Tick, Tock: Just 1 Year to GDPR Enforcement – How to be technology ready

The retail industry, already at intersection of online with brick-and-mortar, is one of the most heavily targeted for cyber-attacks, and encountering record levels of data breaches as a result. With digital transformation an imperative, dealing with concerns over data breaches has become every retailer’s new reality. Research shows 99% of the industry uses digital transformation technologies with sensitive data – Cloud, Big Data, Mobile Payments, IoT, Blockchain and Containers.
The 2018 Data Threat Report for retail sponsored by Thales explores the depths of these problems, enterprise plans for combating them, and best practice data security recommendations.

- How does your company compare to the benchmarks in 451 Research’s findings?
- How do you recognize, track and report data breaches?
- How do all the existing and new regulations impact your data security strategies? (e.g., CCPA, Vermont Data Broker Law, GDPR, etc.)
- What are best practices when it comes to protecting and securing your sensitive data? Are they enough?

Organizations today gather unprecedented amounts of data from their operations to create new opportunities and to customized marketing, business, and services for their users and customers. Every transactions and exchange within the enterprise is creating more data that when analyzed, can produce valuable insight. Whether the data comes from a person or from a connected device such as a sensor, data collected is becoming essential for decision-making. Therefore, protecting the integrity of connected devices collecting this data is critical to ensure the trustworthiness of the system. Public key infrastructures (PKIs) provide the framework to secure the identity of devices to ensure integrity and confidentiality of data collected and exchanged. Using asymmetric cryptography, PKIs sign all certificates used to identify devices collecting data. Protecting the signing keys used for this purpose is essential to ensure a root of trust. In this webinar, we will examine how PKI-based solution provide a mechanism for secure identification, so you can trust your devices and the data they collect. The session will explain how hardware security modules (HSMs) help establish a root of trust, and provide examples and use cases.

Join the webinar to learn how you can use connected devices with a PKI and an HSM to:

• Improve your data gathering capabilities
• Protect the integrity of your critical data
• Defend organization from data breaches
• Secure all analytics and decision making

In recent years, cloud applications and the Internet of Things (IoT) have become the latest disruptors to future PKI planning. This 2018 study, conducted by the Ponemon Institute and sponsored by Thales eSecurity, reveals trends in PKI usage and deployment, security controls, and challenges. Those trends clearly indicate that organizations must not only tend to the ever-changing digital certificate needs of today, but must also simultaneously prepare for the future -- a future with never-before-seen diversity and scale.

Join this webcast to learn about the top findings of this research, including:

• The increasing influence of the IoT in PKI planning
• The increasing security maturity of enterprise PKIs including the use of Hardware Security Modules (HSMs)
• Identification of enterprise applications that most commonly depend on PKI credentials
• The most important PKI capabilities for IoT deployments, and projected rates of digital certificate usage by IoT devices

Chris Ogilvie interviews Simon Keates, Thales eSecurity Business Development Manager, EMEA on “cloud” - the biggest growth area of technology investment this year.

Companies are increasingly reliant upon multi-cloud or hybrid cloud to meet specific workload and needs. However, these multi-faceted environments come with advanced threats in the form of security gaps which exploits individuals and organisations. In addition, embracing cloud environments brings challenges around data control, complex security policies and compliance reporting.

Join Chris and Simon for the second in our series of “coffee break” webcasts when they will discuss:

a) How can enterprises reduce security gaps in the cloud without affecting their business efficiency?
b) How are organisations maintaining effective security whilst adopting new digital technologies to improve agility, customer engagement and support business growth?
c) How does BYOE (Bring Your Own Encryption) alleviate the core issues of security, control and compliance and can it be applied to the common public cloud environments cost-effectively?
d) How can enterprises regain control of their data security?

Organizations today are increasingly interconnected and depend on this interconnectivity and the cloud to conduct business. While this concept of the interconnected enterprise has taken off and improved business acceleration and agility, it has also surfaced increased exposure to data security risks. To alleviate these risks, Palo Alto Networks and Thales eSecurity help enforce security policies that underpin critical components of an enterprise’s network security system, protecting the root of trust of their entire network security system. In this webinar, we will examine the key elements of the joint solution as well as what may be the best options for your organization.

• Understand next generation firewalls and hardware security modules
• Learn the critical role and features of best-in-class key management
• Learn best practices for data security

With billions of things connecting to the Internet, addressing security, privacy, and safety are becoming significant challenges. Enterprises deploying Internet of Things (IoT) technologies need strong security that is easy to implement, seamless to use, cost-effective, flexible, and scalable. The foundation to establish trust and reliable security for IoT is to use standards-based PKI certificates with the right communication protocols.

This webcast will examine the challenges that industry faces to ensure safe adoption of IoT technologies, from device manufacturing, to deployment and operation. Join Thales and Nexus to learn how IoT PKI:

• Controls device identity, from manufacturing bootstrap to lifecycle management
• Delivers protected operations based on strong authentication and encryption
• Manages full range of devices from battery-powered sensors to self-driving cars
• Secure logs and reports to facilitate compliance with data security regulations
• Establishes a certified root of trust for the security of the entire ecosystem

The rapid adoption of hyperconverged infrastructure (HCI) solutions have been due to their proven ability to deliver scalability, agility, reduced costs, storage redundancy, and reliability. While these are great benefits, perhaps one of the elements that is garnering the most attention right now is data security. Nutanix certainly knows this and is working hard with Thales eSecurity to protect the confidentiality and integrity of sensitive data through strong encryption of user and application data. When used with Vormetric Data Security Manager (DSM), the combined solution provides FIPS certified robust key management and role separation to meet the most stringent security requirements.

In this webinar, we will examine the key elements of the joint solution as well as what may be the best options for your organization.

• Understand the types of encryption and their characteristics
• Understand the critical role of best-in-class key management
• Learn how to go beyond the encryption basics

Chris Ogilvie interviews Simon Keates, Thales eSecurity Business Development Manager, EMEA on one of the hottest security topics in 2018.

PKI offers organisations the flexibility to create security models, however defining, maintaining and securing PKI is a major risk to enterprises. Key theft, weak controls on keys, and impact on business agility as new applications are on-boarded without due care, are some of the challenges faced by enterprises.

Join Chris and Simon for the first in our series of “coffee break” webcasts when they will discuss:
a) The current PKI market, the growth in EMEA and the challenges facing organisations
b) How enterprises are using PKI to enhance their security posture
c) How Thales eSecurity is integrating with market leading PKI technology partners to offer a holistic solution for the enterprise

For virtually every organization today, the adoption of multiple cloud services continues to expand. According to the AlphaWise/Morgan Stanley 2016 Annual CIO Survey of 100 CIOs, by 2020 over 46% of the application workload will move to the public cloud. So any way you look at it, a multi-cloud environment is part of your future. With this move to the cloud, the proliferation of encryption will continue at an increased rate in order to protect and secure sensitive data. That means the number of keys and the potential risks will also increase dramatically. With the CipherTrust Cloud Key Manager (formerly Vormetric Key Management as a Service), your organization can establish strong controls over encryption keys and policies for data encrypted by cloud services. So what are you waiting for? Learn how Thales eSecurity and our CipherTrust Cloud Key Manager can put you in control of your keys and help you secure your sensitive data.

* Application workloads are moving to the Cloud - 46% by 2020 - make sure you are prepared
* Encryption for sensitive data in the Cloud doesn't mean you should lose control of your keys
* CipherTrust Cloud Key Manager ensures you have control of your keys in the cloud

The latest India Data Threat Report from an independent survey conducted by 451 Research shows 52% of Indian respondents reported a breach last year. The report highlights escalating cyberattacks, traditional insider threats, privacy requirements, and data residency regulations are driving enterprises to review how they are securing their data in order to reduce the exposure of their organizations data.

The largest driver for our Indian customers right now is the protection of 12-digit Unique Identification numbers (UIDs), also called "Aadhaar” numbers, based on unique biometric and demographic data and designed to reduce fraud whilst awarding various benefits. The Unique Identification Authority of India (UIDAI) has mandated that the private cryptographic keys used to digitally sign and authenticate the UIDs must be stored in a Hardware Security Module (HSM). In addition to HSMs, the UIDAI has also mandated the use of tokenization – replacing sensitive data with a token that can be stored, processed and transmitted securely.

Join this live webinar to:

• Discover the key findings from the India Data Threat report and see how they compare with the global landscape
• Examine the UIDAI mandate and the steps needed to be taken to ensure compliance
• Learn what makes Vormetric and nShield HSM the best solutions to keep your data secure

The digital transformation has changed how the world does business, creating whole new enterprises and industries, but it has also left many organizations vulnerable to new and destructive threats. Individuals and businesses need to combat these threats to secure their own assets and reputations as well as to comply with increasingly numerous and rigorous regulations, such as GDPR. Among the tools that protect the data itself by making it unusable, should it be stolen, is tokenization. Tokenization protects sensitive data by substituting non-sensitive data.

In this webinar, we will examine the key elements of a tokenization solution as well as reviewing several example use cases.

• Understand the problems tokenization addresses
• Describe the architectures needed to support tokenization
• Review relevant tokenization use cases

When 451 Research surveyed 1200 IT security professionals, including 400 across Europe, for the 2018 Thales Data Threat Report, we found that today’s threat environment, digital transformation initiatives and regulations are having a deep impact on enterprises. In 451 Research’s Analyst Garrett Bekker’s view – with a big disconnect around what is effective at preventing data breaches and where we’re spending our IT security dollars today. In this session, we’ll cover:

• The depth of the problem with data breaches – and the numbers around how deeply it has affected enterprises in Europe.
• How IT security spending is being prioritized today – and why that can be a problem.
• How adoption of cloud, containers, big data, IoT and other technologies add risk and complicate the data security picture – and what your peers would like to see to make this adoption safer
• Perceived barriers to use of data security tools, and whether these are still relevant – or relics of past experiences.
• Simple best practice recommendations that can enable you to evaluate your current stance, and improve it.

In today’s environment data protection is more critical than ever and businesses are responding. This 13th edition of the Global Encryption Trends Study, conducted by the Ponemon Institute and sponsored by Thales eSecurity, reveals how increased cloud use and accelerated compliance initiatives are driving adoption of new encryption strategies. Join Dr. Larry Ponemon and John Grimm to learn about some of the top findings in this year’s Global Encryption Trends Study, including:

• Growth in encryption and Hardware Security Module (HSM) usage
• The importance of performance, scalability and consistent policy enforcement across enterprise and cloud use cases for encryption solutions
• Trends in encryption deployment across multiple vertical markets and geographies that are useful for benchmarking

A complex dynamic of attack vectors threaten today’s IT environments like never before. Faced with this challenge, organizations need to protect their most sensitive applications and data without sacrificing business agility. Privileged Access Management (PAM) has emerged as an approach that can provide the best defense against potential attackers, by protecting all layers of the typical computing model. PAM solutions manage user access, safeguard file systems, ensure process segmentation, and provide encryption capabilities to protect users, assets, files, and applications. However, vulnerabilities can enable attackers to exploit privileged accounts, and abuse of these can open conduits for data breaches that threaten enterprise security.
As data breaches continue to make headlines, far-reaching security mandates such as the General Data Protection Regulation (GDPR) are becoming stricter, forcing organizations to rethink their cybersecurity strategy.
This webinar will examine how organizations can strategically block threats along traditional computing models to fortify security without re-engineering applications, databases or infrastructure. The presentation will focus on secure access control, auditing, alerting, and recording of privileged account activity. Management of cryptographic keys that protect access credentials, and the protection of sensitive data to ensure that only authorized users and applications can be allowed to access these files, will also be discussed.

Join the webinar and learn how to:

• Manage all privileged user access and control file systems
• Establish a robust root of trust for credential management
• Enhance security with key management and encryption
• Facilitate security auditing and regulatory compliance
• Meet FIPS 140-2 and Common Criteria standards

Digital transformation is business enhancing and fraught with danger. With services moving online and into the cloud, the result is a faster, more agile and open service for consumers and enterprises. However, this digital transformation is taking place in an increasingly precarious environment, more and more your corporate attack surface is being exposed.

With data breaches at an all-time high and incidents of identity theft risen by 57% in a year, consumers are questioning the security of their personal data held by organisations. The rise of cloud and the Internet of Things, has forced companies to take control of their data – regardless of where it resides and in addition, reputational damage caused by public breach is firmly on the agenda of the board.

This webinar will consider:

• Key security considerations for a digital transformation strategy

• Why a proactive data defence strategy is crucial

• The benefits of maximising the level of control over data irrespective of where it is created, store or shared.

Digital transformation initiatives and increased threats have put enterprise data at risk more than ever, with 67% already experiencing a breach, and over half of those breaches in the last year. In this webinar Garrett Bekker, Principal Analyst for Information Security at 451 Research, details critical findings from the 2018 Thales Data Threat Report around the rise in data breach rates, what IT security pros around the world are doing to respond, and best practice recommendations for how to keep from becoming another statistic.

The digital transformation is driving massive turmoil. Organizations are having to face how they protect their data or be breached-again. Results of the recent 2018 Data Threat Report indicate continuing concern for insider attacks, with 51% of respondents citing privileged users as being the main threat.
Providing the proverbial “keys to the kingdom” that allow access to sensitive organizational resources, privileged accounts are top target for internal and external attacks.

As organizations increasingly use privileged accounts in a changing business environment, protecting the credentials, isolating and controlling sessions, and continuously monitoring operations is critical. This webcast will examine a typical use case in a healthcare environment, and illustrate how to protect privilege account credentials, passwords, and keys with applicability across industries.

Attend this webinar to learn how to:
• Deploy solution across organization without impacting operation
• Provide added security layer to privileged account management
• Protect and manage the critical cryptographic keys automatically
• Facilitate auditing and compliance with data security regulations
• Comply with FIPS 140-2 and Common Criteria security standards

With the clock ticking towards May 2018, NOW is the time to ensure you are taking the right steps to protect your organization and your customers in order to be compliant with General Data Protection Regulation (GDPR).
Less than a 1/3 companies are prepared…join us for a discussion with Jay Trinckes of the NCC Group on how GDPR will impact the way in which organizations handle their data.
What you will learn:

•How GDPR affects U.S. businesses
•Organizational best practices to achieve GDPR compliance
•Penalties for non-compliance
•How Thales Vormetric Data Protection Platform addresses the GDPR “Security of Personal Data” requirement

About the speaker:
Jay Trinckes is a Principal Security Consultant with NCC Group’s Risk Management and Governance Practice where he specializes in security and privacy assessments specifically around GDPR, HIPAA, HITRUST, PCI, DFARS and more.