Name: Building PHI Compliant Apps in the Cloud: Identity Security Best Practices
Start: 2023-12-11T17:44:00Z
End: 2023-12-11T17:44:49.000Z
Location: BrightTALK
Rating: 5

CyberArk is partnered with organizations around the globe to offer the most complete and extensible identity security solution, protecting identities and critical assets by enabling zero trust and enforcing least privilege.
This channel is focused on addressing today’s most critical Identity Security challenges in conjunction with CyberArk's Partner Network.

In the realm of government cybersecurity, the Zero Trust framework stands as a beacon of defense against evolving threats. Central to its efficacy are the principles of identity and access management, which redefine traditional security paradigms. Zero Trust advocates for perpetual verification of users, devices, and resources, emphasizing a “never trust, always verify” mantra. Identity verification, facilitated by multifactor authentication and behavioral analytics, lies at the heart of this approach, ensuring that access requests are scrutinized for legitimacy.

Tune in to this webinar session as Federal officials and IT experts discuss the roles of identity and ICAM in their current ZT infrastructure, how they got to the level they’re at, and lessons learned with implementation. Hear about current trends, tools, and resources that both public and private sector are utilizing and unveiling.

Securing the Identity Fabric in the Age of Cloud and Zero Trust

In an era where the Cloud's possibilities are limitless, its attack surface has also grown exponentially. AWS, Azure, and GCP collectively offer a staggering 1,400+ native services, each guarded by over 40,000 access controls. These numbers aren't just statistics; they're the real-world complexities you face daily.
What's more, the Cloud has revolutionized the roles within your organization. Cloud-native developers, Lift & Shift workload admins, and professionals from diverse backgrounds now possess powerful tools for innovation. This transformation is both a blessing and a challenge. How can you enforce identity security without slowing down the velocity demanded by your business?

Charles Chu, General Manager of Cloud Privilege Security at CyberArk, is here to guide you through this complex landscape. This enlightening webinar delves into the why and how of new security methods. Explore the art of provisioning on-the-fly entitlements, crafted for the right person in the right situation. It's not just about security; it's about maintaining the critical balance between security and operational velocity.

Key topics:
- Cloud's Expanding Attack Surface: Gain insights into the exponential growth of native services and access controls on AWS, Azure, and GCP.
- The explosion of New 'Admins': Understand the paradigm shift where new users become admins with access to powerful set of tools to create, and innovate.
- Balancing Identity Security and Business Velocity: Uncover strategies to meet the challenge posed by the ever-increasing need for velocity.
- Practical Steps for Improved Identity Security: Learn actionable strategies, best practices, and tools to enhance your identity security hygiene.

Who is this relevant for?
- IT Security Leaders
- Cloud Architects and Engineers
- CISOs, CTOs and CIOs
- IT Managers and Directors

Language spoken: English

Don't miss this great opportunity to learn from a top industry expert.

Unlocking Cloud Security: The Zero Standing Privilege Solution

Among the greatest risks to data today is the threat of ransomware attacks. The impact and likelihood of ransomware can be significantly reduced with a comprehensive endpoint privilege manager. Such a tool can eliminate local admin rights and guided by policies, elevate specific programs or tasks transparently. Instead of completely stripping users of all privileges, potentially hindering their work, CyberArk EPM facilitates automated policy-driven and ad hoc workflows for on-demand privilege elevation, ensuring no disruption to the end-user experience or burden on support teams.

Benjamin Jørgensen, Information Security Advisor at Kommando, will lead an exploration into the WHYs and HOWs of Endpoint Privilege Management. He will provide a foundational understanding of its importance, showcase how CyberArk addresses the challenges of endpoint privilege security, and demonstrate two practical scenarios that resonate in real-world contexts.

Who should attend?
- IT Security Leaders
- Cloud Architects and Engineers
- CISOs, CTOs, and CIOs
- IT Managers and Directors

Language spoken: Norwegian

Don’t miss this short but informative session that will hopefully help you along your Least Privilege Enforcement journey.

Endpoint Privilege Manager – Hvorfor er det nyttig?

ID North's Identity Spotlight - Episode 4: Building Beyond Compliance 

Join us as we dive into the evolving landscape of cybersecurity and explore how to build measures that extend beyond compliance. In this episode, we highlight the importance of anticipating changes in regulations and compliance frameworks. Our experts discuss the necessity of developing a robust cybersecurity posture and the advantages of adopting an Identity Fabric-centric approach to enhance security capabilities and boost overall cybersecurity.

Key takeaways from the episode:
• Regulations and compliance frameworks are continuously adapting out of necessity; anticipate further changes. 
• Aim to build a robust overall cybersecurity posture, rather than just meeting regulatory demands. 
• Adopt an Identity Fabric-centric approach to Identity Security to enhance security capabilities and bolster cybersecurity.

Building Beyond Compliance

ID North's Identity Spotlight - Episode 2: The Challenges of AI

Dive into the complex world of AI as we uncover the pros and cons of AI within Identity Security. Hear from leading experts as they discuss the obstacles and opportunities in realizing AI's full potential.
Key takeaways from the episode:

• AI to enhance Identity Security operations and efficiency. 
• Govern the lifecycle of AI identities and their access to systems and data. 
• Regulate what data users can access through generative AI's outputs.

The Challenges of AI

ID North's Identity Spotlight - Episode 2: Identity Security as Strategic Insurance

Explore the concept of Identity Security as a critical component of your organization's survival. In this episode, we discuss how robust identity security measures not only keep your digital assets safe but also ensure business continuity and resilience. Tune in and gain valuable insights from industry experts. 

Key takeaways from the episode:
• Treat Identity Security and cybersecurity as essential insurance, not as profit drivers. 
• Establish clear, metric-based risk levels in agreement with management. 
• Agree on specific outcome-driven metrics for basic identity hygiene, including multi-factor authentication, governance policies, and privileged access management.

Identity Security as Strategic Insurance

ID North's Identity Spotlight - Episode 1: The First Line of Defense is Identity Security

Join us for an engaging discussion on the crucial role of Identity Security in today's digital landscape. In this episode, we dive into how securing digital identities acts as the first line of defense against cyberthreats and data breaches. Get practical tips, expert insights, and innovative solutions to protect your organization’s most valuable assets.

Key takeaways from the episode:
• Identity Security is the first line of defense in Cybersecurity. 
• Basic identity hygiene is crucial. 
• Implement multi-factor authentication, enforce least privilege access through governance, and securely manage privileged accounts.

The First Line of Defense is Identity Security

Uploaded_Video_No_Title

Defending sensitive assets in a multi-/hybrid-cloud world with legacy and modern applications and growing number & types of identities is challenging to say the least. As security teams recognize that protecting sensitive assets means securing access for all identities, they are pressed to demonstrate the ROI of existing and future investments. In this panel, experts from leading global system integrators will discuss the real-world challenges and insights to prove the value of a robust Identity Security strategy.

Measure & Deliver Value with Identity Security

The threat landscape continues to evolve as organizations push forward with their business initiatives. With this comes the paramount responsibility for any organization to protect its digital assets, which in-turn not only includes its own intellectual property, but also the sensitive private or personal data that belongs to individual users.

Securing these identities – both human and machine - requires greater collaboration and cooperation between IT & Security teams. In this webinar with EMEA industry experts, we will discuss various Identity Security strategies to navigate challenges and potential gaps to align to business goals.

Watch this webinar and gain insights on taking a security-first approach with Identity Security. In this webinar, they will share expert advice on:

· Top challenges to addressing Identity Security related risk.
· Critical elements for securing identities in the cloud and the supply chain.
· Actionable insights your organization can take to mitigate identity-related threats.

EMEA - An Identity Security-first Approach to the Evolving Threat Landscape

We live in a digital world with no boundaries. There are 45 machine identities for every human identity, and the total number of identities is growing at an accelerated rate of 3x per year, according to CyberArk research. “Privileged users” are no longer just IT admins: We found that 52% of all employee identities have access to sensitive systems and data that attackers can easily exploit. In this environment, every identity at any access point is a gateway to an organization’s most valuable resources.

Security leaders recognize that achieving and maintaining control of every identity is the key to stopping most modern attacks. But they are struggling to implement an identity-first security strategy. Every new digital initiative brings new identity-related challenges and requirements, and new tools are being implemented ad-hoc to address them.

Join Clarence Hinton, Chief Strategy Officer from CyberArk, Andrew Morrison, Principal, Deloitte & Touche LLP, Damon McDougald, Global Digital Identity Lead, Accenture , and Rich Kneeley, Managing Director, PwC Cyber Risk and Regulatory, as they share their expertise and insights on taking a security-first approach with Identity Security. 

In this webinar, they will expert advice on:
- Top challenges to addressing Identity Security
- Critical elements for securing identities in the cloud and the supply chain
- Actions you can take to mitigate identity-related threats

Register now.

An Identity Security-first Approach to the Evolving Threat Landscape

Cyber attackers have become more innovative when targeting privileged accounts. Threat actors commonly target privileged endpoints such as Linux administrator accounts and once attackers gain access, they can traverse the network and take over workstations, servers and critical parts of the infrastructure.  Do you have the necessary tools in place to safeguard your critical assets and ensure the integrity of your cloud-based operations?

Join ESG, Red Hat, and CyberArk for an engaging discussion about endpoint privilege management.  Topics include:

• Identity-related threats and controls against these threats
• Securing Linux-based cloud instances and how to simplify the administration of security policies
• A secure and easy way of connecting to and working on cloud machines with certified solutions from Red Hat and CyberArk

We will explore best practices, real-world use cases, and actionable insights to help you secure your Linux deployments effectively. Join us to learn how the combined strengths of Red Hat and CyberArk can help you fortify your Linux infrastructure against evolving cyber threats, enhance operational efficiency, and achieve regulatory compliance.

Role-specific Least Privilege Protection of Linux Machines

From NIS2 ‘cyber hygiene’ to securing your software supply chain with : what controls gap you are likely to face when NIS2 principles transpose into law. And what steps you can take to address it.

Coming to Terms with Your NIS2 Security Controls Gap. And How to Address It

Three real-life examples of attacks on organizations that fit NIS2’s expanded definition of ‘Critical’.. From the perspective of CyberArk’s Incident Response team.

NIS2: Inside the War Room Responding to 3 Attacks on Critical Infrastructure

We cut through any ambiguity around NIS2 –  CyberArk and PwC covers what and who’s in scope, why it’s important, tier classifications, key policy areas and how NIS2 will get transposed into law.

Are You Essential or Important- Making Sense of NIS2

With decades of combined experience in cyber security and digital identity, David and Aaron share their perspectives on what Zero Trust means, its challenges, and most importantly, how to implement it effectively.

The session stresses the collaborative nature of security, emphasizing that there is no one-size-fits-all solution for Zero Trust. Instead, a holistic approach is required to address diverse cybersecurity challenges.

If you're looking to enhance your organization's security posture and embark on a Zero Trust journey, this on-demand webinar provides valuable insights and actionable strategies to get you started. Explore the world of Zero Trust and learn how to protect your digital assets effectively.

In line with BrightTalk terms, CyberArk and its Partners may send you news and offers about their products and services when you watch one of our webinars or access our content. You can withdraw your consent at any time and find out more about how we process personal data by consulting our privacy notice. <link to: https://www.cyberark.com/privacy-notice/>

Continuous Zero Trust Transformation

How do you balance risk reduction and engineering velocity? In this panel discussion, leaders in cloud security are joining together to discuss how to ‘move fast and break things’ – securely. 

We plan to cover:
• Increased attack surface: Compatibility accommodations for lift and shift migrations plus maintaining the hundreds of services offered by cloud service providers now require a greater variety of identities and credentials. This has increased complexity and a need for governance.
• Zero Standing Privileges: Managing risk while maintaining velocity (and customer relationships) is complex. Elevating the right access, at the right time, with the right entitlements is required to securely deliver software on time. 
• Entitlements sprawl: Every relationship between components deployed within the cloud is controlled by entitlements mapped to roles. These entitlements and roles vary greatly across cloud providers. Learn best practices to keep up with the constant changes that make up the dynamic nature of the cloud.
• Misconfigurations: These identity blind spots can cause big risk. In fact, the NSA suggests that misconfigurations are the most common and easiest entry point into a cloud for an attacker. Lock down your access then reduce your entitlements.

Speakers:
Charles Chu – GM Cloud Security at CyberArk
Damon McDougald – Global Digital Identity Lead at Accenture
Yuval Shchory - Head of Global Partnerships, Identity and Access Management at AWS

Moderator: 
Ben Cole, TechTarget

Multi-Cloud Identity Security: Combating a Wide Open Gate

4 Key Steps to Eliminate Vault Sprawl Across AWS Applications

Secure Identities for a Secure Cloud with CyberArk and AWS

Join this panel of cloud security experts from AWS, CyberArk, and Healthfirst to uncover critical Identity Security steps to achieve PHI compliance and other key standards for new and existing cloud-hosted apps.


Learning Objectives
The panel will deliver insights and practical guidance on topics including:

Access control requirements in HIPAA, NHS and other healthcare compliance frameworks
Identity Security considerations to satisfy HIPAA Privacy and Security rule requirements. 
People, processes, and technology recommendations for secure application development 
Strategies for ensuring compliance across both lift-and-shift applications and net-new software projects.
Practical steps to make progress towards the ideal states of Zero Trust and Zero Standing Privileges

Building PHI Compliant Apps in the Cloud: Identity Security Best Practices

Cloud

Identity Security

Best Practice

Compliance

HIPAA

Healthcare

Zero Trust

Application Development

Cloud Applications

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Building PHI Compliant Apps in the Cloud: Identity Security Best Practices

Presented by

About this talk

More from this channel