DARKReading: Monitoring and Securing Remote and Work-From-Home Environments (Feb. 2nd) DARKReading: Monitoring and Securing Remote and Work-From-Home Environments (Feb. 2nd)
IT - CxO Security Events

SECNAP: What is a Security Assessment and Why is it Important
Monday, January 10th, 2022: 11:00 AM to 12:00 PM
With cybersecurity threats on the rise, it's important to know that your information and overall infrastructure are secure. But how do you really know if your data is safe?

"After all, new zero-day exploits and vulnerabilities are being discovered every day - a reality - that makes safeguarding your architecture and systems all the more challenging. In this climate, investing in vulnerability management has never been more crucial. A well-executed vulnerability management process is key to keeping your systems secure and compliant. And it starts by performing a security assessment. In this article, we'll detail the different factors of security assessment, what you should be looking for, and how it can help bring your security and compliance needs in alignment with your IT spend..."

What is customer identity and access management (CIAM) and when should you build vs buy?

Okta, the leading provider of identity, is hosting a private wine speaker series focused on Customer Identity and Access Management. In this three part series, attendees will hear from subject matter experts on:

An overview of customer identity and access management and when should you build vs buy How to create secure, frictionless customer experiences to drive digital growth Unlocking long term business growth with customer identity and access management

Hosted by TechTalk Summits and Okta


FutureCon: Virtual Central Conference (Jan. 13th)
Thursday, January 13th, 2022: 9:00 AM to 4:00 PM EST
FutureCon Events brings high-level Cyber Security Training discovering cutting-edge security approaches, managing risk in the ever-changing threat of the cybersecurity workforce.

Join us as we talk with a panel of C-level executives who have effectively mitigated the risk of Cyber Attacks.

Educating C-suite executives and CISOs (chief information security officers) on the global cybercrime epidemic, and how to build Cyber Resilient organizations.

Agenda

  • Infrastructure as Code Security
  • Segment in minutes on your path to zero trust
  • One Identity helps organizations establish an identity-centric security strategy.
  • Enterprise-Grade Identity at Internet Scale
  • Cybersecurity Leaders and Experts on Current Cyberthreats and Practices
  • Security Optimization Platform. Better Insights, Better Decisions, Real Security Outcomes.
  • Resolution Intelligence for smarter digital ops.
  • Manage InfoSec Risk and Compliance with ZenGRC
  • Passwordless identities for workforces, customers, and developers

Hosted by FutureCon


How do you go about properly protecting your Microsoft 365 suite, knowing that Microsoft is responsible for security of the cloud, but you as the customer are always responsible for security in the cloud?

Microsoft 365 services leverage the agility of the cloud, reduce operational costs, and enable employee productivity from any location.

They also house critical data, making it no wonder that Microsoft 365 has been referred to as the 'holy grail' for hackers.

How do you go about properly protecting your Microsoft 365 suite, knowing that Microsoft is responsible for security of the cloud, but you as the customer are always responsible for security in the cloud? Microsoft provides a number of compliance and eDiscovery tools to manage application data, yet a complementary, third party solution for native backup and recovery is a must.

In this masterclass, Technical Product Manager Drew Russell will show you how Rubrik ensures your critical Microsoft 365 data is secure, easily discoverable, and always accessible when you need it.


Learn about the latest tactics and techniques threat actors are using to target enterprise email systems - Gain insight into how your users could be duped in social engineering attacks

Even as enterprises adopt real-time messaging tools and platforms, email remains the hub of enterprise communications. Adversaries are increasingly targeting the enterprise email inbox, and security teams need to look further than just spam and phishing attacks. In this webinar, you'll learn about different tactics adversaries employ to steal from enterprises, including business email compromise (BEC) and stealing customer information. You will gain insights into how to recognize and defend against complex social engineering techniques designed to break into email.

Attend this webinar and you'll:

  • Learn about the latest tactics and techniques threat actors are using to target enterprise email systems
  • Gain insight into how your users could be duped in social engineering attacks
  • Learn about how business email compromise (BEC) attacks are executed
  • Get intel on how attackers use email-borne attacks to steal information or escalate an attack for monetary gain
  • Walk way with a strategy for protecting your organization from email-based threats

Hosted by DARKReading and Abnormal


Shifting left - embedding security processes and output into the development pipeline - has been the focus for integrating security into DevOps for some time.

ow that enterprises are approaching critical mass in moving their cloud-native applications to production, runtime protection is attracting more attention - especially from attackers. Even as DevOps teams progress in managing risk for their artifact pipelines, DevSecOps teams are now contending with new threats like supply chain attacks, sophisticated malware and cryptocurrency mining exploits.

Hosted by DevOps.com


Credential harvesting and gaining initial access are two important pieces in the initial phases of the cyber attack lifecycle; attackers can't have one without the other and utilize various tactics and techniques when starting an attack.

Wednesday, January 19 at 11:00 AM ET

To see this for yourself, join part one of our webinar series on Wednesday, January 19 at 11:00 AM ET with threat intelligence analysts from Recorded Future's research arm - the Insikt Group - who will expose the phases of the cyber attack lifecycle through the eyes of the attacker.

You will leave this webinar with:

  • An understanding of the cyber attack lifecycle
  • Real-world examples of how attackers get credentials and gain initial access
  • A detailed look into Insikt Group exclusive research and reports on credential harvesting and detections for attacker's favorite web shell

Feature Speakers Include Lindsay Kaye, John Terbush, Justin Grosfelt, And Jake Munroe


We invite you to join CSO contributing editor Charles Pelton and observability subject-matter expert AJ Pahl from our sponsor, Elasticsearch, for a one-hour, private, virtual roundtable that explores: CISO Priorities for 2022: Supporting and Securing Hybrid Workforces.

After two tumultuous years, most organizations now are preparing to support -- and secure -- employees who may be working on location, on the road and at home. The question becomes: what are the right technology and security management tools to support the new hybrid workforce?

The key is to define and implement the right policies and guardrails that identify, enable, and secure people, hardware, identities, and functions. Analytics and performance management are important; so is defining and maintaining the right culture.

Hosted by CSO and Elasticsearch


Sooner or later, your business is likely to be hit with a ransomware attack. Perhaps you've planned for it, but are you truly prepared?

When the time comes, however, the careful planning may not be tailored to a specific incident. In that case, you have to be able to react and adjust in real time. Beyond just knowing whether or not to pay a ransom, you have to be sure your tools, processes, and procedures are adaptable so that during a stressful moment, you're making the right decisions to save your company's business. Our experts will outline a trusted guide ensuring you have the right incident response, develop ironclad backups, and follow a business continuity plan.

Hosted by InformationWeek and Palo Alto Networks - Unit 42


In this webinar, learn: How community-driven threat intelligence provides critical event information; What the community-driven threat intelligence adds to SIEM effectiveness

Virtual

Managing security alerts is a challenge for IT security teams. Security Information and Event Management (SIEM) are often leveraged to consolidate data and provide a single dashboard, but they are only as good as the data that they receive. Community-driven threat intelligence solutions can provide some of the most robust, accurate, and timely data concerning the threat activity in a network. Integrating these solutions into the SIEM is key to delivering relevant information without overwhelming the security operations team.

Hosted by ITProToday


Protecting core applications and sensitive data in a private cloud requires the agility of cloud-centric, cloud-delivered security to converge with Zero Trust Enterprise Architecture principles.

The time to secure your applications, users, and devices is now.

Join this webinar where we will share pragmatic approaches to implementing Zero Trust architecture for enterprise private cloud.

In this session, we'll explore how to align next-generation virtual firewalls with Zero Trust identity of users, applications, and devices, while securing transaction flows that make up the critical life-blood in your Private Cloud or Virtual Data Centers.

Hosted by NetworkComputing, Palo Alto Networks, US Signal


Learn about the available options for moving away from passwords to more secure and modern authentication technology. Gain an understanding of what multifactor authentication can do, and where it could fall short

The debate about the usefulness of passwords rages on. But most security experts agree that data protection is not adequate with simple password protection. Which tools and strategies for authentication should you consider today to up-level your authentication strategy? How can you move beyond the password and implement next generation authentication technology?

In this webinar, experts offer a broad look at your options for multifactor authentication, the challenges and pitfalls of these options, and how to develop an authentication strategy that works best for your enterprise.

Hosted by DARKReading and yubico


Secure Software Summit: Exploring Secure Coding Best Practices (Jan 27th)
Thursday, January 27th, 2022: 12:00 PM to 6:00 PM EST
Secure Software Summit brings together the world's leading innovators, practitioners and academics of secure software development to share and teach the latest methods and breakthroughs on secure coding and deployment practices in an interactive format designed to entertain, teach and enlighten.

In an era where software is dominating the world, the security and quality of code must remain a high priority. Delivering secure and reliable software at a rapid pace is crucial for most organizations today, but it's not an easy task.

If you are about developing, releasing and securing software, delivering new features fast and building things right from the start this summit is for you.

Hosted by Techstrong Group, Inc. & ShiftLeft, Inc.

See all Archived IT - CxO Security Events articles See all articles from this issue