
• How to remediate these risks
• Best practices to protect your business, protect your customers
Every business today uses data and many businesses now interact with their customers and partners through web and mobile applications. Securing the increasing number of applications needed to run the business while maintaining release deadlines and development budgets is only achievable when application security is a part of the software development process.
Shifting application security to the left is a concept that integrates security testing into the early stages of development to improve effectiveness and minimize the effort and cost for development and security teams.
Mark Bower, Global Director, Product Management - Data Security, Micro Focus
The clock on GDPR is ticking with the May 2018 enforcement date looming. All businesses that handle EU citizen data will eventually be impacted. Compliance risks are material to many US and global firms, with fines and remediation costs potentially an order of magnitude larger than all other regulations combined. The challenge is to maintain legitimate data use for business opportunities, while deploying non-disruptive controls that lower risk of data breaches and exposure to whistleblowers.
This session will take a practical view to illustrate how format-preserving encryption maps specifically to GDPR requirements. We’ll walk through practical customer use cases involving EU data in a large enterprise, with Big Data and hybrid enterprise IT examples. Attendees can learn how our advanced FPE technology solves complex regulatory issues quickly, while also enabling data-driven organizations to increase the use of data for decisions, even under aggressive regulatory controls.
With a stake at the center of how organizations are consuming and leveraging big data, Hadoop adoption in the enterprise is growing steadily. In fact, a recent survey conducted over the subscribers of Database Trends and Applications found 55% of respondents currently use the platform and 44% have four or more clusters. To understand key challenges and use cases, attend this roundtable webinar. You'll learn:
• How real companies are using technologies shaping the future of data management
• Key challenges to enabling data access, data sharing and data privacy
• Critical success factors require best practices in governance and data security
Data is at the heart of most major businesses in the new data economy. But the exponential growth in data generation and usage across Hybrid IT, IoT and other platforms is rendering current data security methods obsolete. In addition, government regulations, such as GDPR, increase the risk of heavy penalties for any data breach. A new approach merging data security and governance is needed.
This webinar will discuss:
• The new data economy and the challenges to data security
• Why businesses need both security and information governance when facing data growth, privacy challenges, industry and government regulations
• How the integration of Structured Data Manager and SecureData gives customers a key solution for Data Security Governance
John Delk, Chief Product Officer and GM, Security Product Group and Travis Grandpre, Director, Product Marketing, Micro Focus
With the close of the spin-merge of HPE Software with Micro Focus, the two organizations have joined forces to become the seventh-largest pure-play software company in the world.
As one of the largest security providers in the world, both HPE and Micro Focus bring together a portfolio of security solutions that bridges IT and protects what matters most—users, apps, data, and the interactions between them.
Join us for this webinar to hear John Delk, Chief Product Officer, and Security GM, discuss how the new combined security business combines an open architecture to free up access to data and industry-leading analytics to detect known and unknown threats.
Tamer El Refaey, Senior Director, Security Monitoring and Operations, du Telecom and Arun George, Regional Sales Manager, HPE
As a rapidly growing mobile and fixed line service provider, du Telecom was faced with protecting its growing network and IT infrastructure while controlling costs and efficiently managing IT operations. Recognizing this need, du Telecom embarked on a journey to transform its security operations as it knew that a strong security foundation — one that can automate security and compliance monitoring to cost-effectively support corporate growth — would be critical to its success. To achieve these goals, du Telecom turned to ArcSight.
Join this webinar to participate in a candid conversation with Tamer El Bahey, Senior Director - Security Monitoring & Operations at du Telecom, as he shares how the company simplified its security operations across the enterprise and laid the groundwork for an award winning Security Operations Center (SOC) using ArcSight SIEM solution. Learn from du Telecom's approach and lessons learned which resulted in reduced security expenditures by 85% in 3 years.
Register now to see how the power of ArcSight SIEM solution can also transform your Security Operation Center to operate more efficiently and protect against cyber threats.
Hunt teams are relative newcomers within the security operations domain. Many companies say they are doing “hunt” but when we dig deeper, we find the capabilities are ad hoc, with no measurable indicators of success nor formal organizational support. That means hunt teams are growing in popularity and use, but there is no “gold standard” yet for how they work. With increasing scarcity of skilled resources in cyber security and lack of efficient tools, it is challenging to build successful hunt practices inside an organization.
Join this webcast to:
•Gain a clear understanding of the current challenges of hunt and investigation procedures
•Learn how to build “hunt” capabilities that search for security breaches
•Increase speed, simplicity and effectiveness across the entire workflow of hunt and investigation with ArcSight’s new solution
Mary Writz is a seasoned professional with more than 15 years of experience in cyber security and, under her services leadership role, her team filed 9 patents and built a successful hunt practice with a focus on Big Data, machine learning and visualization. Alona Nadler is a senior product manager for ArcSight with a background in Big Data analytics platform.
Mary Karnes Writz, Head of Applied Innovation, HPE Security Professional Services
Have you been planning on establishing hunting capabilities but just can’t seem to get it started? Check out this webinar to gain a clearer understanding on hunt teams and their effectiveness.
This webinar will deep dive into successes and most importantly lessons learned from Hewlett Packard Enterprise’s own journey with leveraging emerging capabilities and hunting techniques with customers. From solving data ingestion challenges to detecting bank heists, learn from HPE’s years of building hunt teams.
Get a broader view of the ecosystem of breach hunting technology so you can execute your own successful hunt strategy.
James Rabon, Fortify Product Mgr/Security Specialist, HPE and Poonam Yadav, Fortify Product Mgr/Security Specialist, HPE
Is your business challenged with competing priorities and resources when it comes to application security testing and the need for more rapid application development? Are you impacted by costly and cumbersome remediation of security issues? In a world of competing requirements, how can your application security keep up with the rapid pace of development, and still remain effective?
Learn how some of the most advanced and innovative application security customers tackle this problem by:
• Using automation - where modern security tools are being included in the “treat infrastructure as code” mantra
• Making static and dynamic analysis of applications more efficient and effective
• Integrating application security throughout the software development lifecycle (using a DevOps toolchain)
• Gaining visibility and insights into production application behavior and exploits via low-impact Continuous Monitoring
• Protecting security flaws in production to buy time for true remediation
Barak Klinghofer, Co-Founder and CPO, Hexadite and Steven Forsyth, RnD Manager, HPE Security ArcSight
The effectiveness of a security system depends on how quickly it detects and responds to threats. Is your security system able to tackle security challenges in near real time, while reducing false positives so analysts can focus on critical events and Indicators of Compromise (IOCs)?
HPE Security ArcSight ingests large volumes of security events and correlates against IOCs in real time to identify potential threats. Hexadite Automated Incident Response Solution (AIRS) takes these security alerts in real time and performs investigation and remediation at scale.
Learn how the combination of these two systems gives you the ability to:
• Gain visibility across the entire IT footprint
• Detect security threats in real-time
• Automate incident investigation
• Perform automated or semi-automated remediation actions
Taking your Security Operations Center (SOC) to the next level has never been more critical. Organizations around the globe are investing heavily in cyber defense capabilities to protect their most critical assets. Don’t miss this webinar to explore key findings from the 2017 State of Security Operations report on cyber defense organizations’ capabilities and maturity.
Learn what the most successful SOCs in the world are doing right, regional trends in the maturity of cyber defense capabilities and best practices to apply within your organization. Get the latest information on:
• Opportunities in automation
• Threat hunt teams and whether they are working
• New compliance regulations impacting SOCs
Register now and gain insight on the next steps your business can take to mature security operations in 2017.
With more security threats than ever before, organizations are looking to new ways to secure, manage and monitor their environments. The cost and scope associated with this issue are huge. Security environments have traditionally been closed, sealed and ‘secured’ by nature; but as organizations look to solve problems, they are embracing the idea of adopting open standards and architectures.
By embracing new, innovative and open standards, security organizations can look to solve complex problems in a modern new way. Explore how you can expand and grow your capabilities with simplicity, and more importantly in a predictable and cost-effective way.
This webinar will cover the evolving approach to help you solve security issues with modern open architecture solutions. Using the right approach and the right technologies are important to addressing requirements of log data storage, analysis, analytics and advanced security monitoring. Learn why integration is key and where ArcSight comes in.
Travis Grandpre, HPE Director of ArcSight Product Marketing and Justin Kelso, HPE ArcSight
As organizations scale, having a robust security posture is critical. To achieve this, organizations rely on intelligent security operations. Visibility plays a crucial part in this. This means having visibility across boundaries, not just across networks and IT, but also into operational data and IoT devices.
Join this presentation to learn:
•What's needed to enable visibility into millions of events per second
•How to provide context to the collected data
•Role of machine learning in real-time correlation and analytics
•How to prioritize security analyst tasks, optimize resources and save time
Discover the capabilities powering intelligent security operations that enable you to track alerts and investigate threats at the speed of the attacker.
Scott Johnson, Director of Product Management, Fortify
Organizations moving at DevOps speed can easily integrate security testing into their Software Development Life Cycle (SDLC) workflow. Join this presentation to discover how built-in application security testing can become a seamless part of your coding process.
Viewers will learn:
- How integrations spanning all stages of development, deployment and production enable application security testing into the development tool chain
- How to empower your developers to test for security vulnerabilities earlier, build better code and secure your software
Leading Security Intelligence & Risk Management Enterprise Platform
Micro Focus is a leading provider of security and compliance solutions for modern enterprises that want to mitigate risk in their hybrid environments and defend against advanced threats. Based on market leading products, the Micro Focus Security Intelligence and Risk Management (SIRM) Platform uniquely delivers the advanced correlation, application protection, and data security & encryption technology to protect today’s applications and IT infrastructures from sophisticated cyber threats. Visit Micro Focus Enterprise Security at: www.hpe.com/security