With the board room increasingly being held accountable for data breaches, it's crucial that they know and understand the cyber risks facing their organization.Connect board room to server room
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...IBM Security
The fourth annual Ponemon report on The Cyber Resilient Organization in 2019, sponsored by IBM Security, focuses on the key trends that make an organization cyber resilient and how cyber resilience has changed since the first report launched in 2015.
Hosted by Larry Ponemon of the Ponemon Institute and Maria Battaglia, IBM Security, these two industry experts answer the questions, what has improved in the cyber security space over the past 4 years? What do organizations still struggle with? And which groups are improving and how?
This webinar will take you through the barriers of becoming cyber resilient and dive into report topics such as implementing automation, aligning privacy and cyber security, and what it takes to become a cyber resilient “High Performer” in 2019.
Listen to the on-demand webinar at: https://event.on24.com/wcc/r/1975828/97089502D02EFD9478B85676EB67266C?partnerref=FM1
Building Human Intelligence – Pun IntendedEnergySec
Presented by: Rohyt Belani, Phishme
Abstract: In the physical world, the human brain has evolved to avoid danger. The threat of physical pain triggers fear – and we have learned to avoid behavior that causes pain. In the electronic world of email, however, this concept doesn’t translate. Clicking on a malicious link or opening an attachment laced with malware doesn’t cause pain, and often a user won’t even notice anything is wrong after doing it. How then, can we teach fear perception in the electronic world? Is it even possible? In this presentation I’ll discuss how immersive training can key on psychological triggers to teach people to become skeptical email users who not only avoid undesired security behavior but can aid intrusion detection by reporting suspicious emails, helping to mitigate one of the most serious problems in security: slow incident detection times. According to reports from Mandiant and Verizon, average detection time for an incident is in the hundreds of days. A properly trained workforce is not only resilient to phishing attacks, but can improve detection times as well.
Security Program Guidance and Establishing a Culture of SecurityDoug Copley
Doug Copley and John Kelley present advice for new CISOs, applying a framework model for assessment and measurement, establishing executive support and establishing a culture of security.
As presented at this year's RSA Conference, a 2016 survey of critical infrastructure companies and officials demonstrates that this scenario could be reality. Jay and Julia will take you through the spine-chilling specifics of why the nation's critical infrastructure is at an ever increased risk of cyber attacks as hackers make them their prime target.
Presented by Patrick Miller, The Anfield Group and Jason Ile, Tripwire
Abstract: This presentation emphasis the importance of building an environment where compliance is a natural byproduct of effective security controls. The presenters discuss how to establish info security controls that reinforce a culture of controls, by being plugged into the daily operational processes of IT operations, software and service development, project management and Internal audit.
Additional, the presenters explore the various benefits of continuous monitoring and how to achieve it through a step-by-step practice.
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...Citrin Cooperman
Sign up for our weekly MasterSnacks courses here: https://www.citrincooperman.com/infocus/mastersnacks
MasterSnacks, our C-Suite Snacks spin-off, brings you a series of topic-specific courses, using our snack-sized sessions to go in depth on content important to you. Join MasterSnacks live every Wednesday at noon for live exclusive sessions.
In today's world, a cyber attack happens every 39 seconds on average. For every doom and gloom story we can tell, there are also instances where another organization’s proactive defense has helped to avoid a cyber attack.
During our final MasterSnacks: Cybersecurity session, we discussed strategies your company can implement to move your IT environment from reactive to proactive. We also shared examples of current clients whose proactive positions have had a real impact in thwarting hackers' attempts at infiltrating their organizations. We covered:
- Case studies on companies that have successfully staved off cyber attacks
- Proactive strategies for protecting your infrastructure
- Automated tools to facilitate more timely evaluation and monitoring
Bill Lisse - Communicating Security Across the C-Suitecentralohioissa
CISO's are increasingly being included in Board and Executive discussions. Skills for developing CISOs need to include soft skills, including the ability to communicate across the executive table. This presentation is about the sell versus the tell.
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...IBM Security
The fourth annual Ponemon report on The Cyber Resilient Organization in 2019, sponsored by IBM Security, focuses on the key trends that make an organization cyber resilient and how cyber resilience has changed since the first report launched in 2015.
Hosted by Larry Ponemon of the Ponemon Institute and Maria Battaglia, IBM Security, these two industry experts answer the questions, what has improved in the cyber security space over the past 4 years? What do organizations still struggle with? And which groups are improving and how?
This webinar will take you through the barriers of becoming cyber resilient and dive into report topics such as implementing automation, aligning privacy and cyber security, and what it takes to become a cyber resilient “High Performer” in 2019.
Listen to the on-demand webinar at: https://event.on24.com/wcc/r/1975828/97089502D02EFD9478B85676EB67266C?partnerref=FM1
Building Human Intelligence – Pun IntendedEnergySec
Presented by: Rohyt Belani, Phishme
Abstract: In the physical world, the human brain has evolved to avoid danger. The threat of physical pain triggers fear – and we have learned to avoid behavior that causes pain. In the electronic world of email, however, this concept doesn’t translate. Clicking on a malicious link or opening an attachment laced with malware doesn’t cause pain, and often a user won’t even notice anything is wrong after doing it. How then, can we teach fear perception in the electronic world? Is it even possible? In this presentation I’ll discuss how immersive training can key on psychological triggers to teach people to become skeptical email users who not only avoid undesired security behavior but can aid intrusion detection by reporting suspicious emails, helping to mitigate one of the most serious problems in security: slow incident detection times. According to reports from Mandiant and Verizon, average detection time for an incident is in the hundreds of days. A properly trained workforce is not only resilient to phishing attacks, but can improve detection times as well.
Security Program Guidance and Establishing a Culture of SecurityDoug Copley
Doug Copley and John Kelley present advice for new CISOs, applying a framework model for assessment and measurement, establishing executive support and establishing a culture of security.
As presented at this year's RSA Conference, a 2016 survey of critical infrastructure companies and officials demonstrates that this scenario could be reality. Jay and Julia will take you through the spine-chilling specifics of why the nation's critical infrastructure is at an ever increased risk of cyber attacks as hackers make them their prime target.
Presented by Patrick Miller, The Anfield Group and Jason Ile, Tripwire
Abstract: This presentation emphasis the importance of building an environment where compliance is a natural byproduct of effective security controls. The presenters discuss how to establish info security controls that reinforce a culture of controls, by being plugged into the daily operational processes of IT operations, software and service development, project management and Internal audit.
Additional, the presenters explore the various benefits of continuous monitoring and how to achieve it through a step-by-step practice.
MasterSnacks: Cybersecurity - Playing Offense: A Proactive Approach to Cybers...Citrin Cooperman
Sign up for our weekly MasterSnacks courses here: https://www.citrincooperman.com/infocus/mastersnacks
MasterSnacks, our C-Suite Snacks spin-off, brings you a series of topic-specific courses, using our snack-sized sessions to go in depth on content important to you. Join MasterSnacks live every Wednesday at noon for live exclusive sessions.
In today's world, a cyber attack happens every 39 seconds on average. For every doom and gloom story we can tell, there are also instances where another organization’s proactive defense has helped to avoid a cyber attack.
During our final MasterSnacks: Cybersecurity session, we discussed strategies your company can implement to move your IT environment from reactive to proactive. We also shared examples of current clients whose proactive positions have had a real impact in thwarting hackers' attempts at infiltrating their organizations. We covered:
- Case studies on companies that have successfully staved off cyber attacks
- Proactive strategies for protecting your infrastructure
- Automated tools to facilitate more timely evaluation and monitoring
Bill Lisse - Communicating Security Across the C-Suitecentralohioissa
CISO's are increasingly being included in Board and Executive discussions. Skills for developing CISOs need to include soft skills, including the ability to communicate across the executive table. This presentation is about the sell versus the tell.
Gary Sheehan - Winning a Battle Doesn't Mean We Are Winning the Warcentralohioissa
In the spirit of Continuous Improvement, we must ask ourselves - Are we doing the best job we can? In this presentation Gary will present some ideas and concepts that can be used to improve the security posture within your organization. These ideas and concepts are not your typical solutions, rather they will force you to make a fundamental change in your approach to implementing security and underlying assumptions about good security practices. This presentation will challenge conventional thinking about how to build a successful security program. After all, what do you have to lose? Are we really winning the cybersecurity war?
The Cyber Security Readiness of Canadian OrganizationsScalar Decisions
Highlights of the 2015 Scalar Security Study, The Cyber Security Readiness of Canadian Organizations, published February 2015. The full report can be downloaded at: http://hubs.ly/y0tFbr0
Cybersecurity for Energy: Moving Beyond ComplianceEnergySec
Presented by: Gib Sorebo, SAIC
Abstract: For the last few years, energy companies, particularly electric utilities, have been scrambling to meet the onslaught of cybersecurity regulations. However, hackers don’t follow regulations, so the need to rapidly address evolving threats is imperative to meet expectations of senior leadership, board members, and shareholders. This session will discuss how a mature governance structure and a cybersecurity strategy based on a comprehensive understanding of business risk can be used to address threats, comply with regulations, and obtain support from company stakeholders.
Deral Heiland - Fail Now So I Don't Fail Latercentralohioissa
With network data breaches being reported weekly, it appears our implementation of prevention solutions is failing. With the average time to detect a breach being greater than 6 months our detection solutions also appear to be failing. Maybe these solutions and technologies are working correctly and we are just not training our teams how to manage, maintain, and leverage those solutions effectively. In this presentation I will be discussing security testing and validation methodologies that includes Internal/external pentesting, social engineering, and red team/blue team exercises. In addition I will be covering how using these methodologies we can better prepare and build a more robust security environment that will keep your organization off the front page.
Estudio de Russell Reynolds Associates sobre ciberseguridad que explora la importancia de la relación entre el Chief Information Security Officer y el Consejo de Administración.
Why cyber-threats could kill your business transformation
We live in a connected world, and many organisations have responded with business transformation programs encompassing cloud, remote endpoints, shared networks, and more. How long can these connected systems and processes survive in a world of next generation, increasingly stealthy and complex cyber threats? This presentation will consider the threats facing digitally-powered businesses today and in the coming years – and how the security industry can help them address these threats. Not just through multi-layered, machine-learning and intelligence-based protection, but, equally importantly, through collaboration – with each other and with the business community – to share intelligence, build skills, and ensure security is built in from the very start of every new product and service.
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and IdeasTripwire
Graphic recording artist Kelly Kingman depicts the interesting points and key takeaways from some of our in-booth presentation at Black Hat USA 2015.
Read more about what Black Hat USA has to offer here: http://www.tripwire.com/state-of-security/security-data-protection/cyber-security/a-snapshot-of-black-hat-usa-2015/
NESCO Town Hall Workforce Development PresentationEnergySec
Moderated and Presented by Andy Bochman
Discussion Topic: Workforce Development in the ICS WorkPlace
Discussion Abstract: Ask anyone working in the field at an electric utility about cybersecurity and the conversation will inevitably turn to the shortage of a qualified security staff with knowledge of our industry. The need to comply with NERC CIP standards, secure the rapidly proliferating smart grid technologies, and defend against the threat of cyber attacks targeting control systems, makes the short supply of cybersecurity talent is a critical issue.
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...Citrin Cooperman
Sign up for our weekly MasterSnacks courses here: https://www.citrincooperman.com/infocus/mastersnacks
MasterSnacks, our C-Suite Snacks spin-off, brings you a series of topic-specific courses, using our snack-sized sessions to go in depth on content important to you. Join MasterSnacks live every Wednesday at noon for live exclusive sessions.
As your business wages war against cyber criminals, you must combat the vulnerabilities posed by your own third-party service providers. Your external providers must be held accountable in order to keep your business safe and secure.
During Session 1 of our MasterSnacks:Cybersecurity series, we covered more about mitigating third-party risks by evaluating and managing your service providers. Key takeaways included:
- Third-party risk evaluation and management systems
- Strategies to mitigate risk
- The value and difference between SOC Reports
Demonstrating Information Security Program EffectivenessDoug Copley
Doug Copley outlines how to demonstrate progress of your information security program, how to display metrics and provides some sample scorecards and dashboards.
Executive Summary of the 2016 Scalar Security StudyScalar Decisions
Executive Summary of the 2016 Scalar Security Study, The Cyber Security Readiness of Canadian Organizations, published February 2016. The full report can be downloaded at: scalar.ca/security-study-2016/
Scalar security study2017_slideshare_rev[1]Tracey Ong
Highlights of the 2017 Scalar Security Study, The Cyber Security Readiness of Canadian Organizations, published February 2017. The full report can be downloaded at scalar.ca/en/landing/2017-scalar-security-study/
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Tripwire
Boards of Directors have an inescapable legal responsibility to protect their organisation’s assets and shareholder value against risks. Where does cybersecurity fit in the agenda? Many boards lack the knowledge, awareness and confidence to connect security to the business.
In this webcast, moderator Paul Edon, Director of Customer Services at Tripwire, will provide a variety of perspectives from experienced professionals in the industry — including Amar Singh UK CISO for Elsevier, Ray Stanton EVP Professional Services at BT and Advisory Board Member of ISF, and Gary Cheetham, CISO at NFU Mutual.
Cyber risk tips for boards and executive teamsWynyard Group
Craig Richardson, CEO of crime fighting software company Wynyard Group shares his recommendations for boards and executives on addressing cyber risks for their organisations.
Gary Sheehan - Winning a Battle Doesn't Mean We Are Winning the Warcentralohioissa
In the spirit of Continuous Improvement, we must ask ourselves - Are we doing the best job we can? In this presentation Gary will present some ideas and concepts that can be used to improve the security posture within your organization. These ideas and concepts are not your typical solutions, rather they will force you to make a fundamental change in your approach to implementing security and underlying assumptions about good security practices. This presentation will challenge conventional thinking about how to build a successful security program. After all, what do you have to lose? Are we really winning the cybersecurity war?
The Cyber Security Readiness of Canadian OrganizationsScalar Decisions
Highlights of the 2015 Scalar Security Study, The Cyber Security Readiness of Canadian Organizations, published February 2015. The full report can be downloaded at: http://hubs.ly/y0tFbr0
Cybersecurity for Energy: Moving Beyond ComplianceEnergySec
Presented by: Gib Sorebo, SAIC
Abstract: For the last few years, energy companies, particularly electric utilities, have been scrambling to meet the onslaught of cybersecurity regulations. However, hackers don’t follow regulations, so the need to rapidly address evolving threats is imperative to meet expectations of senior leadership, board members, and shareholders. This session will discuss how a mature governance structure and a cybersecurity strategy based on a comprehensive understanding of business risk can be used to address threats, comply with regulations, and obtain support from company stakeholders.
Deral Heiland - Fail Now So I Don't Fail Latercentralohioissa
With network data breaches being reported weekly, it appears our implementation of prevention solutions is failing. With the average time to detect a breach being greater than 6 months our detection solutions also appear to be failing. Maybe these solutions and technologies are working correctly and we are just not training our teams how to manage, maintain, and leverage those solutions effectively. In this presentation I will be discussing security testing and validation methodologies that includes Internal/external pentesting, social engineering, and red team/blue team exercises. In addition I will be covering how using these methodologies we can better prepare and build a more robust security environment that will keep your organization off the front page.
Estudio de Russell Reynolds Associates sobre ciberseguridad que explora la importancia de la relación entre el Chief Information Security Officer y el Consejo de Administración.
Why cyber-threats could kill your business transformation
We live in a connected world, and many organisations have responded with business transformation programs encompassing cloud, remote endpoints, shared networks, and more. How long can these connected systems and processes survive in a world of next generation, increasingly stealthy and complex cyber threats? This presentation will consider the threats facing digitally-powered businesses today and in the coming years – and how the security industry can help them address these threats. Not just through multi-layered, machine-learning and intelligence-based protection, but, equally importantly, through collaboration – with each other and with the business community – to share intelligence, build skills, and ensure security is built in from the very start of every new product and service.
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and IdeasTripwire
Graphic recording artist Kelly Kingman depicts the interesting points and key takeaways from some of our in-booth presentation at Black Hat USA 2015.
Read more about what Black Hat USA has to offer here: http://www.tripwire.com/state-of-security/security-data-protection/cyber-security/a-snapshot-of-black-hat-usa-2015/
NESCO Town Hall Workforce Development PresentationEnergySec
Moderated and Presented by Andy Bochman
Discussion Topic: Workforce Development in the ICS WorkPlace
Discussion Abstract: Ask anyone working in the field at an electric utility about cybersecurity and the conversation will inevitably turn to the shortage of a qualified security staff with knowledge of our industry. The need to comply with NERC CIP standards, secure the rapidly proliferating smart grid technologies, and defend against the threat of cyber attacks targeting control systems, makes the short supply of cybersecurity talent is a critical issue.
MasterSnacks: Cybersecurity - Third-Party Crashers: Avoiding Service Provider...Citrin Cooperman
Sign up for our weekly MasterSnacks courses here: https://www.citrincooperman.com/infocus/mastersnacks
MasterSnacks, our C-Suite Snacks spin-off, brings you a series of topic-specific courses, using our snack-sized sessions to go in depth on content important to you. Join MasterSnacks live every Wednesday at noon for live exclusive sessions.
As your business wages war against cyber criminals, you must combat the vulnerabilities posed by your own third-party service providers. Your external providers must be held accountable in order to keep your business safe and secure.
During Session 1 of our MasterSnacks:Cybersecurity series, we covered more about mitigating third-party risks by evaluating and managing your service providers. Key takeaways included:
- Third-party risk evaluation and management systems
- Strategies to mitigate risk
- The value and difference between SOC Reports
Demonstrating Information Security Program EffectivenessDoug Copley
Doug Copley outlines how to demonstrate progress of your information security program, how to display metrics and provides some sample scorecards and dashboards.
Executive Summary of the 2016 Scalar Security StudyScalar Decisions
Executive Summary of the 2016 Scalar Security Study, The Cyber Security Readiness of Canadian Organizations, published February 2016. The full report can be downloaded at: scalar.ca/security-study-2016/
Scalar security study2017_slideshare_rev[1]Tracey Ong
Highlights of the 2017 Scalar Security Study, The Cyber Security Readiness of Canadian Organizations, published February 2017. The full report can be downloaded at scalar.ca/en/landing/2017-scalar-security-study/
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Tripwire
Boards of Directors have an inescapable legal responsibility to protect their organisation’s assets and shareholder value against risks. Where does cybersecurity fit in the agenda? Many boards lack the knowledge, awareness and confidence to connect security to the business.
In this webcast, moderator Paul Edon, Director of Customer Services at Tripwire, will provide a variety of perspectives from experienced professionals in the industry — including Amar Singh UK CISO for Elsevier, Ray Stanton EVP Professional Services at BT and Advisory Board Member of ISF, and Gary Cheetham, CISO at NFU Mutual.
Cyber risk tips for boards and executive teamsWynyard Group
Craig Richardson, CEO of crime fighting software company Wynyard Group shares his recommendations for boards and executives on addressing cyber risks for their organisations.
By leveraging more than 30 years of energy expertise, ScottMadden has developed an approach to help clients implement cybersecurity programs that target enterprise risks and demonstrate tangible evidence of improving cybersecurity capabilities. This approach engages business stakeholders to answer the following strategic questions:
1. What are our biggest enterprise cybersecurity risks?
2. What is the appropriate response to these risks?
3. How will success be measured?
4. How will we get there?
We align with energy sector guidance to meet industry expectations, and we integrate with enterprise governance to direct and monitor implementation progress, ongoing performance, and assurance.
This report highlights ScottMadden’s approach to strategic cybersecurity.
For more information, please visit www.scottmadden.com.
How to Raise Cyber Risk Awareness and Management to the C-SuiteSurfWatch Labs
Who's responsible for cybersecurity at your organization? The accountability for cybersecurity has shifted to the C-Suite, and it's needs to become part of the overall business strategy.
Current enterprise information security measures continue to fail us. Why is ...Livingstone Advisory
Conventional information security measures continue to fail our businesses in today’s rapidly changing world of cyber-risk. Adverse cyber-events manifest themselves as the usual suspects including data breaches, information theft, ransom- and malware, viruses, payment card fraud, DDOS attacks or physical loss – to name but a few.
Problem is, the tally of adverse events keeps mounting up. While headline adverse cyber incidents are now reported in the media with regularity, this represents the tip of the cyber-risk iceberg. Most known events are either unreported or hidden from public disclosure. Not helping, is the industry analysis suggesting that, on average, nearly half of all adverse cyber-risk events impacting organisations are self-inflicted and avoidable. No industry is untouched.
Delivered at the CIO Summit in Melbourne, Australia in November 2016, in this presentation, Rob offers valuable strategic insights into the problem and why it continues to be a problem.
He outlines some practical steps that will be helpful for CIOs and CISOs in reshaping their own organisation’s approach in building a more effective and resilient information security capability.
10 Security Essentials Every CxO Should KnowIBM Security
View On Demand Webinar: http://event.on24.com/wcc/r/1060940/3EBB3C7D778564710E957F99AF1D7C1B
How comprehensive is your security program? Organizations today are reliant on technology more than ever to achieve competitive advantage. Whether it is growing your brand, automating a supply chain or moving to cloud and mobile, technology is the lifeblood of business. This shift in reliance also brings cyber threats that must be addressed.
Based on extensive experience, IBM has established 10 Essential Practices for a comprehensive security posture. Join Glen Holland, Global Practice Lead of SAP Security Services, to hear about the key imperatives can help you understand and address these threats and protect the business.
In this on demand webinar, you will learn:
- The 10 security essentials and best practices of today’s security leaders
- How to assess your security maturity
- Where your critical gaps lie and how to prioritize your actions
In a survey of U.S. technology and healthcare executives nationwide, Silicon Valley Bank found that companies believe cyber attacks are a serious threat to both their data and their business continuity.
Highlights
- 98% are maintaining or increasing resources devoted to cyber security
- 50% are increasing their cyber security resources, preparing for when, not if, cyber attacks occur
- Just 35% are completely or very confident in the security of their company information, and only 16% feel the same about their business partners
Webcast outlines how IT security and operations can address top security concerns and challenges and adapt to new technologies and trends surrounding the endpoint.
The pace and scale of technology advancements have created extraordinary avenues for businesses to grow. But with opportunities come risks, which need to be constantly navigated. Read this blog to uncover the top 5 cybersecurity trends to watch out for in 2021 and beyond.
2015 Energy Industry Cybersecurity Research UpdateGridCyberSec
ScottMadden, Inc., one of North America’s leading energy consulting firms, has released a report on cybersecurity within the energy sector. This new report helps utilities understand how their cybersecurity practices and perceptions compare to those of industry peers. It is a resource for utility executives evaluating their cybersecurity capabilities. Additional industry cybersecurity information can be found on ScottMadden’s sponsored website: GridCyberSec.com.
WHAT EVERY BOARD OF DIRECTORS SHOULD KNOW
BEFORE, DURING AND AFTER AN ATTACK
View the webinar:
https://www2.fireeye.com/The_Board_and_CyberSecurity_webinar_EMEA.html?utm_source=SS
Download the full report:
https://www2.fireeye.com/WEB-2015-The-Cyber-Security-Playbook.html?utm_source=SS
Secrets to managing your Duty of Care in an ever- changing world.
How well do you know your risks?
Are you keeping up with your responsibilities to provide Duty of Care?
How well are you prioritising Cybersecurity initiatives?
Liability for Cybersecurity attacks sits with Executives and Board members who may not have the right level of technical security knowledge. This session will outline what practical steps executives can take to implement a Cybersecurity Roadmap that is aligned with its strategic objectives.
Led by Krist Davood, who has spent over 28 years implementing secure mission critical systems for executives. Krist is an expert in protecting the interconnectedness of technology, intellectual property and information systems, as evidenced through his roles at The Good Guys, Court Services Victoria and Schiavello.
The seminar will cover:
• Fiduciary responsibility
• How to efficiently deal with personal liability and the threat of court action
• The role of a Cybersecurity Executive Dashboard and its ability to simplify risk and amplify informed decision making
• How to identify and bridge the gap between your Cybersecurity Compliance Rating and the threat of court action
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemIBM Security
What could cybersecurity look like in the cognitive era? Organizations are facing a number of well-known security challenges and these challenges are leading to gaps in intelligence, speed, and accuracy when it comes to threats and incidents. The gaps can’t be addressed by simply scaling up legacy processes and infrastructure - new approaches are needed, and cognitive security solutions may help address these gaps. IBM conducted a survey of over 700 security professionals leaders and practitioners from 35 countries, representing 18 industries to get a sense for what challenges they are facing, how they are being addressed, and how they view cognitive security solutions as a potential powerful new tool.
Join us as Diana Kelley, Executive Security Advisor in IBM Security, and David Jarvis, Functional Research Lead for CIO and Cybersecurity in the IBM Institute for Business Value, discuss findings from the 2016 Cybersecurity Study "Cybersecurity in The Cognitive Era: Priming your Digital immune system"
This webinar will cover an overview of the study findings, including:
Security challenges, shortcomings and what security leaders are doing about them
Views on cognitive security solutions - how they might help, readiness to implement and what might be holding them back
What those that are ready to implement cognitive enabled security today are thinking and doing
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
Information Security
1.Why the need to think about it?
2.What exactly are we talking about?
3.How do we go about doing something about it?
4.Is there a one-size-fits-all framework?
How to assess your Cybersecurity Vulnerability_.pdfMetaorange
The new age of cyber threats is not limited to data breaches and ransomware attacks. They have become much more advanced with AI-based security analysis, crypto-jacking, facial recognition, and voice cloning via deep fake, IoT compromise, and cloud-based DDoS attacks.
How to assess your Cybersecurity Vulnerability_.pptxMetaorange
Surprisingly, Deepfake Technology, which was once used for fun, has now enabled phishing attacks. Rick McRoy detected a deep fake-based voice call that caused a CEO to transfer a sum amount of $35 Million.
Further, AI-powered cyberattacks also pose a serious security risk. Existing cybersecurity tools are not enough to counter this cyber weaponry.
In the wake of such incidents, the need for advanced cybersecurity tools is growing important.
Similar to How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs (20)
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskSurfWatch Labs
Data breaches and cyber-attacks are often tied to vendors, partners, or other external organizations. Threat intelligence can help to shed a light on an organization's third-party risks and help to provide guidance on how to mitigate that risk.
Know Your Adversary: Analyzing the Human Element in Evolving Cyber ThreatsSurfWatch Labs
Understanding the types of malicious actors that are attempting to compromise your organization, what motivates them, and what their goals are is a crucial step when it comes to taking action against cyber risks.
Using Threat Intelligence to Address Your Growing Digital RiskSurfWatch Labs
Cyber threat intelligence can be used to help organizations to better manage their growing digital risk footprints and drive more effective risk decisions.
How to Mitigate Risk From Your Expanding Digital PresenceSurfWatch Labs
The digital presence of organizations continues to expand, and with that expansion comes greater exposure to digital risks. Visibility into those risks is critical in order to effectively manage that risk.
IoT Devices Expanding Your Digital FootprintSurfWatch Labs
Network-enabled or "smart" IOT devices are commonplace these days, with commercial and residential buildings having smart light bulbs, smart locks, DVRs, security cameras and more. The potential of having multiple devices per building potentially translates into the largest digital footprint that is NOT under proper security management.
Connecting the Dots Between Your Threat Tntelligence Tradecraft and Business ...SurfWatch Labs
Threat intelligence needs to be in a language the business understands. SurfWatch Labs can help connect cyber threat intelligence to business operations in order to help manage cyber risk.
Cyber Threat Intelligence: Knowing What Specific Threats Your Business Should...SurfWatch Labs
By using Cyber Threat Intelligence, organizations can understand what specific threats they face and use these insights to drive the most effective defense.
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...SurfWatch Labs
Credit Unions have to deal with the same cybercrime-related issues as large banks, but they often have less resources to address those risks. Cyber risk intelligence can help to make sure they use those limited resources wisely.
SANS Report: The State of Security in Control Systems TodaySurfWatch Labs
SANS conducted a survey of more than 300 ICS professionals and this presentation shares key highlights from the findings to give you insights on the cybersecurity challenges facing your peers and the approaches used to reduce cyber risks.
Point of Sale Insecurity: A Threat to Your BusinessSurfWatch Labs
PoS systems continue to be targeted by cybercriminals for card payment information as well as personally identifiable information. Even as organizations solidify their PoS security, cybercriminals evolve.
This presentation examines the State of PoS Insecurity. Read this to learn:
-Why situational awareness of your POS risks is a must
-Insights on the latest and trending POS cyber risks and impacts
-Fundamental security recommendations from SurfWatch Analysts
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
3. “We believed we were
doing things ahead of the
industry. We thought we
were well-positioned.”
- Frank Blake, Chairman of Home Depot
3
4. Cybersecurity Is No Longer Just
a Technical Problem
4
Top 5 Security Risks
1.Data security (company
information)
2.Brand/reputational damage
3.Regulatory and compliance
violations (tie)
4.Data leakage (tie)
5.Viruses and malware
- Protiviti, “From Cybersecurity to Collaboration: Assessing the Top Priorities for Internal Audit Functions”,
2015
5. The Cost Cannot Be Ignored
Increase from previous year of
organizations reporting financial hits
of $20 million or more
5
$2.7
Million
Annual average financial loss
attributed to cybersecurity incidents
- up 34% from previous year
92%
- The Global State of Information Security® Survey 2015, PWC
7. Security Spending on the Rise,
Yet Companies Getting Hit Hard
7
• The traditional approach
to managing cyber risks
is not working
• Too much focus on one-
off, responsive tactics
• The dots aren’t being
connected between cyber
risks and business
impact
8. Security Spending on the Rise,
Yet Companies Getting Hit Hard
• Security is too complex
• Too much data is trapped
• Hard to relate cyber risks to
the business
• Too much focus on tools
and not enough on process
• Lack of communication and
agility and ability to quickly
make effective decisions
8
10. Cybersecurity Needs to Be
Baked Into Your Business
• What does security look
like for you?
• What does it mean for your
customers, partners,
suppliers?
• How quickly and effectively
can you respond to a
security incident?
• What’s the effect of not
being secure enough?
10
11. Sound Cybersecurity is a
Competitive Advantage
11
69%of US executives are
worried that cyber threats
will impact growth.
— PwC, 17th Annual Global CEO Survey
12. Bridge the Gap Between Security
Operations and the Business
12
13. Using Cyber Risk Intelligence to
Drive Better Security Decisions
13
15. You Gotta Get the Board on
Board with Cyber
• Cybersecurity
improvement includes
the involvement of
Board Directors
• Only 30% of Boards
are highly engaged
with information
security risks and
include cybersecurity
in their audit and risk
acceptance process.
15
Source: From Cybersecurity to Collaboration: Assessing
the Top Priorities for Internal Audit Functions
16. Where Do We Go From Here?
1. Unlock trapped cyber data and
look at cyber risks through a
business intelligence/KPI lens.
2. Build the right strategy and
foundation for a long-lasting
cyber-resilient approach.
3. Facilitate communication and
collaboration across IT teams,
business analysts, legal and
executives.
16
17. Q&A and Additional
SurfWatch Labs Resources
17
How to Understand Cyber Risks
and Ensure Governance:
info.surfwatchlabs.com/cyber-risk-governance
SurfWatch C-Suite Datasheet:
info.surfwatchlabs.com/SurfWatch-C-Suite-Datasheet
SurfWatch C-Suite Product Overview Video:
www.youtube.com/watch?v=9J0Ae6VTmHU
SurfWatch C-Suite Product Review:
www.scmagazine.com/surfwatch-c-suite/review/4324/
Schedule a Personal SurfWatch C-Suite Demo:
info.surfwatchlabs.com/request-demo
Accountability has Shifted to the C-Suite
“… boards that choose to ignore, or minimize, the importance of cybersecurity oversight responsibility, do so at their own peril.”
- Luis A. Aguilar, SEC Commissioner