The post DevOps and Security: Have We Shifted Too Far Left? appeared first on Security Current.

The post Security Symptoms vs. Causes: How Leading CISOs Develop World Class Detection and Response appeared first on Security Current.

When: Watch now on-demand

The healthcare industry is adopting technologies that give care providers rapid access to sensitive patient information, when and where they need it. While productivity is enhanced with cloud computing, mobility, “BYOD” unmanaged personal devices, and hosted SaaS apps like Office 365, the CISO is concerned with resolving the inherent risk these technologies bring with them.

For the CISO, it’s important to look at everything, assess risk the right way, and have a practical mitigation plan to address issues that could lead to data loss or breaches, ransomware and other threats.

In this webinar led by Mitchell Parker, Executive Director of Information Security and Compliance (CISO) at Indiana University Health and Salim Hafid, Product Marketing Manager at Bitglass, you’ll learn how to resolve the risk of cloud applications and access via unmanaged devices, and how to apply appropriate controls that enable patient care in a seamless and secure manner.

Our experts will talk about the issues everyone is struggling with, and how cloud security is evolving to address them.

The post Healthcare Orgs: Slay the Risks of Data-enabling Your Care Providers appeared first on Security Current.

When: Watch now on-demand

The rise of the cloud and mobile computing has rapidly changed the nature of enterprise cybersecurity. Employees work not just at the office, but also on the road and at home, on mobile devices and on their own personal computers. They increasingly require access to a wide variety of apps, cloud services, and new communication platforms.

The result is a much larger attack surface, one that is hard to protect with traditional approaches – and one that is growing faster than ever before as users adopt new types of devices, new applications, and new services.

At the same time, the potential threats that enterprises are facing have grown significantly in variety, capabilities, and size. With zero-days and other stealthy attacks, enterprises have less and less time to spot intrusions and take steps to contain them.

Endpoint devices are at the front line of attack. Traditional antivirus protections are no longer enough. Enterprises of all sizes, and all industry segments, are looking for better solutions.

In this discussion, leading security experts examine the new tools that they have at their disposal, including next generation endpoint management, protection and detection solutions. They discuss the business requirements that go into making their technology decisions and offer advice to other security executives facing similar problems.

During this live panel, Bob Turner, Chief Information Security Officer at the University of Wisconsin-Madison and the lead writer of the Security Current report CISOs Investigate: Endpoint Security, will moderate a discussion on the strategies and toolsets that CISOs need today to mitigate the risk of attacks originating at the endpoint.

Also on the panel are Tunde Oni-Daniel, Head of Information Security (CISO), Perdue Farms Inc. and a contributor to the CISOs Investigate: Endpoint Security report; and Tom Mulvehill, Program Director, IBM BigFix.

The post Endpoint Security in a Heightened Era of Threats appeared first on Security Current.

On Demand

Mobile computing and the use of cloud applications are touted as ways to help healthcare providers deliver better patient care. Clinicians carrying tablets or other devices to exam rooms and patients’ bedsides can quickly access and update patient data and other vital resources necessary for accurate and expeditious treatment.

No one disputes the value of “anytime, anywhere” computing in healthcare, but there is a concern about the risk associated with access to sensitive and regulated data via unmanaged devices and unsanctioned cloud applications.

In this CISO panel discussion moderated by Hussein Syed, CISO at RWJBarnabas Health, and joined by panelists Alex Fry, application security expert, and Mike Schuricht, VP of Product Management, Bitglass, you’ll learn about real-world approaches to some of the most vexing challenges of mobile and cloud computing.

The post Healthcare Orgs: Empower Your Mobile Workforce Without Sacrificing Data Security appeared first on Security Current.

On Demand

With an increased opportunity for financial gain, cyber criminals are now willing to invest significant time and resources into creating advanced attacks that target enterprises. At the same time, enterprises often face a shortage of skilled security professionals who are dedicated to responding to such attacks.

During an attack and subsequent response scenario, every second counts. The longer it takes to address an issue, the more risk the business faces.

Criminals target enterprise endpoints as their point of entry because the overall attack surface is so large and inviting. New strategies and more advanced tools are necessary to stop attacks in their tracks when possible and to expedite information gathering and analysis so that security teams have everything they need to respond quickly and remediate attacks in progress.

During this live panel, Bob Turner, Chief Information Security Officer at the University of Wisconsin-Madison and the lead writer of the Security Current report CISOs Investigate: Endpoint Security, will moderate a discussion on the strategies and toolsets that CISOs need today to ensure their security team stays ahead of cyber adversaries.

Also on the panel are Hussein Syed, Chief Information Security Officer at RJWBarnabas Health, and Rick McElroy, Chief Security Strategist at Carbon Black.

Join this insightful discussion to learn how you can empower your security team with the strategies and tools to stop attacks and conduct a fast and effective investigations to shut down attacks in progress.

The post Strategies and Tools to Remediate and Shut Down Advanced Attacks at the Endpoint appeared first on Security Current.

On Demand

Driven by ease of deployment, cost effectiveness, and improved productivity among employees, many organizations have adopted cloud technology. Although there are significant benefits to cloud adoption, some organizations still face major challenges preventing their move to the cloud. From maintaining security and compliance to managing data on BYO devices, organizations have a unique set of data security requirements.
In this Bitglass-sponsored webinar, Brian Lozada, CISO of Zocdoc, and Karthik Venna, Product Manager at Bitglass, will discuss how to balance the benefits of moving to the cloud with implementing a security solution that protects data end-to-end.

• Find out the benefits of moving to cloud apps
• Understand how to maintain control of your data
• Learn how to use your partner ecosystem to keep your data secure

​Register Now!

The post ​How to Protect Data in the Cloud appeared first on Security Current.

LIVE WEBINAR

September 27th
11 AM Pacific (2 PM Eastern)

Hardly a week goes by without a major cyber security event affecting millions of users – and the financial industry is particularly vulnerable. The 2017 Verizon Data Breach Investigations Report identified “Insider and Privilege Misuse” as a major incident pattern resulting in confirmed data breaches. According to Verizon, 62% of all breaches featured hacking, and of those, 81% leveraged stolen and/or weak passwords—giving the attacker the same privileges as a trusted insider.

At the heart of the problem lies a simple fact that many organizations fail to follow the basic information security principle of Least Privilege with trusted insiders having access to both highly sensitive and mission-critical information. As a result, accidental or deliberate misuse of a credential can lead to a breach. Companies in the financial industry are prime targets for such attacks because of the large potential payout of critical information.

While many tools have been developed to address Least Privilege issues on Windows-based systems, Linux/Unix systems were largely neglected. Unix/Linux systems are serving critical roles for many financial organizations, from storing highly sensitive information to processing millions of transactions between institutions. Being able to tightly control access to these systems is a critical security need.

This webinar will provide CISOs in financial services and other sectors:

• A CISO’s first-hand experiences regarding the challenges faced in securing access to critical Unix and Linux systems
• Real-world insights on how Unix and Linux Privileged Access Management (PAM) helps CISOs bolster security with granular access controls while also meeting compliance requirements
• Guidance on selecting technologies that enable CISOs to meet their business objectives while remaining nimble
• An executive view on where the market is headed in relation to PA

Register Now!

The post Unix/Linux Privilege Management: What a Financial Services CISO Cares About appeared first on Security Current.

ON-DEMAND WEBINAR

Overiew

The amount of time an attacker remains within your network directly affects the scope and cost of a breach. As you know, attackers are creative; once in your network, they can remain undetected for months, wreaking havoc along the way.

But investigating and hunting are easier said than done. Each day, security professionals are faced with a constant flood of alerts to filter through and prioritize. And, during an active investigation, it’s a struggle to understand the context of any anomalies without a clear picture of what’s happening across your network.

In this webinar, we’ll share real-world examples from the front lines of cyber-hunting, and discuss best practices on how to reduce the mean time to investigate.

Watch Now! 

The post Investigating and Hunting for Anomalies appeared first on Security Current.

ON-DEMAND WEBINAR

Healthcare security requirements become even more complicated with the move to the cloud. Competing internal priorities, along with numerous cloud apps to control, increase strain on already under-resourced teams. Visibility and control over data can seem almost impossible when it is being stored in locations you do not own or manage.

In this Bitglass-sponsored webinar led by Premise Health CISO Joey Johnson you will learn about how to avoid console overload by consolidating controls with a cloud access security broker platform.

Key topics include:

• Overcoming security dashboard overload when trying to manage authentication, access controls, devices, threats, compliance, malware, DLP, etc
• Healthcare security options to control data in the cloud
• CASB platform and solution overview

Watch Now!

The post Healthcare Security In A Cloud First World appeared first on Security Current.