Hi [[ session.user.profile.firstName ]]

New Strategies for Managing Machine Identities

Machine identities are everywhere. From cloud services, containers, and applications, to the code running on them, every machine needs a trusted identity.

But with the rapid increase in machine identities, many security and infrastructure teams are left with an uneasy feeling of not being in control. The stakes are high – keeping ahead of certificate outages, key theft or misuse, and audits is a constant challenge.

The result? 88% of organizations still experience serious outages due to expired certificates. Another 89% of organizations experienced at least three failed audits due to insufficient key management.
In this webinar, you’ll learn:
• Why crypto-agility emerged as a top priority for organizations
• Key risks and challenges in managing machine identities
• How to build a case for prioritizing machine identity and reduce risk of unmanaged machine identities
• Steps for building a Crypto Center of Excellence (CCoE)
Recorded Sep 16 2021 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Danny Bradbury
Presentation preview: New Strategies for Managing Machine Identities
  • Channel
  • Channel profile
  • Man vs. Machine: How to Win the Battle of the Bots Nov 25 2021 3:00 pm UTC 75 mins
    James Coker
    Bots can be of significant benefit to organization by automating repetitive tasks and providing faster customer service. However, they are also increasingly becoming a powerful tool for cyber-criminals and fraudsters to launch attacks. Given the more dangerous and ever-evolving digital threat landscape, it is critical that security and fraud teams can rapidly identify and block “bad” bots before they can steal data, commit fraud, or harm the business.

    In this webinar, a panel of experts will highlight the growing use of bots in cyber-criminal activity and offer advice to security teams on mitigating this threat.

    Attendees will learn how to:
    • Prevent excessive cloud charges and security team distractions due to bot traffic
    • Stop credential stuffing attacks that can lead to data breaches and account takeovers
    • Mitigate sophisticated fraud that uses bots and automation to imitate human behavior
  • Optimizing Incident Response: A Practitioner's Guide Nov 18 2021 6:00 pm UTC 75 mins
    Danny Bradbury
    Organizations and security professionals defending themselves against breaches and incidents face a challenging time. Investigations are multiplying and diversifying, spurred by global trends and challenges. These include COVID-19, which forced many people to work from home without preparation, and the increased pressures to bring your own device (BYOD) that it created. Proliferating privacy regulations and cloud computing have also left many organizations vulnerable to a breach. Conducting effective investigations has become increasingly complex and more difficult to negotiate than ever before.

    In the case of a cyberattack, teams need an incident response plan with powerful integrated solutions to help investigate attacks at the early stages. Their tools must enable them to respond quickly and remotely, even when employees are off the company network or VPN. This webinar will discuss ways to accelerate incident response through automation, how to use digital forensics to trace the root of the breach, and how to conduct incident response in the cloud.

    Talking points will include:
    - How to accelerate incident response through automation
    - How to use digital forensics to trace the root of a breach
    - Incident response in the cloud
  • Defending the Unknown: New Approaches to Cybersecurity Asset Management Nov 18 2021 3:00 pm UTC 75 mins
    Benjamin David
    The digital transformation has impacted the ability of security teams to detect and prevent cyber-attacks. The increased use of the hybrid cloud for enterprise workloads, SaaS applications and unmanaged endpoints has resulted in significant technology sprawl. To protect our environment, we first need to know what we must protect.

    Traditional approaches to IT asset management have not scaled to the modern cloud deployment, with the short-lived nature of many cloud services and the need to understand cyber-risk across a diverse environment of virtual machines, users, devices and applications.

    This session will look at new approaches to a foundational challenge: how asset management can be re-invented and made fit for purpose for cybersecurity use cases.

    Key takeaways:
    • Current approaches to asset management today and their limitations
    • The importance of measuring and understanding your attack surface
    • Building a relationship-based asset model to uncover cyber-risk
    • Common cyber asset management use cases
  • Demystifying The Future of Zero Trust in 2022 Nov 11 2021 6:00 pm UTC 75 mins
    Danny Bradbury
    Navigating the expansion of traditional workforces, ubiquity of security threats and the urgency to accelerate digital transformation efforts has left organizations vulnerable. This paradigm shift has forever changed the traditional view of ‘trusted network’ and paved the way for a zero trust architecture rooted in the concept of “never trust, always verify.” Join our panelists in this interactive session to explore the principles of zero trust and plan your migration to an access mechanism that supports networks without boundaries.

    Talking points will include:
    - Understanding the basic principles of zero trust
    - Preparing your infrastructure for a zero-trust future
    - Organizational requirements to support zero-trust access mechanisms
  • Staying on Top of Diversifying Ransomware Threats Nov 11 2021 3:00 pm UTC 75 mins
    Benjamin David
    Ransomware has swiftly grown to become one of the great security concerns for organizations worldwide. Behind the scenes of threat actors targeting organizations with destructive malware, a diverse illicit economy has formed, and the structure of the criminal organizations behind the attacks has flattened.

    An indefinite number of distinct threat actors employ a wide array of techniques for any single ransomware family, ranging from requiring little skill sophistication to attack chains exploiting zero-day vulnerabilities. Now, the criminals gaining access to your network may not be the same who detonate ransomware.

    Join us in this webinar to understand:
    - An overview of the techniques used for any single ransomware family
    - Why stopping a ransomware attack requires the visibility of an EDR
    - How an EDR allows defenders to monitor for the diversity in attack techniques and the dwell time between the initial access and actual ransomware operation
  • Protecting Hybrid Active Directory Environments from Cyber-Attacks Nov 4 2021 3:00 pm UTC 75 mins
    Moderator: James Coker
    The inherent security weaknesses of on-premises Active Directory (AD) have been well documented, but the risk profile has increased further as a result of the shift to hybrid working environments that use both AD and Azure Active Directory. This has expanded the attack surface for adversaries, and recent incidents, including the SolarWinds breach, are evidence that cyber-criminals are actively targeting hybrid identity security gaps.

    Although many organizations have strategic plans to move services and assets to the cloud, the reality is that most will be operating in a hybrid identity scenario for the foreseeable future. Amid this landscape, organizations must enhance their AD and Azure AD defenses. In this session, a panel of security experts will outline the top security risks to watch for in a hybrid AD environment and offer guidance and expertise on how organizations can harden their hybrid AD security defenses.

    Attendees will learn:
    · The Azure AD authentication model and how it differs from on-premises AD authentication
    · Changing definition of the “perimeter” in Azure Active Directory
    · The radical shift in the permission model—with a real-world example of delegated application permissions and how misconfigurations can open the door to cyber-attacks
  • Transforming the Security Operations Centre with Google Scale Analytics Oct 21 2021 5:00 pm UTC 45 mins
    Benjamin David and Dr Anton Chuvakin
    Many organizations promise to transform your security operations center (SOC) with technology, advice or their personnel. However, what does it take to really transform your SOC to be ready for future threats? What tools are needed? What new processes? What are the dependencies?

    Let's explore these and other questions in this talk.
  • Machine ID Management and Digital Transformation: Building a Secure Future Oct 21 2021 2:00 pm UTC 75 mins
    Benjamin David
    Machines already outnumber the humans on your network, which means every machine needs a trusted identity. Consider IoT devices, mobile devices and software-defined workloads and applications – trusted identity for each and every machine is critical.

    As zero-trust and multi-cloud architecture become the norm, the role of machine identities in enterprise IAM (identity and access management) has reached critical importance – each needing to be managed and protected. The stakes are high, and keeping ahead of outages, key theft or misuse and internal and regulatory audits is a serious challenge.

    In this webinar, our panel will discuss:
    · The use (and misuse) of machine identities in organizations today
    · Implications of machine IDs on data privacy and protection
    · Strategies and recommendations to manage machine identities
    · How to operationalize your strategy with a Crypto Center of Excellence (CCoE)
  • How MDR Can Shelter Organizations From the Cyber Storm Recorded: Oct 14 2021 63 mins
    Eleanor Dallaway
    Three forces are creating a perfect cyber storm: an escalated threat level, a cyber-talent shortage and the growing complexity of managing a multitude of security solutions, all exacerbated by the digital shift during COVID-19. This storm is driving change, forcing us to break down silos between endpoint, workload, network and identity. It's driving the need to leverage existing tooling rather than bolting on more. It’s also reshaping managed security services to be less focused on "busy work," and more focused on "expert work."

    Managed detection and response (MDR) services could provide the shelter from this storm for organizations if leveraged correctly and with the right technologies and skills in place. In this webinar, a panel of security experts will break down the current threat landscape and how MDR can protect your organization in this environment.

    Key takeaways:
    · The trends increasing the risk of cyber-attacks to organizations
    · The development of MDR services and their growing relevance
    · How to select an MDR solution that works for your organization
  • Third-Party Vulnerabilities: Demystifying the Unknown Recorded: Oct 7 2021 60 mins
    Danny Bradbury
    What parts of your cyber supply chain are you unknowingly neglecting? The SolarWinds hack was a wake-up call for companies to check their suppliers and partners for risk. There are still plenty of other dangers lurking in third party systems ranging from software applications and APIs through to embedded devices, chipsets, firmware, and IoT solutions.

    These risks lie in other organizations' assets and are seemingly out of your control, but there are protective measures that you can take. Attending this webinar will give you a new perspective on this complex challenge and some actionable insights on where to begin.

    Talking points will include:
    - The kinds of vulnerabilities that exist in third-party resources
    - How to audit for supply chain vulnerabilities
    - Strategies for mitigating supply chain availabilities early
  • Removing the Blindfold to Better Network Security Recorded: Oct 7 2021 61 mins
    James Coker
    The COVID-19 pandemic drove many companies to rapidly deploy cloud solutions to support the overnight shift to remote working. However, the speed of this adoption meant this process was often rushed, leaving many organizations exposed to new security risks. With the pandemic easing and the world entering a ‘new normal’, businesses can no longer be complacent about this issue. The risk is too great – to your brand, your share price and your customers.

    Amid this environment, and following a surge high-profile cyber-attacks this year, now is the time to pause and re-examine your cloud security to gain a true understanding of your complete attack surface. Better visibility of your network is critical to ensure the most efficient and effective use of your current and future security investment. This panel of cloud security experts will examine:

    • What are the real consequences of an attack to a business?
    • How gaps in your security can so easily be missed, particularly following the adoption of new technologies
    • How do you maintain the required vigilance to keep up with the growing risk of cyber-attacks?
  • The Challenges of Multi-Cloud and Hybrid Security Recorded: Oct 6 2021 60 mins
    Danny Bradbury with Benoit Heynderickx, Kurt Van Etten and John Yeoh
    Over the last few years, the cybersecurity industry has rapidly adopted cloud computing and containerization. These trends have broken many traditional security paradigms, forcing security teams to rethink, retrain and adopt new approaches.

    The transition to cloud computing and containerization is proving difficult and leading to an increase in misconfigurations and breaches. According to Gartner, by 2030, at least 99% of cloud security failures will be the customer’s fault. This panel will discuss the challenges facing security teams and how the cybersecurity industry is addressing them.

    In this webinar, you will learn about the following challenges:
    - Lack of visibility into and across cloud service providers
    - Changes to the process where application developers implement security
    - Learning and implementing native CSP and Kubernetes security controls
    - Implementing security in a hybrid, multi-cloud environment
  • MDR/EDR/XDR: Wading Through Acronyms For the Right Detection & Response Solution Recorded: Sep 30 2021 61 mins
    Benjamin David
    The threat landscape is continuously evolving. As organizations adapt to new ways of working and look to harness the potential of emerging technologies, threat actors lay in wait — anticipating the next exploit, technique or open door that will grant access to networks and information.

    To keep up, detection and response technologies have evolved at an equal pace. This rapid acceleration of threats and solutions can make it difficult to choose the right solution for your organization — especially as not all security solutions are created equal.

    In this webinar, a panel of experts will explore threat detection and response programs, EDR, MDR, XDR solutions and how they can work effectively together to strengthen your overall cybersecurity program.

    Attendees will learn:
    • The differences and evolution of XDR, EDR, and MDR
    • Insights into the challenges of managing these platforms — making the managed vs. non-managed decision
    • Key considerations of finding the best solution for you and your organization
  • How to Rethink End-User Protection and Eliminate Phishing and Ransomware Recorded: Sep 23 2021 62 mins
    Moderator: James Coker
    Ransomware attacks have surged in the past year–and with the rise of ransomware-as-a-service, it’s become an increasingly profitable tactic for cyber criminals.

    According to Cybersecurity Ventures, in 2021 global losses from ransomware attacks are expected to exceed $20bn, and by 2031 that figure may be as high as $265bn. This follows recent high-profile attacks that led to Colonial Pipeline in the US paying over $4m in Bitcoin to the attackers and Travelex paying $2.3m to regain control after hackers shut down its financial transaction networks.

    Such is the severity of the situation that 60% of respondents to a recent Menlo poll think ransomware attacks should be treated the same as terrorist attacks. But it is quite possible to make malware, even ransomware attacks, a distant memory. To do so, organizations should discard outdated detect-and-remediate approaches and rethink how they protect users, applications, data and the business from these attacks from the outset.

    Join this 1-hour webinar to learn:
    • How phishing and ransomware attack trends have changed as a result of COVID-19
    • Ways you can eliminate ransomware and protect your digital and remote workforce
    • How a leading logistics and insurance business achieves 100% malware protection without impacting end-user experience or convenience
  • #IMOS21 How Cryptocurrency is Shaping the Cybercrime Landscape Recorded: Sep 22 2021 64 mins
    Moderator: James Coker, Speakers: Diana Kelley, James McQuiggan
    Cyber-criminals often favor cryptocurrencies because they are easy to monetize and provide some level of anonymity. From cyber-criminals using cryptocurrency as a method of payment for tools and criminal services, to attacks on cryptocurrency, to cryptojacking…this session will look at the ways in which cryptocurrency is shaping the cybercrime landscape.
  • #IMOS21 Ransomware: To Pay or Not to Pay? And…How Not to Pay! Recorded: Sep 22 2021 61 mins
    Moderator: James Coker, Larry Whiteside Jr, Andrew Hay, Niel Harper
    Ransomware attacks, demands, payments and counter-attacks have dominated cybersecurity headlines in 2021. In this session, a panel of experts debate whether there is ever a good argument for paying the ransom when struck by ransomware, or whether funding crime is never the answer. Panelists will also explore ways in which organizations can rebuild and move forward if they choose not to pay the ransom.
  • #IMOS21 #HowTo Establish a Positive Cybersecurity Culture in Your Organization Recorded: Sep 22 2021 37 mins
    Moderator: Eleanor Dallaway, Dr Jessica Barker
    In this ‘how to’ session, you will be given a practical guide on how to build and implement a positive cybersecurity culture. Considerations will include: winning over the C-suite, language and methods for communication and messaging, training and education best practice, reporting, incentives and internal campaigns.
  • #IMOS21 Keynote - Professor Lisa Short Recorded: Sep 22 2021 39 mins
    Moderator: Eleanor Dallaway, Speaker: Professor Lisa Short
    Digital transformation during the past year is occurring at the rate of 7 years for every 6 months. The same period saw more data breaches and malicious cyber intrusions and attacks than in the last 15 years combined. Despite this increased risk from a pervasively changing digital world, the potential of technology such as blockchain and AI is undervalued and often misunderstood, or seen as an afterthought, not foundational as a solution to risk mitigation and elimination. The security industry, have an inherent responsibility to remain abreast of threats and opportunities from emergent technology
    to best serve the economy.
  • #IMOS21 Global Threat Brief: The Most Dangerous Attack Techniques in 2021 Recorded: Sep 22 2021 62 mins
    Moderator: Eleanor Dallaway, Brad LaPorte, Martin McKeay, Miranda Ritchie, Alissa Knight, Michael F D Anaya
    The last two years have certainly seen a huge amount of change and evolution, and cyber-attack vectors and attack techniques have been no exception. In this session, a panel of experts will analyze the most dangerous attack techniques being used today, complimented with advice on how to build a defense against these methods.
  • #IMOS21 Cybersecurity Automation: The Good, The Bad & The Ugly Recorded: Sep 22 2021 60 mins
    Moderator: Benjamin David, Corey Nachreiner, Dominic Vogel, Massimo Ferrari
    Automating tasks allows businesses to concentrate on more productive problem-solving activities, which can lead to a more resilient organization from a cybersecurity standpoint.

    However, automation increases the complexity of an organization’s systems, and as cyber-criminals expand their scope, cybersecurity programs must be ready to implement automated cybersecurity in defense.

    But where can automation be lacking, or worse, problematic? This session will explore the pros and cons of cybersecurity automation.
Strategy - Insight - Technology
Dedicated to serving the information security community, in person, in print and online.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: New Strategies for Managing Machine Identities
  • Live at: Sep 16 2021 5:00 pm
  • Presented by: Danny Bradbury
  • From:
Your email has been sent.
or close