#IMOS18 - Here Come the Robots: What and When to Automate Your Security
The first session to take place at our all-new Infosecurity Magazine Online Summit - #IMOS18 - will be: Here Come the Robots: What and When to Automate Your Security
There is a lot to be said for automation in the business world, and cybersecurity is no different. However, there are times when only human intuition and intelligence will do. As cyber-criminals get better and faster, the requirement for information security professionals and functions to keep up and stay one step ahead intensifies. Cyber-criminals use automation to launch attacks, and to have any chance of defending against them, automation is necessary. This session explores when it’s appropriate to automate and when robots just won’t cut the mustard.
RecordedSep 11 201856 mins
Your place is confirmed, we'll send you email reminders
In today’s competitive business landscape and knowledge-based economy, we all rely on technology to be more productive and make our lives easier.
Organisations thrive when they trust their workforce to collaborate on valuable IP & work with critical systems. Perhaps, in their eagerness, some overlook the importance of verifying user trust with technology. This can leave an organisation open to the risk of losing data that is sensitive to the employees, customers and the business.
In a recent study of senior IT decision makers, 54% felt their organisations’ customers were more likely to care about cybersecurity compared to general employees, contractors/freelancers & third party vendors (35% – 36%).
As a result, it’s important for the security team to have the tools and policies in place to automatically monitor and quickly triage any risks that come with high levels of trust, to ensure the early detection of insider threats and ability to respond before an incident occurs.
In this webinar you will learn:
•Why increasing trust within the workplace is key for business success
•Why trust without verification can be a significant risk
•How to build trust through visibility and early detection of insider threats
The perimeter has shifted. Your users directly access cloud applications from everywhere and data no longer reside only in datacenters. Digital transformations like SD-WAN, IoT and cloud make securing your infrastructure, applications and data complicated. SD-WAN enabled branches directly connect to the internet, but they don’t have the ability to replicate a full HQ security stack. IoT leads to an explosion of non-standard devices using non-standard protocols, making them harder to secure. Every new change doesn’t equal need for a new security tool.
What’s needed is a scalable, simple and integrated security approach that leverages existing infrastructure that organizations already own. The Domain Name System (DNS) is critical to the fabric of the internet and any IP based communication, serving as the perfect foundation for security because it is simple to deploy, ubiquitous in networks, is needed anyway for connectivity and can scale to the size of the Internet.
Join this webinar to learn how leveraging DNS as a foundational security architecture for digital transformations can:
•Protect your brand by securing your traditional networks and transformations like SD-WAN, Cloud and IoT
•Reduce time and cost of your enterprise threat defense
•Automate responses and provide data to the rest of the ecosystem
It is one year since GDPR came into force and the regulation became the data protection standard for European businesses.
Since then, fears that huge monetary penalties would become the norm have not come into fruition and there have been few headlines about businesses struggling to comply.
However, research continues to claim that businesses are not actually compliant with the regulation, that the cost to comply can still be prohibitive and that for many organizations exactly how to comply remains a mystery.
In this webinar, we will assess the first year under the rule of GDPR, explore what we have learned and cut through some of the hype from before and after the deadline.
•What have we learned from the first year of GDPR, and what has changed?
•Are businesses still failing to comply with GDPR, and if so, why?
•What does GDPR look like for the UK following Brexit?
Moderator: Dan Raywood, Speaker: Gary Cox, Omer Farooq
The Domain Name System (DNS) plays a critical role in modern network connectivity. Unfortunately, it is also a central part of many cyber-attacks as DNS is involved in more than 90% of malware/ransomware and nearly half of all data exfiltration incidents.
So how exactly how do cybercriminals use DNS to carry out attacks? In this webinar we will examine the many ways cybercriminals exploit the unique properties of DNS.
• The various phases in the intrusion kill chain and how DNS is used in each phase
• The technical mechanisms behind DNS reconnaissance, protocol anomalies, exploits, hijacking, command and control (C&C) communications, DGA threats and more
• How DNS-based attacks work—through real word examples, including malware, phishing campaigns, and advanced persistent threats (APTs)
Moderator: Dan Raywood Speakers: Rory Duncan, Jenn Black, Darren Thomson
Is cloud security your top priority, or it is languishing somewhere on a never-ending to do list?
A user-driven cloud revolution has left IT and security professionals struggling to establish visibility of data and services, and unable to regain control of the risks associated with dispersed data and multiple cloud identities. So how should organizations regain control and begin putting the “frogs back into the box” for multi-cloud security?
In this webinar, we will look at how to get ahead with cloud, build a ‘cloud culture’ into your business, underpinned by a platform approach to avoid further complicating the picture to get the most from the cloud, whilst also managing the challenges of data everywhere, multiple cloud identities, mobile connections and global compliance.
What are the common pitfalls for multi-cloud security and how to avoid them?
Why and how to establish visibility of what has been deployed to the cloud
When to mirror on-premise security controls in the cloud
How to establish threat protection in a multi-cloud environment
Moderator - Dan Raywood, Speakers - Andrew Noonan, Torry Crass
In this webinar, we will look at the concept of why device visibility poses such a challenge for business, what is getting in the way and why OT and IT convergence has added an extra consideration.
•How your security strategy benefits from better device visibility
•How compliance and risk management can be optimised
•Unifying device visibility and control for IT and OT environments
•Ways to improve the effectiveness of existing tools
With every purchase comes new technology, and that has to be patched, reconfigured and monitored for its lifetime of use.
With the advent of IaaS and cloud services, questions arise about how long an organization should continue to use legacy systems, how to get the most out of them and, more importantly, how to ensure they are kept secure.
In this session learn:
•Strategies for understanding and assessing the threats and challenges that surround legacy systems
•How to effectively manage legacy systems in your network
•What the future has in store for legacy systems in the enterprise
A part of an organization’s security awareness training is the capability to run phishing tests on its staff. However, questions can frequently arise about how this should be done, with what regularity and the possible ethical issue of what should be done with those who ‘fail’ the test.
This session will explore:
•What makes an effective staff phishing test strategy, and why
•How often you should test staff
•How to deal with the results of staff phishing tests and apply them to the further development of employee training
Moderator: Dan Raywood Speakers: Paul Simmonds, Diana Kelley, Dan Blum
The importance of knowing who is on your network, and verifying and authenticating who your users are, has become the cornerstone of information security in the enterprise in recent years.
Ensuring the right individuals have the correct level of access to business resources is of paramount importance to a company’s data security strategy, and it is not without its challenges.
This session will assess:
•The importance of IAM to network security
•The common problems organizations face with IAM and how to overcome them
•The key steps to implementing and managing IAM strategies across the business
CyberSN founder and CEO Deidre Diamond will look at the challenges around hiring and retaining your staff, and how you can create a career development plan to ensure that staff will want to keep working for you.
She will also look at tactics to ensure people remain loyal, and how training and succession planning can help your team overall.
Ransomware attacks are on the decline. Despite the devastation caused by recent ransomware outbreaks, a lack of public understanding about how to use cryptocurrency means that a lot of victims don’t know how to pay a ransom, whilst others are simply refusing to in greater numbers.
As a result, cyber-criminals are struggling to get a monetary return for their time and efforts spent on ransomware, and so are turning to other attacks methods, such as banking trojans, to make their money.
This session will explore:
•Why ransomware is dying out as an attack method
•How ransomware is now being replaced with alternative malware, both old and new
•How banking trojans are making a comeback as a result
State-sponsored interference in recent political elections has given rise to widespread fears that election infrastructures are at significate risk from attackers who seek to target and influence voting data.
This session will assess what the real threats are and their possible impact, along with discussing what needs to be done to ensure the safety of voting processes across the globe.
•Insight into how and why recent political elections have been targeted by attackers
•What steps need to be taken to address security vulnerabilities in voting processes
•A look at the future risk landscape of voting
In this special ‘How To’ session, an incident response expert will share advice on how best to prepare, rehearse and practice an incident response strategy. They will also give advice on the best ways to ensure your response plan works for you and your business.
•Why incident response now needs to be the key cybersecurity focus
•How to build and test an incident response plan
•Why your response plan needs to be the right fit for your business
Moderator: Michael Hill Speakers: Mike Gillespie, Raef Meeuwisse
Recent years have seen the increasing convergence of cyber and physical security in organizations, with modern networks now designed to incorporate physical devices such as CCTV, card access readers and heating, ventilation and air conditioning systems.
This has brought about significant business benefits, saving time and money. However, it has also led to new security risks and challenges for the enterprise.
In this session, learn:
•How physical security is converging with IT, and at what cost
•How to build security into the design and development of physical devices, systems and policies