Blog
2019's Top 10 Webcasts
Continuing education allows cybersecurity professionals to stay in tune to the constant changes in the industry. (ISC)² provides webcasts throughout the year on various security-related topics to help keep you informed, as well as provide opportunities to earn CPEs.
Based on ratings by cybersecurity professionals, here are our top 10 webcasts from 2019:
Ran somware Tools Continue to Increase
Ransomware continues to be a widespread problem for organizations. Defending against such attacks are paramount for security teams at businesses small and large. Hear about the latest information concerning many of the leading ransomware threats, as well as updates on the state of the global ransomware assault and overall trends in developing and designing ransomware malware tools. Additionally, there are details of original research on malware variants including Shade, Sodinokibi, Megacortex, Cryptomix, Ryuk, Keypass, Hermes and Grandcrab. Sponsored by Infoblox.
Stop Attacks Faster – Using the MITRE ATT&CK Framework
The MITRE ATT&CK Framework is a comprehensive, up-to-date knowledge base of cyberattacker tactics and techniques gathered from actual observation of attacker behavior. The framework can help anticipate what an attacker will do and how to respond. Learn how the MITRE ATT&CK can help you make better, faster decisions about assessing risks, deploying new security controls and stopping attacks faster and more efficiently. Sponsored by Infoblox.
Get Encrypted! Examining Emerging DNS Privacy Standard
DNS has always seemed to have a “last mile” security issue. Communications from a local DNS served to a client are typically unencrypted and not secure, leaving this traffic vulnerable to spoofing, hijacking and more. But privacy standards and protocols are emerging which are helping to encrypt this traffic. The discussion includes the pros and cons of the two protocols, what option might make sense for your security & risk requirements and simple ways to secure your network and DNS. Sponsored by Infoblox.
Network Data Capture for Incident Response
Information security and incident response teams are often hampered by an inability to see what is happening on the network. That lack of visibility mean they cannot confidently detect threats or respond quickly and effectively. A new approach that consolidates fundamental network detection and response capabilities using enriched metadata collected from sensors in physical, virtual and cloud environments is helping security teams minimize mean-time-to-detection and response. How can you achieve accelerated threat detection and response through broad situational awareness fueled by real-time access to historical metadata? We dive into metadata’s critical role in incident detection and response strategies and how to best use metadata to focus incident response efforts through data correlation and enrichment. Sponsored by Gigamon.
Security in the Cloud – CASBs for IaaS Security
Infrastructure as a service (IaaS) has quickly risen to prominence because of the way that it provides enhanced flexibility and scalability to organizations around the world. However, using IaaS platforms like AWS, Azure, or GCP does require that organizations take responsibility for an increased amount of security in the cloud. Fortunately, there are tools designed to help with doing this properly. Learn the various components of leading IaaS platform, what your organization is responsible for when it comes IaaS security and how Cloud Access Security Brokers (CASB) can help. Sponsored by Bitglass.
Best Practices to Grow Your Third-Party Risk Management Program
So you’ve established the foundation of your third-party risk management (TPRM) program…now what? For many organizations, growing their TPRM program to scale at the speed of their business can be extremely challenging. This challenge is exacerbated because, in many cases, third-party ecosystem growth occurs with little coordination or oversight. Furthermore, once they establish third-party relationships, companies may not implement centralized processes to continuously monitor and evaluate those relationships, including the cyber risks they may pose. In the second installment of this webinar series, we discuss tips on how to “go beyond” the foundation of third-party risk assessments and drill down further into your vendors’ security posture, best practices for TPRM process improvement, reporting, and dashboard use and how to leverage continuous monitoring to scale your TPRM program at the speed and growth of your business. Sponsored by BitSight.
Better Threat Hunting and Investigation with VirusTotal
Get a deeper look into malware campaigns using VirusTotal’s newest tools. Learn from the expert how to use the platform and how best to leverage the data available to you and your security team. By better understanding the breadth and depth of malicious campaigns, researchers can better investigate and mitigate impact. Recently introduced improved relational metadata as well as expanded retroactive and proactive hunting capabilities allow investigators to dive deep into malware within a global data source. Sponsored by Chronicle.
(ISC)²’s Digital Transformation Journey – Part 1
(ISC)² recently completed our multi-year Digital End-to-End Transformation (DETE) project, which positions us to deliver a more a seamless and user-friendly experience to all members. In addition to revamping our online presence, we launched a new Learning Management Systems where members can access all the courses developed by our Professional Development Institute. The road to DETE, however, took years of planning and execution as our team modernized our infrastructure and back-end systems, including migrating the majority of key systems to the cloud. In Part One of this series examining the journey the organization undertook, Bruce Beam, CIO, discusses the rationale behind the initiative and steps taken to gain approval from the board of directors.
Congress Preview Part 2 – Security Automation
Several speakers who presented in the Security Automation track on the Impact of Machine Learning on Cyber Security and Ethical Bias in AI-Based Security Systems previewed their sessions and discussed why security automation is a leading concern for cybersecurity practitioners to understand.
Security in the Cloud: CASB for SaaS Security
The rise of SaaS applications has forever changed the way that work is completed in the modern enterprise. These apps enable real-time collaboration, enhanced flexibility and efficiency, as well as decreased costs. Look at the significance of SaaS apps and how to prioritize their security, how to protect data within managed applications and detect and secure the use of unmanaged applications. Sponsored by Bitglass.