Training

►

Insider Threat Detection: How to Develop a Successful Program

Michael Theis - Carnegie Mellon University CERT Insider Threat Center  •  Available Exclusively for Premium Members • 

What are the biggest threats to your organization's data? Recent high-profile cyberattacks would lead an organization to believe that its external threats are the most concerning. Unfortunately, this misconception allows another significant threat to your organization's critical assets to remain completely under the ...

►

The Emerging Threat Landscape: How To Keep Ahead in Cyberspace

Steve Durbin - Information Security Forum (ISF)  •  Available Exclusively for Premium Members • 

As information-security threats intensify, organizations risk becoming disoriented - focused more on grappling with complex technology, an explosion of data, increased regulation and a debilitating skills shortage. This is a huge danger, since prompt action is required to interpret an increasingly complex threat ...

►

Government Process and the C-Suite: Why Boards Have Skin in the Game

Randy Sabett - Cooley LLP  •  Available Exclusively for Premium Members • 

Cybersecurity has become a board of directors and C-suite issue, as numerous cybersecurity incidents over the past couple of years have proven. The tipping point could be viewed as the Target breach, since that breach led to direct effects on both the management team and the board. The perception has been that ...

►

Card-Not-Present: Fraud on the Move, Back to the Future, Again

Trevor McDermott - Gemalto  •  Available Exclusively for Premium Members • 

As fraudsters switch focus back to card-not-present schemes, research from consultancy Aite Group indicates that CNP fraud will soon outpace card-present fraud in the U.S. by a three-to-one margin. Globally, payments provider ACI Worldwide saw a 30 percent increase in CNP fraud in the first half of 2015. And ACI found ...

►

The Visible Attack Surface - What it is and Why it Matters

Michelle Johnson Cobb - Skybox Security  •  Available Exclusively for Premium Members • 

How can gaining visibility into indicators of exposure (IOEs) shrink layers of attack and more effectively contain incident? By understanding how network modelling and simulation can be used to visualize and analyze an attack surface, as well as understanding how to measure IOEs, such as vulnerability density, ...

►

2016 IAM Research: Where Financial Institutions' PAM Programs Are Falling Short

September 29, 2016 @ 5:30 PM ((GMT +2)) • 

Forty-seven percent of survey respondents rate their organizations at above average or superior when it comes to provisioning, managing and attesting to identities and access to secured resources within their networks. And yet ... 50 percent either know their organizations were breached in the past year, or they ...

►

Fighting Back Against Malware Hiding in Your SSL Traffic

Kevin Broughton - A10 Networks  •  September 30, 2016 @ 7:30 PM ((GMT +2)) • 

Threat actors will bypass security controls by hiding 50 percent of all attacks behind SSL encryption by 2017. So how do you stop them?

►

Insider Threat Detection: How to Develop a Successful Program

Randy Trzeciak - CERT  •  October 4, 2016 @ 4:30 AM ((GMT +2)) •  Available OnDemand • 

What are the biggest threats to your organization's data? Recent media attention to high-profile cyberattacks would lead an organization to think external threats are its only concern. Unfortunately, this misconception allows another significant threat to your organization's critical assets to stay completely under ...

►

The Devil Inside the Beltway: the FTC vs. LabMD

Mike Daugherty - LabMD  •  In Development • 

You've seen the headlines about the Federal Trade Commission's messy legal battle with LabMD, a cancer screening service that was investigated for two alleged data security incidents in 2008 and 2012. Last November, an FTC administrative law judge ruled to dismiss the FTC's case against LabMD, saying the FTC "failed ...

►

How the Next President Will Deal with Obama's Cybersecurity Legacy?

Steve Chabinsky - CrowdStrike, Eric Chabrow - ISMG Security Report, GovInfoSecurity & InfoRiskToday, Larry Clinton - Internet Security Alliance, Karen Evans - U.S. Cyber Challenge, Ari Schwartz - Venable  •  In Development • 

The Obama administration has implemented a number of cybersecurity and privacy initiatives and policies aimed at making IT more secure for the federal government and the private sector, including the cybersecurity framework, National Strategy for Trusted Identities in Cyberspace, employing encryption and sharing cyber ...

►

Revolutionary Evolution: the Cloud, MIST and the Internet of Everything

Jerry Archer - Cloud Security Alliance  •  In Development • 

Cloud computing is revolutionary evolution- it is continuous, rapid, radical, and pervasive. More than 90 percent of enterprises are leveraging public cloud computing to provide some level of business services. We have embarked on a journey into the cloud that is irreversible, largely unknown, and unknowable. Fueled ...

►

A Multidisciplinary Approach to Building Trustworthy Secure Systems

Ron Ross - National Institute of Standards and Technology (NIST)  •  In Development • 

Taking an engineering approach to IT security is essential to defend against threats targeting the growing complexity, robustness and interconnectedness of today's information systems, as exemplified by cyber-physical systems and systems-of-systems (those composed of independent constituent systems), including the ...

►

Ramped Up Identity Proofing: How Multilayered Authentication Knows the User

Joel Hardi - Equifax Identity and Fraud  •  In Development • 

Fraudsters are a smart group. With each identity proofing or fraud prevention method that's introduced, they figure out ways to work around it. Organizations must be careful when using techniques that fraudsters may have compromised, but that doesn't mean throwing everything out and starting from scratch. With ...

►

Fraud: Learning from Our Experiences and Expanding on Technology for Future Payments

Joanna Schoneveld - Interac Association/Acxsys Corp.  •  In Development • 

Interac, Canada's leading debit payment brand, has seen significant reductions in debit card fraud in recent years. The combination of sound policies, investments in technology, such as chip technology and fraud detection, along with outstanding collaboration with industry partners, offers strong protection for ...

►

Securing Data in the Future: Lessons from the Payment Card Frontlines

Gord Jamieson - Visa  •  In Development • 

In an increasingly digital world, where players from virtually all sectors are racing to innovate, the risk of data theft is a very real threat. When it comes to payments, data can be incredibly sensitive and must be protected. But what about other data? As recent, high-profile breaches have shown us, personal ...