Course Library

►

Incident Response Plans: Global Compliance Mandates and Obligations

Darrin Kimes - US Secret Service, Sadia Mirza - Troutman Pepper  •  In Development • 

Creating a cybersecurity incident response plan is a fundamental requirement of any cybersecurity program - and a requirement of many global regulations, including GDPR and PCI DSS. During this workshop, Troutman Sanders' Sadia Mirza will discuss the benefits of table top exercises. She then will be joined by law ...

►

Monitor and Identify Malicious Threat Before they Cripple your Organization

Dave Martin - Open Systems  •  November 16, 2030 @ 12:00 AM (EST) •  Available Exclusively for Premium Members • 

Today's threats are more sophisticated than ever and despite significant investment in prevention technologies many organizations continue to suffer damaging attacks. Join Dave Martin, Open Systems' Senior Director of Product Management- Threat Response as he share best practices model to minimize risk that combines ...

►

Security Threats vs. Unmitigated Risks

Brian Soldato - NSS Labs  •  Available Exclusively for Premium Members • 

Enterprises have invested extensively to address the evolving threat landscape, but security effectiveness remains a guessing game. The problem is, enterprise security teams cannot be sure of the effectiveness of their security controls once they are in place. At the same time, they are under pressure to quantify ...

►

Panel: In the Wake of WannaCry: Creating a Data Security Action Plan that Addresses the Core Elements

Howard Anderson - ISMG, Jennings Aske - New York-Presbyterian, Erik Devine - Riverside Healthcare, Lee Kim - HIMSS  •  Available Exclusively for Premium Members • 

In the wake of recent of recent ransomware attacks, such as WannaCry, which have plagued healthcare organizations, in particular, for the last year, what lessons do we have yet to learn? Ransomware attacks are nothing new, and while WannaCry was widespread, it was not sophisticated or stealthy, necessarily. So why did ...

►

A Re-evaluation of the 2014 FFIEC Joint Statement

Sean Brady - Arbor Networks  •  Available Exclusively for Premium Members • 

In 2014, the FFIEC released the Joint Statement "Distributed Denial-of-Service (DDoS) Cyber-Attacks, Risk Mitigation, and Additional Resources." This session will review the six primary guidelines provided within the statement, assess the evolution(s) that have occurred in the threat landscape since its release and ...

►

Unintended Consequences of the IoT

Bryce Austin - TCE Strategy  •  Available Exclusively for Premium Members • 

The number of Internet of Things (IoT) devices will surpass the number of people on the planet by the end of the year. These devices can potentially provide a direct conduit to some very private and valuable information in your company. In our rush to connect everything, security and privacy are often afterthoughts. ...

►

Cyber Insurance: A Rising Role in Mitigating Risk for CISOs

Richard Bortnick - Traub Lieberman Straus & Shrewsberry, LLP, Benjamin Dean - Iconoclast Tech; Fmr Fellow for Cyber Security and Internet Governance, Columbia SIPA, Tim Francis - Travelers Business Insurance, Jay Kramer - Lewis Brisbois Bisgaard & Smith, David Pollino - PNC Bank  •  Available Exclusively for Premium Members • 

The financial risks to organizations from data breaches come from a variety of angles, from share price hits to class-action lawsuits to fines from regulators to reputational damage. As such, the insurance industry has jumped full steam into cyber. Larger insurers are already helping companies spot and mitigate ...

►

Moving from Indicators of Compromise to Indicators of Attackers: But Will Attacker Attribution Really Help Us?

Jackie Castelli - CrowdStrike, Richard T. Jacobs - FBI NY, Noam Jolles - Diskin Advanced Technologies, Avivah Litan - Gartner Research  •  Available Exclusively for Premium Members • 

How does attacker attribution help a CISO and an enterprise? The answer: More than most might think. Most organizations don't care who the attacker is. They just want to stave off attacks. But could they do more? By using indicators of compromise, for instance, organizations can strengthen their defenses. IOCs are ...

►

Insider Threat Detection: Lessons from the Trenches Based on Real Insider Cases

David Pollino - PNC Bank, Randy Trzeciak - CMU  •  Available Exclusively for Premium Members • 

What are the biggest threats to your organization's data? Recent media attention to high-profile cyberattacks would lead an organization to think external threats are its only concern. Unfortunately, this misconception allows another significant threat to your organization's critical assets to stay completely under ...

►

In the Wake of WannaCry: Creating a Data Security Action Plan that Addresses the Core Elements

Jennings Aske - New York-Presbyterian, Eric Chabrow - ISMG Security Report, David Pollino - PNC Bank, Mitch Zahler - HSBC  •  Available Exclusively for Premium Members • 

In the wake of recent ransomware attacks, such as WannaCry, what lessons do we have yet to learn? Ransomware attacks are nothing new, and while WannaCry was widespread, it was not sophisticated or stealthy, necessarily. So why did it have such an impact? In this session, our panelists will discuss why the "wartime ...

►

Insider Threat Detection: Lessons from the Trenches Based on Real Insider Cases

Michael Theis - Carnegie Mellon University CERT Insider Threat Center  •  Available Exclusively for Premium Members • 

This session shares the empirical findings of the CERT Insider Threat Center's more than 15 years of research into both malicious and unintentional insider threats. The findings demonstrate how pervasive the insider threat is in all sectors, both private and public. The session also outlines what types of threats are ...

►

International Trends in Cybersecurity: Political Influences and Nation-State Risks

Philip Reitinger - Global Cyber Alliance  •  Available Exclusively for Premium Members • 

In the last year, we've seen a significant increase in cyber activity, from propaganda through "information warfare" to mass-scale cybercrime. Increasing political tensions complicate an already complex international response. Differing approaches to cyber and privacy risk in Europe and the United States have caused ...

►

Business-Driven Security: Bridging the Gap between Security and 'The Business'

Ben Smith - RSA  •  Available Exclusively for Premium Members • 

Organizations of all sizes today face serious and consequential risk-management challenges. Technology is often presented as the ultimate solution to this problem, but in many cases, organizations are experiencing not just a technical challenge, but a "language" challenge, especially when it comes to risk-management ...

►

The Growing Dangers of Interconnectedness and Its Adverse Impact on Availability, Reliability and Reputation

David Hahn - Hearst  •  Available Exclusively for Premium Members • 

When an attack strikes, the first task on-hand for anyone working in cybersecurity is to stop the disruption; the second task is to ensure that critical data is protected. And for Fortune 500 companies and other leading U.S. businesses like Hearst Corp. - a media and business information conglomerate with ownership of ...

►

Faster Payment, Faster Fraud

Kevin Donovan - BioCatch  •  Available Exclusively for Premium Members • 

Following NACHA's new rule for same-day ACH transactions, businesses and consumers are now able to benefit from same-day transaction processing, providing quicker access to payroll, account transactions and more. While beneficial for businesses and consumers, same-day ACH has necessitated that financial institutions ...