Name: Faster detection and response with MITRE ATT&CK
Start: 2020-09-10T14:00:00Z
End: 2020-09-10T14:01:01.000Z
Location: BrightTALK
Rating: 4.3

Dedicated to serving the information security community, in person, in print and online.

Extensive digital transformation programs in organizations over the past few years has sparked an explosion in their use of third-party services. While this trend has helped enhanced operational capabilities, it has also expanded organizations’ cyber-attack surfaces, with an explosion in access points and potential vulnerabilities.
The latest edition of the popular National Institute of Standards and Technology's Cybersecurity Framework (NIST CSF), version 2.0, has recognized these changes and provides new guidance to help organizations effectively manage the subsequent risk.
In this webinar, an expert panel will explore the updates to the CSF in relation to third-party risk, and offer practical advice on how to integrate the framework into their supply chain risk management programs.
Join this session to learn about:
• The evolving third-party risk management landscape, and how attackers are taking advantage of more complex attack surfaces
• How the NIST CST 2.0 approaches this area of cybersecurity and why these changes have been made
• How to effectively integrate the provisions into your third-party risk management program, taking into account your specific organization and sector

How to Optimize Third-Party Risk Management Programs Through NIST CSF 2.0

Join us to explore real-world case studies where the NHS has successfully enforced robust password policies, continuously monitored for compromised passwords, and eradicated weak passwords to meet stringent Cyber Essentials standards.
 
Initiatives that have not just improved security but have also streamlined user experience across the board.
 
In this 30-minute Talking Tactics session, engage directly with subject matter experts through a lively Q&A session, share your thoughts and vote on pressing issues with live audience polling.
 
Whether you’re deep in the trenches of healthcare IT security or just keen on upping your cybersecurity savvy, this webinar is your opportunity to learn actionable strategies that could dramatically enhance your operational security. 
 
Don’t miss out on this chance to boost your knowledge and influence the evolution of NHS cybersecurity practices. 
 
In this session you will learn: 
 · How to enforce password policies successfully based on real-world case studies 
 · Practical advice on securing user-authentication and how to meet the UK's Cyber Essentials standards 
Why considering user experiance can lead you to success with your password polices

Learn from the NHS - Proactive Password Security for Improved Cybersecurity

Adversaries conducting distributed denial of service (DDoS) continuously improve attack size and sophistication.  

Over the past years, hacktivists and other DDoS attackers have diversified their arsenal, using techniques ranging from HTTP request-intensive to IP packet-intensive and bit-intensive DDoS attacks. To make their attacks more efficient, they now traditionally use networks of devices, called botnets, programmed to send requests to the same website automatically.
The largest-ever DDoS attack occurred during the third quarter of 2023, with 201 million requests per second (rps) –almost eight times more significant than the previous record of 26 million rps, reported in 2022.

Taking an inside look at a DDoS simulation case study, this session will highlight how companies can prepare in advance, identify vulnerabilities, and mitigate DDoS attacks.
Tune in to learn:
• Why DDoS attacks are so easy to launch today
• How to gauge your exposure to DDoS threats
• The impact of closing critical vulnerability gaps via simulation testing – a case study
• Actionable steps for proactive DDoS protection

Uncovering DDoS Vulnerabilities with Simulation Testing: A Case Study

Securing Remote Management within Operational Technology (OT) has emerged as an ever-expanding challenge for numerous organizations and industries in recent years.

With technology used in operational networks approaching the end of life and being increasingly linked to the internet, often directly, exposing an expansive attack surface.

Addressing the remote connectivity issue requires robust boundary defences and mechanisms for the safe import and export of data.

This webinar is aimed towards offering suggestions to effectively secure remote management between operational and corporate networks.

Join us to learn:
• How to set up strong defences to protect your organisation from cyber threats when connecting OT devices to the internet.
• Practical ways to safely move data between different networks, ensuring easy communication while keeping sensitive information and systems protected.
• How to efficiently manage remote operations while keeping security a priority, so you can handle remote tasks with ease and confidence.

How to Secure Remote Connectivity within Operational Technology Environments

Amid a proliferating cyber-threat landscape, legislators around the world are numerous cybersecurity and data protection laws. Several of these new regulations are due to come into force in 2024, including the EU’s Network and Information Systems (NIS2) Directive.

This rapidly evolving regulatory ecosystem is making it challenging for organizations across all sectors to ensure compliance.

In this 30-minute Talking Tactics session, we will discuss how cybersecurity teams can stay compliant in the face of constant regulatory evolution, navigating obligations strategically and concentrating on key priorities.

Sign up for this webinar to learn:
• How the rapid proliferation of laws, regulations, and industry standards are impacting businesses across all sectors
• How to adapt compliance strategies amid the increasingly virtual business landscape
• How to navigate pressure from regulators, investors, and executives to showcase effective risk management
• How to develop a proactive approach that tackles obligations strategically and positions them as valuable strategic risk partners to the board

Navigating the Evolving Cybersecurity Compliance Landscape in 2024

Mitigating sophisticated identity-based attacks has become a top concern for security professionals. 

As MFA adoption increases across organizations, there is an evolution in attack tactics that have become increasingly popular in the cat-and-mouse game between attackers and defenders; specifically, MFA fatigue, Attacker-in-the-Middle (AiTM), and session theft attacks. 

IAM administrators are battling these while also trying to support end users who are increasingly frustrated and inconvenienced by MFA interrupting their work day. 

So how can organizations strengthen identity security to frustrate the attackers instead of their users?
 
Join this webinar, to learn:
 · How to leverage endpoint device identity to block sophisticated tactics such as MFA fatigue, Attacker-in-the-Middle, and session theft 
 · How verifying device trust during authentication creates a much better end user experience
 · How the industry has a lot more to offer than deploying and maintaining clunky device certificates

Why Strong Identity Security Needs Device Verification & Better User Experience

In this webinar, we delve into the transformative impact of Artificial Intelligence (AI) on cybersecurity and security operations, unveiling strategies to proactively counter emerging threats in 2024 and beyond. 
We will explore how AI-powered solutions are reshaping threat detection, incident response, and vulnerability management, enabling organisations to stay ahead in an ever-evolving threat landscape. 
Through real-world case studies and expert insights, attendees will gain actionable insights into leveraging AI to strengthen their cybersecurity posture and enhance operational resilience.  
Join this webinar to:
1. Understand the role of AI in threat detection and incident response capabilities to combat evolving cyber threats.
2. Learn how AI-driven automation streamlines security operations, enhances efficiency, and reduces response times in addressing security incidents.
3. Gain insights into leveraging AI-powered analytics and threat intelligence to proactively identify and mitigate emerging cyber threats, ensuring organisational resilience in 2024 and beyond.
Join us to discover how AI is transforming cybersecurity practices and equipping organizations with the tools needed to safeguard against emerging threats effectively.

Adapting to Tomorrow's Threat Landscape: AI's Role in Cybersecurity Operations

Cybersecurity threats in healthcare are tough enough to keep up with, let alone ensuring your organization doesn't fall prey to them. 

Threats can increase spend, threaten compliance, and create innovation drag – as well as being costly with the fines that come along with breaches. 

Maintaining a strong defensive posture is critical to safeguarding your data and digital innovation in 2024. 

Join our webinar for an overview of the 2023 ClearDATA Healthcare Threat Report and an industry expert panel discussion. 

Join this session to hear about:
• The security and compliance challenges facing the industry 
• The top threats to healthcare clouds
• Important strategies to detect, respond and respond faster

With healthcare breaches skyrocketing and minimum fines in the millions per incident, it is vital to get 'back to basics' to secure vital healthcare systems and maintain trust in an increasingly digital world.

Understanding Healthcare Cloud Threats and How to Combat Them

Building a robust cybersecurity posture goes beyond technical defenses. Fostering a culture of security awareness empowers employees to become active participants in protecting the organization's digital assets. 

The idea that users are the "weakest link" in cybersecurity is outdated and inaccurate. Instead, we need to move away from victim-blaming and understand that users are not inherently weak; they need the right tools, training, and support to make secure choices.

This panel discussion will explore the challenges and strategies for establishing, nurturing, and measuring an effective cybersecurity awareness culture. 

Join us to explore: 
 The role of human behavior in cyber-attacks and the importance of awareness training.
 The challenges of overcoming apathy, complacency, and bad habits in relation to cybersecurity.
 Implementing practical strategies for embedding security into everyday work practices and decision-making.
 How to measure success: Defining and tracking key metrics to evaluate the effectiveness of cultural change efforts.

Cracking the Culture Code: Building a Cybersecurity-Aware Workforce

Disinformation and misinformation are no longer just online nuisances; they're weapons in the cyber-attacker's arsenal, used to manipulate emotions, deploy malware, and inflict reputational damage. 

As generative AI takes hold, disinformation and misinformation has become a top concern for cybersecurity professionals. 

According to an ISACA study of 2,300 digital trust professionals, 77% say that disinformation and misinformation is a top risk. 

This panel discussion will arm cybersecurity professionals with the knowledge and strategies to combat these evolving threats.

Join this session to: 

 Explore real-world case studies of disinformation attacks and their impact.
 Discuss the evolving tactics used by attackers, including defamation, extortion, and deepfakes.
 Demystify deepfake technology and its potential use in cyber-attacks.
 Discuss the potential role of government intervention in tackling this issue.
 Explore how businesses can advocate for responsible AI use and content moderation practices.

Disinformation: Protecting Businesses from the New AI-Powered Cyber Threats

As cloud adoption soars, APIs have become the critical arteries of modern applications. Unfortunately, they also present an expanding attack surface, attracting malicious actors looking for exploitable vulnerabilities.

Having a secure API is vital to ensuring cyber threat mitigation and protecting against unwanted traffic from bots, spammers and hackers. 

This panel discussion will delve into the unique security challenges of cloud APIs, offering practical strategies and insights to mitigate risk and build a robust defense.

Join this session to learn about: 

 The evolving threat landscape and the unique risks associated with cloud APIs, including injection attacks, data breaches, and unauthorized access.
 Unique cloud challenges: Addressing unique security considerations for APIs deployed in cloud environments, such as multi-tenancy and distributed systems.
 The role of the cloud provider: Understanding shared responsibility in cloud API security and collaborating with providers for optimal protection.
 Get the basics right: Ensure you are implimenting API security best practices including establishing an inventory, adding security in front of cloud APIs, identity and access management, and monitoring unusual requests.

Securing APIs in the Cloud Frontier

The ransomware landscape has shifted dramatically in 2023 and 2024 with the disruption of the BlackCat/ALPHV and Hive ransomware gangs, followed by the takedown of LockBit. But is this a turning point, or just a temporary setback? According to the FBI ransomware losses in the US surged to $59.6m in 2023. 
Join us for a fireside chat with renowned security expert Allan Liska, CSIRT at Recorded Future, and better known by his online alias "Ransomware Sommelier." 
Liska will leverage his decades of experience as an ethical hacker and CSIRT professional to provide an in-depth analysis of today's ransomware threat. 
In this session, you will hear about:
· The long-term impact of recent law enforcement takedowns on ransomware gangs
· An analysis of today's ransomware threats
· Critical ransomware tactics organizations need to be aware of in 2024
· Why the "pay or not to pay" debate persists
· Actionable tips for mitigating the damage caused by a ransomware attack

Fireside Chat: The State of Ransomware Today with the Ransomware Sommelier

Cyber-attacks are no longer a question of "if" but "when." Implementing robust security controls, incident response plans, and business continuity measures are critical to surviving a cyber-attack and thriving afterwards.
Ultimately resilience translates to operational continuity, brand protection, and competitive advantage but we need to have the right tools, mindset and business buy-in in order to achieve these goals. 
This panel discussion will delve into the concept of organizational resilience, exploring how to prepare for, respond to, and recover from cyber incidents with minimal disruption and lasting impact.
Join this session to learn more about: 
 Why it is important to regularly simulate and practise incident response to identify vulnerabilities and improve preparedness.
 The CISO's perspective on managing stakeholder communication, mitigating damage, and regaining trust after an attack.
 The recovery process: Implementing rapid recovery procedures, restoring operations, and learning from the incident to enhance future resilience.

Bouncing Back: Building Organizational Resilience in the Face of Cyber-Attack

Cybersecurity and privacy governance strategies are essential for ensuring organizations are secure and compliant, while staying closely aligned with business objectives.

In the opening keynote session on Day 1 of the Infosecurity Magazine Spring Online Summit, Talya C. Parker, Privacy and Security Expert, Founder of the BGiC Foundation, will set out the principles security and privacy leaders must adopt to integrate these areas into corporate governance.

This involves working closely with executive leadership to craft a vision that incorporates security and privacy as core values in an organization, and building trust through transparency in policies and actions with staff, customers and other business stakeholders.

Parker will also highlight practical ways of integrating risk management into decision-making, providing real-life examples from her work with high-profile organizations including Google, Nike, and Deloitte. 

Join this session to learn:
• The importance of integrating security and privacy into corporate governance
• The role of security and privacy leadership in building vision and strategic alignment
• How to develop frameworks for identifying and categorizing risks, while balancing the need for innovation
• How to foster a risk-aware culture that understands and respects security and privacy risk management

The Role of Leadership in Security and Privacy Governance

Welcome to the Infosecurity Magazine Online Summit Spring 2024. Join our Editor, Beth Maundrill, as she highlights what to expect from Day Two of our online event, who you will hear from and some handy housekeeping notes to help you get the most out of our event.

Editor's Welcome to the Infosecurity Magazine Online Summit

Supply chain cyber-attacks are on the rise, exploiting vulnerabilities in interconnected ecosystems to infiltrate core systems and inflict widespread damage and data loss. 

This panel discussion will dissect the challenges and best practices for managing third-party risk in today's complex cybersecurity landscape, from small local firms to global software providers.

Join experts during this panel to learn about: 
 
 The expanding attack surface: Analyzing the evolving landscape of supply chain cyber threats and their potential impact. 
 Beyond the checklist: Understand how to implement robust security frameworks, vendor risk assessment protocols, and continuous monitoring.  
 Roadmaps to success: Why plotting a roadmap for the onboarding of new vendors is vital, especially in times of mergers, acquisitions and joint ventures.

Untangling the Web: Navigating Third-Party Risk in a Hyperconnected World

With our daily dependence on web-based applications and services, browsers have become the primary gateway to information and transactions for individuals and businesses.
 
This reality has been recognized by cybercriminals, who are using novel approaches to bypass standard browser security protocols.
 
The security implications of this threat to organizations are profound, and it is vital the risks are properly understood and acted upon.
 
This session will set out the growing volume of threats targeting the browser, users, and applications, and emerging solutions businesses can use to protect this critical domain.
 
Join this webinar to learn:
How the threat landscape is evolving to bypass browser security
The impact of strong browser security on enhancing productivity and efficiency for organizations
How to evaluate different browser security options to find the solutions that fit with your enterprise security strategy

Browser Security: The Missing Layer in Security Strategies

In the age of extensive cyber-attacks and data breaches, traditional password-based authentication is becoming increasingly inadequate. 
Multi-factor authentication (MFA), two-factor authentication (2FA), and passwordless methods are the new gold standard for online security. 
This panel discussion will delve into the intricacies of these technologies, exploring their strengths, weaknesses, and potential to revolutionize the way organizations approach the first line of security. 
Join this session to learn: 
• The warnings are clear: How MFA failures led to Mandiant and SEC social media hacks. 
• Password case study: Why the 23andMe credential stuffing breach shows how weak passwords really are. 
• What a passwordless future looks like and how you can adopt these solutions in your organization. 
• How to get customers and employees on board with your authentication efforts.

Beyond Passwords: Security with MFA, 2FA, & Passwordless Authentication

The MITRE ATT&CK framework is a tool to help security teams create a more effective security defense. ATT&CK uses open standards and is essentially a database of documented threat behaviors. 

Using the ATT&CK framework, analysts can track threat actor behavior to speed up incident response and investigation. When combined with a SIEM or UEBA solution, ATT&CK bridges the gap between why an alert is firing and what it means. 

In this webinar, we will look at how security analysts can use the ATT&CK framework to more quickly understand how an alert relates to a larger attack so they can take the necessary steps to protect their business.

Key takeways:

•What is the MITRE ATT&CK framework
•How MITRE ATT&CK improves detection and response
•How to reference ATT&CK tactics and techniques in an investigation

Faster detection and response with MITRE ATT&CK

MITRE

Information Security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Faster detection and response with MITRE ATT&CK

Presented by

About this talk

More from this channel