Name: Tackling Rising Software Vulnerabilities Sustainably
Start: 2024-09-11T14:45:00Z
End: 2024-09-11T14:46:01.000Z
Location: BrightTALK
Rating: 4.7

Dedicated to serving the information security community, in person, in print and online.

challenges. Businesses are rapidly adopting generative AI and cybersecurity solutions are integrating it, but at the same time threat actors are leveraging AI tools to make their attacks more sophisticated.
64% of cybersecurity professionals are either researching GenAI tools or have already purchased one, according to a CrowdStrike survey. Additionally, 70% of respondents said they intend to make a GenAI purchase within the next 12 months.
This session will explore how AI is reshaping the cybersecurity landscape, from augmenting existing attack vectors to fortifying defenses and how you can prepare for your GenAI investment.
• Key learnings:
o How AI is being used to augment existing attack vectors 
o How GenAI and LLMs are being targeted through AI poisoning and jailbreaks 
o Strategies for integrating AI into your cybersecurity framework and considerations when investing in GenAI tools 
o Predictions on future trends to help you stay ahead of the curve

Navigating Cybersecurity Investment in the AI-Driven Landscape

In an era where cyber threats are constantly evolving, CISOs must navigate a complex and dynamic landscape to protect their organizations. 
Join us for an engaging webinar where we explore the essential strategies and tools that CISOs need to thrive in today's challenging cybersecurity environment.
Key Takeaways:
• Stay ahead of the curve by understanding the latest cyber threats and how to counter them effectively.
• Learn how to leverage cutting-edge technologies like AI, machine learning, and automation to enhance your cybersecurity defenses.
• Explore effective risk management strategies which give you visibility across your organization. 
• Understand the benefits and limits of approaches like Zero Trust in securing diverse IT environments
• How to a adopt modernised tooling and technology into your cybersecurity stack to defend against the most advanced threats.  
• Gain valuable insights from real-world examples and learn from the experiences of leading cybersecurity professionals.

How CISO's Can Survive and Thrive in a Complex Cyber Landscape

Join us for an insightful keynote session at our Cyber-Resillient CISO Virtual Summit, where industry leaders will delve into the latest trends, challenges, and innovations in the field of cybersecurity.

Afternoon Keynote - Cyber-Resillient CISO

In today's rapidly evolving threat landscape, CISOs must go beyond traditional security roles to become strategic partners who drive business resilience.
This panel discussion will delve into the essential behaviors and mindsets that empower CISOs to effectively influence leadership, position security as a value-adding proposition, and shift towards a resilience-based approach.
Key Takeaways:
• Learn proven techniques to build strong relationships with C-suite executives and board members.
• Discover strategies to align security initiatives with broader organizational goals.
• Explore the benefits of a holistic approach to security that prioritizes business continuity.
• Utilize metrics and analytics to inform decision-making and demonstrate the value of security investments.

Elevating Cybersecurity: A CISO's Guide to Influencing Leadership and Driving Business Resilience

Opening Keynote - Cyber-Resillient CISO

The DORA compliance deadline is here, transforming how banks and their software suppliers approach resilience, security, and software automation. Compliance is just the start—achieving long-term operational resilience requires strategic leadership and innovative solutions. 

This webinar will provide senior decision-makers with practical guidance to address post-compliance challenges, secure software supply chains and enhance business outcomes.
  
During this webinar you will: 

Discover how financial organizations can enhance their compliance frameworks using scalable software automation to meet DORA requirements and streamline operational processes.
Explore how software supply chain management solutions can bolster resilience, improve efficiency, and address the unique challenges of regulatory requirements. 
Gain insights from practical examples of organizations leveraging automation to optimize software supply chain management, driving resilience and sustained operational excellence. 
Join us to ensure your organization not only complies with DORA but builds a future-ready, automated foundation for resilience and success.

Enhancing Software Supply Chain Management: A DORA-Focused Approach

As AI becomes an integral part of organisational operations, the challenges of managing associated risks are growing exponentially. AI systems come with vulnerabilities and a wide range of software dependencies, making effective auditing essential for IT and compliance leaders. Recent updates, such as OWASP’s expanded Top 10 list of risks for large language models (LLMs) and generative AI (GenAI), underscore the urgency of addressing these risks.
This webinar will explore the evolving risk landscape of AI, focusing on key concerns such as ethics, compliance, and vulnerabilities, with a specific emphasis on European organisations. With the EU AI Act and other regional regulations shaping AI governance, businesses must adapt their compliance frameworks to meet these stringent requirements. Attendees will gain practical insights into auditing AI systems to ensure compliance, mitigate risks, and safeguard organisational integrity.
Led by industry experts, this session will provide strategies for evaluating AI-driven risks and implementing robust governance practices. Whether tackling algorithmic bias, data privacy challenges, or AI-linked cybersecurity threats, this webinar will equip you with tools and frameworks to thrive in a rapidly evolving regulatory landscape.
Key Takeaways
• Addressing Key AI Risks: Discover strategies for mitigating algorithmic bias, enhancing AI system transparency, and managing cybersecurity threats linked to AI
• Practical AI Risk Auditing Frameworks: Learn step-by-step approaches to auditing AI systems, ensuring alignment with industry standards and regulatory mandates
• Compliance Readiness for AI Regulations: Understand the implications of emerging regulations like the EU AI Act and how to prepare your organisation for compliance

Auditing AI Risk: Essential Strategies for IT & Compliance Leaders

Defense-grade cybersecurity solutions are specifically designed to provide advanced protection against sophisticated threats but there are many misunderstandings about this level of protection. 
Sectors like finance, healthcare and critical infrastructure can use battle hardened defense-grade cybersecurity to tackle today’s cyber threats.  
In this webinar, we uncover the truth behind common misconceptions about defense-grade cybersecurity. Demonstrating its relevance, affordability, adaptability and effectiveness for organizations beyond the military or government. 
We’ll tackle myths such as, “defense-grade cybersecurity can’t stop APTs”, “it’s only for the government” and “it’s too complex and difficult to deploy”. 
Providing insights into how modern defense-grade measures are accessible, scalable and essential for critical sectors. 
A panel of cybersecurity experts will also discuss real-world applications of defense-grade principles, explain how these solutions address today’s advanced threats. 
Attendees will leave with a clear understanding of defense-grade cybersecurity’s benefits and actionable guidance. 
By joining this webinar: 
• Attendees will learn how defense-grade principles are not limited to the military or government
• Discover how modern defense-grade solutions can be scalable and cost effective, allowing regulated industries and critical infrastructure access to advanced security measures
• Attendees will gain insights into how defense-grade cybersecurity has evolved, now featuring advanced tools, making it an agile, future-proof approach capable of seamless integration

Dispelling the Myths of Defense-Grade Cybersecurity

Cyber risks in critical energy sectors – including power, oil and gas, water, and renewables – have significantly increased in recent years due to the activity of nation-state actors and cybercriminal groups.
 
In particular, many of these sectors' Industrial Control System (ICS) devices are connected to the Internet and vulnerable to threats like unauthorized access, manipulation, and ransomware.

In this 30-minute webinar, a Censys expert will share new ICS exposure and trends as well as provide actionable defensive strategies such as continuous asset discovery and monitoring.

The session aims to give energy industry professionals the knowledge and tools they need to manage ICS risks in an increasingly connected world.

Join this webinar to learn:
• The current trends in internet-facing ICS device exposures
• How to gain visibility into different types of ICS exposures today
• Strategies to mitigate cyber risks in these devices

Navigating Exposures in Energy ICS Environments

Security analysts are overwhelmed by a never-ending stream of security events generated from across the network. 
Firewalls, Intrusion Detection Systems (IDS), servers, Identity Access Systems (IAS) all produce copious volumes of logs. Security tools distill these logs into vast numbers of actionable security alerts which security analysts must react and respond to. Their primary goal is to identify and detect malicious activity amidst this overwhelming volume of data. They struggle to keep up. 
Additionally, the costs associated with storing and managing events are significant and regulatory requirements around retention are introducing significant day to day costs for even small security operations.
In this 60-minute panel discussion, experts from Centripetal and peers, will discuss how the volume of alerts is crippling your security teams and how they can address these challenges. 
They will present an innovative approach to pre-empting the volume of threats, in turn safeguarding networks against evolving cyber-attacks and protecting your organization.
Join this session to:
• Explore insights into the sheer volume of alerts that security teams are contending with every day, including challenges, pain points, and future trends
• Discover actionable strategies to protect your organization from advanced cyber threats
• Learn about the economic and security benefits of threat intelligence-powered solutions like CleanINTERNET®

Alert Fatigue: What Are You and Your Security Teams Missing?

According to the Australian Signals Directorate, nearly half (47%) of Australians would stop buying from an organisation that experienced a data breach.
 
Even so, compliance with the Australian Privacy Act and Essential Eight is complex.   
 
But is non-compliance, and subsequent reputational damage, financial penalties and potential criminal charges worth the risk? 
 
As cyber security laws continue to evolve, maintaining a sustainable, fit-for-purpose cybersecurity programme is critical. 

Join this webinar to learn: 

· The Australian Privacy Act – current and upcoming cybersecurity compliance obligations
· Four solutions to overcome common cybersecurity compliance challenges 
· How to develop and maintain a fit-for-purpose cyber security programme, protect sensitive personal information and boost overall cyber security maturity

Mastering Australian Privacy Act and Essential EightWhile Improving Your Cybersecurity Posture

· With the upcoming Digital Operational Resilience Act (DORA) set to reshape risk management in financial services, understanding supply chain vulnerabilities is more crucial than ever. 
· 
· During this webinar ,Risk Ledger will provide valuable insights into how businesses can tackle concentration risk within their supply chain. 
· 
· Built on analysis from our latest whitepaper, the session will guide you through practical steps to identify critical supplier dependencies, mitigate risks, and strengthen your supply chain's operational resilience. 
· 
· Join us to learn how to proactively secure your operations against disruptions, align with regulatory expectations, and ensure compliance with DORA's stringent standards for third-party risk management.

By taking part in this webinar you will gain knowledge on: 
 · How to identify concentration risk in your supply chain, a critical component of DORA compliance.
 · Strategies to diversify supplier dependencies for enhanced resilience.
Best practices for building a secure, compliant supply chain in line with regulatory expectations.

Identifying Concentration Risk and Securing the Supply Chain

Companies in the finance and insurance industry can find out how to effectively manage their risks and those of third-party providers and protect their financial data from potential security threats.

This webinar focuses on the growing risks in the financial industry. The speakers will highlight proven strategies for protecting financial infrastructure, sensitive data and business continuity. They will emphasise the urgent need for action by citing recent studies on threat trends from compromised third-party providers, data theft, unpatched systems, outdated technology, data breaches and vulnerabilities.

Attendees will walk away with an understanding of how to use the Censys Internet Map to proactively identify and mitigate these risks, and how to respond to threats in an effective and DORA-compliant manner using modern cybersecurity solutions.

How to manage your risks and protect your financial data

So far in 2024, a raft of new cybersecurity regulations across the UK and EU have either come into force, will be in place shortly or are at the proposal stage. These include the updated Network and Information Security (NIS2) Directive in the EU and an updated Cyber Assessment Framework (CAF) in the UK, among others.
These are set to have a significant impact on the security posture of organizations of all sizes and industries across Europe, with the potential for major financial penalties for non-compliance in some instances.
In this webinar, a panel of experts will discuss the most significant regulatory changes in the world of cybersecurity that organizations must be aware of today. They will also set out how different organizations are impacted, and advise on the most effective approaches to achieving compliance.
Sign up for the webinar to learn:
• The major regulatory changes that have recently come into force or are due to shortly and their impact
• A look at regulation on the horizon, including the UK’s proposed Cybersecurity and Resilience Bill
• How to ensure your business is on top of the constantly evolving regulatory landscape

New Cyber Regulations: What it Means for UK and EU Businesses

Firewalls are a cornerstone of network security, but they're not sufficient to protect against today's sophisticated cyber threats.
Having a firewall may be the first step towards securing your network but they must be augmented by intelligence powered security solutions that work proactively to protect organizations from threats. 
 
In this 30-minute webinar, experts from Centripetal will discuss firewall effectiveness, identify fundamental failings and present innovative approaches to safeguarding networks against evolving cyber threats.
 
You will learn how to incorporate additional defensive layers to augment the capabilities of the firewall you already have.
Join this session to:
·       Explore insights into firewall capabilities, including challenges, pain points, and future trends
·       Discover actionable strategies to protect your organization from advanced cyber threats
·       Learn about the economic and security benefits of threat intelligence powered solutions like CleanINTERNET®

Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

Hybrid cloud environments will dominate IT infrastructure in the coming years, providing the flexibility and scalability that modern businesses need to stay competitive. Yet, as they transition to these environments, businesses face security challenges that outdated methods cannot address. 

The shift from on-premises to hybrid cloud requires a fundamental rethink of security strategies. Traditional perimeter-based defences no longer suffice in this new landscape. Instead, modern approaches like zero trust architecture and defence-in-depth have become essential. Embedding security into DevSecOps workflows is key to achieving robust protection without compromising agility.
In this 30-minute session, Red Hat experts will explore how organisations can empower their DevSecOps teams to meet these challenges head-on. With the right strategies, securing a hybrid cloud environment can be a catalyst for business growth and innovation.
Join us to learn:
How to address the unique challenges of hybrid cloud security in a rapidly evolving landscape
Why traditional perimeter-based security falls short and the need for modern approaches like zero trust
Expert insights on the benefits of implementing defence-in-depth, including micro-segmentation and continuous user validation
How Red Hat empowers DevSecOps teams and developers to secure hybrid cloud environments effectively

Securing Your Move to Hybrid Cloud Infrastructure

Generative AI technologies have huge potential in enhancing the capabilities of cyber defenders – from writing secure code to speeding up incident response.
In this session, we will focus on the practical application of generative AI in cybersecurity teams – looking at current real-world applications and hearing from security leaders who have implemented these tools to good effect.
The aim is to help security leaders understand the ways generative AI can help their teams today, improving efficiencies and reducing workloads. 
This webinar will highlight:
• The areas generative AI can have the most impact on cybersecurity operations
• The “noisy” generative AI cybersecurity marketplace, and how to find the solutions that are appropriate for your business needs
• How to deploy generative AI in security operations effectively, as well as safely

Deploying Generative AI in Security Teams, it’s Time for Action

Software vulnerabilities are one of the biggest cyber-threats to organizations, with a record number of vulnerability disclosures in 2023. Zero days are being actively exploited by sophisticated threat groups, as demonstrated by the Ivanti vulnerabilities that were discovered earlier this year.
The continuous process of applying fixes to vulnerabilities across all software stacks is an overwhelming task for many organizations. A new strategy is needed to make vulnerability management a sustainable and effective process.
A panel of experts will discuss best practice approaches for a modern vulnerability management program, tailored to business risk and prioritization. 
Sign up to hear:
• How threat actors target software vulnerabilities, and why this tactic is often so damaging
• Vulnerability management challenges across an increasingly complex tech stack
• How to create a sustainable software patch management program, tailored to business needs

Tackling Rising Software Vulnerabilities Sustainably

software security

cybersecurity

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Tackling Rising Software Vulnerabilities Sustainably

Presented by

About this talk

More from this channel