On-Demand Virtual Conferences news, articles & updates| SC Media

On-Demand Virtual Conferences

Webcasts

Webcasts

Virtual Conference

Closing security gaps in hybrid and multi-cloud environments

Digital transformation initiatives have led many companies and organizations to adopt cloud services. While this has boosted operational agility and unlocked new revenue sources, it has left information security teams with multiple new environments to secure, test and monitor. Especially for those who work in hybrid or multi-cloud environments, understanding your organization’s cloud attack surface requires new thinking and may even demand a security overhaul. To be sure, achieving absolute visibility is always difficult, but innovative approaches, and new combinations of techniques and tools, are proving effective for organizations whose network extensions have left them outside their comfort zone.

Register for Closing security gaps in hybrid and multi-cloud environments

Sponsored by: Centrify, Code42, Entrust, Extrahop, FireMon, Imperva, Proofpoint, Rapid7, Sophos, VMWare

Closing security gaps in hybrid and multi-cloud environments

Digital transformation initiatives have led many companies and organizations to adopt cloud services. While this has boosted operational agility and unlocked new revenue sources, it has left information security teams with multiple new environments to secure, test and monitor.

Especially for those who work in hybrid or multi-cloud environments, understanding your organization’s cloud attack surface requires new thinking and may even demand a security overhaul. To be sure, achieving absolute visibility is always difficult, but innovative approaches, and new combinations of techniques and tools, are proving effective for organizations whose network extensions have left them outside their comfort zone.

For an upcoming eSummit focused on cloud security, CyberRisk Alliance has assembled an all-star roster of subject-matter experts and in-the-trenches pros to discuss proven approaches and solution-deployment challenges including:

  • Cloud computing’s unique authentication and access control issues.
  • Ensuring the security of “data at rest” in hybrid cloud environments.
  • Optimizing data-privacy compliance in the cloud.

Join us Oct. 21-22 for an immersive virtual learning and networking experience that will advance your understanding of cybersecurity in the cloud.

Virtual Conference

New frontiers in security awareness

The way we work is evolving fast and an undisputed byproduct of this shift is an expanding attack surface. The question is: Has your security awareness model evolved at a similar pace?

Register for New frontiers in security awareness
New frontiers in security awareness

October 14-15, 2020 10:30 am – 4:30 pm EDT

The way we work is evolving fast and an undisputed byproduct of this shift is an expanding attack surface. The question is: Has your security awareness model evolved at a similar pace?

The end users of your organization’s critical systems and databases — your acknowledged last line of defense — may be growing more productive than ever, but they are also growing more distracted than ever. Meanwhile, their requirement for anywhere-anytime access is becoming increasingly difficult to constrain. And the implications of the Covid-19 pandemic are clear: A majority of organizations have had no choice but to expand their BYOD and work-from-home policies.

Led by experts in the field, SC Media’s two-day virtual conference — New Frontiers in Security Awareness — will dive deep on this important topic. Join us from Oct. 14-15, as we unpack strategies and tactics your organization can deploy to expand and improve security awareness. Topics include:

  • New approaches to avoid information leakage
  • Ensuring your user community understands the latest phishing threats
  • Gaining support from senior leadership to optimize security awareness participation

Traditional security awareness models are no longer sufficient to protect the enterprise of today. The data protection challenges businesses face are growing in size and complexity. Stay ahead of the curve. Register now.


Virtual Conference

Malware is constantly evolving – Are you?

Though malware has continued to evolve, its delivery mechanism has remained a constant: According to the 2019 Verizon Data Breach Investigations Report, 94 percent of malware was delivered by email. In recent years, the explosion in ransomware attacks has rightly taken center stage when it comes to malware analysis. Evaluating the more than half a million instances reported in 2019, security firm Emsisoft estimates an aggregate ransom demand exposure of more than $6.3 billion.

Register for Malware is constantly evolving – Are you?

Sponsored by: Checkpoint, ESET, Extrahop, Sophos, VMWare

Malware is constantly evolving – Are you?

Though malware has continued to evolve, its delivery mechanism has remained a constant: According to the 2019 Verizon Data Breach Investigations Report, 94 percent of malware was delivered by email.

In recent years, the explosion in ransomware attacks has rightly taken center stage when it comes to malware analysis. Evaluating the more than half a million instances reported in 2019, security firm Emsisoft estimates an aggregate ransom demand exposure of more than $6.3 billion.

But security leaders have more than ransomware to be concerned about. Botnets, keyloggers, spyware … the methods cybercriminals leverage to infect devices and networks are many — and mitigating them requires both strategic and tactical thinking.

As a security professional, it’s imperative to know what you’re up against and how to adapt your security strategy to thwart these attacks. Join CyberRisk Alliance for a two-day eSummit Oct. 7-8 featuring thinkers and leaders in malware analysis who will share their knowledge on topics like:

  • Understanding the new ransomware strains that are emerging in the wild.
  • Assessing new developments in mobile malware threats and protection.
  • Shoring up your last line of defense by creating a “human firewall.”

Knowledge is power in information security. This virtual conference offers you the opportunity to mobilize your security team and bolster your defenses. Register now.

Virtual Conference

Building a Better Identity Management Roadmap

The way organizations operate and process information has drastically changed over the last six months as the global economic and health crisis has resulted in job losses, an expanded remote workforce, and increased use of temporary staff. One important byproduct of this shift: Security leaders are rethinking their approaches to access control. Even in the best of circumstances, ensuring effective oversight of digital identities is among a security leader’s most daunting responsibilities. Innovations in contextual and biometric authentication remain promising — though the latter must confront increased social and legal resistance — but the growing complexity of internal and external networks we rely on keeps the bar high.

Register for Building a Better Identity Management Roadmap
Building a Better Identity Management Roadmap

The way organizations operate and process information has drastically changed over the last six months as the global economic and health crisis has resulted in job losses, an expanded remote workforce, and increased use of temporary staff. One important byproduct of this shift: Security leaders are rethinking their approaches to access control. Even in the best of circumstances, ensuring effective oversight of digital identities is among a security leader’s most daunting responsibilities. Innovations in contextual and biometric authentication remain promising — though the latter must confront increased social and legal resistance — but the growing complexity of internal and external networks we rely on keeps the bar high.

CyberRisk Alliance’s eSummit focused on identity and access management, taking place September 23-24, will address these issues. Industry experts and practitioners will share ideas and experiences on mission-critical topics, including:

  • Insider-threat mitigation.
  • Enforcing attribute-based access controls in multi-cloud environments.
  • Building an effective IAM roadmap.

Securing the identities of today’s digital workforce and enforcing access controls is at the center of many successful security programs. Learn how to reach this ideal state by registering now.

Virtual Conference

RiskSec DIGITAL 2020

RiskSec DIGITAL 2020 is a unique event for cybersecurity’s leaders and aspiring leaders.Reserve your spot today to join us on September 16-17 for two mornings focused on Resilient Thinking in an Unpredictable World.

Register for RiskSec DIGITAL 2020
RiskSec DIGITAL 2020

RiskSec DIGITAL 2020 is a special invitation-only event for cybersecurity’s leaders and aspiring leaders.

Apply today to join us on September 16-17 for two mornings focused on Resilient Thinking in an Unpredictable World.

MORE INFO


Speaker and Faculty Development Partner

Virtual Conference

Is your incident response plan what it needs to be?

Join us August 19-20 to hear from incident-response experts and network with other security professionals who can share real-world experiences on what’s worked and what hasn’t. With cyber threats continuously looming, there is a good chance you’ll have an incident to respond to in your future. Taking a proactive stance is essential. Register today.

Register for Is your incident response plan what it needs to be?
Is your incident response plan what it needs to be?

Though data breaches may be commonplace, their potential to do harm remains high. The lack of an appropriate response plan only multiplies their likely impact. Is Your Incident Response Plan What It Needs to Be? is a new virtual conference produced by SC Media. Offering a comprehensive perspective on an essential cybersecurity discipline, this two-day event is designed both for organizations that lack a plan and those that suspect their plan may need an update.

Through our engaging and interactive e-learning format, the program and conversation will provide awareness of the fundamental problems of incident response planning, and go deep on the solutions, including:

  • When, how and where you should invest in preparation.
  • The people, processes, and technologies of a successful incident response program.
  • A look at the realities a modern-day responder faces.
  • Steps you must take to ensure your organization will spring into action when the time comes.

Join us August 19-20 to hear from incident-response experts and network with other security professionals who can share real-world experiences on what’s worked and what hasn’t. With cyber threats continuously looming, there is a good chance you’ll have an incident to respond to in your future. Taking a proactive stance is essential. Register today.


Speaker and Faculty Development Partner

Virtual Conference

The new cloud security challenge

Join us July 15-16 to network with other security professionals and learn from the experts who will have an immediate impact on your security strategy and effectiveness. As cloud platforms continue to dominate CIO roadmaps, addressing their security and privacy risks, and related compliance requirements, is critical.

Register for The new cloud security challenge
The new cloud security challenge

Join us July 15-16 to network with other security professionals and learn from the experts who will have an immediate impact on your security strategy and effectiveness. As cloud platforms continue to dominate CIO roadmaps, addressing their security and privacy risks, and related compliance requirements, is critical.

Under more info: Even before the pandemic changed the world of work, cloud platforms posed a unique set of challenges for I.T. and cybersecurity professionals. Since the pandemic, the cloud-security bar has been set even higher. The work-from-home user has become as ubiquitous as the mobile worker, and both are putting extraordinary pressure on cloud security policies, systems and services.

The new cloud security challenge — a virtual conference produced by SC Media — is designed to boost your knowledge and understanding of this important topic. Leveraging an interactive and conversational e-learning format, this two-day event will drill down on the essentials of cloud security:

  • Tools and strategies your organization can apply to effectively address your unique risk profile.
  • Fundamental cloud security controls you should implement in the near term.
  • Containing risk from misconfigured servers, malware, and unauthorized access.

Join us July 15-16 to network with other security professionals and learn from the experts who will have an immediate impact on your security strategy and effectiveness.

As cloud platforms continue to dominate CIO roadmaps, addressing their security and privacy risks, and related compliance requirements, is critical. Register today.

Virtual Conference

Identity and Access Management for our New Remote Workforce

In this upcoming SC Media virtual conference, we look at these challenges as well as explore not only more traditional approaches, but also IAM-as-a-service, more up-and-coming solutions in what Gartner is calling Identity Analytics (founded more on risk-based methods versus a reliance on static rules), and more. We also get…

Register for Identity and Access Management for our New Remote Workforce
Identity and Access Management for our New Remote Workforce

In this upcoming SC Media virtual conference, we look at these challenges as well as explore not only more traditional approaches, but also IAM-as-a-service, more up-and-coming solutions in what Gartner is calling Identity Analytics (founded more on risk-based methods versus a reliance on static rules), and more. We also get advice on the preparation, management and future vision required to maintain strong IAM across organizations from leading experts.

Virtual Conference

Amid pandemic, how financial companies are improving cybersecurity policies and procedures

Urgent issues for discussion in this upcoming financial services virtual conference include:Managing network security amid rising demand for uptime and accessBuilding cyber training into customer-facing best practices, including enhanced onboarding and digital demos that drive consumer adoptionMitigating the phishing pandemic: Financial institutions remain phishers’ favorite targetOptimizing payments infrastructure for securityBalancing regulatory compliance with remote workforce needs

Register for Amid pandemic, how financial companies are improving cybersecurity policies and procedures

Sponsored by: Accedian Networks, Checkpoint, DarkTrace, DomainTools, Gigamon, Jsonar, KnowBe4, Netskope, Recorded Future

Amid pandemic, how financial companies are improving cybersecurity policies and procedures

May 27-28, 2020
10:00 am – 4:00 pm ET

Urgent issues for discussion in this upcoming financial services virtual conference include:

  • Managing network security amid rising demand for uptime and access
  • Building cyber training into customer-facing best practices, including enhanced onboarding and digital demos that drive consumer adoption
  • Mitigating the phishing pandemic: Financial institutions remain phishers’ favorite target
  • Optimizing payments infrastructure for security
  • Balancing regulatory compliance with remote workforce needs
Virtual Conference

Healthcare’s new cyber risk profile in the pandemic: Scoping the challenge and scaling the solution

Join us for a multi-day virtual conference April 29 -30. Titled Healthcare’s New Cyber Risk Profile in the Pandemic: Scoping the Challenge and Scaling the Solution. Focused exclusively on healthcare security, this SC Media conference features insights from the people and the companies in the trenches, solving the industry’s security problems today.

Register for Healthcare’s new cyber risk profile in the pandemic: Scoping the challenge and scaling the solution

Sponsored by: Armis, Axonius, Cloudian, Contrast, FireMon, Fortinet, Gigamon, Hitachi ID, Infoblox, KnowBe4, Mimecast, Okta, VMWare

Healthcare’s new cyber risk profile in the pandemic: Scoping the challenge and scaling the solution

Always among the healthcare industry’s top priorities, in recent weeks information security has taken on even greater urgency. Amid the intensifying global pandemic, healthcare providers and other medical entities have become prime targets: From hijacking routers supporting health-data applications to launching ransomware attacks against medical suppliers to executing Covid-19 phishing exploits against a newly dispersed workforce, criminals are testing the industry’s cyber-resiliency. New points of exposure include:

  • Changes to trusted pools of full-time medical workers as providers onboard new and temporary personnel at unprecedented rates, giving them fast access to patient information, and equipping them to work remotely. 
  • Introduction of new tools and technologies that add efficiency and extend reach for workers, but also expand attack surfaces and increase the risks of insider and still other threats.
  • Resource constraints — driven by pressure to reduce expenses as well as the cost to the patient — that make it harder for healthcare organizations to implement and maintain comprehensive security solutions.

As level of threat and degree of difficulty rise in tandem, security practitioners in the healthcare industry have an expanding range of tools and techniques they can turn to.

Join us for a multi-day virtual conference titled Healthcare’s new cyber risk profile in the pandemic: Scoping the challenge and scaling the solution. Focused exclusively on healthcare security, this SC Media conference features insights from the people and the companies in the trenches, solving the industry’s security problems today.

Virtual Conference

Implementing Threat Intelligence Virtual Conference

This virtual conference will review what you need to have in place before launching a threat intelligence program, then how to select which commercial feeds to use along with how to implement open source intelligence.

Register for Implementing Threat Intelligence Virtual Conference
Implementing Threat Intelligence Virtual Conference

KEYNOTE SPEAKER: Todd HIllis

A company’s threat intelligence environment often is a reflection of the overall maturity of existing network security.

It generally requires a relatively mature network environment to support both proactive and reactive threat intelligence.

This virtual conference will review what you need to have in place before launching a threat intelligence program, then how to select which commercial feeds to use along with how to implement open source intelligence.

Virtual Conference

Threat Intelligence

This virtual event will help you understand the threat intelligence landscape

Register for Threat Intelligence
Threat Intelligence

Threat intelligence is getting a lot of press these days as a panacea for stopping ransomware and other attacks. But the reality is that data alone is not sufficient. There are a lot of threat feeds available, many with duplicate information.

This virtual event will help you understand the threat intelligence landscape, what you need to know about the quantity and quality of various threat feeds, what you can do to address staffing needs when normalizing and then putting the data to use, and how the experience of others in your industry can help through ISACs, ISAOs, Fusion Centers and other industry groups.

Virtual Conference

Identity, credential and access management

This virtual conference will address what controls are needed and how to put those controls in place to protect your company’s most valuable information.

Register for Identity, credential and access management
Identity, credential and access management

Protecting data today is all about access and privilege. If you know – really know – who has access to your resources and where all of your important data resides, you are in a better position to protect it. Equally important is ensuring that those who have the privileges to access the data not only have the need to access it but also the credentials to do so. Not all managers or vice presidents need access to the same data, nor do they necessarily have the skills to manage or manipulate that data. That’s where credential management comes in. This virtual conference will address what controls are needed and how to put those controls in place to protect your company’s most valuable information.

Virtual Conference

Ransomware

This virtual conference will address techniques you can use to defend your company and your network from a ransomware attack.

Register for Ransomware
Ransomware

It’s the kind of thing that keeps CFOs and risk managers up at night. Perhaps tomorrow, or maybe the day after, someone in the company will click on a link and download malware that will lock up the servers with a demand for tens of thousands of dollars in Bitcoin or some other cybercurrency. Ransomware is ubiquitous and difficult to stop. But it doesn’t have to be a nightmare. Today’s virtual conference will address techniques you can use to defend your company and your network from a ransomware attack.

Virtual Conference

Protecting your network from mobile and IoT devices

This virtual conference will address access and privilege controls on mobile devices and how the disappearing perimeter can be defended.

Register for Protecting your network from mobile and IoT devices
Protecting your network from mobile and IoT devices

Protecting your mobile devices, Internet of Things (IoT), laptops and other internet-connected computing devices – the traditional endpoint – is all about access and privileges. If you can control access and privilege on mobile devices, as well as when these devices try to access enterprise data, you take a huge step to protecting the ever-expanding perimeter. This virtual conference will address access and privilege controls on mobile devices and how the disappearing perimeter can be defended.

Virtual Conference

Data Protection

This virtual conference looks at trends in data protection and best practices for ensuring that data is safe.

Register for Data Protection
Data Protection

Protecting data at rest, in transit and in memory is Job 1 of any IT security team. How you protect the data is what changes over time. The use of encryption, containers and other technologies work together. This virtual conference looks at trends in data protection and best practices for ensuring that data is safe, even when the systems on which the data resides have been compromised.

Virtual Conference

Application Security

Keynote: Robert Martin, Senior Secure Software & Technology Principal Engineer

Register for Application Security
Application Security

The application layer is quickly becoming the most under-protected attack vector within the enterprise for data security. While wrangling with the explosion of resident and web-based applications, organizations are balancing the need for greater security in their applications. This session looks at the current state of application security and why treating the application as the “new data security perimeter” makes sense.

Virtual Conference

SIEM

This virtual event looks at trends in the SIEM market as it related to the Zero Trust Model and what we should expect to see in the coming year.

Register for SIEM
SIEM

The stories about major breaches never end. It might be an insider attack, a phishing ploy such as the phony Netflix membership emails, or a targeted onslaught leveraging the likes of the alleged NSA-leaked EternalBlue and DoublePulsar exploits that spread the Wanna Cry ransomware. The infosec trust model that is based on a strong perimeter is no longer viable. A Zero Trust model where all data packets are suspect and must be inspected is gaining followers, and traditional technologies, such as access management and SIEMs, are important components of this approach. In fact, analyzing log files and event management data has gained in significance since the Target breach. This virtual event looks at trends in the SIEM market as it related to the Zero Trust Model and what we should expect to see in the coming year.

Virtual Conference

Incident Response

Are you prepared if you’re hit by a cyberattack?

Register for Incident Response
Incident Response

Are you prepared if you’re hit by a cyberattack?

Getting ready for a cyberattack is not a one-and-done project. It takes planning, buy-in from senior management, product integration, testing, training and analysis. After all that, you reevaluate, retest and reanalyze. This virtual conference will cover some of the basics of creating an incident response plan, selecting and training an incident response team, and testing your plans. We also will look at what should be done internally and when you should employ a third-party service provider, such as a forensics team and penetration testers.

Virtual Conference

ID Management

This virtual conference looks at the current state of identity, credentials and access management and what can be done to further lock down the most basic aspects of user identification.

Register for ID Management
ID Management

Nearly all data breaches have one thing in common: Someone had their login credentials compromised and provided the attacker with a foothold, however slight. Locking down ID management with multiple levels of authentication, multiple factors of authentication and least privileges policies can significantly limit the effectiveness of an attack, but is that enough? This virtual conference looks at the current state of identity, credentials and access management and what can be done to further lock down the most basic aspects of user identification.

Virtual Conference

Threat intelligence

This virtual conference looks at the breadth and depth of threat intelligence data and how companies can incorporate it to enhance their data security.

Register for Threat intelligence
Threat intelligence

As threat intelligence gains a foothold in enterprise networks, CISOs are seeing their security and network environments evolve. Point security products are being integrated in larger and more encompassing threat intelligence offerings. Traditional standalone offerings – such as SIEM, data loss prevention, vulnerability management, network threat detection, firewalls and other point products – are being incorporated under the umbrella of threat intelligence. Add to this the public and private threat intelligence data feeds, access to industry-specific attacks from ISACs, and threat data from government agencies through Fusion Centers, and the world of threat intelligence is expanding at a fast rate.

This virtual conference looks at the breadth and depth of threat intelligence data and how companies can incorporate it to enhance their data security.

Virtual Conference

Network Security

Attend this event and learn how to make more informed decisions and network with your industry peers – all right from your desktop.

Register for Network Security

Sponsored by: Forcepoint

Network Security

With threats like WannaCry and Petya combining different techniques to penetrate networks and spread throughout organizations, network security systems are putting a new emphasis on providing multiple levels of defenses. Today’s attackers use advanced evasion techniques to hide exploits of vulnerabilities that enable malware to be injected target systems.

 

It is no longer enough to just focus on access control or have simple anti-virus scanning. Edge security systems (whether deployed at a perimeter or between internal segments) are combatting new multi-pronged attacks at each of these stages. Attend this event and learn how to make more informed decisions and network with your industry peers – all right from your desktop.

Virtual Conference

Ransomware

Today's virtual conference on ransomware looks at how WannaCry was able to infect so many so quickly and why we are still not safe from this attack and its offspring.

Register for Ransomware
Ransomware

The ransomware war has just begun
It came out of the blue, impacted more than 100,000 organizations worldwide, and disappeared because a malware researcher played a hunch and got lucky. WannaCry potentially could have wrecked havoc for months or years; instead, companies dodged a bullet. But experts tell us that WannaCry and its variations could return more dangerous than ever. Today’s virtual conference on ransomware looks at how WannaCry was able to infect so many so quickly and why we are still not safe from this attack and its offspring. We also will address what you need to do today to start preparing for the next major ransomware attack.

Virtual Conference

Mobile security

This event will look at best practices for mobile security, including recommendations for CISOs on how to address the BYOD/mobile app conundrum.

Register for Mobile security
Mobile security

We’ve all heard that many of the apps in the Apple App Store and Google’s Android Play Store have malware packages. Apple and Google tell users only to use vetted applications, while IT departments tell users only to have corporate-approved applications on their mobile devices. This can be a challenge in a BYOD environment. This event will look at best practices for mobile security, including recommendations for CISOs on how to address the BYOD/mobile app conundrum. 

Virtual Conference

Tackling Insider Threat: From Detection to Remediation

Best practices you’ll need to protect your organization from initial threat detection through incidence remediation.

Register for Tackling Insider Threat: From Detection to Remediation
Tackling Insider Threat: From Detection to Remediation

The next big data breach or cyber incident is more likely to be executed from the inside and more damaging than the last. As a result, Security Analysts must be constantly on the watch for and prepared to quickly act against malicious insiders out for personal gain, negligent insiders that unwittingly putting the organization at risk, and compromised insiders that have lost control of their accounts. Compounding the challenge, today’s analysts are typically overwhelmed by a tsunami of alerts that lack the necessary context to enable them to effectively prioritize, triage, and respond proactively. In response, top security organizations are developing Insider Threat Programs guided by the NIST Cyber Security Framework — aiding in development of primary threat scenarios, underlying analytical risk models and IT controls that will safeguard both sensitive data and employees — and adopting next generation capture, analytic, and response technologies. 

Attend this virtual symposium to learn the essential steps and technologies needed, see real life security scenarios, and get the best practices you’ll need to protect your organization from initial threat detection through incidence remediation.

Virtual Conference

ID Management

NOW AVAILABLE ON DEMAND

Register for ID Management
ID Management

Multifactor authentication is becoming a standard security component for corporations but, in some cases, companies need to take authentication a step further. For example, one approach to defeat a potential insider attack (or perhaps an outsider who has obtained an employee’s credentials) is to require two executives to approve a transfer of money. Most banks support this technology, but if it was included in the original agreement between the bank and company, chances are companies might not be taking advantage of it. This virtual conference will address various approaches companies can employ to reduce security vulnerabilities by making better use of ID management techniques and technology. 

Virtual Conference

Auditing and Compliance

This eConference will address the challenges of how companies can remain compliant in the cloud.

Register for Auditing and Compliance
Auditing and Compliance

There are five key questions that must be addressed in order to meet most compliance requirements:
            1. What information is stored on a system?
            2. Where is the information stored?
            3. Who can access the system?
            4. What can they access?
            5. Is the access appropriate?
While this might seem obvious, it can be difficult to answer when data is stored in the cloud, especially when cloud service providers sometimes do not offer users the ability to place their own security controls on the servers in order to protect their data. This eConference will address the challenges of how companies can remain compliant in the cloud.

Virtual Conference

Monitoring and Forensics

Here's how a forensics investigation works and why the "obvious" attacker isn't necessarily the culprit.

Register for Monitoring and Forensics
Monitoring and Forensics

A corporate network has been hacked – apparently by an insider. The user’s login and computer have both been identified as causing the breach. The only problem: the user has an air-tight alibi because he was out of the country when the breach occurred. The company calls in a forensic investigator to determine what really happened. 

Here’s how a forensics investigation works and why the “obvious” attacker isn’t necessarily the culprit.

Virtual Conference

Tackling Vulnerabilities

This session will address how to make those decisions about prioritizing vulnerabilities and how to ensure delayed maintenance doesn't become ignored maintenance.

Register for Tackling Vulnerabilities
Tackling Vulnerabilities

Managing vulnerabilities generally falls to the chief risk officer. Do you tackle the lack of security updates for your legacy hardware and software or do you spend that same money on adding more layers of security around your corporate crown jewels? Understanding risk and making the decision on which vulnerabilities you should tackle first and which can be part of your delayed maintenance isn’t a one-size-fits-all answer. It depends entirely on your individual circumstance. This session will address how to make those decisions about prioritizing vulnerabilities and how to ensure delayed maintenance doesn’t become ignored maintenance. 

Virtual Conference

Data Security

Today's eConference will address how a company can go about developing a risk profile from which a data security plan can be designed.

Register for Data Security
Data Security

Developing “best practices” for data security is a bit like developing best practices for personal health. Everyone and every network is different, so one size fits none. Today’s eConference will address how a company can go about developing a risk profile from which a data security plan can be designed. We will look at the key questions that need to be asked in order to build a profile of the corporate data and what kinds of security might be required based on the answers to those questions. 

Virtual Conference

Insider Threat

How do you stop employees – who think they're doing their job correctly – from putting the corporate network at risk? Here are some options.

Register for Insider Threat
Insider Threat

IT security departments are becoming more adept at building barriers to limit network attacks, but often the attack comes from within, not without. An employee might download confidential files to make them easier to access or perhaps save data to an insecure location. Not all attacks are malicious. So what do you do when your biggest threat comes from users with all the right credentials and access rights? How do you stop employees – who think they’re doing their job correctly – from putting the corporate network at risk? Here are some options. 

Virtual Conference

PCI

So you think you know PCI? Are you certain?

Register for PCI
PCI

So you think you know PCI? Are you certain? PCI is a lot more than just a checklist. Today’s session addresses not only the goals for PCI, but also what you need to know about potential repercussions you might face if your company accepts payment cards and is breached. There is a standing joke that says that companies are PCI compliant – until they’re not. It doesn’t take much to fall out of compliance. Here’s what you need to know about becoming compliant, staying compliant, and what happens when you’re not compliant. 

Virtual Conference

Advanced persistent threats

What's occurring on the network while the IT team is trying to recover from a malware breach? Chances are, that malware breach is just a clever diversion.

Register for Advanced persistent threats
Advanced persistent threats

The media today is filled with news of two kinds of attacks: ransomware attacks, where there is no doubt what the incursion is all about and what the cyberthief wants, and the low-and-slow advanced persistent threat. These seem like opposite ends of the spectrum, but might ransomware attacks actually be covering the tracks of an APT? What’s occurring on the network while the IT team is trying to recover from a malware breach? Chances are, that malware breach is just a clever diversion. 

Virtual Conference

Leveraging threat intelligence

Here's how a forensics investigation works and why the "obvious" attacker isn't necessarily the culprit.

Register for Leveraging threat intelligence
Leveraging threat intelligence

A corporate network has been hacked – apparently by an insider. The user’s login and computer have both been identified as causing the breach. The only problem: the user has an air-tight alibi because he was out of the country when the breach occurred. The company calls in a forensic investigator to determine what really happened. Here’s how a forensics investigation works and why the “obvious” attacker isn’t necessarily the culprit. 

Virtual Conference

Web application security

This eConference looks at best practices for protecting web applications – from the development cycle to implementation to maintenance.

Register for Web application security
Web application security

Web application vulnerabilities expose companies to the greatest risks today. This SC Virtual Conference looks at best practices for protecting web applications – from the development cycle to implementation to maintenance.

Virtual Conference

SIEM

This virtual event will look at the current state of SIEM and address some of the evolutions the application has seen over the past few years, as well as exploring why it might be time to re-evaluate your network's security design.

Register for SIEM
SIEM

SIEM, it seems, is becoming ubiquitous. Even SMBs are recognizing the value of a comprehensive event management monitor and reporting tool. But today’s SIEM isn’t the same application that you might have evaluated 3 to 5 years ago. New capabilities, new threats, new intelligence feeds, new vulnerabilities. All of these factors are changing the SIEM landscape. This virtual event will look at the current state of SIEM and address some of the evolutions the application has seen over the past few years, as well as exploring why it might be time to re-evaluate your network’s security design. 

Virtual Conference

Insiders with Access

This discussion will look at some options for building in additional layers of security for insiders.

Register for Insiders with Access
Insiders with Access

No one wants to assume that insiders are attacking a network, but all too often successful attacks use the login credentials of an actual employee. Sometimes, credentials are stolen via phishing scams. Other times the user’s credentials might be compromised due to a weak password being guessed or because the user has been socially engineered to disclose the information. Certainly, security awareness training is important, but building in layers of security to challenge users who try to access certain types of data also can bolster security without necessarily bogging down the network or making access unacceptably difficult. This discussion will look at some options for building in additional layers of security for insiders. 

Virtual Conference

Cloud Security

Best practices for building layered security into a company's diverse environment.

Register for Cloud Security
Cloud Security

Securing data in the cloud isn’t the same as securing it within your data center. Without having physical access to the servers, the IT security team needs to take a more creative approach to layered security. This is especially true when “cloud storage” isn’t just provided by a single vendor, but multiple cloud-based service providers. Here are some best practices for building layered security into a company’s diverse environment. 

Virtual Conference

Ransomware

Keynote: Liviu Groza, Director of IT Security and New Technology, Cape Cod Healthcare

Register for Ransomware
Ransomware

We hear horror stories about users clicking on some malware-enabled payload and all of a sudden the network locks up and a cartoon character in a hoodie demands $100,000 in Bitcoins. Ransomware is indeed real, but is it the cyber-Armageddon that some claim it is? This virtual event focuses on the reality of ransomware, not the hyperbole, and will give you some actionable advice on how to defend against it.

 

Virtual Conference

Security Analytics

Keynote: John Galda, Director of Enterprise Risk and Security, Charles River DevelopmentSponsor: Rapid7

Register for Security Analytics
Security Analytics

Breach detection is one of the most important considerations for security buyers. The field of security technologies claiming to find breaches or detect advanced attacks is deafening. Being able to visualize network activity and recognizing breaches and vulnerabilies in real time is fast becoming one of the keys to security analytics. This SC Virtual Conference will look at advances in the tools used for security analytics and address what still needs to be done to make this growing market more effective in delivering actionable intelligence.