Name: Cyber Notes Cast - What is a lateral movement attack and how does it occur
Start: 2023-08-21T15:00:00Z
End: 2023-08-21T15:00:10.000Z
Location: BrightTALK
Rating: 0

Our mission is to eliminate abuse of privilege in organizations around the world and build digital sovereignty. To achieve this, Senhasegura works against data theft through the traceability of privileged actions of human and machine identities on assets such as network devices, servers, databases, industry 4.0, and DevOps environments. Companies of various sizes and industries rely on Senhasegura to protect one of their most valuable assets: data.

senhasegura is considered a Leader vendor by KuppingerCole in its 2023 Leadership Compass report and as Leaders in its 2022 report. 

We are the only PAM vendor with 5 stars on the Gartner Peer Insights Voice of the Customer report 2022. In the same portal, our customer reviews delivered a recommendation rate of 100%*, the highest among all PAM providers.

In 2020, Senhasegura was recognized as a “Challenger” in the Gartner Magic Quadrant (MQ) report. In the same year, Gartner also ranked us among the top three PAM technologies in the world in its Critical Capabilities PAM report.

In December 2020, we were named by GPTW as a Great Place to Work by our employees.

Nossa live abordará as principais violações de segurança com vazamento de dados que ocorreram ao longo do ano e suas consequências para as empresas. A intenção é informar sobre os métodos que os cibercriminosos usaram, discutir as falhas de segurança que permitiram esses vazamentos e fornecer orientações práticas sobre como proteger seu negócio contra esses tipos de ameaças.

Tópicos que serão abordados:

- Introdução aos Vazamentos de Dados;
- Os 6 Maiores Vazamentos de Dados em 2024;
- Análise das Falhas de Segurança;
- Métodos Comuns Usados por Cibercriminosos;
- Medidas Proativas de Proteção;
- Planos de Resposta a Incidentes;
- Ferramentas e Recursos.

Quem deve participar?

- Profissionais de TI e Segurança da Informação: Administradores de redes, analistas de segurança e gerentes de TI que buscam aprimorar suas estratégias de segurança cibernética.
- Líderes e Executivos de Negócios: CEOs, CIOs, CISOs e diretores de operações que precisam entender a importância da resiliência digital para a continuidade dos negócios.
- Consultores e Especialistas em Cibersegurança: Profissionais que trabalham com segurança da informação e desejam se manter atualizados sobre as melhores práticas e tendências do setor.

Webinar Os 6 Maiores Vazamentos de Dados em 2024 - Como Proteger seu Negócio  (Webinar em Português)

Transforme a Gestão de Dados da Sua Empresa com Conhecimento de Alta Qualidade!

Participe de nosso webinar exclusivo e mergulhe nas implicações práticas da Lei Geral de Proteção de Dados (LGPD) para empresas como a sua. Este é o evento que você não pode perder se deseja estar na vanguarda da conformidade e segurança da informação, nossos especialistas em cibersegurança, compliance e jurídico irão explorar em profundidade os aspectos mais críticos da lei brasileira de proteção de dados pessoais.

O que você irá aprender:

- Adaptação à LGPD: Passos essenciais para alinhar a sua organização às exigências da legislação;
- Dicas Práticas: Estratégias e melhores práticas para implementar programas eficazes de proteção de dados;
- Tecnologia de Ponta: Saiba sobre as ferramentas mais avançadas para garantir a segurança das informações pessoais.

6 Anos de LGPD: Desafios, Impactos e Transformações na Cibersegurança! Webinar in Portuguese

Dive into the evolving landscape of cybersecurity as we unpack the key discussions and innovations highlighted at BlackHat USA 2024. This webinar offers a comprehensive exploration of how emerging technologies, strategic approaches, and regulatory changes are shaping the field of cybersecurity. Join our panel of experts as they provide valuable insights and forward-looking trends that will inform the strategies and defenses of tomorrow.

What will attendees learn?

- Cutting-Edge Cybersecurity Technologies
- Strategies for Digital Resilience

Understanding the Future of Cybersecurity - Insights from BlackHat USA 2024

In today’s complex regulatory environment, adhering to various cybersecurity and data privacy regulations is a challenging yet essential task for organizations. Join us for an insightful round table discussion where industry experts from senhasegura will delve into identity-centric strategies to simplify and streamline regulatory compliance. We’ll explore frameworks such as NIST 2.0, ISO 27001, CIS Controls, and data privacy regulations like GDPR and CCPA. Learn how Privileged Access Management (PAM) plays a critical role in meeting these standards.
Discover how to navigate regulatory requirements effectively while enhancing your organization’s security posture. Our experienced panelists will share challenges, best practices, and actionable insights to bolster your compliance efforts and business continuity planning.

Attendees Will Learn:
- Key regulatory requirements and how identity management addresses them.
- Insights into NIST 2.0, ISO 27001, CIS Controls, GDPR, and CCPA.
- Practical steps for implementing PAM to ensure compliance.
- Common compliance challenges and best practices for overcoming them.
- How to integrate compliance and cybersecurity into business continuity planning.

Who Should Attend:
- IT Security and Compliance Professionals
- Cybersecurity Analysts and Managers
- Risk Management Officers
- Data Privacy Officers
- IT Auditors and Consultants
- Business Continuity Planners

REGULATORY COMPLIANCE MADE EASY WITH IDENTITY-CENTRIC STRATEGIES

*Webinar in Portuguese*

Não conseguiu estar presencialmente na RSA mas quer estar por dentro do que foi mostrado por lá?! 

Então junte-se a nós para um webinar exclusivo, onde os principais especialistas em cibersegurança da senhasegura trazem insights valiosos diretamente da RSA Conference 2024.
Nesta sessão, exploraremos as tendências mais recentes, inovações e estratégias discutidas em um dos principais eventos de cibersegurança do mundo.

Nossa experiente equipe abordará tópicos-chave, incluindo proteção avançada contra ameaças, o cenário em constante evolução das ameaças cibernéticas, conformidade regulatória e o futuro das tecnologias de cibersegurança. Eles oferecerão conselhos práticos sobre como aplicar esses insights para proteger efetivamente sua organização. 

Se você é um profissional de cibersegurança que busca se manter atualizado, um líder empresarial que busca reforçar as defesas de sua organização, ou simplesmente tem curiosidade sobre o futuro da segurança da informação, este webinar irá equipá-lo com o conhecimento e as estratégias essenciais no cenário cibernético em constante evolução de hoje.

Não perca esta oportunidade de aprender diretamente com especialistas direto da RSA 2024 e participar de uma sessão onde poderá obter respostas para suas perguntas mais urgentes sobre segurança cibernética.

Principais Pontos Abordados:

Compreensão das últimas tendências e inovações em cibersegurança;
Estratégias para aprimorar a resiliência cibernética de sua organização;
Visão sobre o futuro da cibersegurança e como se preparar.

Quem Deve Participar?

- Profissionais de TI e Cibersegurança;
- Executivos de nível C focados em aprimorar a segurança digital;
- Entusiastas de tecnologia;

*Webinar in Portuguese*

RSA 2024 – Insights Estratégicos da senhasegura - Webinar in Portuguese

Join us for an exclusive webinar where senhasegura's top cybersecurity experts bring you invaluable insights fresh from RSA Conference 2024. 

This session will delve into the latest trends, innovations, and strategies discussed at one of the world's premier cybersecurity events.

Our seasoned panel will dissect key topics including advanced threat protection, the ever-changing cyber threat landscape, regulatory compliance, and the future of cybersecurity technologies. They'll offer practical advice on applying these insights to effectively safeguard your organization.

Whether you're a cybersecurity pro looking to stay ahead, a business leader aiming to bolster your organization's defenses, or simply curious about the future of infosec, this webinar will arm you with the knowledge and strategies essential in today's rapidly evolving cyber landscape.

Don't miss this chance to learn directly from RSA 2024 veterans and participate in a session where you can get answers to your most pressing cybersecurity questions.

Key Takeaways:

Understanding the latest cybersecurity trends and innovations;
Strategies for enhancing your organization’s cyber resilience;
Insights into the future of cybersecurity and how to prepare.


Who Should Attend?

- IT and Cybersecurity Professionals;
- C-Level Executives Focused on Enhancing Digital Security;
- Technology Enthusiasts;

RSA 2024 Revealed - Strategic Insights from senhasegura

As cyber threats continue to evolve and pose noteworthy risks to organizations globally, grasping the nuances of the current threat landscape is key to crafting robust cybersecurity tactics. The Verizon Data Breach Investigations Report 2024 provides a detailed analysis rooted in real-world data breaches, offering critical insights into the tactics, techniques, and motivations of attackers.

In our upcoming webinar, senhasegura experts will delve into the notable trends highlighted in the report. This includes a look at newly emerging threat actors, prevalent attack vectors, and the industries most impacted by breaches. We'll break down the advanced techniques used by cybercriminals and pinpoint sectors that are increasingly at risk, deepening your understanding of the ever-changing cybersecurity environment.

Additionally, we will discuss the broader implications of the report's findings for organizations and provide tailored recommendations to enhance your security posture. By determining the root causes of breaches and comprehending their effects, you can proactively spot vulnerabilities within your infrastructure and take effective measures to diminish risks.

Don't miss this opportunity to obtain exclusive insights and expert analysis from the Verizon Data Breach Investigations Report 2024. Join us to keep a step ahead of cyber threats, as we unpack the valuable lessons learned and equip you with actionable strategies to protect your organization's sensitive data.

Unveiling the Verizon Data Breach Investigations Report 2024

Cybersecurity in the Middle East: Protecting Cloud Identities with PAM

In the era of digital transformation, addressing cybersecurity risks is paramount for ensuring business continuity, particularly within the dynamic and expanding cloud environments of the Middle East.

Our webinar explores the pivotal role of Privileged Access Management (PAM) in fortifying cloud identities against threats amidst the evolving digital landscape. With the recent inauguration of Google Cloud's new data centers in Dammam, Saudi Arabia, and the pioneering PAM solutions offered by senhasegura, we stand at a crucial juncture in regional cybersecurity.

Key Takeaways:

- Navigating the Dynamic Cybersecurity Landscape
- The Significance of Google Cloud's Expansion
- Understanding the Vitality of PAM in Cloud Security
- Overcoming Implementation Challenges of PAM
- Selecting the Optimal PAM Provider
- Embracing PAM Solutions in the Middle East

Who Should Attend?

- IT and Cybersecurity Professionals
- C-Level Executives Focused on Enhancing Digital Security
- Cloud Technology Enthusiasts
- Business Owners Seeking Insights into PAM's Role in Cloud Environments

Don't miss this exclusive opportunity to bolster your cybersecurity acumen and stay ahead of the curve.

Webinar Cybersecurity in the Middle East: Protecting Cloud Identities with PAM

In a world where digital security is non-negotiable, join us for a groundbreaking webinar that delves deep into the ever-evolving realm of cybersecurity. 

Our focus? The seamless integration of passwordless authentication methods into Privileged Access Management (PAM) systems.

What You'll Gain Insight Into:

- Fundamentals of Digital Identity and Authentication - Dive into the cybersecurity landscape, unraveling the essentials of digital identity and the evolution of authentication tokens;

- The Rise of Passwordless Authentication - Explore how passwordless solutions are revolutionizing security protocols, striking the perfect balance between enhanced security and user convenience;

- Integrating Passwordless with PAM - Navigate the practical aspects of embedding passwordless authentication into PAM systems, uncovering the benefits and tackling challenges head-on;

- Expert Insights from Industry Leaders - Hear firsthand from our strategic partner, a trailblazer in passwordless authentication technology, as they share their expertise and real-world applications;

- Live Demonstration - Witness real-time demonstrations showcasing the seamless integration of passwordless methods in PAM. Experience the ease of use and heightened security in action.

What's In It for You:

- Understand Emerging Trends and Technologies - Gain insights into the latest happenings in the cybersecurity universe;

- Learn Practical Approaches to Enhance Security - Acquire actionable strategies to fortify your organization's security posture;

- Network with Industry Experts and Peers - Engage with the cybersecurity community, forging valuable connections.

Unlock the Future of Secure Access: Integrating Passwordless into PAM

In an era where cyber threats loom larger than ever, the traditional 'trust but verify' security model is becoming obsolete. Enter Zero Trust – a paradigm shift that redefines organizational cybersecurity. 

But what role does Privileged Access Management (PAM) play in this new framework? 

Join us in this illuminating webinar as we explore the crucial interplay between PAM and Zero Trust.

Why Privileged Access Management is essential to achieve Zero Trust Security

In an era where cybersecurity challenges are escalating, understanding the latest trends, impacts, and strategies is paramount to address associated risks. Discover how organizations worldwide are responding to breaches, making investments, and harnessing the power of AI and automation to mitigate risks. 

Join us for an insightful webinar as we dive into the key findings of the market-recognized IBM and Ponemon’s 2023 Cost of a Data Breach Report. From the rising costs to the influence of DevSecOps and cloud security, this webinar offers invaluable insights to enhance your security posture and safeguard your digital assets.

Turning Insights into Action: Exploring IBM's 2023 Cost of a Data Breach Report

Join us for an exhilarating panel discussion as we unpack the most provocative and groundbreaking discussions from DEF CON and Bsides 2023. From the evolving role of artificial intelligence in cybersecurity to the intricacies of digital certificate management, the audacious world of wearables and biohacking, to the revelations in RFID and mobile network vulnerabilities—our experts will explore these themes in detail. Engage with industry leaders and gain actionable insights into the future of cybersecurity.

The Hacker’s Paradigm: Insights from DEF CON and Bsides 2023

Join us for an insightful journey into the world of cutting-edge cybersecurity practices and techniques unveiled at DEF CON 2023 workshops. This webinar will delve into key areas that are shaping the cybersecurity landscape, including incident response strategies, cloud vulnerabilities, the emergence of wearable tech and biohacking, and the evolving challenges of hacking WiFi and mobile networks. Our expert speakers will share hands-on experiences, real-world case studies, and practical insights gained from DEF CON workshops, offering you a unique opportunity to stay informed about the latest trends and emerging threats in the cybersecurity realm.

Topics:

Cloud Vulnerabilities and Misconfiguration
Wearables and Biohacking
Wifi and Mobile Networks Hacking
The importance of Incident Response in cybersecurity

Hands-On Cybersecurity: Unveiling the Techniques and Tools from DEF CON 2023

In the ever-changing world of digital technology, the line between science fiction and reality is becoming increasingly blurred. The rise of Artificial Intelligence (AI) and Machine Learning (ML) is a testament to this, as these technologies are no longer just buzzwords but have become integral parts of our digital infrastructure. 

One area where AI and ML are making a significant impact is cybersecurity, specifically in Privileged Access Management (PAM). PAM is the digital equivalent of a high-security vault, safeguarding an organization's most critical systems and data. It's a booming market, projected to hit $2.3 billion by 2024, according to Gartner. 

Tune in to the discussion between our cybersecurity expert, David Muniz, and Charlie Harold from the renowned SecurityGuyTV.com. They delve into the ways Artificial Intelligence and Machine Learning enhance identity protection.

Free eBook about AI and ML in PAM: https://bit.ly/47yKpyu

How Artificial Intelligence and Machine Learning Help Identity Protection

In Information Technology, the term port refers to an access point for transferring data. However, the software port can have different purposes and mostly corresponds to the Internet protocols TCP and UDP, which have different particularities.

In this episode, we discuss secure and insecure ports and show how you can secure these access points. Follow!

In the area of Information Technology there are several terms and nomenclatures. Among them, we highlight the ports, which can be software or hardware. These ports are comprised of important protocols that perform various functions such as I/O processing and data transfer.

In practice, there is a large number of ports, characterized by their functions and a number, which allows classifying them between the protocols that make up UDP and TCP.

In this cyber notes cast episode, we cover secure and unsecured ports and how to secure them. To make your listening more enjoyable, we have divided our content into the following topics:

1. What are network ports?
2. What are risky network ports?
3. What is the most secure port?
4. Is port 443 a security risk?
5. Is port 8080 vulnerable?
6. How to secure insecure ports ?
7. How to detect open ports on the network?
8. How to ensure port security?
9. About senhasegura
10. Conclusion

Enjoy this Cyber Notes Cast episode!

CNC - Identifying secure and unsecured ports and how to secure them

In cybersecurity, the human element plays a critical role, both as a solution and as a challenge. The surge in cyberattacks during the Covid-19 pandemic has heightened the need for skilled cybersecurity professionals to safeguard organizations' confidential data. However, the industry is grappling with a significant skills gap, leaving businesses vulnerable to cyber threats. Join our webinar as we delve into the human aspect of cybersecurity, exploring the cybersecurity skills gap and the burden faced by cybersecurity professionals.

During the session, we will discuss the following key points:

Understanding the Cybersecurity Skills Gap;
Overburdened Cybersecurity Professionals;
Bridging the Gap and Alleviating Stressors;
How to Get People to Care About Security and Risk.

Join us as we shed light on the pressing issue of the cybersecurity skills gap and its impact on professionals. Together, let's uncover actionable insights to bridge the gap and alleviate the overburdening of cybersecurity teams, ensuring a secure digital landscape for organizations.

The Human Aspect in Cybersecurity: Skills Gap and Work-Related Stressors

Cloud solutions bring numerous facilities to companies, but also offer security risks. Want to know how to combat these threats? Read our article to the end!

A 2020 survey by cybersecurity solutions provider Barracuda showed that 53% of companies have accelerated plans to move their data to a cloud-based environment. This is due to the mass adoption of remote work that has occurred in recent years due to the Covid-19 pandemic.

The big problem is that this change makes organizations even more vulnerable to cyberattacks. To get a sense, according to Gartner, companies running cloud infrastructure services will experience at least 2,300 violations of least privilege policies annually through 2024.

The good news is that we at senhasegura can help you avoid losses caused by the lack of adequate protection for your cloud environments. We were even recently listed as Challengers in the KuppingerCole Leadership Compass for DREAM report, which deals with the subject.

Enjoy this Cyber Notes Cast episode!

CNC - How does senhasegura help protect your cloud environments?

Data leaks occur whenever a user or organization has their sensitive information exposed, putting the security and privacy of companies and people at risk. Know more!

The Data Breach Investigation Report 2022, conducted by the Ponemon Institute, provides an overview of data breaches occurring in 2022 in 17 countries and regions and 17 different industries.

To produce it, more than 3,600 people from companies that suffered leaks were interviewed, which made it possible to gather some relevant information.

According to the study, 83% of companies surveyed had more than one data breach. In addition, 60% of leaks resulted in higher prices being passed on to customers and the average cost of one of these events was US$4.35 million.

In this cyber notes cast episode, we are going to talk more about data breach and address its main causes. To facilitate your listening, we have divided our content into the following topics:

1. What is a data breach;
2. What are the 5 common causes of data breach;
3. Examples of data breach;
4. What are some common types of violations;
5. How to prevent data leakage;
6. About senhasegura;
7. Conclusion.
 
Enjoy this Cyber Notes Cast episode!

CNC - The main causes of data leaks

A lateral movement attack occurs when the cybercriminal gains access to an initial target to move between devices within the network without their presence being noticed.

In this cyber notes cast episode, we explain in detail what side threats are and how to avoid them. Want to know more about it? Listen our content to the end.

A lateral movement attack can present itself in a variety of ways and for a variety of purposes.

In practice, this type of action is related to accessing an entry point, which corresponds to the initial target, so that the attacker can later gain access to other locations on the network, being able to steal data or infect devices and demand a ransom payment, for example.

However, it is possible to avoid lateral threats with the support of an IT team prepared to identify them in a timely manner and with the support of powerful cybersecurity solutions, such as PAM.
In this cyber notes cast, we share key information about a lateral movement attack. To make it easier to listen, we have divided our content by topics. They are:

1. What is a lateral movement attack?
2. How does a lateral movement attack occur?
3. Examples of lateral movement attack
4. How to detect a lateral movement attack?
5. How to prevent a lateral movement attack?
6. PAM senhasegura: the ideal solution for preventing lateral movement attacks.
7. About senhasegura.
8. Conclusion.

Enjoy this Cyber Notes Cast episode!

Cyber Notes Cast - What is a lateral movement attack and how does it occur

cyberattacks

senhasegura

Privileged Access Management

Cybercrime

Security Strategy

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Internal audit and compliance professionals are facing increasingly stringent regulatory requirements when it comes to compliance reporting and internal control procedures. Join the audit and compliance community to learn best practices from thought leaders on topics such as regulatory compliance, internal audit checklists and audit program strategies.

Audit and Compliance

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Cyber Notes Cast - What is a lateral movement attack and how does it occur

Presented by

About this talk

More from this channel