Name: Security Incident Investigations: What am I looking at here?
Start: 2015-12-01T19:00:00Z
End: 2015-12-01T19:00:58.000Z
Location: BrightTALK
Rating: 3.62

Welcome to LevelBlue. We simplify cybersecurity through award-winning managed security services, experienced strategic consulting, threat intelligence and renowned research. Our team is a seamless extension of yours, providing transparency and visibility into security posture and continuously working to strengthen it. 

We harness security data from numerous sources and enrich it with artificial intelligence to deliver real-time threat intelligence. This enables more accurate and precise decision making. With a large, always-on global presence, LevelBlue sets the standard for cybersecurity today and tomorrow. We easily and effectively manage risk, so you can focus on your business. 

LevelBlue. Cybersecurity. Simplified.

Ransomware is one of the biggest threats for organizations nowadays. The expectation is that this threat will grow even further. That is because ransomware is such a lucrative business case for cybercriminals: organizations are too often unprepared for these attacks and decide to pay the ransom, while ransomware components are readily available. This webinar will investigate these factors and explain how organizations can become more resilient against these attacks. We will be using examples of recent ransomware attacks in different industries. Given the complexity and variety of new ransomware threats emerging daily, it can be difficult for IT teams of any size to figure out how to detect ransomware and respond to it while managing the rest of their cybersecurity needs. To address such a dynamic problem requires a more holistic approach to vulnerability management, and to be the most effective, it will also require cross-organizational coordination. 
Agenda:
• Introductions
• Overview of Cyber Risks and Top Cyber Impact
• Ransomware Attack
• Anatomy of a ransomware attack
• Evolution of ransomware
• Ransomware Prevention and Best Practices
• Risk-Based Vulnerability Management
• Effectively identifying and prioritizing the highest-risk vulnerabilities in your environment
• The impact of asset criticality on your vulnerability management efforts
• Employing secure configurations and other safeguards to harden your environment
• Additional steps you can take to mitigate your risk of ransomware

Fighting Ransomware with Vulnerability Management

Based on the 2023 AT&T Cybersecurity Insights Report: Edge Ecosystem, this report focuses on energy & utility companies worldwide. It explains how edge computing is changing the energy & utility industry to solve operational issues and reduce costs. Our 2023 report reveals what your peers are planning and doing to embrace edge computing.

The edge computing journey is a collaborative endeavor that begins to erode organizational silos and foster closer working relationships.

By relying on edge ecosystem experts, you’ll discover how these relationships increase resilience and improve security – critical elements for delivering safe, effective edge solutions.

The report focuses on the energy & utilities industry research results, including:

-The drivers for edge use cases.
-The top use cases being deployed and planned.
-How budgets are shifting to support and secure these initiatives.

Get your complimentary report today.

2023 AT&T Cybersecurity Insights Report: Focus on Energy & Utilities

Unravel the complexities of cyber resilience. This discussion highlights the 2024 Futures Report - a global survey of over 1,000 IT and cybersecurity professionals. Findings showcase barriers to cyber resilience and how to overcome those barriers, threat propensity across seven industries and how those industries are prepared to withstand an attack, and what steps should be taken to continue the journey to cyber resiliency. 

Chief Evangelist AT&T Cybersecurity/Agent for LevelBlue Theresa Lanowitz joins Gabe Knuth — Enterprise Strategy Group Senior Analyst of End-user Computing & User Protection—to unpack the complexities of cyber resilience and dive into AT&T’s new thought leadership research that examines:

1. Business and cyber resilience
2. Attack types and remediation preparedness across vertical markets and countries
3. Steps for future organizational planning and cyber resilience

Tune in live or watch the recorded session at on-demand.

LevelBlue & Enterprise Strategy Group: A Look at Cyber Resilience

Finance is moving forward with edge use cases, changing how the industry optimizes operations and cuts costs. Our 2023 report reveals what your finance peers are planning and doing to embrace edge computing.

The edge computing journey is a collaborative endeavor that begins to erode organizational silos and foster closer working relationships.

Relying on edge ecosystem partners, you’ll discover how these relationships increase resilience and improve security – critical elements for delivering safe, effective edge solutions.

The discussion focuses on the finance research results, including:

- The business drivers for edge use cases.
- The top use cases being deployed and planned.
- How budgets are shifting to support and secure these initiatives.

Join Theresa Lanowitz as she reveals some of the most thought-provoking observations from our new industry-standard report.

2023 AT&T Cybersecurity Insights Report: Focus on Finance

Organizations are looking for ways to protect against threats across a growing attack surface, and extended detection and response, or XDR, can help do this. However, while XDR delivers the centralized visibility, improved threat detection, and automated response that analysts need, the technology is complex. Service providers can provide the support organizations need to deploy and manage the tools that feed into their XDR solution

The endpoint is often the first point of attack for a threat actor, which makes managing and securing it of critical importance to organizations both large and small. By integrating additional telemetry sources, XDR extends the capabilities of endpoint detection and response (EDR) tools to provide a more complete picture of threats.
Join this 30-minute session to learn how XDR helps deliver the security outcomes organizations seek by protecting across network, endpoint, and cloud environments.

Agenda
• What is XDR, and what’s driving the need for it?
• How service providers help ensure stronger, smarter integrations
• XDR options: Native vs. open
• Why service providers can support better security outcomes

Are your endpoints safe? Extending managed detection and response capabilities

Machine learning is the term du jour. But what exactly does it mean, and why is it such an indispensable tool in the security practitioner’s arsenal? Join Jeff Hunter, Principle Product Manager at AT&T Cybersecurity, as he discusses the advantages to the SOC of AI-powered threat detection and response and shares how the new machine learning in AT&T Cybersecurity’s own USM Anywhere platform reinforces and evolves its existing security analytics capabilities.

Register now!

Empowering the SOC with next-generation machine learning

Today’s businesses are experiencing growing numbers of endpoints, increasing cloud reliance, and an expanding network edge. Firewalls remain a critical security control, but they can only get you so far in the unified enforcement of security policies across your hybrid environment.

Join AT&T Cybersecurity services and Check Point product leaders as they demonstrate how their collaboration is assisting businesses in transitioning from outdated infrastructure to a more cohesive network security protection system, better suited for the modern business landscape.

Gain insight on best practices for selecting and transitioning to a unified network security stack that can protect the business today and into tomorrow. Learn how one stack can help you to:

-Defend your internal network, users, and devices
-Protect user mailboxes and productivity applications
-Block phishing attempts and prevent zero-day malware
-Implement secure remote access using zero trust principles
-Inspect 100% of SSL traffic for secure, fast, and private internet use

Meet your hosts:

Tracye Poole (Product Manager, AT&T Cybersecurity)
Steven McKenna (Service Creation and Sales  – Check Point Software Technologies)

Register now to secure your spot and gain insights into safeguarding your hybrid network. See you there!

How to Align Emerging Network Security Tools to Business Needs

Today’s businesses are experiencing digital transformation, with apps moving to the cloud and users working from anywhere. As businesses look to upgrade from traditional on-premises firewalls, it is important to consider how users access resources necessary for their work. Today’s growing remote workforce and increasing number of connected devices requires a modernized approach to access management.

A hybrid solution that leverages your existing on-site devices and technology with managed network security services establishes a stronger security posture. When it comes to protecting your business, it is not just a decision about point products, but determining how to integrate these solutions into your overall security approach.
What is the next step on your journey to security modernization? 

Join us to learn about how you can build upon existing technologies to enable secure access in a hybrid environment. Hear from experts to gain insight on how managed firewall can be paired with modern access management and endpoint protection to create a comprehensive security approach.

• Why a new approach to network security is necessary for business growth
• Upgrading from legacy firewalls and enabling a remote workforce
• How to move towards a fully integrated SSE/SASE solution

Modernize Network Security: Support Migration to Cloud Services

Transportation is moving forward with edge use cases, changing how the industry optimizes operations and cuts costs. Our 2023 report reveals what your transportation peers are planning and doing to embrace edge computing.

The edge computing journey is a collaborative endeavor that begins to erode organizational silos and foster closer working relationships.

Relying on edge ecosystem partners, you’ll discover how these relationships increase resilience and improve security – critical elements for delivering safe, effective edge solutions.

The discussion focuses on the transportation research results, including:

-The business drivers for edge use cases.
-The top use cases being deployed and planned.
-How budgets are shifting to support and secure these initiatives.

Join Theresa Lanowitz as she reveals some of the most thought-provoking observations from our new industry-standard report.

2023 AT&T Cybersecurity Insights Report: Focus on Transportation

Retail is moving forward with edge use cases, changing how the industry optimizes operations and cuts costs. Our 2023 report reveals what your retail peers are planning and doing to embrace edge computing.

The edge computing journey is a collaborative endeavor that begins to erode organizational silos and foster closer working relationships.

Relying on edge ecosystem partners, you’ll discover how these relationships increase resilience and improve security – critical elements for delivering safe, effective edge solutions.

The discussion focuses on the retail research results, including:

-The business drivers for edge use cases.
-The top use cases being deployed and planned.
-How budgets are shifting to support and secure these initiatives.

Join Theresa Lanowitz as she reveals some of the most thought-provoking observations from our new industry-standard report.

2023 AT&T Cybersecurity Insights Report: Edge Ecosystem in Retail

Manufacturing is moving forward with edge use cases, changing how the industry optimizes operations and cuts costs. Our 2023 report reveals what your manufacturing peers are planning and doing to embrace edge computing.

The edge computing journey is a collaborative endeavor that begins to erode organizational silos and foster closer working relationships.

Relying on edge ecosystem partners, you’ll discover how these relationships increase resilience and improve security – critical elements for delivering safe, effective edge solutions.

The discussion focuses on the manufacturing research results, including:

-The business drivers for edge use cases.
-The top use cases being deployed and planned.
-How budgets are shifting to support and secure these initiatives.

Join Theresa Lanowitz as she reveals some of the most thought-provoking observations from our new industry-standard report.

2023 Cybersecurity Insights Report: Focus on the Manufacturing Edge Ecosystem

Join Frank Geshwind for Palo Alto Networks, Glen Deskin for Check Point, Chris Taylor for VMware and Theresa Lanowitz, Head Evangelist for AT&T Cybersecurity, for a lively discussion about the edge computing ecosystem and its impact on security.

During our discussion, we’ll dig into the findings from the 2023 AT&T Cybersecurity InsightsTM Report: Edge Ecosystem that may surprise you, like the most and least likely attack types switching places over the years, and which security measures are most effective to implement and why.

The edge computing journey is a collaborative endeavor eroding organizational silos and fostering closer working relationships among different shareholders in organizations. You’ll discover how these changes increase resilience and improve security – critical elements for delivering safe, effective edge solutions.

The discussion will also cover other research results, including:

-The business drivers for edge use cases.
-The top use cases being deployed and planned.
-How budgets are shifting to support and secure these initiatives.

Industry Leadership Panel: Securing the Edge Ecosystem

The industry-leading AT&T Cybersecurity InsightsTM Report – Edge Ecosystem for US SLED is here! The data is in, the analysis is complete, and we want to share the highlights of this new report with you!

The AT&T Cybersecurity Insights Report: Focus on US SLED examines how state and local government and higher education in the US are changing to support edge, why planning for the edge takes an ecosystem of partners, and why investing in edge use cases can streamline and improve services.

The discussion provides insight into:

-What are the drivers for edge use cases
-Where edge use cases are being deployed
-How budgets are shifting to support edge

Join Theresa Lanowitz, AT&T Cybersecurity Evangelist, as she reveals some of the most thought-provoking observations from our focus on US SLED.

2023 AT&T Cybersecurity Insights Report: Focus on US SLED

Healthcare is moving forward with edge use cases, changing how healthcare is delivered and improving patient outcomes. Our 2023 report reveals what your healthcare peers are planning and doing to embrace edge computing.

The edge computing journey aligns with healthcare’s long-term vision and short-term objectives. It’s a collaborative endeavor that begins to erode organizational silos and foster closer working relationships.

Relying on edge ecosystem partners, you’ll discover how these relationships increase resilience and improve security – critical elements for delivering safe, effective edge solutions.

The discussion focuses on the healthcare research results, including:

-The business drivers for edge use cases.
-The top use cases being deployed and planned.
-How budgets are shifting to support and secure these initiatives.

Join Theresa Lanowitz and Mark Freifeld of AT&T Cybersecurity as they reveal some of the most thought-provoking observations from our new industry-standard report.

Register now!

2023 AT&T Cybersecurity Insights Report: Focus on the Healthcare Edge Ecosystem

XDR helps centralize visibility, improve detections, and automate response. However, the technology and integrations associated with XDR are complex. Service providers have been managing similar complexities for years, and have the experience needed to support deploying and managing the tools that feed into an XDR solution. Join Rakesh Shah, AVP Product Management, as he discusses the realities of XDR and the questions you should be asking as you begin your journey into XDR:

-What is driving the need for XDR?
-Hype and confusion: demystifying XDR
-What are the questions you should be asking?
-How to enable better security and operation outcomes

Meet Your Host
Rakesh Shah
Director, Product Marketing Management, AT&T Cybersecurity

Cutting through the noise of XDR – Are MSSPs the answer?

Join Chris Goettl, VP of Product Management for Security Products at Ivanti, and Theresa Lanowitz, Head Evangelist for AT&T, and discover how edge computing is coming of age.

During our discussion, we’ll dig into insights that may surprise you, like the most and least likely attack types switching places over the years, and we identify which security measures are most effective to implement and why.

The edge computing journey is a collaborative endeavor that begins to erode organizational silos and foster closer working relationships among different shareholders in organizations. You’ll discover how these changes increase resilience and improve security – critical elements for delivering safe, effective edge solutions.

The discussion will also cover other research results, including:

-The business drivers for edge use cases.
-The top use cases being deployed and planned.
-How budgets are shifting to support and secure these initiatives.

Discover how edge computing is coming of age

The edge is getting hit with extortion based threat attacks at an aggressive rate and it is driving discussions in both the SOC and the Board Room. With criminals using DDoS, ransomware encryption and holding exfiltrated data hostage we face a triple threat. 

This talk will cover attack groups, the techniques they use, and how to stop them based on an integrated security strategy.

Join us to gain insight into:

-Impacts based on triple threat attack trends
-Most common attack vectors and methods used
-Best practices to prevent and mitigate these attacks

Join Steve Winterfeld Advisory CISO, Akamai and Theresa Lanowitz, Head of Cybersecurity Evangelism, AT&T Business as they share lessons learned and threat insights from triple extortion on the edge.

Thank you to our sponsor: Akamai

Lessons from Extortion on the Edge

Edge computing is here! Across industries such as manufacturing, retail, healthcare, energy, and transportation edge computing is being used to help drive better business outcomes.
While edge computing happens anywhere, centralized security management may simplify your mission. Find out how convergence can provide resilience, efficiency, and help harmonize IT and OT.  Discover the steps you can take to make this transition. 
 
Join us to gain insight into:
-How edge computing is shaping the future
-How organizations are investing in edge computing
-How to better prepare for the future through collaboration
 
Join Omri Guelfand, Product Management, SASE/NaaS, Cisco Meraki and Theresa Lanowitz, Head of Cybersecurity Evangelism, AT&T Business as they discuss why it is critical to secure your edge ecosystem.
 
Thank you to our sponsor: Cisco

The Benefits of Centralized Security Management for Edge Computing

So, you've got an alarm - or 400 alarms maybe, now what? Security incident investigations can take many paths leading to incident response, a false positive or something else entirely. Join this webcast to see security experts from AlienVault and Castra Consulting work on real security events (well, real at one point), and perform real investigations, using AlienVault USM as the investigative tool. Process or art form? Yes.

You'll learn:
- Tips for assessing context for the investigation
- How to spend your time doing the right things
- How to classify alarms, rule out false positives and improve tuning
- The value of documentation for effective incident response and security controls
- How to speed security incident investigation and response with AlienVault USM

Presenters:

Joe, Tony and Grant, collectively known as "JTaG", have been working with packets one way or another for a combined 50 years. During their tenure at AT&T, they managed IDS for some of the world's largest companies and have used every IDS available from NetRanger to Suricata. They also stood up SIEMs capable of processing billions of events per day in their "Threat Management" SOC environment. These days, they use their powers for good, helping customers of all sizes understand the ever-changing security landscape.

Security Incident Investigations: What am I looking at here?

threat management

SIEM

security incident

Welcome to the virtualization community on BrightTALK! Whether it affects servers, storage, networks, desktops or other parts of the data center, virtualization provides real benefits by reducing the resources needed for your
infrastructure and creating software-defined data center components. However, it can also complicate your infrastructure. Join this active community to learn best
practices for avoiding virtual machine sprawl and other common virtualization pitfalls as well as how you can make the most of your virtualization environment.

Virtualization

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Security Incident Investigations: What am I looking at here?

Presented by

About this talk

More from this channel