CISO Panel: Strategies and Tools to Remediate and Shut Down Advanced Attacks at the Endpoint
When: Wednesday, November 29
With an increased opportunity for financial gain, cyber criminals are now willing to invest significant time and resources into creating advanced attacks that target enterprises. At the same time, enterprises often face a shortage of skilled security professionals who are dedicated to responding to such attacks.
During an attack and subsequent response scenario, every second counts. The longer it takes to address an issue, the more risk the business faces.
Criminals target enterprise endpoints as their point of entry because the overall attack surface is so large and inviting. New strategies and more advanced tools are necessary to stop attacks in their tracks when possible and to expedite information gathering and analysis so that security teams have everything they need to respond quickly and remediate attacks in progress.
During this live panel, Bob Turner, Chief Information Security Officer at the University of Wisconsin-Madison and the lead writer of the Security Current report CISOs Investigate: Endpoint Security, will moderate a discussion on the strategies and toolsets that CISOs need today to ensure their security team stays ahead of cyber adversaries.
Also on the panel are Hussein Syed, Chief Information Security Officer at RJWBarnabas Health, and Rick McElroy, Chief Security Strategist at Carbon Black.
Join this insightful discussion to learn how you can empower your security team with the strategies and tools to stop attacks and conduct a fast and effective investigations to shut down attacks in progress.
How to Protect Data in the Cloud
Speaker: Brian Lozada, Zocdoc CISO
Driven by ease of deployment, cost effectiveness, and improved productivity among employees, many organizations have adopted cloud technology. Although there are significant benefits to cloud adoption, some organizations still face major challenges preventing their move to the cloud. From maintaining security and compliance to managing data on BYO devices, organizations have a unique set of data security requirements.
In this Bitglass-sponsored webinar, Brian Lozada, CISO of Zocdoc, and Karthik Venna, Product Manager at Bitglass, will discuss how to balance the benefits of moving to the cloud with implementing a security solution that protects data end-to-end.
- Find out the benefits of moving to cloud apps
- Understand how to maintain control of your data
- Learn how to use your partner ecosystem to keep your data secure
Unix/Linux Privilege Management: What a Financial Services CISO Cares About
Speaker: Nikolay Chernavsky, SVP & CISO Financial Services
Hardly a week goes by without a major cyber security event affecting millions of users – and the financial industry is particularly vulnerable. The 2017 Verizon Data Breach Investigations Report identified “Insider and Privilege Misuse” as a major incident pattern resulting in confirmed data breaches. According to Verizon, 62% of all breaches featured hacking, and of those, 81% leveraged stolen and/or weak passwords—giving the attacker the same privileges as a trusted insider.
At the heart of the problem lies a simple fact that many organizations fail to follow the basic information security principle of Least Privilege with trusted insiders having access to both highly sensitive and mission-critical information. As a result, accidental or deliberate misuse of a credential can lead to a breach. Companies in the financial industry are prime targets for such attacks because of the large potential payout of critical information.
While many tools have been developed to address Least Privilege issues on Windows-based systems, Linux/Unix systems were largely neglected. Unix/Linux systems are serving critical roles for many financial organizations, from storing highly sensitive information to processing millions of transactions between institutions. Being able to tightly control access to these systems is a critical security need.
This webinar will provide CISOs in financial services and other sectors:
- A CISO’s first-hand experiences regarding the challenges faced in securing access to critical Unix and Linux systems
- Real-world insights on how Unix and Linux Privileged Access Management (PAM) helps CISOs bolster security with granular access controls while also meeting compliance requirements
- Guidance on selecting technologies that enable CISOs to meet their business objectives while remaining nimble
- An executive view on where the market is headed in relation to PA
Investigating and Hunting for Anomalies
Matt Hollcraft, Maxim Integrated CISO
Ryan Kazanciyan, Tanium Chief Security Architect
The amount of time an attacker remains within your network directly affects the scope and cost of a breach. As you know, attackers are creative; once in your network, they can remain undetected for months, wreaking havoc along the way.
But investigating and hunting are easier said than done. Each day, security professionals are faced with a constant flood of alerts to filter through and prioritize. And, during an active investigation, it’s a struggle to understand the context of any anomalies without a clear picture of what’s happening across your network.
In this webinar, we’ll share real-world examples from the front lines of cyber-hunting, and discuss best practices on how to reduce the mean time to investigate.
Speaker:Joey Johnson, Premise Health CISO
Healthcare security requirements become even more complicated with the move to the cloud. Competing internal priorities, along with numerous cloud apps to control, increase strain on already under-resourced teams. Visibility and control over data can seem almost impossible when it is being stored in locations you do not own or manage.
In this Bitglass-sponsored webinar led by Premise Health CISO Joey Johnson you will learn about how to avoid console overload by consolidating controls with a cloud access security broker platform.
Key topics include:
- Overcoming security dashboard overload when trying to manage authentication, access controls, devices, threats, compliance, malware, DLP, etc
- Healthcare security options to control data in the cloud
- CASB platform and solution overview
Speaker: Michael D. Molinaro, Chief Information Security Officer & Vice President-Information Systems BioReference Laboratories Inc.
The pervasiveness of Linux systems in the enterprise today means that being able to identify root, specify access controls for Linux users and monitor privileged user activity is now a requirement. As environments become increasingly heterogeneous (Windows, Mac, Unix, Linux, cloud, on-prem., etc.) and complex, centralizing identity and access across the enterprise grows more problematic, while being more critical than ever.
Join Chief Information Security Officer at BioReference Laboratories, Mike Molinaro, who will provide attendees with an educational overview of his identity, access and provisioning business model. Learn from Mike as he walks you step-by-step on how to centralize identity and provision critical security controls on Linux systems. Donning his CISO hat, Mike will demonstrate how security professionals can approach project expectations across different users and management teams in order to dial in proper access controls for privileged users in Linux systems, while earning buy-in from end-users.
After attending this webinar you will also learn:
- What access logs are, and how to monitor users on Linux operating systems
- How and where Active Directory fits in and identifying where your root is
- What the entitlement review process looks like (necessary for Linux, Unix, Windows, Mac)
- Why provisioning is a must for any access needs
- What sudo management is exactly and how sudo works
Greg Schaffer, First Bank CISO
Ely Kahn, Sqrrl Co-founder and former Director of Cybersecurity at the White House
There's no question that security teams are taking an active role in detecting and isolating sophisticated attacks. But, with the flood of alerts and false positives compounded by the difficulty in recruiting qualified personnel, it becomes increasingly important to leverage technology to detect "real" advanced threats quickly so that analysts can be more effective.
This webcast will highlight the findings of CISOs Investigate: User Behavior Analytics — a peer written research report that looks at the benefits of user and entity behavior analytics. It also will incorporate complementary threat hunting technology that enables analysts to proactively detect advanced threats that may evade discovery by automated analytics and alerts.
Used together, UEBA and Hunting can form a closed-loop process fusing together both human-driven and analytics-driven threat detection to significantly improve security operations effectiveness and detect the most sophisticated cyber threats.
In this session, you’ll learn why and how:
- CISOs are using UEBA through real-world use cases
- Threat hunting and UEBA can help organizations improve their security
- Security analysts can use threat hunting and UEBA in conjunction to find advanced attacker behaviors
Bracing for the Next Big Attack? How to Build an Effective Incident Response Plan
Brian Lozada, Zocdoc CISO
Rick Caccia, Exabeam CMO
An incident response plan will either make or break your organization in 2017. History has shown that no organization is immune to cyber threats, increasing the need for effective response. Unfortunately, many IT professionals feel their organizations’ IR capabilities are ineffective.
How do you improve your IR plan?
In this webinar, Zocdoc CISO Brian Lozada, and Exabeam CMO Rick Caccia will discuss the challenges faced as well as provide strategies to help you:
- Automate your response procedures with incident workflows and playbooks
- Reduce response time and errors
- Increase productivity of all IR and SOC staff
- Connect and coordinate all of your security technologies with orchestration
Topic: Your 2017 Cloud Security Action Plan
Matt Hollcraft, Maxim Integrated, Chief Information Security Officer
Dave Ruedger, Maxim Integrated, Chief Security Architect
Rich Campagna, Bitglass, Vice President of Products
We are now three plus years into widespread adoption across industries of public SaaS apps like Office 365. Despite this momentum, security and compliance remain top challenges. This webinar, featuring Matt Hollcraft, CISO for Maxim Integrated, Dave Ruedger, Chief Security Architect for Maxim Integrated, and Rich Campagna, SVP of Products for Bitglass, will help you build a 2017 action plan to embrace public cloud without sacrificing security and compliance.
While offering practical, actionable advice for major apps like Office 365, Matt, Dave and Rich address your top concerns, such as unmanaged device access, external sharing, and mitigating controls. They also provide real world examples of how other organizations have securely navigated the public cloud.
Topic: Office 365 Security - A CISO and Cloud Access Security Broker Give Practical Advice on How to Safeguard Your Data
Greg Schaffer, FirstBank, CISO
Rich Campagna, Bitglass, Vice President of Products
Public cloud apps like Office 365 are being widely adopted in every major industry, with security & compliance at the top of the list of concerns.
In this sponsored Security Current webinar brought to you by Bitglass, Greg Schaffer, CISO at FirstBank, and Rich Campagna, VP of Products at Bitglass, will provide practical cloud security advice that you can apply immediately in your organization.
Topic: Firewall as a Service - Beyond the Next Generation Firewall
Ofir Agasi, Director of PM Cato Networks
Firewall as a Service, recently recognized by Gartner as a high impact emerging technology in Infrastructure Protection, presents a new opportunity to reduce cost, complexity and deliver better overall security for the business.
Join this sponsored webinar brought to you by Cato Networks to learn:
- The challenges IT networking, security and Ops teams face with distributed network security stack andDirect Internet Access
- How Firewall as a Service can address these challenges, and what are the required capabilities
- How Cato Networks protects enterprises in the cloud, simplify network security and eliminate appliance footprint in remote locations