Cybercast
Cybersecurity is a pressing issue for public-sector organizations in the US, as they face the challenge of sorting through a vast amount of cyber threat intelligence while operating with limited resources and a shortage of skilled infosec professionals. The consequences of a successful attack can be devastating, highlighting the importance of prio...
More info Cybercast
Generative AI tools such as GitHub Copilot and ChatGPT seem to hold promise for developers looking to write code more efficiently and find quick answers to programming questions. But especially in these early days, carefree reliance on such tools can introduce a range of issues related to software functionality, licensing, and security. Superficia...
More info Democast
One of the most preventable causes of malicious exploits that result in damaging breaches or malware attacks is the failure to update known software vulnerabilities. Ideally, your organization is vigilant enough to patch these flaws as soon as they are publicly divulged. But if one does slip through the cracks and becomes exploited, you at least w...
More info Cybercast
How IT risk translates into enterprise risk, and how we tie the two together.
What is IT risk? How has the definition shifted over the years as it relates to overall enterprise risk?What are key drivers of IT risk on a business today?How do you quantify and communicate IT risk in a tangible way? Why IT should be seen as an enabler, rather...
More info Cybercast
The latest snapshot of your network traffic logs may look innocent enough, but hidden amongst your daily activity are the movements of a cybercriminal adversary who has secretly breached your systems and is now trying to expand its foothold within your virtual walls in multi-cloud environments.
It’s this east-west infiltration that turns ...
More info Cybercast
The cost of cyber insurance is skyrocketing. In response to a string of high-profile attacks, record-setting ransomware numbers and government regulations, insurers are being forced to significantly increase premiums for cyber coverage. Meanwhile, it’s getting even harder for companies to qualify for coverage in the first place, as cyber insurance...
More info Cybercast
Despite their unavoidable flaws, most organizations still require both employees and customers to use passwords. Yet passwordless solutions are both demonstrably more secure and readily available. The question for organizations looking to ditch passwords: Where to begin? This SC Media webcast with HYPR’s Michael Rothschild will address the path to...
More info Cybercast
Identity authentication is a critical tool in the fight against fraud, especially as malicious attackers steal consumer credentials in an attempt to take over their online accounts. But it’s also important to ensure that having these safeguards in place doesn’t negatively downgrade the customer experience or violate an individual’s privacy. Otherw...
More info Cybercast
The threat landscape seems to be moving at such an accelerated pace these days. The constantly moving targets and ever-expanding threat landscape is a reality that we as leaders need to not only deal with but find ways to get out ahead of. Today and from our time in the field, we want to impart some practical ways that we have seen work to help o...
More info Cybercast
Every year brings new challenges in protecting our companies and nations from threat actors. Join our live conversation with key CISOs as we look back at 2022 and review some of the key learnings, and look ahead with a laser focus on 2023 priorities for cybersecurity.
Speakers:
Todd FitzgeraldVP, Cybersecurity StrategyCybersecurity Co...
More info Cybercast
We’ve heard it before: Achieving minimal compliance with security standards or frameworks isn’t enough to protect yourself from today’s threats. Basic compliance needs to be a starting point – a core building block upon which you must continually improve and scale your security processes.
With limited resources, staffing, and funding inhibiting...
More info Cybercast
The traditional security monitoring architecture has been troubling security teams with data silos, performance issues, and delays in retrieving archived data for years. Many analysts who continue to operate with the antiquated SIEM architecture stack also experience a high volume of alerts—with many false positives. Luckily, the internal security...
More info Cybercast
Today, successful fraud attempts outnumber those stopped, causing security and risk experts to wonder: How can we turn the tide? The answer lies in machine learning (ML) and artificial intelligence (AI) technologies, which ingest and understand vast historical data to identify fraudulent patterns and suspicious transactions. This webcast...
More info Democast
Organizations have more security concerns than ever before (due to an increasingly volatile threat landscape, growing attack surfaces, and increased volume and complexity of security threats and alerts) and security operations will continue to be difficult for many organizations to effectively combat without the right combination of technology, in...
More info Cybercast
Bots are pesky, ill-natured, and often spiteful programs. Their capabilities constantly evolve in order to elude online defenses and take over consumer accounts. Advanced bot operations use malicious plug-ins, bot farms, and artificial intelligence to bypass and solve traditional CAPTCHA mechanisms. Ironically, traditional CAPTCHAs are often more ...
More info Democast
Secure application development can be a painstaking process, but just how painful does DevSecOps actually need to be?
Companies that are actively engaged in DevSecOps speak of multiple pain points, from struggles with asset visibility and discovery to finding ways to close every gap in their defenses. Along the way, they face an uphill battle t...
More info Cybercast
CISOs are the most sophisticated buyer in the technology industry. Successful engagement with these executives requires a nuanced communication strategy that blends technology, strategic, and leadership content. Above all, solution providers must establish themselves as trusted partners whose primary mission is the safety and security of their cus...
More info Cybercast
New analysis from VMware delves deep into the most recent waves of the Emotet botnet, providing never-before-seen insights into the malware delivery mechanism’s malicious components and modules, its execution chains and its software development lifecycle. This webcast will reveal key findings and takeaways from VMware’s researchers, who mana...
More info Cybercast
The growing number of cloud-based SaaS applications that employees are using to conduct their day-to-day business is dramatically expanding their companies’ attack surface. And malicious actors are increasingly infiltrating networks by compromising weak credentials used across various cloud applications.
The initial knee-jerk reaction among sec...
More info Cybercast
A new Global Incident Response Threat Report from VMware has identified five burgeoning trends that cybersecurity leaders and professionals must get ahead of, if they wish to keep their heads above water:
Deepfakes are becoming mainstream cybercriminal toolsBurnout rates among cyber professionals remain high Ransomware extortion tactics ar...
More info Cybercast
The API attack surface grows larger and more complex every day – leaving organizations uncertain of how to navigate this unfamiliar and dangerous territory. Such confusion leaves businesses vulnerable to botnet attacks against APIs that could result in a denial-of-service scenario or user account takeover.
The first step toward fixing this prob...
More info Cybercast
The cloud has turned security as we know it on its head. It looks and operates differently from the familiar data center, and traditional security practices don’t fully cover the cloud. The cloud attack surface is different as well, and so are the patterns used when cloud environments are attacked. Working closely with cloud security and engi...
More info Cybercast
What makes a Privileged Access Management (PAM) solution truly comprehensive, end-to-end, and modernized? Without truly understanding how to harness the power of PAM, organizations could leave themselves open to attacks on assets that typically require special user access.
This webcast will examine the key moving parts of PAM, including vaultin...
More info Cybercast
Today’s hybrid workforces have introduced additional security risks to their employers. Whether working from home or while traveling, employees need the same quality of protection and control as when they are on site. Consequently, organizations must ensure a consistent employee experience when connecting to the network and accessing key assets.
...
More info Democast
Cloud native development has changed the way developers both build and secure applications. It’s more important than ever for apps to remain secure through their entire development lifecycle – but without impacting dev teams’ ability to innovate with efficiency. One way to balance these needs is to approach security from a dev point of view.
Th...
More info Democast
In 2018, Palo Alto CTO Nir Zuk coined the term XDR – extended detection and response. Since then, the market for this security toolset – designed to unify, correlate and prioritize threat information gathered across all network data points – has taken on a life of its own. Now, organizations are hungry to know if XDR is the right approach for them...
More info Cybercast
Security assessment questionnaires are no longer the centerpiece of third-party risk management programs. As our third-party ecosystems become more diverse and dynamic, so too should our way of monitoring and collaborating with these critical business partners.Join Caitlin Gruenberg, Director of Solution Engineering at CyberGRX as she takes us thr...
More info Cybercast
Look inside most business organizations and you’ll find that their endpoint environments have become increasingly complex, divergent and fragmented – with a proliferation of workstations, mobile and IoT devices, containers, servers, cloud platforms and virtual machines. And remote workforce policies are only accelerating this trend. So imagin...
More info Cybercast
Supply chain-based cyberattacks are one of the biggest threats facing companies in 2022. What decisions would you make if you were the software development company whose third-party library had been targeted, potentially impacting its entire downstream customer supply chain?
In this interactive webinar, you will take on the role of a CISO at a ...
More info Cybercast
Your IT department and security department may both work for the same company, but due to opposing objectives, they don’t always act like they’re on the same team. Each unit has its own priorities, and its own set of point solutions for managing endpoints. This can lead to dangerous silos developing within the walls of your organization, res...
More info Cybercast
Cyberattacks make the news practically every day. But some headlines – like the SolarWinds incident and the ProxyShell and Log4Shell exploits – have global, far-reaching consequences that can affect many downstream organizations. It’s enough to trigger panic in your CEO and board, who may be asking, “How does this affect us?” And the reality is, s...
More info Cybercast
Organizations are facing sophisticated and well-funded adversaries with targeted penetration strategies, including supply chain attacks. Despite multi-layered security investments, these threat actors are successfully breaching defenses and going after organizations’ data. That’s why data security is your last – and most important – line of defens...
More info Cybercast
As more organizations adopt multi-cloud strategies, security managers must develop a strategy to consistently protect web applications across hybrid environments, while preserving quality of security and operational efficiency. The traditional approach to application security no longer works in the multi-cloud, and anew approach is needed. Join us...
More info Cybercast
When it comes to developing strong security hygiene habits, it’s easy to talk a big game. But consistently executing on these practices is another ballgame entirely. Even the simplest of tasks can become unwieldly as a company’s IT assets scale in size. Nevertheless, businesses can take significant strides in bolstering their cyber hygiene against...
More info Democast
Timely threat detection is essential. Every second that a malicious actor lingers inside your network, the odds increase that your organization could be the victim of a major malware attack. Nation-state APT actors are especially adept at staying hidden – but if you know what TTPs and IOCs to look for and you have comprehensive visibility into the...
More info Cybercast
The SolarWinds and Kaseya attacks. Log4Shell and ProxyShell… These are the headlines that give security professionals nightmares. To survive the dizzying pace of today’s modern threat landscape, organizations must have in place an action plan that allows them to quickly triage security incidents, with the confidence that they’re responding t...
More info Cybercast
Security practitioners have many different initiatives demanding their time: evaluating and mitigating 3rd party risk, enabling strategic business efforts, implementing zero-trust practices, and supporting compliance activities, to name just a few. Often overlooked in these initiatives is a security gap that is critical to close if any of these in...
More info Cybercast
You’ve completed a pen test and, not surprisingly, the offensive security exercise turned up multiple weak points and exploitable vulnerabilities across your enterprise environment.
Now what? How do you do ensure your pen test results are actionable and that you get the support from leadership to act on the findings? How do you assess the...
More info Cybercast
The average dwell time of a network intrusion lasts an average of 197 days before discovery, according to a Ponemon Institute study. During that window, there are key moments where the attackers take an action that might alert you to their presence. If you notice it, then you can mitigate the attack before it’s too late. But uncovering these indic...
More info Cybercast
The executive order issued by the White House last year calls for more robust software supply chain protections for federal agencies. Meanwhile, companies are also taking steps toward securing their supply chains. And they are now facing many of the same struggles that government bodies have endured while attempting to adhere to the executive orde...
More info Cybercast
Ransomware actors are always evolving their techniques. This is especially true now, considering the increased use of legitimate applications and LOLBins (Living off the Land binaries.), combined with the recent emergence of major exploits such as Log4Shell, ProxyLogon and PrintNightmare. Join this session to learn about the latest procedures atta...
More info Democast
In today’s distributed environment where new threat vectors and vulnerabilities emerge daily, it’s no longer sufficient to prioritize remediation based on a CVSS score. Tanium brings together numerous sources of risk (e.g. vulnerabilities, compliance gaps, sensitive data exposure, and excessive administrative rights) and combines that with the cri...
More info Cybercast
Secureworks Taegis VDR delivers a fully integrated, comprehensive vulnerability management solution via an automated and configuration-free approach with machine learning and self-learning, built-in ability to prioritize alerts based on the risk level specific to an organization’s business. VDR automatically performs asset and service discovery, d...
More info Cybercast
How do you build trust without boundaries? With multi-cloud and remote work policies taking hold, security focus has shifted from protecting the perimeter to securing everything using trusted identities. In this new reality, public key infrastructure (PKI) is an essential building block.There’s just one problem – most PKI deployments are sorely ou...
More info Cybercast
The notion of “shifting left” refers to organizations conducting security testing earlier in a standard linear development process. But there’s a catch: Modern DevSecOps is very much not linear — as there should be robust testing in both staging and production environments.
Indeed, to execute DevSecOps properly, security...
More info Cybercast
Which authentication methods should we use? This is one of the most common questions you’ll need to address as you roll out multi-factor authentication (MFA) across your organization. It’s critical to build a holistic MFA strategy that utilizes the right methods in the right places.
While traditional MFA methods such as phone-based or har...
More info Cybercast
Cloud service platforms, like AWS, make infrastructure deployment easier for developers. In practice, organizations tend to expose their instances on the cloud network far more than is actually necessary. Unit 42 Threat Researchers analyzed hundreds of public cloud accounts during the pandemic and found a 68% increase in instances directly exposed...
More info Cybercast
It can be tough deciding how much automation you want to introduce into a particular IT security function. While automation does bring speed and efficiency, companies sometimes like to rely on human judgment for important security decisions. This debate is certainly true for third-party risk management, as companies debate if they want to use auto...
More info Cybercast
Ransomware has captured the attention of many due to its far-reaching impacts on industrial control systems. Once an issue that affected IT infrastructure only, now ransomware can target control processing, logistics, distribution, and delivery of critical goods.
Ransomware adversaries employ criminal behavior and ransomware groups disappear an...
More info Cybercast
Zero trust is an approach to security that moves defenses from statically defined network perimeters to explicitly identified assets and users. The transition to zero trust is a journey, not a product—and most organizations already have many elements of a zero trust architecture in their enterprise today. By incrementally adopting and implementing...
More info Cybercast
Despite the hype around Zero Trust, many organizations still struggle to implement it, according to responses to a CyberRisk Alliance Business Intelligence survey. Of the 300 IT security professionals who responded, only 35% are familiar with the principles of Zero Trust and only 36% have implemented it. But they plan to push forward in the coming...
More info Cybercast
Cybercriminals may have launched a few less DDoS attacks in 2021, but after the extraordinary rise during the pandemic, the attacks (still 14% more than pre-pandemic) continue to evolve with new strategies for disrupting networks and extorting targets. Adversaries continue to evolve in parallel to defenders making it just as, or more difficult tha...
More info Cybercast
Software engineers and code developers face a unique set of password management challenges that can put organizational secrets in danger. Technical teams must take care to avoid embedding credentials, SSH keys, DevOps secrets and other confidential secrets into their code. Moreover, these workers can potentially risk leakage of secrets when employ...
More info Cybercast
These days, improving security is fraught with challenges. Your attack surface keeps changing. You likely have vulnerabilities hiding in assets you don’t even know exist. And convincing people to remediate vulnerabilities after you identify them is harder than it should be – oftentimes, they won’t even admit there’s a problem! In our up...
More info Cybercast
As ransomware attacks become increasingly targeted and damaging, infected businesses run the risk of having their data held hostage and their network operations disrupted for days or even weeks. The danger has never been more real – and there are no more excuses: Organizations must understand the core fundamentals of ransomware prevention, respons...
More info Cybercast
The process of signing up a new customer has opposing objectives at play. On one hand, you want to ensure the account sign-up process is quick and painless for legitimate users. But you also want to have enough safeguards in place to weed out fraudsters, identity thieves, and bots who attempt to create fake accounts to cause financial and reputati...
More info Cybercast
How do you manage your security portfolio? Do you use regulatory frameworks as a basis? As a target? Experience shows that these frameworks are an important starting-off point but should not be considered the targeted end-state.
How confident are you that your controls will function correctly during a real attack? Time and time again, we see th...
More info