Name: Open-Source Webinar | 5 Habits to Avoid Security Flaws in Open-Source Software
Start: 2024-07-31T17:00:00Z
End: 2024-07-31T17:00:52.000Z
Location: BrightTALK
Rating: 4.2

ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

The 2024 Annual Membership Meeting will be held on September 26 @ 1:00 PM EDT. This meeting is held once a year to provide the membership with information on the past year, current happenings, and the future direction of your professional association.

  - Learn about ISSA International current activities to enhance your chapter participation and membership year-to-date in 2024
  - Discover what ISSA International is planning in 2025 to provide value and opportunity for members and chapters
  - Review ISSA International financial reporting from 2023
  - Ask Questions. We want to hear from you. This is your opportunity to ask direct questions to the ISSA Board President and Executive Director of ISSA International.
  - Hear about the newly elected, incoming ISSA International Board Members

2024 Annual Membership Meeting

Given the growth in data volume, velocity, variety, and vulnerabilities, knowing where all your
data is and how to improve security posture and manage risk is critical for board-level
discussions. Join Snowflake and BigID for a webinar on practical strategies to strengthen
security posture and reduce risk.

Key Takeaways:

    ●  Learn how Snowflake is using BigID to identify and protect sensitive data at scale across
their own Snowflake deployment
    ●   Key components of a strong Data Security Posture Management (DSPM) strategy,
including both data discovery and proactive remediation of security vulnerabilities.
    ●   Learn proven techniques to identify, assess, and mitigate data security risks at
enterprise-scale to accelerate decision-making
    ●  Hear how to use BigID & Snowflake together to enable DLP and security controls directly
across Snowflake through BigID’s industry-leading DSPM

Data Security Posture Management (DSPM) with Snowflake and BigID

The Security Information and Event Management (SIEM) market is at a critical juncture, filled with disruptions necessitating a reevaluation of current SIEM solutions. Enterprises must question whether their SIEM can keep pace with emerging threats and evolving organizational needs. This guide serves as a roadmap, ensuring your security posture is exceptional rather than merely adequate. Recognizing triggers for a closer SIEM examination is the first step, with recent security incidents exposing vulnerabilities that can't be ignored. Regulatory changes require robust measures to avoid penalties, while growth initiatives demand adaptable security solutions. Budget cycles offer opportunities to invest in advanced security, rather than sticking with outdated systems. Additionally, industry mergers and acquisitions force a reassessment of whether your SIEM can withstand market consolidation and still provide robust protection.

Key takeaways:
1. Why now is the right time to evaluate the efficacy of your SIEM in supercharging security practices across the organization?
2. How to identify critical SIEM capabilities and score the criteria 
3. What are the next steps in your SIEM journey you can take to safeguard your organization’s future

When and Why to Reevaluate Your SIEM

Organizations are overwhelmed with the influx of application vulnerabilities (CVE's) and indicators of compromise, yet many lack the necessary resources to thoroughly investigate even a fraction of these alerts. It’s imperative that organizations optimize their approach to mitigating emerging threats from their third parties. 

In this webinar, you’ll learn:  
·     Strategies to prioritize your third-party portfolio for further investigation for an emerging threat 
·     How to identify the key risk factors crucial for prioritization, empowering participants to make informed decisions swiftly 
·     The art of strategic vendor communication
·     Build and maintain stakeholder and business leader confidence

Mitigating Emerging Threats from Third Parties

Due to the popularity and benefits of the cloud, many organizations are moving to the cloud without a well-thought-out strategy, which increases the organization's risk profile. The primary goal of this presentation is to provide attendees with a roadmap for evaluating their Cloud Service Providers and making their organizations more secure. Additionally, we will discuss the impact of security and privacy in the cloud, which auditors should consider.

Assessing Your Cloud Service Providers:Impact of Security & Privacy in the Cloud

An update to the members on the status of ISSA, information about the transition and an update about the future of the organization.  In addition, it will be an opportunity to answer ISSA members’ questions.

ISSA International President's Town Hall

Copilot for Microsoft 365 can drive productivity (and GenAI adoption), but left unchecked, increases security risk that can lead to data leaks, breaches, and toxic content. Security teams responsible for Copilot need to mitigate risk, enforce controls, and safeguard sensitive data. Join BigID & ISSA for a deep dive into how to reduce risk and secure your data for Microsoft
Copilot.

We’ll cover:
● How to ensure Copilot and AI model training data is safe for use
● Best practices for AI risk mitigation
● Critical capabilities for responsible MSFT Copilot adoption
● And more

Risks & Controls for Microsoft Copilot

ISSA International will soon hold elections for our new Board of Directors and invite you to meet the candidates.

Meet the ISSA International Board Candidates Webinar

With more than a dozen privacy laws in effect or coming into effect, digital advertising is increasingly becoming a regulated industry. While proper notice, fulfillment of opt-out rights, and post-transaction consumer requests (e.g., deletion) have dominated the enforcement and compliance landscape, attention is increasingly being paid to one of the fundamental changes in state privacy laws – their inclusion of requirements around vendor diligence and accountability. 

What does this mean for SSPs, DSPS, and the rest of the digital advertising ecosystem? We will examine how personal data traverses the digital advertising ecosystem, why the privacy diligence and accountability requirements under state privacy laws are paramount in light of those data flows,  changes in business practices needed to achieve compliance, and how technology solutions will need to evolve to meet these requirements.

Privacy Compliance and the Importance of Due Diligence: Redefining Privacy

Platform consolidation — the strategic integration of multiple tools and infrastructure into a single, cohesive platform — is a strategic priority for security and IT leaders, driven by increasing tech stack complexity and budgetary pressure. 
 
Unfortunately, platform consolidation projects often struggle to meet expectations due to gaps between what platforms can do and what it should do. As a result, IT and Security team productivity slows even further, and business initiatives attempting to connect and secure the organization’s technology stack fall short.  
 
IDC analyst and guest speaker Ghassan Abdo has helped dozens of organizations navigate these situations. In this webinar, he’ll discuss: 
• 3-5 common roadblocks in platform consolidation efforts
• Real-world examples of organizations that overcame those challenges
• Actionable strategies you can bring into your own organization

Common roadblocks when simplifying your IT stack

It’s all about the data.  Whether it's Data Subject Request or a Data Breach; the amount of effort, cost and impact on a company's reputation depend on the quantity and the type of personal data involved.  The more personal data, the larger the consequences.  This presentation is a practical approach to privacy and data protection that includes strategies to help you stay compliant with the evolving privacy regulations.  No legalese or technical jargon, just a talk about applicability.

Data Privacy Framework Program

In our presentation, we'll compare the European Union's GDPR with Caribbean data privacy laws, highlighting how both aim to protect personal data but differ in scope, compliance, and enforcement. We'll discuss the unique challenges Caribbean businesses face in meeting GDPR standards, due to different regulatory environments and penalties. The focus will be on how these differences present opportunities for the Caribbean to strengthen its data privacy frameworks, fostering trust and enabling international partnerships in a data-centric world.

Similarities and differences between GDPR and Data Privacy in the Caribbean

As with any piece of enterprise software, choosing and buying a PAM solution is a fraction of the battle. Many installations fail or never get rolled out fully due to deployment complications and competing priorities.
In this webinar, we will discuss common pitfalls, where implementations typically fail, and what you can do to make sure you are fully prepared to deploy and roll out PAM successfully in your organization.
Join this session to:
• Understand why many PAM rollouts fail
• Explore best practices around deployment
• Put a plan for success together
• Learn about new methodologies that can facilitate success

Navigating the Pitfalls of Privileged Access Management Deployment

Is the company talent management process helping your career advancements? How do we combat the assumptions about demographics and life choices; disparity starting from the first landing spot; women leave to start families; women don't aspire to upper management? The purpose of this webinar is to share some personal experiences in applying project management principles to a technical career planning and what you can do to track your own progress over time. Skills in cybersecurity is only the first step, technical proficiency, problem solving capabilities, knowledge in domain and context outside security and privacy as well as other soft skills are just as important for any technology focused career plans for women.

Women in Tech: Delusion or Progress and What you can do about it

We’ll look at current AI technology, legal and ethical issues, why human-machine trust is necessary, and why it’s not easy.

“Trust me – I’m an AI”: Why explainable AI is important

In the dynamic landscape of SaaS, the role of security transcends its traditional defensive function, becoming a powerful differentiator. In this talk, we delve deep into the paradigm shift where security is not just a safeguard but a strategic catalyst. 

Leading with security is more than a buzzword; it's a revenue-driving force. We will explore how proactive security measures can elevate SaaS organizations, foster customer trust, and be pivotal for both internal and external stakeholders - from auditors to customers, from GTM functions to board-level validation.

 You'll learn how this approach allows SaaS companies to not only detect and mitigate risks effectively - but also adapt swiftly to the ever-evolving threat landscape. 

Join us as we explore the transformative power of security in the SaaS industry and discover how it can be harnessed as a formidable force for growth, customer trust, and security by design.

Security By Design: Building Trust through Product Security

It’s all about the data.  Whether it's Data Subject Request or a Data Breach the amount of effort, cost and impact on a company's reputation depend on the quantity and the type of personal data involved.  The more personal data, the larger the consequences.  This presentation is a practical approach to privacy and data protection that includes strategies to help you stay compliant with the evolving privacy regulations.  No legalese or technical jargon, just a talk about applicability.

50 shades of data

The reliance of development teams on open-source components is undeniable. It helps organizations get their software solutions to market sooner and free their engineers to focus on building intellectual property instead of “plumbing”.
Open-source projects are also an attack vector when bad actors compromise the open-source by injecting malware or developers unknowingly include releases with exploitable vulnerabilities.
Join Dave Roche, Director of Software Trust at DigiCert, as he shares the 5 best habits for securing your software supply chain from vulnerable or malicious open-source code. Gain valuable insights into: 
• Novel software supply chain attacks
• Getting visibility of the components in your software
• Spotting and prioritizing vulnerabilities
• Taming code signing without hampering innovation

Open-Source Webinar | 5 Habits to Avoid Security Flaws in Open-Source Software

Cyber Security

Information Security

Cloud Security

Application Security

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Open-Source Webinar | 5 Habits to Avoid Security Flaws in Open-Source Software

Presented by

About this talk

More from this channel