It’s no secret that SCADA systems are vulnerable to compromise. Legacy industrial control systems weren’t designed with security in mind, emerging smart technologies are presenting new risks and new challenges are emerging as control systems migrate to IP networks.
The vulnerabilities of SCADA have been dramatically exposed in recent years, most notably by Stuxnet and Flame. With so many industrial processes in critical national infrastructure monitored and controlled by SCADA systems, there are growing fears that critical infrastructure may be at risk.
During this session a panel of industry experts will share their insight and expertise on how to tackle SCADA security challenges including:
• How should government and industry collaborate and share information about threats and vulnerabilities?
• How big are the risks to critical national infrastructure?
• What are the critical controls needed in place for industrial control systems?
RecordedApr 9 201369 mins
Your place is confirmed, we'll send you email reminders
Compliance Complexities: The Ongoing Challenge
On May 25 2018, the GDPR came into force after what seemed like an eternity of build-up and preparation. Since then, complexities surrounding regulatory compliance have continued to challenge companies of all sizes.
With the stakes so high, organizations simply cannot afford to fail to take compliance seriously and must manage it effectively, but knowing how best to do that can prove to be a big challenge.
This session will reflect on the current regulatory landscape, assessing how organizations are faring in their compliance efforts, provide workable steps for being on the right side of the regulations and discuss what the next year might have in store.
•An accurate understanding of the current regulatory landscape
•Practical steps for tackling regulatory compliance within your organization
•The role compliance will play in the future of cybersecurity
In the modern, hyper-connected and threat-laden enterprise landscape, organizations face increasing pressure to protect their systems and data.
Traditional enterprise security models were built on an assumption that everything inside the network – whether its devices or people – is trustworthy. However, the evolution of attack sophistication and the proliferation of BYOD has brought greater risk, which means that newer, more holistic measures must be taken to ensure security across the business.
This session will explore how and why Zero Trust can be used to effectively secure modern organizations from a variety of threats, along with outlining the strategic management required to get the most out of a Zero Trust architecture.
•Why Zero Trust can be the key to securing modern enterprises
•How to effectively manage a successful Zero Trust strategy
•The role that Zero Trust might play in the future of enterprise security
Moderator: Dan Raywood Speakers: Lenny Zeltser, Elizabeth O'Sullivan
Success with cybersecurity ultimately depends on posing the right questions, such as what does it mean to strengthen our security program? and which endpoints are missing a security agent? A well-configured and modern asset management solution can give you the answers on questions of multiple tools, initiatives and departments, and also help you gain visibility into endpoints, networks, virtual machines and users.
In this webinar, we will look at the options of using asset management to advance your efforts related to cloud security, endpoint defense, access management, incident response, security assessments and more.
How to enable better network visibility with asset management
What asset management functions relate to security operations
How asset management can better enable governance, risk and compliance strategies
Moderator: Dan Raywood Speakers: John Orleans, Sudeep Venkatesh, Lisa Forte
People cause email data breaches for all sorts of reasons – but ultimately, every incident boils down to personal information or IP being shared with unauthorized recipients and without adequate protection.
This insider threat has been a consistent challenge for businesses in terms of blurred visibility and lack of control, and traditional email DLP technologies have not successfully dealt with this problem. Machine learning is now being hailed as the next golden child for data security – but what benefits can it actually bring to prevent email data breaches?
In this webinar, we will explore the issues organizations face when dealing with the insider threat when people share data via email, and accidentally or maliciously cause data breaches. We’ll also discuss some of the technologies you can make work for a prevention and protection strategy that mitigates this risk.
•Learn how you can better protect outbound data and prevent data breaches
•Identify some of the common causes of insider data breaches, including spear phishing
•Understand why legacy DLP has struggled to deal with the insider threat
•Learn how to have a security and IT policy to deal with insider data breaches
Moderator: Dan Raywood Speakers: Stephen Mabbutt, Neha Thethi, Tash Whitaker
Many companies still use custom scripts or manual processes to exchange information with customers, partners or other locations. However, this can create security headaches and be a laborious process.
In this webinar, we will look at why using file transfer protocol (FTP) and other insecure, manual methods is a threat to your organization’s cybersecurity, and the lack of security these methods provide.
Why centralized file transfer should be a consideration
How to adopt a scalable product that is easy to manage and use
Ways to migrate from using FTP scripts or similar methods to transfer files
Better ways to manage all your data transfer
The Information & Cybersecurity sector continues to grow at a rapid rate, with the global market expected to exceed $284 billion by 2025. More and more vendors enter the market each year and it’s vital to stand out in a crowded marketplace. In an increasingly digital world, face to face has never been so important and trade exhibitions present the right environment for this needed face to face engagement.
However attending physical events requires time, resources and investment, all for a limited window of opportunity to engage with as many people as possible and when the event is over you then have to face the sometimes difficult task of measuring how successful the experience was.
In this 25 min webinar we will discuss the key factors that you need to take into account when considering to exhibit at a trade show. Is exhibiting the right option for you and your company?
This webinar will explore the following:
-The overall cost of exhibiting at a trade show beyond your floor/booth space
-Time & Resources needed (there’s much more to having a successful experience than securing the budget to attend)
-What preparation you need to do pre-event to ensure a successful outcome
-The best way to approach potential customers on site
-How to follow up with those you have met at the event
Moderator: Dan Raywood - Speakers: Raef Meeuwisse, Rory Duncan, Greg Day
The concept of being “secure by design” can be something of a pipe dream: we hope that the technology we buy will keep us secure, and we will still be able to operate efficiently with maximum visibility, ensuring we remain secure and compliant with an intelligence infrastructure.
Well this may be a reality, but in this webinar will look at tactics and strategies to ensure that your network is secure by design, that you can get the maximum functionality from your existing assets and if compliance with GDPR and other regulations can be achieved.
Understand what secure by design actually means generally, and specifically for you
How to get the most from your existing assets and your security spend
How being secure by design can ensure a better standard of compliance
Managing endpoints efficiently and reduce the attack surface
Moderator: Dan Raywood - Speakers:Alan Jenkins, Michael Katz
Constantly evolving threats and shortage of qualified cybersecurity professionals have led security teams to move to security workflow automation to meet the demands. It’s not enough to have a great tool nowadays, these tools have to work better together to meet today’s security challenges. Security orchestration, automation and response (SOAR) tools improve efficiency and efficacy of security operations by automating threat intel management, event monitoring and incident response processes.
On this webinar we will look at how a well architected DNS, DHCP and IPAM can power SOAR platforms, and how to get to a state of security where you can rely on your SOAR tools.
What a strong SOAR strategy looks like
How to enrich other security tools with valuable IPAM data
How to enhance and improve incident response with better threat intelligence
What role DNS plays in orchestration, automation and response
Moderator: Michael Hill Speakers: Dan Blum, Gerald Beuchelt, Raef Meeuwisse
A comprehensive and fully-functioning identity program is an ever-evolving mission. From creating security awareness that sticks with employees, getting executive buy-in and assembling the right team, there’s a lot to do.
Then, deciding the correct mix of services and solutions that are required for the identity program can be quite a challenging task. One thing is certain – security should not compromise user experience. If there is too much friction in the mix, users will avoid best practice.
In this webinar, we will explore:
•The key identity program challenges that exist today
•The solutions that will help into the future
•What group of solutions can help you deliver an effective identity program that is both robust and flexible
Moderator: Dan Raywood Speaker: Rich Agar, Dan Lohrmann, Raef Meeuwisse
It’s a basic truth: You can’t secure what you can’t see.™ The more you know about your network, assets and risk posture, the less likely you are to be attacked. Each unknown device extends the attack surface and can leave your converged network vulnerable. Are you ready to mitigate this risk with 100% device visibility?
Join us on this webinar to learn how to achieve visibility of assets and devices, mitigate common risks in increasingly complex environments and operate efficiently and securely in the “security 4.0” era.
•Reduce business risk and disruption from security incidents and breaches
•Improve the accuracy of your risk assessments through accurate device intelligence
•Increase IT and OT security operations productivity
In today’s competitive business landscape and knowledge-based economy, we all rely on technology to be more productive and make our lives easier.
Organisations thrive when they trust their workforce to collaborate on valuable IP & work with critical systems. Perhaps, in their eagerness, some overlook the importance of verifying user trust with technology. This can leave an organisation open to the risk of losing data that is sensitive to the employees, customers and the business.
In a recent study of senior IT decision makers, 54% felt their organisations’ customers were more likely to care about cybersecurity compared to general employees, contractors/freelancers & third party vendors (35% – 36%).
As a result, it’s important for the security team to have the tools and policies in place to automatically monitor and quickly triage any risks that come with high levels of trust, to ensure the early detection of insider threats and ability to respond before an incident occurs.
In this webinar you will learn:
•Why increasing trust within the workplace is key for business success
•Why trust without verification can be a significant risk
•How to build trust through visibility and early detection of insider threats
Moderator: Dan Raywood Speakers: Nick Scholz, Nathan Wenzler, Christina Ayotis
Digital transformation has revolutionized business and today's workforce, creating a significant cultural shift. Millennials and younger professionals now expect the hottest new tools that allow them to work how they want - from agile project management and ‘everywhere file access,’ to cloud-based collaboration and complete mobile availability.
These features bring about many benefits, but ask a modern security team and they’ll tell you about the struggle to provide solutions that offer the quick access, seamless collaboration and outstanding ease-of-use workers want whilst also maintaining high levels of compliance and a steady security risk profile.
The challenge is real, and you need real-world experience to face it successfully. In this webinar, we will look at how to enable a strategy that permits such levels of agility whilst remaining secure.
•How a world-class security strategy can enable collaboration
•The types of collaboration tools being requested now, and how to secure them
•How to deal with Shadow IT
•Maintaining the balance of creativity and security
For any organization, making sure that the security team have the required skills to face down threats is critical. But how do you know for sure which skills are present, and which are missing?
While there are indicators to help you answer these questions, solid metrics have been missing for a long time. How do you measure what skills have been learned? In this webinar we will look at how frameworks can aid an organization in overcoming these challenges.
• What the ideal frameworks are that you should follow
• Why organizations are adopting them to help their cyber teams identify weaknesses within their cyber ecosystem, and discover blind spots which may not originally have been apparent.
• How to use frameworks to bolster workforce development, using it as a tool to map out career progression
• How frameworks can underpin a robust cyber strategy and assist implementation of new tool, techniques and technology.
Moderator: Dan Raywood Speakers: Roey Eliyahu, James Jardine
SaaS, web and mobile applications are increasingly being built on application programming interfaces (APIs). Attacks targeting these APIs have become more prevalent and vulnerabilities in APIs continue to be disclosed, both leading to high profile breaches and negative headlines. The problem is compounded by many organizations continuing to rely on traditional security approaches designed to protect applications that were fundamentally different from those being developed today, as APIs have proliferated across environments to enable modern applications.
In this webinar, we will explore how enterprises need to adopt a proactive ‘monitor and respond’ approach rather than focusing solely on secure perimeters and access controls, and discuss how to prevent an attacker from exploiting unique API vulnerabilities.
Understanding the complexity of modern APIs, and how attackers can exploit them.
How to maintain a current catalog of APIs including where sensitive data is exposed and transmitted.
The importance of learning the unique logic and behavior of each API at a granular level to identify and stop malicious activity.
How security and development teams can improve workflows to improve API security
Steps in building an effective security strategy for modern web applications
Moderator: Michael Hill Speakers: Eoin Keary, Matt Hardy, Max Heinemayer
In this age of fast, automated attacks, responding with speed and precision is crucial to stop attackers gaining a foothold. The most advanced cyber-threats can move laterally through an organization’s network and cause significant damage before a human team has a chance to respond. Humans simply cannot keep up with increasingly sophisticated and destructive machine-speed attacks. Many security teams are stuck with firefighting and ad-hoc incident response. As a result, experts are increasingly turning to AI to respond to threats autonomously.
In this webinar, we will examine how advances in AI and automation mean companies can start trusting autonomous response solutions to contain threats until the security team has time to conduct root cause analysis instead of fighting just the symptoms.
The security industry has come a long way from black-and-white IPS systems that grind operations to a halt because of being much too restrictive in their actions. Today’s AI systems can subtly, surgically and non-intrusively contain and combat threats until the human security team can catch up.
· A look at the current state of play of the threat landscape
· How automation in security has evolved
· How AI is offering a fundamentally different solution to the challenges facing businesses todayhttps://www.brighttalk.com/css/6/css/images/datepickercalendar.gif
The perimeter has shifted. Your users directly access cloud applications from everywhere and data no longer reside only in datacenters. Digital transformations like SD-WAN, IoT and cloud make securing your infrastructure, applications and data complicated. SD-WAN enabled branches directly connect to the internet, but they don’t have the ability to replicate a full HQ security stack. IoT leads to an explosion of non-standard devices using non-standard protocols, making them harder to secure. Every new change doesn’t equal need for a new security tool.
What’s needed is a scalable, simple and integrated security approach that leverages existing infrastructure that organizations already own. The Domain Name System (DNS) is critical to the fabric of the internet and any IP based communication, serving as the perfect foundation for security because it is simple to deploy, ubiquitous in networks, is needed anyway for connectivity and can scale to the size of the Internet.
Join this webinar to learn how leveraging DNS as a foundational security architecture for digital transformations can:
•Protect your brand by securing your traditional networks and transformations like SD-WAN, Cloud and IoT
•Reduce time and cost of your enterprise threat defense
•Automate responses and provide data to the rest of the ecosystem