Hi [[ session.user.profile.firstName ]]

Avoiding the Security Pitfalls of Digital Transformation

According to Gartner: “Digital transformation, cloud adoption, edge computing, and mobile mean that appliance-based network security models (designed originally to protect on-premises architectures) are being replaced.”

In the current business landscape, there’s no doubt that the web is now the most important business tool. Critical systems such as ERP, CRM, collaboration and communication platforms, customer-facing apps and other business tools that were once on-premises are moving to the Cloud as a widely trusted alternative. Users can log in from anywhere and access all the information they need to conduct business on a daily basis.

Office 365, for example, is now used by one in five corporate employees worldwide, making it the most widely used cloud service by user count. Clearly, businesses are undergoing journeys of digital transformation and moving to the cloud in huge numbers, but successful cloud adoption and implementation is not without its security challenges.

This webinar will explore how organizations can cut through the noise and make a success of cloud transformation, leveraging the benefits of cloud technologies – including efficiency, agility and scalability – while avoiding the pitfalls.

Key takeaways:
· Why are existing security infrastructures inadequate for large-scale SaaS adoption?
· How to reduce MPLS backhaul costs and increase internet bandwidth for users
· How to maintain visibility and control over users’ traffic and protect against data exfiltration
Recorded Jun 11 2020 64 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Moderator: Dan Raywood Speakers: James Gosnold, Jonathan Lee, Bindu Channaveerappa
Presentation preview: Avoiding the Security Pitfalls of Digital Transformation
  • Channel
  • Channel profile
  • How to Secure the Most Vital Data Channel in Your Organization: File Transfers Jan 21 2021 3:00 pm UTC 75 mins
    Moderator: James Coker Speakers: Kevin Curran, Brian Honan
    Files are important, right? They move in, out and around your network all day long, transmitting personal data, order fulfilment, diagnostic data between people and automated systems – keeping the wheels of your organization turning.

    However, how secure are these vital exchanges? According to Rapid7’s 2020 National/Industry/Cloud Exposure Report, often they are not, with over 13 million insecure FTP servers being accessible from the internet. The report even points out that government departments are particularly guilty in this respect.

    In this webinar, a panel of experts will discuss how to secure vital file transfer channels and how important the security, integrity and availability of these workflows are to the greater operational functions of organizations.
    Key Takeaways:
    • Learn how to secure file transfer workflows to ensure that data is both protected and transferred on-time, every time
    • Discover how a well-designed secure transfer solution can save your organization time and money
  • Automated Change: Fulfilling Network Security Requirements and Business Needs Jan 14 2021 6:00 pm UTC 75 mins
    Moderator: Michael Hill Speaker: Dania Ben-Peretz
    In addition, applications that may have moved to the cloud and hybrid data centers must be accessible to remote workers.
    Amongst that backdrop, security policy management automation can aid organizations in addressing the challenges they face.

    In this webinar, a panel of security experts will discuss how to:

    • Gain full visibility of your multi-vendor network environment and the underlying connectivity
    • Handle the rapid demand for network changes with automation for both on-premises and cloud environments
    • Avoid errors and misconfigurations to mitigate gaping holes in what was once effectively secured environments
  • Managing Security and Risk in a Microsoft 365 Environment Jan 14 2021 3:00 pm UTC 75 mins
    Moderator: James Coker Speaker: Mikey Molfessis
    Many organizations have accelerated their digital transformation in recent months, often out of necessity to keep operations running during the COVID-19 crisis. In turn, this transformation has seen Microsoft 365 adoption grow exponentially.

    There are many benefits to using Microsoft 365 as a collaboration and productivity toolset, but how do you manage security and risk within a Microsoft 365 environment? Ignoring security gaps and relying on a single vendor dramatically increases risk, but with many cybersecurity teams being asked to reduce costs in the challenging economic climate, taking a single vendor approach can be tempting.

    Join this webinar to learn more about the security gaps in Microsoft 365 and how you can implement strategies to mitigate them.

    Key Takeaways:

    • Understand the security gaps within M365 and the risks associated with a homogenous M365 environment
    • Email remains the #1 attack vector – learn how to ensure security for your email platform
    • How to maintain continuity in the midst of a cyber-attack or outage
    • Best practices for backup, protection of critical data and maintaining compliance
  • 2020 Cybersecurity Headlines in Review Dec 17 2020 4:00 pm UTC 75 mins
    Moderators: Michael Hill, Dan Raywood Speakers: Javvad Malik, Thom Langford
    In a year of unpredicted circumstances and change, the ways in which organizations work and secure data were greatly impacted. The COVID-19 pandemic forced businesses to quickly adopt mass remote working strategies leading to new and increased security risks and approaches, whilst global social unrest caused the infosec industry to assess its own issues of diversity and inclusion. All the while, reports of large data breaches, ever-evolving cyber-threats, data protection regulations and technological possibilities continued to play significant roles throughout the year.

    Join Infosecurity for this annual webinar to hear from some of the leading names in the industry as they reflect on the security story of 2020 and look ahead to its impact on 2021 and beyond.

    Key takeaways:
    Insight into the key information security topics, trends and themes of 2020
    How security threats, risks and issues evolved in 2020 and the positive security strides that were made
    What security trends will have the biggest impact in 2021, and is the industry ready for them?
  • Risk-Based Security for Your Organization: What You Need to Know Dec 10 2020 6:00 pm UTC 75 mins
    Moderator: Michael Hill - Speaker: Steve Hawkins, Syed Abdur Rahman, Sam Temple
    Risk-based approaches to critical cybersecurity challenges like vulnerability management and application security are becoming increasingly popular. The success of these programs depends on their ability to accurately identify relevant business context and environmental factors that can have an impact on risk.
    This information must then be efficiently incorporated into the risk analysis process and effectively used to drive decisions about risk prioritization and remediation. However, this is easier said than done as risk factors can vary greatly from business to business depending on industry, location and technology stacks.

    This webinar will explore how organizations can start to build the data foundations for risk-based cybersecurity decisions and outline how to efficiently operationalize this information towards cyber-risk reduction.

    Join this webinar with a panel of industry experts to learn:
    Whether a risk-based approach to vulnerability management and application security is appropriate for your organization
    How you can identify and incorporate the information necessary for effective risk-based decisions
    How data integration and process automation can help create self-sustaining risk-based cybersecurity programs
  • Enabling Secure Access: Anywhere, Any Device and Any Application Dec 10 2020 3:00 pm UTC 75 mins
    Moderator: Dan Raywood - Speakers: Russ Miller, Laura Ellis, Lisa Ventura
    From a security perspective, it’s not surprising that the challenges continue to increase as companies look to implement secure work from home for secure access to critical applications, and the Virtual Desktop Infrastructure becomes more prominent.

    In this webinar, we will look at how the move to remote access evolved to encompassing secure access from anywhere.

    Key Takeaways:
    • How to manage employees’ access in and out of the office
    • Ensuring personal devices meet security standards
    • Know what’s on your network and block unauthorized access
    • Automated approaches to reduce complexity
  • Insider Risk Maturity Models: Tales from the Insider Crypt Dec 3 2020 6:00 pm UTC 75 mins
    Moderator: Dan Raywood - Speakers: Peter Hadjigeorgiou, Kris Lovejoy, Casey Fleming
    Businesses are struggling to benchmark their security maturity position. The issue is that some businesses often have an inflated opinion of their posture, whist others have no security maturity at all. What does a company with a clear idea of its security maturity concerning its insider threat risk actually look like?

    For many organizations, understanding insider risk maturity is a journey that starts with understanding their ‘gaps in the stack’ and where the problems actually are, when in reality, the insider threat is a persistent problem for businesses that is difficult to control. Therefore, a maturity model is a good step forward in dealing with this.

    In this webinar, a panel of security experts will discuss insider risk-management strategies and outline the steps businesses can take to create an insider threat maturity model which fits with their security and risk needs.

    Key takeaways:
    •What an insider threat maturity model looks like, how to build one and how to use it
    •Why organizations need to constantly be learning about insider risk and evolving to meet new challenges
    •Real stories of businesses assessing their insider risk maturity – and what they learned
    •How to turn data insights into real-time decision making
  • Putting People First: Overcoming Human Error in Email Security Dec 3 2020 3:00 pm UTC 75 mins
    Moderator: Michael Hill - Speaker: Fahim Afghan, Nadine Michaelides, Dr Jason Nurse
    In the last 12 months, secure communication in companies has changed radically. Rapid adoption of Microsoft 365 has led to an increase in sensitive data being shared via email – something that has only been compounded by social distancing driving communications entirely online.

    At the same time, research shows that 88% of security breaches are caused by human error, and the ICO’s latest trends highlight misdirected emails as the number one cause of security incidents for the second quarter running. What’s more, between April and June 2020, misdirected emails were responsible for 44% more incidents than phishing!

    In this webinar, a panel of security experts will explore the changing risks to sensitive data and the urgent requirement for intelligent email security to mitigate risks and empower people to work efficiently and securely.

    Key takeaways:
    • The key human-related errors that are compounding email security risks
    • How to recognize and mitigate human error around misdirected emails
    • How to implement and intelligent email security that empowers your people
  • How to Mitigate Insider Security Risks in the Current Landscape Recorded: Nov 26 2020 61 mins
    Moderator: Michael Hill, Speaker: Rajesh Ganesan, Raef Meeuwisse, Amy Lemberger
    Insider security threats and risks remain both pervasive and complex, and never more so than in the current remote working paradigm amid the ongoing COVID-19 pandemic.

    Perhaps the most intriguing aspect of insider threats is their diverse and multi-faceted nature. Likewise, just as intricate are the various approaches that organizations can implement to recognize, detect, and lessen insider threats.

    What’s clear is that insider threats continue to pose huge risks to businesses – so what are the best strategies for addressing them?

    In this webinar, a panel of industry experts will explore and discuss the current insider risk landscape, share insights into the mechanics of the key insider risks threatening modern businesses and outline how security leaders can mitigate them.

    • Understand the evolving scope of insider threats in remote and hybrid work environments
    • Learn how security models like the principle of least privilege and zero trust access help counter new challenges
    • Figure out ways to augment operations and analytics to derive insights on insider threats leveraging AI and ML
  • Enabling Incident Response in a Remote Working Landscape Recorded: Nov 19 2020 63 mins
    Moderator: James Coker Speaker: Rajesh Ganesan, Andrew Hay, Ed Moyle
    Many organizations have been forced to quickly adapt to remote working during the COVID-19 crisis, and this has posed a number of new security risks. Cyber-criminals are ramping up attacks on remote workforces as a result, and the ability to respond quickly and effectively to security incidents in this context is crucial. However, this requires a fundamental rethink in incident response practices and procedures, with it harder for IT and security staff to orchestrate approaches and a greater reliance being placed on the actions of individual employees.

    In this webinar, we will look at how organizations need to prepare for cyber-incidents whilst operating remotely, including the implementation of training exercises and updated processes and procedures.

    Key takeaways:
    • What are the main security incident and responses challenges faced by organizations today
    • How the remote working landscape has impacted incident response strategies
    • How to master incident response in the current and future remote working paradigm
  • Behind the Scenes of a Live DDoS and BOT Attack: Launch and Mitigation Recorded: Nov 19 2020 63 mins
    Moderator: Dan Raywood - Speakers: Karsten Dessler, Andy Shoemaker, Joss Penfold
    Distributed Denial of Service (DDoS) attacks combined with BOT attacks have become a part of the attacker’s arsenal, hitting businesses with ever larger assaults. This has led to the adoption of DDoS and BOT-Management solutions by many organizations in an effort to prevent their success.

    In this webinar, we will look at the impact of a DDoS attack combined with BOT to see how these appear from the attacker, and the defender’s perspective, and what the attack will look like with and without protection in place.

    Key takeaways:

    What a DDoS attack can look like in real time and what role BOTs have during attack
    Why defences can work, and what the correct settings can be
    What will happen to a layer 7 website if it is not protected
  • No Perimeter, No Problem: Crypto-Strategy for a Zero-Trust Future Recorded: Nov 12 2020 62 mins
    Moderator: Michael Hill, Speakers: Muralidharan Palanisamy
    Digital transformation has resulted in new tech such as the IoT, cloud tech and enterprise mobility proliferating, maximizing the attack surface and making networks more vulnerable. Given that most of these technologies intercommunicate (thereby eliminating the concept of perimeters), all data needs to be encrypted in transit, and also while it is at rest. This points towards the concept of zero-trust security.

    By protecting data where it resides, or while it is in transit, security teams can ensure that the perimeter begins with the data itself – and in order to achieve this, businesses need an effective cryptographic strategy.

    In this webinar, a panel of experts will discuss encryption strategy and explore how organizations can execute, monitor and track it in an enterprise environment.

    Key Takeaways:
    • The relationship between perimeters and zero-trust security
    • The role of cryptography in 2021
    • How to define and enforce effective crypto-strategies
  • Establishing a Successful DevSecOps Program: Lessons Learned Recorded: Nov 12 2020 65 mins
    Moderator: Dan Raywood - Speakers: Patrick Debois, Nicholas Vinson
    The journey of establishing a DevSecOps culture within an organization can be one of significant challenge and complexity. However, in the modern landscape, it’s vital that organizations are able to understand the security implications that surround DevOps and successfully implement an effective DevSecOps strategy.

    In this webinar, a panel of experts will discuss the key best DevSecOps practices for organizations with unique insight into the strategies educational publishing giant Pearson has adopted as part of its DevSecOps journey.

    Join this webinar to learn:

    Strategies for on-boarding new services and encouraging developers’ adoption
    How to deal with prioritization of different DevOps security issues and measure success and maturity level
    How working with champions has supported this effort at Pearson
  • Achieving Compliance with the Cybersecurity Maturity Model Certification (CMMC) Recorded: Nov 5 2020 64 mins
    Moderator: Dan Raywood - Speakers: Bassam Al-Khalidi, Ed Bassett, Elvis Moreland
    In response to the increasing trend of cyber threats, the U.S. Department of Defense has launched a new information security framework and audit program to assure its vendors are adequately securing their confidential data.

    The Cybersecurity Maturity Model Certification (CMMC) combines certifications into a unified cybersecurity standard and will assess the maturity of an organization’s cybersecurity practices. Defense Industrial Base (DIB) partners and contractors have to meet the DOD’s new CMMC to bid on future procurement

    In this webinar, we will discuss steps to take to meet specific CMMC level compliance in relation to Identity and Access Management (IAM), including Privileged Access, how compliance can be achieved to pass your audit, and which technologies can aid preparations.
    How to work within the CMMC timeframe
    MFA best practices to achieve compliance under the mandate
    What to consider when choosing the right MFA security partner
    How to implement a future-proof and scalable MFA solution for your company in preparation for the future requirement changes.CMMC, Cyber Maturity, Certification, ISO, NIST
  • Web App and Portal Protection: Managing File Upload Security Threats Recorded: Nov 5 2020 61 mins
    Moderator: Michael Hill Speaker: George Chereches, Maninder Pal Singh, Ranulf Green
    File upload protection is a critical gap in web app security. How do you secure public portals and web applications from malicious attacks via file uploads?

    Organizations increasingly rely on web portals and web apps for critical customer and client interactions. Developing public-facing portals and the transfer of PII and sensitive or confidential information creates huge risks for these originations.

    Hackers target portals to gain access into an organization and securing these workflows and ensuring sensitive data doesn’t fall into the wrong hands isn’t easy.

    In this webinar, a panel of security experts will explore why file upload remains a major attack vector and how it is often not protected by traditional web application defenses.

    Join this webinar to learn:
    • The top security risks from file uploads for web portals and web apps
    • How to apply a zero-trust model to prevent and protect your organization from attackers
    • Best practices to consider for file upload protection
  • Extended Threat Detection and Response: Critical Steps and a Critical System Recorded: Oct 29 2020 62 mins
    Moderator: Michael Hill - Speaker: Grant McDonald, Dominic Vogel, Alan Jenkins
    For modern organizations, the ability to implement effective threat detection and response is paramount. Given the extensive cyber-risks that now threaten organizations, it is crucial that threat detection and response approaches are holistically sufficient to combat the numerous risks faced by organizations. This has given rise to the concept of extended threat detection and response (XDR).

    XDR may still be evolving in scope and definition, but its goals are clear – greater context of threats for security analysts and ensuring security gaps are filled.

    This webinar will explore a critical step in building the foundations of a successful XDR strategy, and why you need to include a powerhouse system that you might not have considered – the mainframe.

    Despite long-held beliefs that mainframes are secure by design, new research shows security events do happen and a number of vulnerabilities are unaddressed on the average mainframe.

    Join this webinar to learn:
    • Why XDR is a critical element of your organization’s modern security and risk management strategy
    • The first steps to help ensure a successful XDR strategy for your business
    • How perhaps the most securable system in existence can be included in your XDR strategy, and the steps to take to ensure it remains secure
  • Ransomware Defense with Micro-Segmentation: from Strategy to Execution Recorded: Oct 29 2020 60 mins
    Moderator: Dan Raywood, Speaker: Avishai Wool, Jenny Radcliffe, Rick Howard
    To prevent ransomware from taking over your organization’s resources, your network must be internally segmented. This stops the malware from moving freely inside the network from one infected computer to the next.

    However, many IT security professionals aren’t sure where to begin or what approach to take when implementing micro-segmentation.

    In this webinar, a panel of security experts will discuss the importance of a micro-segmentation approach and outline how to make a success of a micro-segmentation security project with best practice strategies and insightful use cases.

    Join this webinar to discover:
    • The stages of a successful micro-segmentation project
    • How intent-based network security and application discovery are crucial to the success of micro-segmentation
    • The role of policy change management and automation in micro-segmentation
  • Security in the Cloud - Emerging Threats & the Future Recorded: Oct 22 2020 60 mins
    Moderator: Dan Raywood - Speakers: Dave Ashton, Marc Laliberte, James Gosnold
    The last six months have seen businesses adapt to new ways of working, new methods to engage customers, employees and communities. IT teams have had to react quickly, implementing systems and facilities for home working and operating remotely, far faster than normal. This has seen a surge in the deployment of cloud and hybrid environments without, in many cases, robust testing.

    With these developments, businesses are beginning to looking at security from a Secure Access Server Edge (SASE) viewpoint. This can enabling companies to protect web, cloud, network and data security from a single source. In this webinar, we will look at the concept of SASE, what it can do for your security posture and secure your cloud and hybrid environments

    Key takeaways:

    Understand how to better secure your cloud and hybrid environments
    How SASE works and what it can add for your business
    How much cloud security impacted and enabled the remote working change
  • The Remote Workplace: Managing the New Threat Landscape with ISO 27001 Recorded: Oct 15 2020 63 mins
    Moderator: Dan Raywood - Speakers: Stuart Wright, Paul Raines, Joyce van Lujin-Bonneveld
    Many organizations around the world have had to quickly pivot and introduce online and digital channels for working and delivering services. Adding remote working and new systems and platforms have introduced risks, threats and vulnerabilities to information security frameworks. Regardless of industry, at least some degree of remote-working and digital transformation is here to stay.

    In this webinar, we will discuss the new threat landscape and consider the importance of cyber and information security standards such as ISO 27001, and how this and other certifications can be leveraged to manage risks.

    Key takeaways
    •What organizations need to know about how to safely conduct business remotely
    •What steps they can take to mitigate the risk to their business and information assets
    •How ISO 27001 can help reduce and manage information security risks
    •Maintaining compliance with security certifications during the pandemic
  • Lessons Learned from the Twitter Spear Phishing Attack Recorded: Oct 8 2020 65 mins
    Moderator: Dan Raywood - Speakers: Lior Kohavi, Andrew Hay
    The attack on Twitter in mid July enabled attackers to take control of major accounts with millions of followers, and collect over $100,000 through a Bitcoin scam. We subsequently learned that this was achieved by a spear phishing attack sent to Twitter staff, giving the attackers full control over a subset of accounts.

    In this webinar, we will look at the incidents that enabled the attack, what companies can do to ensure that phishing messages do not succeed and if extra solutions are needed to better detect and prevent phishing messages from getting to your employees.

    Key takeaways:

    How the attack was successful
    Why you need to limit employee access to sensitive user details
    How to evaluate a better phishing solution
Strategy - Insight - Technology
Dedicated to serving the information security community, in person, in print and online.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Avoiding the Security Pitfalls of Digital Transformation
  • Live at: Jun 11 2020 2:00 pm
  • Presented by: Moderator: Dan Raywood Speakers: James Gosnold, Jonathan Lee, Bindu Channaveerappa
  • From:
Your email has been sent.
or close