Change isn’t coming. It’s already here. More devices. More access points. More valuable data in the cloud. In this new digital era, perimeter controls and traditional security practices are not enough to safeguard your enterprise. You need security for the way the world works. Security intelligence and integrated controls are today’s essentials to gain visibility and get to a higher level of maturity. Learn how cloud, collaboration and cognitive will define the next era of security to help you outthink attackers and proactively protect your most critical assets.
*Cognitive Security Case Study*
_How venture capital can help to build the leading IT security company._
On January 30, Credo Ventures announces that Cisco Systems (NASDAQ:CSCO), the global leader in networking solutions for the Internet, intends to acquire Cognitive Security, Prague-based provider of network behavioral analysis software, for an undisclosed amount in cash and retention-based incentives. Credo Ventures has played a central role since it led the investment round in April 2011, joined by other investors including RSJ Private Equity and Evolution Equity.
We live in a digital world in which our happiness, health, and even our lives can depend on the performance of technology. From medical equipment to cars, and home security systems to smartphones, computerized equipment plays a greater role in the human experience with each passing year.
Kista watson summit final public versionIBM Sverige
IBM Security Strategi
Talare: Peter Holm, Sweden Country Manager Security Systems, IBM och Kaja Narum, Integrated Business Unit Leader Security, IBM
Security Operations Center behind the curtain
Talare: Marcus Hallberg, Technical Solution Specialist, IBM Security
From Log to SIEM ... and Incident Response
Talare: Marcus Hallberg, Marcus Hallberg, Technical Solution Specialist, IBM Security och Victor Grane, Techical Sales, IBM Security
IoT Security
Talare: Torbjörn Andersson, Senior Security Consultant, IBM
Presentationerna hölls på Watson Kista Summit 2018
Are You Ready to Move Your IAM to the Cloud?IBM Security
Many companies are considering moving their current identity and access management (IAM) implementations to the cloud, or they are looking at the cloud for their new IAM use cases. This might be driven by the threat of attacks via identities, increasing compliance mandates, expanding needs of end users for frictionless data access or improving the total cost of ownership.
View this presentation and watch the corresponding webinar to help you determine whether your organization is ready to move to IDaaS.
*Cognitive Security Case Study*
_How venture capital can help to build the leading IT security company._
On January 30, Credo Ventures announces that Cisco Systems (NASDAQ:CSCO), the global leader in networking solutions for the Internet, intends to acquire Cognitive Security, Prague-based provider of network behavioral analysis software, for an undisclosed amount in cash and retention-based incentives. Credo Ventures has played a central role since it led the investment round in April 2011, joined by other investors including RSJ Private Equity and Evolution Equity.
We live in a digital world in which our happiness, health, and even our lives can depend on the performance of technology. From medical equipment to cars, and home security systems to smartphones, computerized equipment plays a greater role in the human experience with each passing year.
Kista watson summit final public versionIBM Sverige
IBM Security Strategi
Talare: Peter Holm, Sweden Country Manager Security Systems, IBM och Kaja Narum, Integrated Business Unit Leader Security, IBM
Security Operations Center behind the curtain
Talare: Marcus Hallberg, Technical Solution Specialist, IBM Security
From Log to SIEM ... and Incident Response
Talare: Marcus Hallberg, Marcus Hallberg, Technical Solution Specialist, IBM Security och Victor Grane, Techical Sales, IBM Security
IoT Security
Talare: Torbjörn Andersson, Senior Security Consultant, IBM
Presentationerna hölls på Watson Kista Summit 2018
Are You Ready to Move Your IAM to the Cloud?IBM Security
Many companies are considering moving their current identity and access management (IAM) implementations to the cloud, or they are looking at the cloud for their new IAM use cases. This might be driven by the threat of attacks via identities, increasing compliance mandates, expanding needs of end users for frictionless data access or improving the total cost of ownership.
View this presentation and watch the corresponding webinar to help you determine whether your organization is ready to move to IDaaS.
Avoiding data breach using security intelligence and big data to stay out of ...IBM Security
Attackers and exploits are becoming increasingly sophisticated, and the pressure to protect business critical data is only getting more and more intense. Security Intelligence transforms the playing field by adding analytics and context, and shifts the balance in favor of the good guys. Today forward thinking organizations are looking at extending Security Intelligence even further by combining it with Big Data to form a solution that allows them to analyze new types of information, and data that travels at higher velocity, and in larger volume. This powerful combination yields new insights that can more effectively identify threats and fraud than ever before.
In this session, attendees will learn how to combine Security Intelligence and Big Data, and deploy a solution that is well suited for structured, repeatable tasks. We will also cover the addition of complementary new technologies that address speed and flexibility, and are ideal for analyzing unstructured data. This session will also highlight how organizations are using Security Intelligence to pro-actively detect advanced threats before they cause damage, and take effective corrective action if a compromise succeeds.
View the On-demand webinar: https://www2.gotomeeting.com/register/657029698
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
Information Security
1.Why the need to think about it?
2.What exactly are we talking about?
3.How do we go about doing something about it?
4.Is there a one-size-fits-all framework?
A New Remedy for the Cyber Storm ApproachingSPI Conference
Security has become a hot topic for all of us to consider. We share your concerns and have brought in an industry leader from IBM to discuss it with you. Presented by Joe Daw (Cybersecurity Architect, IBM) at the 2016 SPI Conference.
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...IBM Security
Businesses and governments alike are experiencing an alarming rate of malicious activity from both external and internal actors.
Not surprisingly, mission-critical mainframe applications make for desirable targets with large repositories of enterprise customer sensitive data. Mainframe environments are increasingly at risk opening accesses through the internet, mobile initiatives, big data initiatives, social initiatives, and more to drive the business forward. Additionally, there are some security challenges that are specific to the mainframe - traditional protection methods are no longer enough, insider threats are also on the rise, mainframe environments could be more vulnerable with reliance on privilege users to administer security, silo-ed mainframe IT management, limited ownership visibility, and lack of uniformed security management across the enterprise.
View this on-demand webcast to learn more about specific mainframe data protection challenges, top tips for protecting sensitive data, and key data protection capabilities that you should consider to address these challenges.
Register here for the playback: https://event.on24.com/wcc/r/1461947/D9664CC82EC641AA58D35462DB703470
Although a latecomer to the security party, HR organizations can play an important role in protecting assets and influencing good security behaviors. HR leadership can strengthen hiring practices, tighten responses for disgruntled employees, spearhead effective employee security education, advocate regulatory compliance and exemplify good privacy practices, be a good custodian of HR data, and rise to the challenges of hiring good cybersecurity professionals.
A security awareness presentation created for an audience of senior officials from MTNL (India's foremost telecom PSU). The presentation covers fundamentals of Information Security, it's evolution, present day risks from the IT and Telecom infrastructure perspective.
This presentation shows customers how IBM Security products and services help clients transform their security program, orchestrate their defenses throughout the attack lifecycle, and protect their most critical information and risks.
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...IBM Security
After the great response to the first “Safeguard Healthcare Identities and Data with Identity Governance and Intelligence” webinar and the continued success of IBM in the healthcare industry we have decided to bring it back!
With the increased focus on security, you may not have guessed that healthcare is one of the hardest hit industries. The people involved – doctors, nurses, hospital employees, patients, pharmacies and more – have become an easy entry point. Because of this, healthcare organizations have started to look for ways to better manage and govern the identities of their users. The challenge has been integrating with their Electronic Medical Record (EMR) systems, however, IBM has devised a solution.
View the slides from this December 5th webinar to learn about how IBM can help safeguard healthcare identities, as well as how IBM, using IBM Identity Governance and Intelligence, was able to integrate with EPIC EMR.
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...IBM Security
Data breach and Cybersecurity incident reporting regulations are becoming more widespread. The introduction of GDPR in May 2018, with its 72-hour reporting requirement, resulted in organizations having to review their incident response processes and more regional and industry-specific regulations are being introduced all the time. Security Operations and Privacy teams need to be aligned to meet these new requirements. Technology such as Security Orchestration and Automation is also being adopted to collaborate on the investigation and remediation of security incidents.
This webinar, hosted by Privacy experts from Ovum and IBM, will look at how technology can close the gap between Privacy and Security to reduce the time to contain incidents and maintain compliance with complex breach laws.
View the recording: https://event.on24.com/wcc/r/1930112/BE462033358FFF36C4B27F76C9755753?partnerref=LI
The Cloud is both compelling and alluring, offering benefits that entice many organizations into rapid adoption. But caution should be taken. Leveraging cloud technologies can offer tremendous opportunities, with the caveat of potentially introducing new security problems and business risks. Presented are strategic recommendations for cloud adoption to a community of application and infrastructure developers.
Accelerating SOC Transformation with IBM Resilient and Carbon BlackIBM Security
Security Operation Centers (SOCs) today are complex environments. They often have too many separate tools, uncoordinated analysts in the response process, and confusion around alert prioritization. Because of this, SOCs consistently struggle responding to the most urgent incidents.
The integration between IBM Resilient and Carbon Black helps SOCs overcome these challenges. IBM Resilient’s Intelligent Orchestration combined with Carbon Black Response provides a single view for all relevant response data and streamlines the entire security process. This makes it simpler for analysts to quickly and efficiently remediate cyberattacks.
Join experts Chris Berninger, Business Development Engineer, Carbon Black, and Hugh Pyle, Product Manager, IBM Resilient, for this webinar, to learn:
- How the IBM Resilient-Carbon Black integration works within your SOC to accelerate incident response improvement
- Strategies to implement Intelligent Orchestrate and automation into your incident response process
- Actions that can be taken today for maximizing the effectiveness of your SOC
NBIC, an acronym for Nanotechnology, Biotechnology, Information technology and Cognitive science, was, in 2014, the most popular term for converging technologies. It was introduced into public discourse through the publication of "Converging Technologies for Improving Human Performance", a report sponsored in part by the U.S. National Science Foundation.
----------
Videos:
Part 1: http://www.aparat.com/v/0Yolq
Part 2: http://www.aparat.com/v/3pWTa
Avoiding data breach using security intelligence and big data to stay out of ...IBM Security
Attackers and exploits are becoming increasingly sophisticated, and the pressure to protect business critical data is only getting more and more intense. Security Intelligence transforms the playing field by adding analytics and context, and shifts the balance in favor of the good guys. Today forward thinking organizations are looking at extending Security Intelligence even further by combining it with Big Data to form a solution that allows them to analyze new types of information, and data that travels at higher velocity, and in larger volume. This powerful combination yields new insights that can more effectively identify threats and fraud than ever before.
In this session, attendees will learn how to combine Security Intelligence and Big Data, and deploy a solution that is well suited for structured, repeatable tasks. We will also cover the addition of complementary new technologies that address speed and flexibility, and are ideal for analyzing unstructured data. This session will also highlight how organizations are using Security Intelligence to pro-actively detect advanced threats before they cause damage, and take effective corrective action if a compromise succeeds.
View the On-demand webinar: https://www2.gotomeeting.com/register/657029698
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
Information Security
1.Why the need to think about it?
2.What exactly are we talking about?
3.How do we go about doing something about it?
4.Is there a one-size-fits-all framework?
A New Remedy for the Cyber Storm ApproachingSPI Conference
Security has become a hot topic for all of us to consider. We share your concerns and have brought in an industry leader from IBM to discuss it with you. Presented by Joe Daw (Cybersecurity Architect, IBM) at the 2016 SPI Conference.
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...IBM Security
Businesses and governments alike are experiencing an alarming rate of malicious activity from both external and internal actors.
Not surprisingly, mission-critical mainframe applications make for desirable targets with large repositories of enterprise customer sensitive data. Mainframe environments are increasingly at risk opening accesses through the internet, mobile initiatives, big data initiatives, social initiatives, and more to drive the business forward. Additionally, there are some security challenges that are specific to the mainframe - traditional protection methods are no longer enough, insider threats are also on the rise, mainframe environments could be more vulnerable with reliance on privilege users to administer security, silo-ed mainframe IT management, limited ownership visibility, and lack of uniformed security management across the enterprise.
View this on-demand webcast to learn more about specific mainframe data protection challenges, top tips for protecting sensitive data, and key data protection capabilities that you should consider to address these challenges.
Register here for the playback: https://event.on24.com/wcc/r/1461947/D9664CC82EC641AA58D35462DB703470
Although a latecomer to the security party, HR organizations can play an important role in protecting assets and influencing good security behaviors. HR leadership can strengthen hiring practices, tighten responses for disgruntled employees, spearhead effective employee security education, advocate regulatory compliance and exemplify good privacy practices, be a good custodian of HR data, and rise to the challenges of hiring good cybersecurity professionals.
A security awareness presentation created for an audience of senior officials from MTNL (India's foremost telecom PSU). The presentation covers fundamentals of Information Security, it's evolution, present day risks from the IT and Telecom infrastructure perspective.
This presentation shows customers how IBM Security products and services help clients transform their security program, orchestrate their defenses throughout the attack lifecycle, and protect their most critical information and risks.
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...IBM Security
After the great response to the first “Safeguard Healthcare Identities and Data with Identity Governance and Intelligence” webinar and the continued success of IBM in the healthcare industry we have decided to bring it back!
With the increased focus on security, you may not have guessed that healthcare is one of the hardest hit industries. The people involved – doctors, nurses, hospital employees, patients, pharmacies and more – have become an easy entry point. Because of this, healthcare organizations have started to look for ways to better manage and govern the identities of their users. The challenge has been integrating with their Electronic Medical Record (EMR) systems, however, IBM has devised a solution.
View the slides from this December 5th webinar to learn about how IBM can help safeguard healthcare identities, as well as how IBM, using IBM Identity Governance and Intelligence, was able to integrate with EPIC EMR.
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...IBM Security
Data breach and Cybersecurity incident reporting regulations are becoming more widespread. The introduction of GDPR in May 2018, with its 72-hour reporting requirement, resulted in organizations having to review their incident response processes and more regional and industry-specific regulations are being introduced all the time. Security Operations and Privacy teams need to be aligned to meet these new requirements. Technology such as Security Orchestration and Automation is also being adopted to collaborate on the investigation and remediation of security incidents.
This webinar, hosted by Privacy experts from Ovum and IBM, will look at how technology can close the gap between Privacy and Security to reduce the time to contain incidents and maintain compliance with complex breach laws.
View the recording: https://event.on24.com/wcc/r/1930112/BE462033358FFF36C4B27F76C9755753?partnerref=LI
The Cloud is both compelling and alluring, offering benefits that entice many organizations into rapid adoption. But caution should be taken. Leveraging cloud technologies can offer tremendous opportunities, with the caveat of potentially introducing new security problems and business risks. Presented are strategic recommendations for cloud adoption to a community of application and infrastructure developers.
Accelerating SOC Transformation with IBM Resilient and Carbon BlackIBM Security
Security Operation Centers (SOCs) today are complex environments. They often have too many separate tools, uncoordinated analysts in the response process, and confusion around alert prioritization. Because of this, SOCs consistently struggle responding to the most urgent incidents.
The integration between IBM Resilient and Carbon Black helps SOCs overcome these challenges. IBM Resilient’s Intelligent Orchestration combined with Carbon Black Response provides a single view for all relevant response data and streamlines the entire security process. This makes it simpler for analysts to quickly and efficiently remediate cyberattacks.
Join experts Chris Berninger, Business Development Engineer, Carbon Black, and Hugh Pyle, Product Manager, IBM Resilient, for this webinar, to learn:
- How the IBM Resilient-Carbon Black integration works within your SOC to accelerate incident response improvement
- Strategies to implement Intelligent Orchestrate and automation into your incident response process
- Actions that can be taken today for maximizing the effectiveness of your SOC
NBIC, an acronym for Nanotechnology, Biotechnology, Information technology and Cognitive science, was, in 2014, the most popular term for converging technologies. It was introduced into public discourse through the publication of "Converging Technologies for Improving Human Performance", a report sponsored in part by the U.S. National Science Foundation.
----------
Videos:
Part 1: http://www.aparat.com/v/0Yolq
Part 2: http://www.aparat.com/v/3pWTa
Cognitive Security: How Artificial Intelligence is Your New Best FriendSparkCognition
For more information, visit http://sparkcognition.com
For all that you hear about artificial intelligence and machine learning, how can it help you keep your networks safer and more secure?
In this new era of computing, we will explore how artificial intelligence is being used to super charge human intelligence in threat detection, evidence gathering and remediation.
In this webinar we will discuss how this new, cutting edge cognitive security is being utilized to:
Increase speed, accuracy, and data processing capabilities to unparalleled levels
Reduce false alarms
Provide sub-second malware detection
Retain knowledge in a self-learning environment
Provide signature free security and zero-day threat detection
Developing Analytic Technique and Defeating Cognitive Bias in Securitychrissanders88
In this presentation, I discuss the evolution to the analysis era in information security and the challenges associated with it. This includes several examples of cognitive biases and the negative effects they can have on the analysis process. I also discuss different analytic techniques that can enhance analysis such as differential diagnosis and relational investigation.
Cognitive Security - Anatomy of Advanced Persistent Threats ('12)Gabriel Dusil
Check out my blog "Multiscreen & OTT for the Digital Generation" @ gdusil.wordpress.com.
“Advanced Persistent Threats”, or APTs, refers low-level attacks used collectively to launch a targeted & prolonged attack. The goal is to gain maximum control into the target organization. APTs pose serious concerns to a security management team, especially as APT toolkits become commercially and globally available. Today’s threats involve polymorphic malware and other techniques that are designed to evade traditional security measures. Best-in-class security solutions now require controls that do not rely on signature-based detection, since APTs are “signature-aware”, and designed to bypass traditional security layers. New methods are needed to combat these new threats such as Behavioral Analysis. Network Behavior Analysis proactively detects and blocks suspicious behavior before significant damage can be done by the perpetrator. This presentation provides some valuable statistics in the growing threat of APTs.
Life on the Endpoint Edge: Winning the Battle Against Cyber AttacksIBM Security
View On Demand Webinar: https://securityintelligence.com/events/life-on-the-endpoint-edge-winning-the-battle-against-cyber-attacks/
The perimeter – the boundary that encloses what you need to protect – was once a fixed value. Now your perimeter is wherever your endpoints are—from on-site servers at your headquarters, to employee devices connecting remotely around the globe. That picture is further complicated by the increasing types of devices that comprise your perimeter: point-of-sale systems (POS), ATMs, remote servers and even that ‘yet-to-be-invented device’ (that your boss will probably want on your network the week it’s released).
With cyber-attacks and vulnerabilities increasing in number and sophistication, how do you ensure endpoints in your organization are immunized against a potential breach while dealing with reduced budgets and limited resources?
View this on-demand webinar to learn about the state of endpoint security and how it is evolving to keep pace with attackers looking to exploit any gap in your perimeter.
View the on-demand recording: http://securityintelligence.com/events/why-insider-threats-challenge-critical-business-processes/
While advanced threats and mega breaches continue to make headlines, insider threats remain an insidious and often-overlooked area of concern. No longer limited to disgruntled employees, insider threats can come from inadvertent actors who set a breach in motion with an unknowing click on a malicious link in a spam email. Join us to find out the most likely entry points, from privileged users to quasi-insiders at trusted third-parties.
Understanding how to protect valuable data and resources from compromise is top of mind for most organizations. In this live webinar, we will explain common best practices and recommendations for combating this area of risk based on insights from the 2Q IBM X-Force Threat Intelligence Quarterly.
Préparez vous à une immersion profonde dans la gestion des applications et contenus mobiles et des outils de collaboration pour améliorer la réactivité des employés partout ou ils se trouvent. Nos experts vous montreront comment mettre en service, protéger et de gérer en permanence les données d'entreprise sur les appareils iOS, Android et Windows avec IBM MobileFirst Protect.
Ici, nous vous montrons les détails de l'inscription (enrollement) des appareils iOS, Android et Windows, la distribution des applications et nous abordons les politiques de sécurité pour intégrer la mobilité dans votre environnement - le tout sous l'oeil vigilant des équipes informatiques. Nous allons vous montrer comment configurer les paramètres over-the-air, suivre l'inventaire des appareils, gérer de manière centralisée et surveiller les périphériques, prendre des mesures, et supporter vos utilisateurs avec IBM MobileFirst Protect.
Apprenez les meilleures façons de sécuriser les applications, documents, et votre réseau pour mieux amorcer votre phase de maturité dans la mobility. Des fonctionnalités natives à la conteneurisation complète et la détection des logiciels malveillants, nous allons vous guider à travers toutes les options pour protéger les données d'entreprise et des applications avec IBM MobileFirst Protect.
IBM® MaaS360® Mobile Expense Management helps organizations set corporate-wide expense policies and proactively monitor and track mobile data and application usage. The software allows organizations to set policies that restrict or limit data and voice roaming, and review integrated reporting and analytics. Enterprises can optimize their mobile spend and shift the accountability more to the business and individual employees.
IBM MaaS360 Mobile Expense Management delivers:
- Expense control for your mobile enterprise that can help administrators create data and voice usage policies and assign them to supported devices to manage costs.
- A web-based console for managing wireless plans, data usage trends and policies without the need for additional hardware or professional services.
- Self-service usage monitoring tools that provide mobile expense management for employees who are using corporate or personal devices.
At a high level we see organizations have 7 main categories of security use cases they need to address. In this deck we cover how IBM, and our Strategic Eco System aids in addressing your full range of Cybersecurity related concerns.
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...IBM Security
View On-Demand Webinar: https://event.on24.com/eventRegistration/EventLobbyServlet?target=reg20.jsp&referrer=&eventid=1139921&sessionid=1&key=993ECF370F9F3C594E6E3F44A0FA6BA2®Tag=13522&sourcepage=register
2015 was peppered with mega-breaches of highly sensitive data like personal health information and private bedroom behaviors. and companies of all sizes need to pay attention to security basics to stop the infiltration of attackers and protect their data.
Cybercriminals’ targets are now bigger and their rewards greater as they fine-tune efforts to obtain and leverage higher value data than years’ past.
New attack techniques like mobile overlay malware are gaining, while “classic” attacks like DDoS and POS malware continue to be effective due to lackluster practice in security fundamentals.
Malware leaps across target countries are indicative of increasing sophistication and organization in cybercrime rings.
In the 2016 edition of the IBM X-Force Threat Intelligence Report, IBM security research experts examine the macro trends that affected the industry, what to expect in 2016, and recommendations on how you can protect your digital assets.
3 Steps to Security Intelligence - How to Build a More Secure EnterpriseIBM Security
We are in the midst of upheaval in the world of IT Security. Attackers are highly organized and using increasingly sophisticated methods to gain entry to your most sensitive data. At the same time, Cloud and mobile are redefining the concept of the perimeter. Check out this insightful discussion of how today's CISO is building a more secure enterprise using analytics, risk-based protection, and activity monitoring to protect the most valuable assets of the organization.
For more visit: http://securityintelligence.com
Au moment où plusieurs employés apportent leurs appareils personnels au travail et utilisent des applications SaaS, maintenir le contrôle sur vos données dans votre réseau et les services cloud public est devenu un défi important.
La combinaison les brockers de sécurité d'accès cloud et la gestion de mobilité d'entreprise (EMM) peut permettre l'adoption et la gestion des applications de cloud computing sans danger pour vos utilisateurs mobiles.
Joignez-vous à Mark Campbell et Anar Taori d'IBM Security, ils partagent comment l'EMM fonctionne avec un accès cloud pour délivrer en toute sécurité des applications cloud à vos utilisateurs avec une visibilité et un contrôle complet.
Dans cette session, vous apprendrez:
La découverte des applications cloud et les risques associés
Combler le fossé de l'appareil mobile
Le déploiement d'applications pour mobile
L'application de la politique de sécurité Mobile et de prévention des menaces
Apprenez à garder vos employés productifs sur leurs applications préférées et appareils - et vos données d'entreprise protégées - avec une expérience connexion unique.
An Integrated, Intelligent Approach to SecurityGerard McNamee
Today’s cyber security challenges are complicated. And they rarely fit into the categories you’ve defined to run your business. Disconnected point products and services don’t provide the comprehensive solutions you need, when you need them. What’s more, those solutions tend to be expensive and hard to manage, leaving you with empty pockets and big headaches. That’s why, in a field flooded with 1,200+ point product vendors, IBM is helping clients develop an integrated and intelligent security immune system.
Overall theme is that with IBM Cloud Security Enforcer, IBM is offering the industry’s first solution to combine cloud discovery, access, and threat prevention
Similar to Security in the Cognitive Era: Why it matters more than ever (20)
CyberOm - Hacking the Wellness Code in a Chaotic Cyber WorldEC-Council
Learn how to find peace and happiness within you and around you amidst chaos and understanding how the mind-body-energy connection plays a crucial role in the world of Cyber. Mental health and wellness can be the difference between a Cyber professional and a criminal.
Cloud Security Architecture - a different approachEC-Council
Whether people admit or not, everyone is moving to the cloud and all future business will run somewhere on the internet. Moving to the cloud requires different set of architecture and mindset. Data is stored, accessed and processed on different platforms and devices. Employees are working anywhere from the world, corporate data is no more under company IT custody. CISOs and CIOs need to think differently and set new Cloud Security Architecture. This session will try to draw the main areas of concern from Security perspective while moving to the cloud.
This webinar is primarily intended for those that are in need of an informational overview on how to respond to information security incidents or have a responsibility for doing so. It will also assist with your preparation for a Computer Security Incident Handling certification.
Hacking Your Career – Hacker Halted 2019 – Keith TurpinEC-Council
HACKING YOUR CAREER
Learn how to take charge of your future and ring success out of every opportunity. I had some hard lessons on my way to becoming the CISO of a billion dollar company and now you can benefit from those experiences. In this candid conversation, you will learn the secrets to kicking your career’s ass.
HACKING DIVERSITY
We talk a lot about why diversity is important and we are all familiar with the woeful inclusion stats. In this talk we will discuss why diversity is important from both the perspective of an organization’s bottom line and the individual contributor.
Cloud Proxy Technology – Hacker Halted 2019 – Jeff SilverEC-Council
CLOUD PROXY TECHNOLOGY [THE CHANGING LANDSCAPE OF THE NETWORK PROXY]
This class will cover the distinctions between traditional proxy technology and the emergence in recent years of cloud proxy and why it matters to organizations today. We will review real use cases and their corresponding screen shots to provide a stimulating session.
DNS – Strategies for Reducing Data Leakage & Protecting Online Privacy – Hack...EC-Council
DNS: STRATEGIES FOR REDUCING DATA LEAKAGE & PROTECTING ONLINE PRIVACY
DNS is the foundational protocol used to directly nearly all Internet traffic making the collection and analysis of DNS traffic highly valuable. This talk will examine ways in which you can effectively limit the disclosure of your online habits through securing the way your local DNS resolvers work.
Data in cars can be creepy – Hacker Halted 2019 – Andrea AmicoEC-Council
THE $750 BILLION VEHICLE DATA GOLD RUSH – PIRATES AHOY!
Vehicle data may be worth $750b by 2030. Problem: vehicle security, privacy, and user awareness of risks are inadequate. Andrea Amico will share some exploits including his “CarsBlues” which exposes people’s personal data, affects 22 makes, and is still a 0-Day for tens of millions of vehicles.
BREAKING SMART [BANK] STATEMENTS
Explanation of how I find and exploit a security flaw (bad implementation of cryptography) in a bank statement, sent via email, of one of the biggest banks in Mexico.
Are your cloud servers under attack?– Hacker Halted 2019 – Brian HilemanEC-Council
ARE YOUR CLOUD SERVERS UNDER ATTACK
For this presentation, I built out a test lab in AWS and allowed someone to hack the servers. I will talk about what we saw when we opened RDP to the internet, what the hackers did once they got in, and someone trying to kick me off my own servers.
How to become a Security Behavior Alchemist – Global CISO Forum 2019 – Perry ...EC-Council
Behold the powers of behavioral alchemy! Are you ready to unleash 4 "Trojan Horses for the Mind" that will change the way you communicate forever? How about a magic wand that will help manifest secure behaviors and shape culture? Attend this session and harness the power.
Introduction to FAIR Risk Methodology – Global CISO Forum 2019 – Donna Gall...EC-Council
Present your risk assessments to your board of directors in the language they understand - financial loss. "FAIR" or "Factor Analysis of Information Risk" is the quantitative risk analysis methodology that works with common frameworks while adding context for truly effective risk management.
Alexa is a snitch! Hacker Halted 2019 - Wes WidnerEC-Council
ALEXA IS A SNITCH!
You’re not paranoid, your voice assistant is listening. And what’s worse, Alexa is stitching on you! What is she hearing? Where is she sending it? And is there anything we can do to stop her?!
Join me as we discuss the current state of security around voice assistants. And how to silence them.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
4. 4 IBM Security4 IBM Security
800+ Million
records breached
1+ Billion
records breached
Unprecedented
high-value targets breached
2013 2014 2015
$7M
average cost of a U.S. data breachaverage time to identify data breach
201 days
5. What are the little things causing
today’s big issues?
6. 6 IBM Security6 IBM Security
• Insider risk, human error
and negligence
• Infected BYOD
• Falling for phishing
• Unpatched vulnerabilities
and delayed patches
• Weak passwords
Cyber Butterfly Effect
Key issues:
8. 8 IBM Security8 IBM Security
Culture change needed
• Adding another tool
• Hoping it’s not me
• Building more
barricades
• Skipping the basics
• Ignoring privileges
• Checking audit boxes
• Betting on BYOS
Culture change
needed to fight the
Cyber Butterfly Effect
What we’re still seeing:
10. 10 IBM Security10 IBM Security
An integrated and intelligent security immune system
Threat
Intelligence
Security
Analytics
Cloud
Identity
and
Access
Data
and
Apps
Mobile
Advanced
Fraud
NetworkEndpoint
Security
Ecosystem
Criminal detection
Fraud protection
Workload
protection
Cloud access
security broker
Access management
Entitlements and roles
Privileged identity management
Identity management
Data access control
Application security management
Application scanning
Data monitoring
Device Management
Transaction protection
Content security
Malware protection
Antivirus
Endpoint patching
and management
Virtual patching
Firewalls
Incident and threat management
Sandboxing
Network visibility
Vulnerability management Incident response
Log, flow, data analysis Anomaly detection
Indicators of compromise
IP reputation Threat sharing
11. 11 IBM Security11 IBM Security
COGNITIVE, CLOUD,
and COLLABORATION
Innovation to contain the cyber butterfly effect
INTELLIGENCE
and INTEGRATION
PERIMETER
CONTROLS
12. Stay ahead of the threat with
collaborative platforms to share
intelligence and take action
COLLABORATION
13. 13 IBM Security13 IBM Security
ATTACKERS are more collaborative than ever
Global data sharing
Marketplace for products and services
Trusting relationships and networks
Organized cyber gangs
Criminal Boss
Underboss
Campaign
Managers
Affiliation
Networks
Stolen
Data
Resellers
14. 14 IBM Security14 IBM Security
IBM X-Force Exchange
Global scale
• 700+ TB of threat data
• 15B+ events / day
• 270M+ endpoints
covered
• 25B+ web pages and
images
• 8M+ spam / phishing
attacks
• 1M+ malicious IP
addresses
Sourced from
2,000 organizations
across 16 industries
SECURITY
ANALYST
CISO IBM
X-FORCE
INCIDENT
RESPONDER
Social community
for sharing threat
intelligence
15. 15 IBM Security15 IBM Security
IBM App Exchange
• 10k+ visits
• 1,200+ downloads
• 40+ available apps
• 20+ more partners through
ecosystem training
Online marketplace
share and download apps
based on IBM security
technologies
Collaborative
defense with a
partner ecosystem
16. Safely move workloads and data
to the cloud, and quickly consume
security from the cloud
CLOUD
17. 17 IBM Security17 IBM Security
Access, data and visibility are top cloud priorities
Governance
and policy
Identity
and access Authentication and
Single Sign-On
MANAGE
ACCESS
Data
protection
Application
security
Threat
prevention
Fraud
and malware
PROTECT
DATA
Cloud app
usage
Global threat
analysis
Mobile
security
Security
intelligence
GAIN
VISIBILITY
18. Outthink threats with security
technology that understands,
reasons, and learns
COGNITIVE
19. 19 IBM Security19 IBM Security
Most security knowledge is untapped…
Traditional
Security Data
Human Generated
Knowledge
• Security events and alerts
• Logs and configuration data
• User and network activity
• Threat and vulnerability feeds
• Threat intelligence
• Research documents
• Industry publications
• Forensic information
• Conference presentations
• Analyst reports
• Blogs
• Webpages
• Wikis
• News sources
• Wikis
• Newsletters
• Tweets
A universe of security knowledge dark to your defenses
20. 20 IBM Security20 IBM Security
The world’s first Cognitive
analytics solution using core
Watson technology to
understand, reason, and
learn about security topics
and threats
Watson for Cyber Security
Unlocking new possibilities
21. 21 IBM Security21 IBM Security
Teaching Watson the language of cyber security
BACKDOOR
BAD
ACTOR
VIRUS
22. 22 IBM Security22 IBM Security
Fast and accurate analysis to enhance security decision making
SECURITY ANALYST and WATSONSECURITY ANALYST
!!!
Enterprise
Security Analytics
Cognitive techniques to mimic human
intuition around advanced threats
Human
Generated
Security
Knowledge
HELPING THE ANALYST:
• Quickly make outside
data actionable
• Gain powerful
insights
• Uncover new trends
and patterns
• Analyze threats
with accuracy
• Save time
and resources