SAS 2012 Official Video is available at http://www.youtube.com/watch?v=Vr8lmIhc0pk
Abstracts: All companies are invested in security, but far from all came to realize: employees’ awareness and education are the key factors to improve information protection and prevent data leaks. You can install most powerful DLP, encryption and other security tools, hire a lot of security officers and consulters to tune your business processes, eventually waste a lot of money and resources at security issues, but if end-users don’t understand threats, don’t know rules – they cannot follow internal policies and regulations, cannot correctly use appropriate tools. It’s all for nothing. Efficient information security strategy is to create a culture of awareness and enforcement – culture where users understand the consequences.
This session is about 3 main things:
1) What is user awareness in information security?
2) Why user awareness is required?
3) How to raise user awareness and what are key factors.
Practical recommendations for security user awareness program adopters and practitioners will be given. Role of the DLP in raising user awareness will be highlighted.
Related links:
http://www.youtube.com/watch?v=vXlyuGXAZzU – Valery Boronin on Data Luxury Protection at DLP Russia 2011 (in Russian)
Symantec announced it is planning to offer Symantec Data Loss Prevention for Tablet, the first comprehensive data loss prevention (DLP) solution for the monitoring and protection of sensitive information on tablet computers. Available first for the Apple iPad, Symantec Data Loss Prevention for Tablet will help solve one of the most urgent problems facing security organizations today by providing content-aware protection for this remarkably popular new corporate endpoint. The solution is designed to maintain user productivity and protect an organization’s confidential data at the same time.
ISSA DLP Presentation - Oxford Consulting Groupaengelbert
For many organizations, there is an unsettling reality that they do not have the adequate visibility over critical data assets within their environment. This is one of many factors that are driving companies to consider Data Loss Prevention (DLP) technologies. In this session, we’ll remove the typical fear, uncertainty and doubt spin surrounding this technology and focus on a holistic solution that leverages this technology to enable your business.
Overview of Data Loss Prevention (DLP) TechnologyLiwei Ren任力偉
DLP is a technology that detects potential data breach incidents in timely manner and prevents them by monitoring data in-use (endpoints), in-motion (network traffic), and at-rest (data storage). It has been driven by regulatory compliances and intellectual property protection. This talk will introduce DLP models that describe the capabilities and scope that a DLP system should cover. A few system categories will be discussed accordingly with high-level system architecture. DLP is an interesting technology in that it provides advanced content inspection techniques. As such, a few content inspection techniques will be proposed and investigated in rigorous terms.
Shariyaz abdeen data leakage prevention presentationShariyaz Abdeen
Data leakage prevention is one of the key topics which we have been talking in present. Due to the organizations moving towards big data, financial systems.. which resides in cyber space, there is an increasing number of frauds associated with the technology revolution in the cyberspace.This post highlights the threats and the counter measures, so we can protect the sensitive personal data. I prefer the approach of “ Trust but verify model ”.
Symantec announced it is planning to offer Symantec Data Loss Prevention for Tablet, the first comprehensive data loss prevention (DLP) solution for the monitoring and protection of sensitive information on tablet computers. Available first for the Apple iPad, Symantec Data Loss Prevention for Tablet will help solve one of the most urgent problems facing security organizations today by providing content-aware protection for this remarkably popular new corporate endpoint. The solution is designed to maintain user productivity and protect an organization’s confidential data at the same time.
ISSA DLP Presentation - Oxford Consulting Groupaengelbert
For many organizations, there is an unsettling reality that they do not have the adequate visibility over critical data assets within their environment. This is one of many factors that are driving companies to consider Data Loss Prevention (DLP) technologies. In this session, we’ll remove the typical fear, uncertainty and doubt spin surrounding this technology and focus on a holistic solution that leverages this technology to enable your business.
Overview of Data Loss Prevention (DLP) TechnologyLiwei Ren任力偉
DLP is a technology that detects potential data breach incidents in timely manner and prevents them by monitoring data in-use (endpoints), in-motion (network traffic), and at-rest (data storage). It has been driven by regulatory compliances and intellectual property protection. This talk will introduce DLP models that describe the capabilities and scope that a DLP system should cover. A few system categories will be discussed accordingly with high-level system architecture. DLP is an interesting technology in that it provides advanced content inspection techniques. As such, a few content inspection techniques will be proposed and investigated in rigorous terms.
Shariyaz abdeen data leakage prevention presentationShariyaz Abdeen
Data leakage prevention is one of the key topics which we have been talking in present. Due to the organizations moving towards big data, financial systems.. which resides in cyber space, there is an increasing number of frauds associated with the technology revolution in the cyberspace.This post highlights the threats and the counter measures, so we can protect the sensitive personal data. I prefer the approach of “ Trust but verify model ”.
Best Practices for Implementing Data Loss Prevention (DLP)Sarfaraz Chougule
Vast amounts of your organization's sensitive data are accessible, stored, and used by authorized employees and partners on a host of devices and servers. Protecting that data where ever it is stored or travels is a top priority.
Data Loss Prevention technologies are needed to protect data coming into and leaving the organization. There are a number of problems and challenges with the many vendors supplying DLP technology. This presenation reviews some of the Myths around Data Loss Prevention.
Symantec Data Loss Prevention 11 simplifies the detection and protection of intellectual property. Symantec’s market-leading data security suite features Vector Machine Learning, which makes it easier to detect hard-to-find intellectual property, and enhancements to Data Insight that streamline remediation, increasing the effectiveness of an organization’s data protection initiatives.
Data Leakage is an important concern for the business organizations in this increasingly networked world these days. Unauthorized disclosure may have serious consequences for an organization in both long term and short term. Risks include losing clients and stakeholder confidence, tarnishing of brand image, landing in unwanted lawsuits, and overall losing goodwill and market share in the industry.
DLP 101: Help identify and plug information leaksAbhishek Sood
A data loss prevention (DLP) strategy isn’t something to be taken lightly: its cost, impact on process, and responsibility for keeping an enterprise’s data secure cannot be understated as data becomes more accessible and mobile.
In this e-guide discover:
What it means for security for data to be in use, in motion, and at rest
How DLP works: standalone vs. integrated
The DLP learning curve
And more
All the essential information you need about DLP in one eBook.
As security professionals struggle with how to keep up with threats, DLP - a technology designed to ensure sensitive data isn't stolen or lost - is hot again. This comprehensive guide provides what you need to understand, evaluate, and succeed with today's DLP. It includes insights from DLP Experts, Forrester Research, Gartner, and Digital Guardian's security analysts.
What's Inside:
-The seven trends that have made DLP hot again
-How to determine the right approach for your organization
-Making the business case to executives
-How to build an RFP and evaluate vendors
-How to start with a clearly defined quick win
-Straight-forward frameworks for success
DLP Systems: Models, Architecture and AlgorithmsLiwei Ren任力偉
DLP is a data security technology that detects and prevents data breach incidents by monitoring data in-use, in-motion and at-rest. It has been widely applied for regulatory compliances, data privacy and intellectual property protection. This talk will introduce basic concepts and security models to describe DLP systems with high level architecture. DLP is an interesting discipline with content inspection techniques supported by sophisticated algorithms. Special investigation will be taken for a few algorithms: document fingerprinting, data record fingerprinting, scalable M-pattern string match and etc..
Securing Your Data for Your Journey to the CloudLiwei Ren任力偉
n the era of cloud computing, data security is one of the concerns for adopting cloud applications. In this talk, we will investigate a few general data security issues caused by cloud platforms: (a) Data security & privacy for the residence in cloud when using cloud SaaS or cloud apps; (b) Data leaks to personal cloud apps directly from enterprise networks; (c) Data leaks to personal cloud apps indirectly via BYOD devices.
Multiple technologies do exist for solving these data security issues. They are CASB , Cloud Encryption Gateway, Cloud DLP, and even traditional DLP. Those products or services are ad-hoc in nature. In long term, general cloud security technologies such as FHE (fully homomorphic encryption) or MPC (multi-party computation) should be implemented when they become practical.
DSS ITSEC 2013 Conference 07.11.2013 - For your eyes only - Symantec PGP Re-L...Andris Soroka
Presentation from one of the remarkable IT Security events in the Baltic States organized by “Data Security Solutions” (www.dss.lv ) Event took place in Riga, on 7th of November, 2013 and was visited by more than 400 participants at event place and more than 300 via online live streaming.
Best Practices for Implementing Data Loss Prevention (DLP)Sarfaraz Chougule
Vast amounts of your organization's sensitive data are accessible, stored, and used by authorized employees and partners on a host of devices and servers. Protecting that data where ever it is stored or travels is a top priority.
Data Loss Prevention technologies are needed to protect data coming into and leaving the organization. There are a number of problems and challenges with the many vendors supplying DLP technology. This presenation reviews some of the Myths around Data Loss Prevention.
Symantec Data Loss Prevention 11 simplifies the detection and protection of intellectual property. Symantec’s market-leading data security suite features Vector Machine Learning, which makes it easier to detect hard-to-find intellectual property, and enhancements to Data Insight that streamline remediation, increasing the effectiveness of an organization’s data protection initiatives.
Data Leakage is an important concern for the business organizations in this increasingly networked world these days. Unauthorized disclosure may have serious consequences for an organization in both long term and short term. Risks include losing clients and stakeholder confidence, tarnishing of brand image, landing in unwanted lawsuits, and overall losing goodwill and market share in the industry.
DLP 101: Help identify and plug information leaksAbhishek Sood
A data loss prevention (DLP) strategy isn’t something to be taken lightly: its cost, impact on process, and responsibility for keeping an enterprise’s data secure cannot be understated as data becomes more accessible and mobile.
In this e-guide discover:
What it means for security for data to be in use, in motion, and at rest
How DLP works: standalone vs. integrated
The DLP learning curve
And more
All the essential information you need about DLP in one eBook.
As security professionals struggle with how to keep up with threats, DLP - a technology designed to ensure sensitive data isn't stolen or lost - is hot again. This comprehensive guide provides what you need to understand, evaluate, and succeed with today's DLP. It includes insights from DLP Experts, Forrester Research, Gartner, and Digital Guardian's security analysts.
What's Inside:
-The seven trends that have made DLP hot again
-How to determine the right approach for your organization
-Making the business case to executives
-How to build an RFP and evaluate vendors
-How to start with a clearly defined quick win
-Straight-forward frameworks for success
DLP Systems: Models, Architecture and AlgorithmsLiwei Ren任力偉
DLP is a data security technology that detects and prevents data breach incidents by monitoring data in-use, in-motion and at-rest. It has been widely applied for regulatory compliances, data privacy and intellectual property protection. This talk will introduce basic concepts and security models to describe DLP systems with high level architecture. DLP is an interesting discipline with content inspection techniques supported by sophisticated algorithms. Special investigation will be taken for a few algorithms: document fingerprinting, data record fingerprinting, scalable M-pattern string match and etc..
Securing Your Data for Your Journey to the CloudLiwei Ren任力偉
n the era of cloud computing, data security is one of the concerns for adopting cloud applications. In this talk, we will investigate a few general data security issues caused by cloud platforms: (a) Data security & privacy for the residence in cloud when using cloud SaaS or cloud apps; (b) Data leaks to personal cloud apps directly from enterprise networks; (c) Data leaks to personal cloud apps indirectly via BYOD devices.
Multiple technologies do exist for solving these data security issues. They are CASB , Cloud Encryption Gateway, Cloud DLP, and even traditional DLP. Those products or services are ad-hoc in nature. In long term, general cloud security technologies such as FHE (fully homomorphic encryption) or MPC (multi-party computation) should be implemented when they become practical.
DSS ITSEC 2013 Conference 07.11.2013 - For your eyes only - Symantec PGP Re-L...Andris Soroka
Presentation from one of the remarkable IT Security events in the Baltic States organized by “Data Security Solutions” (www.dss.lv ) Event took place in Riga, on 7th of November, 2013 and was visited by more than 400 participants at event place and more than 300 via online live streaming.
Презентация с вебинара по комплексу McAfee DLP.
Основной упор был сделан на использование новых возможностей DLP Endpoint 9.4 для пресечения случайных/умышленных попыток передачи информации в чужие руки по различным каналам.
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...Edge Pereira
Edge Pereira presentation at Microsoft TechEd Australia. Session OSS304 Regulatory Compliance and Microsoft Office 365 - data leakage protection, dlp, privacy, sharepoint
At the highest level, our mission continues to be about keeping our customers (companies and governments) safe from ever-evolving digital threats, so they are confident to move business forward. Our strategy to accomplish this mission centers around four key pillars: Advanced Threat Protection, Information Protection for On Premise and Cloud, Security as a Service -- all anchored by a Unified Security Analytics Platform. Symantec Data Loss Prevention is a foundational product in the Information Protection for On Premise and Cloud pillar.
Everyone knows that storing and accessing data and applications in the cloud and on mobile devices provides makes work much easier and productive by allowing employees to work everywhere they need to.
It allows for great business agility – applications are always up to date, new functionality and processes can be deployed and activated quickly and organizations can adjust things on the fly if they need to.
It also brings the convenience factor – all employees to work in the way that they need to, collaboration and sharing is made vastly easier with cloud applications and storage.
But it brings with it all the challenges of securing devices and applications that your don’t own, and whilst saying NO might be the right thing for security, end users will find a way around it. Right now, close to 30% of employees use their personal devices for work. And that number is on the rise, potentially turning BYOD into Bring Your Own Disaster.
Humans Are The Weakest Link – How DLP Can Help?Vera Trubacheva
Human is the weakest link in security. What to do? How DLP can help?
All companies are invested in security, but far from all came to realize: employees’ awareness and education are the key factors to improve information protection and prevent data leaks. You can install most powerful DLP, encryption and other security tools, hire a lot of security officers and consulters to tune your business processes, eventually waste a lot of money and resources at security issues, but if end-users don’t understand threats, don’t know rules – they cannot follow internal policies and regulations, cannot correctly use appropriate tools. It’s all for nothing. Efficient information security strategy is to create a culture of awareness and enforcement – culture where users understand the consequences.
This session is about 3 main things:
1) What is user awareness in information security?
2) Why user awareness is required?
3) How to raise user awareness and what are key factors.
Practical recommendations for security user awareness program adopters and practitioners will be given. Role of the DLP in raising user awareness will be highlighted.
The Key to Effective Analytics: Fast-Returning QueriesEric Kavanagh
The best business analysts understand the value of having a "conversation" with their data. The idea is that they can pose queries, examine results, then quickly modify their questions to home in on a desired answer. This kind of iterative process creates a fluid environment that is highly conducive for identifying meaningful patterns in data. Register for this episode of Hot Technologies to hear Bloor Group Chief Analyst Dr. Robin Bloor and Data Scientist Dez Blanchfield as they outline why fluid analytics should be the norm and which hurdles still stand in the way. They'll be briefed by Bullett Manale of IDERA who will demonstrate his company's diagnostic platform for analytics. He'll provide context, and also deliver a demo that shows real-world solutions that enable iterative analytics.
Why there is no future for Model Driven DevelopmentJohan den Haan
Talk at Ecole des Mines de Nantes: In this talk I will tell you my story of developing a successful Model Driven Software Factory with a fast growing user base.
I will cover topics like selecting a domain, designing DSLs, growing a DSL (evolution), generating the application, quality and testing, release planning, and creating a user base.
I will also tell you how I came to the conclusion that there is no future for Model-Driven Development.
Sunrise is expert in product development for robust, reliable, "smart" devices and instrumentation and have deep technical expertise in project management and systems integration. We excel as a strategic engineering resource ranging from complete product development to component obsolescence, 3rd edition, RoHS/REACH compliance, SWQA, V&V, and life cycle management and are ISO-13485 certified.
Building big scale data product doesn't rely only on sophisticated modeling. It also requires an agile methodology, iterative research & development process, versatile big data stack, and a value-oriented mindset. I'll discuss how we -at Dsquares- build big-scale AI product that leverages clients' data from different industries to deliver business-critical value to the end customer. I'll cover the process of product discovery, R&D tasks for unsolved problems, and mapping business requirements into big data technical requirements.
Sira insights from cloud vendor risk assessmentsCary Sholer
This presentation was given to the Society of Risk Management Association in December 2012. Its purpose was to help information security and IT risk management professionals conduct risk assessments wisely on cloud service providers.
The New Database Frontier: Harnessing the CloudInside Analysis
The Briefing Room with Rick Sherman and MarkLogic
Live Webcast on May 13, 2014
Watch the archive:
https://bloorgroup.webex.com/bloorgroup/lsr.php?RCID=9cd8eec52f7968721fdcd922e4f70369
The number of data types and sources is increasing almost daily anymore, which poses serious challenges for analytics and discovery. With many of these data sets in the Cloud, analysts are realizing that merging such public resources with internal information assets can be quite problematic. Solutions like virtualization and federation can get the job done, but another option is to employ a database that can natively connect to all these external sources.
Register for this episode of The Briefing Room to hear veteran Analyst Rick Sherman as he explains how the changing needs of the user are driving database innovation. He’ll be briefed by Ken Krupa of MarkLogic, who will tout his company’s NoSQL document database. He’ll discuss the importance of expanding the definition of what it means to be a database, and he’ll show how MarkLogic’s ability to tap into more sources than ever creates a scale-out data nerve center, thus delivering faster and better insights.
Visit InsideAnlaysis.com for more information.
DataOps - Big Data and AI World London - March 2020 - Harvinder AtwalHarvinder Atwal
Title
DataOps, the secret weapon for delivering AI, data science, and business intelligence value at speed.
Synopsis
● According to recent research, just 7.3% of organisations say the state of their data and analytics is excellent, and only 22% of companies are currently seeing a significant return from data science expenditure.
● Poor returns on data & analytics investment are often the result of applying 20th-century thinking to 21st-century challenges and opportunities.
● Modern data science and analytics require secure, efficient processes to turn raw data from multiple sources and in numerous formats into useful inputs to a data product.
● Developing, orchestrating and iterating modern data pipelines is an extremely complex process requiring multiple technologies and skills.
● Other domains have to successfully overcome the challenge of delivering high-quality products at speed in complex environments. DataOps applies proven agile principles, lean thinking and DevOps practices to the development of data products.
● A DataOps approach aligns data producers, analytical data consumers, processes and technology with the rest of the organisation and its goals.
Self Service Analytics and a Modern Data Architecture with Data Virtualizatio...Denodo
Watch full webinar here: https://bit.ly/32TT2Uu
Data virtualization is not just for self-service, it’s also a first-class citizen when it comes to modern data platform architectures. Technology has forced many businesses to rethink their delivery models. Startups emerged, leveraging the internet and mobile technology to better meet customer needs (like Amazon and Lyft), disrupting entire categories of business, and grew to dominate their categories.
Schedule a complimentary Data Virtualization Discovery Session with g2o.
Traditional companies are still struggling to meet rising customer expectations. During this webinar with the experts from g2o and Denodo we covered the following:
- How modern data platforms enable businesses to address these new customer expectation
- How you can drive value from your investment in a data platform now
- How you can use data virtualization to enable multi-cloud strategies
Leveraging the strategy insights of g2o and the power of the Denodo platform, companies do not need to undergo the costly removal and replacement of legacy systems to modernize their systems. g2o and Denodo can provide a strategy to create a modern data architecture within a company’s existing infrastructure.
SecDevOps. Разработка, DevOps и безопасность.Valery Boronin
Разработка, DevOps и безопасность. Расширяем безопасную разработку (SDL) на стадию «после релиза».
Доклад был представлен на Стачке в г. Ульяновск: https://nastachku.ru/secdevops
Пару лет назад попросили поделиться опытом проектного управления для глав поселений Новосибирской области, в разрезе грантов по губернаторской программе 2014 года.
О чем материал?
О том, что поможет
1. Найти тему для гранта и выиграть
2. Не проколоться, выиграв
3. Успешно выполнить и отчитаться
SSDL для руководителей: как перевести команду на безопасную разработку и не выстрелить себе в ногу.
25 ноября в Технологическом центре Microsoft состоится PDUG Meetup: SSDL for Management — встреча для руководителей R&D- и ИБ-подразделений, управляющих крупными проектами и командами разработки
https://habrahabr.ru/company/pt/blog/315840/
--
Дополнительно: www.slideshare.net/ValeryBoronin/2016-61855208
PT APPLICATION INSPECTOR SSDL EDITION™:
BUILDING THE PROCESS OF SECURE DEVELOPMENT
Leaflet made for PHD 2016.
More info:
www.slideshare.net/ValeryBoronin/application-inspector-ssdl-edition-product
Russian version:
www.slideshare.net/ValeryBoronin/pt-application-inspector-ssdl-edition-leaflet
PT AI Desktop Edition product brief:
www.slideshare.net/ValeryBoronin/pt-application-inspector-desktop-edition-product-brief
Листовка нашего продукта, подготовленная к PHD 2016. Подробнее по ссылке http://www.slideshare.net/ValeryBoronin/application-inspector-ssdl-edition-product
English version:
www.slideshare.net/ValeryBoronin/pt-application-inspector-ssdl-edition-leaflet-67085824
PT AI Desktop edition product brief:
www.slideshare.net/ValeryBoronin/pt-application-inspector-desktop-edition-product-brief
The first public appearance of the Application Inspector (AI) SSDL product by Positive Technologies happened at PHDays 2016. Here is pptx used during live demo.
Development with AI* \ AI SSDL – your step to more safe, secure, reliable code.
*AI SSDL rely on AI core technologies, see https://www.ptsecurity.com/products/#ai.
Построение процесса безопасной разработки - Стачка 2016Valery Boronin
Безопасность - критически важный элемент любого программного решения. Элемент, который, рано или поздно, но заставит вспомнить о себе. Скупой платит дважды, а в данном случае – минимум четырежды. Безопасность и качество кода – связаны напрямую. Поэтому положение дел и с тем и с другим редко находят достаточно хорошим даже в самых успешных проектах – всегда хочется бОльшего. А где-то бывает просто необходим качественный переход и точечными мерами кардинально ситуацию уже не исправить, нужен системный подход.
Вот почему наладить процесс обеспечения и повысить уровень зрелости безопасности разработки, повысить качество кода – хотят многие руководители и разработчики. Как это сделать системно и в согласии? Какие риски для одних, какие трудозатраты для других? И стоит ли овчинка выделки? Об этом и поговорим.
2016/05/10: загружена версия для оффлайна.
Презентация поддерживающая мое выступление на DLP Russia 2010 с темой «Вечная битва за безопасность: угроза велика, а отступать некуда – позади мои данные».
Главная мысль: Endpoints – арена грядущих сражений. Курс - на endpoints! - слайд 22.
Итоговые выводы полностью - слайд 24.
Впервые публично представлена волшебная формула (так зовем ее внутри) защиты endpoints - слайд 25.
В контексте внутренних угроз был сделан акцент на важности user awareness (обучение, учет психологии и т.п.) и обязательности забот по минимизации ущерба инсайдерами - слайд 19.
PDF в материалах конференции DLP-Russia 2010:
http://dlp-expert.ru/sites/default/files/archives/2010/dlp-russia2010-valery_boronin_kl.pdf
Data Luxury Protection - защита данных с удовольствием!Valery Boronin
Видеозапись выступления http://www.youtube.com/watch?v=vXlyuGXAZzU
--
Какой бы нам хотелось видеть защиту данных завтрашнего дня и почему. Будущее, к которому захочется устремиться.
На слайдах вариант на русском, который использовался для поддержки моего выступления на DLP Russia 2011. Смотреть презентацию лучше с анимацией, скачав pptx.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Leading Change strategies and insights for effective change management pdf 1.pdf
Humans Are The Weakest Link – How DLP Can Help
1. Click to edit Master title style
Humans Are The Weakest Link –
How DLP Can Help
Valery Boronin, Director DLP Research
Vera Trubacheva, System Analyst
DLP Research, R&D, Kaspersky Lab
February 3, 2012
Cancun, Mexico, Ritz-Carlton Hotel
2. Click to edit Master title style
Agenda
1. DLP to date
2. Key challenge
3. User awareness
1. What is it?
2. Why is it required?
3. How to raise it?
4. How DLP could help?
4. Q&A
3. DLP to date Master title style
Click to edit
Customers want: Customers receive:
1. Easy 1. Complicated
2. Convenient 2. Inconvenient
3. Reliable 3. Unreliable
4. Cheap 4. Expensive
Gartner research estimates that more than 800 technology vendors and other
providers currently have data security offerings. Numerous nontechnical controls
are also available. The difficulty of understanding all these options, their benefits
and their challenges tends to lead to enterprises using limited subsets of
the available tools and having serious gaps in controls and risk mitigation
Typical Elements of an Enterprise Data Security Program, Gartner, Aug 2009
Page 3 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
4. Key Challenge is the Complexity
Click to edit Master title style
Technologies
Data
Expertise
& Tools Luxury People
Protection
Processes
Page 4 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
5. Accusation against title style
Click to edit Master DLP 1.0
No user awareness in DLP 1.0
Claim 1: Raising user awareness.
Claim 2: Control of education efficiency.
Mock trial
Page 5 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
6. What to userMaster title style
Click is edit awareness?
User awareness is making users aware of information
security policies, threats, mitigating controls
Security education
Childhood Work
Page 6 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
7. Why is user awareness required?
Click to edit Master title style
1. It is required by law
See Appendix 1
Page 7 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
8. Why is user awareness required?
Click to edit Master title style
2. To protect the weakest link in
security – the human
Page 8 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
9. Why is user awareness required? Evidence 1
Click to edit Master title style
Guess what this is:
• 12345
• qwerty
• 11111
• abc123
• admin
Page 9 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
10. Why is user awareness required? Evidence 2
Click to edit Master title style
Page 10 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
11. Why is user awareness required? Evidence 3
Click to edit Master title style
Security incidents The weakest link in
security is human!
100%
Target of all 90%
successful APT
attacks is a user Exploits need a
75%
(Mandiant) user interaction
(Symantec) Human factor 60%
Accidental mistakes
(InfoWatch)
Page 11 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
12. Why is user awareness required?
Click to edit Master title style
3. To reduce huge costs!
$7,2 billion per data
breach in 2010
$56,165 for a lost
notebook in 2010
You could buy a yacht like this for one data breach
Page 12 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
13. How to raiseMaster title style
Click to edit user awareness?
Recognize
the problem
Page 13 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
14. How to raiseMaster title style
Click to edit user awareness?
Get top
management
support
Page 14 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
15. How to raiseMaster title style
Click to edit user awareness?
Know your data
Page 15 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
16. How to raise user awareness?
Click to edit Master title style
Prepare
clear, simple
instructions
Page 16 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
17. What to edit Master title style
Click to teach?
1.Security basics
2.Corporate policy rules
3.Incident response
Page 17 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
18. How to teach?
Click to edit Master title style
Use different ways
See Appendix 2
Page 18 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
19. Key Factor 1Master title style
Click to edit
Explain
Page 19 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
20. Key Factor 2Master title style
Click to edit
Measure
results
before and
after
Page 20 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
21. Key Factor 3Master title style
Click to edit
Explain
consequences
for secure and
unsecure
behavior
Page 21 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
22. Members of the Jury: Time for Action
Click to edit Master title style
Poll of the Jury
Page 22 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
23. Courtto edit Master title style
Click Decision: Verdict
DLP 1.0 must
1. Raise user awareness
2. Control education efficiency
Page 23 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
24. Click to edit Master title style
Humans Are The Weakest Link – How DLP Can Help
Thank you!
Raise User Awareness!
Valery Boronin Vera Trubacheva
Director DLP Research System Analyst, DLP Research
Kaspersky Lab Kaspersky Lab
Valery.Boronin@kaspersky.com Vera.Trubacheva@kaspersky.com
+7 495 797 8700 x4200 +7 495 797 8700 x4201
25. Appendix 1 Master title style
Click to edit
For compliance with laws and regulations:
• Payment Card Industry Data Security Standard (PCI DSS)
• Federal Information System Security Managers Act (FISMA)
• Health Insurance Portability and Accountability Act (HIPAA)
• Gramm-Leach-Bliley Act (GLBA)
• Sarbanes-Oxley Act (SOX)
• EU Data Protection Directive
• National Institute of Standards and Technology (NIST 800-53)
• International Organization for Standardization: ISO/IEC 27001 & 27002
• Control Objectives for Information and Related Technology (CoBiT 4.1)
• Red Flag Identity Theft Prevention
• Personal Information Protection and Electronic Documents Act (PIPEDA)
• Management of Federal Information Resources (OMB Circular A-130)
• Some state breach notification laws (ie Massachusetts 201 CMR 17.00)
• Стандарт Банка России по обеспечению информационной безопасности
организаций банковской системы Российской Федерации (СТО БР
ИББС)
Page 25 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
26. Appendix 2 Master title style
Click to edit
• Security topics
• E-mail etiquette
• Social Engineering
• Clean Desk
• Protecting Sensitive Information
• Strong Password
• Data owners
• Internet
• Identity theft
• Personal use
• Protecting data
• Mobile security
Page 26 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
27. Appendix 3 Master title style
Click to edit
Sources of Awareness Material:
• CERT
• Ponemon Institute
• ISSA
• The university of Arizona
• NIST SP 800-50 and NIST SP 800-16
• SANS (presentations, Security Awareness Newsletters,
training)
• InfoSecurityLab (posters, Wallpapers & Screensavers,
Newsletters)
Page 27 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
Editor's Notes
Valery brings funny toy to the scene & makes it sitting.Hello everyone.I am veryglad to openConference Day Two. My name is Valery Boronin and, together <pointing gesture to Vera> with Vera Trubacheva, werepresent DLP Research department at Kaspersky Lab.Antimalware technologiesare primarily focused on external threats and have achieved truly outstanding results to date, in many respects this success is due to years of effort by many of you. DLP focuses mainly on internal threatsandthe technology for this is not yet very mature But what is common for both is that a weakest link is always the same.Today, together with you, we will talk about the weakest link in security –the human.We will talkhow DLP can help the Human.
Let’s briefly overview an agenda.We spend a few minutes to figure out Customers’ expectationsin regard to DLP 1.0<pointing gesture to DLP 1.0 toy>, represented by this funny toy as a personification of DLP technologies to date.Then, I’ll describe Key Challenge for DLP vendors, relate it to the topic and deliver it together with Vera. <pointing gesture to Vera> Let’s go!
Valery :Dear friends, our performance is finished. Hope you enjoyed it. Thank you very much for your attention!