Name: NIS-2 is coming: New requirements for corporate cybersecurity management
Start: 2024-07-11T09:00:00Z
End: 2024-07-11T09:00:56.000Z
Location: BrightTALK
Rating: 5

On this channel, Kaspersky experts share their knowledge and key insights into high-fidelity threat hunting and intelligence, incident management, malware analysis, reverse engineering, security solutions, and several other vital aspects of the cyberworld. To keep you up to date, the experts also provide detailed webinars and workshops on how Kaspersky security solutions and services can halt and prevent a vast range of malicious attacks conducted by cybercriminals. 

Kaspersky is a global cybersecurity and digital privacy company that has been providing protection for 25 years, with over 400 million users from more than 200 countries. Kaspersky experts' mission is to help you find the perfect weapon to protect against any cyberthreat, carried out by even the most sophisticated cybercriminals. 

Kaspersky researchers are top-notch cybersecurity and protection technology experts, who regularly take part in leading information security events worldwide as best-in-class speakers. Kaspersky’s deep threat intelligence and security expertise is constantly being transformed into innovative security solutions and services that protect businesses, critical infrastructure, governments and consumers around the globe.

Subscribe and learn more about the latest cybersecurity discoveries on the threat landscape and how to defend against them.

Contact us at https://www.kaspersky.com/about/contact 




As part of the Kaspersky Security Bulletin 2024, this webinar delves into the risks posed by supply chain weaknesses and global IT disruptions. Hear from top Kaspersky security experts as they reflect on publicly known significant outages and supply chain incidents from 2024, including the faulty updates, Linux and open-source supply chain attacks, notable breaches, and other events.  

Together with Igor Kuznetsov, Director of the Global Research & Analysis Team (GReAT), Alexander Liskin, Head of Threat Research, and Vladimir Kuskov, Head of Anti-Malware Research, we’ll explore: 

- The significance of the latest supply chain incidents from 2024. 

- Scenarios involving potential threats even more severe than the high-profile IT outage in July 2024. 

- Proactive measures and strategies to mitigate risks and bolster resilience against future potential disruptions. 

This webinar is designed for security experts and managers from enterprises, service providers, AI developers, internet companies, and other businesses — large or small. Don’t miss this opportunity to stay ahead in the rapidly evolving cybersecurity landscape.

Global IT outages and supply chain attacks: 2024’s lessons and tomorrow’s cyberthreats

In today’s relentless cybersecurity landscape, threats can still slip through undetected and compromise organizations, despite multiple security controls. In this webinar, Victor Sergeev and Amged Wageh, from Kaspersky, deep dive into real-world cases where compromise assessment became the last line of defense, and successfully identified incidents that were unnoticed.

What you will gain from this webinar:
• Discover how hidden vulnerabilities allow attackers to bypass security systems, despite robust measures.
• Understand the risks of internal policy violations, patch management gaps, and subcontractor misconfigurations.
• Gain actionable insights into revealing undetected threats in your own organization.
• Explore the best practices for implementing a comprehensive assessment strategy to improve incident response and threat hunting efforts.

This session is designed to provide deep technical insights and practical solutions for those tasked with securing their organization’s IT infrastructure, from both internal and external threats – CISOs, CTOs, CIOs, SOC managers and analysts, incident responders, IT managers – to many other related specialists. Don't miss this opportunity to learn from real-life examples and working practices to fine-tune your approach to cybersecurity.

Missed cyberthreats: real-world cases where compromise assessment uncovered what was overlooked

As AI systems based on large language models become more powerful and widespread, more cybersecurity challenges emerge. From jailbreaks to indirect prompt injections, they are vulnerable to a wide array of LLM-specific threats. However, all these problems can be boiled down to one single issue: LLMs are probabilistic algorithms that are inherently unreliable, just like any other ML system. Does it mean they cannot be useful? Absolutely not! In this talk, we will discuss the challenges of secure and reliable LLM-based applications and the way to make them safer and more aligned with your business goals.

Unreliable AI: Addressing the Cybersecurity Risks of LLM-Based System

As cyber threats continue to evolve, mastering the art of digital forensics investigation is an essential for investigating security incidents and safeguarding critical systems. This webinar will focus on Windows digital forensics, offering an overview of the tools and techniques used to uncover digital evidence on Windows systems.

During the session, we will explore the key aspects of Windows forensics, including the major stages of the forensics process, beside a technical session on analysing Windows artifacts to reveal traces of cyber attack.

Additionally, we will provide an overview of our newly released online training course on Windows Digital Forensics. This course covers topics such as methods of obtaining diverse digital evidence, in-depth analysis of browsers and email histories, and the use of timestamps to restore incident scenarios, making it a valuable resource for cybersecurity professionals aiming to enhance their forensic analysis skills.

On the path to reveal the mystery with Digital Forensics

Join us for a webinar where Kaspersky Digital Footprint Intelligence expert Anna Pavlovskaya will explore the motivations and drivers of cybercriminals, providing a unique perspective on the threats coming from dark web to companies of all sizes.

What you’ll discover:
• How Kaspersky monitors the dark web for data leaks, access sales, password dumps, and other threats targeting companies.
• Stepping away from the usual statistics and attack reports, we’ll examine off-topic discussions on dark web forums, such as whether to pay for a girl on a first date, or is there any perspective on a “white” job.
• Learn how to build cybercriminals’ profiles to enhance defensive strategies.

This webinar provides an unusual look into the human side of cybercriminals, helping you better understand and defend against the threats they pose. It will be beneficial for OSINT specialists, cybersecurity and darknet researchers, and corporate security specialists.

Inside the Dark Web: exploring the human side of cybercriminals

In the ever-evolving threat landscape of cybersecurity, true expertise is the key of robust protection. In 2023 alone, Kaspersky products thwarted over 437 million cyber attacks, while detected 411,000 new malicious files daily. What powers these formidable defenses?

Join Oleg Gorobets, Security Evangelist at Kaspersky, and Alexander Liskin, Head of Kaspersky's Threat Research, as they unveil the inner workings of Kaspersky’s five Centres of Expertise (Threat Research, Global Research and Analysis Team, AI Research, Security Services and ICS CERT). Discover their pivotal roles in safeguarding businesses and individuals, and explore real-world case studies demonstrating the impact of Kaspersky's expertise in defending against most complex cyber threats.

Whether you're a cybersecurity professional, a decision-maker, or simply interested in the dynamics of cyber defense, this webinar will provide valuable insights and practical knowledge.

The Cybersecurity Buyer's Dilemma: Hype vs (True) Expertise

Despite all the technological advancements, human factor remains one of the most significant vulnerabilities – as the evolution of the threat landscape is less about sophisticated code and more about ingenious scenarios. The problem is even more acute as there is a significant shortage of qualified cybersecurity specialists in the market. Our latest insightful webinar explores the critical role of human factors in cybersecurity and share strategies to mitigate these risks effectively.

Join us on July 16, when with extensive experience in cybersecurity, Kaspersky expert Oleg Gorobets will share valuable insights and practical advice on enhancing your organization’s defenses and will delve into the following topics: 

● Human vulnerabilities: the most common non-IT and IT/InfoSec professionals’ errors and intentional information security policy violations that led to security breaches and how they can be exploited by cybercriminals;
● The impact of InfoSec professionals’ shortage on an organization’s cybersecurity;
● Monotonous work and burnout of InfoSec professionals as the obstacles to reliable company's cyber protection; 
● Breakdown of common cyber incidents that occurred over the last two years due to human factors in companies around the world;
● Finding a fitting solution: attention turns to tech and automation. 

Don’t miss this opportunity to enhance your cybersecurity knowledge and learn how to effectively mitigate human risks!

Cybersecurity's human factor – more than an unpatched vulnerability

Security Operations Centers (SOCs) have long recognized the critical need for building effective detection techniques. In this webinar, Andrey Tamoykin, an expert at Kaspersky SOC Consulting will explain how to develop and prioritize a detection backlog from scratch using the MITRE ATT&CK framework.
 
We will explore various open-source tools to automate and streamline this process, providing practical insights and solutions to common challenges in detection engineering. This session will also cover key SOC development aspects driven by an optimized detection backlog.
 
Who will benefit from this webinar?
- SOC Managers
- Security Monitoring Team Leads
- Detection Engineers
- SOC Researchers
- SIEM Analysts
 
Join our webinar to enhance your detection capabilities and ensure your SOC stays ahead of evolving threats with actionable strategies and tools.

Building and prioritizing detection engineering backlogs with MITRE ATT&CK

Join this webinar to gain practical insights into the challenges faced by your industry peers involved in security operations and related activities.
 
During the session, we'll explore common issues and effective strategies pertaining to cybersecurity incident detection and response and answer any questions that may arise. Our discussion will also cover aspects of threat intelligence, including the benefits it can offer organizations and obstacles that can arise while implementing these practices in your team.

Critical topics such as SOC team composition, hybrid SOC structures, Threat Intelligence (TI) and Threat Hunting (TH) operations will also be included, and we will discuss the challenges of hybrid SOC related to relationships with MSSP, particularly when customizing daily operations and processes to collaborate with external service providers.

SOC Consulting: insights and live-on cases

In today's digital landscape, phishing and social engineering attacks have become increasingly sophisticated, posing significant threats to organizations worldwide. According to Kaspersky's 2023 report, spam accounted for an alarming 45.60% of global email traffic. Furthermore, a staggering 77% of companies have fallen victim to cyber incidents in the past two years, with 21% of these incidents attributed to employees succumbing to phishing attacks.

Beyond the mere inconvenience of sorting through spam, these attacks can lead to severe consequences. From compromising confidential data to incurring substantial financial and reputational damages, the implications are vast. Additionally, recipients risk losing personal funds to scam messages, underscoring the urgency for robust email security measures.

Join us for this enlightening webinar where Kaspersky's experts, Anna Lazaricheva and Alexander Rumyantsev, will delve into the most prevalent and current email threats observed over the past year.

• Understand the diverse forms of spam and email threats plaguing organizations today.
• Explore real-world examples and case studies highlighting the impact of phishing and social engineering attacks.
• Discover the advanced features of Kaspersky Security for Mail Servers (KS for Mail Server), designed to combat sophisticated email threats effectively.

Email security: Top threats and how to counter them

Annual Incident Response Analyst Report provides insights into incident investigation services conducted by the company to willing customers in 2023, builds a holistic overview of any cyberthreat trends and summarizes observations into statistical analysis of recent incidents. 

Join our webinar on May 8, when Ayman Shaaban, Digital Forensic and Incident Response Manager in GERT, Global Emergency Response Team, at Kaspersky, will highlight the most common attack scenarios based on 2023 incident investigations, including observations on: 

• Top targeted regions and industries 
• Most common initial compromise vectors 
• Attack duration and impact 
• Adversarial tools and tactics 
• Expert incident response recommendations 
• Examples of investigated incidents from 2023

Analyzing last year’s cyber incident cases

In 2023, Kaspersky Managed Detection and Response (MDR) received more than 314,000 alerts worldwide. Kaspersky team processed these alerts and accumulated as anonymized customer cases to provide information about the current threat landscape.

Join our webinar with Sergey Soldatov, Head of Kaspersky Security Operations Center, where he will tell about the nature of the identified incidents and highlight the most common tactics and techniques attackers used.

On this webinar you will understand:
• Who are your potential attackers?
• How do they operate today?
• How can their activity be detected?

These new findings will help you to protect businesses from the growing number and complexity of real-life threats.

MDR report 2023: Analyzing the state of the global threat landscape

As the industrial landscape evolves, so do the threats that accompany it. While many industrial threats may be developing slowly from year to year, subtle changes are reaching a critical mass, poised to reshape the cybersecurity landscape in the near future.

Join us for the webinar featuring Evgeny Goncharov, head of Kaspersky’s Industrial Control Systems Cyber Emergency Response Team (ICS CERT). Evgeny will dissect the current state of industrial cybersecurity and provide invaluable foresight into what lies ahead. From the persistent menace of ransomware to the burgeoning wave of cosmopolitical hacktivism, we'll delve into the multifaceted risks facing industrial enterprises.

Join us to gain valuable insights into the key cybersecurity challenges facing industrial enterprises in the upcoming year. Learn how to effectively safeguard your operations and stay ahead of emerging threats. Plus, get an analysis of trends from 2023 and a comprehensive outlook on the evolving threat landscape in 2024.

Industrial cybersecurity in 2024: trends and forecasts

As the number of cyberattacks increases, it is crucial to be able to reverse-engineer malware quickly and efficiently. To do so, it is very important to learn to master tools for reverse engineering.

In this webinar, we will dive into the depths of Ghidra, an indispensable tool for InfoSec professionals that is commonly used to analyse malware. To demonstrate how it can come in handy when reverse engineering; we will show you its capabilities using a malware called Calypso as an example. While analyzing this malware with Ghidra, we will share various tips and tricks that will be useful during the reverse engineering process – for instance, we will tell you how to analyze functions that make use of structures and function pointers properly.

Additionally, we will provide information about our recently released online training course on malware analysis with Ghidra. This course includes advanced topics such as API function hashing, decompiler scripting and extending Ghidra’s capabilities, and it will be useful for cybersecurity specialists wanting to learn how to do malware analysis using Ghidra.

Take your reverse engineering to another level with Ghidra

In the AI domain, individuals often find themselves taking a stance. Some argue that AI's technological advancements revolve around control and power, while others highlight its convenience. Simultaneously, the cybersecurity community remains wary of AI's potential to disrupt the threat landscape, possibly causing upheaval in defense organizations globally. 
 
At the same time, the regulatory framework for emerging technologies is in its early stages of development, navigating uncharted territory during its formative development stages. This adds complexity to the discourse, as the ethical, legal, and societal implications of AI are yet to be fully addressed. 
 
In this webinar, Kaspersky's experts and Prof. Dr. Dennis-Kenji Kipker  of cyberintelligence.institute will delve deep into the multifaceted current influence of AI on cyber threats and the privacy landscape. While our Kaspersky expert illuminates technological intricacies, Prof. Dr. Dennis-Kenji Kipker will navigate the intricate landscape of AI laws and regulatory trends.Furthermore, our panel will scrutinize the pivotal AI developments of 2023 and provide insights into the forecast for the upcoming year. Our roundtable is joined by: 
- Dennis Kipker, Research Director, cyberintelligence.institute, Frankfurt am Main 
- Vladislav Tushkanov, Research Development Group Manager at Kaspersky’s Machine Learning Technologу Research Team 
- Victor Sergeev, Incident Response Team Lead at Kaspersky’s SOC Technologies Research and Development Team 
- Vladimir Dashchenko, Security Evangelist, Kaspersky’s ICS team

The Future of AI in cybersecurity: what to expect in 2024

In today's media landscape, we consistently encounter news of companies falling victim to cyberattacks, resulting in the exposure and sale of their data on the dark web. The wide array of data available on the dark web market, including internal databases, infrastructure access, and compromised accounts, presents a pervasive problem that affects businesses of all sizes. These breaches and related incidents don’t only disrupt operations and damage reputations, but they can also result in substantial fines and legal consequences. 

According to Kaspersky, nearly half of the organizations that faced data breach incidents in 2022 lacked contact person responsible for handling such incidents. About one-third either failed to react, denied the incident, or showed indifference to their data being traded on the dark web. Only a few were adequately prepared to respond. 

At our upcoming webinar, Anna Pavlovskaya, an expert at Kaspersky Digital Footprint Intelligence, will present a comprehensive guide to setting up a system that monitors dark web threats and navigating the aftermath of an incident. You will gain insights into: 

- Structuring the incident response process, including the approach, necessary steps, and the specific roles assigned to the team members responsible for the process. 
- Identifying the types of data commonly offered for sale on the dark web and understanding the differing response strategies based on these data categories. 
- Effective communication with the media, customers, partners, shareholders, top management, and other parties involved. 
- Strategies for rapid incident identification, investigation, response, and recovery from an incident or preventing it from occurring.

Responding to a data breach: a step-by-step guide

The NIS 2 Directive, effective since January 16, 2023, aims to bolster cybersecurity in the EU's key industries. Member states must implement it by October 17, 2024. It applies to specific entities in crucial sectors, categorized as essential or important, with shared requirements but varying supervisory measures and penalties.
 
Cybersecurity mandates cover risk analysis, information system security, incident handling, business continuity, supply chain security, network and information systems acquisition, basic cyber hygiene, cybersecurity training, cryptography use, human resources security, access control policies, and asset management.

Non-compliance may result in substantial fines, up to €10 million or 2% of annual turnover for essential entities, and up to €7 million or 1.4% for important entities. Companies should assess obligations, monitor national adoption, follow cybersecurity authorities' guidance, and fortify measures to manage cybersecurity risks.

As a cybersecurity vendor, Kaspersky leverages all of its expertise to help organizations build robust cyber defenses and be compliant with NIS 2. We can support you with our leading solutions and services.

NIS-2 is coming: New requirements for corporate cybersecurity management

Cyber Security

NIS2

Business Continuity

Cyber Hygiene

Incident Handling

Information Security

Risk Analysis

Supply Chain

Asset Management

Compliance

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

NIS-2 is coming: New requirements for corporate cybersecurity management

Presented by

About this talk

More from this channel