Hi [[ session.user.profile.firstName ]]

#IMOS21 Establishing a Cybersecurity Culture of Inclusion

For all of the information security industry’s diverse qualities, it is a sector that continues to suffer from clear issues surrounding inclusion. Tackling underrepresentation of females, members of the LGTBQ+ community, people of color and those with neurological conditions is increasingly featuring high on the industry’s agenda.

This session will explore the root cause of the sector’s inclusion issues, highlight why creating a welcoming culture is critical and outline what is being done to address such problems. What’s more, experts will share best practice insight for building a security philosophy in which acceptance and empathy are at the fore.

Key takeaways:
• Infosec’s inclusion issues: what, why and how
• Why cybersecurity needs a culture of inclusion, and how to achieve it
Live online Mar 23 11:15 am UTC
or after on demand 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Moderator: Eleanor Dallaway
Presentation preview: #IMOS21 Establishing a Cybersecurity Culture of Inclusion
  • Channel
  • Channel profile
  • Mitigating Ransomware Attacks in 2021 Mar 18 2021 3:00 pm UTC 75 mins
    James Coker
    Cyber-criminals have become thoughtful about ransomware attacks, taking time to maximize your organization’s potential damage and their payoff. Protecting your network from this growing threat is more important than ever.

    While there’s no shortage of frightening ransomware statistics and news reports to keep security leaders awake at night, what is in short supply is practical advice from experts on exactly what you need to know to prevent ransomware before it infiltrates your network.

    In this webinar, a panel of security experts share practical advice and real-word examples of hoe you can defend your organization from the ongoing ransomware threat.

    Key takeaways:
    · An overview of the current ransomware threat landscape
    · How ransomware attacks are evolving to become ever more sophisticated and complex
    · How to build a ransomware prevention and mitigation strategy that is right for your business
  • PKI in Today’s Cybersecurity Landscape: What, Why and How Mar 11 2021 6:00 pm UTC 75 mins
    Danny Bradbury
    In this climate of heightened corporate expectations, there’s no room for dated or poorly managed network security approaches that put valuable data at risk. Protecting your organization means understanding the nature of today’s threats – and more importantly, how to mitigate these threats.

    In this webinar, a panel of security experts will explore the role of Public Key Infrastructure (PKI) in today’s cybersecurity landscape, discuss the cyber-risks that can be addressed through PKI and outline the potential of PKI-as-a-Service in providing enterprises with a secure, certificate-based strategy that reduces the threat backdrop.

    Register now to learn:
    · The role of PKI in modern cybersecurity
    · How to secure your enterprise network with PKI
    · How to decide if internal or cloud-based PKI is right for your business
  • Staying Secure During Rapid Transformation: The Importance of DevSecOps Mar 11 2021 3:00 pm UTC 75 mins
    James Coker
    The events of 2020 brought about profound changes to the way businesses work and serve their customers. Many companies have been forced to adapt simply to continue operating while others benefited from the digital shift to accelerate business growth. However, such rapid transformations can leave organizations far more vulnerable to cyber-attacks.

    For businesses to stay safe whilst adapting at speed, developers are required to play a much more strategic role in the security process.

    In this webinar, a panel of security experts will discuss how organizations can implement an effective DevSecOps strategy, including insights from a company that has gone through major upscaling during the COVID-19 pandemic.

    Join this webinar to learn:
    · The security implications of a rapid business transformation/development
    · Why developers need to play a more strategic role in an organizations’ security
    · How to implement a successful DevSecOps strategy whilst operating at speed
  • Evolution of Ransomware-as-a-Service and Malware Delivery Mechanisms Mar 4 2021 6:00 pm UTC 75 mins
    Michael Hill
    The persistent spread and evolution of ransomware is culminating in the 2021 iteration of advanced ransomware-as-a-service, a highly organized, business-like and particularly impactful ransomware attack ecosystem.

    In this webinar, a panel of security experts will discuss how ransomware has moved beyond a ‘variation in tactics and tooling’ to a profound monetization of criminal activity, exploring the key targeting practices currently being employed by attackers. What’s more, the speakers will outline and explain best practice scenarios for mitigating and defending against modern, sophisticated ransomware attacks.

    Key takeaways:
    ● Insight into the advancement of social tactics (including publication of victims details) and other forms of extortion to force ransom payments
    ● Why the only viable defenses must now be powered by artificial intelligence and machine learning algorithms
    ● How data science can yield the earliest possible indicators of compromise through analysis of telemetry at scale
  • Hybrid Working Has Accelerated Cloud Application Adoption: What About Security? Mar 4 2021 3:00 pm UTC 75 mins
    James Coker
    The rush to work from home has clearly accelerated the movement of IT workloads to the cloud. This is true across the entire spectrum of IaaS and SaaS-based applications. What better way for most organizations to improve their ‘IT-abilities’ such as reliability, availability and scalability?

    However, as is often the case, security architectures are lagging behind. How do we know this? One clear tell of this lag is the growth in VPN usage at many organizations and the need to ‘trombone’ even cloud-destined traffic through the corporate VPN purely for visibility and security control purposes.

    This can’t be the ultimate way forward, but the movement of security controls to the cloud is also accelerating. How can organizations make this transition without dropping the security ball?

    In this webinar, a panel of security experts will discuss:
    - The security impacts of hybrid working
    - How cyber-criminals have pivoted their attacks
    - How to leverage cloud transition to improve your security abilities
    - What cloud security of the rapidly approaching future looks like
  • Becoming a Next-Gen CISO: Leading from the Front Recorded: Feb 25 2021 62 mins
    Moderator: Michael Hill, Speakers: Perry Robinson
    More threats, more systems to protect, more tools to deploy and more people to manage – the CISO’s job continues to get more complicated, and that’s not including their responsibilities at the senior management table.

    Turning myriad bits and bytes into easily digestible and actionable insights for corporate leadership is a tremendous challenge for today’s CISO – a challenge that requires new strategies and processes to overcome.

    In this webinar, a panel of security experts will discuss how cybersecurity program management transforms today’s back-office CISOs into next-generation corporate leaders, outlining key steps to evolve your program to quickly and accurately assess cyber-preparedness and successfully communicate results and requirements in the boardroom.
    Join this webinar to learn how to:
    • Implement an enterprise-wide library of threats, risks and controls for all cybersecurity domains, business continuity and compliance functions
    • Determine corporate risk appetites and tolerances
    • Collaborate with cybersecurity team members, application owners and facilities managers to assess risk levels
    • Communicate with senior leadership (in their language) so swift action can be taken
    Next-generation CISOs are strategic leaders that drive senior management decisions. Join us for a roadmap to start your journey.
  • 2021: The Year Zero Trust Overtakes VPN? Recorded: Feb 18 2021 62 mins
    Michael Hill
    The year of 2020 shined a light on many of the shortfalls of VPNs. The increase in remote work led to challenges with scale, impacted user experience and even drew the eyes of threat actors.

    VPN exploits rose to an all-time high through social engineered (i.e. Twitter) and ransomware attacks (i.e. NetWalker, REvil and Maze ransomware). Research shows that, now, nearly 70% of network and security leaders are looking to embrace zero-trust alternatives to traditional VPN.

    In this webinar, a panel of security experts will explore why organizations should be rethinking their use of VPN this year and how they can shift to an identity, device and policy-based mindset to protect their crown jewel applications.

    Key takeaways:
    · The vulnerabilities of VPNs in 2021
    · Why a zero-trust approach is critical in securing modern working environments
    · How to implement an effective identity, device and policy-based security strategy
  • The Top Five Data Security Metrics Recorded: Feb 11 2021 61 mins
    Moderator: Michael Hill, Speakers: Richard Seiersen, Ty Sbano and Kathy Wang
    In the current data security threat laden landscape, security metrics can play a key role in allowing organizations to measure and gauge whether or not their cybersecurity program is accomplishing its goals and maintaining compliance.

    However, with various security metric options at businesses’ disposal, determining which will be best and most effective to implement can be both challenging and, if due diligence is not paid, risky.

    In this webinar, a panel of security leaders will explore the top data security metrics that startup leaders should focus on when planning their security policies, how to apply data security metrics to real-world organizational data protection effort and the best ways to obtain insight and intelligence from various data security metrics discussed.

    Key Takeaways:
    • Knowledge of the modern data security and privacy threat environment
    • An understanding of CISO’s data security metrics
    • Strategies for accurately measuring an organization’s data security posture
  • FTP, FTPS & SFTP: Which Protocol Should You Use, and When? Recorded: Feb 11 2021 61 mins
    Moderator: Michael Hill, Speaker: Michael Barford
    FTP, FTPS and SFTP are three of the key protocols for transferring files, but do you know which one is the best way to secure your organization’s sensitive data during the transfer process?

    In today’s complex digital landscape, file transfer management not only poses significant logistical challenges but also a substantial security risk.

    Organizations have various file transfer options at their disposal, each offering their own distinct set of challenges and benefits. Understanding and defining which is the best method to implement, and when, is of paramount importance for organizations of all sizes.

    Join this webinar to learn the differences between the protocols, how to determine which is the most optimal for your organization and more.

    Key takeaways:
    • The difference between FTP, FTPS, and SFTP, with a specific focus on authentication, implementation and speed
    • Which protocol is best for certain instances, including complying with security standards and working with trading partners requirements
  • Automated Change: Fulfilling Network Security Requirements and Business Needs Recorded: Feb 4 2021 61 mins
    Moderator: Michael Hill Speaker: Dania Ben-Peretz
    In addition, applications that may have moved to the cloud and hybrid data centers must be accessible to remote workers.
    Amongst that backdrop, security policy management automation can aid organizations in addressing the challenges they face.

    In this webinar, a panel of security experts will discuss how to:

    • Gain full visibility of your multi-vendor network environment and the underlying connectivity
    • Handle the rapid demand for network changes with automation for both on-premises and cloud environments
    • Avoid errors and misconfigurations to mitigate gaping holes in what was once effectively secured environments
  • How to Secure the Most Vital Data Channel in Your Organization: File Transfers Recorded: Jan 21 2021 61 mins
    Moderator: James Coker Speakers: Kevin Curran, Dr Victoria Baines, Brent Adonis
    Files are important, right? They move in, out and around your network all day long, transmitting personal data, order fulfilment, diagnostic data between people and automated systems – keeping the wheels of your organization turning.

    However, how secure are these vital exchanges? According to Rapid7’s 2020 National/Industry/Cloud Exposure Report, often they are not, with over 13 million insecure FTP servers being accessible from the internet. The report even points out that government departments are particularly guilty in this respect.

    In this webinar, a panel of experts will discuss how to secure vital file transfer channels and how important the security, integrity and availability of these workflows are to the greater operational functions of organizations.
    Key Takeaways:
    • Learn how to secure file transfer workflows to ensure that data is both protected and transferred on-time, every time
    • Discover how a well-designed secure transfer solution can save your organization time and money
  • 2020 Cybersecurity Headlines in Review Recorded: Dec 17 2020 62 mins
    Moderators: Michael Hill, Dan Raywood Speakers: James McQuiggan, Thom Langford, Becky Pinkard
    In a year of unpredicted circumstances and change, the ways in which organizations work and secure data were greatly impacted. The COVID-19 pandemic forced businesses to quickly adopt mass remote working strategies leading to new and increased security risks and approaches, whilst global social unrest caused the infosec industry to assess its own issues of diversity and inclusion. All the while, reports of large data breaches, ever-evolving cyber-threats, data protection regulations and technological possibilities continued to play significant roles throughout the year.

    Join Infosecurity for this annual webinar to hear from some of the leading names in the industry as they reflect on the security story of 2020 and look ahead to its impact on 2021 and beyond.

    Key takeaways:
    Insight into the key information security topics, trends and themes of 2020
    How security threats, risks and issues evolved in 2020 and the positive security strides that were made
    What security trends will have the biggest impact in 2021, and is the industry ready for them?
  • Risk-Based Security for Your Organization: What You Need to Know Recorded: Dec 10 2020 63 mins
    Moderator: Michael Hill - Speaker: Steve Hawkins, Syed Abdur Rahman, Sam Temple
    Risk-based approaches to critical cybersecurity challenges like vulnerability management and application security are becoming increasingly popular. The success of these programs depends on their ability to accurately identify relevant business context and environmental factors that can have an impact on risk.
    This information must then be efficiently incorporated into the risk analysis process and effectively used to drive decisions about risk prioritization and remediation. However, this is easier said than done as risk factors can vary greatly from business to business depending on industry, location and technology stacks.

    This webinar will explore how organizations can start to build the data foundations for risk-based cybersecurity decisions and outline how to efficiently operationalize this information towards cyber-risk reduction.

    Join this webinar with a panel of industry experts to learn:
    Whether a risk-based approach to vulnerability management and application security is appropriate for your organization
    How you can identify and incorporate the information necessary for effective risk-based decisions
    How data integration and process automation can help create self-sustaining risk-based cybersecurity programs
  • Enabling Secure Access: Anywhere, Any Device and Any Application Recorded: Dec 10 2020 61 mins
    Moderator: Dan Raywood - Speakers: Russ Miller, Heath Renfrow, Lisa Ventura
    From a security perspective, it’s not surprising that the challenges continue to increase as companies look to implement secure work from home for secure access to critical applications, and the Virtual Desktop Infrastructure becomes more prominent.

    In this webinar, we will look at how the move to remote access evolved to encompassing secure access from anywhere.

    Key Takeaways:
    • How to manage employees’ access in and out of the office
    • Ensuring personal devices meet security standards
    • Know what’s on your network and block unauthorized access
    • Automated approaches to reduce complexity
  • Insider Risk Maturity Models: Tales from the Insider Crypt Recorded: Dec 3 2020 64 mins
    Moderator: Dan Raywood - Speakers: Peter Hadjigeorgiou, Kris Lovejoy, Casey Fleming
    Businesses are struggling to benchmark their security maturity position. The issue is that some businesses often have an inflated opinion of their posture, whist others have no security maturity at all. What does a company with a clear idea of its security maturity concerning its insider threat risk actually look like?

    For many organizations, understanding insider risk maturity is a journey that starts with understanding their ‘gaps in the stack’ and where the problems actually are, when in reality, the insider threat is a persistent problem for businesses that is difficult to control. Therefore, a maturity model is a good step forward in dealing with this.

    In this webinar, a panel of security experts will discuss insider risk-management strategies and outline the steps businesses can take to create an insider threat maturity model which fits with their security and risk needs.

    Key takeaways:
    •What an insider threat maturity model looks like, how to build one and how to use it
    •Why organizations need to constantly be learning about insider risk and evolving to meet new challenges
    •Real stories of businesses assessing their insider risk maturity – and what they learned
    •How to turn data insights into real-time decision making
  • Putting People First: Overcoming Human Error in Email Security Recorded: Dec 3 2020 61 mins
    Moderator: Michael Hill - Speaker: Fahim Afghan, Nadine Michaelides, Dr Jason Nurse
    In the last 12 months, secure communication in companies has changed radically. Rapid adoption of Microsoft 365 has led to an increase in sensitive data being shared via email – something that has only been compounded by social distancing driving communications entirely online.

    At the same time, research shows that 88% of security breaches are caused by human error, and the ICO’s latest trends highlight misdirected emails as the number one cause of security incidents for the second quarter running. What’s more, between April and June 2020, misdirected emails were responsible for 44% more incidents than phishing!

    In this webinar, a panel of security experts will explore the changing risks to sensitive data and the urgent requirement for intelligent email security to mitigate risks and empower people to work efficiently and securely.

    Key takeaways:
    • The key human-related errors that are compounding email security risks
    • How to recognize and mitigate human error around misdirected emails
    • How to implement and intelligent email security that empowers your people
  • How to Mitigate Insider Security Risks in the Current Landscape Recorded: Nov 26 2020 61 mins
    Moderator: Michael Hill, Speaker: Rajesh Ganesan, Raef Meeuwisse, Amy Lemberger
    Insider security threats and risks remain both pervasive and complex, and never more so than in the current remote working paradigm amid the ongoing COVID-19 pandemic.

    Perhaps the most intriguing aspect of insider threats is their diverse and multi-faceted nature. Likewise, just as intricate are the various approaches that organizations can implement to recognize, detect, and lessen insider threats.

    What’s clear is that insider threats continue to pose huge risks to businesses – so what are the best strategies for addressing them?

    In this webinar, a panel of industry experts will explore and discuss the current insider risk landscape, share insights into the mechanics of the key insider risks threatening modern businesses and outline how security leaders can mitigate them.

    Takeaways:
    • Understand the evolving scope of insider threats in remote and hybrid work environments
    • Learn how security models like the principle of least privilege and zero trust access help counter new challenges
    • Figure out ways to augment operations and analytics to derive insights on insider threats leveraging AI and ML
  • Enabling Incident Response in a Remote Working Landscape Recorded: Nov 19 2020 63 mins
    Moderator: James Coker Speaker: Rajesh Ganesan, Andrew Hay, Ed Moyle
    Many organizations have been forced to quickly adapt to remote working during the COVID-19 crisis, and this has posed a number of new security risks. Cyber-criminals are ramping up attacks on remote workforces as a result, and the ability to respond quickly and effectively to security incidents in this context is crucial. However, this requires a fundamental rethink in incident response practices and procedures, with it harder for IT and security staff to orchestrate approaches and a greater reliance being placed on the actions of individual employees.

    In this webinar, we will look at how organizations need to prepare for cyber-incidents whilst operating remotely, including the implementation of training exercises and updated processes and procedures.

    Key takeaways:
    • What are the main security incident and responses challenges faced by organizations today
    • How the remote working landscape has impacted incident response strategies
    • How to master incident response in the current and future remote working paradigm
  • Behind the Scenes of a Live DDoS and BOT Attack: Launch and Mitigation Recorded: Nov 19 2020 63 mins
    Moderator: Dan Raywood - Speakers: Karsten Dessler, Andy Shoemaker, Joss Penfold
    Distributed Denial of Service (DDoS) attacks combined with BOT attacks have become a part of the attacker’s arsenal, hitting businesses with ever larger assaults. This has led to the adoption of DDoS and BOT-Management solutions by many organizations in an effort to prevent their success.

    In this webinar, we will look at the impact of a DDoS attack combined with BOT to see how these appear from the attacker, and the defender’s perspective, and what the attack will look like with and without protection in place.

    Key takeaways:

    What a DDoS attack can look like in real time and what role BOTs have during attack
    Why defences can work, and what the correct settings can be
    What will happen to a layer 7 website if it is not protected
  • No Perimeter, No Problem: Crypto-Strategy for a Zero-Trust Future Recorded: Nov 12 2020 62 mins
    Moderator: Michael Hill, Speakers: Muralidharan Palanisamy
    Digital transformation has resulted in new tech such as the IoT, cloud tech and enterprise mobility proliferating, maximizing the attack surface and making networks more vulnerable. Given that most of these technologies intercommunicate (thereby eliminating the concept of perimeters), all data needs to be encrypted in transit, and also while it is at rest. This points towards the concept of zero-trust security.

    By protecting data where it resides, or while it is in transit, security teams can ensure that the perimeter begins with the data itself – and in order to achieve this, businesses need an effective cryptographic strategy.

    In this webinar, a panel of experts will discuss encryption strategy and explore how organizations can execute, monitor and track it in an enterprise environment.

    Key Takeaways:
    • The relationship between perimeters and zero-trust security
    • The role of cryptography in 2021
    • How to define and enforce effective crypto-strategies
Strategy - Insight - Technology
Dedicated to serving the information security community, in person, in print and online.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: #IMOS21 Establishing a Cybersecurity Culture of Inclusion
  • Live at: Mar 23 2021 11:15 am
  • Presented by: Moderator: Eleanor Dallaway
  • From:
Your email has been sent.
or close