May 11 th 13th 2015, San Antonio, TX AGENDA Understanding and Managing the Information Risks in an Agile Connected Business
|
|
- Jared Gilmore
- 8 years ago
- Views:
Transcription
1 May 11 th 13th 2015, San Antonio, TX AGENDA Understanding and Managing the Information Risks in an Agile Connected Business 4:30pm 6:00pm Roundtable Sessions Track 1: GRC and the Business Value of Security Track 2: The Changing Threat Landscape Track 3: Best Practices in Security Controls 6:00pm 7:00pm COCKTAILS AND NETWORKING 7:00pm 10pm GALA DINNER AND KEYNOTE SPEECH Five 2015 Imperatives for Savvy CISOs May 11th - Day 1 This year saw a continued escalation in attacks from a wide range of threat sources, each possessing greater capabilities than seen before. Likewise, corporate governing bodies have increased their interest in and understanding of cybersecurity. Given this growing complexity and scrutiny, what should CISOs be thinking about in 2015? May 12th DAY 2 7:00am 8:00am BREAKFAST AND REGISTRATION 8:10am 8:50am OPENING KEYNOTE PANEL User Behaviours and Security Risk There are two sides of the coin with respect to user behaviours and security risks: In spite of all the technical security controls designed to prevent an occurrence, we all know that incidents still do occur and the root cause for many (if not most!) of these incidents are the actions of users. For this reason, changing user behaviours e.g., through investments in user awareness and training represents the critical last mile of reducing risks on the prevention side of the security risk equation. On the impact side of the security risk equation, we also know that it makes sense to be in a position to detect, respond and recover from security-related incidents more quickly when they do occur. For this purpose, leveraging visibility into user behaviours with big data and advanced analytics capabilities can help to detect and respond to insider threat (e.g., fraud, theft of IP, sabotage of IT infrastructure).
2 In this session, panellists will share their views on: Approaches and results from investments in user awareness and training exercises (e.g., phish-train-phish ), and the corresponding reduction in risk Approaches to monitoring and recording the activities of authorized end-users and end-user systems, and how this can be used both retrospectively (e.g., audits and investigations) and proactively (e.g., identifying anomalous, potentially malicious behaviours) The appropriate balance and mix between the two, and why 9:00am 9:40am SESSION 1 Understanding the Implications of Geopolitical Events on the Security of Your Business We operate in a world where corporations have global presence and thinking domestically is a luxury multi-national security officers can t afford. Security professionals have to combine foundational security knowledge with an examination of world events and the analytical application of open source intelligence. The successful security professional will have a process for tracking and associating related events. Just as important, security officers need to monitor analogous behaviors exhibited by governments to attempt predicting potential outcomes based on previous patterns. Monitoring government activities and getting a sense of the reasoning behind those activities requires us to use multiple sources for information. This program can t be successful if only one country s perspective is used. There is a growing need for security to become precognitive. Businesses are employing analytics to better use big data and there is every indication that for security has to follow the same footpath if we hope to become less reactive and improve our value to the business. Key Takeaways: 1. Discussion of best tools to track and manage events 2. Analyzing the information How and what matters 3. Sources of information Good vs. bad sources 9:45am 10:25am SESSION 2 New Strategies for Addressing Emerging Threats and Targeted Attacks Today s unknown malware, "one day wonder" websites and zero-day threats continue to evade even the best traditional security defenses. The last few highly publicized breaches in security have proven that no walls are high enough to keep out attackers. Threat actors vary enormously, and the fluidity of talent, techniques and technology behind an incident makes holistic prevention virtually untenable. To combat these threats, a modern approach to security is necessary: one that integrates real-time protection, dynamic analysis and post-breach investigation and remediation. Join this interesting discussion led by Grant Asplund to share new approaches that close the gap that exists between ongoing security operations and incident discovery, containment and resolution. 10:30am 11:10am SESSION 3 Cross-Industry Knowledge Transfer at the Intersection of Compliance and Security Many industries, such as financial, utilities, and health care operate under compliance rules from government oversight organizations. The relationship between compliance rules centered on cybersecurity and a full-fledged security program are not well understood; sometimes they are even at odds with each other. Comparing notes from different industries coping with similar compliance/security issues may open innovative avenues. 11:15am 11:55am SESSION 4
3 Just In Time, Just Enough Access via Adaptive Privilege Management The reality is that you are dealing with: A porous perimeter APTs like pass-the-hash Ineffective firewalls, anti-malware, and anti-virus software Make the assumption that intruders are already within your environment because they will get in. What can you do to limit their access? We will discuss best practices to minimize persistent access by intruders. This session will explain how adaptive privileged security is used to: 1. Minimize lateral motion in the environment 2. Time-limit the value of credentials 3. Control scope of access for authorized users with real reasons for access 12:00pm 12:45pm SESSION 5 Growing Cyber Threats Demand Advanced Mitigation Strategies It seems like every day that we hear about the growing cyber threat environment, whether from nation states trying to steal intellectual property, cyber criminals attempting to steal credit information or money, or just political activists who want to emphasize one cause or another. Whatever the case, the threats are real, stealthy, and persistent and occur in real-time. Consider the range of cyber threats that we face each and every day that can eviscerate our critical infrastructure or destabilize our economic viability. Some of the more pervasive avenues include mobile device exploitation, insecure web applications, Advanced Persistent Threats (APTs), BOTNETS, Phishing techniques, and the use of social media channels. Threat Mitigation Techniques: Given the heightened cyber threat environment, there are proven techniques to address this growing threat. Best practices generally lead to a layered, multi-faceted approach to protect critical infrastructure from both external and insider threats. This approach includes perimeter security; supply chain security; associated secure software development practices; secure embedded processing for mission critical applications; and insider threat monitoring. The workshop will explore: - Technology trends that are important to consider to better protect infrastructure - A layered approach to Cyber Defense to enhance Cyber Resiliency 12:50 pm 1:50pm Lunch & Networking 1:55pm 2:35pm SESSION 6 The New Security Model: Before, During, and After an Attack
4 In the real world, it's no longer a matter of if an attacker will get in, but when. Security professionals need to evolve their strategy from a point-in-time approach to a continuous model that addresses the full attack continuum before, during and after an attack. BEFORE: You can't protect what you can't see. To defend against threats you need complete visibility of devices, operating systems, services, files, applications, users, vulnerabilities and more. This information is used to create access control policies and identify users. DURING: Advanced threats require advanced threat detection. Point in time detection methodologies must be sophisticated and updated with automated threat detection feeds for effective blocking of known threats. AFTER: But what about the unknown threats? Invariably some of these attacks will be successful. The future of network security relies on the ability to look back at the decisions made in the DURING phase and ask if the right decision was made. As new information becomes available, technologies need the ability to change their mind! 1. Explore the Cisco approach to cybersecurity that is visibility-driven, threat-focused and platform-based 2. Perform live policy and attack demos that illustrate solutions to real-world problems across multiple products 3. Illustrate tools that enable a before, during and after security solution in action 2:40pm 3:20pm SESSION 7 The Road to Automated Threat Hunting As cyber threats continue to evolve in frequency, complexity, and impact, successfully hunting for threats with a technology environment is a critical capability of modern IT security programs. In this presentation, Marc Othersen will discuss the importance of threat hunting capabilities to detect advanced threats, outline a framework for a threat hunting capability, and will present a case study on how automation can give IT security programs a significant advantage versus manual hunting activities. Key takeaways: The basic building blocks for an effective threat hunting capability Techniques and requirements for automation Caveats for consideration when starting the automated threat hunting journey 3:25pm 4:05pm SESSION 8 Lessons From One Trillion Transactions Best Practices in Internet Security The world of IT security is undergoing tremendous change. The unstoppable momentum of the Internet and cloud computing, the ubiquity of mobile devices and the emergence of the Internet of things have together turned the IT security landscape upside down. Zscaler is one of the world s largest Internet security providers we protect more than 5,000 global enterprises, governments and military organizations with our award-winning Security as a Service platform helping them stay safe from cyber-threats, stop leakage of intellectual property, and ensuring compliance with corporate, legal and statutory requirements for Internet usage. In this session, Zscaler will share the latest Internet security and compliance findings from mining more than one trillion transactions. We ll cover best practices for dealing with Internet security and compliance in today s cloud and mobile-first world. In addition we will share and discuss:
5 1. The latest cyber-threat landscape what attacks are trending, who the bad guys are, what they are up to and how you can protect yourself. 2. How Google, Facebook and virtually all commercial cloud providers are forcing the use of SSL encryption on the Internet potentially making you blind to what s going on with more than 50% of your traffic and opening a new way for evil-doers to hide their malicious efforts. 3. The case for cloud-based Internet security just like the CRM market shifted from Siebel to Salesforce and the market shifted from Microsoft Exchange to Gmail and Office 365, hardware appliance-based approaches to Internet security are rapidly giving way to cloud-based Security as a Service platforms. 4. Lessons learned from more than 5,000 leading global organizations, including Nestle, Coca-Cola, GE, United Airlines, Humana, British American Tobacco, Pitney Bowes, the United States Marines and NATO, that have adopted cloud-based Internet security. 4:10pm 4:50pm SESSION 9 Incident Response Communications The Good, The Bad and The Ugly We strongly regret the unauthorized disclosure of your personal information We want to assure you that we take security and privacy very seriously. If your organization has experienced a security breach (even if it has done all the right things), you still have to communicate to your customers about an awkward and unpleasant topic. Platitudes such as we regret and we take this very seriously just don t cut it. There are certain things they want to know: What happened? Who is accountable? What steps are being taken to prevent it from happening again? How will they be made whole? This workshop will: Highlight some of his work in the area of how organizations communicate publicly about security incidents (be forewarned: most of it is very bad) Establish a framework for effective incident response communications Use the framework to grade a couple of public incidents for group discussion Participants will gain a new perspective on their organization s current state of preparation for potential crisis communications related to information security and most likely a new item on their to-do list for when then get back to the office. 4:55pm 5:35pm SESSION 10 Third Party Risk Management How are you Managing the Vulnerabilities of your Third Parties The use of 3rd Party Service Providers is continuing to grow within your organizations and will remain an upward trend for the future as cost savings compel the business to outsource their operations and streamline their processes for maximum efficiency. The presentation will provide insight on common risks related to engaging 3rd party vendors, the process of risk assessing a vendor s services and controls, guidance on how to partner with Legal, Procurement, and Finance to ensure a vendors security services and possible risks are properly reviewed and communicated. Throughout the presentation we will discuss in detail how Security needs to enable the business to succeed and therefore must inject themselves into the many processes it takes to onboard a vendor. These include but are not limited to: Security Language in the RFP to potential vendors making sure their services meets the minimal security requirements of your organization. Contract Reviews with Legal to ensure that security terms and conditions are integrated into contracts for vendors who store, process, or transmit customer, employee, or sensitive company information. Additionally that security has the right and the authority to review and make changes to contracts as they see fit. Key takeaways: - How to partner with critical departments within our organization to ensure security is part of the vendor selection
6 - Process of Integrating Security Language into 3rd Party contracts and having a seat at the table with Legal Counsel for contract reviews and sign-off - Art of performing a detailed security risk assessment of the vendor (going beyond the checkbox methodology) - Key to performing Onsite Visits and Audits of Datacenters, SOC s, and Sensitive Information Processing Areas, verifying appropriate controls are in place - Clearly reporting risk about 3rd party vendors that make sense to the business and driving closure of risks in a timely manner. 6:45pm 7:30pm COCKTAILS AND NETWORKING 7:30pm 10pm DINNER 7:00am 8:00am: BREAKFAST 8:10am 8:50am SESSION 11 Security Risks for Operational Technologies May 13th DAY 3 Recent events including the Stuxnet attack and various government sponsored research projects have shown that operational technologies critical to the electrical power-grid, manufacturing systems and health care infrastructure are vulnerable to external cyber attacks and intrusions. What has complicated this challenge is that although modern infrastructure and operational technologies have been developed to take advantage of the communication capabilities of the internet, the cyber security counter measures vary significantly and appear in some cases to be inadequate in mitigating the risks introduced by the use of the internet. Furthermore, if the cyber security gap is not adequately addressed, a major incident could limit the ability to fully develop new technologies that depend on internet based operation and communication. Additionally, the US government has recently issued various directives and is now considering legislation relating to security requirements particularly in high risk areas such as medical devices. This workshop will review the current state, evaluate existing and proposed legislation and offer practical use cases on how to identify and mitigate the cyber risks associated with operational technologies. 8:55am 9:35am Session 12 Balancing Security and Opportunity in the Mobile Era Mobile technology is enabling new ways businesses can engage with their employees and customers. With the proliferation of mobile devices and apps in the workplace, the concern for security has significantly heightened. In this session we ll discuss best practices you can use to implement a layered approach to protecting corporate data and employee privacy, while elevating productivity in this new model. 9:40am 10:25 am Roundtable Sessions: Track 1: GRC and the Business Value of Security Track 2: The Changing Threat Landscape Track 3: Best Practices in Security Controls 10:30am 11:10am SESSION 13 Do the Top N Security Controls Really Make Sense?
7 The Australian Defense Signals Directorate has its DSD Top 4 the SANS Institute has its First Five Quick Wins, as part of 20 Critical Security Controls the key question for this workshop is: Do these initiatives provide a welcome way to cut through the complexity of potential security controls that has been referred to as the fog of more, Or do they represent an impossible one size fits all approach to the balance of risk, cost, compliance and usability that every organization has to decide for itself? This workshop will: Present a simple framework to map security controls in two primary dimensions: physical, administrative, or technical ; and deter / prevent, or detect / respond / restore Show a heat map of how currently deployed security controls fit in this simple framework, based on a number of benchmark studies Describe the DSD Top 4 and the SANS CSC 20 in this simple framework Discuss the key question: are the Top N controls a welcome simplification, or an impossible one-size fits all approach 11:15am 11:55am SESSION 14 Meetings & Networking 12:00pm 1:00pm LUNCH AND NETWORKING 1:05pm 1:45pm SESSION 15 TBD 1:50pm 2:30pm SESSION 16 TBD 3:20pm 3:50pm ROUNDTABLE FEEDBACK AND WRAP-UP
December 8 th 10 th 2014, Barton Creek Resort Austin, TX AGENDA Understanding and Managing the Information Risks in an Agile Connected Business
December 8 th 10 th 2014, Barton Creek Resort Austin, TX AGENDA Understanding and Managing the Information Risks in an Agile Connected Business 4:30pm 6:00pm Roundtable Sessions Track 1: GRC and the Business
More informationAddressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave
More informationAddressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model
White Paper Addressing the Full Attack Continuum: Before, During, and After an Attack It s Time for a New Security Model Today s threat landscape is nothing like that of just 10 years ago. Simple attacks
More informationContent Security: Protect Your Network with Five Must-Haves
White Paper Content Security: Protect Your Network with Five Must-Haves What You Will Learn The continually evolving threat landscape is what makes the discovery of threats more relevant than defense as
More informationMalware isn t The only Threat on Your Endpoints
Malware isn t The only Threat on Your Endpoints Key Themes The cyber-threat landscape has Overview Cybersecurity has gained a much higher profile over the changed, and so have the past few years, thanks
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationSeven Things To Consider When Evaluating Privileged Account Security Solutions
Seven Things To Consider When Evaluating Privileged Account Security Solutions Contents Introduction 1 Seven questions to ask every privileged account security provider 4 1. Is the solution really secure?
More informationCritical Security Controls
Critical Security Controls Session 2: The Critical Controls v1.0 Chris Beal Chief Security Architect MCNC chris.beal@mcnc.org @mcncsecurity on Twitter The Critical Security Controls The Critical Security
More informationThe Hillstone and Trend Micro Joint Solution
The Hillstone and Trend Micro Joint Solution Advanced Threat Defense Platform Overview Hillstone and Trend Micro offer a joint solution the Advanced Threat Defense Platform by integrating the industry
More informationCybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015
Cybersecurity Kill Chain William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015 Who Am I? Over 20 years experience with 17 years in the financial industry
More informationUtilizing Security Ratings for Enterprise IT Risk Mitigation Date: June 2014 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Utilizing Security Ratings for Enterprise IT Risk Mitigation Date: June 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: What do large enterprises need in order to address increasingly
More informationRethinking Information Security for Advanced Threats. CEB Information Risk Leadership Council
Rethinking Information Security for Advanced Threats CEB Information Risk Leadership Council Advanced threats differ from conventional security threats along many dimensions, making them much more difficult
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationwww.pwc.co.uk Cyber security Building confidence in your digital future
www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in
More informationSecurity for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape
White Paper Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape Financial services organizations have a unique relationship with technology: electronic data and transactions
More informationHow To Handle A Threat From A Corporate Computer System
Politics of Security Webcast Summary Cyber Threat News and APT Defenses Introduction Stories about cyber espionage and Advanced Persistent Threats (APTs) are part of the mainstream news cycle. Concerns
More informationDefending Against Cyber Attacks with SessionLevel Network Security
Defending Against Cyber Attacks with SessionLevel Network Security May 2010 PAGE 1 PAGE 1 Executive Summary Threat actors are determinedly focused on the theft / exfiltration of protected or sensitive
More informationI D C A N A L Y S T C O N N E C T I O N
I D C A N A L Y S T C O N N E C T I O N Robert Westervelt Research Manager, Security Products T h e R o l e a nd Value of Continuous Security M o nitoring August 2015 Continuous security monitoring (CSM)
More informationProtecting against cyber threats and security breaches
Protecting against cyber threats and security breaches IBM APT Survival Kit Alberto Benavente Martínez abenaventem@es.ibm.com IBM Security Services Jun 11, 2015 (Madrid, Spain) 12015 IBM Corporation So
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationStop advanced targeted attacks, identify high risk users and control Insider Threats
TRITON AP-EMAIL Stop advanced targeted attacks, identify high risk users and control Insider Threats From socially engineered lures to targeted phishing, most large cyberattacks begin with email. As these
More informationWAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales
WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion
More informationCyber security in healthcare
Cyber security in healthcare Julian Meyrick, Vice President IBM Security Services Europe julian_meyrick@uk.ibm.com Healthcare is one of the top 5 industries that continue to offer attackers the most significant
More informationInto the cybersecurity breach
Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing
More informationAhead of the threat with Security Intelligence
Ahead of the threat with Security Intelligence PITB Information Security Conference 2013 Zoaib Nafar Brand Technical Sales Lead 2012 IBM Corporation 1 The world is becoming more digitized and interconnected,
More informationPersistence Mechanisms as Indicators of Compromise
Persistence Persistence Mechanisms as Indicators of Compromise An automated technology for identifying cyber attacks designed to survive indefinitely the reboot process on PCs White Paper Date: October
More informationASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES
ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming
More informationData- centric Security: A New Information Security Perimeter Date: March 2015 Author: Jon Oltsik, Senior Principal Analyst
ESG Solution Showcase Data- centric Security: A New Information Security Perimeter Date: March 2015 Author: Jon Oltsik, Senior Principal Analyst Abstract: Information security practices are in the midst
More informationMicrosoft s cybersecurity commitment
Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade
More informationExecutive Summary 3. Snowden and Retail Breaches Influencing Security Strategies 3. Attackers are on the Inside Protect Your Privileges 3
GLOBAL ADVANCED THREAT LANDSCAPE SURVEY 2014 TABLE OF CONTENTS Executive Summary 3 Snowden and Retail Breaches Influencing Security Strategies 3 Attackers are on the Inside Protect Your Privileges 3 Third-Party
More informationAddress C-level Cybersecurity issues to enable and secure Digital transformation
Home Overview Challenges Global Resource Growth Impacting Industries Address C-level Cybersecurity issues to enable and secure Digital transformation We support cybersecurity transformations with assessments,
More informationCYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES
POINT OF VIEW CYBERSECURITY IN FINANCIAL SERVICES Financial services institutions are globally challenged to keep pace with changing and covert cybersecurity threats while relying on traditional response
More informationObtaining Enterprise Cybersituational
SESSION ID: SPO-R06A Obtaining Enterprise Cybersituational Awareness Eric J. Eifert Sr. Vice President Managed Security Services DarkMatter Agenda My Background Key components of the Cyber Situational
More informationCybersecurity Enhancement Account. FY 2017 President s Budget
Cybersecurity Enhancement Account FY 2017 President s Budget February 9, 2016 Table of Contents Section 1 Purpose... 3 1A Mission Statement... 3 1.1 Appropriations Detail Table... 3 1B Vision, Priorities
More informationA BUSINESS CASE FOR BEHAVIORAL ANALYTICS. White Paper
A BUSINESS CASE FOR BEHAVIORAL ANALYTICS White Paper Introduction What is Behavioral 1 In a world in which web applications and websites are becoming ever more diverse and complicated, running them effectively
More informationPreparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS
Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS CONTENTS PAGE RECONNAISSANCE STAGE 4 INCURSION STAGE 5 DISCOVERY STAGE 6 CAPTURE STAGE 7 EXFILTRATION STAGE
More information4 Steps to Effective Mobile Application Security
Mobile Application Security Whitepaper 4 Steps to Effective Mobile Application Security Table of Contents Executive Summary 3 Mobile Security Risks in Enterprise Environments 4 The Shortcomings of Traditional
More informationAppendix. Key Areas of Concern. i. Inadequate coverage of cybersecurity risk assessment exercises
Appendix Key Areas of Concern i. Inadequate coverage of cybersecurity risk assessment exercises The scope coverage of cybersecurity risk assessment exercises, such as cybersecurity control gap analysis
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationUnified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice
Unified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice Introduction There are numerous statistics published by security vendors, Government
More informationREVOLUTIONIZING ADVANCED THREAT PROTECTION
REVOLUTIONIZING ADVANCED THREAT PROTECTION A NEW, MODERN APPROACH Blue Coat Advanced Threat Protection Group GRANT ASPLUND Senior Technology Evangelist 1 WHY DO I STAND ON MY DESK? "...I stand upon my
More informationDeveloping Secure Software in the Age of Advanced Persistent Threats
Developing Secure Software in the Age of Advanced Persistent Threats ERIC BAIZE EMC Corporation DAVE MARTIN EMC Corporation Session ID: ASEC-201 Session Classification: Intermediate Our Job: Keep our Employer
More informationSession 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness
Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness Wayne A. Wheeler The Aerospace Corporation GSAW 2015, Los Angeles, CA, March 2015 Agenda Emerging cyber
More informationCyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen. 14th Annual Risk Management Convention
Cyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen 14th Annual Risk Management Convention New York, New York March 13, 2013 Today s Presentation 1)
More informationAddressing Cyber Risk Building robust cyber governance
Addressing Cyber Risk Building robust cyber governance Mike Maddison Partner Head of Cyber Risk Services The future of security The business environment is changing The IT environment is changing The cyber
More informationRETHINKING CYBER SECURITY
RETHINKING CYBER SECURITY Introduction Advanced Persistent Threats (APTs) and advanced malware have been plaguing IT professionals for over a decade. During that time, the traditional cyber security vendor
More informationFighting Advanced Threats
Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.
More informationRETHINKING CYBER SECURITY
RETHINKING CYBER SECURITY CHANGING THE BUSINESS CONVERSATION INTRODUCTION Advanced Persistent Threats (APTs) and advanced malware have been plaguing IT professionals for over a decade. During that time,
More informationWelcome Back Roberto Casetta, Snr. Vice President International. The Story Behind The Crystal Pete Daw, Cities Urban Developer Siemens Plc
Agenda Overview 9:00am General Session Auditorium 13:30pm General Session Auditorium 16:30pm General Session Auditorium 09:00 Welcome am Roberto Casetta, Snr. Vice President International 9:15am HEAT Software
More informationAdvanced Cyber Threats in State and Local Government
RESEARCH SURVEY Advanced Cyber Threats in State and Local Government January 2014 SHUTTERSTOCK UNDERWRITTEN BY: Section 1: Executive Overview In the past, scattershot, broad-based attacks were often more
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationCisco Advanced Malware Protection
Solution Overview Cisco Advanced Malware Protection Breach Prevention, Detection, Response, and Remediation for the Real World BENEFITS Gain unmatched global threat intelligence to strengthen front-line
More informationInformation Security in Business: Issues and Solutions
Covenant University Town & Gown Seminar 2015 Information Security in Business: Issues and Solutions A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information
More information2012 North American Managed Security Service Providers Growth Leadership Award
2011 South African Data Centre Green Excellence Award in Technology Innovation Cybernest 2012 2012 North American Managed Security Service Providers Growth Leadership Award 2011 Frost & Sullivan 1 We Accelerate
More informationRising to the Challenge
CYBERSECURITY: Rising to the Challenge Dialogues with Subject Matter Experts Advanced persistent threats. Zero-day attacks. Insider threats. Cybersecurity experts say that if IT leaders are not concerned
More informationFive keys to a more secure data environment
Five keys to a more secure data environment A holistic approach to data infrastructure security Compliance professionals know better than anyone how compromised data can lead to financial and reputational
More informationEnabling and Protecting the Open Enterprise
Enabling and Protecting the Open Enterprise The Changing Role of Security A decade or so ago, security wasn t nearly as challenging as it is today. Users, data and applications were all centralized in
More informationThe Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief The Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: ESG data indicates that many enterprise organizations
More informationEnterprise Cybersecurity: Building an Effective Defense
Enterprise Cybersecurity: Building an Effective Defense Chris Williams Oct 29, 2015 14 Leidos 0224 1135 About the Presenter Chris Williams is an Enterprise Cybersecurity Architect at Leidos, Inc. He has
More informationCybersecurity and internal audit. August 15, 2014
Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices
More informationRequirements When Considering a Next- Generation Firewall
White Paper Requirements When Considering a Next- Generation Firewall What You Will Learn The checklist provided in this document details six must-have capabilities to look for when evaluating a nextgeneration
More informationStay ahead of insiderthreats with predictive,intelligent security
Stay ahead of insiderthreats with predictive,intelligent security Sarah Cucuz sarah.cucuz@spyders.ca IBM Security White Paper Executive Summary Stay ahead of insider threats with predictive, intelligent
More informationdefending against advanced persistent threats: strategies for a new era of attacks agility made possible
defending against advanced persistent threats: strategies for a new era of attacks agility made possible security threats as we know them are changing The traditional dangers IT security teams have been
More informationBig Data Analytics in Network Security: Computational Automation of Security Professionals
February 13, 2015 Big Data Analytics in Network Security: Computational Automation of Security Professionals Stratecast Analysis by Frank Dickson Stratecast Perspectives & Insight for Executives (SPIE)
More informationThe Benefits of an Integrated Approach to Security in the Cloud
The Benefits of an Integrated Approach to Security in the Cloud Judith Hurwitz President and CEO Marcia Kaufman COO and Principal Analyst Daniel Kirsch Senior Analyst Sponsored by IBM Introduction The
More informationCybersecurity The role of Internal Audit
Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government
More informationAgenda. 3 2012, Palo Alto Networks. Confidential and Proprietary.
Agenda Evolution of the cyber threat How the cyber threat develops Why traditional systems are failing Need move to application controls Need for automation 3 2012, Palo Alto Networks. Confidential and
More informationCHAPTER 3 : INCIDENT RESPONSE THREAT INTELLIGENCE GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC
: INCIDENT RESPONSE THREAT INTELLIGENCE 1 THREAT INTELLIGENCE How it applies to our clients, and discuss some of the key components and benefits of a comprehensive threat intelligence strategy. Threat
More informationAnalyzing Security for Retailers An analysis of what retailers can do to improve their network security
Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary
More informationCyber Threat Intelligence Move to an intelligencedriven cybersecurity model
Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance
More informationSolutions Brochure. Security that. Security Connected for Financial Services
Solutions Brochure Security that Builds Equity Security Connected for Financial Services Safeguard Your Assets Security should provide leverage for your business, fending off attacks while reducing risk
More informationThe Protection Mission a constant endeavor
a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring
More informationThreat Intelligence. Benefits for the enterprise
Benefits for the enterprise Contents Introduction Threat intelligence: a maturing defence differentiator Understanding the types of threat intelligence: from the generic to the specific Deriving value
More informationRetail Security: Enabling Retail Business Innovation with Threat-Centric Security.
Retail Security: Enabling Retail Business Innovation with Threat-Centric Security. 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco public information. (1110R) 1 In the past
More informationAppGuard. Defeats Malware
AppGuard Defeats Malware and phishing attacks, drive-by-downloads, zero-day attacks, watering hole attacks, weaponized documents, ransomware, and other undetectable advanced threats by preventing exploits
More informationWHITE PAPER Mapping Organizational Roles & Responsibilities for Social Media Risk. A Hootsuite & Nexgate White Paper
WHITE PAPER Mapping Organizational Roles & Responsibilities for Social Media Risk A Hootsuite & Nexgate White Paper Mapping Organizational Roles & Responsibilities for Social Media Risk Executive Summary
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More information24/7 Visibility into Advanced Malware on Networks and Endpoints
WHITEPAPER DATA SHEET 24/7 Visibility into Advanced Malware on Networks and Endpoints Leveraging threat intelligence to detect malware and exploitable vulnerabilities Oct. 24, 2014 Table of Contents Introduction
More informationInternal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015
Internal audit of cybersecurity Presentation to the Atlanta IIA Chapter January 2015 Agenda Executive summary Why is this topic important? Cyber attacks: increasing complexity arket insights: What are
More information2015 GLOBAL THREAT INTELLIGENCE REPORT EXECUTIVE SUMMARY
2015 GLOBAL THREAT INTELLIGENCE REPORT EXECUTIVE SUMMARY 1 EXECUTIVE SUMMARY INTRODUCING THE 2015 GLOBAL THREAT INTELLIGENCE REPORT Over the last several years, there has been significant security industry
More informationSecurity Risk Management Strategy in a Mobile and Consumerised World
Security Risk Management Strategy in a Mobile and Consumerised World RYAN RUBIN (Msc, CISSP, CISM, QSA, CHFI) PROTIVITI Session ID: GRC-308 Session Classification: Intermediate AGENDA Current State Key
More informationServices. Cybersecurity. Capgemini & Sogeti. Guiding enterprises and government through digital transformation while keeping them secure
Home Secure digital transformation SMACT Advise, Protect & Monitor Why Capgemini & Sogeti? In safe hands Capgemini & Sogeti Cybersecurity Services Guiding enterprises and government through digital transformation
More informationCONNECTING ACCESS GOVERNANCE AND PRIVILEGED ACCESS MANAGEMENT
CONNECTING ACCESS GOVERNANCE AND PRIVILEGED ACCESS MANAGEMENT ABSTRACT Identity and access governance should be deployed across all types of users associated with an organization -- not just regular users
More information應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊
應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊 HP Enterprise Security 林 傳 凱 (C. K. Lin) Senior Channel PreSales, North Asia HP ArcSight, Enterprise Security 1 Rise Of The Cyber Threat Enterprises and Governments are experiencing
More informationA New Approach to Assessing Advanced Threat Solutions
A New Approach to Assessing Advanced Threat Solutions December 4, 2014 A New Approach to Assessing Advanced Threat Solutions How Well Does Your Advanced Threat Solution Work? The cyber threats facing enterprises
More information2015 Global Megatrends in Cybersecurity
2015 Global Megatrends in Cybersecurity Sponsored by Raytheon Independently conducted by Ponemon Institute LLC Publication Date: February 2015 Ponemon Institute Research Report 2015 Global Megatrends in
More informationIBM Smarter Cities Cybersecurity Update
IBM Smarter Cities Cybersecurity Update October 2012 Kent Blossom, Vice President, IBM Security Solutions kblossom@us.ibm.com 1 Discussion Topics IBM Security Systems Evolving Client Priorities & Approaches
More informationBy John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION
THE NEXT (FRONT) TIER IN SECURITY When conventional security falls short, breach detection systems and other tier 2 technologies can bolster your network s defenses. By John Pirc THREAT HAS moved beyond
More informationWhite Paper. Why Next-Generation Firewalls Don t Stop Advanced Malware and Targeted APT Attacks
White Paper Why Next-Generation Firewalls Don t Stop Advanced Malware and Targeted APT Attacks White Paper Executive Summary Around the world, organizations are investing massive amounts of their budgets
More informationA MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS
A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS CYBER ATTACKS INFILTRATE CRITICAL INFRASTRUCTURE SECTORS Government and enterprise critical infrastructure sectors such as energy, communications
More informationCyberArk Privileged Threat Analytics. Solution Brief
CyberArk Privileged Threat Analytics Solution Brief Table of Contents The New Security Battleground: Inside Your Network...3 Privileged Account Security...3 CyberArk Privileged Threat Analytics : Detect
More informationHow To Create An Insight Analysis For Cyber Security
IBM i2 Enterprise Insight Analysis for Cyber Analysis Protect your organization with cyber intelligence Highlights Quickly identify threats, threat actors and hidden connections with multidimensional analytics
More informationAdvice from the Trenches: Preparing for the Challenges and Pressures of a Security Incident Investigation
Advice from the Trenches: Preparing for the Challenges and Pressures of a Security Incident Investigation Marshall Heilman Managing Director Craig A. Hoffman Partner Who we are Marshall Heilman Craig Hoffman
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationBreaking the Cyber Attack Lifecycle
Breaking the Cyber Attack Lifecycle Palo Alto Networks: Reinventing Enterprise Operations and Defense March 2015 Palo Alto Networks 4301 Great America Parkway Santa Clara, CA 95054 www.paloaltonetworks.com
More informationAdvanced Threat Protection with Dell SecureWorks Security Services
Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5
More informationUnified Security, ATP and more
SYMANTEC Unified Security, ATP and more TAKE THE NEXT STEP Martin Werner PreSales Consultant, Symantec Switzerland AG MEET SWISS INFOSEC! 27.01.2016 Unified Security 2 Symantec Enterprise Security Users
More informationInternet threats: steps to security for your small business
Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential
More informationDETECTING THE ENEMY INSIDE THE NETWORK. How Tough Is It to Deal with APTs?
A Special Primer on APTs DETECTING THE ENEMY INSIDE THE NETWORK How Tough Is It to Deal with APTs? What are APTs or targeted attacks? Human weaknesses include the susceptibility of employees to social
More information