Hi [[ session.user.profile.firstName ]]

Using Cloud Services Securely: Harnessing core controls

Cloud computing has evolved at an incredible speed and, in many organisations, has become entwined with the complex technological landscape that supports critical daily operations. Business and security leaders already face many challenges in protecting their existing IT environment; they must now find ways to securely use multiple cloud services.

In this ISF Webinar, Benoit Heynderickx, Principal Analyst at the Information Security Forum, will discuss the key findings in his research report Using Cloud Services Securely: Harnessing core controls. This report empowers organisations to deploy the right set of security controls and to focus their efforts on the most valuable action that will reduce the likelihood and impact of cloud-related threat events.

Throughout this webinar, you will learn more about:

•Critical control areas for securing cloud services
•Practical experiences and real case scenarios for securing a multi-cloud environment
•The importance of, and how to deploy and maintain a simple yet effective approach to using cloud services securely.
Recorded Mar 25 2020 56 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Benoit Heynderickx, Principal Analyst, ISF
Presentation preview: Using Cloud Services Securely: Harnessing core controls

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Why 5G security standards are so important and what is the latest progress? Jan 26 2021 1:00 pm UTC 45 mins
    Yoann Klein, Senior Cyber Security Advisor
    5G promises many new capabilities and use cases, making this technology the coming preferred platform for the digitalized world. That is why security and resilience of our telco networks will become even more critical in the future. Our 5G networks must be built on a strong assurance system.

    NESAS is a collaborative, agreed and promoted standard amongst the telco industry. From vendors to operators but also at governmental level, it is perceived as the major foundation for answering our telco security challenges. But what is exactly the NESAS standard ? How is it making 5G more secure? And what can we expect from it today and in the future ?

    This webinar will propose you an overview of the 5G security standard ecosystem and to discover what are the latest updates on NESAS
  • Human-Centred Security: Positively influencing security behaviour Jan 19 2021 2:00 pm UTC 45 mins
    Daniel Norman, Senior Solutions Analyst, ISF
    Human error and negligence still contribute to a significant number of security incidents, yet current approaches to mitigating this risk are failing to have the desired impact. Many organisations have not always prioritised the effective management of this risk and have historically relied upon security awareness to influence security behaviour. Yet this only resolves a small part of the problem and neglects other factors. A robust human-centred security programme is required.

    This webinar will help you to:

    - understand the key factors that influence behaviour
    - deliver impactful security education, training and awareness
    - design systems, applications, processes and the physical environment to account for user behaviour
    - develop metrics to measure behaviour change and demonstrate return on investment.
  • Security for Wizards Jan 12 2021 2:00 pm UTC 45 mins
    Ell Marquez, Linux and Security Advocate, Intezer
    A Horcrux is a powerful object in which a Dark wizard or witch [attacker] has hidden a fragment of his or her soul [code] for the purpose of attaining immortality [persistence].

    Creating a Horcrux gives one the ability to anchor their own soul [code] to earth[environment], if the body [process] is destroyed.

    In this session, we will come to understand how attackers are able to not only compromise our cloud environments but also maintain persistence—while our security teams are distracted by a mountain of false alerts. If we focus on the root cause of all cyber attacks: unauthorized spells, wait, I mean unauthorized code.
  • Using AI, automation and open standards to modernize security Dec 15 2020 2:00 pm UTC 45 mins
    Chris Meenan, Director of Threat Management Offering Management and Strategy at IBM Security IBM Security
    As organizations manage increasing cloud-based workloads and a remote workforce, the need to shift to a modernized, remote security operations center (SOC) is a high priority for security leaders. SOC teams need to be able to analyze user, device and application behaviors across devices, networks and multiple cloud services. They have to do this while maintaining existing staffing levels and a fragmented security tool environment. In order to address these challenges, security leaders are adopting a modern, unified approach to managing threats that brings together automation, AI and a standards-based approach that provides better visibility and detection across hybrid, multicloud deployments.

    Join this webinar to hear how IBM Security is addressing these challenges by bringing together threat management and data security solutions, leveraging an open, multicloud platform and working to simplify and streamline the analyst workload.

    Speaker:

    Chris Meenan
    Director of Threat Management Offering Management and Strategy at IBM Security
    IBM Security

    Chris Meenan is the Director of Threat Management Offering Management and Strategy within the IBM Security division. He has over 15 years of experience in product management and has been involved in developing, managing, releasing and selling software products for over 25 years. Chris has an extensive market, domain, and customer knowledge in IT Security, Customer Relationship Management and Telecom OSS solutions. Chris holds a 1st Honours degree in Physics and has a PhD in telecommunications.
  • Emerging Cyber Threats for 2021 Dec 9 2020 1:00 pm UTC 45 mins
    Steve Durbin, Managing Director, ISF
    The fallout from COVID-19 has presented a complex set of interrelated factors, causing a ripple effect that impacts the global economy, every geographic region and all industry sectors.

    Organisations have been thrust into chaos, and the role of the Security Officer and security function is about to come under increasing pressure with a number on previously unanticipated scenarios and threats over the coming months.

    On Wednesday 9th December, 13:00 BST, join Steve Durbin, Managing Director of the ISF for our annual emerging threats webinar, exploring the key information security threats to look out for in 2021 and how you can prepare for them.

    Throughout this webinar, Steve will explore the following threats:
    • The insider threat
    • Edge computing pushes security to the brink
    • The digital generation becoming the scammers dream
  • Looking Forward to 2021: The Future of Security Intelligence Recorded: Dec 3 2020 28 mins
    Jason Steer, director of EMEA presales at Recorded Future
    On Thursday 3rd December, 11:00 ET/ 16:00 GMT, the ISF will be joined by Jason Steer, director of EMEA presales at Recorded Future for a webinar exploring the future of security intelligence and what we can expect in 2021.

    It’s critical for organisations to know how to evaluate a security intelligence provider, and ultimately choose one that will effectively reduce alert fatigue, improve decision making across the business, and deliver unique insights on a broad range of threats.

    But what are the capabilities you should be looking for in a provider to best enable your business to benefit?
  • Assess. Comply. Assure: Eight Cyber Challenges in an Uncertain World Recorded: Nov 12 2020 45 mins
    Alex Jordan, Senior Analyst, ISF
    Cybercrime flourishes in an economic downturn, and as more organisations
    adopt digitalisation and move operations online, their need to protect data
    and critical assets increases.

    We live in an uncertain world where budgets and resources are tight, yet
    the need to manage information risk and establish resilience has never been
    more important.

    On Thursday 12th November, 09:00 GMT, Alex Jordan, Senior Analyst at the ISF will be exploring eight cyber challenges in an uncertain world and how the ISF Aligned Tools Suite 2020 equips you to respond.

    This webinar will help you answer questions such as:

    ‒ How do you prioritise when resources are under pressure?
    ‒ How do you determine a manageable level of information risk?
    ‒ How do you assure your supply chain?
    ‒ How do you manage compliance across multiple standards?
  • The Hitchhiker’s Guide to Cybersecurity Recorded: Nov 4 2020 44 mins
    Ashley Ward, Cloud CTO at Palo Alto Networks
    Imagine, like Arthur Dent, that you have to deal with rapid change brought on by forces beyond your control. In this talk we’ll look at how cybersecurity has had its “Earth” demolished to make way for a “DevOps bypass” and how security can and will adapt to this new future.

    This talk uses Douglas Adams’ book The Hitchhiker’s Guide to the Galaxy as a basis to provide both structure and entertainment. Roughly following the book’s plot, we’ll showcase how cybersecurity has had its world turned upside down and how processes in this new world sometimes appear to be counterintuitive. In this way, we’ll examine how DevOps, cloud native computing, and agile ways of working can be used by security teams to adapt and improve their cybersecurity technology and outcomes even though they might initially seem very alien.

    We’ll pepper the talk with actionable ideas for teams to embrace and enhance the security of their organizations.

    Learning outcomes
    1. Understand that cybersecurity expertise is needed more than ever in cloud native environments. Once thought of as “blockers,” security teams are now actually business enablers.
    2. Appreciate that security leaders have to learn to automate and operate more efficiently or be overwhelmed. With the right technology in place, it’s possible to scale security teams as needed to be able to respond to any and all threats.
    3. Get excited about this new way of working – having gone through a DevOps digital transformation with a financial services organisation, I’ll give senior cybersecurity leaders intel they can use to sidestep the pitfalls that usually accompany this level of change.
  • Slackers, Go-Getters, & Evildoers: Understanding Negative Workplace Behaviors Recorded: Oct 29 2020 46 mins
    Dr. Margaret Cunningham, Principal Research Scientist for Human Behavior, Forcepoint X-Labs
    Understanding bad behavior is critical to establishing effective cybersecurity solutions. Be part of the live conversation as the ISF explores three different types of rule breakers with Forcepoint’s research scientist Dr. Margaret Cunningham, and tries to understand how their motivations can jeopardize security.

    Key takeaways for attendees will include the identification of challenges and strategies for mitigating the risks that stem from negative workplace behaviors.

    Dr. Margaret Cunningham is Principal Research Scientist for Human Behavior within Forcepoint X-Labs, focused on establishing a human-centric model for improving cybersecurity. Previously, Cunningham supported technology acquisition, research and development, operational testing and evaluation, and integration for the U.S. Department of Homeland Security and U.S. Coast Guard
  • Becoming a next-generation CISO Recorded: Oct 15 2020 35 mins
    Mark Ward, Senior Research Analyst, ISF
    As organisations undergo digital transformation to make themselves more responsive, Chief Information Security Officers (CISOs) are coming under pressure to help these far-reaching changes succeed.

    These demands have brought about the rise of the next-generation CISO, a security professional who is adapting to the new environment, mastering new skills and advancing the discipline of information security.

    The ISF’s research into the changing role of the CISO has revealed six core characteristics that next-generation leaders exhibit which ensure risks are managed effectively as the organisation rapidly transforms.

    Throughout this webinar, our topic expert Mark Ward, Research Analyst at the ISF, will be presenting key insights and findings from the Becoming a next-generation CISO briefing paper.
  • Phishing Defence in 2020: What the Heck Just Happened & What's Next? Recorded: Oct 14 2020 46 mins
    Cofense Security Solutions Advisor, Tonia Dudley and Senior Director of Sales Engineering, David Mount.
    2020 has been quite the year. And it’s not over yet! If you’re still trying to get a grip on what has happened in the phishing threat landscape - from COVID-themed phishing attacks to data stealing ransomware and everything in between – you aren’t alone. We are all getting through this together and uniting to fight phishing.

    Join us on 14 October at 14:00 BST to hear from Cofense Security Solutions Advisor, Tonia Dudley and Senior Director of Sales Engineering, David Mount. They’ll walk you through the threats observed by Cofense, the predictions we’re making for the remainder of the year, and the lessons we’ve learned on how to protect organizations from the phishing threats that evade perimeter defences.

    Highlights will include:
    • Insights of various phishing campaigns that evaded SEGs and reached end users, delivering credential phish and malware.
    • How threat actors are evolving and adapting their tactics, making it more difficult for end users to know what’s safe and what’s not.
    • Expert predictions of what is coming in the remainder of 2020 and into 2021.
  • BSIMM11: Here’s What’s New! Recorded: Sep 29 2020 47 mins
    Adam Brown, Managing Consultant, Synopsys
    The Building Security In Maturity Model (BSIMM) is a study of existing software security initiatives (SSIs). The BSIMM provides a way to assess the current state of your software security initiative, identify gaps, prioritize change, and determine how and where to apply resources for immediate improvement. In this webinar, Adam Brown, Managing Consultant, Synopsys Software Integrity Group, will give an introduction to BSIMM and how organizations can use it, then dive into the changes observed in the latest version 11.

    Register for this webinar to learn how Synopsys is helping to improve businesses software security efforts.

    We’ll discuss:
    - How organizations are building their software security initiatives
    - How DevOps is affecting the way organizations perform software security
    - How emerging engineering-driven security cultures are changing approaches to software security
  • Subnet Masks Required: How Covid-19 is changing the cyber security landscape Recorded: Sep 3 2020 48 mins
    Seth Wahle, Cyber Security Principle, NASA
    Covid-19 has forced many companies to work remote which has increased their risk surface.

    On Thursday 3rd September at 14:00 BST, the ISF will be joined by SecurityScorecard and Seth Wahle, Cyber Security Principle at NASA, for a live webinar exploring how COVID-19 is changing the cybersecurity landscape

    In this webinar we will discuss:

    Risks now facing network security with consumer grade equipment at the perimeter.
    Difficulties of managing and securing your threat surface with a remote workforce.
    Poor management leading to miss-configurations, resulting in negative incidents.
    Changes you can make to secure your network and protect your assets.
    Seth Wahle, a U.S. Navy veteran, was featured in Forbes and BBC for hacking android phones using an implanted NFC chip in 2015. After selling his cyber security company, Seth now supports NASA’s Agency Applications Office.

    Seth is additionally a major advocate for privacy and cyber security and is a frequent speaker at conferences such as the National Cyber Summit, Defcon, and HackMiami.
  • Why Secure Email Gateways are not enough: Defending against phishing threats Recorded: Aug 19 2020 48 mins
    Cofense Senior Director of Sales Engineering David Mount and Sales Engineer Alain Salesse
    On Wednesday 19th August at 14:00 BST, the ISF will be joined by Cofense for cybersecurity expert insight into the challenges of defending against sophisticated phishing attacks, specifically, how to defend against the phishing email that evades your secure email gateways.

    Cofense Senior Director of Sales Engineering, David Mount, and Sales Enginer, Alain Salesse, will be sharing insight into the current threat landscape as seen through the eyes of the end user and how threat actors are getting past security perimeter controls.

    Highlights will include:
    - Insights of various phishing campaigns that evaded SEGs and reached enterprise end users, delivering credential phish and malware.
    - How threat actors are using trusted services, such as online business surveys and document sharing platforms, to evade SEGs.
    - Expert predictions of what we will continue to see through the remainder of 2020.
  • Account Takeover: Data Findings, Popular Tools, and Prevalent Actors Recorded: Aug 12 2020 40 mins
    Digital Shadows Photon team - Alex Guirakhoo, Kacey Clarke, Michael Marriott
    On Wednesday 12th August at 14:00 BST, the ISF will be joined by the Digital Shadows Photon team, Alex Guirakhoo, Threat Researcher, Team Lead, Kacey Clarke, Threat Researcher, and Michael Marriott, Senior Product Marketing Manager, to learn about their latest research on account takeover. This combines data findings from Digital Shadows’ repository of 15 billion credentials and activity from the cybercriminal underground.

    Throughout this webinar, we will discuss:

    · The size of the problem
    · The attacker toolkit for performing account takeovers
    · Current approaches to brute forcing
    · Most active actors
    · Best practices for preventing account takeovers
  • Dark Web Attack Tools and the Role of Bulletproof Hosting Recorded: Jul 30 2020 46 mins
    Roman Sannikov, director of cybercrime and underground intelligence, & Dmitry Smilyanets, expert threat intelligence analyst
    Automation has become an essential part of nearly every industry, and criminal enterprises are no exception. With an ecosystem of tools and resources available on the dark web, threat actors no longer need to be well-rounded experts in order to operationalize and monetize their campaigns.

    On Thursday 30th July, 10:00 AM ET / 15:00 BST, we will be joined by Recorded Future for a live webinar exploring the tools and services that threat actors are able to purchase to automate their attacks — with a focus on bulletproof hosting services.

    Recorded Future’s Roman Sannikov, director of cybercrime and underground intelligence, and Dmitry Smilyanets, expert threat intelligence analyst, will discuss:

    •The lifecycle of cyberattacks and how automation amplifies their impact
    •The tools and services threat actors are able to access via underground markets
    •Why bulletproof hosting services are useful to cybercriminals and how they work
    •Examples of the role bulletproof hosting services have played in cyberattacks
    •Mitigation strategies to prevent automated attacks and defend your organization
  • How the ISF supports you in protecting trade secrets Recorded: Jul 16 2020 46 mins
    Dr Emma Bickerstaffe, ISF Senior Research Analyst
    The Protection of Trade Secrets came into force on 26 April 2019, implementing the EU Trade Secret Directive (2016/943) into domestic legislation. It introduced the first statutory definition of a trade secret, imposing more stringent requirements for business information to be recognised as a trade secret and benefit from protection under EU law.

    Definition of a trade secret
    Under the new legal definition, information must meet the following three requirements to qualify as a trade secret:
    ‒ it is secret in the sense that it is not, as a body or in the precise configuration and assembly of its components, generally known among or readily accessible to persons within the circles that normally deal with the kind of information in question;
    ‒ it has commercial value because it is secret;
    ‒ it has been subject to reasonable steps under the circumstances, by the person lawfully in control of the information, to keep it secret.

    In this briefing, Dr Emma Bickerstaffe will highlight how the ISF is supporting Members in meeting the new legal definition of a trade secret. We will also look at how ISF research, tools and methodologies can help you build and implement appropriate measures to protect relevant information.
  • Leadership in the new normal Recorded: Jul 14 2020 47 mins
    Shawn Henry, CrowdStrike President and CSO
    On Tuesday 14th July, 14:00 BST, the ISF will be joined by Shawn Henry, CrowdStrike President and CSO, and former FBI Executive Assistant Director.

    Shawn will discuss cybersecurity as an enterprise business risk and why strong leadership is critical in the face of a crisis. After over 30 years in Security, with 20 years of cybersecurity experience, Shawn has been personally involved in investigating and managing the response for some of the biggest cyber breaches in US history. Hear examples from the front lines of cyber incident response, key components of strong leadership during an incident, and effective strategies to manage a crisis.

    Throughout this webinar you will learn:

    •Why strong leadership is critical in the face of a crisis
    •The key components of strong leadership when faced with an incident
    •Stories from the front line of cyber incident response
    •Effective strategies in crisis management
  • How the ISF supports you in protecting trade secrets Recorded: Jul 8 2020 41 mins
    Dr Emma Bickerstaffe, ISF Senior Research Analyst
    The Protection of Trade Secrets came into force on 26 April 2019, implementing the EU Trade Secret Directive (2016/943) into domestic legislation. It introduced the first statutory definition of a trade secret, imposing more stringent requirements for business information to be recognised as a trade secret and benefit from protection under EU law.

    Definition of a trade secret
    Under the new legal definition, information must meet the following three requirements to qualify as a trade secret:
    ‒ it is secret in the sense that it is not, as a body or in the precise configuration and assembly of its components, generally known among or readily accessible to persons within the circles that normally deal with the kind of information in question;
    ‒ it has commercial value because it is secret;
    ‒ it has been subject to reasonable steps under the circumstances, by the person lawfully in control of the information, to keep it secret.

    In this briefing, Dr Emma Bickerstaffe will highlight how the ISF is supporting Members in meeting the new legal definition of a trade secret. We will also look at how ISF research, tools and methodologies can help you build and implement appropriate measures to protect relevant information.
  • Streamlining Your Cybersecurity Risk Process for Blindspot Elimination Recorded: Jun 30 2020 47 mins
    Alex Heid, Chief Research Officer, SecurityScorecard & Kelly Yang, Senior Risk Manager, Northwestern Mutual
    Streamlining Your Cybersecurity Risk Process for Blindspot Elimination, Scalability and Increased Digital Trust.

    As your organization continues to mature, your cybersecurity risk management process, and its scalability, takes on great importance. In this webinar, we will walk you through effective and measurable ways to prioritize your actions in order to scale your program, develop, and deliver effective internal communication, and instill a more risk-averse company culture.

    On Tuesday 30th June, at 14:00 BST / 09:00 ET, the ISF will be joined by Alexander Heid, Chief Research Officer at SecurityScorecard, and Kelly Yang, Senior Director of Risk Management at Northwestern Mutual, for a live webinar discussing “Streamlining Your Cybersecurity Risk Process for Blindspot Elimination, Scalability and Increased Digital Trust.”

    What you will learn during this webinar:
    •How to streamline your cybersecurity risk management process to scale
    •Effective tips on collaboration with other internal teams/players to eliminate blindspots and create a company culture which focuses on risk and uses it as a measurement of success
    •Ways to increase digital trust, both internally and externally
Live monthly webcasts for CISO’s and business leaders
Steve Durbin, Managing Director of ISF Ltd and ISF analysts will present the ISF webinar series: "In pursuit of the secure organisation..."
We will be sharing thought leadership and practical guidance drawn from ISF Members, which include many of the world’s leading Fortune and Forbes listed organisations) on how to address cyber, information security and risk management issues facing businesses and their security teams.

1. Emerging Cyber Threats (ISF Threat Horizon annual series)
2. The role of the CEO and business leaders in cyber security
3. Being a successful CISO
4. Cyber-attack trends
5. Critical Asset Management
6. Data breach prevention
7. Supply chain
8. Insider Threat and the role of the end user

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Using Cloud Services Securely: Harnessing core controls
  • Live at: Mar 25 2020 1:00 pm
  • Presented by: Benoit Heynderickx, Principal Analyst, ISF
  • From:
Your email has been sent.
or close