Webinars

Webinars

  • Did Your Adversary Write Your Open Source Code?

    We need to know who writes the Open Source code that is used to build critical applications. Today, engineers use pre-built components of software to accelerate software development. Every day, 20 million developers share and re-use open source software code. Open Source npm packages for Javascript code are used in all websites and most mobile apps. Open Source PyPI packages for Python code are used in almost all AI and Data Analysis system. Every day, continuous integration systems pull in the latest updates to this code. In mid March 2022, malicious code was added to a popular open-source package that is installed 3,292,333 times a week. The malicious code wiped files on computers located in Russia and Belarus. That's one for the good-guys. But the same line of attack can and will be directed at the West. We have to stop this. We need to know who writes the Open Source code. The Software Build of Materials(SBOM) needs to become a Verified Identity Software Build of Materials (VISBOM). Read More

  • GRC Transformation in Financial Services in a Post-Crisis Digital Age

    The aftermath of economic collapse a decade ago and the current pandemic of COVID-19 have brought in increasing corporate laws, business regulations, stringent guidelines and intransigent restrictions in the financial services sector in the U.S. and worldwide to maintain control over organizational governance, structure and standard practices. These calls for higher degree of corporate governance, operational transparency, higher performance, enhanced security, data privacy and increased capital requirements to thwart any major systemic risk and crisis of the future. This led to the renewed focus on the so-called ‘Governance, Risk Management and Compliance’ practice, also known as GRC. Therefore, organizations are under intense pressure one more time to transform their weak and fragmented GRC approach and controls to address a wide array of diverse and complex risks, build strong security, particularly cybersecurity posture, respond to the proliferation of regulatory obligations and demonstrate compliance excellence. Therefore, in this webinar, we closely examine and discuss the transformation of GRC in the financial services sector. You’ll learn: Drivers of GRC transformation Next-gen GRC framework Transformed GRC with 3 Lines of Defense How to reach the ideal GRC state? GRC maturity model Technology as enabler of GRC transformation Read More

  • Intelligent Information Capture between Fintechs & Traditional Banks

    While financial institutions started to automate and digitize more than a decade ago, end customer preferences for digitization of services and communication changed faster than offers. This created an opportunity that FinTechs embraced and pressure for traditional banks to remain relevant. The automation of mission critical business transactions is critical for the digital transformation of financial institutions and mandatory for meeting requirements for security and compliance. Tune in to hear: How Intelligent Information Capture evolved in parallel with the automation of payment processes How market requirements for Financial Institutions will change in 2022 Which Information Capture solutions are critical to meet the changing needs What Financial Institutions need to prioritize on their Digital Transformation journey Read More

  • Ransomware and BEC in the Cyber Threat Landscape

    Colonial Pipeline. CNA Financial. Quanta. Even the NBA. Hardly a week goes by without a ransomware story hitting the news, as organizations worldwide are targeted by an attack. But are there more dangerous threats out there? In this webinar, hear Crane Hassold, Director of Threat Intelligence at Abnormal Security, discuss the real threats in today’s landscape, and why ransomware is only one of your concerns. With full insight into the past, present, and future of the threat landscape, this webinar will provide you everything you need to understand what could be targeting your organization. Watch this on-demand webinar to learn: - How has the cyber threat landscape changed over the past decade? - What drives threat actors to change their methods and tactics? - Why should stopping business email compromise be at the top of your priority list? - And what will change as new regulations are put in place? After viewing this webinar, you are eligible for 1 CPE credit through (ISC)². Read More

  • Maturity Through Metrics

    Reporting only at the technical level in Information Technology only impedes ITSM success. The goal is to drive business performance, growth, and sustainability through technology. To begin, you need to understand the current ITSM environment that manages the technology performance. Once this is understood, set the intentions to mature business performance through the use of metrics. In this webinar, I'll cover ITSM metrics and the essential business maturity metrics that provide a well rounded outlet to measure ITSM and its impact or influence to business performance. - IT as a strategic business unit - Business Maturity metrics provide the business perspective - Maturity Metrics bundle for ITSM and business performance Read More

  • Simulated Phishing — Two Years of Near Misses

    Simulated Phishing programs are hard to build, easy to destroy, and labor intensive. Tune in as Ms. Epps will present lessons learned from two years of enterprise simulated phishing in the Duke Academic Medical Center including: • Documentation, executive support, staffing, platform selection and pilot testing. • Phish template tips, entity and user engagement, phish reporting. • Safe-listing and working efficiently with your mail and security teams. • Metrics, program maturity and gamification. • How you know you’re doing it right (or wrong). • Taking it beyond phishing. Read More

  • What cyber-bullying initiatives can teach companies about protecting employees

    This study explores collegiate eSports student-athletes’ and administrators’ perceptions of student safety/cyberbullying within higher education while also highlighting the correlation to traditional business initiatives and the protection of employees. Specifically it outlines cyber safety, from the lens of minorities, and documents the thoughts of participants who compete, discerning the impact cyber safety has had on their lives. Tactical suggestions for increasing cyber safety and overcoming common cyber threats that may impact individuals and communities of color will also be discussed. Read More

  • Ransomware Trends in 2022

    Let’s face it, cyberattacks such as ransomware are becoming more common and more complex. The coming 12 months will bring increasingly aggressive cybercrime activities as malicious actors continue to pivot their ransomware attacks from data encryption to data exfiltration The question to you is this: are you doing everything you can to protect your organization from a ransomware outbreak? Join our session to know the trends in Ransomware in 2022 and to know how to ensure you’re prepared and ready to respond to any ransomware scenario Read More

  • New Trends in Cyber Incident Response and Forensics

    Cybercrime has evolved rapidly, and we all need up-to-date response techniques to match. Today's adversaries are targeting suppliers, while leveraging zero-day vulnerabilities and malware-free attacks to evade detection. At the same time, remote work capabilities and the shift to the cloud have greatly increased the attack surface. How should you respond to modern cybersecurity incidents? More importantly, how can you detect evidence of an intrusion early enough to minimize or prevent damage? In this talk, we will highlight: * New response trends and the changing threat landscape. * Supply-chain incidents such SolarWinds. * Mass zero-day exploits, such as Log4j. * Malware-free attacks and detection strategies. * Incident notification trends. Join us and get practical strategies for adapting your incident response best practices to reflect today’s increasingly interconnected threat landscape. Read More

  • Assembling the Russian Stacking Doll: UNC2452 Merged into APT29

    Mandiant gathered sufficient evidence to assess that UNC2452, the group responsible for the 2020 SolarWinds supply chain compromise, is attributable to APT29, a Russia-based espionage actor assessed to be sponsored by the Russian Foreign Intelligence Service (SVR). This webinar provides awareness and additional insights on the evolution of APT29's operational and behavioral tactics, techniques, and procedures (TTPs). Read More