Hybrid Working Has Accelerated Cloud Application Adoption: What About Security?
The rush to work from home has clearly accelerated the movement of IT workloads to the cloud. This is true across the entire spectrum of IaaS and SaaS-based applications. What better way for most organizations to improve their ‘IT-abilities’ such as reliability, availability and scalability?
However, as is often the case, security architectures are lagging behind. How do we know this? One clear tell of this lag is the growth in VPN usage at many organizations and the need to ‘trombone’ even cloud-destined traffic through the corporate VPN purely for visibility and security control purposes.
This can’t be the ultimate way forward, but the movement of security controls to the cloud is also accelerating. How can organizations make this transition without dropping the security ball?
In this webinar, a panel of security experts will discuss:
- The security impacts of hybrid working
- How cyber-criminals have pivoted their attacks
- How to leverage cloud transition to improve your security abilities
- What cloud security of the rapidly approaching future looks like
RecordedMar 4 202161 mins
Your place is confirmed, we'll send you email reminders
Improvements in cybersecurity technologies have made it more difficult for threat actors to mount direct attacks on organizations’ networks. Cyber-criminals are therefore increasingly looking for alternative routes into systems to steal sensitive and confidential data. One of these involves compromising the login credentials of employees or external contractors/vendors, especially those who have privileged accounts and are able to freely access sensitive systems and data.
This issue has been exacerbated by the COVID-19 pandemic, with remote employees more vulnerable to having their login credentials compromised. A zero-trust model of security has regularly been highlighted as vital to keeping a hybrid workforce secure alongside internal employees and external contractors, and this must be underpinned by a strong privileged access management policy, ensuring that compromised accounts do not lead to disastrous data breaches for businesses.
This webinar will explore the latest trends and challenges in privileged access management, and outline the strategies and technologies required to stay one step ahead of threat actors.
In this webinar, a panel of experts will discuss:
· How threat actors are increasingly targeting staff or contractor accounts to steal sensitive data
· The importance of privileged access management in keeping organizations secure, particularly for a hybrid workforce
· The steps required to develop a successful privileged access management policy
Amid a surge in new international data privacy laws and regulations, it is becoming increasingly challenging for organizations to stay compliant. It has therefore never been more important to develop secure infrastructure to enable compliance obligations to be fulfilled, particularly following the shift to remote working during the COVID-19 crisis.
The first step to achieving this aim is data classification, which provides a solid foundation to build towards onward compliance. In this webinar, a panel of experts will explain how integrating data classification with necessary data protection tools such as DLP, rights management, encryption and more, will elevate your cybersecurity strategy. There will also be advice and tips on the right steps to take on this journey.
This session will demonstrate:
- The increasingly challenging cybersecurity and data protection landscape
- How to develop a robust compliance and data loss architecture
- Why classification by design is the foundation of effective data protection and compliance
The adoption of zero trust services has accelerated as work locations become more fluid and flexible between office and home. That said, it’s now more critical than ever to ensure that users have fast, seamless and secure application access regardless of where they’re connecting.
In this webinar, a panel of security experts will discuss how zero trust security principles provide consistent user experiences when accessing private applications, regardless of the user’s or app’s location.
Join the conversation to learn:
- How zero trust is beneficial for in-office users along with remote users
- How to create a blueprint to ensure a consistent experience when users are accessing private applications
- How to provide fast, secure, local access to internal applications while simplifying the IT infrastructure
IT and security leaders are moving forward with the new realities of the hybrid workplace. Working from home, or remotely, is now just ‘work’. As employees begin to mobilize again, organizations need to maintain an agile and frictionless security model, which at the same time compliments an ever-growing migration of applications to the cloud.
Zero Trust has surfaced as a strategy that shifts the dependency on the user’s location and traditional VPN’s, to policy-based access to applications, wherever they reside.
In this webinar, a panel of expert speakers will discuss how Zero Trust security was propelled forward in 2020, and the vital role of secure access service edge (SASE) in implementing this approach going forward, as more organizations undergo digital transformations.
- Why move to a user-centric and location-agnostic Zero Trust security model
- How Zero Trust Network Access (ZTNA) can be the next step in your SASE adoption
- How an edge strategy supports organizations’ future digital growth
Third-party security and risk assessments have always been important, but rapid digitization and outsourcing during the COVID-19 pandemic has brought the topic to even greater prominence. High-profile attacks are occurring as a result of third-party vulnerabilities and it’s becoming an increasingly talked about topic at board level, particularly in light of the SolarWinds attacks.
A thorough understanding of the risks within a supply chain will be essential going forward, with external customers and senior leadership within an organization wanting to be satisfied that third party partners are meeting security and regulatory compliance rules.
The traditional approach of sending questionnaires to companies is costly, time-consuming and often ineffective, particularly in the current landscape. In this webinar, a panel of experts will discuss how security and regulatory teams can conduct efficient and accurate assessments of the security vulnerabilities in third parties, as well as ensure data protection rules are being met.
In this session, attendees will learn:
- How the COVID-19 crisis has made it easier for malicious actors to target supply chains, and the potential damage that can be caused by successful attacks
- The inadequacies of current approaches to vendor risk management and the growing availability of cutting-edge solutions
- How to benefit from a centralized risk assessment exchange that combines both enterprise and third-party vendors on the same platform
- How to guard against failures in third party risk management
Secure endpoint management is critical to modern business success. What’s more, the move to mass remote and hybrid working models as a result of the COVID-19 pandemic has pushed endpoint security even further up the importance agenda.
However, challenges persist for organizations in finding the correct balance between endpoint security and productivity, with one threatening to outweigh the other if sound strategy and due diligence are not in place to ensure users are able to operate both effectively and safely.
In this webinar, a panel of security experts will discuss the current enterprise endpoint security landscape, assess how to best balance usability with secure processes and outline the risks of failing to do so for modern organizations.
· A step-by-step guide to hardening your endpoint security strategy
· Why secure endpoint management is a combined business responsibility
· How to address the balance of end point usability and security in modern organizations
In recent years, there has been a huge expansion of devices used within organizations, an issue exacerbated further by the shift to remote working during COVID-19. This has significantly increased the number of endpoints used by organizations, leaving them more vulnerable to attacks.
In this webinar, a panel of experts will highlight the challenges surrounding the management of endpoints in the current environment and explore why new ways of thinking are required to ensure organizations stay secure. The discussion will set out advice for organizations in establishing a strategy to secure device endpoints wherever their employees are based, including the potential benefits of a Unified Endpoint Management (UEM) strategy.
· Major trends within the device management and security landscape
· The key approaches to endpoint management, with real-time use cases
· How UEM can improve device security for remote workers
Michael Hill; Greg Heard, Patrick Bayle and Nick Lines
Choosing your managed security services provider (MSSP) can often feel like a leap of faith – but it shouldn’t. When you sign on the dotted line, you want to know that they can support your team and provide the level of security and assurance you need.
So, what should you be looking for when selecting your MSSP? Including expert advice from Microsoft and industry thought-leaders, this webinar will answer that question and more, arming you with the key information you need to be able to choose your MSSP with confidence.
Register for the webinar to learn:
- What a managed security services provider is – and what it isn’t
- The key trust marks and certifications to look for
How an MSSP should adapt to meet your unique challenges
- How an MSSP can keep you both secure and compliant
- Why your MSSP must operate as a partner, not just a provider
Moderator: Danny Bradbury; Speakers: Anthony Galfo, more TBC
Security certifications such as ISO 27001 and SOC 2 are becoming table stakes for passing vendor assessments when looking to sell to new companies and renew existing contracts. As security demands continue the trend of becoming more and more stringent, information security teams are having to do more with the same or even reduced resources.
In this webinar, a panel of experts will discuss how security teams are tackling this problem and outline some of the tools they use to make managing their increasing workload more manageable, along with highlighting the efficiencies that can be realized when pursuing multiple security certifications.
- The business and competitive benefits of pursuing security certifications such as ISO 27001 and SOC 2
- How to deal with increased security demand with limited resources
- Best practice for achieving and maintaining security certifications
2020 saw many organizations impacted by various new and altered security vulnerabilities as networking norms shifted dramatically.
Securing the new work-from-home environment became an overnight priority as businesses made efforts to improve overall security posture with increased testing throughout the SDLC, continuous security testing of assets, and rapid vulnerability remediation.
In this webinar, a panel of experts will discuss the key security trends of last year, outline the most common ongoing vulnerabilities and provide an analysis of what you, as a security professional, can do to close gaps and proactively improve security posture.
By attending this webinar, you’ll walk away knowing key security findings from 2020, including:
- The most common vulnerabilities by category and asset type
- How average vulnerability severity has changed YoY and why
- How to increase the cost of attack and resistance
- How to find vulnerabilities that aren’t found through traditional approaches using a crowdsourced security testing platform
Pharma is vulnerable. The sector, which bridges the healthcare–business divide and deals extensively with data and intellectual property (IP), is a tantalizing prospect for malicious actors. It is now one of the most targeted sectors, according to Deloitte, with over a fifth of companies suffering at least seven attacks.
Perhaps the greatest threat facing the pharma industry, however, lies inside its own walls. That’s because insider threats can hamper a pharma company’s ability to remain competitive, thus posing a risk to potential patients.
Alongside a discussion between industry experts, this webinar will include an interactive section, throwing attendees into an emerging insider threat simulation taking place at a fictional pharmaceutical company. In this scenario, participants must use their decision-making skills to find the insider threat, manage the growing crisis and prevent the loss of potentially billions of dollars.
Join us for this webinar to:
· See the impact of the human element in crisis management and response
· Gain a greater understanding of how decisions in a threat scenario have a business-wide impact
· Discover how to strengthen your organization on both sides of “the boom,” so it’s as ready before the impact as it is after it
Applications have been powered by APIs for years, but heavier focuses on automation and cloud-native design are greatly affecting the security landscape. APIs are at the heart of any business regardless of industry and are increasing in both volume and capabilities. Hackers realize the vital role APIs have in connecting critical data and services, and so have increased their focus on attacking APIs. Old ways of thinking about API security must change too.
In this webinar, a panel of experts will bust five common industry myths surrounding API security today, discussed the pitfalls of some misguided API security approaches, cut through the fluff of a handful of security industry trends and share recommendations on how to improve your organization’s API security strategy.
- The impacts of technology trends like zero trust, cloud enablement, containerization and shift-left mantra to API security
- Are traditional security controls enough for API security, or are they one component of an API security strategy?
- Why a full lifecycle approach is important when wrestling with API security
- If the scope of your organization’s API security problem is larger than suspected, what capabilities should you seek in dedicated API security solutions?
After a year of home working, security teams are fatigued. In this context, security leaders must find the energy to push forward with security maturity and overcome any operational obstacles to establish a security by design strategy in their organization.
Including a detailed, real-world case study of a recent SOC transformation, this session explores the techniques and business value of collectively focusing on a big, positive goal – of planning and implementing secure operations as part of a renewed focus on future recovery and growth. Learn how standardizing for scale will allow you to make impactful decisions from your SOC and how exploring automation and outsourcing will enhance productivity and build internal capabilities as strategic business partners.
Attendees at this session will learn how to:
• Establish a comprehensive, scalable SOC platform with container-based architecture
• Implement interactive investigation and workflow tools to empower security analysts
• Build incident case management supported by applied threat intelligence and contextualised/enriched data
As the COVID-19 pandemic continues to plague the world, vaccination efforts are now underway in many nations as they seek to jab their way out of lockdowns, economic turmoil and unprecedented healthcare challenges.
Upon that backdrop, and with reports of new, more contagious variants commonplace, the efficiency, safety and security of COVID-19 vaccines is critical to defeating the virus and seeking some form of normality.
However, cyber-threats lurk at every turn, with scammers, anti-vaxxers, cyber-criminals and state-sponsored actors seeking to unsettle, exploit and disrupt vaccination efforts in various ways for manipulative gain.
In this webinar, a panel of security experts will assess the cyber-risks that threaten COVID-19 vaccines and outline how to ensure the whole supply chain is adequately protected from these threats.
- What cyber-threats surround COVID-19 vaccines, and how much damage can they cause?
- Ensuring the security of key elements of vaccination success including information, supply chain and distribution management
- The role of information security in ongoing and future vaccination efforts
At a time of socio-economic difficulties and ongoing political instability, misinformation, fake news and illiberalism continue to plague the online world. False narratives, incorrect information and malicious manipulation persist in threatening to undermine vitally important human rights and seek to blight freedom of thought, speech and actions.
As the argument of if, when and to what extent it is right for technology companies to censor and block those actions deemed unacceptable continues to play out across the wider sphere, the real-life impact of such illiberal behavior remains clear.
In the closing session of Infosecurity Magazine’s Online Summit, a panel of experts will discuss:
• The role and impact of misinformation, fake news and illiberalism in 2021
• How to recognize and prevent the malicious manipulation of data online
• The role of big tech in combatting fake news
In just a few years, the cloud has gone from being a concept for the future to an inevitable part of any digital initiative an organization will undertake.
Whilst offering vast benefits such as speed, agility and innovation, modern cloud environments can be highly complex in nature, and with that complexity comes distinct challenges.
Chiefly is the task of ensuring that, as more data moves to cloud infrastructures and reliance on them grows, cloud technology is used securely with a key focus on resilience and reliability. After all, if your day-to-day business functioning depends on the smooth running of your cloud ecosystem, any failure – malicious or inadvertent – can be catastrophic.
In this session, a panel of experts will divulge upon the risk landscape of modern cloud environments, highlight where security issues are most likely to occur and outline step-by-step guidance for implementing a tried and tested approach to cloud security.
• An overview of the cloud risk landscape in 2021
• Learn where your key security threats reside
• How to instill a cloud security strategy fit for modern cloud environments
Bug bounty concepts have taken off in recent years with more and more organizations seeking to benefit from a variety of options now at their disposal. At the same time, vast numbers of researchers have increasingly taken to making their bug-hunting services available via crowdsourced offerings that seek to relieve the heavy lifting for organizations whilst providing effective results in the pursuit of tightening the security ship.
Amid that backdrop, understanding, selecting and implementing the right bug bounty scheme for a specific business is key to garnering the potential benefits on offer.
In this session, a leading bug bounty specialist will advise how to run an affective bug bounty program, from conception and introduction to ongoing maintenance and ensuring fruitful outcomes.
• The benefits of a successful bug bounty program
• Understanding the various types of bug bounty options at your disposal
• How to ensure your organization gets the most out of a bug bounty program
2020 has been a tough year with adopting security to support remote work. While the tech sector has performed well, some sectors faced difficult challenges. We surveyed 200+ participants on how they feel about the current state of security. Despite the additional challenges faced by security professionals in this new norm, security is improving. We wanted to share the 5 key findings along with practical insights from working with clients across multiple sectors.
You’ll come away from this presentation with a deeper understanding of:
• The current state of security
• Biggest concerns from access control to lack of remediation
• Practical advice on how to prioritize assets for testing
A successful business is reliant on various important factors, but none more so than its people. In today’s working environments, employees are faced with unique pressures to be effective in their roles, but additionally deal with issues specifically introduced by mass remote working. These include the home schooling of children, isolation from colleagues, heightened financial and health concerns and the unpredictability of the ongoing pandemic.
Under such burdens, stress, anxiety and burnout – already synonymous with balancing busy professional and personal lives – can have an even greater impact, influencing more than just productivity and affecting the physical and mental well-being of staff. For that reason, it is more crucial than ever for organizations and their leadership teams to understand and recognize the potential for such issues to occur within security teams and put in place people-centric support strategies for those in need.
In this session, a panel of experts will discuss:
• The impact of stress, anxiety and burnout on security personnel
• How leaders can recognize and act upon such issues
• How a people-first approach can lead to improved performance within your security
In a year like no other, the world has faced unprecedented change and challenges, with the impact of the COVID-19 pandemic affecting so many aspects of everyday life. During such a period of difficulty, scammers and malicious actors have sought to exploit the health crisis for their own means.
Whether it has been through targeting business support or tax relief schemes, bludgeoning healthcare organizations with attacks or seeking to sow the seeds of fear and doubt in vaccine efforts, fraudsters have implemented various techniques for profit and gain at the expense of a global community under immense pressure.
In this session, a panel of experts will reflect on the various ways in which hackers have targeted the pandemic over the past 12 months, lifting a lid on the methods employed and outlining how businesses and users can best protect themselves from ongoing COVID-related attacks, scams and fraudulent activity.
• How the COVID-19 pandemic has been maliciously exploited for profit and gain
• Insight into some of the standout criminal campaigns detected over the last year
• How the security community can help protect organizations as they recover from the pandemic
Hybrid Working Has Accelerated Cloud Application Adoption: What About Security?Moderator: Michael Hill; Speakers: Ronald Pool, Neil Thacker & Andrew Williams[[ webcastStartDate * 1000 | amDateFormat: 'MMM D YYYY h:mm a' ]]61 mins