Website Threats: It’s Not All About the Hacker Anymore

Mike Smart, Senior Manager, Products and Solutions, Symantec
Website Security Series Part 3

The external threat landscape is evolving; web-based malware and legitimate website hacking is continuing to fluctuate as we learn and adapt our network defence strategies, or externalise our infrastructure to mitigate risk. However, do these initiatives around protection extend to our customers? 
Every organisation has a web presence and increasingly this presence is not just for broadcasting corporate brands and products; it is used to collect and socialise personal information from customers and constituents and process regulated financial transactions.

In this session Symantec will discuss:
- Top threats that target customer identities
- How the Trust model of SSL has survived the last 18 months
- Why the Internet’s top brands are moving to Always-On SSL
- Why not all SSL certificate infrastructures are created equal and how this can influence business growth
- How to manage an expanding cryptography infrastructure effectively

Mike Smart is the Senior Manager of International Product and Solutions at Symantec.
In his role, Mike is responsible for driving Symantec’s Trust Services business across International and emerging markets. He joined Symantec in 2012 from SafeNet where he was Director of Products and Solutions in EMEA.
Mike has a strong history in the SMB and Enterprise IT Security arena and has been at the forefront of introducing new technologies and solutions to the market in areas such as Cloud Security Solutions, Information Leakage Detection and Prevention and Unified Threat Management. Mike is an active member of the UK’s Get Safe Online not-for-profit organisation which provides a leading source of unbiased, authoritative information on protection against fraud, identity theft, viruses and many other problems encountered online.
Jun 21 2012
40 mins
Website Threats: It’s Not All About the Hacker Anymore
  • Channel
  • Channel profile
Up Down
  • Wi-Fi Optimization: Every Day, Another 4 Million Devices Are Activated. Ready? Recorded: Jul 17 2013 48 mins
    The mobile enterprise challenges are mounting: enabling users simple and secure access to the network, ensuring applications run smoothly, and building sufficient capacity to handle unpredictable usage and future growth. A superior level of Wi-Fi design is now required—something shown lacking by a recent Gartner report: “By 2015, 80% of newly installed wireless networks will be obsolete because of a lack of proper planning.” A clear indication of the problem is that a typical wireless user is provisioned with less than 5% of the bandwidth of a typical wired user. Wi-Fi Optimization includes designing for: the user, device, application, spectrum and capacity. This session will examine critical design components to ensure predictable performance, even under heavy loads.
  • Panel: Active Defense: Preventing a Breach and Hacking Back Recorded: Jun 12 2013 55 mins
    How do you respond when your organisation has been breached and law enforcement is unable to help?

    More and more companies are turning from a reactive response to breaches to a proactive one: preventing a breach before it happens and hacking back. This panel session will feature 4 experts discuss these topics in-depth, from its technical to legal implications.
  • Panel: Virtual World with Virtual Risks. Can it be Cloudy and Clearly Secure? Recorded: May 15 2013 64 mins
    As companies migrate to the virtual datacenter, executives must deal with security, audit, and visibility of their environment which has grown beyond their physical datacenter. Because of this, hesitancy remains and many questions are still being asked. What is a next-gen datacenter? What changes as businesses take steps toward a hybrid datacenter? When they move to a virtualized environment, how does their data remain secured and in their control? Will encrypting data in this environment achieve visibility and control of who is accessing it? Plus despite more knowledge on virtual risks, cloud services are still being purchased without authentication, adopting cloud first and then thinking about security second. So how can organisations win the struggle with authentication in the cloud?

    Join your fellow professionals for this lively and insightful discussion providing a complete vision on virtual risks in a virtual world. Then understand a way to manage risk, maintain compliance, accelerate and protect business from evolving security threats.
  • The Business of Social Business Recorded: Apr 25 2013 44 mins
    Social business represents a new transformational opportunity for organizations. After initial forays into external social media, many companies are now discovering the value of applying social approaches, internally as well as externally. Social business can create valued customer experiences, increase workforce productivity and effectiveness and accelerate innovation. But many companies still wrestle with the organisational and cultural challenges posed by these new ways of work.

    Join this webinar to hear the proven results from easily integrating social into your everyday tools to improve your business.

    About the speaker:
    Chris Moore is a Social Business Specialist for IBM Collaboration Solutions. He has 7 years experience and knowledge of Collaboration and Exceptional Web Experience technologies; including IBM Notes, Domino, Sametime, Connections, Docs and Web Experience Suites.
  • Designing for Resilience and Security in Public Cloud Applications Recorded: Apr 17 2013 40 mins
    Public cloud providers offer better uptime and business continuity than most organisations can achieve on their own, despite well-publicised outages. But failing to plan for an outage, means you are planning to fail. At the center of this argument is the concept of designing for resilience: organisations should not hide from failure, but rather expose themselves to it early and often, in a way that allows them to learn quickly and build the right infrastructure to build reliability in an unreliable world.

    Join Paul Wallace, Director of Product at Riverbed Technology, as he discusses strategies that will help you design for resilience and security, and learn how to:

    * Prepare for unplanned cloud outages
    * Build a globally resilient cloud application
    * Avoid some of the most common mistakes when faced with a cloud outage
  • Cyber-Resilience: the Core of Modern Risk Management Recorded: Apr 17 2013 49 mins
    Synopsis:
    Cyber-risk is one of today’s most high profile business risks. While good cyber-mitigation strategies can reduce this risk, it cannot be eliminated – defences will be breached. The organisation’s ability to respond to and recover from these breaches – its cyber-resilience – is fundamental to its risk management strategy. This session examines cyber risk, the pervasiveness of cyber-incidents and the key steps in building a cyber-resilience strategy.

    About the speaker:
    Alan Calder is chief executive of IT Governance, the single-source provider of books, tools, training and consultancy for IT governance, risk management and compliance.
    He is a leading author on information security and IT governance issues. Alan is the co-author (with Steve Watkins) of the definitive compliance guide, ‘IT Governance: An International Guide to Data Security and ISO27001/ISO27002’.
  • Everything We Know and Do to Secure Web Applications is Wrong Recorded: Apr 17 2013 45 mins
    Synopsis:
    The premise behind this talk is to challenge both the technical controls we recommend to developers and also our actual approach to testing.
    We continue to rely on a “pentest” to secure our applications. Why do we think it is acceptable to perform a time-limited test of an application to help ensure security when a determined attacker may spend 10-100 times longer attempting to find a suitable vulnerability? How can we expect developers to listen to security consultants when the consultant has never written a line of code? Why are we still happy with “Testing security out” rather than the more superior “building security in”?
    This talk is sure to challenge the status quo of web security today.

    About the speaker:
    Eoin is international board member and vice chair of OWASP, The Open Web Application Security Project (owasp.org). During his time in OWASP he has lead the OWASP Testing and Security Code Review Guides and also contributed to OWASP SAMM, y and the OWASP Cheat Sheet Series.

    Eoin Keary is the CTO and founder of BCC Risk Advisory Ltd. (www.bccriskadvisory.com) an Irish company who specialise in secure application development, advisory, penetration testing, Mobile & Cloud security and training.

    Eoin has led global security engagements for some of the world’s largest financial services and consumer products companies. He is a well-known technical leader in industry in the area of software security and penetration testing.
  • Social Business for IT Departments Recorded: Apr 10 2013 3 mins
    Is there an opportunity for IT departments to embrace new business models that are more customer centric?

    One of six crowd-sourced questions we posed to the experts at the Unified Communications / Social Business Expo in London.
  • Extending the Enterprise Datacenter Recorded: Mar 19 2013 36 mins
    Understand how to create an elastic data center and connect existing networks and application assets to resources in the cloud. AWS will discuss technologies such as VPC and Direct Connect and common use cases from Enterprise customers.
  • The Transformations of Cloud Computing and Common Stepping Stones into the Cloud Recorded: Mar 19 2013 45 mins
    In this presentation AWS will talk about some of the transformations that Cloud computing brings to the delivery of IT infrastructure and how enterprises can leverage these changes to create cost efficient, agile and customer focused systems.
  • Panel: APT Attacks: How Will You Defend Yourself? Recorded: Mar 13 2013 58 mins
    How prepared are you to detect a breach? Advanced malware, persistent threats and zero-day targeted attacks are causing problems for organisations of all sizes, as traditional security measures have become ineffective in keeping them secure.
    This panel will explore how organisations can benefit from advanced techniques to defend themselves against APTs. These include big data analytics, real-time threat monitoring and direct exposure. There will be a case study on the recent APT1 report discovered by Mandiant.
  • Service Desk - Snog, Marry, Avoid...?! Recorded: Feb 7 2013 45 mins
    Is your service desk only good for a quick peck on the cheek, is it a lifetime commitment, or do you avoid it at all costs?

    How can you ensure that your customers see the service desk as a long term and enriching business relationship and not just a basic commodity, or only the last port of call with their Technology issues?

    This session looks at key elements of IT Services and front line Service Desk features that are needed to ensure that technology is delivered and appreciated as a value-add and not just seen as a necessary but unwanted cost. This will include all the elements you need for a Service desk makeover to attract new admirers.
  • Securing Mobile Devices – Challenges and Opportunities for IT Security Recorded: Feb 6 2013 45 mins
    Synopsis:
    Recently highlighted as being one of the top 5 threats for 2013 by the ISF, this webinar maps out how you can respond to the ‘consumerisation’ challenge today – whatever stage you are at – based on current efforts to formulate good practice at leading ISF Member organisations around the world. It offers independent guidance on how to plan your security response not only in terms of how your people use mobile devices, but also in terms of protection solutions, provisioning and support, and meeting statutory requirements.

    About the speaker:
    Steve Durbin is Global Vice President of the Information Security Forum (ISF). He is a regular speaker and chair at global events and is quoted in the Financial Times, Wall Street Journal, Forbes, Deutsche Presse, Süddeutsche Zeitlung, CIO Forum, ZD Net, and Information Week.
    Steve has considerable experience working in the technology and telecoms markets and was previously senior vice president at Gartner. He is also currently chairman of the Digiworld Institute senior executive forum in the UK, a think tank comprised of Telecoms, Media and IT leaders and regulators.
  • High Performance Wireless for BYOD: The Task in Hand Recorded: Jan 17 2013 47 mins
    BYOD is no longer a consideration, it’s a reality. Every day over 2 million new wireless devices are being activated and these devices will show up on you network. And while most wireless vendors are talking about the potential security risks, which are considerable, almost no one is discussing the impact the sheer numbers of devices will have on your networks performance.

    A recent Gartner study did and stated that ‘By 2015, 80% of newly installed wireless networks will be obsolete because of a lack of proper planning’. Many administrators still designing for coverage, when capacity limits are the true Achilles heel of wireless deployments. This session will discuss the varied client types and their capabilities, best practices to address growing device densities and how both impact overall network performance. IT administrator looking at a BYOD deployment or even just a wireless upgrade will gain valuable insight from this presentation.

    Perry Correll is a Senior Technologist as well as the Director of Product Marketing at Xirrus. His extensive networking background extends from original Ethernet Thicknet technology, through the switching revolution and now is involved in pushing advancements in Wi-Fi technology to displace wired solutions. Previous roles included technologist and management roles at Cabletron, Xylan and Alcatel.
  • Network and Applications - Understanding the Infrastructure Dependencies Recorded: Jan 17 2013 47 mins
    As networks, servers and applications all increase in complexity, how do you make it simpler and less costly to manage changes and improve performance? We’ll cover practical steps needed to develop the knowledge sets needed to support major transformation projects, as well as improving end to end IT management processes. Ideal for anyone who has found that mapping their IT infrastructure dependencies needs more than one white board!
  • Proactive Defence - Engaging Your Defence Before the Attack Recorded: Dec 5 2012 47 mins
    Synopsis:
    Security is only as good as the response it generates. This talk will highlight how organisations need to redevelop their incident response strategies and move away from reactive responses to proactive ones. This includes detecting potential attacks as early as possible and ideally before they happen. The webinar will cover strategies, tools and techniques that those responsible for incident response can implement to better improve their security posture.

    About the speaker:
    Brian Honan is an independent security consultant based in Dublin, Ireland. Brian founded and heads IRISSCERT which is Ireland's first CERT. He also lectures on information security in University College and sits on the Technical Advisory Board for a number of innovative information security companies. Brian is author of the books "ISO 27001 in a Windows Environment" and "The Cloud Security Rules", is regularly published in a number of industry recognised publications and serves as the European Editor for the SANS Institute's weekly SANS NewsBites, a semi-weekly electronic newsletter.
  • People vs. Technology: Why Criminals Continue to Succeed Recorded: Dec 5 2012 48 mins
    Synopsis:
    We love technology. You can buy solutions that will stop intruders, prevent malware and make data loss a thing of the past. Or can you? Why, despite spending millions on hardware and software, do we continue to be at the mercy of criminals? Because we ignore the real purpose of computers: to help people share and use information. We complain about the insecurity of BYOD, cloud and social networking, but fail to exploit our best defence. Let's change the paradigm and focus on people as the solution, not the problem.

    About the Speaker:
    Peter is a world-renowned security evangelist, speaking at conferences and seminars on ethical hacking and social engineering. He has appeared in documentaries for BBC television, provided commentary on security issues for TV and radio and written many articles on a variety of security topics.

    Peter has worked in the electronics and computer industries since 1969. He has extensive experience of communications and networking, with hands-on knowledge of many large-scale systems. He founded First Base Technologies in 1989, providing information security consultancy and security testing to commercial and government clients. Peter has hands-on technical involvement in the firm on a daily basis, working in penetration testing, social engineering and awareness.
  • From Virtualization to Private Cloud: Taking the Next Step Recorded: Nov 15 2012 60 mins
    Virtualization has created obvious benefits for organizations deploying it. But why stop there? Taking your virtualization projects and expanding them to include a private cloud deployment will result in even greater benefits: scalability, security, agility and more. Join this panel of experts as they discuss common obstacles in moving to a private cloud, how it affects the services you provide and how you can get there in your own infrastructure.
  • New Tools for Virtualization: Software-Defined Application Delivery Recorded: Nov 15 2012 40 mins
    In this live webinar, Riverbed Technology's Paul Wallace will discuss how you can integrate your ADC platform with automated provisioning and capacity management, using new tools for software-defined application delivery which can:

    - Unbox your application delivery network, and extend your application stack
    - Cut the cost of application delivery in virtual and cloud environments
    - Simplify your application lifecycle through automation and application integration
    - Enable access to application-level ADC capabilities and Layer 7 services
  • Panel session: 7 Essential Elements for Maximizing Application Security Recorded: Nov 14 2012 51 mins
    Threats from hackers and cyber-terrorists are increasing at a phenomenal rate. Consequently, private and public organizations are now in a heightened state of alert with concern about protecting their system infrastructure integrity and data security. In recent years, government agencies and customers have dramatically increased their requirements and scrutiny of corporate security process and procedures.

    It is important for all IT professionals to develop a comprehensive understanding of the underlying principles for designing, engineering, and managing secure applications.

    Attend this session and learn from industry experts how to know better your threats, efficiently secure the network, host and applications and incorporate security into your software development process.
Monthly Webinars around the evolving world of Technology
Watch free webinars and videos in the Webrecruit IT Channel for the latest news, best practices and analysis from the IT world. From cloud computing to data centres, information security to IT service management, these webinars will be presented by industry experts from leading organisations. Tune in live to participate in polls and ask your questions to the speakers, or watch immediately afterwards on demand.
Try a powerful marketing platform for your videos and webinars. Learn more  >

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Website Threats: It’s Not All About the Hacker Anymore
  • Live at: Jun 21 2012 9:00 am
  • Presented by: Mike Smart, Senior Manager, Products and Solutions, Symantec
  • From:
Your email has been sent.
or close
You must be logged in to email this