Data-Centric Security: Staying Ahead of the Threat Curve
Over recent years, several organizations have suffered damaging data breaches where sensitive data was stolen.Alarmingly, things seem to be getting worse, and the results can be devastating. With the expanding threat landscape and the rise of the data-centric enterprise, companies must have parallel development of their security architecture to protect their sensitive data. But in the time it’s taken for data security to catch up with the changing environment, organizations have found their compliance and data protection programs vulnerable.
CISOs must take steps to protect data that is expanding in volume, variety and velocity, and adopt security perimeters around identity attributes and data-centric security. Sensitive data must be continuously monitored for situational awareness and risk management, and CISOs should follow policies that encompass all data silos if they are to avoid security chaos. Enterprises must have an understanding of where sensitive data resides, who has access to it, and how it is impacted by new types of threats and vulnerabilities. Armed with these capabilities, CISOs can enhance sensitive data security to stay ahead of the threats, maintain regulatory compliance, and improve operational efficiency.
Attend this panel discussion as we discuss the key issues which CISOs should be addressing today.
RecordedSep 21 201660 mins
Your place is confirmed, we'll send you email reminders
Driven by demands for increased speed, automation and efficiency, organisations are about to face a period of significant technological upheaval. Digitisation promises much, and development of the next generation of technologies will bring significant benefits to business and society. To survive in the digital world organisations will have to adapt. To thrive, they will need to evolve. Exploiting digital interconnectivity, competing in the digital arena while understanding the implications of a digital cold war will all become business as usual challenges for industry over the coming months and years.
In this webinar, Steve Durbin, Managing Director, ISF will identify the key changes to the digital landscape over the next two years, focusing on emerging threats and means of mitigating their impact.
While the board ‘get cyber’, questions remain around embedding cyber risk management into business strategy execution. For many CISOs, strategy alignment represents the best opportunity to engage with the board and ensure a business-driven approach to managing cyber risk.
So how should business leaders develop, update and execute business strategy with so many cyber-related implications? How can organisations meet their business goals, against a backdrop of increasing cybersecurity costs, greater regulatory scrutiny and increased frequency and magnitude of data breaches?
In this webinar, Mark Chaplin, Principal, ISF will discuss the significance of aligning security strategy with business strategy. Mark will draw on executive engagement, exploring the essential factors for success and highlighting the pitfalls to avoid.
Organisations are constantly under threat with over two-thirds of them experiencing data breaches in 2018. As a result, preparedness and resiliency are paramount to protecting an organisation’s information from cyber attacks.
Business leaders and their security teams can improve their ability to handle cyber attacks by running cyber security exercises. These exercises should help the organisation identify areas of improvement in people, process and technology, reducing the impact should a real cyber attack occur.
In this webinar Daniel Norman, Research Analyst, ISF will share how organisations should approach running internal cyber security exercises to support breach identification, prevention and response.
Organisations in 2019 will be increasingly faced with a hyper-connected world where the pace and scale of change – particularly in terms of technology – will accelerate substantially. Business leaders need to develop cutting-edge ways to deal with new regulation, advanced technology and distorted information.
In this webinar, Steve Durbin, Managing Director, ISF will discuss the threats organisations will be facing in 2019 and how business leaders and their security teams can address them. The emerging cyber threats to lookout for include:
-The increased sophistication of cybercrime and ransomware
-The impact of legislation
-The myth of supply chain assurance
-Smart devices challenge data integrity
About the presenter
Steve Durbin is Managing Director of the Information Security Forum (ISF). His main areas of specialism include strategy, information technology, cybersecurity and the emerging security threat landscape across both the corporate and personal environments.
Emma Bickerstaffe, Senior Research Analyst and Benoit Heynderickx, Principal Analyst, ISF LTD
Organisations increasingly rely on cloud services, motivated by the benefits of scalability, accessibility, flexibility, business efficiencies and reduced IT costs. However, there are several security implications that organisations need to address, including the challenge of verifying identity and managing access to cloud services.
Cloud services bring added complexity to identity and access management, exacerbated by the distribution of data across a myriad of applications accessed by users from multiple devices and locations. Failure to adequately implement user authentication and access control in the cloud can be exploited by attackers to gain access to users’ credentials, manipulate systems and compromise data.
In this webinar, Senior Research Analyst Dr Emma Bickerstaffe and Principal Analyst Benoit Heynderickx will discuss identity management, access control and user authentication in the cloud environment, and consider how organisations can effectively tackle this security concern.
With the ever-increasing frequency and sophistication of security threats to organisations, business leaders need to have a comprehensive data security strategy to protect themselves. Information security practitioners have to think and plan beyond existing protection capabilities that are aimed at preventing threats only. Today's cyber security strategies need to protect an organisations mission critical assets in a way that is:
‒ balanced, providing a mixture of informative, preventative and detective security controls that complement each other
‒ comprehensive, providing protection before, during and after threat events materialise into security incidents
‒ end-to-end, covering the complete information life cycle.
This will enable organisations to match the protection provided with the sophistication of threats to such mission critical information assets. This webinar will look at past and present models and share ideas on how organisations can ‘future proof’ their strategies to combat next generation threats.
In particular in this webinar, Nick Frost, Principal Consultant at the ISF will discuss what actions can be taken to identify your most critical information assets, and how a modern day cyber security model needs to focus on prevention and detection of a data breach, and how to respond to a breach in order to reduce damage to brand and reputation.
Nick Frost (Principal Consultant, ISF) | Raja Mukerji (ExtraHop) | Patrick Grillo (Fortinet) | Rob McGovern (LogRhythm)
What are the lessons learned from the biggest ransomware attacks to date (Wannacry, NotPetya)? How are organizations preparing against the next big attack?
Join top security experts for this interactive Q&A discussion on:
- Trends in ransomware attacks
- Backups, patches and other ways to protect your data
- How to bolster your organization's security culture
- Other threats on the horizon
- Nick Frost, Principal Consultant, Information Security Forum (ISF)
- Raja Mukerji, Co-Founder and President, ExtraHop
- Patrick Grillo, Senior Director Solutions Marketing, Fortinet
- Rob McGovern, Technical Product Manager, LogRhythm
The session will be streamed LIVE from London from the Infosecurity Europe conference.
Data protection has always been important, but with the GDPR deadline looming and data sharing scandals shaking consumer confidence, securing personal data has never been more vital. The GDPR is leading businesses across the world to evaluate, and in many cases modify their data processing activities in line with upcoming law.
So what if you’ve left it too late? What are the key steps you can take to work towards GDPR compliance, even after deadline day?
Join us in this webinar with Alex Jordan, Senior Analyst at the Information Security Forum as he shares:
-The ISF’s phased approach to GDPR implementation
-Ways to determine the criticality of data and how to protect it appropriately
-The urgent actions that a business can take to get GDPR compliance started
-Common myths surrounding the GDPR, and guidance on cutting through the noise.
Cyber has become a strategic issue and for many companies is now a business enabler and increasingly a form of competitive advantage. However it is clear that it remains difficult for Board's to get the “right” management information to support their cyber risk discussions and decision making.
So how can Board's ensure that they are asking the right questions when it comes to an organisation’s cyber posture and how can CISOs maintain and improve the Board’s attention in this fast-moving space? This webinar will look at the challenges faced by CISOs and Board members and offer insights into how to successfully approach cyber security at Board level.
About the presenter:
Steve Durbin is Managing Director at the Information Security Forum (ISF). His main areas of specialism include strategy, information technology, cybersecurity and the emerging security threat landscape across both the corporate and personal environments.
The expectation from the start of 2017 – that we hadn’t seen the back of ransomware – was justified. 2017 was plagued with global attacks such as Petya, WannaCry, Bad Rabbit and many others. Unfortunately, 2018 could be even worse.
With ransomware continuously developing new delivery techniques, organisations must learn how to prepare and protect themselves from the threat of ransomware, but how can they do this?
In this webinar, Nick Frost, Principal Consultant at the ISF, will explore the latest threats in ransomware and what organisations can do to minimise vulnerabilities to reduce risks of an attack.
About the presenter:
Nick is currently the Principal Researcher for the Information Security Forum (ISF) Ltd. He has more than 15 years’ experience designing and implementing a risk-based approach to securing information. He has developed leading solutions for evaluating risk across both internal and supplier environments.
While cyberspace continues to provide opportunities for organisations they risk becoming disorientated and losing their way in a maze of uncertainty, as they grapple with complex technology, proliferation of data and increased regulation.
In this webinar Steve Durbin, Managing Director, ISF, discusses the threats organisations will be facing in 2018 and offers insights into how to address them.
Technology will underpin all aspects of modern society by 2019, profoundly impacting the way people live and work. Business leaders face a stark dilemma; should they rush to adopt new technology and risk major fallout if things go wrong; or wait and potentially lose ground to competitors. Organisations that are well informed about emerging technologies and corresponding threats will be best placed to make winning decisions.
In this webinar, Steve Durbin, Managing Director, ISF, will examine the threats that organisations will be dealing with over the next two years and will provide advice on the best ways of handling them.
Mission critical assets can represent 80% of an organisation's total value. As critical assets are not always obvious, few organisations understand the extent to which these are exposed and need to be protected.
In this Webinar, Steve Durbin, Managing Director of the ISF, explains how to:
•identify an organisations mission critical information assets and the greatest threats to them
•determine how to counter adversarial threats
•determine the right protection to put in place and how to implement these protections.
Moderated by Mark Chaplin, ISF; with panelists: Carole Murphy, HPE; Les McMonagle, Blue Talon; Cheryl Tang, Imperva.
In today’s threat landscape, traditional approaches to securing data are falling short. Since 2015 we have seen some of the largest data breaches ever and it is clear that no industry or organization is immune from cyber attacks. The threat landscape is increasingly dangerous, while new technologies are distributing sensitive data farther across locations, devices and repositories. Starting in May 2018, enforcement will kick in on the European Union’s General Data Protection Regulation (GDPR), a move that could have a stronger privacy/security standardization effect than any technological effort has to date. Globalization efforts will make GDPR compliance essential for global companies wherever they are located.
The development of a comprehensive data-centric security program, including data discovery, classification, encryption, and file protection, can uniquely position your organization to protect what matters most, and make security move with your data to comply with global regulations such as GDPR. On this webinar our panel of experts will discuss the key points that you should consider when developing such a program for your organization.
People remain a wild card to the cyber security of an organisation. Many businesses recognise people as their biggest asset, yet still fail to recognise the need to secure the human element of information security.
In this webinar Steve Durbin, Managing Director of the ISF, tackles the question: How can organisations make people their strongest line of defence against cyber attack?
Many organisations are still unclear as to how they will meet the requirements of the EU GDPR legislation which will come into effect in May 2018. Fundamentally organisations need to start preparing for this now.
In this webinar Steve addresses some of the key questions organisations are asking such as: does the EU GDPR regulation apply to me? how should I prepare for this legislation? and what additional resources do I need?
As the scale and sophistication of cyber attacks increases, businesses need to manage risk in ways beyond those traditionally handled by the information security function.
In this webinar, Steve Durbin, Managing Director, ISF will offer insights into how security and business teams across the organisation can work together to minimise the impact of cyber attacks on shareholder value and business reputation.
The pace and scale of information security threats continues to accelerate, endangering the integrity of trusted organisations. Although cyberspace offers opportunities for leading organisations, this environment is uncertain and potentially dangerous. It is a place where hacktivists and cybercriminals are honing their skills and governments are introducing new regulation and legislation in response to major incidents and public concerns. Organisations are forced to continually adapt and rapidly respond.
In this webinar, Steve Durbin Managing Director at the ISF, will discuss the rapidly changing threat landscape, identify the key cyber challenges for 2017 and suggest ways of managing the associated risks.
In May 2018 the EU’s General Data Protection Regulation (GDPR) will take effect. The GDPR upholds the protection of personal data and increases the accountability of organisations processing any personal details belonging to EU citizens- with severe penalties for those who do not comply.
In this webinar Steve Durbin, Managing Director at the ISF, discusses why it is important for the security and data privacy teams to work together to run risk assessments on their most critical information assets and to develop checklists, policies and procedures that can be implemented internally and with third party suppliers. Only by taking this approach will organisations be able to remain agile, maintain customer confidence and demonstrate that they are ‘GDPR ready.’
Last week Yahoo was hit with the biggest data breach of all time; with an estimated 500 million customer accounts compromised by hackers. The attack will have significant rippling effects on consumer trust, data protection standards and information security practices. The legal battle is now also only just beginning, with two key cases being heard in California, as Yahoo is sued for data-protection negligence.
But what will does all this mean to your business? Do you feel compromised professionally or personally? Were key mistakes made that you can avoid? How can you best prepare (in terms of incident response) to such a breach? Will the attack have lasting effects or will it disappear into the annuls of history alongside the Ashley Maddison, Target and Linkedin hacks. All these questions and more will be answered live, over webcam by Security expert and Managing Director of the ISF Steve Durbin.
Tune in, ask your burning questions and join the conversation on BrightTALK.
Live monthly webcasts for CISO’s and business leaders
Steve Durbin, Managing Director of ISF Ltd will present the 2017 ISF webinar series: "In pursuit of the secure organisation..."
Steve will be sharing thought leadership and guidance drawn from ISF Members (which include many of the world’s leading Fortune and Forbes listed organisations) on how to address the following issues facing businesses and their security teams.
1. Cyber attack trends
2. EU GDPR regulations
3. The role of the end user
4. Critical Asset Management
5. Protecting against the evolving threatscape
6. 2018: Threats on the horizon.
Data-Centric Security: Staying Ahead of the Threat CurveDr Branden Williams; Robert Shields, Informatica; Steve Durbin, VP of the ISF; Farshad Ghazi, HPE Security - Data Security[[ webcastStartDate * 1000 | amDateFormat: 'MMM D YYYY h:mm a' ]]59 mins