Hi [[ session.user.profile.firstName ]]

Leadership in the new normal

On Tuesday 14th July, 14:00 BST, the ISF will be joined by Shawn Henry, CrowdStrike President and CSO, and former FBI Executive Assistant Director.

Shawn will discuss cybersecurity as an enterprise business risk and why strong leadership is critical in the face of a crisis. After over 30 years in Security, with 20 years of cybersecurity experience, Shawn has been personally involved in investigating and managing the response for some of the biggest cyber breaches in US history. Hear examples from the front lines of cyber incident response, key components of strong leadership during an incident, and effective strategies to manage a crisis.

Throughout this webinar you will learn:

•Why strong leadership is critical in the face of a crisis
•The key components of strong leadership when faced with an incident
•Stories from the front line of cyber incident response
•Effective strategies in crisis management
Recorded Jul 14 2020 47 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Shawn Henry, CrowdStrike President and CSO
Presentation preview: Leadership in the new normal

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • The Hitchhiker’s Guide to Cybersecurity Nov 4 2020 11:00 am UTC 45 mins
    Ashley Ward, Cloud CTO at Palo Alto Networks
    Imagine, like Arthur Dent, that you have to deal with rapid change brought on by forces beyond your control. In this talk we’ll look at how cybersecurity has had its “Earth” demolished to make way for a “DevOps bypass” and how security can and will adapt to this new future.

    This talk uses Douglas Adams’ book The Hitchhiker’s Guide to the Galaxy as a basis to provide both structure and entertainment. Roughly following the book’s plot, we’ll showcase how cybersecurity has had its world turned upside down and how processes in this new world sometimes appear to be counterintuitive. In this way, we’ll examine how DevOps, cloud native computing, and agile ways of working can be used by security teams to adapt and improve their cybersecurity technology and outcomes even though they might initially seem very alien.

    We’ll pepper the talk with actionable ideas for teams to embrace and enhance the security of their organizations.

    Learning outcomes
    1. Understand that cybersecurity expertise is needed more than ever in cloud native environments. Once thought of as “blockers,” security teams are now actually business enablers.
    2. Appreciate that security leaders have to learn to automate and operate more efficiently or be overwhelmed. With the right technology in place, it’s possible to scale security teams as needed to be able to respond to any and all threats.
    3. Get excited about this new way of working – having gone through a DevOps digital transformation with a financial services organisation, I’ll give senior cybersecurity leaders intel they can use to sidestep the pitfalls that usually accompany this level of change.
  • Slackers, Go-Getters, & Evildoers: Understanding Negative Workplace Behaviors Oct 29 2020 10:00 am UTC 45 mins
    Dr. Margaret Cunningham, Principal Research Scientist for Human Behavior, Forcepoint X-Labs
    Understanding bad behavior is critical to establishing effective cybersecurity solutions. Be part of the live conversation as the ISF explores three different types of rule breakers with Forcepoint’s research scientist Dr. Margaret Cunningham, and tries to understand how their motivations can jeopardize security.

    Key takeaways for attendees will include the identification of challenges and strategies for mitigating the risks that stem from negative workplace behaviors.

    Dr. Margaret Cunningham is Principal Research Scientist for Human Behavior within Forcepoint X-Labs, focused on establishing a human-centric model for improving cybersecurity. Previously, Cunningham supported technology acquisition, research and development, operational testing and evaluation, and integration for the U.S. Department of Homeland Security and U.S. Coast Guard
  • Becoming a next-generation CISO Recorded: Oct 15 2020 35 mins
    Mark Ward, Senior Research Analyst, ISF
    As organisations undergo digital transformation to make themselves more responsive, Chief Information Security Officers (CISOs) are coming under pressure to help these far-reaching changes succeed.

    These demands have brought about the rise of the next-generation CISO, a security professional who is adapting to the new environment, mastering new skills and advancing the discipline of information security.

    The ISF’s research into the changing role of the CISO has revealed six core characteristics that next-generation leaders exhibit which ensure risks are managed effectively as the organisation rapidly transforms.

    Throughout this webinar, our topic expert Mark Ward, Research Analyst at the ISF, will be presenting key insights and findings from the Becoming a next-generation CISO briefing paper.
  • Phishing Defence in 2020: What the Heck Just Happened & What's Next? Recorded: Oct 14 2020 46 mins
    Cofense Security Solutions Advisor, Tonia Dudley and Senior Director of Sales Engineering, David Mount.
    2020 has been quite the year. And it’s not over yet! If you’re still trying to get a grip on what has happened in the phishing threat landscape - from COVID-themed phishing attacks to data stealing ransomware and everything in between – you aren’t alone. We are all getting through this together and uniting to fight phishing.

    Join us on 14 October at 14:00 BST to hear from Cofense Security Solutions Advisor, Tonia Dudley and Senior Director of Sales Engineering, David Mount. They’ll walk you through the threats observed by Cofense, the predictions we’re making for the remainder of the year, and the lessons we’ve learned on how to protect organizations from the phishing threats that evade perimeter defences.

    Highlights will include:
    • Insights of various phishing campaigns that evaded SEGs and reached end users, delivering credential phish and malware.
    • How threat actors are evolving and adapting their tactics, making it more difficult for end users to know what’s safe and what’s not.
    • Expert predictions of what is coming in the remainder of 2020 and into 2021.
  • BSIMM11: Here’s What’s New! Recorded: Sep 29 2020 47 mins
    Adam Brown, Managing Consultant, Synopsys
    The Building Security In Maturity Model (BSIMM) is a study of existing software security initiatives (SSIs). The BSIMM provides a way to assess the current state of your software security initiative, identify gaps, prioritize change, and determine how and where to apply resources for immediate improvement. In this webinar, Adam Brown, Managing Consultant, Synopsys Software Integrity Group, will give an introduction to BSIMM and how organizations can use it, then dive into the changes observed in the latest version 11.

    Register for this webinar to learn how Synopsys is helping to improve businesses software security efforts.

    We’ll discuss:
    - How organizations are building their software security initiatives
    - How DevOps is affecting the way organizations perform software security
    - How emerging engineering-driven security cultures are changing approaches to software security
  • Subnet Masks Required: How Covid-19 is changing the cyber security landscape Recorded: Sep 3 2020 48 mins
    Seth Wahle, Cyber Security Principle, NASA
    Covid-19 has forced many companies to work remote which has increased their risk surface.

    On Thursday 3rd September at 14:00 BST, the ISF will be joined by SecurityScorecard and Seth Wahle, Cyber Security Principle at NASA, for a live webinar exploring how COVID-19 is changing the cybersecurity landscape

    In this webinar we will discuss:

    Risks now facing network security with consumer grade equipment at the perimeter.
    Difficulties of managing and securing your threat surface with a remote workforce.
    Poor management leading to miss-configurations, resulting in negative incidents.
    Changes you can make to secure your network and protect your assets.
    Seth Wahle, a U.S. Navy veteran, was featured in Forbes and BBC for hacking android phones using an implanted NFC chip in 2015. After selling his cyber security company, Seth now supports NASA’s Agency Applications Office.

    Seth is additionally a major advocate for privacy and cyber security and is a frequent speaker at conferences such as the National Cyber Summit, Defcon, and HackMiami.
  • Why Secure Email Gateways are not enough: Defending against phishing threats Recorded: Aug 19 2020 48 mins
    Cofense Senior Director of Sales Engineering David Mount and Sales Engineer Alain Salesse
    On Wednesday 19th August at 14:00 BST, the ISF will be joined by Cofense for cybersecurity expert insight into the challenges of defending against sophisticated phishing attacks, specifically, how to defend against the phishing email that evades your secure email gateways.

    Cofense Senior Director of Sales Engineering, David Mount, and Sales Enginer, Alain Salesse, will be sharing insight into the current threat landscape as seen through the eyes of the end user and how threat actors are getting past security perimeter controls.

    Highlights will include:
    - Insights of various phishing campaigns that evaded SEGs and reached enterprise end users, delivering credential phish and malware.
    - How threat actors are using trusted services, such as online business surveys and document sharing platforms, to evade SEGs.
    - Expert predictions of what we will continue to see through the remainder of 2020.
  • Account Takeover: Data Findings, Popular Tools, and Prevalent Actors Recorded: Aug 12 2020 40 mins
    Digital Shadows Photon team - Alex Guirakhoo, Kacey Clarke, Michael Marriott
    On Wednesday 12th August at 14:00 BST, the ISF will be joined by the Digital Shadows Photon team, Alex Guirakhoo, Threat Researcher, Team Lead, Kacey Clarke, Threat Researcher, and Michael Marriott, Senior Product Marketing Manager, to learn about their latest research on account takeover. This combines data findings from Digital Shadows’ repository of 15 billion credentials and activity from the cybercriminal underground.

    Throughout this webinar, we will discuss:

    · The size of the problem
    · The attacker toolkit for performing account takeovers
    · Current approaches to brute forcing
    · Most active actors
    · Best practices for preventing account takeovers
  • Dark Web Attack Tools and the Role of Bulletproof Hosting Recorded: Jul 30 2020 46 mins
    Roman Sannikov, director of cybercrime and underground intelligence, & Dmitry Smilyanets, expert threat intelligence analyst
    Automation has become an essential part of nearly every industry, and criminal enterprises are no exception. With an ecosystem of tools and resources available on the dark web, threat actors no longer need to be well-rounded experts in order to operationalize and monetize their campaigns.

    On Thursday 30th July, 10:00 AM ET / 15:00 BST, we will be joined by Recorded Future for a live webinar exploring the tools and services that threat actors are able to purchase to automate their attacks — with a focus on bulletproof hosting services.

    Recorded Future’s Roman Sannikov, director of cybercrime and underground intelligence, and Dmitry Smilyanets, expert threat intelligence analyst, will discuss:

    •The lifecycle of cyberattacks and how automation amplifies their impact
    •The tools and services threat actors are able to access via underground markets
    •Why bulletproof hosting services are useful to cybercriminals and how they work
    •Examples of the role bulletproof hosting services have played in cyberattacks
    •Mitigation strategies to prevent automated attacks and defend your organization
  • How the ISF supports you in protecting trade secrets Recorded: Jul 16 2020 46 mins
    Dr Emma Bickerstaffe, ISF Senior Research Analyst
    The Protection of Trade Secrets came into force on 26 April 2019, implementing the EU Trade Secret Directive (2016/943) into domestic legislation. It introduced the first statutory definition of a trade secret, imposing more stringent requirements for business information to be recognised as a trade secret and benefit from protection under EU law.

    Definition of a trade secret
    Under the new legal definition, information must meet the following three requirements to qualify as a trade secret:
    ‒ it is secret in the sense that it is not, as a body or in the precise configuration and assembly of its components, generally known among or readily accessible to persons within the circles that normally deal with the kind of information in question;
    ‒ it has commercial value because it is secret;
    ‒ it has been subject to reasonable steps under the circumstances, by the person lawfully in control of the information, to keep it secret.

    In this briefing, Dr Emma Bickerstaffe will highlight how the ISF is supporting Members in meeting the new legal definition of a trade secret. We will also look at how ISF research, tools and methodologies can help you build and implement appropriate measures to protect relevant information.
  • Leadership in the new normal Recorded: Jul 14 2020 47 mins
    Shawn Henry, CrowdStrike President and CSO
    On Tuesday 14th July, 14:00 BST, the ISF will be joined by Shawn Henry, CrowdStrike President and CSO, and former FBI Executive Assistant Director.

    Shawn will discuss cybersecurity as an enterprise business risk and why strong leadership is critical in the face of a crisis. After over 30 years in Security, with 20 years of cybersecurity experience, Shawn has been personally involved in investigating and managing the response for some of the biggest cyber breaches in US history. Hear examples from the front lines of cyber incident response, key components of strong leadership during an incident, and effective strategies to manage a crisis.

    Throughout this webinar you will learn:

    •Why strong leadership is critical in the face of a crisis
    •The key components of strong leadership when faced with an incident
    •Stories from the front line of cyber incident response
    •Effective strategies in crisis management
  • How the ISF supports you in protecting trade secrets Recorded: Jul 8 2020 41 mins
    Dr Emma Bickerstaffe, ISF Senior Research Analyst
    The Protection of Trade Secrets came into force on 26 April 2019, implementing the EU Trade Secret Directive (2016/943) into domestic legislation. It introduced the first statutory definition of a trade secret, imposing more stringent requirements for business information to be recognised as a trade secret and benefit from protection under EU law.

    Definition of a trade secret
    Under the new legal definition, information must meet the following three requirements to qualify as a trade secret:
    ‒ it is secret in the sense that it is not, as a body or in the precise configuration and assembly of its components, generally known among or readily accessible to persons within the circles that normally deal with the kind of information in question;
    ‒ it has commercial value because it is secret;
    ‒ it has been subject to reasonable steps under the circumstances, by the person lawfully in control of the information, to keep it secret.

    In this briefing, Dr Emma Bickerstaffe will highlight how the ISF is supporting Members in meeting the new legal definition of a trade secret. We will also look at how ISF research, tools and methodologies can help you build and implement appropriate measures to protect relevant information.
  • Streamlining Your Cybersecurity Risk Process for Blindspot Elimination Recorded: Jun 30 2020 47 mins
    Alex Heid, Chief Research Officer, SecurityScorecard & Kelly Yang, Senior Risk Manager, Northwestern Mutual
    Streamlining Your Cybersecurity Risk Process for Blindspot Elimination, Scalability and Increased Digital Trust.

    As your organization continues to mature, your cybersecurity risk management process, and its scalability, takes on great importance. In this webinar, we will walk you through effective and measurable ways to prioritize your actions in order to scale your program, develop, and deliver effective internal communication, and instill a more risk-averse company culture.

    On Tuesday 30th June, at 14:00 BST / 09:00 ET, the ISF will be joined by Alexander Heid, Chief Research Officer at SecurityScorecard, and Kelly Yang, Senior Director of Risk Management at Northwestern Mutual, for a live webinar discussing “Streamlining Your Cybersecurity Risk Process for Blindspot Elimination, Scalability and Increased Digital Trust.”

    What you will learn during this webinar:
    •How to streamline your cybersecurity risk management process to scale
    •Effective tips on collaboration with other internal teams/players to eliminate blindspots and create a company culture which focuses on risk and uses it as a measurement of success
    •Ways to increase digital trust, both internally and externally
  • Ransomware Attacks, Don’t be a Victim Recorded: Jun 18 2020 48 mins
    Chris Goettl – Director, Product Management, Ivanti
    What do global IT leaders need to be aware of in our current climate? Has the frequency or profile of attacks changed as a result of a higher number of remote workers?

    Join Chris Goettl, Director, Product Management at Ivanti, to gain visibility into the largest security threats and recent attacks that have taken place around the world. Learn about the three-part ransomware strategy of threat actors. We’ll also showcase strategies that can help your IT team be better prepared for the next major event.

    Throughout this webinar you will:

    1.Discover the recent major threats and attacks that IT needs to be aware of
    2.Hear about a 3-part strategy that threat actors use
    3.Learn strategies to prepare for the next major event.
  • Legal and Regulatory Implications for Information Security Recorded: Jun 16 2020 44 mins
    Dr Emma Bickerstaffe, Senior Research Analyst, ISF
    Emerging technologies and related information security trends are key drivers for regulatory change. Yet legislative development continues to lag behind the speed and scale of technological innovation. Even once legislation is enacted, laws differ in their scope of applicability, level of prescription and the aspects of information security that they cover.

    During this webinar, Emma Bickerstaffe will introduce the ISF’s interactive guide, Legal and Regulatory Implications for Information Security, which covers over 400 pieces of legislation across 18 different jurisdictions. Emma will outline how you can use this research to navigate the various laws and regulations that impact your organisation’s security practices.

    Throughout this webinar, you will learn:
    -Key areas where legal considerations affect information security activities
    -Developments in EU legislation
    -Legal issues associated with emerging technology and trends.
  • Security Intelligence: Predict the Predictable and Manage What’s Not Recorded: Jun 11 2020 49 mins
    Staffan Truvé, Co-Founder & CTO, Recorded Future & Levi Gundert, Senior Vice President Global Intelligence, Recorded Future
    During times of crisis, organizations rely on their security teams to remove layers of uncertainty to help maintain business continuity and stability.

    As operations teams scramble to empower remote workers, opportunistic attackers are doubling down on their efforts. Now more than ever, security teams must emphasize risks over threats.

    Integrating predictive intelligence into the core of your security strategy is the best way to measure, communicate, and mitigate risk during times of great change — while proactively preparing for what’s next.

    On Thursday 11th June at 9:00 AM ET / 2:00 PM BST, Recorded Future Co-Founder and CTO Staffan Truvé, joined by Senior Vice President of Global Intelligence Levi Gundert, will present “Predict the Predictable and Manage What’s Not,” a live webinar outlining:

    oWhat we can learn from 20 plus years of failed security paradigms exacerbated during times of uncertainty
    oHow a risk-based approach can help security teams maximize resources and amplify impact — with a focus on maintaining profitability
    oRecorded Future research on vulnerability exploits and threats linked to geographies and industries impacted by the COVID-19 crisis
  • Threat Intelligence on a budget: using Open Source Intelligence (OSINT) wisely Recorded: May 14 2020 49 mins
    Gareth Haken, Senior Analyst, ISF
    As cyber threats continue to grow in both potency and scale, staying one step ahead of the attackers can make all the difference. Threat intelligence can be a key ally in the fight to not only predict future attacks but also detect current attacks and respond accordingly to minimise impact. Whilst threat intelligence can be costly or difficult to produce, one particular source of threat information is both freely available and rich in content.

    During this webinar, Gareth Haken, Senior Analyst at the ISF, will be talking about Open Source Intelligence (OSINT), its applicability to threat intelligence, the potential benefits and also the challenges and pitfalls that it may bring.
  • Cloud Security 101: Securing Employees in the Office or at Home Recorded: May 12 2020 49 mins
    Neil Thacker, EMEA CISO, Netskope and Ross Asquith, Product Marketing Manager, Netskope
    Organisations everywhere are being forced to deal with a new reality of remote working; and an adoption of cloud applications - particularly those used for collaboration - at a rate and scale that they may not have planned for as part of their Digital Transformation journey.

    Today most of us will be using cloud applications to store and process corporate data, and communicate and collaborate across our organisation. However, it’s worth reminding ourselves of the basics - that a move to the cloud (or the adoption of any new cloud application) introduces new risks and therefore we need to ensure we have mitigating controls.

    Legacy security architectures, such as a hub and spoke model, force remote workers and remote offices to backhaul their cloud and web traffic through a data centre where a traditional secure web gateway (SWG) attempts to manage access and provide protection. The problem is, for most organisations, over 50% of WAN traffic is now destined for the internet and this number increases every year. Backhauling this traffic across the WAN and through the data centre simply wastes bandwidth, and degrades the end user experience.

    Ironically, the traditional SWG being used in the data centre probably doesn’t understand cloud application traffic anyway - and can’t control the activities and data transfers being performed by employees, or protect employees from today’s cloud-enabled threats.

    Join Netskope on this webinar to learn about:

    - Security and compliance considerations when selecting and deploying cloud applications - The additional risks associated with home/remote workers accessing cloud and web - How a Next Generation SWG can provide visibility and control of cloud application usage - Security Transformation, and why it is best achieved using a Secure Access Service Edge (SASE)
  • Third Party Risk Management: How to Conduct a High-Quality Virtual Assessment Recorded: Apr 27 2020 47 mins
    Drew Wilkinson, VP of Customer Success for SecurityScorecard & Jill Czerwinski, Partner, Crowe
    Everyone around the globe is responding to an unfamiliar market landscape where business continuity plans are being tested and stressed. For security teams trying to keep up with not only their own rapidly shifting environment but that of their vendors, third party risk management adds additional layers of complexity. Questions like: Is my supplier capable of delivering what we need? Do their cybersecurity management capabilities remain sound? Should we bring on new vendors to safeguard us against any points of failure?

    In a time where speed is critical and standard operating procedures seem null and void, SecurityScorecard and Crowe will speak to how you can handle vendor assessments online, in a comprehensive manner with confidence. They’ll share how they’ve seen companies pivot and adapt to newly crafted best practices for the current operating environment. Our speakers are veteran subject matter experts in Third Party Risk, Information Security and Data Privacy and have 40+ years of combined industry experience.
    `
    In this session you will learn:
    •The benefits and disadvantages of virtual assessments
    •How to conduct a comprehensive virtual assessment with a fully remote process and framework
    •What pitfalls to avoid in order to ensure a high-quality virtual assessment
  • Phishing and Email Security – Effectively Managing Human Vulnerabilities Recorded: Apr 15 2020 47 mins
    Daniel Norman, Research Analyst, ISF
    In this upcoming ISF Webinar, Daniel Norman, Research Analyst at the ISF, will be discussing the psychological techniques attackers use during phishing campaigns and how organisations can improve phishing training and awareness.

    Nearly all organisations perform some kind of phishing testing on a regular basis, with varying levels of success. Many phishing campaigns are tick-box exercises, are unsuitable and punish behaviour. By understanding attacker techniques we can identify what triggers human behaviour, and thus begin developing phishing training and awareness activities that improve behaviour change.

    This webinar will teach you:
    1. About psychological weaknesses and attacker techniques
    2. Why phishing training is still important
    3. Strengths and weaknesses, and why metrics for success are so difficult.
Live monthly webcasts for CISO’s and business leaders
Steve Durbin, Managing Director of ISF Ltd and ISF analysts will present the ISF webinar series: "In pursuit of the secure organisation..."
We will be sharing thought leadership and practical guidance drawn from ISF Members, which include many of the world’s leading Fortune and Forbes listed organisations) on how to address cyber, information security and risk management issues facing businesses and their security teams.

1. Emerging Cyber Threats (ISF Threat Horizon annual series)
2. The role of the CEO and business leaders in cyber security
3. Being a successful CISO
4. Cyber-attack trends
5. Critical Asset Management
6. Data breach prevention
7. Supply chain
8. Insider Threat and the role of the end user

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Leadership in the new normal
  • Live at: Jul 14 2020 1:00 pm
  • Presented by: Shawn Henry, CrowdStrike President and CSO
  • From:
Your email has been sent.
or close