Hi [[ session.user.profile.firstName ]]

Payment Industry Data Breaches

This presentation will take a look at the current state of the payment industry and provide experienced-based insight into why this industry continues to become a victim of data breaches. We’ll discuss short comings associated with the current controls employees by many merchants and payment processors and what new tactics can be applied to provide attack mitigations.
Recorded Mar 18 2014 49 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Nicholas J. Percoco, Director – Information Protection, KPMG
Presentation preview: Payment Industry Data Breaches

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • What does your Business need to know about Encryption? Recorded: Mar 19 2014 59 mins
    Stephen Cobb, Senior Security Researcher, ESET
    With confidential data under attack on many fronts, it is time to look at how encryption can protect data access and what your business could be doing to employ encryption, from servers to endpoints to removable media.
  • Payment Industry Data Breaches Recorded: Mar 18 2014 49 mins
    Nicholas J. Percoco, Director – Information Protection, KPMG
    This presentation will take a look at the current state of the payment industry and provide experienced-based insight into why this industry continues to become a victim of data breaches. We’ll discuss short comings associated with the current controls employees by many merchants and payment processors and what new tactics can be applied to provide attack mitigations.
  • Using Hackers' Own Methods & Tools to Defeat Persistent Threats Recorded: Mar 12 2014 40 mins
    Michael Davis, CTO, CounterTack
    In today’s world of advanced persistent threats, security professionals need to implement new methods and strategies to gain the upper hand in protecting their business. Thinking like an attacker isn't really good enough. However, incorporating hacker methodologies & tools will give security teams the situational awareness and intelligence needed to respond quickly to new & previously unknown threats.

    Thinking like an attacker isn't good enough, nor are traditional solutions, as smart adversaries already know which technologies they'll disable on your system. However, incorporating the right hacker-like methods and tools can give security teams a new level of situational awareness and context needed to respond quickly to targeted, persistent threats.

    Attendees will learn a new approach consisting of four fundamentals: Detect, Remediate, Analyze and Resist. The presentation will provide detailed information including how to:

    • Use attacker technology and tools against adversaries to detect their presence on all endpoints
    • Incorporate the same stealth techniques that attackers use to remain hidden from you - so you can monitor them
    • Leverage forensics at the point of attack to better understand the overall threat
    • Use big data analytics to collect and analyze behavioral data across the enterprise
  • Defending the Enterprise: Staying Secure in the Face of New Threats Recorded: Mar 12 2014 48 mins
    Rocky DeStefano, VP Strategy and Technology, Click Security
    Advanced adversaries refining techniques hourly against a highly complex and constantly evolving enterprises with a Security team that is overwhelmed at a disadvantage immediately causes a chasm in overall Risk for most organizations. Learn how the best teams create more defensible state through enhanced visibility and advanced analytics in order to reduce the risk gap and quickly close any window of opportunity for an attacker.
  • 2014 – the Year of Data Encryption and Data Protection Recorded: Mar 11 2014 40 mins
    Jay SCARAMAZZO, CIPM, CIPP/E, CIPP/US, CIA, CISA, CRISC, CRMA, ACDA, CSPO, CIFE, MBA
    Data Encryption has been spoken about for years, but finally ENCRYPTION importance has come front-page. From the recent Snowden NSA Affair to major data breaches at Target, companies now have no choice but to consider securing their data at the source.

    This presentation will introduce you to your responsibilities in providing your customers with the Due Diligence (Risk Control and Executive Management Oversight) and Due Care (Continuous Monitoring through Security Practices, Procedures, Policies, Processes and Standards) that their personal data deserves.
  • HIMSS 2014 recap: Latest trends seen at HIMSS Recorded: Mar 5 2014 55 mins
    Lysa Myers, Security Researcher at ESET
    ESET security researcher Lysa Myers reports on developments in healthcare IT system security that she observed attending the recent HIMSS conference in Orlando. Find out what is being done to better protect patient data privacy.
  • Institutionalizing Cyber Protection for Critical Assets Recorded: Feb 26 2014 35 mins
    Dr. Ron Ross, Computer Security Division, Information Technology Laboratory
    In this webinar, Ron answers the question, "how do we provide for the common defense in the digital age?" With continuous advances in technology, this question can pose a big problem for organizations developing or modifying a security strategy.

    Join Ron as he covers the basics of defense against the most problematic vulnerabilities, the tools at your disposal to fight them, and a T.A.C.I.T security strategy that you can implement today in your organization.
  • Redefine Threat and RIsk Management Recorded: Feb 20 2014 48 mins
    Davi Ottenheimer, Senior Director of Trust, EMC Corporation
    The rising scale and complexity of IT has opened more opportunities than ever for abuse and attack. Can our latest advances in data science and software-based environments also redefine threat and risk management options? This presentation highlights examples of new and innovative approaches that successfully have reduced risk even across different-sized organizations.
  • Privacy as a Disruptive Force: Presenting New Risks and Opportunities Recorded: Feb 19 2014 32 mins
    Jeff Northrop
    Privacy risk mitigation is not just regulatory compliance. The public is setting the tone for what is appropriate for information that is not yet regulated. And it is within that space, the unregulated space, where the big risks and career opportunities lay. Tune in to hear how privacy is an emerging disruptive force in infosec.
  • The Anatomy of iOS and Android Attacks and How to Stop Them Recorded: Feb 19 2014 49 mins
    Michael Shaulov, co-founder and CEO of Lacoon Mobile Security
    Hear from mobile security experts how mobile attacks are perpetrated and what can be done to stop them. Michael Shaulov, co-founder and CEO of Lacoon Mobile Security, will discuss the current mobile threat landscape and the anatomy of emerging iOS and Android attacks. He will explain why existing security solutions are simply not equipped to protect enterprises from the emerging advanced mobile threats facing most enterprises today. Shaulov will also provide the new requirements for security in this mobile age and detail the capabilities needed to effectively detect and mitigate the wide variety of mobile threat vectors. Attendees should walk away from this presentation with a clear understanding of the risks they are facing and how they can effectively manage and embrace mobility, without fear.
  • Facing the Challenges of Network Security Recorded: Feb 19 2014 48 mins
    John Masserini, VP & Chief Security Officer, MIAX Opt and Bruce Tolley, Phd, VP Solutions and Technical Marketing, Solarflare
    At this webinar attendees will learn the top five audit, compliance and security challenges facing IT managers and network architects today and hear an overview of the solutions available to identify and respond to these challenges. No single solution can address the rigorous requirements for audit and compliance as well as the dynamic nature of the security threats facing enterprise and service provider networks. This webinar will review three practical use cases that can be implemented immediately, offer tips to help you evaluate both "bump in the wire" and "bump in the stack" best-in-breed products, and discuss how to integrate various products with security information and event management (SIEM) systems. Attendees will leave this session with a clear understanding of the top five things they can do to improve network monitoring and security in their network.

    A portion of this webinar includes a presentation by John Masserini, VP & Chief Security Officer, MIAX Options titled, "Advanced Intelligent Threat Management"

    Advanced Intelligent Threat Management is the ability to leverage the multitude of public & private sources into a cohesive threat indicator. By analyzing the various threat indicators and understanding the reliability of those sources and how to integrate them into the overall risk profile. By using Open Source big data tool suites, you are able to determine, in near-real time, the potential impact of an threat has to your specific organization. This presentation will give a brief, high level overview of the technologies and approaches to leveraging existing systemic information and external threat indicators to develop a more proactive security program.
  • I Survived Rock'n'Roll: Security Incident Escalation and Response Recorded: Feb 18 2014 53 mins
    Winn Schwartau, CEO, The Security Awareness Company
    The Show Must Go On! How Stevie Wonder, Paul Simon, Bob Marley and Charlie Daniels prepared me for the Security Industry. This highly entertaining and relevent presentation maps the skills needed in my first career as a recording engineer for live productions to best practices for cyber security incident reporting and escalation. A great case for interdisciplinarianism.

    Our cyber-security education system fails to train adequately. We don’t teach history – to our own detriment. We don’t create a foundation of actionable knowledge, instead relying on book knowledge. We don’t explore interdisciplinary synergies and we have failed to embrace failure as a well-earned skill set. In the music business, we had to deal with constant failures, beginning with equipment malfunctions in our DIY world. We had to be able to fix on the fly and deal with the human foibles of musicians and unions (i.e., users).

    Join me in looking at decades of technology and how so much of we have all learned in “Prior Lives” can be the live lessons for how we deal with information security.
  • Look after your keys and they will look after you - The five steps to sound key Recorded: Feb 18 2014 49 mins
    Richard Moulds, Thales e-Security VP of Strategy and Product Marketing
    Addressing virtually any of the current security mega-trends – government surveillance, privacy regulation, BYOD, cloud computing and big data - drives the need for more cryptography across core systems infrastructure and critical business applications. Whether encrypting sensitive data, strengthening IDs and credentials or digitally signing documents and software the actual security benefits you gain depend heavily on how you manage your cryptographic keys. Key management is not a simple task and it carries with it serious business continuity issues, real operational costs and is frequently a point of scrutiny for auditors. The days of using spreadsheets and thumb drives for managing cryptographic keys are numbered.
    During this session we will look at the types of keys that organizations have to manage, and how the key management challenge varies across multiple use cases in the enterprise. We’ll cover developments in the area of key management technologies, new standards that are emerging and preview the results of a global survey on the use of encryption and key management practices.
  • Data Privacy for Healthcare Recorded: Feb 13 2014 39 mins
    Lysa Myers, Security Researcher at ESET
    45% of data breaches reported in 2013 were from the medical and healthcare sector. ESET researcher Lysa Myers looks at information security in the healthcare industry and how we can do better when it comes to protecting the privacy of patient data.
  • FireEye + Mandiant - 4 Key Steps to Continuous Threat Protection Recorded: Jan 29 2014 59 mins
    Manish Gupta, SVP of Products, FireEye; Dave Merkel, CTO and VP of Products, Mandiant
    On January 2, FireEye announced that it had acquired Mandiant, the leading provider of security incident response management solutions, creating a united front against cyber threats.

    In a live webinar with FireEye and Mandiant executives, learn why traditional security technologies are unable to address today's threat landscape and why complete, continuous threat protection requires real-time detection, contextual threat intelligence, and rapid incident response.

    Why you should attend:
    •Learn about the FireEye acquisition of Mandiant.
    •Understand today's threat landscape, including the damage being caused from new advanced techniques.
    •Discover how FireEye and Mandiant together stop advanced attacks at the earliest phases of the attack lifecycle.
  • What Does Data Privacy Mean for Your Business? Recorded: Jan 29 2014 53 mins
    Stephen Cobb, Sr. Security Researcher, ESET North America
    With consumers and customers more concerned than ever about their data privacy, you need to be sure your business is doing enough to protect personally identifiable information (PII). ESET security and privacy expert Stephen Cobb explains how smart privacy strategies not only protect your company, but win you more business.
  • The Next Frontier for the Mobile Enterprise Recorded: Jan 29 2014 44 mins
    Robin Daniels and Amanda Brophy, Box
    Did you know that more than 1.5Bn mobile devices will be shipped in 2016? These devices are more powerful than ever, empowering users to access, share, and collaborate on information in new ways that we never thought possible.

    Join us as we explore current trends in enterprise mobility and how to get ahead of the explosion in devices that will soon hit your company.
  • What Your Organization Can Learn From A Global Infrastructure Security Report Recorded: Jan 28 2014 45 mins
    Rakesh Shah, Arbor Networks
    Arbor’s 9th Annual Worldwide Infrastructure Security Report (WISR) gives IT security professionals a rare view into the most critical security challenges facing today’s networks. This annual report is designed to help you make more informed decisions about your enterprise network security strategies in 2014 and beyond. Find out what types of attacks are top of mind for enterprises today and gain insight into the growth of application layer DDoS attacks and advanced targeted attacks.
    Join this web seminar to learn:

    - The growth of DDoS attacks against enterprise networks and mobile devices

    - How an increase in DNS attacks led to enterprise website outages

    - How some of the largest network operators are handling advanced targeted attacks on a network levelJoin this web seminar to learn:

    - The growth of DDoS attacks against enterprise networks and mobile devices

    - How an increase in DNS attacks led to enterprise website outages

    - How some of the largest network operators are handling targeted attacks on a network level
  • 3 Steps to Secure Content Sharing Recorded: Jan 28 2014 60 mins
    Rob Koplowitz (Forrester), Ted Schadler (Forrester), Whitney Bouck (Box)
    Consumer sync and share tools help people access and send personal files, but smart IT leaders know that businesses require more than just ease-of-use. Strong security, mobile support, and deployment architecture are just a few of the many important factors to consider when evaluating vendors for a company-wide solution. Where should you start?

    Join guest speakers Rob Koplowitz, VP and Principal Analyst at Forrester Research, Ted Schadler, VP and Principal Analyst at Forrester Research, and Whitney Bouck, SVP & GM of Enterprise at Box, for a complimentary webinar that will help you create a 3-step plan to select the right vendor for your business needs.

    In this webinar, you'll learn:

    -- The current landscape of the content sharing and collaboration market and gain insight into its future
    -- Criteria that Forrester Research uses to evaluate vendors, such as mobile support, security, and deployment architecture
    -- How to identify your unique requirements and create a shortlist of providers to pilot
  • Leadership Lessons on Cyber Security Recorded: Jan 23 2014 37 mins
    Cliff Neve, Vice President of the Hacker Academy and MAD Security
    Join Cliff Neve. Vice President of the Hacker Academy and MAD Security, to discuss some points that prove problematic when it comes to leading your team and implementing a cyber security framework. Topics discussed include:

    --Gaining Executive Level Buy-In
    --Balancing operations and Security
    --Creating a Sense of Urgency
    --Making every employee a sensor
    --Sticky messaging
    --Winning at the Budget Game

    Cliff brings a lot of experience from many different angles to this webinar. Over his military career he held such leadership positions as Deputy CIO of the White House Communications Agency, Chief of Staff at Coast Guard Cyber Command, and Assistant Program Manager for C4ISR for the $24B Coast Guard Acquisition effort.
Cybersecurity knowledge center with focus on Social Media Security
This channel is ideal for Information Security professionals interested in exploring emerging cybersecurity threats, primarily those stemming from social networking platforms.
UKI is an information technology and information security training provider and the creator of the industry’s most comprehensive Social Media Security Training and Certification program powered by CompTIA. For the past 15 years, UKI has been the preferred training partner for the Department of Defense, Federal Agencies, DOD Contracting Partners, and Fortune 500 companies. For more information, visit http://www.ultimateknowledge.com

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Payment Industry Data Breaches
  • Live at: Mar 18 2014 5:00 pm
  • Presented by: Nicholas J. Percoco, Director – Information Protection, KPMG
  • From:
Your email has been sent.
or close