Name: Fireside Chat: Implementing NIST's Post-Quantum Cryptographic Standards
Start: 2024-09-11T16:00:00Z
End: 2024-09-11T16:00:30.000Z
Location: BrightTALK
Rating: 4.6

Dedicated to serving the information security community, in person, in print and online.

Cyber risks in critical energy sectors – including power, oil and gas, water, and renewables – have significantly increased in recent years due to the activity of nation-state actors and cybercriminal groups.
 
In particular, many of these sectors' Industrial Control System (ICS) devices are connected to the Internet and vulnerable to threats like unauthorized access, manipulation, and ransomware.

In this 30-minute webinar, a Censys expert will share new ICS exposure and trends as well as provide actionable defensive strategies such as continuous asset discovery and monitoring.

The session aims to give energy industry professionals the knowledge and tools they need to manage ICS risks in an increasingly connected world.

Join this webinar to learn:
• The current trends in internet-facing ICS device exposures
• How to gain visibility into different types of ICS exposures today
• Strategies to mitigate cyber risks in these devices

Navigating Exposures in Energy ICS Environments

Security analysts are overwhelmed by a never-ending stream of security events generated from across the network. 
Firewalls, Intrusion Detection Systems (IDS), servers, Identity Access Systems (IAS) all produce copious volumes of logs. Security tools distill these logs into vast numbers of actionable security alerts which security analysts must react and respond to. Their primary goal is to identify and detect malicious activity amidst this overwhelming volume of data. They struggle to keep up. 
Additionally, the costs associated with storing and managing events are significant and regulatory requirements around retention are introducing significant day to day costs for even small security operations.
In this 60-minute panel discussion, experts from Centripetal and peers, will discuss how the volume of alerts is crippling your security teams and how they can address these challenges. 
They will present an innovative approach to pre-empting the volume of threats, in turn safeguarding networks against evolving cyber-attacks and protecting your organization.
Join this session to:
• Explore insights into the sheer volume of alerts that security teams are contending with every day, including challenges, pain points, and future trends
• Discover actionable strategies to protect your organization from advanced cyber threats
• Learn about the economic and security benefits of threat intelligence-powered solutions like CleanINTERNET®

Alert Fatigue: What Are You and Your Security Teams Missing?

Defense-grade cybersecurity solutions are specifically designed to provide advanced protection against sophisticated threats but there are many misunderstandings about this level of protection. 
Sectors like finance, healthcare and critical infrastructure can use battle hardened defense-grade cybersecurity to tackle today’s cyber threats.  
In this webinar, we uncover the truth behind common misconceptions about defense-grade cybersecurity. Demonstrating its relevance, affordability, adaptability and effectiveness for organizations beyond the military or government. 
We’ll tackle myths such as, “defense-grade cybersecurity can’t stop APTs”, “it’s only for the government” and “it’s too complex and difficult to deploy”. 
Providing insights into how modern defense-grade measures are accessible, scalable and essential for critical sectors. 
A panel of cybersecurity experts will also discuss real-world applications of defense-grade principles, explain how these solutions address today’s advanced threats. 
Attendees will leave with a clear understanding of defense-grade cybersecurity’s benefits and actionable guidance. 
By joining this webinar: 
• Attendees will learn how defense-grade principles are not limited to the military or government
• Discover how modern defense-grade solutions can be scalable and cost effective, allowing regulated industries and critical infrastructure access to advanced security measures
• Attendees will gain insights into how defense-grade cybersecurity has evolved, now featuring advanced tools, making it an agile, future-proof approach capable of seamless integration

Dispelling the Myths of Defense-Grade Cybersecurity

According to the Australian Signals Directorate, nearly half (47%) of Australians would stop buying from an organisation that experienced a data breach.
 
Even so, compliance with the Australian Privacy Act and Essential Eight is complex.   
 
But is non-compliance, and subsequent reputational damage, financial penalties and potential criminal charges worth the risk? 
 
As cyber security laws continue to evolve, maintaining a sustainable, fit-for-purpose cybersecurity programme is critical. 

Join this webinar to learn: 

· The Australian Privacy Act – current and upcoming cybersecurity compliance obligations
· Four solutions to overcome common cybersecurity compliance challenges 
· How to develop and maintain a fit-for-purpose cyber security programme, protect sensitive personal information and boost overall cyber security maturity

Mastering Australian Privacy Act and Essential EightWhile Improving Your Cybersecurity Posture

· With the upcoming Digital Operational Resilience Act (DORA) set to reshape risk management in financial services, understanding supply chain vulnerabilities is more crucial than ever. 
· 
· During this webinar ,Risk Ledger will provide valuable insights into how businesses can tackle concentration risk within their supply chain. 
· 
· Built on analysis from our latest whitepaper, the session will guide you through practical steps to identify critical supplier dependencies, mitigate risks, and strengthen your supply chain's operational resilience. 
· 
· Join us to learn how to proactively secure your operations against disruptions, align with regulatory expectations, and ensure compliance with DORA's stringent standards for third-party risk management.

By taking part in this webinar you will gain knowledge on: 
 · How to identify concentration risk in your supply chain, a critical component of DORA compliance.
 · Strategies to diversify supplier dependencies for enhanced resilience.
Best practices for building a secure, compliant supply chain in line with regulatory expectations.

Identifying Concentration Risk and Securing the Supply Chain

Companies in the finance and insurance industry can find out how to effectively manage their risks and those of third-party providers and protect their financial data from potential security threats.

This webinar focuses on the growing risks in the financial industry. The speakers will highlight proven strategies for protecting financial infrastructure, sensitive data and business continuity. They will emphasise the urgent need for action by citing recent studies on threat trends from compromised third-party providers, data theft, unpatched systems, outdated technology, data breaches and vulnerabilities.

Attendees will walk away with an understanding of how to use the Censys Internet Map to proactively identify and mitigate these risks, and how to respond to threats in an effective and DORA-compliant manner using modern cybersecurity solutions.

How to manage your risks and protect your financial data

So far in 2024, a raft of new cybersecurity regulations across the UK and EU have either come into force, will be in place shortly or are at the proposal stage. These include the updated Network and Information Security (NIS2) Directive in the EU and an updated Cyber Assessment Framework (CAF) in the UK, among others.
These are set to have a significant impact on the security posture of organizations of all sizes and industries across Europe, with the potential for major financial penalties for non-compliance in some instances.
In this webinar, a panel of experts will discuss the most significant regulatory changes in the world of cybersecurity that organizations must be aware of today. They will also set out how different organizations are impacted, and advise on the most effective approaches to achieving compliance.
Sign up for the webinar to learn:
• The major regulatory changes that have recently come into force or are due to shortly and their impact
• A look at regulation on the horizon, including the UK’s proposed Cybersecurity and Resilience Bill
• How to ensure your business is on top of the constantly evolving regulatory landscape

New Cyber Regulations: What it Means for UK and EU Businesses

Firewalls are a cornerstone of network security, but they're not sufficient to protect against today's sophisticated cyber threats.
Having a firewall may be the first step towards securing your network but they must be augmented by intelligence powered security solutions that work proactively to protect organizations from threats. 
 
In this 30-minute webinar, experts from Centripetal will discuss firewall effectiveness, identify fundamental failings and present innovative approaches to safeguarding networks against evolving cyber threats.
 
You will learn how to incorporate additional defensive layers to augment the capabilities of the firewall you already have.
Join this session to:
·       Explore insights into firewall capabilities, including challenges, pain points, and future trends
·       Discover actionable strategies to protect your organization from advanced cyber threats
·       Learn about the economic and security benefits of threat intelligence powered solutions like CleanINTERNET®

Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

Hybrid cloud environments will dominate IT infrastructure in the coming years, providing the flexibility and scalability that modern businesses need to stay competitive. Yet, as they transition to these environments, businesses face security challenges that outdated methods cannot address. 

The shift from on-premises to hybrid cloud requires a fundamental rethink of security strategies. Traditional perimeter-based defences no longer suffice in this new landscape. Instead, modern approaches like zero trust architecture and defence-in-depth have become essential. Embedding security into DevSecOps workflows is key to achieving robust protection without compromising agility.
In this 30-minute session, Red Hat experts will explore how organisations can empower their DevSecOps teams to meet these challenges head-on. With the right strategies, securing a hybrid cloud environment can be a catalyst for business growth and innovation.
Join us to learn:
How to address the unique challenges of hybrid cloud security in a rapidly evolving landscape
Why traditional perimeter-based security falls short and the need for modern approaches like zero trust
Expert insights on the benefits of implementing defence-in-depth, including micro-segmentation and continuous user validation
How Red Hat empowers DevSecOps teams and developers to secure hybrid cloud environments effectively

Securing Your Move to Hybrid Cloud Infrastructure

Generative AI technologies have huge potential in enhancing the capabilities of cyber defenders – from writing secure code to speeding up incident response.
In this session, we will focus on the practical application of generative AI in cybersecurity teams – looking at current real-world applications and hearing from security leaders who have implemented these tools to good effect.
The aim is to help security leaders understand the ways generative AI can help their teams today, improving efficiencies and reducing workloads. 
This webinar will highlight:
• The areas generative AI can have the most impact on cybersecurity operations
• The “noisy” generative AI cybersecurity marketplace, and how to find the solutions that are appropriate for your business needs
• How to deploy generative AI in security operations effectively, as well as safely

Deploying Generative AI in Security Teams, it’s Time for Action

Insider threat incidents are on the rise, recently a North Korean hacker targeted cybersecurity firm KnowBe4 by posing as a fake IT worker.
In this case, an AI ‘enhanced’ image was used on the application in order to fool the hiring managers and despite video conference calls being conducted the worker was hired.
This is just one example of a growing trend in threat actors using AI and other sophisticated methods to infiltrate organizations.
However, we know that defenders can use AI tools to support their efforts in tackling insider threats, including for behavioral analysis.
It is critical that organizations recognize and act on internal threats, as well as the risks posed by external actors.
This session will focus on:
• The latest trends in insider threat incidents, and how AI is being leveraged to make these intruders more sophisticated
• The challenges organizations face in an environment where there is a lack of any formalized framework for discussing insider threat
• What tools and processes can help identify potential insider threat actors early
• How to appropriately address suspicious behavior and create an environment that is less conducive to insider threat incidents occurring

Defending Against AI-Driven Insider Threats: Best Practices and Strategies

Software vulnerabilities are one of the biggest cyber-threats to organizations, with a record number of vulnerability disclosures in 2023. Zero days are being actively exploited by sophisticated threat groups, as demonstrated by the Ivanti vulnerabilities that were discovered earlier this year.
The continuous process of applying fixes to vulnerabilities across all software stacks is an overwhelming task for many organizations. A new strategy is needed to make vulnerability management a sustainable and effective process.
A panel of experts will discuss best practice approaches for a modern vulnerability management program, tailored to business risk and prioritization. 
Sign up to hear:
• How threat actors target software vulnerabilities, and why this tactic is often so damaging
• Vulnerability management challenges across an increasingly complex tech stack
• How to create a sustainable software patch management program, tailored to business needs

Tackling Rising Software Vulnerabilities Sustainably

Public schools face unique cybersecurity challenges, holding complex tech environments and managing the sensitive data and educational needs of hundreds, sometimes thousands of students.
The difficulty of protecting this environment has led to US public schools being a top target for ransomware attackers in recent years.
In this keynote session, Charles Britt, CEO of Startfield, will discuss how to develop an effective cybersecurity strategy in the K-12 school system, in which security leaders must manage public funds and navigate a myriad of data protection regulations.
These lessons and principles can be utilized in other industries, as they navigate rising cyber-threats.
Join this session to learn:
How to effectively communicate data privacy laws and regulations in public schools
Developing enterprise policies within a complex educational environment
Working with organizational leaders to managing cyber-risks with public sector budget and resources

The K-12 Conundrum: Mitigating Risk from the Classroom to the C-Suite

Cyber threat actors are well-known for their ability to adapt, continuously finding novel ways to target organizations in the face of ever-improving defenses. One example of this is the practice of stealing data and threatening to publish as well as encrypting it during ransomware attacks, amid improved backup capabilities.
From combining DDoS with ransomware, to finding alternative initial access techniques, it can feel like a near impossible challenge for defenders to stay up-to-date with cybercriminals and adapt their security posture accordingly.
In this session, a panel of threat intelligence experts will highlight novel tactics being employed by threat actors so far in 2024, and discuss the areas cybersecurity teams should be prioritizing their resources on.
Join this session to learn:
• New approaches used by threat actors in 2024, including in launch DDoS and ransomware attacks
• Changes in initial access techniques and technologies utilized, and why these shifts have occurred
• The areas cybersecurity teams should be prioritizing their defenses towards in the face of these trends

Keeping up with the Attackers: Reviewing the Latest Threat Techniques

The Jersey Cyber Security Centre (JCSC) has emerged as a vital pillar in safeguarding the digital landscape of the Channel Island. Led by Matt Palmer, the JCSC has played a pivotal role in establishing a Computer Emergency Response Team (CERT) to address the growing cybersecurity threats faced by the region.
Join us for a fireside chat with Matt Palmer, where we delve into the journey that led to the creation of the JCSC. Discover the challenges and opportunities that drove the initiative and the significant impact it has had on enhancing cybersecurity in Jersey.
Learn about the JCSC's core missions and the critical tasks undertaken by its team. Gain insights into how the CERT provides essential services to businesses and organizations, helping them mitigate risks and respond effectively to cyber incidents.
We’ll also discuss the geopolitical and regulatory challenges faced by organizations in Jersey and how the JCSC is working to address these issues.
Join us to:
• Discover the origin story and impact of JCSC on the Channel Island’s cyber resilience
• Learn how businesses can collaborate with a CERT to enhance their cybersecurity
• Explore the challenges and opportunities presented by the evolving geopolitical and regulatory landscape

Fireside Chat: A CERT Insider's Look on Building Jersey's Cyber Resilience

The belief that cybercriminals only target large businesses has been widely disproven in the past few years. For example, research from Sage found that around half of small and medium enterprises (SMEs) experienced at least one cyber incident in 2023.
SMEs hold highly valuable data and are viewed as a soft target by cybercriminals due to the limited resources they are often able to put into their cybersecurity posture. This is an issue that has been exacerbated by the current financial crisis, with cybersecurity spending expected to be slashed in 41% of SMEs in 2024 according to JumpCloud research.
During this panel, we will highlight how SMEs are being targeted by threat actors, and how IT teams in these organizations can utilize their limited resources most effectively, as well as fight for additional support from business leaders.
• The latest cyber-attack trends relating to SMEs, including how and why attackers are targeting these firms
• The unique security challenges faced by SMEs, such as limited expertise and resources
• How SME IT teams can utilize their limited resources more effectively, and where to look for outsource expertise

Cybersecurity on a Budget: How SMEs Can Stay Safe Amid Rising Attacks

CISOs face unprecedented challenges in building and maintaining an effective cybersecurity team. Organizations are experiencing rising attacks across increasingly complex and interconnected IT estates.
On top of this is the widely discussed cyber skills gap, meaning many security teams are understaffed. This in turn is leading to stress and burnout among cyber professionals, with many considering leaving the sector.
An expert panel will discuss innovative approaches CISOs can take to build, nurture and retain an effective cybersecurity team in this environment, encouraging novel approaches to motivation and progression opportunities.
This session will highlight:
• The challenges faced by security leaders in building and developing an effective cybersecurity team
• Providing development opportunities and other strategies to retain cybersecurity professionals for longer
• How new technologies, such as AI, can be utilized effectively to positively impact cybersecurity roles

CISO Management 101: Nurturing an Effective Cybersecurity Team

In August 2024, the US National Institute of Standards & Technology (NIST) formalized the world’s first post-quantum cryptography standards, paving the way for arguably the biggest ever cybersecurity transition.
The new standards provide organizations with a framework to transition to quantum-secure encryption before quantum computers are capable of breaking existing encryption algorithms, which would leave all digital information vulnerable.
This phenomenon, known as Q-Day, could occur in the next 5-10 years, according to experts. 
In this 30-minute fireside chat, NIST mathematician Dustin Moody will explain the new standards and advise organizations on how to safely transition to quantum-safe cryptographic algorithms as soon as possible.
Join this session to learn:
• The threat posed by future quantum developments, and why this issue is relevant today
• How the new NIST standards will help protect digitally-stored data from quantum-enabled attacks
• How to develop a roadmap to safely transition to quantum-secure cryptography

Fireside Chat: Implementing NIST's Post-Quantum Cryptographic Standards

cybersecurity

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Fireside Chat: Implementing NIST's Post-Quantum Cryptographic Standards

Presented by

About this talk

More from this channel