What Your Organization Can Learn From A Global Infrastructure Security Report

This presentation will take a look at the current state of the payment industry and provide experienced-based insight into why this industry continues to become a victim of data breaches. We’ll discuss short comings associated with the current controls employees by many merchants and payment processors and what new tactics can be applied to provide attack mitigations.

In today’s world of advanced persistent threats, security professionals need to implement new methods and strategies to gain the upper hand in protecting their business. Thinking like an attacker isn't really good enough. However, incorporating hacker methodologies & tools will give security teams the situational awareness and intelligence needed to respond quickly to new & previously unknown threats.

Thinking like an attacker isn't good enough, nor are traditional solutions, as smart adversaries already know which technologies they'll disable on your system. However, incorporating the right hacker-like methods and tools can give security teams a new level of situational awareness and context needed to respond quickly to targeted, persistent threats.

Attendees will learn a new approach consisting of four fundamentals: Detect, Remediate, Analyze and Resist. The presentation will provide detailed information including how to:

• Use attacker technology and tools against adversaries to detect their presence on all endpoints
• Incorporate the same stealth techniques that attackers use to remain hidden from you - so you can monitor them
• Leverage forensics at the point of attack to better understand the overall threat
• Use big data analytics to collect and analyze behavioral data across the enterprise

Advanced adversaries refining techniques hourly against a highly complex and constantly evolving enterprises with a Security team that is overwhelmed at a disadvantage immediately causes a chasm in overall Risk for most organizations. Learn how the best teams create more defensible state through enhanced visibility and advanced analytics in order to reduce the risk gap and quickly close any window of opportunity for an attacker.

Data Encryption has been spoken about for years, but finally ENCRYPTION importance has come front-page. From the recent Snowden NSA Affair to major data breaches at Target, companies now have no choice but to consider securing their data at the source.

This presentation will introduce you to your responsibilities in providing your customers with the Due Diligence (Risk Control and Executive Management Oversight) and Due Care (Continuous Monitoring through Security Practices, Procedures, Policies, Processes and Standards) that their personal data deserves.

ESET security researcher Lysa Myers reports on developments in healthcare IT system security that she observed attending the recent HIMSS conference in Orlando. Find out what is being done to better protect patient data privacy.

In this webinar, Ron answers the question, "how do we provide for the common defense in the digital age?" With continuous advances in technology, this question can pose a big problem for organizations developing or modifying a security strategy.

Join Ron as he covers the basics of defense against the most problematic vulnerabilities, the tools at your disposal to fight them, and a T.A.C.I.T security strategy that you can implement today in your organization.

The rising scale and complexity of IT has opened more opportunities than ever for abuse and attack. Can our latest advances in data science and software-based environments also redefine threat and risk management options? This presentation highlights examples of new and innovative approaches that successfully have reduced risk even across different-sized organizations.

Privacy risk mitigation is not just regulatory compliance. The public is setting the tone for what is appropriate for information that is not yet regulated. And it is within that space, the unregulated space, where the big risks and career opportunities lay. Tune in to hear how privacy is an emerging disruptive force in infosec.

Hear from mobile security experts how mobile attacks are perpetrated and what can be done to stop them. Michael Shaulov, co-founder and CEO of Lacoon Mobile Security, will discuss the current mobile threat landscape and the anatomy of emerging iOS and Android attacks. He will explain why existing security solutions are simply not equipped to protect enterprises from the emerging advanced mobile threats facing most enterprises today. Shaulov will also provide the new requirements for security in this mobile age and detail the capabilities needed to effectively detect and mitigate the wide variety of mobile threat vectors. Attendees should walk away from this presentation with a clear understanding of the risks they are facing and how they can effectively manage and embrace mobility, without fear.

At this webinar attendees will learn the top five audit, compliance and security challenges facing IT managers and network architects today and hear an overview of the solutions available to identify and respond to these challenges. No single solution can address the rigorous requirements for audit and compliance as well as the dynamic nature of the security threats facing enterprise and service provider networks. This webinar will review three practical use cases that can be implemented immediately, offer tips to help you evaluate both "bump in the wire" and "bump in the stack" best-in-breed products, and discuss how to integrate various products with security information and event management (SIEM) systems. Attendees will leave this session with a clear understanding of the top five things they can do to improve network monitoring and security in their network.

A portion of this webinar includes a presentation by John Masserini, VP & Chief Security Officer, MIAX Options titled, "Advanced Intelligent Threat Management"

Advanced Intelligent Threat Management is the ability to leverage the multitude of public & private sources into a cohesive threat indicator. By analyzing the various threat indicators and understanding the reliability of those sources and how to integrate them into the overall risk profile. By using Open Source big data tool suites, you are able to determine, in near-real time, the potential impact of an threat has to your specific organization. This presentation will give a brief, high level overview of the technologies and approaches to leveraging existing systemic information and external threat indicators to develop a more proactive security program.

The Show Must Go On! How Stevie Wonder, Paul Simon, Bob Marley and Charlie Daniels prepared me for the Security Industry. This highly entertaining and relevent presentation maps the skills needed in my first career as a recording engineer for live productions to best practices for cyber security incident reporting and escalation. A great case for interdisciplinarianism.

Our cyber-security education system fails to train adequately. We don’t teach history – to our own detriment. We don’t create a foundation of actionable knowledge, instead relying on book knowledge. We don’t explore interdisciplinary synergies and we have failed to embrace failure as a well-earned skill set. In the music business, we had to deal with constant failures, beginning with equipment malfunctions in our DIY world. We had to be able to fix on the fly and deal with the human foibles of musicians and unions (i.e., users).

Join me in looking at decades of technology and how so much of we have all learned in “Prior Lives” can be the live lessons for how we deal with information security.

Addressing virtually any of the current security mega-trends – government surveillance, privacy regulation, BYOD, cloud computing and big data - drives the need for more cryptography across core systems infrastructure and critical business applications. Whether encrypting sensitive data, strengthening IDs and credentials or digitally signing documents and software the actual security benefits you gain depend heavily on how you manage your cryptographic keys. Key management is not a simple task and it carries with it serious business continuity issues, real operational costs and is frequently a point of scrutiny for auditors. The days of using spreadsheets and thumb drives for managing cryptographic keys are numbered.
During this session we will look at the types of keys that organizations have to manage, and how the key management challenge varies across multiple use cases in the enterprise. We’ll cover developments in the area of key management technologies, new standards that are emerging and preview the results of a global survey on the use of encryption and key management practices.

45% of data breaches reported in 2013 were from the medical and healthcare sector. ESET researcher Lysa Myers looks at information security in the healthcare industry and how we can do better when it comes to protecting the privacy of patient data.

On January 2, FireEye announced that it had acquired Mandiant, the leading provider of security incident response management solutions, creating a united front against cyber threats.

In a live webinar with FireEye and Mandiant executives, learn why traditional security technologies are unable to address today's threat landscape and why complete, continuous threat protection requires real-time detection, contextual threat intelligence, and rapid incident response.

Why you should attend:
•Learn about the FireEye acquisition of Mandiant.
•Understand today's threat landscape, including the damage being caused from new advanced techniques.
•Discover how FireEye and Mandiant together stop advanced attacks at the earliest phases of the attack lifecycle.

With consumers and customers more concerned than ever about their data privacy, you need to be sure your business is doing enough to protect personally identifiable information (PII). ESET security and privacy expert Stephen Cobb explains how smart privacy strategies not only protect your company, but win you more business.

Arbor’s 9th Annual Worldwide Infrastructure Security Report (WISR) gives IT security professionals a rare view into the most critical security challenges facing today’s networks. This annual report is designed to help you make more informed decisions about your enterprise network security strategies in 2014 and beyond. Find out what types of attacks are top of mind for enterprises today and gain insight into the growth of application layer DDoS attacks and advanced targeted attacks.
Join this web seminar to learn:

- The growth of DDoS attacks against enterprise networks and mobile devices

- How an increase in DNS attacks led to enterprise website outages

- How some of the largest network operators are handling advanced targeted attacks on a network levelJoin this web seminar to learn:

- The growth of DDoS attacks against enterprise networks and mobile devices

- How an increase in DNS attacks led to enterprise website outages

- How some of the largest network operators are handling targeted attacks on a network level

Join Cliff Neve. Vice President of the Hacker Academy and MAD Security, to discuss some points that prove problematic when it comes to leading your team and implementing a cyber security framework. Topics discussed include:

--Gaining Executive Level Buy-In
--Balancing operations and Security
--Creating a Sense of Urgency
--Making every employee a sensor
--Sticky messaging
--Winning at the Budget Game

Cliff brings a lot of experience from many different angles to this webinar. Over his military career he held such leadership positions as Deputy CIO of the White House Communications Agency, Chief of Staff at Coast Guard Cyber Command, and Assistant Program Manager for C4ISR for the $24B Coast Guard Acquisition effort.

Get the “must know” details about PCI DSS 3.0 from one of the original authors of PCI DSS 1.0. PCI expert, Didier Godart, explains:
Which changes are most significant
How the changes will impact you & what actions you need to take
How to incorporate the updates into your priorities
The latest changes to PCI DSS 3.0 involve clarifications, additional guidance, evolving requirements, better documentation and scoping, and importantly –necessary action from IT and security teams.

The National Security Agency (NSA) are acknowledged world-class experts on encryption technology. Yet, Edward Snowden, a junior consultant working for the Agency, managed to bypass all security to download and steal many gigabytes of highly classified information. This session will examine how it all went wrong for the vaunted NSA and what enterprises can learn about using encryption to protect their own sensitive information.