The ever-escalating threats to your business posed by ransomware and all forms of malware cannot be ignored. Cyber-criminals are employing every technology and tactic available to defeat your security systems and then go completely unnoticed as they systematically penetrate and catalog your systems and data to methodically prepare for a coordinated, carefully orchestrated, multipronged attack. The IBM i can be a rich target of valuable data for these bad actors.
Malware attacks are active, not static. Traditional automated scanning, alerting and remediation practices are no longer enough. Instead, the focus needs to be upon securing critical assets and data stores using a multi-layered defensive approach. In practical terms, this means employing every possible security tool and tactic available, in a coordinated, programmatic way.
Join us for this on-demand webinar to better understand:
o The risks of relying on an “identify and remediate” approach to malware
o A different approach to more effectively prevent malware
o How a multi-layered security strategy can protect IBM i from malware threats
The Best Shield Against Ransomware for IBM iPrecisely
Did you know a frequent vulnerability that is exploited to initiate a ransomware attack on your IBM i is a compromised password? The most frequent approach to compromise system access is Credential Stuffing where an intruder finds user ids and passwords that have been stolen from somewhere else, sold on the dark web and attempts to use them at another organization. This is often successful because many people re-use the same password they use at work at multiple other online sites.
Adding multi-factor authentication is the #1 action most enterprises can do to prevent cybersecurity incidents from occurring. Even in industries that do not currently require MFA for regulatory compliance, governments are taking cybersecurity more seriously as agencies and infrastructure are increasingly being targeted. Investing in an MFA solution is an effective way to secure your data from unauthorized access and protect your resources.
Assure Multi-factor Authentication’s advanced capabilities provide unique, flexible solutions to access control on the IBM i. With our new, powerful user interface, we are making MFA easier to implement and control. Watch this on-demand webinar to learn:
• How malware gets on to the IBM i system
• Tips on implementing MFA for the IBM i
• How our new interface can make deploying MFA even easier
How US Cybersecurity Executive Order Impacts IBM i Customers Precisely
Increasing threats from ransomware and geo-political threats of cyber warfare mean these are challenging times for those responsible for IT security. Earlier this year, US President Joe Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act. In addition, the White House recommended companies execute multiple strategies to protect critical services and systems in a statement titled “Act Now to Protect Against Potential Cyberattacks." Many of these recommendations are particularly relevant to the IBM i community. There are specific recommendations in security tools, response strategies, and preventive measures all IBM i companies should be implementing.
Watch this on-demand webinar to learn about:
• Specific recommendations from the US government
• Applying these recommendations to your IBM i environment
• How Precisely can help
IBM i is securable BUT not secured by default. To help protect your organization from the increasing security threats, you must take control of all access points to your IBM i server. You can limit IBM i security threats by routinely assessing your risks and taking control of logon security, powerful authorities, and system access.
With the right tools and process, you can assure comprehensive control of unauthorized access and can trace any activity, suspicious or otherwise, on your IBM i systems.
Watch this on-demand webcast to learn:
• How to secure network access and communication ports
• How to implement different authentication options and tradeoffs
• How to limit the number of privileged user accounts
• How Precisely’s Assure Security can help
Effectively Defending Your IBM i from Malware with Multi-Factor Authentication Precisely
Your IBM i holds data that is vital to your business and can be a target for ransomware and other types of malware. Did you know a frequent vulnerability that is exploited to initiate a ransomware attack on your IBM i is a compromised password?
Security breaches caused by passwords written on sticky notes, guessed passwords, or bruteforce password attacks have compelled IBM i shops to implement stronger password management controls. One of the most effective protections against this type of attack is MultiFactor Authentication.
Watch this on-demand webinar to learn:
- What true multifactor authentication really is
- How malware gets on to the IBM i system
- Tips on implementing MFA for the IBM i
Expand Your Control of Access to IBM i Systems and DataPrecisely
Controlling all the ways your company’s data is being accessed, especially given the proliferation of open source software and other non-traditional data-access methods, is critical to ensuring security and regulatory compliance. This webinar reviews the different ways your data can be accessed, discusses how exit points work and how they can be managed, and why a global data access control strategy is especially important to efficiently protect sensitive data against unwanted access.
Topics include:
• IBM i access methods and risks
• Using exit programs to block traditional and modern access methods
• Real life examples and perspectives
Learn more about how organizations prevented downtime with #BigFix in the wake of #wannacry. References and Use Cases along with a review of our BigFix Solution.
https://www.ibm.com/connect/ibm/ca-en/resources/tomjs/
Controlling Access to IBM i Systems and DataPrecisely
Security best practice and regulations such as SOX, HIPAA, GDPR and others require you to restrict access to your critical IBM i systems and their data, but this is easier said than done. Legacy, proprietary access protocols now co-exist with new, open-source protocols to create access control headaches.
View this webcast on-demand for an in-depth discussion of IBM i access points that must be secured and how exit points can be leveraged to accomplish the task. We’ll cover:
• Securing network access and communication ports
• How database access via open-source protocols can be secured
• Taking control of command execution
Essential Layers of IBM i Security: System-Access SecurityPrecisely
Better understand the strategies and tactics to keep unauthorized users out of your IBM i and maintain tight controls over what authorized users can do once logged in.
The Best Shield Against Ransomware for IBM iPrecisely
Did you know a frequent vulnerability that is exploited to initiate a ransomware attack on your IBM i is a compromised password? The most frequent approach to compromise system access is Credential Stuffing where an intruder finds user ids and passwords that have been stolen from somewhere else, sold on the dark web and attempts to use them at another organization. This is often successful because many people re-use the same password they use at work at multiple other online sites.
Adding multi-factor authentication is the #1 action most enterprises can do to prevent cybersecurity incidents from occurring. Even in industries that do not currently require MFA for regulatory compliance, governments are taking cybersecurity more seriously as agencies and infrastructure are increasingly being targeted. Investing in an MFA solution is an effective way to secure your data from unauthorized access and protect your resources.
Assure Multi-factor Authentication’s advanced capabilities provide unique, flexible solutions to access control on the IBM i. With our new, powerful user interface, we are making MFA easier to implement and control. Watch this on-demand webinar to learn:
• How malware gets on to the IBM i system
• Tips on implementing MFA for the IBM i
• How our new interface can make deploying MFA even easier
How US Cybersecurity Executive Order Impacts IBM i Customers Precisely
Increasing threats from ransomware and geo-political threats of cyber warfare mean these are challenging times for those responsible for IT security. Earlier this year, US President Joe Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act. In addition, the White House recommended companies execute multiple strategies to protect critical services and systems in a statement titled “Act Now to Protect Against Potential Cyberattacks." Many of these recommendations are particularly relevant to the IBM i community. There are specific recommendations in security tools, response strategies, and preventive measures all IBM i companies should be implementing.
Watch this on-demand webinar to learn about:
• Specific recommendations from the US government
• Applying these recommendations to your IBM i environment
• How Precisely can help
IBM i is securable BUT not secured by default. To help protect your organization from the increasing security threats, you must take control of all access points to your IBM i server. You can limit IBM i security threats by routinely assessing your risks and taking control of logon security, powerful authorities, and system access.
With the right tools and process, you can assure comprehensive control of unauthorized access and can trace any activity, suspicious or otherwise, on your IBM i systems.
Watch this on-demand webcast to learn:
• How to secure network access and communication ports
• How to implement different authentication options and tradeoffs
• How to limit the number of privileged user accounts
• How Precisely’s Assure Security can help
Effectively Defending Your IBM i from Malware with Multi-Factor Authentication Precisely
Your IBM i holds data that is vital to your business and can be a target for ransomware and other types of malware. Did you know a frequent vulnerability that is exploited to initiate a ransomware attack on your IBM i is a compromised password?
Security breaches caused by passwords written on sticky notes, guessed passwords, or bruteforce password attacks have compelled IBM i shops to implement stronger password management controls. One of the most effective protections against this type of attack is MultiFactor Authentication.
Watch this on-demand webinar to learn:
- What true multifactor authentication really is
- How malware gets on to the IBM i system
- Tips on implementing MFA for the IBM i
Expand Your Control of Access to IBM i Systems and DataPrecisely
Controlling all the ways your company’s data is being accessed, especially given the proliferation of open source software and other non-traditional data-access methods, is critical to ensuring security and regulatory compliance. This webinar reviews the different ways your data can be accessed, discusses how exit points work and how they can be managed, and why a global data access control strategy is especially important to efficiently protect sensitive data against unwanted access.
Topics include:
• IBM i access methods and risks
• Using exit programs to block traditional and modern access methods
• Real life examples and perspectives
Learn more about how organizations prevented downtime with #BigFix in the wake of #wannacry. References and Use Cases along with a review of our BigFix Solution.
https://www.ibm.com/connect/ibm/ca-en/resources/tomjs/
Controlling Access to IBM i Systems and DataPrecisely
Security best practice and regulations such as SOX, HIPAA, GDPR and others require you to restrict access to your critical IBM i systems and their data, but this is easier said than done. Legacy, proprietary access protocols now co-exist with new, open-source protocols to create access control headaches.
View this webcast on-demand for an in-depth discussion of IBM i access points that must be secured and how exit points can be leveraged to accomplish the task. We’ll cover:
• Securing network access and communication ports
• How database access via open-source protocols can be secured
• Taking control of command execution
Essential Layers of IBM i Security: System-Access SecurityPrecisely
Better understand the strategies and tactics to keep unauthorized users out of your IBM i and maintain tight controls over what authorized users can do once logged in.
Tecnologie a supporto dei controlli di sicurezza fondamentaliJürgen Ambrosi
Implementare i controlli di sicurezza non può prescindere dallo sviluppo di una cultura sulla sicurezza ma necessita anche della adozione di opportune tecnologie a supporto dei controlli stessi. Viaggio nel sistema immunitario che rappresenta i vari controlli che se opportunamente correlati, possono sensibilmente mitigare e spesso annullare la possibilità di essere vittima di un attacco
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
Our security practices need to evolve in order to address the new challenges propped up by the rapid adoption of technologies and products to enable the world to WFH. The mantra of the attacker remains consistent -- attack that which yields maximum result -- and that is usually something used by a very very large number of users. This webinar will discuss the Top 10 Security Gaps that CISOs should be aware of as they brace for long WFH periods.
What will you learn :
-New Attack techniques hackers are using targeting WFH
-How to handle decentralisation of IT and technology decisions?
-Application risks as enterprises pivot to online/new business model(s)
-New risks in the Cloud and due to Shadow IT
-Security risks due to uninformed employees & their home infrastructure
-How to handle Misconfigurations & Third party risks
-How to build a robust breach response and recovery program?
Full video - https://youtu.be/bQLfnmhDnQs
Application security meetup k8_s security with zero trust_29072021lior mazor
The "K8S security with Zero Trust" Meetup is about K8s posture Management and runtime protection, ways to secure your software supply chain, Managing Attack Surface reduction, and How to secure K8s with Zero-Trust.
Corona| COVID IT Tactical Security Preparedness: Threat ManagementRedZone Technologies
Work from Home - Practical Advice on Operations and Security Impact and what to do about it.
DR and BCP Planning Ideas
Widening Attack Surface Solutions
Managing Threats Solutions
Evolving technologies and business models have led to advanced network security threats that never existed a few years back. Moreover, enterprises are also relying on outdated security solutions to shut out such threats and this is leading to bigger and frequent data breaches. So if your company recognizes the need for a reliable IT security solution, then you should join our webinar to learn the following:
- An overview of the prevalent enterprise security threats
- The evolving security landscape and the obsolete security mechanisms
- What Seqrite does to ensure enterprise security and network compliance
Certes webinar securing the frictionless enterpriseJason Bloomberg
Join Jason Bloomberg, President of Intellyx and contributor to Forbes and Satyam Tyagi, CTO for Certes Networks as they explore securing the frictionless enterprise.
- The Dark Side of the Frictionless Enterprise
- The Limitations of Network Segmentation
- Borderless Enterprises Require Borderless Security
- Crypto-Segmentation: Security in a Post-Trust World
- Certes Networks CryptoFlows
- Crypto-Segmentation with CryptoFlows
Cyber-Espionage: Understanding the Advanced Threat LandscapeAaron White
Cutting through the APT hype to help businesses prevent, detect and mitigate advanced threats.
Sophisticated cyber-espionage operations aimed at pilfering
trade secrets and other sensitive data from corporate networks currently present the biggest threat to businesses. Advanced threat actors ranging from nation-state adversaries to organized cyber-crime gangs are using zero-day exploits, customized malware toolkits and clever social engineering tricks to break into corporate networks, avoid detection,
and steal valuable information over an extended period
of time.
In this presentation, we will cut through some of the hype
surrounding Advanced Persistent Threats (APTs), explain the
intricacies of these attacks and present recommendations to
help you improve your security posture through prevention,
detection and mitigation.
WannaCry Ransomware Attack: What to Do NowIBM Security
View on-demand webinar: http://bit.ly/2qoNQ8v
What you need to know and how to protect against the WannaCry Ransomware Attack, the largest coordinated cyberattack of its kind. WannaCry has already crippled critical infrastructure and multiple hospitals and telecommunications organizations, infecting 100s of thousands of endpoints in over 100 countries. In this on-demand webinar, we discuss the anatomy of this unprecedented attack and IBM Researchers share expert insights into what you can do now to protect your organization from this attack and the next one.
Protecting Your Business - All Covered Security ServicesAll Covered
All Covered is a nationwide provider of IT services and security. This presentation highlights the most essential factors that businesses need to be aware of when implementing their security plan. It shows how any company, regardless of size, is at risk with external, and internal, security threats.
Whether you own a small, medium, or large business, IT security should be at the forefront of any discussion. It is better to be proactive and prevent an attack from happening than having to pick up the pieces after the damage has already been done to your business.
Re-defining Endpoint Protection: Preventing Compromise in the Face of Advance...IBM Security
Traditional endpoint protection solutions have become the punching bag of security. And for good reason. Traditional solutions, including blacklisting and signature-based antivirus, have not kept pace in combating advanced threats and zero-day attacks. Organizations are left defenseless.
A new approach is needed that understands the lifecycle of today’s advanced attacks, providing capabilities to assess devices, prevent attacks, detect compromise, investigate the incident and finally remediate the environment.
View the full on-demand webcast: https://www.youtube.com/watch?v=Xyw-SV9v9dg
What Does a Full Featured Security Strategy Look Like?Precisely
In today’s IT world, the threats from bad actors are increasing and the negative impacts of a data breach continue to rise. Responsible enterprises have an obligation to handle the personal data of their customers with care and protect their company’s information with all the tools at their disposal.
For IBM i customers, this includes system settings, company-wide security protocols and the strategic use of additional third-party solutions. These solutions should include things like multi factor authentication (MFA), auditing and SEIM features, access control, authority elevation, and more. In this presentation, we will help you understand how all these elements can work together to create an effective, comprehensive IBM i security environment.
Watch this on-demand webinar to learn about:
• taking a holistic approach to IBM i Security
• what to look for when you consider adding a security product to your IBM i IT infrastructure.
• the components to consider a comprehensive, effective security strategy
• how Precisely can help
Threats have increased exponentially. Current indicators show a massive increase in threat vectors as a result of COVID-19. What makes this more unsettling is the fact that most ransomware will remain dormant for months before activating. Check out this presentation with ATC provider, TPx. Topics covered during this virtual event include: firewall security, firewall software, endpoints, malware, backups and DR, managed security services and TPx MSx.
What are the top 15 IT security threats, and how can you make sure your company avoids them? With the help of security expert Chris Nelson, we compiled a categorized list of the top 15 security threats that IT departments face and how to confront them head-on.
Addressing the Top 3 Real-world Security Challenges for Your IBM i SystemsPrecisely
The most effective approach to cybersecurity is having multiple layers of defense mechanisms deployed to protect your systems. This is commonly referred to as “Defense in Depth”.
Because your IBM i holds data that is vital to your business, implementing multiple IBM i technologies that will help prevent or detect an accidental error or malicious behavior is essential.
Watch our on-demand webinar where Carol Woodbury of DXR Security discusses three of the current real-world issues facing organizations today and how layering multiple security technologies can protect your data and avoid business disruptions.
Register to hear about:
• The benefits of implementing defense in depth
• Determining the value and risk level of your data
• Developing a plan to implement as many layers as needed to appropriately reduce risk
AI-Ready Data - The Key to Transforming Projects into Production.pptxPrecisely
Moving AI projects from the laboratory to production requires careful consideration of data preparation. Join us for a fireside chat where industry experts, including Antonio Cotroneo (Director, Product Marketing, Precisely) and Sanjeev Mohan (Principal, SanjMo), will discuss the crucial role of AI-ready data in achieving success in AI projects. Gain essential insights and considerations to ensure your AI solutions are built on a solid foundation of accurate, consistent, and context-rich data. Explore practical insights and learn how data integrity drives innovation and competitive advantage. Transform your approach to AI with a focus on data readiness.
Building a Multi-Layered Defense for Your IBM i SecurityPrecisely
In today's challenging security environment, new vulnerabilities emerge daily, leaving even patched systems exposed. While IBM works tirelessly to release fixes as they discover vulnerabilities, bad actors are constantly innovating. Don't settle for reactive defense – secure your IT with a layered approach!
This holistic strategy builds multiple security walls, making it far harder for attackers to breach your defenses. Even if a certain vulnerability is exploited, one of the controls could stop the attack or at least delay it until you can take action.
Join us for this webcast to hear about:
• How security risks continue to evolve and change
• The importance of keeping all your systems patched an up-to-date
• A multi-layered approach to network, system object and data security
Tecnologie a supporto dei controlli di sicurezza fondamentaliJürgen Ambrosi
Implementare i controlli di sicurezza non può prescindere dallo sviluppo di una cultura sulla sicurezza ma necessita anche della adozione di opportune tecnologie a supporto dei controlli stessi. Viaggio nel sistema immunitario che rappresenta i vari controlli che se opportunamente correlati, possono sensibilmente mitigare e spesso annullare la possibilità di essere vittima di un attacco
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
Our security practices need to evolve in order to address the new challenges propped up by the rapid adoption of technologies and products to enable the world to WFH. The mantra of the attacker remains consistent -- attack that which yields maximum result -- and that is usually something used by a very very large number of users. This webinar will discuss the Top 10 Security Gaps that CISOs should be aware of as they brace for long WFH periods.
What will you learn :
-New Attack techniques hackers are using targeting WFH
-How to handle decentralisation of IT and technology decisions?
-Application risks as enterprises pivot to online/new business model(s)
-New risks in the Cloud and due to Shadow IT
-Security risks due to uninformed employees & their home infrastructure
-How to handle Misconfigurations & Third party risks
-How to build a robust breach response and recovery program?
Full video - https://youtu.be/bQLfnmhDnQs
Application security meetup k8_s security with zero trust_29072021lior mazor
The "K8S security with Zero Trust" Meetup is about K8s posture Management and runtime protection, ways to secure your software supply chain, Managing Attack Surface reduction, and How to secure K8s with Zero-Trust.
Corona| COVID IT Tactical Security Preparedness: Threat ManagementRedZone Technologies
Work from Home - Practical Advice on Operations and Security Impact and what to do about it.
DR and BCP Planning Ideas
Widening Attack Surface Solutions
Managing Threats Solutions
Evolving technologies and business models have led to advanced network security threats that never existed a few years back. Moreover, enterprises are also relying on outdated security solutions to shut out such threats and this is leading to bigger and frequent data breaches. So if your company recognizes the need for a reliable IT security solution, then you should join our webinar to learn the following:
- An overview of the prevalent enterprise security threats
- The evolving security landscape and the obsolete security mechanisms
- What Seqrite does to ensure enterprise security and network compliance
Certes webinar securing the frictionless enterpriseJason Bloomberg
Join Jason Bloomberg, President of Intellyx and contributor to Forbes and Satyam Tyagi, CTO for Certes Networks as they explore securing the frictionless enterprise.
- The Dark Side of the Frictionless Enterprise
- The Limitations of Network Segmentation
- Borderless Enterprises Require Borderless Security
- Crypto-Segmentation: Security in a Post-Trust World
- Certes Networks CryptoFlows
- Crypto-Segmentation with CryptoFlows
Cyber-Espionage: Understanding the Advanced Threat LandscapeAaron White
Cutting through the APT hype to help businesses prevent, detect and mitigate advanced threats.
Sophisticated cyber-espionage operations aimed at pilfering
trade secrets and other sensitive data from corporate networks currently present the biggest threat to businesses. Advanced threat actors ranging from nation-state adversaries to organized cyber-crime gangs are using zero-day exploits, customized malware toolkits and clever social engineering tricks to break into corporate networks, avoid detection,
and steal valuable information over an extended period
of time.
In this presentation, we will cut through some of the hype
surrounding Advanced Persistent Threats (APTs), explain the
intricacies of these attacks and present recommendations to
help you improve your security posture through prevention,
detection and mitigation.
WannaCry Ransomware Attack: What to Do NowIBM Security
View on-demand webinar: http://bit.ly/2qoNQ8v
What you need to know and how to protect against the WannaCry Ransomware Attack, the largest coordinated cyberattack of its kind. WannaCry has already crippled critical infrastructure and multiple hospitals and telecommunications organizations, infecting 100s of thousands of endpoints in over 100 countries. In this on-demand webinar, we discuss the anatomy of this unprecedented attack and IBM Researchers share expert insights into what you can do now to protect your organization from this attack and the next one.
Protecting Your Business - All Covered Security ServicesAll Covered
All Covered is a nationwide provider of IT services and security. This presentation highlights the most essential factors that businesses need to be aware of when implementing their security plan. It shows how any company, regardless of size, is at risk with external, and internal, security threats.
Whether you own a small, medium, or large business, IT security should be at the forefront of any discussion. It is better to be proactive and prevent an attack from happening than having to pick up the pieces after the damage has already been done to your business.
Re-defining Endpoint Protection: Preventing Compromise in the Face of Advance...IBM Security
Traditional endpoint protection solutions have become the punching bag of security. And for good reason. Traditional solutions, including blacklisting and signature-based antivirus, have not kept pace in combating advanced threats and zero-day attacks. Organizations are left defenseless.
A new approach is needed that understands the lifecycle of today’s advanced attacks, providing capabilities to assess devices, prevent attacks, detect compromise, investigate the incident and finally remediate the environment.
View the full on-demand webcast: https://www.youtube.com/watch?v=Xyw-SV9v9dg
What Does a Full Featured Security Strategy Look Like?Precisely
In today’s IT world, the threats from bad actors are increasing and the negative impacts of a data breach continue to rise. Responsible enterprises have an obligation to handle the personal data of their customers with care and protect their company’s information with all the tools at their disposal.
For IBM i customers, this includes system settings, company-wide security protocols and the strategic use of additional third-party solutions. These solutions should include things like multi factor authentication (MFA), auditing and SEIM features, access control, authority elevation, and more. In this presentation, we will help you understand how all these elements can work together to create an effective, comprehensive IBM i security environment.
Watch this on-demand webinar to learn about:
• taking a holistic approach to IBM i Security
• what to look for when you consider adding a security product to your IBM i IT infrastructure.
• the components to consider a comprehensive, effective security strategy
• how Precisely can help
Threats have increased exponentially. Current indicators show a massive increase in threat vectors as a result of COVID-19. What makes this more unsettling is the fact that most ransomware will remain dormant for months before activating. Check out this presentation with ATC provider, TPx. Topics covered during this virtual event include: firewall security, firewall software, endpoints, malware, backups and DR, managed security services and TPx MSx.
What are the top 15 IT security threats, and how can you make sure your company avoids them? With the help of security expert Chris Nelson, we compiled a categorized list of the top 15 security threats that IT departments face and how to confront them head-on.
Addressing the Top 3 Real-world Security Challenges for Your IBM i SystemsPrecisely
The most effective approach to cybersecurity is having multiple layers of defense mechanisms deployed to protect your systems. This is commonly referred to as “Defense in Depth”.
Because your IBM i holds data that is vital to your business, implementing multiple IBM i technologies that will help prevent or detect an accidental error or malicious behavior is essential.
Watch our on-demand webinar where Carol Woodbury of DXR Security discusses three of the current real-world issues facing organizations today and how layering multiple security technologies can protect your data and avoid business disruptions.
Register to hear about:
• The benefits of implementing defense in depth
• Determining the value and risk level of your data
• Developing a plan to implement as many layers as needed to appropriately reduce risk
AI-Ready Data - The Key to Transforming Projects into Production.pptxPrecisely
Moving AI projects from the laboratory to production requires careful consideration of data preparation. Join us for a fireside chat where industry experts, including Antonio Cotroneo (Director, Product Marketing, Precisely) and Sanjeev Mohan (Principal, SanjMo), will discuss the crucial role of AI-ready data in achieving success in AI projects. Gain essential insights and considerations to ensure your AI solutions are built on a solid foundation of accurate, consistent, and context-rich data. Explore practical insights and learn how data integrity drives innovation and competitive advantage. Transform your approach to AI with a focus on data readiness.
Building a Multi-Layered Defense for Your IBM i SecurityPrecisely
In today's challenging security environment, new vulnerabilities emerge daily, leaving even patched systems exposed. While IBM works tirelessly to release fixes as they discover vulnerabilities, bad actors are constantly innovating. Don't settle for reactive defense – secure your IT with a layered approach!
This holistic strategy builds multiple security walls, making it far harder for attackers to breach your defenses. Even if a certain vulnerability is exploited, one of the controls could stop the attack or at least delay it until you can take action.
Join us for this webcast to hear about:
• How security risks continue to evolve and change
• The importance of keeping all your systems patched an up-to-date
• A multi-layered approach to network, system object and data security
Navigating the Cloud: Best Practices for Successful MigrationPrecisely
In today's digital landscape, migrating workloads and applications to the cloud has become imperative for businesses seeking scalability, flexibility, and efficiency. However, executing a seamless transition requires strategic planning and careful execution. Join us as we delve into the insightful insights around cloud migration, where we will explore three key topics:
i. Considerations to take when planning for cloud migration
ii. Best practices for successfully migrating to the cloud
iii. Real-world customer stories
Unlocking the Power of Your IBM i and Z Security Data with Google ChroniclePrecisely
In today's ever-evolving threat landscape, any siloed systems, or data leave organizations vulnerable. This is especially true when mission-critical systems like IBM i and IBM Z mainframes are not included in your security planning. Valuable security data from these systems often remains isolated, hindering your ability to detect and respond to threats effectively.
Ironstream and bridge this gap for IBM systems by integrating the important security data from these mission-critical systems into Google Chronicle where it can be seen, analyzed and correlated with the data from other enterprise systems Here's what you'll learn:
• The unique challenges of securing IBM i and Z mainframes
• Why traditional security tools fall short for mainframe data
• The power of Google Chronicle for unified security intelligence
• How to gain comprehensive visibility into your entire IT ecosystem
• Real-world use cases for integrating IBM i and Z security data with Google Chronicle
Join us for this webcast to hear about:
• The unique challenges of securing IBM i and IBM Z systems
• Real-world use cases for integrating IBM i and IBM Z security data with Google Chronicle
• Combining Ironstream and Google Chronicle to deliver faster threat detection, investigation, and response times
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
Are you considering leveraging the cloud alongside your existing IBM AIX and IBM I systems infrastructure? There are likely benefits to be realized in scalability, flexibility and even cost.
However, to realize these benefits, you need to be aware of the challenges and opportunities that come with integrating your IBM Power Systems in the cloud. These challenges range from data synchronization to testing to planning for fallback in the event of problems.
Join us for this webcast to hear about:
• Seamless migration strategies
• Best practices for operating in the cloud
• Benefits of cloud-based HA/DR for IBM AIX and IBM i
It can be challenging display and share capacity data that is meaningful to end users. There is an overabundance of data points related to capacity, and the summarization of this data is difficult to construct and display.
You are already spending time and money to handle the critical need to manage systems capacity, performance and estimate future needs. Are you it spending wisely? Are you getting the level of results from your investment that you really need? Can you prove it?
The good news is that the return on investment of implementing capacity management and capacity planning is most definitely positive and provable, both in terms of tangible monetary value and in some less tangible but no-less-valuable benefits.
Join us for this webinar and learn:
• Top Trends in Capacity Management
• Common customer pain points
• Ways to demonstrate these benefits to your company
Automate Studio Training: Materials Maintenance Tips for Efficiency and Ease ...Precisely
Ready to improve efficiency, provide easy to use data automations and take materials master (MM) data maintenance to the next level?
Find out how during our Automate Studio training on March 28 – led by Sigrid Kok, Principal Sales Engineer, and Isra Azam, Sales Engineer, at Precisely.
This session’s for you if you want to discover the best approaches for creating, extending or maintaining different types of materials, as well as automating the tricky parts of these processes that slow you down.
Greater control over your Automate Studio business processes means bigger, better results. We’ll show you how to enable your business users to interact with SAP from Microsoft Office and other familiar platforms – resulting in more efficient SAP data management, along with improved data integrity and accuracy.
This 90-minute session will be filled with a variety of topics, including:
real world approaches for creating multiple types of materials, balancing flexibility and power with simplicity and ease of use
tips on material creation, including
downloading the generated material number
using formulas to format prior to upload, such as capitalization or zero padding to make it easy to get the data right the first time
conditionally require fields based on other field entries
using LOV for fields that are free form entry for standard values
tips on modifying alternate units of measure, building from scratch using GUI scripting
modify multiple language descriptions, build from scratch using a standard BAPI
make end-to-end MM process flows more of a reality with features including APIs and predictive AI
Through these topics, you’ll gain plenty of actionable takeaways that you can start implementing right away – including how to:
improve your data integrity and accuracy
make scripts flexible and usable for automation users
seamlessly handle both simple and complex parts of material master
interact with SAP from both business user and script developers’ perspectives
easily upload and download data between SAP and Excel – and how to format the data before upload using simple formulas
You’ll leave this session feeling ready and empowered to save time, boost efficiency, and change the way you work.
Automate Studio reduces your dependency on technical resources to help you create automation scenarios – and our team of experts is here to make sure you get the most out of our solution throughout the journey.
Questions? Sigrid & Isra will be ready to answer them during a live Q&A at the end of the session.
Who should attend:
Attendees who will get the most out of this session are Automate Studio developers and runners familiar with SAP MM. Knowledge of Automate Studio script creation is nice to have, but not required.
Leveraging Mainframe Data in Near Real Time to Unleash Innovation With Cloud:...Precisely
Join us for an insightful roundtable discussion featuring experts from AWS, Confluent, and Precisely as they delve into the complexities and opportunities of migrating mainframe data to the cloud.
In this engaging webinar, participants will learn about the various considerations, strategies, and customer challenges associated with replicating mainframe data to cloud environments.
Our panelists will share practical insights, real-world experiences, and best practices to help organizations successfully navigate this transformative journey.
Whether you're considering migrating and modernizing your mainframe applications to cloud, or augmenting mainframe-based applications with data replication to cloud, this roundtable will provide valuable perspectives and insights to maximize the benefits of migrating mainframe data to the cloud.
Join us on March 27 to gain a deeper understanding of the opportunities and challenges in this evolving landscape.
Data Innovation Summit: Data Integrity TrendsPrecisely
Data integrity remains an evolving process of discovery, identification, and resolution. With an all-time low in public confidence on data being used for decision-making, attention has gradually shifted to data quality and data integration across multiple systems and frameworks. Data integrity becomes a focal point again for companies to make strategic moves in a world facing an evolving economy.
Key takeaways:
· How to build a data-driven culture within your organization
· Tips to engage with key stakeholders in your business and examples from other businesses around the world
· How to establish and maintain a business-first approach to data governance
· A summary of the findings from a recent survey of global data executives by Drexel University's LeBow College of Business
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
Artificial Intelligence (AI) has become a strategic imperative in a rapidly evolving business landscape. However, the rush to embrace AI comes with risks, as illustrated by instances of AI-generated content with fake citations and potentially dangerous recommendations. The critical factor underpinning trustworthy AI is data integrity, ensuring data is accurate, consistent, and full of rich context.
Attend our upcoming webinar, "AI You Can Trust: Ensuring Success with Data Integrity," as we explore organizational challenges in maintaining data integrity for AI applications and real-world use cases showcasing the transformative impact of high-integrity data on AI success.
During this panel discussion, we'll highlight everything from personalized recommendations and AI-powered workflows to machine learning applications and innovative AI assistants.
Key Topics:
AI Use Cases with Data Integrity: Discover how data integrity shapes the success of AI applications through six compelling use cases.
Solving AI Challenges: Uncover practical solutions to common AI challenges such as bias, unreliable results, lack of contextual relevance, and inadequate data security.
Three Considerations of Data Integrity for AI: Learn the essential pillars—complete, trusted, and contextual—that underpin data integrity for AI success.
Precisely and AWS Partnership: Explore how the collaboration between Precisely and Amazon Web Services (AWS) addresses these challenges and empowers organizations to achieve AI-ready data.
Join our panelists to unlock the full potential of AI by starting your data integrity journey today. Trust in AI begins with trusted data – let's future-proof your AI together.
Less Bias. More Accurate. Relevant Outcomes.
Optimisez la fonction financière en automatisant vos processus SAPPrecisely
La fonction finance est au cœur du succès de l’entreprise, et doit aussi évoluer pour faire face aux enjeux d’aujourd’hui : aller plus vite, traiter plus d’informations et assurer une qualité des données sans faille.
Nous vous proposons de découvrir ensemble comment répondre à ces défis, notamment les points suivants :
Gérer les référentiels comptables et financiers, comptes comptables, clients, fournisseurs, centres de couts, centres de profits…Accélérer les clôtures et permettre de passer les écritures comptables nécessaires, de lancer les rapports adéquats et d’extraire les informations en temps réelOrganiser les taches en les affectant de manière ordonnancée à leurs responsables ou en les lançant automatiquement et les suivre de manière granulaire
Notre webinaire sera l’occasion d’évoquer et d’illustrer cette palette de capacités disponibles pour des utilisateurs métier sans code ou avec peu de code et nous vous espérons nombreux.
In dieser Präsentation diskutieren wir, welche Tools aus unserer Sicht dabei helfen, die Transformation zu SAP S/4HANA optimal zu gestalten. Aber wir blicken auch nach vorne!
In unserem Beitrag fokussieren wir uns nicht nur auf kurzfristige Lösungen, sondern es geht auch um das Thema „Nachhaltigkeit“. Um Investitionen für die Zukunft.
Dazu gehören Entwicklungen, die die SAP Welt nachhaltig verändern werden.
Wir betrachten zukünftige Technologien, wie KI oder Machine Learning, die dazu beitragen, datenintensive SAP Prozesse zu optimieren, die Datenqualität zu verbessern, manuelle Prozesse zu reduzieren und Mitarbeiter zu entlasten.
Werfen Sie mit uns einen Blick in die Zukunft und gestalten Sie die digitale Transformation in Ihrem Unternehmen mit.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Defending Your IBM i Against Malware
1. Defending Your IBM i
Against Malware
The Rules Have Changed
Bill Hammond | Director, Product Marketing
Gavriel Meir-Levi | Sales Director, Security Products
2. Housekeeping
Webinar Audio
• Today’s webcast audio is streamed through your
computer speakers
• If you need technical assistance with the web interface
or audio, please reach out to us using the Q&A box
Questions Welcome
• Submit your questions at any time during the
presentation using the Q&A box. If we don't get to your
question, we will follow-up via email
Recording and slides
• This webinar is being recorded. You will receive an email
following the webinar with a link to the recording and
slides
2
4. ReBoot Required
4
The very nature of cyber threats has changed
• Countering requires a business-wide paradigm shift
Two fundamental changes required:
• Everyone understands why advanced threats are very
different, how they actually work
o Executives, L.O.B. leaders, Employees
o Partners, Vendors
• Commitment to informed, cooperative and integrated
IT security planning management practices.
5. Malware and Ransomware
5
• A growing range of cyber-attack products and services
• Marketed and sold by a wide range of ‘companies’
• Steady, organized industrialization of cyber-attack tools and
services
• Ransomware as a Service sector
• Operating in the very efficient ‘Dark Web’ marketplace
• Highly developed, broadly marketed, extremely profitable,
industrial-scale
We are not up against a few, exceptionally clever and
evil “bad actors”
6. Architecture
of Malware
Attacks
Actively guided
and executed
Stealthy, nearly
invisible
• Not chunks of malicious code /payloads
• Not a single, standardized sequence of
actions
• Skilled human hacker gains access, studies
your systems
• Fully customized and carefully timed and
sequenced
• Nearly impossible to distinguish from
‘normal’ user or application activity
• Main activity is… inactivity
• Quietly evaluates potential targets,
learns your security patterns and
gaps, considers tactics
Immediate
monetary reward
Crypto-Currency
enabled
• Direct payment from victim, not resale of
information
• (Actually, they often do that as well,
even after ransom is paid)
• Hackers world-wide investing heavily in
malware skills development, computing
and network resources
• The “Unmarked Bills” for all 21st
century cyber-extortion
• Easily traded and /or converted to
conventional currencies
• Crypto transactions are (currently)
effectively beyond the reach of law
enforcement agencies and modern
global financial controls.
6
8. Ransomware Business Model
8
Ransomware
Target
3rd Party
Partners
Ransomware
Software
Developer
The network is
compromised by 3rd Party
Ransomware Partners. It’s
the partner’s job to get the
ransomware software onto
the network. Security Best
Practices such as Basic
MFA does help… but it
won’t lock down the IBM i
completely.
* Diagram from Get IT Solutions blog.com
9. The rules have changed
9
Cyber Thieves scoff at ‘Best Practices’
• No way to develop and deploy standardized “profiles” or
“signatures”
• Automated scanning, alerting and remediation ‘necessary
but not sufficient’
• More time-consuming hands-on or ad hoc systems
surveillance is also a losing battle plan.
10. Multi-layered defense is required
10
Next-generation IT Security strategy
• Assume any security methods and tools you deploy will be
defeated by human intelligence and creativity
• Focus on securing critical assets and data stores using a
multi-layered, sequential defensive approach.
Existing IT security tools and systems are not obsolete or
unneeded
• Key is applying them in a new context
• Sequential, layered defenses, employing every security
option you have available, but in a coordinated,
programmatic way
14. Anatomy of a Ransomware Attack
14
IFS
Advanced
MFA
15. Assure
Advanced
MFA
5250 FTP
• Protection against compromised
• Credentials
• Workstations
• Sessions
• Add System Access Manager
• Starting of check printers
• Accessing and updating data
• IP ranges
• Time of day/week
• File Shares
• Authentication
• Initial Program
• Modified Sign on via Telnet
• Advanced
• System Access Manager
• Authentication
• Advanced
• System Access Manager
ODBC NetServer
• Authentication
• Advanced
• System Access Manager
• Advanced
• System Access Manager
• File Share
• File Share Directory
15
16. Anatomy of a Ransomware Attack
16
IFS
Advanced
MFA
Elevated Authority
Management
17. Anatomy of a Ransomware Attack
17
IFS
Advanced
MFA
Elevated Authority
Management
SIEM
18. Anatomy of a Ransomware Attack
18
IFS
Advanced
MFA
Elevated Authority
Management
SIEM
19. The threat to IBM i
19
IBM i has a sterling reputation for system security and data
protection
• But even IBM itself says that IBM i highly securable, not
inherently secure.
• Still requires all appropriate security options it offers are
properly implemented.
IBM i no longer a Security Island
• IBM i hardware, applications and data are increasingly
integrating with other platforms
• Web partners, service providers, cloud-based e-commerce
systems, more…
20. Malware on IBM i
• No (current) malware for IBM i ‘proper’
– that is, the operating system itself
• IBM i can be affected by malware in
the IFS in two ways
• An infected object is stored in the IFS
• Malware enters the system from an
infected workstation to a mapped drive
(that is, IBM i) via a file share on the IFS
20
21. Three Key Use Cases
1. Ransomware Defense
• Advanced Multi-Factor Authentication
• Reporting & Alerting
• Lock Down IFS Directory
2. Advanced MFA
• Secure ODBC
• Secure FTP
3. Basic MFA
• Secures Telnet
• Integrate with RSA, Okta Radius, Duo and others
• Management “Four Eyes” Principle
21
23. Advanced MFA protects against
credential theft
23
• Credential theft can happen in several ways
• An intruder is in the network and sniffs cleartext user ids and passwords off
the network
• An intruder knows of an application that stores cleartext passwords and
steals those
• Credential stuffing …
• An intruder finds user ids and passwords have been stolen from somewhere else,
sold on the dark web and attempts to use them at another organization
• This is often successful because many people re-use the same password multiple
places – banks, amazon and other online retailers and then at work
Multi-factor Authentication can prevent all of these!
Even if an intruder has a valid
user id / password combination,
they won’t have the second
authentication piece.
24. Protect
external and
internal points
of entry
Heavy focus on
defending
against “insider”
threats
IBM i platform
includes
extensive options
for access control
Granting/revoking
Elevated Authority
Avoid reliance
upon basic
password-based
authentication
24
25. Harden the
ultimate
targets:
Data at rest
and in motion
Ransomware is
about finding
and “kidnapping”
your data via
encryption
Stealthy, nearly
invisible
Applies to all your
data, wherever it
exists, and at all
times
25
26. Always be
monitoring
Seemingly
normal
anomalies may
indicate attack
already in
progress
Elevated
privileges
acquired,
leveraged to
continue
“exploring”
Approach
systems
surveillance and
security analysis
as a fuzzy-logic
process
Upgrade access
control rules
26
27. Integrate and coordinate security
27
Security Information and Event Management (SIEM) solutions
are integral to security
• IBM i is deeply integrated operationally with all your other
systems and platforms,
• IBM i security must also be fully integrated enterprise
security plans and systems.
Challenges to integrating IBM i include:
• Wide range of security log sources, proprietary data formats
• Specialized, platform-specific skills
Best approach: Third-party solution to automate monitoring
and presentation of IBM i security data to your SIEM solution
29. Assure Security for IBM i
• Defending against the increasing sophistication and complexity
of today’s security threats, including malware requires a
comprehensive, multi-layered approach.
• The key is to maximize the strength of each layer of your
defenses, and then ask:
“If this layer is breached, what do I have
in place to prevent further damage?”
• Assure Security delivers market-leading IBM i security
capabilities that help your organization successfully comply
with increasingly stringent cybersecurity regulations and
effectively address current and emerging security threats.
29
30. 30
30
Assure Security
Data Privacy
Assure Encryption
Assure Secure File
Transfer
Assure Monitoring
and Reporting
Assure Db2 Data
Monitor
Access Control
Assure System
Access Manager
Assure Elevated
Authority Manager
Assure Multi-Factor
Authentication
Monitoring Malware Defense
Assure System
Access Manager
Assure Elevated
Authority Manager
Assure Multi-Factor
Authentication
Assure Monitoring
and Reporting
Assure Encryption
Assure
Security
addresses
top security
concerns
31. 31
Malware
Defense
Assure System Access Manager
Secure all points of entry into to your
system including network access,
database access, command line access
and more
Assure Monitoring and Reporting
Simplify analysis of IBM i journals to
monitor for security incidents and generate
reports and alerts
Assure Elevated Authority
Manager
Automatically elevate user authority as-
needed and on a limited basis
Assure Multi-Factor Authentication
Strengthen login security by requiring
multiple forms of authentication
Assure Encryption
Transform human-readable database
fields into unreadable cypher text using
industry-certified encryption & key
management solutions
32. For more information
on defending against
malware
32
https://www.precisely.com/resource-center/ebooks/how-malware-is-reshaping-
ibm-i-security-the-rules-have-changed
Framing the “New Rules” Evoking the Alt+Ctrl+Del three-finger salute option for IT Security Management
+Hopefully, the word “Scoff will trigger connection to Monty Python, setting up readiness for the following visual
Heavy focus on defending against “insider” threats
Cyber-thieves prowling your systems are extremely expert at blending in with your employees, contractors, and business partners, and even your security team
IBM i platform includes extensive options for access control
However, manually maintaining access controls can become overwhelming, even for smaller organizations
Ad hoc, manual access management does not scale easily for managing large and complex environments
Significant risk for human error/failure
Special attention to granting/revoking Elevated Authority
Some roles have a valid business case
But too often, lax control over access rights results in too many overly powerful users
Temporary permissions that are never actually revoked
Avoid excessive reliance upon basic password-based authentication and single sign-on
Password overload… “Just write it down”
It only takes one errant sticky note to expose your entire organization to a devastating ransomware attack
Assume that some system within your organization and its network of partners and vendors, will be breached
Ransomware is about finding and “kidnapping” your data via encryption
Remediation is incredibly difficult, time consuming and very, very expensive. In some cases, it may be completely impossible
Even after ransom is paid and data unlocked, hackers can still resell for more profit
Make your data a “hard target”
Make it much harder to find
Render it essentially worthless to hackers by encrypting it before they can get to it
This fundamental requirement applies to all your data, wherever it exists, and at all times
While being viewed, created, or modified in a production system
While being used in development testing;
While being sent and received across internal or external networks
Includes all HA and DR backup data!
Seemingly normal, unconnected events or benign anomalies may actually indicate attack already in progress
The ‘Burrowing’ Phase
Attacker moves slowly, days or weeks
Limits activities to short, non-obvious frequency or elapsed time
Absolutely inactive during the vast majority of attack duration
Elevated privileges acquired, leveraged to continue “exploring”
Accounts, systems and data sets accessed, evaluated, left unchanged
Makes only tiny, incremental moves or changes, only when necessary
Approach systems surveillance and security analysis as a fuzzy-logic process:
Leverage the innate human ability for ‘Theory of Mind’
Constant, real-time, in-context assessments, by multiple individuals
Upgraded access control rules:
Additional challenge for infrequent vendor access
Every vendor log on / access triggers exit-point check of vendor status in payable