By using Cyber Threat Intelligence, organizations can understand what specific threats they face and use these insights to drive the most effective defense.
Real Estate Crowdfunding: Latest Trends and Developments LIVE WebcastThomas LaPointe
In the year 2015, according to a research and advisory firm, crowdfunding platforms in real estate investment have generated about $34.4 billion and is conservatively expected to greatly increase this year. The rapid growth has been spurred by a number of regulatory amendments made by SEC, thus, allowing companies to offer and sell securities through crowdfunding. The recent approval of the JOBS Act's Title III rules is expected to generate new activity for real estate crowdfunding.
In this LIVE Webcast, a seasoned panel of thought leaders and professionals brought together by The Knowledge Group will provide the audience with an in-depth discussion of the fundamentals as well as recent developments in Real Estate Crowdfunding.
Key topics include:
Real Estate Crowdfunding Platform
Recent Trends and Developments in Real Estate Crowdfunding
Five Key Areas of Commercial Real Estate
Restrictions on Real Estate Crowdfunding
Scope and Limitation
To view the webcast go to this link: https://youtu.be/8IqGese6OMg
To learn more about the webcast please visit our website: http://theknowledgegroup.org
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...SurfWatch Labs
Credit Unions have to deal with the same cybercrime-related issues as large banks, but they often have less resources to address those risks. Cyber risk intelligence can help to make sure they use those limited resources wisely.
Real Estate Crowdfunding: Latest Trends and Developments LIVE WebcastThomas LaPointe
In the year 2015, according to a research and advisory firm, crowdfunding platforms in real estate investment have generated about $34.4 billion and is conservatively expected to greatly increase this year. The rapid growth has been spurred by a number of regulatory amendments made by SEC, thus, allowing companies to offer and sell securities through crowdfunding. The recent approval of the JOBS Act's Title III rules is expected to generate new activity for real estate crowdfunding.
In this LIVE Webcast, a seasoned panel of thought leaders and professionals brought together by The Knowledge Group will provide the audience with an in-depth discussion of the fundamentals as well as recent developments in Real Estate Crowdfunding.
Key topics include:
Real Estate Crowdfunding Platform
Recent Trends and Developments in Real Estate Crowdfunding
Five Key Areas of Commercial Real Estate
Restrictions on Real Estate Crowdfunding
Scope and Limitation
To view the webcast go to this link: https://youtu.be/8IqGese6OMg
To learn more about the webcast please visit our website: http://theknowledgegroup.org
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...SurfWatch Labs
Credit Unions have to deal with the same cybercrime-related issues as large banks, but they often have less resources to address those risks. Cyber risk intelligence can help to make sure they use those limited resources wisely.
Create a Safer Learning Environment with Absolute Safe SchoolsAbsolute
Educational organizations are embracing mobile devices to provide a more flexible approach to classroom learning. Laptops and tablets are enhancing the learning experience by motivating students, providing a wealth of instant information, and eliminating costly textbooks that date quickly. But along with the benefits of mobile devices comes the associated risks. Device theft is on the rise and some students are becoming targets of crime.
SANS Report: The State of Security in Control Systems TodaySurfWatch Labs
SANS conducted a survey of more than 300 ICS professionals and this presentation shares key highlights from the findings to give you insights on the cybersecurity challenges facing your peers and the approaches used to reduce cyber risks.
Point of Sale Insecurity: A Threat to Your BusinessSurfWatch Labs
PoS systems continue to be targeted by cybercriminals for card payment information as well as personally identifiable information. Even as organizations solidify their PoS security, cybercriminals evolve.
This presentation examines the State of PoS Insecurity. Read this to learn:
-Why situational awareness of your POS risks is a must
-Insights on the latest and trending POS cyber risks and impacts
-Fundamental security recommendations from SurfWatch Analysts
Containing the outbreak: The healthcare security pandemicAvecto
James Maude, Senior Security Engineer at Avecto examines the security state of play in the healthcare industry and why it’s now a prime target for hackers.
Connecting the Dots Between Your Threat Tntelligence Tradecraft and Business ...SurfWatch Labs
Threat intelligence needs to be in a language the business understands. SurfWatch Labs can help connect cyber threat intelligence to business operations in order to help manage cyber risk.
Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYODSierraware
Simplifying BYOD deployments while satisfying HIPAA and other healthcare regulations. Virtual Mobile Infrastructure with strong biometric authentication and 4096-bit encryption. Android-based VDI for mobile security.
This presentation delves into the many cybersecurty risks that plague the healthcare industry and how these risks can be mitigated with the help of security solutions that Seqrite offers.
Ransomware attacks are not only growing and evolving but are getting more sophisticated by using advanced evasion techniques impacting individuals and organizations across verticals.
Seqrite security solutions provide multi-layered defense that prevents and blocks real-time threats and emerging ransomware infections.
Cyber Security presentation given by Luke Schneider, Chief Executive Officer of Medicine Bow Technologies at the 2016 Wyoming Hospital Association Annual Conference
Decoding the Data Breach Framework: How to Prevent Exfiltration LIVE WebcastThomas LaPointe
In today’s fast evolving cybersecurity backdrop, maintaining an up-to-date and efficient data breach security has been a tough challenge for companies all over the world. Data attackers are no longer particular with the size of their target and may attack at any moment. Effective detection and prevention of data breach or any form of illegal release of data and information from a company’s system, requires robust security system and close-monitoring from the top level management.
In a two-hour LIVE Webcast, a notable panel of thought leaders and professionals assembled by The Knowledge Group will offer the audience with an in-depth discussion of the fundamental aspects of a data breach. The panel will also provide the audience with the best practices to avoid common risk and pitfalls in a data breach.
Key topics include:
The Anatomy of a Breach
Risks and Legal Challenges in Data Breach
Data Exfiltration Methods
Identifying, Detecting and Preventing Data Breach
Recent Trends and Developments
To view the webcast go to this link: https://youtu.be/d-QbhiToGLs
To learn more about the webcast please visit our website: http://theknowledgegroup.org
Webinar Slides: Critical Steps to Keep your BSA Program CurrentPneuron
The Bank Secrecy Act (BSA) has caused dramatic operational change. Its objective and the substantial financial scrutiny on the ongoing cost of compliance and the draconian impacts of non-compliance have remained largely the same. However, the market and environment the BSA Officer operates in has changed markedly in the last few years. As a result, the execution and effective management of the BSA program needs to constantly evolve and align as the market, its adversaries and the financial institution change. This presentation provides BSA Officers, BSA teams and Regulators with a comprehensive overview of modern-day BSA programs and the tools needed to optimize them.
The FDA's Cybersecurity Enforcement: Patient Care and Medical Cybersecurity I...Thomas LaPointe
Vague requirements and a hot button political issue make for a volatile mixture as industry members try to comply with the U.S. Food & Drug Administration’s (FDA) cybersecurity requirements. The Agency, to date, has released four guidance documents outlining its proposed approach to cybersecurity enforcement, but has yet to demonstrate the degree of its resolve through enforcement activity. By taking apart and analyzing recent FDA action, the panel will inform viewers about the nuts and bolts of cybersecurity compliance.
FDA has made clear that health care facilities need to reassess their information security programs and ensure that these programs are comprehensive and updated. Applicable cybersecurity measures should also be taken to be able to address the vulnerabilities identified in the alert. Similarly, manufacturers of medical devices should carefully evaluate their products for potential security exposures. They should also offer security patches or, if needed, replacement products to their customers and ensure cybersecurity integration to product development.
In a two-hour LIVE webcast, a panel of distinguished professionals and thought leaders assembled by The Knowledge Group will provide guidance and suggestions to assist the healthcare industry in understanding the important aspects of this significant topic. They will provide an in-depth discussion of the FDA’s cybersecurity enforcement and its implications to the healthcare industry. Speakers will also offer best practices in developing and implementing effective information security programs in light of the most recent cybersecurity news.
Key topics include:
The FDA Cybersecurity Enforcement – An Overview
Cybersecurity Vulnerabilities of Medical Devices
Implications to Healthcare Facilities and Medical Device Manufacturers
Best Information Security Practices
Regulatory Forecasts
To view the webcast go to this link: https://youtu.be/BfH2S__-t0w
To learn more about the webcast please visit our website: http://theknowledgegroup.org
B&B Hardware v. Hargis: Decision and Impact on Trademark Prosecution and Enfo...Thomas LaPointe
The U.S. Supreme Court in March 2015 has delivered a significant decision in B&B Hardware, Inc. v. Hargis Industries, Inc. The Court affirms that the Trademark Trial and Appeal Board (TTAB) rulings on the likelihood of confusion of trademarks may have a binding, preclusive effect on later Federal Court trademark infringement proceedings so long as the ordinary elements of issue preclusion are met, and the usages adjudicated by the TTAB are materially the same as those before a district court.
This case could substantially impact not only trademark enforcement strategies, but also the clearance of trademarks and prosecution strategies before the United States Patent and Trademark Office (USPTO).
In this two-hour LIVE Webcast, a panel of key thought leaders and practitioners assembled by The Knowledge Group will review the B&B Hardware v. Hargis case and will explain the significance and possible repercussions of the rulings and how brand owners can safeguard their trademarks in the future. Speakers will also provide best practices in developing and implementing effective trademark protection strategies to protect against infringement.
Key issues that will be covered in this course are:
B&B Hardware, Inc. v. Hargis Industries, Inc.
Trademark Trial and Appeal Board (TTAB) Rulings
Preclusive Effect: An Overview
Coverage and Limitation
U.S. Trademark Application
Likelihood of Confusion
Changes and Implications for Practitioners
Risks and Pitfalls in Trademarks
Infringement Mitigation Strategies
To view the webcast go to this link: https://youtu.be/aVox4JrSIkw
To learn more about the webcast please visit our website: http://theknowledgegroup.org
Supplier Quality Management: Best Practices and Practical Insights in 2015 LI...Thomas LaPointe
Supplier Quality Management (SQM) is becoming an important business practice as more companies are out-sourcing manufacturing, distribution, shipping, and sales across the globe. Aside from the implications of failure to comply with a myriad of regulations, failure of SQM can lead to litigation, added costs, and harmed reputation among other problems such as product adulteration and mis-branding. However, there is a trade-off between managing supplier quality and costs. As such, SQ managers need to be aware of the risks and benefits of the relationship with suppliers as a whole.
Our panel of key thought leaders and practitioners assembled by The Knowledge Group will discuss Supplier Quality Management and provide Best Practices and Practical Insights.
Key topics include:
Supplier Quality Management – Overview
Supplier Selection, Evaluation, and Monitoring
Supplier Quality Agreements and Contracts
Cost of Poor Supplier Quality (COPQ)
Quality Management Systems
Cost Recovery and Supplier Audit
Closed Loop Corrective Actions
Suppliers Quality Metrics
Supply Chain Pressures
To view the webcast go to this link: http://youtu.be/FhW15o2pfCw
To learn more about the webcast please visit our website: http://theknowledgegroup.org
Anti-Corruption Compliance and Enforcement: Key Developments in 2016 & Beyond...Thomas LaPointe
The heightened domestic crusades against corruption imply a clear message: aggressive enforcement actions across borders is on the horizon. Increased parallel enforcement actions are also expected to take place engaging multiple jurisdictions against multinational entities. In this light, enforcement authorities are encouraging companies to closely monitor the effectiveness of their policies and procedures and ramp up their compliance strategies to mitigate future legal risks and challenges.
In a two-hour LIVE Webcast, a seasoned panel of thought leaders, professionals and practitioners brought together by The Knowledge Group will provide the audience with an in-depth discussion of the fundamentals as well as recent regulatory developments relating to Anti-Corruption Compliance and Enforcement. Speakers will also present their expert thoughts and opinions on how to establish and maintain an effective and efficient anti-corruption enforcement program.
Key topics include:
Anti-Corruption Enforcement - An Overview
Foreign Corrupt Practices Act
Compliance Requirements
Recent Trends in Anti-Corruption Enforcement
Key Risk Areas
Impacts and Implications of Anti-Corruption Enforcement
The New Anti-Corruption Squad
Up-to-the-minute Regulatory Developments
To view the webcast go to this link: https://youtu.be/GY58FsUIy7A
To learn more about the webcast please visit our website: http://theknowledgegroup.org
Cyber Security and Data Privacy: Views on Article III Standing LIVE WebcastThomas LaPointe
As cyber security and data privacy concerns continue to evolve, security experts must keep themselves up to date to combat increasingly sophisticated threats to protect their firms and clients. In a two-hour LIVE webcast, a panel of distinguished professionals will address significant issues that will shape up cyber security and data privacy in 2014 along with practical guidance. Our speakers will address the following key issues:
Article III Standing
Latest theories of liability arising out of data breaches and claims of invasion of privacy
Issues surrounding cyber security and data privacy
Best practices to counteract cyber security and data privacy threats
Latest regulatory updates
To view the webcast go to this link: http://youtu.be/Kkyieu9njdw
To learn more about the webcast please visit our website: http://theknowledgegroup.org
FinCEN’s Anti-Money Laundering Developments: A 2015 Update LIVE WebcastThomas LaPointe
In August 2014, the Financial Crimes Enforcement Network (FinCEN) of the U.S. Treasury published a proposed Anti-money Laundering (AML) rule that would require financial institutions, subject to Customer Identification Procedures (CIP), to identify beneficial owners of legal entity customers and subject them to customer due diligence. This includes banks, securities brokers and dealers, mutual funds, futures commission merchants, and others. This CLE course offers participants an overview of the latest trends and best practices with respect to FinCEN’s new rule on Anti-Money Laundering and other developments in BSA/AML enforcement. A panel of thought leaders and practitioners assembled by The Knowledge Group will help firms better understand how to advise clients about application of the new rules in their businesses.
The Knowledge Group has assembled a panel of key thought leaders to provide the audience with an in-depth over-view, analysis, and discussion of FinCEN’s new rule on Anti-Money Laundering and developments in BSA/AML enforcement.
Key issues include that will be covered in this course are:
Anti-money Laundering
Proposed Rules for Financial Transparency
FinCEN Advisories on AML Compliance
Trade-based Money Laundering
Identifying Customers
Identifying Beneficial Owners
Reporting Initiative on Cross-Border Cash Couriers
Recent Enforcement Actions
Compliance and Litigation Risks
To view the webcast go to this link: http://youtu.be/7MNt-5su2LU
To learn more about the webcast please visit our website: http://theknowledgegroup.org
Create a Safer Learning Environment with Absolute Safe SchoolsAbsolute
Educational organizations are embracing mobile devices to provide a more flexible approach to classroom learning. Laptops and tablets are enhancing the learning experience by motivating students, providing a wealth of instant information, and eliminating costly textbooks that date quickly. But along with the benefits of mobile devices comes the associated risks. Device theft is on the rise and some students are becoming targets of crime.
SANS Report: The State of Security in Control Systems TodaySurfWatch Labs
SANS conducted a survey of more than 300 ICS professionals and this presentation shares key highlights from the findings to give you insights on the cybersecurity challenges facing your peers and the approaches used to reduce cyber risks.
Point of Sale Insecurity: A Threat to Your BusinessSurfWatch Labs
PoS systems continue to be targeted by cybercriminals for card payment information as well as personally identifiable information. Even as organizations solidify their PoS security, cybercriminals evolve.
This presentation examines the State of PoS Insecurity. Read this to learn:
-Why situational awareness of your POS risks is a must
-Insights on the latest and trending POS cyber risks and impacts
-Fundamental security recommendations from SurfWatch Analysts
Containing the outbreak: The healthcare security pandemicAvecto
James Maude, Senior Security Engineer at Avecto examines the security state of play in the healthcare industry and why it’s now a prime target for hackers.
Connecting the Dots Between Your Threat Tntelligence Tradecraft and Business ...SurfWatch Labs
Threat intelligence needs to be in a language the business understands. SurfWatch Labs can help connect cyber threat intelligence to business operations in order to help manage cyber risk.
Roadmap to Healthcare HIPAA Compliance and Mobile Security for BYODSierraware
Simplifying BYOD deployments while satisfying HIPAA and other healthcare regulations. Virtual Mobile Infrastructure with strong biometric authentication and 4096-bit encryption. Android-based VDI for mobile security.
This presentation delves into the many cybersecurty risks that plague the healthcare industry and how these risks can be mitigated with the help of security solutions that Seqrite offers.
Ransomware attacks are not only growing and evolving but are getting more sophisticated by using advanced evasion techniques impacting individuals and organizations across verticals.
Seqrite security solutions provide multi-layered defense that prevents and blocks real-time threats and emerging ransomware infections.
Cyber Security presentation given by Luke Schneider, Chief Executive Officer of Medicine Bow Technologies at the 2016 Wyoming Hospital Association Annual Conference
Decoding the Data Breach Framework: How to Prevent Exfiltration LIVE WebcastThomas LaPointe
In today’s fast evolving cybersecurity backdrop, maintaining an up-to-date and efficient data breach security has been a tough challenge for companies all over the world. Data attackers are no longer particular with the size of their target and may attack at any moment. Effective detection and prevention of data breach or any form of illegal release of data and information from a company’s system, requires robust security system and close-monitoring from the top level management.
In a two-hour LIVE Webcast, a notable panel of thought leaders and professionals assembled by The Knowledge Group will offer the audience with an in-depth discussion of the fundamental aspects of a data breach. The panel will also provide the audience with the best practices to avoid common risk and pitfalls in a data breach.
Key topics include:
The Anatomy of a Breach
Risks and Legal Challenges in Data Breach
Data Exfiltration Methods
Identifying, Detecting and Preventing Data Breach
Recent Trends and Developments
To view the webcast go to this link: https://youtu.be/d-QbhiToGLs
To learn more about the webcast please visit our website: http://theknowledgegroup.org
Webinar Slides: Critical Steps to Keep your BSA Program CurrentPneuron
The Bank Secrecy Act (BSA) has caused dramatic operational change. Its objective and the substantial financial scrutiny on the ongoing cost of compliance and the draconian impacts of non-compliance have remained largely the same. However, the market and environment the BSA Officer operates in has changed markedly in the last few years. As a result, the execution and effective management of the BSA program needs to constantly evolve and align as the market, its adversaries and the financial institution change. This presentation provides BSA Officers, BSA teams and Regulators with a comprehensive overview of modern-day BSA programs and the tools needed to optimize them.
The FDA's Cybersecurity Enforcement: Patient Care and Medical Cybersecurity I...Thomas LaPointe
Vague requirements and a hot button political issue make for a volatile mixture as industry members try to comply with the U.S. Food & Drug Administration’s (FDA) cybersecurity requirements. The Agency, to date, has released four guidance documents outlining its proposed approach to cybersecurity enforcement, but has yet to demonstrate the degree of its resolve through enforcement activity. By taking apart and analyzing recent FDA action, the panel will inform viewers about the nuts and bolts of cybersecurity compliance.
FDA has made clear that health care facilities need to reassess their information security programs and ensure that these programs are comprehensive and updated. Applicable cybersecurity measures should also be taken to be able to address the vulnerabilities identified in the alert. Similarly, manufacturers of medical devices should carefully evaluate their products for potential security exposures. They should also offer security patches or, if needed, replacement products to their customers and ensure cybersecurity integration to product development.
In a two-hour LIVE webcast, a panel of distinguished professionals and thought leaders assembled by The Knowledge Group will provide guidance and suggestions to assist the healthcare industry in understanding the important aspects of this significant topic. They will provide an in-depth discussion of the FDA’s cybersecurity enforcement and its implications to the healthcare industry. Speakers will also offer best practices in developing and implementing effective information security programs in light of the most recent cybersecurity news.
Key topics include:
The FDA Cybersecurity Enforcement – An Overview
Cybersecurity Vulnerabilities of Medical Devices
Implications to Healthcare Facilities and Medical Device Manufacturers
Best Information Security Practices
Regulatory Forecasts
To view the webcast go to this link: https://youtu.be/BfH2S__-t0w
To learn more about the webcast please visit our website: http://theknowledgegroup.org
B&B Hardware v. Hargis: Decision and Impact on Trademark Prosecution and Enfo...Thomas LaPointe
The U.S. Supreme Court in March 2015 has delivered a significant decision in B&B Hardware, Inc. v. Hargis Industries, Inc. The Court affirms that the Trademark Trial and Appeal Board (TTAB) rulings on the likelihood of confusion of trademarks may have a binding, preclusive effect on later Federal Court trademark infringement proceedings so long as the ordinary elements of issue preclusion are met, and the usages adjudicated by the TTAB are materially the same as those before a district court.
This case could substantially impact not only trademark enforcement strategies, but also the clearance of trademarks and prosecution strategies before the United States Patent and Trademark Office (USPTO).
In this two-hour LIVE Webcast, a panel of key thought leaders and practitioners assembled by The Knowledge Group will review the B&B Hardware v. Hargis case and will explain the significance and possible repercussions of the rulings and how brand owners can safeguard their trademarks in the future. Speakers will also provide best practices in developing and implementing effective trademark protection strategies to protect against infringement.
Key issues that will be covered in this course are:
B&B Hardware, Inc. v. Hargis Industries, Inc.
Trademark Trial and Appeal Board (TTAB) Rulings
Preclusive Effect: An Overview
Coverage and Limitation
U.S. Trademark Application
Likelihood of Confusion
Changes and Implications for Practitioners
Risks and Pitfalls in Trademarks
Infringement Mitigation Strategies
To view the webcast go to this link: https://youtu.be/aVox4JrSIkw
To learn more about the webcast please visit our website: http://theknowledgegroup.org
Supplier Quality Management: Best Practices and Practical Insights in 2015 LI...Thomas LaPointe
Supplier Quality Management (SQM) is becoming an important business practice as more companies are out-sourcing manufacturing, distribution, shipping, and sales across the globe. Aside from the implications of failure to comply with a myriad of regulations, failure of SQM can lead to litigation, added costs, and harmed reputation among other problems such as product adulteration and mis-branding. However, there is a trade-off between managing supplier quality and costs. As such, SQ managers need to be aware of the risks and benefits of the relationship with suppliers as a whole.
Our panel of key thought leaders and practitioners assembled by The Knowledge Group will discuss Supplier Quality Management and provide Best Practices and Practical Insights.
Key topics include:
Supplier Quality Management – Overview
Supplier Selection, Evaluation, and Monitoring
Supplier Quality Agreements and Contracts
Cost of Poor Supplier Quality (COPQ)
Quality Management Systems
Cost Recovery and Supplier Audit
Closed Loop Corrective Actions
Suppliers Quality Metrics
Supply Chain Pressures
To view the webcast go to this link: http://youtu.be/FhW15o2pfCw
To learn more about the webcast please visit our website: http://theknowledgegroup.org
Anti-Corruption Compliance and Enforcement: Key Developments in 2016 & Beyond...Thomas LaPointe
The heightened domestic crusades against corruption imply a clear message: aggressive enforcement actions across borders is on the horizon. Increased parallel enforcement actions are also expected to take place engaging multiple jurisdictions against multinational entities. In this light, enforcement authorities are encouraging companies to closely monitor the effectiveness of their policies and procedures and ramp up their compliance strategies to mitigate future legal risks and challenges.
In a two-hour LIVE Webcast, a seasoned panel of thought leaders, professionals and practitioners brought together by The Knowledge Group will provide the audience with an in-depth discussion of the fundamentals as well as recent regulatory developments relating to Anti-Corruption Compliance and Enforcement. Speakers will also present their expert thoughts and opinions on how to establish and maintain an effective and efficient anti-corruption enforcement program.
Key topics include:
Anti-Corruption Enforcement - An Overview
Foreign Corrupt Practices Act
Compliance Requirements
Recent Trends in Anti-Corruption Enforcement
Key Risk Areas
Impacts and Implications of Anti-Corruption Enforcement
The New Anti-Corruption Squad
Up-to-the-minute Regulatory Developments
To view the webcast go to this link: https://youtu.be/GY58FsUIy7A
To learn more about the webcast please visit our website: http://theknowledgegroup.org
Cyber Security and Data Privacy: Views on Article III Standing LIVE WebcastThomas LaPointe
As cyber security and data privacy concerns continue to evolve, security experts must keep themselves up to date to combat increasingly sophisticated threats to protect their firms and clients. In a two-hour LIVE webcast, a panel of distinguished professionals will address significant issues that will shape up cyber security and data privacy in 2014 along with practical guidance. Our speakers will address the following key issues:
Article III Standing
Latest theories of liability arising out of data breaches and claims of invasion of privacy
Issues surrounding cyber security and data privacy
Best practices to counteract cyber security and data privacy threats
Latest regulatory updates
To view the webcast go to this link: http://youtu.be/Kkyieu9njdw
To learn more about the webcast please visit our website: http://theknowledgegroup.org
FinCEN’s Anti-Money Laundering Developments: A 2015 Update LIVE WebcastThomas LaPointe
In August 2014, the Financial Crimes Enforcement Network (FinCEN) of the U.S. Treasury published a proposed Anti-money Laundering (AML) rule that would require financial institutions, subject to Customer Identification Procedures (CIP), to identify beneficial owners of legal entity customers and subject them to customer due diligence. This includes banks, securities brokers and dealers, mutual funds, futures commission merchants, and others. This CLE course offers participants an overview of the latest trends and best practices with respect to FinCEN’s new rule on Anti-Money Laundering and other developments in BSA/AML enforcement. A panel of thought leaders and practitioners assembled by The Knowledge Group will help firms better understand how to advise clients about application of the new rules in their businesses.
The Knowledge Group has assembled a panel of key thought leaders to provide the audience with an in-depth over-view, analysis, and discussion of FinCEN’s new rule on Anti-Money Laundering and developments in BSA/AML enforcement.
Key issues include that will be covered in this course are:
Anti-money Laundering
Proposed Rules for Financial Transparency
FinCEN Advisories on AML Compliance
Trade-based Money Laundering
Identifying Customers
Identifying Beneficial Owners
Reporting Initiative on Cross-Border Cash Couriers
Recent Enforcement Actions
Compliance and Litigation Risks
To view the webcast go to this link: http://youtu.be/7MNt-5su2LU
To learn more about the webcast please visit our website: http://theknowledgegroup.org
The U.S.-China Business Relationship – The Most Important Issues: A Complex B...Thomas LaPointe
The relationship between the U.S. and China is the most important in the world. Whether the two nations can co-exist may be a significant political and economic challenge.
Under President Xi Jinping, China’s policy is changing quickly, with greater consolidation of power and more strategic economic and market reforms. There is interest in taking some limited measures to control state enterprises, but not to reduce the power of the Communist party.
China faces formidable challenges from environmental degradation, internal dissent, and changing demography due to the ‘one-child per family’ policy. Tension between China and the U.S. increases regarding numerous issues such as the instability of North Korea, maritime security in the South China Sea, human rights, data and information theft, cyber-attacks, and trade disagreements.
Many specific, contentious issues exist. Among these, the Chinese government has invested in many Western firms, such as Dalian Wanda’s acquisition of AMC, and it is unclear whether the U.S. Committee on Foreign Investment might obfuscate further investment. The Chinese government has been trying to control corruption, and securities violations thereby affecting domestic and foreign companies. Antimonopoly review of transnational mergers by China’s Ministry of Commerce has become a significant consideration in global M&A transactions, and many foreign companies operating in China have faced antimonopoly investigations and private litigation over their pricing and licensing practices, raising concerns that the Antimonopoly Law is being used for industrial policy reasons, rather than to promote competitive markets in China. Although China has some intellectual property (IP) protection policies for foreign multi-nations, it has a long-standing reputation as a haven for violators of IP law and deep concerns remain as stated recently by the Assistant US Trade Representative for Intellectual Property and Innovation in a report on behalf of the US-China Business Council . Many Chinese students who studied in the United States now are senior government or business officials in China. US law previously did not affect China too substantially. However, many Chinese companies now are affected by far-reaching U.S. laws, regulations, investigations, or litigation. Perception of political and economic bias in the US review of mergers or in application of U.S. laws such as FCPA have resulted in reciprocal, retaliatory actions by China.
To view the webcast go to this link: http://youtu.be/o9f-3a4RJok
To learn more about the webcast please visit our website: http://theknowledgegroup.org
Cyber Liability Insurance: An Essential and Urgently Needed Business InvestmentThomas LaPointe
Cyber Liability Insurance is a relatively new product that is developing rapidly due to increasing frequency and sophistication of cyber-attacks. Stricter regulation and enforcement of cyber crime are making purchase of Cyber Liability & Data Risk Insurance a necessity for many companies.
Experian Inc. reports that almost 70% of business owners have yet to purchase some sort of insurance against cyber attack even though many business owners know cyber attack is a serious business risk. Many companies face significant costs from litigation following cyber attacks and even face the prospect of bankruptcy. In fact, The Gartner Group reports that 40% of all businesses experiencing data breaches are out of business within 6 months and 51% end business within two years following such cyber attacks.
In this webinar, experts in the fields of cyber crime, cyber crime regulation and enforcement, insurance, cyber law, and network systems security will explain the risks, the types of insurance, and why it is increasingly essential to purchase such insurance. Special topics for discussion include:
Cyber Security Insurance Laws and Regulations
Cyber Liability Market and Claims Trends
Assessing Cyber Liability and Risks: Breach Litigation Issues
Cyber Insurance Types and Coverage Needs
Cyber Insurance Policies De-mystified
Subrogation: Vendor and Business Partner Liability Claims
Benefits of International Vulnerability Purchase Program
To view the webcast go to this link: http://youtu.be/vna6GEhDlF0
To learn more about the webcast please visit our website: http://theknowledgegroup.org
Securing Trade Secrets and Intellectual Property Against CyberattackThomas LaPointe
The rise in cyber threats is putting companies at risk of losing trade secrets and other intellectual property assets that are integral to competitive edge, revenues and reputation. Many companies, however, are unsure about how to shore up their IP and trade secret protection programs to thwart potential risks and losses.
In this two-hour LIVE Webcast, a panel of distinguished professionals and thought leaders organized by The Knowledge Group will help the audience understand the important aspects of Securing Trade Secrets and Intellectual Property Against Cyberattack. They will provide an in-depth discussion of the critical issues and best practices with respect to this noteworthy topic. Speakers will also share helpful tips in developing and implementing data security programs while ensuring compliance with applicable laws.
Some of the major topics that will be covered in this course are:
IP and Trade Secrets Protection
Key Challenges and Vulnerabilities
Data Security Policies
Risk Identification and Mitigation
Best Regulatory Remedies
To view the webcast go to this link: https://youtu.be/neZTheov8LU
To learn more about the webcast please visit our website: http://theknowledgegroup.org
Want to build a powerful movement online? You need two key ingredients - people and tools to connect and engage with them. From "texting" to location based apps like FourSquare this panel will give you the nuts and bolts of the latest apps and tools organizations can use to effectively moblize and energize people online.
Panelists: Amy Sample Ward, NetSquared, Shana Glickfield, The Beekeeper Group, and Jessica Bosanko, M+R Strategic Services
Emerging Issues: FDA Food Safety Foreign Suppliers & US Importers Rules Impac...Thomas LaPointe
On July 26, 2013, the Food and Drug Administration (FDA) issued two proposed rules in accordance with Sections 301 and 307 of the FDA Food Safety Modernization Act (FSMA): (1) governing foreign supplier verification and (2) governing third-party audits and certification.
The proposed rules represent a significant change in FDA’s approach and attempt to enhance FDA oversight of all imported human and animal food. Moreover, these rules require most importers to develop and implement a Foreign Supplier Verification Program (FSVP) for all food that they import. Lastly, imports that fail to comply with a FSVP may be subject to refusal of admission.
When finalized, the proposed rules will present a significant set of new compliance obligations for all food and beverage importers. Food companies and importers should have a complete understanding of FDA’s current thinking as reflected in this proposed rule to assess its potential impact on their businesses.
The Knowledge Group has assembled a panel of key thought leaders and practitioners to help you understand the complex issues related to the proposed rule and its impact on your firm and the broader market. The speakers will present their expert opinions in a two-hour LIVE Webcast.
To view the webcast go to this link: http://youtu.be/jrxi67UjiHw
To learn more about the webcast please visit our website: http://theknowledgegroup.org/
Corporate Bankruptcy: Significant Issues for 2014 and Beyond LIVE WebcastThomas LaPointe
In a volatile and unpredictable economic environment, companies and industry watchers must be in the know with respect to the latest trends and issues in corporate bankruptcy. The Knowledge Group is assembling a panel of practitioners and thought leaders to offer insights and key takeaways. In a two-hour live webcast, speakers will address:
- Bankruptcy System: An Overview
- Recent Bankruptcy Cases and Lessons Learned
- Bankruptcy and Restructuring Litigation
- The Timeline For Bankruptcy Filings and Steps Involved
- Alternatives to Bankruptcy
- Secured claims and claim priorities
- Bankruptcy and Unexpired Leases, Executory, and Other Contracts
- Preference and Fraudulent Transfer Avoiding Powers and How Prosecute and Defend Them
- The Chapter 11 Plan: Drafting, Solicitation and Confirmation
- Procedural Requirements For Debtors, Creditors and Their Attorneys In Bankruptcy
- Bankruptcy Professionals and The Requirements For Their Employment and Compensation
- The Company After Bankruptcy
- Up-to-the-Minute Regulatory Updates
- Private equity and insolvent portfolio companies
- Healthcare in bankruptcy
This course is a must attend for attorneys who want to learn or re-learn how to counsel their clients on corporate bankruptcy issues in the most effective manner.
To view the webcast go to this link : http://youtu.be/9pLjh3OxABE
To learn more about the webcast please visit our website: http://theknowledgegroup.org/
Final Wellness Regulations: What You Need to Know LIVE WebcastThomas LaPointe
Recently, the Department of Health and Human Services (DHHS) issued final wellness regulations governing health- out-come-based wellness programs increasing rewards to up to 50 percent for healthy activity such as smoking cessation. The new regulations were published on June 3, 2013 and become effective on January 1, 2014 (or upon renewal after January 1, 2014). As compliance date draws near, companies should have a complete and thorough understanding of the final rules to avoid potentially steep penalties.
The Knowledge Group has assembled a panel of key thought leaders and practitioners to provide the audience with an in-depth analysis of the Final Wellness Regulations. In a two-hour live webcast, speakers will discuss:
- Recent Developments and Key Changes on Final Wellness Regulations
- Enforcement of and Compliance with the Final Rules
- Impact of the Final Rules
- Penalties and Exemptions
- Best Practices in Compliance
- Up to the Minute Regulatory Changes
To view the webcasts go to this link: http://youtu.be/Kn7zwS-jdbU
To learn more about the webcast visit our website: http://theknowledgegroup.org/
Fraud-on-the-Market Theory: Significant Issues and Updates for 2014 and Beyon...Thomas LaPointe
In a two hour live webcast, a panel of thought leaders and practitioners assembled by The Knowledge Group will discuss the significant and latest issues related to the Fraud-on-the-Market (FOTM) Theory.
Key issues include that will be covered in this course are
Fraud-on-the-Market Theory: an overview
Relevant cases and court decisions
Latest regulatory updates
Guidance on how to use FOTM effectively
To view the webcast go to this link: http://youtu.be/skVMxldWQB8
To learn more about the webcast please visit our website: http://theknowledgegroup.org
FINRA Supervision Rules: What You Need to Know in 2015 LIVE WebcastThomas LaPointe
In this two-hour LIVE webcast, a panel of distinguished professionals and thought leaders will help broker/dealers and financial advisors implement the new FINRA rules. They will discuss important new provisions of the new FINRA consolidated supervision rules and discuss best practices.
Key topics include:
• Supervision (New FINRA Rule 3110)
• Supervisory Control System (New FINRA Rule 3120 )
• Holding Customer Mail (New FINRA Rule 3150 )
• Tape Recording of Registered Persons by Certain Firms (New FINRA Rule 3170 )
And a lot more!
To view the webcast go to this link: http://youtu.be/IPmdXnS0WIE
To learn more about the webcast please visit our website: http://theknowledgegroup.org
U.S. Trade Controls: What You Need to Know in 2014 LIVE WebcastThomas LaPointe
In a two hour live webcast, a panel of thought leaders and practitioners assembled by the Knowledge Group will discuss the latest issues regarding U.S. trade controls. Speakers will help firms better understand recent legal developments that impact their ability to conduct business overseas and develop sound strategies for trade controls compliance.
To view the webcast go to this link: http://youtu.be/FTeH0Zp6JHA
To learn more about the webcast please visit our website: http://theknowledgegroup.org/
Similar to Cyber Threat Intelligence: Knowing What Specific Threats Your Business Should Address (20)
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskSurfWatch Labs
Data breaches and cyber-attacks are often tied to vendors, partners, or other external organizations. Threat intelligence can help to shed a light on an organization's third-party risks and help to provide guidance on how to mitigate that risk.
Know Your Adversary: Analyzing the Human Element in Evolving Cyber ThreatsSurfWatch Labs
Understanding the types of malicious actors that are attempting to compromise your organization, what motivates them, and what their goals are is a crucial step when it comes to taking action against cyber risks.
Using Threat Intelligence to Address Your Growing Digital RiskSurfWatch Labs
Cyber threat intelligence can be used to help organizations to better manage their growing digital risk footprints and drive more effective risk decisions.
How to Mitigate Risk From Your Expanding Digital PresenceSurfWatch Labs
The digital presence of organizations continues to expand, and with that expansion comes greater exposure to digital risks. Visibility into those risks is critical in order to effectively manage that risk.
IoT Devices Expanding Your Digital FootprintSurfWatch Labs
Network-enabled or "smart" IOT devices are commonplace these days, with commercial and residential buildings having smart light bulbs, smart locks, DVRs, security cameras and more. The potential of having multiple devices per building potentially translates into the largest digital footprint that is NOT under proper security management.
How to Access and Make Use of “Trapped” Cyber Data to Reduce Your RiskSurfWatch Labs
Today’s business world is online and as such is inherently chock full of cyber risks. Cybercriminals continue to take advantage of system vulnerabilities and social engineering to target personally identifiable information, credit card numbers, trade secrets and more. Although there are hundreds of security solutions, products and consultants that claim to solve and address data breaches, the traditional, tactical approach to security is not working. Evaluated cyber intelligence is trapped in your systems, applications and employees – and making that intelligence easily available and quickly understood can help your organization significantly reduce the cyber risks it faces and improve its business resilience.
This presentation examines how to reduce your cyber risks by unlocking the door to evaluated intelligence. Learn:
• Why the traditional threat intelligence approach is not addressing the problem
• Why it’s not just about adding on more security layers, but shifting your cybersecurity approach
• How to mine both your tactical and strategic cyber data for improved operational intelligence
• How to derive immediate visual insights of relevant trending cyber problems through security analytics
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursSurfWatch Labs
With the board room increasingly being held accountable for data breaches, it's crucial that they know and understand the cyber risks facing their organization.Connect board room to server room
How to Raise Cyber Risk Awareness and Management to the C-SuiteSurfWatch Labs
Who's responsible for cybersecurity at your organization? The accountability for cybersecurity has shifted to the C-Suite, and it's needs to become part of the overall business strategy.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Cyber Threat Intelligence: Knowing What Specific Threats Your Business Should Address
1. Speaker Firms and Organization:
VT iDirect, Inc.
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
Thank you for logging into today’s event. Please note we are in standby mode. All Microphones will be muted until the event
starts. We will be back with speaker instructions @ 9:55am. Any Questions? Please email: info@theknowledegroup.org
Group Registration Policy
Please note ALL participants must be registered or they will not be able to access the event.
If you have more than one person from your company attending, you must fill out the group registration form.
We reserve the right to disconnect any unauthorized users from this event and to deny violators admission to future events.
To obtain a group registration please send a note to info@theknowledgegroup.org or call 646.202.9344.
Presented By:
March 15, 2016
1
Partner Firms:
Federal Trade Commission
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
SurfWatch Labs
Tim Layton
Chief Intelligence Officer
Federal Trade Commission
2. March 15, 2016
2
Please note the FAQ.HELP TAB located to the right of the main presentation. On this page you will find answers to the top questions asked by
attendees during webcast such as how to fix audio issues, where to download the slides and what to do if you miss a secret word. To access this
tab, click the FAQ.HELP Tab to the right of the main presentation when you’re done click the tab of the main presentation to get back.
For those viewing the webcast on a mobile device, please note:
o These instructions are for Apple and Android devices only. If you are using a Windows tablet, please follow the instructions for viewing
the webcast on a PC.
o The FAQ.HELP TAB will not be visible on mobile devices.
o You will receive the frequently asked questions & other pertinent info through the apps chat window function on your device.
o On Apple devices you must tap the screen anywhere to see the task bar which will show up as a blue bar across the top of the screen.
Click the chat icon then click the chat with all to access the FAQ’s.
o Feel free to submit questions by using the “questions” function built-in to the app on your device.
o You may use your device’s “pinch to zoom function” to enlarge the slide images on your screen.
o Headphones are highly recommended. In the event of audio difficulties, a dial-in number is available and will be provided via the app’s
chat function on your device.
3. March 15, 2016
3
Follow us on Twitter, that’s @Know_Group to receive updates for this event as well as other news and pertinent info.
If you experience any technical difficulties during today’s WebEx session, please contact our Technical Support @ 866-779-3239. We will post the
dial information in the chat window to the right shortly and it’s available in the FAQ.Help Tab on the right.
You may ask a question at anytime throughout the presentation today via the chat window on the lower right hand side of your screen. Questions
will be aggregated and addressed during the Q&A segment.
Please note, this call is being recorded for playback purposes.
If anyone was unable to log in to the online webcast and needs to download a copy of the PowerPoint presentation for today’s event, please send
an email to: info@theknowledgegroup.org. If you’re already logged in to the online Webcast, we will post a link to download the files shortly and it’s
available in the FAQ.Help Tab
4. March 15, 2016
4
If you are listening on a laptop, you may need to use headphones as some laptops speakers are not sufficiently amplified enough to hear the
presentations. If you do not have headphones and cannot hear the webcast send an email to info@theknowledgegroup.org and we will send you
the dial in phone number.
About an hour or so after the event, you'll be sent a survey via email asking you for your feedback on your experience with this event today - it's
designed to take less than two minutes to complete, and it helps us to understand how to wisely invest your time in future events. Your feedback is
greatly appreciated. If you are applying for continuing education credit, completions of the surveys are mandatory as per your state boards and
bars. 6 secret words (3 for each credit hour) will be given throughout the presentation. We will ask you to fill these words into the survey as proof
of your attendance. Please stay tuned for the secret word. If you miss a secret word please refer to the FAQ.Help tab to the right.
Speakers, I will be giving out the secret words at randomly selected times. I may have to break into your presentation briefly to read the secret
word. Pardon the interruption.
5. March 15, 2016
5
Welcome to the Knowledge Group Unlimited Subscription Programs. We have Two Options Available for You:
FREE UNLIMITED: This program is free of charge with no further costs or obligations. It includes:
Unlimited access to over 15,000 pages of course material from all Knowledge Group Webcasts.
Subscribers to this program can download any slides, white papers, or supplemental material covered during all live webcasts.
50% discount for purchase of all Live webcasts and downloaded recordings.
PAID UNLIMITED: Our most comprehensive and cost-effective plan, for a one-time fee:
Access to all LIVE Webcasts (Normally $199 to $349 for each event without a subscription). Including: Bring-a-Friend – Invite a
client or associate outside your firm to attend for FREE. Sign up for as many webcasts as you wish.
Access to all of Recorded/Archived Events & Course Material includes 1,500+ hours of audio material (Normally $299 for each
event without a subscription).
Free Certificate of Attendance Processing (Normally $49 Per Course without a subscription).
Access to over 15,000 pages of course material from Knowledge Group Webcasts.
Ability to invite a guest of your choice to attend any live webcast Free of charge (Exclusive benefit only available for PAID
UNLIMITED subscribers).
6 Month Subscription is $499 with No Additional Fees Other options are available.
Special Offer: Sign up today and add 2 of your colleagues to your plan for free Check the “Triple Play” box on the sign-up
sheet contained in the link below.
https://gkc.memberclicks.net/index.php?option=com_mc&view=mc&mcid=form_157964
6. March 15, 2016
6
Knowledge Group UNLIMITED PAID Subscription Programs Pricing:
Individual Subscription Fees: (2 Options)
Semi-Annual: $499 one-time fee for a 6 month subscription with unlimited access to all webcasts, recordings, and materials.
Annual: $799 one-time fee for a 12 month unlimited subscription with unlimited access to all webcasts, recordings, and materials.
Group plans are available. See the registration form for details.
Best ways to sign up:
1. Fill out the sign up form attached to the post conference survey email.
2. Sign up online by clicking the link contained in the post conference survey email.
3. Click the link below or the one we just posted in the chat window to the right.
https://gkc.memberclicks.net/index.php?option=com_mc&view=mc&mcid=form_157964
Questions: Send an email to: info@theknowledgegroup.org with “Unlimited” in the subject.
7. Partner Firms:
March 15, 2016
7
SurfWatch Labs helps organizations and service providers quickly establish
a strategic cyber threat intelligence operation that drives more effective use
of their tactical defenses.
Founded in 2013 by former US Government intelligence analysts, SurfWatch
Labs solutions provide a 360-degree view of cyber threats in the context of
your business, along with practical and personalized support to create
immediate insights and meaningful action. Combining useful analytics,
applications and human expertise, SurfWatch solutions can be your off-the-
shelf, cyber threat intelligence team or delivered as a comprehensive
product suite that easily integrates with your existing cybersecurity
operations.
Federal Trade Commission
The Federal Trade Commission is an independent law enforcement agency
working to prevent fraudulent, deceptive and unfair practices in the
marketplace. In addition to law enforcement, the agency fulfills its mission
through policy work and advocacy statements to other law enforcement
bodies. The policy work includes public workshops, Congressional
testimony, consumer education, and business guidance. Privacy and data
security are consumer protection priorities. The FTC has an almost 20-year
law enforcement history of bringing cases alleging deceptive and unfair
practices related to data security.
8. Partner Firm:
March 15, 2016
8
VT iDirect is a global leader in IP-based satellite communications, providing technology that enables our service provider and
satellite operator partners to optimize their networks, differentiate their services and profitably expand their business. For
more than 20 years, the VT iDirect organization has applied remarkable ingenuity to meet both the economic and technology
challenges across the satellite industry. And today, our partners utilize iDirect technology to extend private networks to
remote offices; provide mobile connectivity across land, sea and air; deliver high-speed broadband access in emerging
nations; expand cellular networks to remote and rural areas; and support government and military communications.
The vast majority of people will have used or accessed iDirect’s satellite-based IP communications technology without even
realizing it. For instance:
Last time you took a transcontinental flight you most likely experienced iDirect as an increasing number of commercial airlines
now offer passengers Wi-Fi connectivity on flights using iDirect technology; this is just one area in which iDirect’s solutions
are utilized on a global scale.
Been on a cruise recently and wondered how the ship had Internet connectivity even in the middle of the ocean? Over 50% of
all maritime vessels are using iDirect’s solutions across a range of applications; from allowing operators real-time access to
equipment telematics, to providing high-quality Internet connectivity to passengers and crew wherever they are in the world.
Satellite technology is one of the most rapidly developing sectors in the world today. With over 4 billion people expected to be
connected by 2020 people and businesses are demanding connectivity and data whenever and wherever they are, very often
beyond the confines of physical connections. The ”Internet of Things” is rapidly becoming more commonplace, and the
majority of devices simply cannot be connected to a physical data connection. With these new demand Satellite is emerging
as a critical part of the global IP network delivering reliable, high quality connectivity across the globe.
9. Brief Speaker Bios:
Tim Layton
Tim Layton is a cybersecurity professional with over 25 years of experience, having worked as a trusted advisor to some of world's
leading public and private organizations. Mr. Layton is widely regarded for his strategic and innovative approach to developing
enterprise cybersecurity and risk management strategies, programs, and processes to combat the ever-changing cyber threat
landscape and associated risks facing organizations.
March 15, 2016
9
Andy Tomaszewski
Andy Tomaszewski is the CIO/ CISO at iDirect, where he is responsible for developing and managing iDirect’s strategic IT and
computing plans, business applications, end user support, and security services.
Previously, Mr. Tomaszewski held the position of vice president, Envisioning Services at CoreBTS, a technology solutions company.
An industry-recognized expert in Security and Risk Assessment, he began his career in programming and architecture working at
firms including Integrated Information Systems and Novell.
► For more information about the speakers, you can visit: https://theknowledgegroup.org/event-homepage/?event_id=1709
Shameka L. Walker
Shameka Walker is an attorney at the Federal Trade Commission in the Bureau of Consumer Protection, Division of Privacy and
Identity Protection. Since joining the FTC in 2010, Ms. Walker has been involved in investigating and litigating consumer protection
cases involving data security, privacy, identity protection, work-at-home scams and telemarketing fraud. Prior to joining the FTC, Ms.
Walker was a litigation associate at Fulbright & Jaworski, L.L.P., in Washington, D.C. She began her career serving as a law clerk to
the Honorable Eric T. Washington of the District of Columbia Court of Appeals. Ms. Walker received her J.D. from Cornell University
and B.A. from the University of Miami.
10. Commercial and government organizations face an increasing amount of cyber threats targeting sensitive
information. Even as organizations have added more security layers and staff, data breaches are still occuring at
a tremendous rate because cybercriminals, hacktivists and nation states shift their tactics to evade traditional
cybersecurity defenses. Without an intelligence-driven approach to cybersecurity, vast sums of money can be
spent in a futile attempt to protect assets, data, and information.
By using Cyber Threat Intelligence (CTI), organizations can understand what specific threats they face and use
these insights to drive the most effective defense. CTI provides critical insights into an organization’s greatest
areas of risk and includes the identification of relevant potential threats, adversarial tactics, techniques and
procedures; monitoring, collecting, and sharing of information and data relevant to the threats faced by a
corporation; and collaborating with government, security, and other relevant organizations.
Most corporations and organizations do not know how or have the resources available to produce and consume
proper 'intelligence' to effectively and efficiently identify, prioritize and mitigate critical risks. In this two-hour LIVE
Webcast, a panel of distinguished professionals and thought leaders assembled by The Knowledge Group will
provide the audience with an in-depth overview of Cyber Threat Intelligence and will help them understand how it
works, why it is beneficial, and explain how to use it to mitigate cyber risks.
March 15, 2016
10
11. Key issues that will be covered in this course are:
• Why the Traditional Cyber Security Approach is No Longer Adequate
• Cyber Threat Intelligence – An Overview
• Understanding the Difference Between Strategic, Operational and Tactical CTI
• The Risk Impact of Dark Web Markets and the Intel That Can be Gathered
• How to Measure Cyber Risks Like Other Critical Business Risks
• Gaining Visibility of Cyber Risks in the Supply Chain
• Information Sharing and Cooperation – Leveraging ISACs and How to Create Your Own ISAC
• Best Practices for Integrating Cyber Threat Intelligence with Security Operations
• Regulatory Issues and Litigation Risks
March 15, 2016
11
12. Featured Speakers:
March 15, 2016
12
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
13. Introduction
Tim Layton is a cybersecurity professional with over 25 years of experience, having worked as a trusted advisor to some of
world's leading public and private organizations. Mr. Layton is widely regarded for his strategic and innovative approach to
developing enterprise cybersecurity and risk management strategies, programs, and processes to combat the ever-
changing cyber threat landscape and associated risks facing organizations.
Before joining SurfWatch Labs as the Chief Intelligence Officer, Mr. Layton held senior leadership roles with Cisco, EMC,
and Wells Fargo. At Cisco, he was a Principal for Cisco’s Global Enterprise Cybersecurity Theatre. Mr. Layton was a
Principal for EMC’s Security & Risk Management practice and before that served as Vice President for Wells Fargo where
he specialized in enterprise cyber risk across all business units and third-party risk management.
Mr. Layton received an MBA and BA from Lindenwood University in St. Louis, and has earned a wide variety of security-
related certifications over the years to include CISSP, SANS GSEC, GCIH, GCFW, GREM, ECNE, CCNA, SCO ACE,
MCSE.
March 15, 2016
13
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
14. Cyber Threat Intelligence Overview
• Cyber Threat Intelligence (CTI) is about reducing
uncertainty
• CTI is an emerging business tool that has many
definitions and uses
• Intelligence infers a proactive approach vs. the
traditional reactionary defense approach
• CTI provides insights into the motivations, tactics,
intent, and capabilities of threat sources
March 15, 2016
14
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
15. Types of Threat Intelligence
March 15, 2016
15
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
• Strategic intelligence aids the business in
making informed decisions
• Operational intelligence helps stakeholders
make proactive adjustments to defenses
• Tactical intelligence is a reactionary approach
based on technical indicators
16. Dark Web Black Markets
• Black Markets on the Dark Web are an
emerging opportunity for business leaders
• We know exactly what is valued and being
targeted by threat actors
• Basic analytics can be used to gain
proactive insights
• Data and information in the markets can
validate or inform of a breach incident
• Used in business via M&A, Legal, and other
areas
March 15, 2016
16
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
17. Measuring Cyber Risks
March 15, 2016
17
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
• Cyber risks now have the attention of the Board
of Directors and senior executives
• There are many other, more mature risk
disciplines to model from
• Cyber insurance is a volatile and emerging risk
mitigation strategy
• Critical to understand the potential impact to
operations, brand, and long-term resilience
18. Digital Supply Chain
• In the new global economy, organizations are
relying more on partners and suppliers
• The history of data breaches and third party
suppliers is clear
• Partners/Suppliers are often the “weakest link”
• Needing 360 visibility of operations is a reality
March 15, 2016
18
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
19. Integrating CTI with Operations
March 15, 2016
19
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
• CTI connects the dots and provides a platform
for operations
• CTI must be a cross-functional team effort
• In our hyper-connected digital economy, cyber
threats are outpacing our ability to “protect and
defend” – a new model is required
• CTI only has value if it can be operationalized
in a timely manner
20. Panel Discussion:
March 15, 2016
20
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
21. Introduction
Shameka Walker is an attorney at the Federal Trade Commission in the Bureau of Consumer Protection, Division of Privacy
and Identity Protection. Since joining the FTC in 2010, Ms. Walker has been involved in investigating and litigating
consumer protection cases involving data security, privacy, identity protection, work-at-home scams and telemarketing
fraud. Prior to joining the FTC, Ms. Walker was a litigation associate at Fulbright & Jaworski, L.L.P., in Washington,
D.C. She began her career serving as a law clerk to the Honorable Eric T. Washington of the District of Columbia Court of
Appeals. Ms. Walker received her J.D. from Cornell University and B.A. from the University of Miami.
March 15, 2016
21
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
22. DISCLAIMER
The views expressed are those of the speaker and not necessarily those of the FTC.
March 15, 2016
22
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
23. Laws to Keep in Mind
Section 5 of the FTC Act - broadly prohibits “unfair or deceptive acts or practices in or affecting
commerce;
COPPA – protects kids’ data;
GLB – protects financial data; and
FCRA – protects data used for certain purposes (e.g., credit, hiring).
March 15, 2016
23
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
24. Some Common Privacy Failures
Rolling out a new service or feature that increases sharing without adequate notice and consent
Misrepresenting with whom data is being shared
Misrepresentations about tracking and opting out of tracking
Presenting false choices
March 15, 2016
24
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
25. Information Security -- Four Points that Guide the FTC’s Enforcement
Information security is an ongoing process.
A company’s security procedures must be reasonable and appropriate in light of the circumstances.
A breach does not necessarily show that a company failed to have reasonable security measures –
there is no such thing as perfect security.
Practices may be unreasonable and subject to FTC enforcement even without a known security
breach.
March 15, 2016
25
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
26. Protecting Personal Information: A Guide for Business
5 key principles:
1. Take stock. Know what personal information you have in your files and on your computers.
2. Scale down. Keep only what you need for your business.
3. Lock it. Protect the information that you keep.
4. Pitch it. Properly dispose of what you no longer need.
5. Plan ahead. Create a plan to respond to security incidents.
March 15, 2016
26
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
27. Protecting Personal Information – Tips on General Network Security (1 of 3)
Identify computers or servers where sensitive personal information is stored.
Identify all connections to these computers (e.g., Internet, electronic cash registers, computers at your
branch offices, computers used by service providers to support your network, digital copiers, and
wireless devices like smartphones, tablets, or inventory scanners).
Assess the vulnerability of each connection to commonly known or reasonably foreseeable attacks.
March 15, 2016
27
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
28. Protecting Personal Information – Tips on General Network Security (2 of 3)
Don’t store sensitive consumer data on a computer with an Internet connection unless it’s essential for
your business.
Encrypt sensitive data that you send to third parties over public networks (like the Internet), and
consider encrypting sensitive data stored on your network or on portable storage devices. Consider
encrypting emails within your business that contain personally identifying information.
Regularly run up-to-date anti-virus and anti-spyware programs on your network.
March 15, 2016
28
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
29. Protecting Personal Information – Tips on General Network Security (3 of 3)
Check expert websites (e.g., www.sans.org) and software vendor websites regularly, and implement
policies for installing vendor-approved patches.
Consider restricting employees’ ability to download unauthorized software.
Scan computers on your network to identify and profile the operating system and open network
services. Disable services that you don’t need.
When you receive or transmit credit card or other sensitive financial data, use Secure Sockets Layer
(SSL) or another secure connection to protect it in transit.
March 15, 2016
29
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
30. Prioritizing Computer System Risks
Check expert consensus lists that identify and offer defenses for the commonly exploited
vulnerabilities that pose the greatest risk of harm to your information systems.
– The 20 Most Critical Internet Security Vulnerabilities (www.sans.org/top20) Describes
vulnerabilities in Windows and UNIX. Has links to scanning tools and services at
www.sans.org/top20/tools.pdf.
– The 10 Most Critical Web Application Security Vulnerabilities (www.owasp.org) Describes
common vulnerabilities for web apps and databases and the most effective ways to address
them. These vulnerabilities are as important as network issues.
For more FTC tips, see Security Check: Reducing Risks to Your Computer Systems,
http://business.ftc.gov/documents/bus58-security-check-reducing-risks-your-computer-systems.
March 15, 2016
30
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
31. Contractors and Service Providers
Before you outsource a business function (payroll, web hosting, data processing, etc.) investigate the
company’s data security practices and compare their standards to yours. If possible, visit their
facilities.
Address security issues for the type of data your service providers handle in your contract with them.
Insist that your service providers notify you of any security incidents they experience, even if the
incidents may not have led to an actual compromise of your data.
March 15, 2016
31
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
32. Incident Response Plans
Have a plan to respond to security incidents. Designate a senior staff member to coordinate and
implement the plan.
If a computer is compromised, disconnect it immediately from your network.
Investigate security incidents immediately and take steps to close off existing vulnerabilities or threats
to personal information.
Consider whom to notify in the event of an incident, both inside and outside your organization. You
may need to notify consumers, law enforcement, customers, credit bureaus, and other businesses
that may be affected by the breach. In addition, many states and the federal bank regulatory agencies
have laws or guidelines addressing data breaches. Consult your attorney.
March 15, 2016
32
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
33. March 15, 2016
33
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
34. March 15, 2016
34
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
Lessons Learned From FTC Cases
Don’t collect what you don’t need and don’t use unnecessary PII
Control access to data sensibly
Require secure passwords and authentication
Store sensitive PII and securely and protect it during transmission
Segment your network and monitor activity
Secure remote access to your network
Apply sound security practices when developing new products
Make sure your service providers implement reasonable security measures
Keep security current
Secure paper, physical media and devices
35. Some Common Remedies
Injunction against misrepresentations;
Comprehensive data security or privacy program appropriate to the company’s size, nature of
activities, and information collected;
Third party assessments of these programs;
Other specific requirements, e.g., disclosures, privacy choices, data deletion, or software updates;
and
Civil penalties for rule and order violations.
March 15, 2016
35
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
36. March 15, 2016
36
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
The FTC’s Business Center (www.business.ftc.gov)
has a Privacy and Data Security section with
more information.
Questions?
swalker@ftc.gov
37. Panel Discussion:
March 15, 2016
37
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
38. Introduction
Andy Tomaszewski is the CIO/ CISO at iDirect, where he is responsible for developing and managing iDirect’s strategic IT
and computing plans, business applications, end user support, and security services.
Previously, Mr. Tomaszewski held the position of vice president, Envisioning Services at CoreBTS, a technology solutions
company. An industry-recognized expert in Security and Risk Assessment, he began his career in programming and
architecture working at firms including Integrated Information Systems and Novell.
Mr. Tomaszewski holds a B.A. from the University of Wisconsin-Madison, earned his Management and Leadership
Certification from the MIT Sloan School of Management, and is certified in CISSP, TOGAF, and Project Management.
March 15, 2016
38
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
39. Disclaimer
The opinions expressed are solely those of the presenter and do not necessarily reflect the views
or opinions of VT iDirect.
March 15, 2016
39
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
40. iDirect Quick Facts
March 15, 2016
40
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
• Leader in IP-based satellite communications
• World’s largest TDMA enterprise VSAT manufacturer –
32% market share*
• 350+ global service provider and operators partners
Source: Comsys 13th edition VSAT Report
Aero
Maritime
Defense
Mobile
Backhaul
Oil & Gas
Government and
Commercial
clients in many
different
markets around
the globe
41. Protecting your People, Property and IP
3 Areas of Focus
• Organizational Structure
• Design pattern which reduces risk for customers, employees and shareholders
• Attribution
• While you can’t attack back, you can attribute.
• Taking Action
• If your company is getting attacked by nation state actors, here’s what you can do
March 15, 2016
41
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
42. Organizational Structure
March 15, 2016
42
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
• Accountability
• Assign leadership (CISO) responsible for corporate and product and/or services
• Communication
• Provide direct feedback by Security leadership
to Board
• Organizational Design
• Establish separate department to track expense as a % of revenue for YOY
benchmark
43. Attribution
March 15, 2016
43
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
• Attacking back – against the law
• Attributing – is legal and effective
• Publish exploits to security partners
• Publish exploits to partners
• Publish exploits to law enforcement
• Attribute every time – the attacker will need to expend resources to achieve their goal
• Use Threat Intelligence to be effective
44. Top 10 Threat Vectors
March 15, 2016
44
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
Sat Link
hijacking
26%
Turla spyware
16%
Watering hole
attack
10%
Proof of concept exploit
Network security
SMS trojan
7%
Device-level
Hardcoded
credentials
Vulnerability
Insecure
protocols
5%
45. To 10 Threat Actors
March 15, 2016
45
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
Epic Turla APT
People's
Liberation Army
(PLA)
Researchers
46. Threat Intelligence - Lowering your Risk
March 15, 2016
46
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
• Know what they know – Effectively change your attack surface
• Be proactive – Reduces the success rate of attack campaigns
• Play defense – Respond to attack campaigns with the most effective countermeasures
• If properly leveraged, demonstrates due diligence and due care
47. Take Action
March 15, 2016
47
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
Work Together
• Competition is getting the same attention
• Law enforcement can form an industry group
• Share intelligence
• Develop preventative & detective control sets
• If they can’t get to you, they will use vendors/partners
• Phishing attacks from trusted sources
Reduce Risk
• Train employees, over communicate when attacked
• Update vendor contracts
• Audit vendors
• Collaborate with partners and vendors
48. Panel Discussion:
March 15, 2016
48
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
49. March 15, 2016
49
Contact Info:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
E: tim.layton@surfwatchlabs.com
Andy Tomaszewski
Chief Information Officer (CIO) /
Chief Information Security Officer
(CISO)
VT iDirect, Inc.
E: Atomaszewski@idirect.net
Shameka L. Walker
Attorney, Division of Privacy and
Identity Protection
Federal Trade Commission
E: swalker@ftc.gov
T: (202) 326-2570
50. ► You may ask a question at anytime throughout the presentation today. Simply click on the question mark icon located on the floating tool bar on the bottom right side of your screen. Type
your question in the box that appears and click send.
► Questions will be answered in the order they are received.
Q&A:
March 15, 2016
50
SEGMENT 2:
Shameka L. Walker
Attorney, Division of Privacy and Identity
Protection
Federal Trade Commission
SEGMENT 3:
Andy Tomaszewski
Chief Information Officer (CIO) / Chief
Information Security Officer (CISO)
VT iDirect, Inc.
SEGMENT 1:
Tim Layton
Chief Intelligence Officer
SurfWatch Labs
51. March 15, 2016
51
Welcome to the Knowledge Group Unlimited Subscription Programs. We have Two Options Available for You:
FREE UNLIMITED: This program is free of charge with no further costs or obligations. It includes:
Unlimited access to over 15,000 pages of course material from all Knowledge Group Webcasts.
Subscribers to this program can download any slides, white papers, or supplemental material covered during all live webcasts.
50% discount for purchase of all Live webcasts and downloaded recordings.
PAID UNLIMITED: Our most comprehensive and cost-effective plan, for a one-time fee:
Access to all LIVE Webcasts (Normally $199 to $349 for each event without a subscription). Including: Bring-a-Friend – Invite a
client or associate outside your firm to attend for FREE. Sign up for as many webcasts as you wish.
Access to all of Recorded/Archived Events & Course Material includes 1,500+ hours of audio material (Normally $299 for each
event without a subscription).
Free Certificate of Attendance Processing (Normally $49 Per Course without a subscription).
Access to over 15,000 pages of course material from Knowledge Group Webcasts.
Ability to invite a guest of your choice to attend any live webcast Free of charge (Exclusive benefit only available for PAID
UNLIMITED subscribers).
6 Month Subscription is $499 with No Additional Fees Other options are available.
Special Offer: Sign up today and add 2 of your colleagues to your plan for free Check the “Triple Play” box on the sign-up
sheet contained in the link below.
https://gkc.memberclicks.net/index.php?option=com_mc&view=mc&mcid=form_157964
52. March 15, 2016
52
Knowledge Group UNLIMITED PAID Subscription Programs Pricing:
Individual Subscription Fees: (2 Options)
Semi-Annual: $499 one-time fee for a 6 month subscription with unlimited access to all webcasts, recordings, and materials.
Annual: $799 one-time fee for a 12 month unlimited subscription with unlimited access to all webcasts, recordings, and materials.
Group plans are available. See the registration form for details.
Best ways to sign up:
1. Fill out the sign up form attached to the post conference survey email.
2. Sign up online by clicking the link contained in the post conference survey email.
3. Click the link below or the one we just posted in the chat window to the right.
https://gkc.memberclicks.net/index.php?option=com_mc&view=mc&mcid=form_157964
Questions: Send an email to: info@theknowledgegroup.org with “Unlimited” in the subject.
53. March 15, 2016
53
ABOUT THE KNOWLEDGE GROUP
The Knowledge Group is an organization that produces live webcasts which examine regulatory
changes and their impacts across a variety of industries. “We bring together the world's leading
authorities and industry participants through informative two-hour webcasts to study the impact of
changing regulations.”
If you would like to be informed of other upcoming events, please click here.
Disclaimer:
The Knowledge Group is producing this event for information purposes only. We do not intend to
provide or offer business advice.
The contents of this event are based upon the opinions of our speakers. The Knowledge Group does
not warrant their accuracy and completeness. The statements made by them are based on their
independent opinions and does not necessarily reflect that of The Knowledge Group‘s views.
In no event shall The Knowledge Group be liable to any person or business entity for any special,
direct, indirect, punitive, incidental or consequential damages as a result of any information gathered
from this webcast.
Certain images and/or photos on this page are the copyrighted property of 123RF Limited, their
Contributors or Licensed Partners and are being used with permission under license. These images
and/or photos may not be copied or downloaded without permission from 123RF Limited
Editor's Notes
Section 5 of the FTC Act - Flexible law that can be applied to many different situations, entities, and technologies.
Deception a material representation, omission, or practice that is likely to mislead consumers acting reasonably under the circumstances/
Unfairness practices that cause or are likely to cause substantial injury to consumers that are not outweighed by the benefits to consumers or competition and are not reasonably avoidable by consumers.
Under Section 5, we bring both privacy and data security cases.
This slide shows some of the companies against which the FTC has brought cases, alleging law violations related to data security or other privacy issues. These are key areas for the agency’s law enforcement work…
Intro to iDirect for those that don’t know and intro yourself.
For over 20 years, VT iDirect has realized the value of satellite connectivity and its power to serve a broad range of industries and geographies.
Today, we are the industry’s leading satellite communications company providing technology and solutions that enable our partners deliver VSAT services. Whether that’s extending private networks to remote offices , providing mobile connectivity across land, sea and air; delivering broadband access in emerging nations, or expanding cellular networks to remote and rural areas.. Whatever the services are, delivers the highest quality connectivity wherever and whenever it’s needed. For our partners, that’s a compelling differentiator that allows them to optimize their networks, differentiate and profitably expanded their business .
Quick Facts
Founded in 1994
Owned by VT Systems, a subsidiary of ST Engineering
600+ employees
350+ global partners
3500+ iDirect hubs – 57% market share
#1 in maritime, military/government, oil and gas
iDirect Government Technologies (iGT) wholly owned subsidiary
Threats are different for all companies
Political
Geographical
Economic
Threats are different for all companies
Political
Geographical
Economic
Threats are different for all companies
Political
Geographical
Economic
Threats are different for all companies
Political
Geographical
Economic
Threats are different for all companies
Political
Geographical
Economic
Know your enemy, they know you
Understand what information is available to them about you
Be proactive in your security measures
Know your enemy, they know you
Understand what information is available to them about you
Be proactive in your security measures