Hi [[ session.user.profile.firstName ]]

Threat Horizon 2021

Driven by demands for increased speed, automation and efficiency, organisations are about to face a period of significant technological upheaval. Digitisation promises much, and development of the next generation of technologies will bring significant benefits to business and society. To survive in the digital world organisations will have to adapt. To thrive, they will need to evolve. Exploiting digital interconnectivity, competing in the digital arena while understanding the implications of a digital cold war will all become business as usual challenges for industry over the coming months and years.

In this webinar, Steve Durbin, Managing Director, ISF will identify the key changes to the digital landscape over the next two years, focusing on emerging threats and means of mitigating their impact.
Recorded Apr 4 2019 47 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Steve Durbin, Managing Director, ISF LTD
Presentation preview: Threat Horizon 2021

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Threat Horizon 2022: Digital and physical worlds collide Sep 2 2020 12:00 pm UTC 45 mins
    Steve Durbin, Managing Director, ISF
    The digital and physical worlds are on an irreversible collision course. By 2022, organisations will be plunged into crisis as ruthless attackers exploit weaknesses in immature technologies and take advantage of an unprepared workforce. At the same time, natural forces will ravage infrastructure.

    In this ISF Webinar, Steve Durbin, Managing Director of the Information Security Forum, will present the key findings from the Threat Horizon 2022: Digital and physical worlds collide report, highlighting the significant threats cyber professionals should expect over the coming years and some of the key actions that they should consider now.

    The webinar will present nine potential threats driven by global events and major developments. These threats are group into three main themes:
    1.Invasive technology disrupts the everyday
    2.Neglected infrastructure cripples operations
    3.A crisis of trust undermines digital business.

    Threat Horizon 2022: Digital and physical worlds collide is the latest ISF annual threat outlook report which explores the key cyber threats predicted to impact organisations over the next couple of years.
  • Ransomware Attacks, Don’t be a Victim Jun 18 2020 2:00 pm UTC 45 mins
    Chris Goettl – Director, Project Management, Ivanti
    What do global IT leaders need to be aware of in our current climate? Has the frequency or profile of attacks changed as a result of a higher number of remote workers?

    Join Chris Goettl, Director, Project Management at Ivanti, to gain visibility into the largest security threats and recent attacks that have taken place around the world. Learn about the three-part ransomware strategy of threat actors. We’ll also showcase strategies that can help your IT team be better prepared for the next major event.

    Throughout this webinar you will:

    1.Discover the recent major threats and attacks that IT needs to be aware of
    2.Hear about a 3-part strategy that threat actors use
    3.Learn strategies to prepare for the next major event.
  • Legal and Regulatory Implications for Information Security Jun 16 2020 12:00 pm UTC 45 mins
    Dr Emma Bickerstaffe, Senior Research Analyst, ISF
    Emerging technologies and related information security trends are key drivers for regulatory change. Yet legislative development continues to lag behind the speed and scale of technological innovation. Even once legislation is enacted, laws differ in their scope of applicability, level of prescription and the aspects of information security that they cover.

    During this webinar, Emma Bickerstaffe will introduce the ISF’s interactive guide, Legal and Regulatory Implications for Information Security, which covers over 400 pieces of legislation across 18 different jurisdictions. Emma will outline how you can use this research to navigate the various laws and regulations that impact your organisation’s security practices.

    Throughout this webinar, you will learn:
    -Key areas where legal considerations affect information security activities
    -Developments in EU legislation
    -Legal issues associated with emerging technology and trends.
  • Security Intelligence: Predict the Predictable and Manage What’s Not Jun 11 2020 1:00 pm UTC 45 mins
    Staffan Truvé, Co-Founder & CTO, Recorded Future & Levi Gundert, Senior Vice President Global Intelligence, Recorded Future
    During times of crisis, organizations rely on their security teams to remove layers of uncertainty to help maintain business continuity and stability.

    As operations teams scramble to empower remote workers, opportunistic attackers are doubling down on their efforts. Now more than ever, security teams must emphasize risks over threats.

    Integrating predictive intelligence into the core of your security strategy is the best way to measure, communicate, and mitigate risk during times of great change — while proactively preparing for what’s next.

    On Thursday 11th June at 9:00 AM ET / 2:00 PM BST, Recorded Future Co-Founder and CTO Staffan Truvé, joined by Senior Vice President of Global Intelligence Levi Gundert, will present “Predict the Predictable and Manage What’s Not,” a live webinar outlining:

    oWhat we can learn from 20 plus years of failed security paradigms exacerbated during times of uncertainty
    oHow a risk-based approach can help security teams maximize resources and amplify impact — with a focus on maintaining profitability
    oRecorded Future research on vulnerability exploits and threats linked to geographies and industries impacted by the COVID-19 crisis
  • Threat Intelligence on a budget: using Open Source Intelligence (OSINT) wisely Recorded: May 14 2020 49 mins
    Gareth Haken, Senior Analyst, ISF
    As cyber threats continue to grow in both potency and scale, staying one step ahead of the attackers can make all the difference. Threat intelligence can be a key ally in the fight to not only predict future attacks but also detect current attacks and respond accordingly to minimise impact. Whilst threat intelligence can be costly or difficult to produce, one particular source of threat information is both freely available and rich in content.

    During this webinar, Gareth Haken, Senior Analyst at the ISF, will be talking about Open Source Intelligence (OSINT), its applicability to threat intelligence, the potential benefits and also the challenges and pitfalls that it may bring.
  • Cloud Security 101: Securing Employees in the Office or at Home Recorded: May 12 2020 49 mins
    Neil Thacker, EMEA CISO, Netskope and Ross Asquith, Product Marketing Manager, Netskope
    Organisations everywhere are being forced to deal with a new reality of remote working; and an adoption of cloud applications - particularly those used for collaboration - at a rate and scale that they may not have planned for as part of their Digital Transformation journey.

    Today most of us will be using cloud applications to store and process corporate data, and communicate and collaborate across our organisation. However, it’s worth reminding ourselves of the basics - that a move to the cloud (or the adoption of any new cloud application) introduces new risks and therefore we need to ensure we have mitigating controls.

    Legacy security architectures, such as a hub and spoke model, force remote workers and remote offices to backhaul their cloud and web traffic through a data centre where a traditional secure web gateway (SWG) attempts to manage access and provide protection. The problem is, for most organisations, over 50% of WAN traffic is now destined for the internet and this number increases every year. Backhauling this traffic across the WAN and through the data centre simply wastes bandwidth, and degrades the end user experience.

    Ironically, the traditional SWG being used in the data centre probably doesn’t understand cloud application traffic anyway - and can’t control the activities and data transfers being performed by employees, or protect employees from today’s cloud-enabled threats.

    Join Netskope on this webinar to learn about:

    - Security and compliance considerations when selecting and deploying cloud applications - The additional risks associated with home/remote workers accessing cloud and web - How a Next Generation SWG can provide visibility and control of cloud application usage - Security Transformation, and why it is best achieved using a Secure Access Service Edge (SASE)
  • Third Party Risk Management: How to Conduct a High-Quality Virtual Assessment Recorded: Apr 27 2020 47 mins
    Drew Wilkinson, VP of Customer Success for SecurityScorecard & Jill Czerwinski, Partner, Crowe
    Everyone around the globe is responding to an unfamiliar market landscape where business continuity plans are being tested and stressed. For security teams trying to keep up with not only their own rapidly shifting environment but that of their vendors, third party risk management adds additional layers of complexity. Questions like: Is my supplier capable of delivering what we need? Do their cybersecurity management capabilities remain sound? Should we bring on new vendors to safeguard us against any points of failure?

    In a time where speed is critical and standard operating procedures seem null and void, SecurityScorecard and Crowe will speak to how you can handle vendor assessments online, in a comprehensive manner with confidence. They’ll share how they’ve seen companies pivot and adapt to newly crafted best practices for the current operating environment. Our speakers are veteran subject matter experts in Third Party Risk, Information Security and Data Privacy and have 40+ years of combined industry experience.
    In this session you will learn:
    •The benefits and disadvantages of virtual assessments
    •How to conduct a comprehensive virtual assessment with a fully remote process and framework
    •What pitfalls to avoid in order to ensure a high-quality virtual assessment
  • Phishing and Email Security – Effectively Managing Human Vulnerabilities Recorded: Apr 15 2020 47 mins
    Daniel Norman, Research Analyst, ISF
    In this upcoming ISF Webinar, Daniel Norman, Research Analyst at the ISF, will be discussing the psychological techniques attackers use during phishing campaigns and how organisations can improve phishing training and awareness.

    Nearly all organisations perform some kind of phishing testing on a regular basis, with varying levels of success. Many phishing campaigns are tick-box exercises, are unsuitable and punish behaviour. By understanding attacker techniques we can identify what triggers human behaviour, and thus begin developing phishing training and awareness activities that improve behaviour change.

    This webinar will teach you:
    1. About psychological weaknesses and attacker techniques
    2. Why phishing training is still important
    3. Strengths and weaknesses, and why metrics for success are so difficult.
  • Using Cloud Services Securely: Harnessing core controls Recorded: Mar 25 2020 56 mins
    Benoit Heynderickx, Principal Analyst, ISF
    Cloud computing has evolved at an incredible speed and, in many organisations, has become entwined with the complex technological landscape that supports critical daily operations. Business and security leaders already face many challenges in protecting their existing IT environment; they must now find ways to securely use multiple cloud services.

    In this ISF Webinar, Benoit Heynderickx, Principal Analyst at the Information Security Forum, will discuss the key findings in his research report Using Cloud Services Securely: Harnessing core controls. This report empowers organisations to deploy the right set of security controls and to focus their efforts on the most valuable action that will reduce the likelihood and impact of cloud-related threat events.

    Throughout this webinar, you will learn more about:

    •Critical control areas for securing cloud services
    •Practical experiences and real case scenarios for securing a multi-cloud environment
    •The importance of, and how to deploy and maintain a simple yet effective approach to using cloud services securely.
  • How to Prevent Internal Data Leaks and Protect Personal Data Recorded: Mar 5 2020 49 mins
    Jamie Manuel, VP of Product Management, Titus
    Personal data privacy is becoming a bigger priority in the enterprise and we all bear responsibility for safeguarding our employees, customers, partners, organisational structures, and reputations. Ineffective or nonexistent privacy protection programmes expose organisations to significant risks, both from a financial and legal perspective.

    A recent Titus survey revealed some unsettling data;

    •On average, 22% of emails containing personal data were misidentified by survey respondents
    •30% of respondents did not consider sensitive health information to be personal data
    •13% of respondents did not consider a credit card number to be personal data
    •A company with 1,000 employees might mishandle 2+ million emails/year

    A prime example of how easily sensitive data can be leaked took place recently in the UK, where more than 1,000 notable figures had their home and work addresses posted on a government website. The post was meant to simply highlight people on a new year honors list. Instead, sensitive personal information was made public for about an hour. While some organizations have made efforts to build a culture of privacy, many challenges remain.

    So, what can be done?

    Join Jamie Manuel, Titus VP of Product Management, to discuss best practices around data privacy in the enterprise.

    In this webinar you will learn how to:
    •Use automated technology solutions to prevent internal data leakages
    •Optimize your security ecosystem and avoid workflow bottlenecks
    •Use machine learning to reduce false positives

    Webinar details:
    Thursday 5th March 2020
    1pm GMT (8am EST)
  • Emerging Cyber Threats for 2020 Recorded: Dec 10 2019 47 mins
    Steve Durbin, Managing Director, ISF
    In 2020, the pace and scale of change, particularly in terms of technology, will continue to accelerate substantially. Organisations will find themselves caught in a vortex of economic volatility and political uncertainty far beyond the levels experienced in the past. The key separating component for those who will prosper under these circumstances will be the degree to which they are prepared to meet the challenges.

    In this webinar Steve Durbin, Managing Director, ISF will discuss how business leaders and their security teams can address the prevalent emerging threats in the context of:
    •The Race for Technology Dominance
    •Third Parties, Internet of Things (IoT) and the Cloud
  • Securing the IoT: Taming the Connected World Recorded: Nov 18 2019 40 mins
    Andy Jones, Distinguished Analyst, ISF
    The Internet of Things (IoT) has exploded into the connected world and promises much, from enabling the digital organisation to making domestic life richer and easier.

    On Monday 18th November at 1pm BST, Andy Jones, Distinguished Analyst for the Information Security Forum, will introduce the publicly available briefing paper on the Internet of Things.

    Targeted for those who are engaged with the IoT, either in the deployment of industrial or consumer IoT or in their manufacture or retail this webcast will cover:

    1. definitions of the IoT
    2. technical characteristics
    3. fundamental security issues
    4. emerging security practice
    5. legal and regulatory landscapes
  • Beyond the Phish: A Snapshot of End-User Behaviour Recorded: Oct 23 2019 47 mins
    Gretel Egan, Security Awareness Training Strategist, ProofPoint
    Phishing is one of InfoSec's long-standing threats. But for cybercriminals, email is just one entry point of many. How can you better prepare you and other end users in your organization for cybersecurity threats beyond email-based social engineering?

    During this session, we will share results from the Proofpoint’s Beyond the Phish® Report, which examines end-user understanding of a broad range of cybersecurity topics and best practices. The report features an analysis of data related to nearly 130 million cybersecurity questions and offers insights into employee knowledge levels across 14 categories, 16 industries, and more than 20 commonly used department classifications.

    We’ll share:

    - The importance of assessing and training end-users about cybersecurity threats beyond email-based social engineering
    - The strengths and weaknesses among end-users across 14 cybersecurity topics, highlighting how end-user knowledge levels vary across industries which provides a benchmark to compare readiness within your organization
    - A more holistic view of susceptibility by looking beyond knowledge assessments and training activities to discover how this data can differ from simulated phishing attacks
    - How you can use this information to reduce the risk of successful cyber attacks within your organization
  • Improving cyber risk conversations with the Board Recorded: Oct 16 2019 48 mins
    Simon Marvell, Partner, Acuity Risk Management
    According to McKinsey most IT and security executives use manually compiled spreadsheets to report cyber risk data to their Boards; unsurprisingly many Boards are dissatisfied with the reports they receive. Consequently, Boards struggle to get a sense of the overall cyber risk status of the organisation.

    With global spending on cyber security products and services increasing at 8.7% a year, Boards also need assurance that their budgets are being spent well.

    This webinar will provide practical examples of how, with the introduction of some quantitative risk assessment techniques, security leaders can start to improve their conversations with the Board.

    Specifically, the session will demonstrate:

    •Forecasting future financial loss exposure from cyber events
    •Prioritisation of security programmes in terms of forecast reduction in financial loss exposure
    •Evaluating the RoI of security investment proposals.
    The webinar will conclude with some suggestions on how security leaders can start to introduce these techniques and then evolve them through monitoring and continual improvement.
  • Combining human-centred approaches with AI in information security Recorded: Oct 9 2019 45 mins
    Richard Absalom & Daniel Norman
    In the majority of data breaches, human error is blamed. Humans are frequently regarded as the ‘weakest link’ in information security, but organisations have not aimed to understand the reasons why humans make mistakes and are easily coerced by attackers.

    Organisations can take both human-centred and technological steps to mitigate human fallibility: encouraging good security practice at the same time as deploying intelligent systems that learn and analyse activity and behaviour, providing alerts when an attack is imminent.

    In this webinar, ISF research analysts Daniel Norman and Richard Absalom will:

    •explain why humans are a weak link in security but also a key part of the solution – and how human-centred techniques can help
    •provide clarity on what AI really is, and what it can and cannot do for information security
    •pose questions on the extent to which AI could and should monitor networks and people to provide security.
  • Data Protection 2020 - The risk of personal data exposure Recorded: Oct 1 2019 46 mins
    Stephane Charbonneau, Founder & Chief Technology Officer for Titus
    The risk of exposure of personal data has become a growing concern to organizations globally throughout the last several years. While many organizations have made efforts to build a culture of privacy and perhaps a security ecosystem that supports that, many challenges remain on the execution of mitigating such a concern.
    For those organizations who have yet to build out such a program, and those who have done so unsuccessfully, the question becomes, how can we create a privacy program that works for our business?
    The journey to a robust privacy solution has several requirements.
    Join Stephane Charbonneau, Founder & Chief Technology Officer for Titus to learn:
    •Data Protection 2020, the risk of personal data exposure
    •How to ensure compliance with an ever-changing regulatory mandate landscape
    •How to enable a frictionless user experience and optimized workflow to your end users
    •How to tie the technologies in your privacy ecosystem together to protect your most valuable data.
  • Delivering an Effective Cyber Security Exercise: Enhanced Breach Response Recorded: Aug 22 2019 44 mins
    Daniel Norman, Research Analyst, ISF
    Organisations are constantly under threat with over two-thirds of them experiencing data breaches in 2018. As a result, preparedness and resiliency are paramount to protecting an organisation’s information from cyber attacks.

    Business leaders and their security teams can improve their ability to handle cyber attacks by running cyber security exercises. These exercises should help the organisation identify areas of improvement in people, process and technology, reducing the impact should a real cyber attack occur.

    In this webinar Daniel Norman, Research Analyst, ISF will share how organisations should approach running internal cyber security exercises to support breach identification, prevention and response.
  • Optimising your SOC – put your best foot forward with threat intelligence Recorded: Jul 17 2019 47 mins
    Dr Emma Bickerstaffe, Senior Research Analyst
    Threat intelligence is an imperative element of a successful Security Operations Centre (SOC). It provides SOC analysts with situational awareness and actionable insights to accelerate security analysis and prevent security incidents.

    Drawing on the practical experiences of ISF Member organisations, Emma will share how threat intelligence can be effectively harnessed by a SOC to enable proactive decision-making.
  • GDPR One year later: Is a Risk-Based Approach to Data Privacy possible? Recorded: May 20 2019 45 mins
    Simon Rycroft, Principal Consultant, ISF and Kashif Barlas, Senior Consultant, ISF
    With businesses streamlining processes and automating customer service through outsourced arrangements, the volume and content of electronically transmitted personal data records has increased beyond all previous estimates. The sharing of special categories of data between businesses and their suppliers has become the norm, sometimes without adequate protection for the individual’s privacy in breach of the GDPR. Where there are hundreds of supplier contracts, it is not pragmatic for an organisation to review and tighten all these contracts immediately in the wake of the GDPR, however a risk-based approach can certainly reduce the compliance burden upon existing teams.

    In this seminar, we introduce the concept of a minimum viable product for this aspect of data privacy and describe how it can be aligned with an organisation’s risk appetite and agreed before prioritising and mitigating data privacy risks.
  • Threat Horizon 2021 Recorded: Apr 4 2019 47 mins
    Steve Durbin, Managing Director, ISF LTD
    Driven by demands for increased speed, automation and efficiency, organisations are about to face a period of significant technological upheaval. Digitisation promises much, and development of the next generation of technologies will bring significant benefits to business and society. To survive in the digital world organisations will have to adapt. To thrive, they will need to evolve. Exploiting digital interconnectivity, competing in the digital arena while understanding the implications of a digital cold war will all become business as usual challenges for industry over the coming months and years.

    In this webinar, Steve Durbin, Managing Director, ISF will identify the key changes to the digital landscape over the next two years, focusing on emerging threats and means of mitigating their impact.
Live monthly webcasts for CISO’s and business leaders
Steve Durbin, Managing Director of ISF Ltd and ISF analysts will present the ISF webinar series: "In pursuit of the secure organisation..."
We will be sharing thought leadership and practical guidance drawn from ISF Members, which include many of the world’s leading Fortune and Forbes listed organisations) on how to address cyber, information security and risk management issues facing businesses and their security teams.

1. Emerging Cyber Threats (ISF Threat Horizon annual series)
2. The role of the CEO and business leaders in cyber security
3. Being a successful CISO
4. Cyber-attack trends
5. Critical Asset Management
6. Data breach prevention
7. Supply chain
8. Insider Threat and the role of the end user

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Threat Horizon 2021
  • Live at: Apr 4 2019 12:00 pm
  • Presented by: Steve Durbin, Managing Director, ISF LTD
  • From:
Your email has been sent.
or close