#IMOS18 - Here Come the Robots: What and When to Automate Your Security
The first session to take place at our all-new Infosecurity Magazine Online Summit - #IMOS18 - will be: Here Come the Robots: What and When to Automate Your Security
There is a lot to be said for automation in the business world, and cybersecurity is no different. However, there are times when only human intuition and intelligence will do. As cyber-criminals get better and faster, the requirement for information security professionals and functions to keep up and stay one step ahead intensifies. Cyber-criminals use automation to launch attacks, and to have any chance of defending against them, automation is necessary. This session explores when it’s appropriate to automate and when robots just won’t cut the mustard.
RecordedSep 11 201856 mins
Your place is confirmed, we'll send you email reminders
Security operations, automation and response (SOAR) has become an essential tool for security, as it reduces manual, repetitive tasks and enables analysts to have a better working process. This can be a force multiplier for your security operations center, making life better for them?
In this webinar, we will look at SOAR and where it can be used to make life easier for the analyst, what strategies you can use to have consistent processes that works and how to do more with less.
Key takeaways:
•What SOAR can mean for your business in 2020
•How to implement an automation strategy
•What SOAR strategies you can use to improve incident response
Moderators: Dan Raywood, Michael Hill, Speakers: Paul McKay, Brian Honan
As a new year and new decade are upon us, the same number of predictions are consistently made about what we can expect in the near and far future. Whether it is more malware, greater and stronger attacks or more problems, it seems that the future seems forever negative.
In this webinar, we will look at the various trends that have been predicted for the cybersecurity industry by the vendor and research communities, and evaluate what has come true in the past, and what we can genuinely expect the future to look like.
Key takeaways:
What the predictions for 2020 tell us about the coming year
What 2019’s predictions were, and what came true
Which platforms were predicted to be hit harder than they were
What leading researchers believe will be the key trends for 2020
Moderators: Dan Raywood and Michael Hill, Speakers: Richard Santalesa, Becky Pinkard, Michael Flouton
In December, Infosecurity Magazine will host its annual end of year webinar. Moderated by Michael Hill, editor, and Dan Raywood, deputy editor, the webinar will bring together a panel of experts to reflect on the key topics, trends and headlines that impacted the information security industry over the course of 2019.
In a year which saw threats continue to evolve and mature, the announcement of huge intentions to fine under GDPR and the first $1m bug bounty launched, there were a plethora of talking points and incidents that affected data users and organizations all around the world.
In this special webinar, Infosecurity will share the thoughts of industry thought leaders to gauge how 2019 will be remembered from the information security perspective.
Key takeaways:
•What were the cybersecurity trends that dominated the headlines in 2019, and was the right story told?
•How threats and risks evolved in 2019, and what positive security strides were made
•What trends will have the biggest impact in 2020, and is the industry ready for them?
Moderator: Dan Raywood, Speaker: Steven Furnell, Barry McMahon, Sarb Sembhi
This year has seen more debate on the capability and problems of passwords as a method of authentication. The recent third Annual Global Password Security Report from LastPass revealed more issues with the use of password data, particularly around password re-use, and the continued need for passwords in stronger authentication methods.
In this webinar, we will look at the results of the report and discuss trends from 2019 around password use, and what the analysis of 47,000 users teaches us about user behavior in authentication.
Key takeaways:
What 2019’s research, trends and news teaches us on authentication trends and changes
How businesses stand up against industry standards on authentication
Moderator: Michael Hill - Speakers: Rick Moy, John Grim & Jason Rowland
Organizational threat detection is the process of using data to discover security threats across a business, both of internal and external nature. The objective is to find anomalies, analyze their threat level and determine what actions may be required to respond to them.
In today’s multi-faceted cyber-threat landscape, having the ability to detect data security risks is of paramount importance, but effective data detection requires careful consideration and forethought.
This webinar will examine the current data threat detection landscape, assess how data threat protection can be used to aid organizations in their information security strategies and outline best practices for successfully mastering the art of threat detection.
Key takeaways:
•Learn the importance of advanced threat protection in your organization
•Discover strategies for implementing effective threat detection strategies
•Learn about emerging technologies and approaches for threat detection and response
Moderator: Dan Raywood - Speakers: Dave Klein, Anne Hardy, Tricia Howard
Also known as micro-segmentation, there are many misnomers on what software-defined segmentation entails, it’s broad spectrum of use cases and what features are essential when selecting a software-defined segmentation solution.
In this webinar, we will dive into the concept of software-defined segmentation and the challenges it brings about, along with outlining the essential components and steps that should be on your list when embarking on a segmentation project to guarantee an improved security posture.
Key takeaways:
• The challenges of software-defined segmentation
• Software-Defined Segmentation use cases
• Learn key software segmentation roll-out steps
• Understand the solution requirements for software segmentation
• How to carry out software segmentation correctly, quickly and easily
Zero Trust is quickly becoming the dominant security model for the cloud, shifting the perimeter from the network to the people and devices that make up a modern workforce.
Traditional enterprise security models were built on an assumption that everything inside the network – whether its devices or people – is trustworthy. However, the evolution of attack sophistication and the proliferation of BYOD has brought greater risk, which means that newer, more holistic measures must be taken to ensure security across the business.
Zero Trust can be used to effectively secure modern organizations from a variety of threats.
However, implementing an effective zero trust approach is not without its challenges, and for a model with many moving parts, the immediate question is: where to start?
This session will explore:
• How to effectively manage a successful Zero Trust strategy
• The full zero trust reference architecture and steps to get there
• Why identity is the foundational layer to build contextual access controls from
Michael Hill - Speakers: Frank Downs, Chris DeRamus and Monty LaRue
Editor Michael Hill discusses the current state of play of cloud security, greatest challenges, best practices and paths of improvement with Frank Downs, ISACA director, cybersecurity practices; Chris DeRamus, CTO and co-founder, Divvy Cloud and Monty LaRue, Technical Leader, Cylidify.
Michael Hill - Speakers: Asaf Weisberg and Andrej Volchkov
Editor Michael Hill sat down with ISACA board director Asaf Weisberg and Andrej Volchkov, consultant, Stramizos at #InfosecNA 2019 to discuss all things #securityawareness
Michael Hill - Speakers: Simone Petrella and Allan Boardman
Editor Michael Hill sat down with Simone Petrella and Allan Boardman to discuss cyber workforce training/skills development at Infosecurity ISACA North America 2019.
Michael Hill - Speakers: Tom Brennan and Ian Glover
Editor Michael Hill talks to Tom Brennan, Chair, CREST and Ian Glover, President, CREST about proactive and reactive security approaches at Infosecurity ISACA North America 2019.
Editor Michael Hill sat down with Christopher Kennedy, CISO and VP of customer success AttackIQ at Infosecurity Isaca North America to discuss the MITRE ATT&CK framework.
Michael Hill - Speakers: Ben Goodman and Ranulf Green
Editor Michael Hill discusses Digital Identity and the role it plays in information security with Ben Goodman, Senior Vice President, Global Business and Corporate Development at ForgeRock and Ranulf Green, Head of Assurance USA at Context Information Security, at Infosecurity ISACA North America 2019, in New York, NY, USA.
Moderator: Dan Raywood - Speakers: Brian Hanrahan, Andy Smith, David Higgins
Compromised privileged credentials remain the #1 tool of attackers, despite adoption of privileged access management technology. Legacy approaches focused on protecting secrets have proven ineffective with excessive standing privilege leaving a clear path for lateral movement when a user is compromised.
In this webinar, we will challenge your assumptions about privileged access management and describe a simpler, more effective approach to PAM built on best practices.
Key takeaways:
•Understand how privileged access is used by attackers, and how to foil attempts
•What a Just In Time approach looks like and the concept of Zero Standing Privileges (ZSP)
•How to make privileged access a straightforward element of your security program
•How a single elegant approach to PAM can meet the demands of cloud, hybrid cloud and on-premise computing
•How Dev-ops and automation solutions can operate within a modern PAM solution
Moderator: Dan Raywood - Speakers: Dave Klein, Matt Pascucci
The road to compliance continues to be more rocky, with new frameworks due in 2020 set to further make the job of the data protection and compliance officer more complex. In order to achieve compliance, could a segmentation strategy – enabling better visibility of assets – be a way to ensure compliance is better achieved?
In this webinar, we will look at the concept of network segmentation and how it enables compliance, how failed segmentation in the cloud led to some cases of data breaches and which compliance frameworks you need to be aware of, now and in the future.
Key takeaways:
- How segmentation can aid visibility of your network
- How to start a segmentation strategy that makes security more robust and easier to manage
- The key steps to enabling compliance, like PCI or SWIFT, with simple segmentation and visibility
Moderator: Dan Raywood, Speakers:Brian Honan, Michelle Koestani, Adam Peckman
With the talk of supply chain and third party risk being a more serious cause of security weakness in an organization, how confident are you that your tech stack and security environment is the most secure it can be? Is there a way to get a “grade” of how secure your business is?
In this webinar, we will uncover the concept of cybersecurity ratings, how they can give you a non-intrusive snapshot or “grade” of how secure your business is, and better enable (third party) risk management.
Key takeaways:
-Get a better understanding of cybersecurity risk ratings, and their importance
-How to get the best return from your security investments
-Understand what your rating is against other security teams
-How to get the best return from your security investment
Insiders have something outside threat actors never will: trust. They’ve surpassed the challenge of external security defenses and can navigate sensitive internal resources with breakneck speed.
Today, 60% of attacks are carried out by insiders (IBM Cyber Security Intelligence Index), and the average cost of this type of breach is $8.76m (Ponemon Institute).
Unfortunately, many teams aren’t equipped to act quickly to detect and stop these incidents before it’s too late.
In this webinar, we will explore the top motives of insider threats and outline how organizations can determine the right countermeasures to stop both accidental and malicious insider threats in their tracks.
Key takeaways:
•The top seven most common insider threat focus areas, from accidental leaks to espionage
•What motivates these insider threat actors
•The risks of each type of insider threat
•Real-world examples of these threats in action
•Countermeasures to defend against each type of threat
Moderator: Dan Raywood Speakers: Marcus Fowler, Susan Peediyakkal
Today’s attackers come in many forms, from criminal gangs to state-sponsored military operations, and they use an array of attack tactics to break into your network. From APT-style attacks used by organized groups, to offensive AI measures, the capabilities of attacks are becoming more advanced.
In this webinar, we will look at how threat actors will use AI to automate the traditional attack process, how real the threat is, and what sort of tactics businesses can deploy to best defend against AI-powered threats.
Key takeaways:
Recent developments in the cyber threat landscape
The difference between an APT-style attack and automated attacks
How to prepare for AI-powered attacks
How defensive AI can help human security teams regain advantage
Moderator: Dan Raywood Speakers: Donnie MacColl, Julien Legrand
How is your organization moving sensitive files? Human error, file transfer inefficiency, and subpar encryption processes are among the common challenges that IT security professionals face when sharing files both inside and outside the organization.
In this webinar, we will look at how your business can avoid the common file transfer pitfalls, how MFT is implemented, and what configurations and management are needed, and what the outsourced options look like.
Key takeaways:
•Avoiding the negative impact that privacy breaches can have on your business
•How to integrate and streamline connectivity with the apps you use every day on the cloud
•How to automate your processes between multiple web and cloud services at once through cloud application integrations with MFT
•Enabling audit trails and visibility and have evidence of transfer completion
Cybercrime and data breaches receive enormous amount of our attention, but the fact still remains that physical access control is a critical front-line defense in a comprehensive digital security posture. As the security landscape continues to change and become more complex, it brings with it opportunities to look at new technologies that respond to escalating security threats.
Card credential and other form factor technologies are common place in many office environments. Now that mobile devices are ubiquitous as well, employees are beginning to expect Mobile Access – the use of a mobile device such as a smartphone, tablet or wearable, to gain access to secured doors, gates, networks and more – as a choice.
However, the challenge for organizations is how to derive the greatest value from the infrastructure in place while integrating new solutions.
In this webinar, we will explore:
• Key insights into why mobile access drives a higher level of security
• The challenges that exist in implementing a mobile access program
• The best practices that create a path to mobile access today
#IMOS18 - Here Come the Robots: What and When to Automate Your SecurityModerator: Michael Hill - Speakers: Marc Lueck, Ed Tucker[[ webcastStartDate * 1000 | amDateFormat: 'MMM D YYYY h:mm a' ]]56 mins