T.E.N. Knowledge Base

ISE® Central 2017

Attivo Networks’ high- delity deception platform aims to fool attackers  > Download Whitepaper
Attivo Networks’ ThreatMatrix deception-based defense platform is designed to engage and fool attackers, thus providing security analysts with opportunities for real-time intelligence, as well as an automated means of shutting down an attack. Over the course of this year, Attivo and deception technologies have seen a signi cant bump up in market pro le, as organizations seek early and ef- cient means to detect advanced threats. Attivo’s platform, in particular, touches on several use-case categories, including detection, vulnerability management and analysis, controls and automation, and anti-malware.



RANSOMWARE: ATTACK TRENDS, PREVENTION, AND RESPONSE
 > Download Whitepaper
For the past decade, hackers motivated by financial gain – as opposed to those focused on stealing specific intellectual property or acting for political reasons – turned to banker Trojans as their primary approach. But, the tide has shifted. Banker Trojans have been eclipsed by ransomware as the preferred weapon of hackers everywhere, and in recent months, security incidents attributable to ransomware have been seen at an alarming rate in businesses and government organizations.



Ransomware Prevention Is Possible: Fighting Today’s Bountiful Cornucopia of Extortive Threats
 > Download Whitepaper
Australian cybersecurity headlines paint quite a frightening picture. Viruses are being called ‘unbreakable’ and Australia is being called the land of opportunity for attackers. Attack volumes are up over 100% each year and tens of millions of dollars are flowing to overseas bank accounts as ransomware victims try to buy their way out of security breaches.



Enterprise Phishing Susceptibility and Resiliency Report  > Download Whitepaper
Welcome to PhishMe’s 2016 Enterprise Phishing Susceptibility and Resiliency report. The report we published in 2015 focused solely on susceptibility, only telling half of the story. Now, with over 5 million active installations of PhishMe ReporterTM across the globe, we can publish statistically significant metrics about the rate and accuracy of humans reporting phishing emails. We are excited to share this data as it has been missing from phishing studies in the past. Armed with this new data, we hope that security organizations focus their attention on the ratio of Report-To-Click instead of dwelling on susceptibility metrics.



Mignona Cote

Mignona Cote
CISO PayFlex; CISO Phoenix Data Services; SR Director Information Security
Aetna
ISE® Central People's Choice Award Winner 2017
ISE® Central Executive Award Winner Finalist 2017

Biography

Jeannette Rosario

Jeannette Rosario
Director, Global Security
Aetna
Biography

Balancing the Security Scales: Managing Subsidiaries with Distinctively Different DNA  > Download Presentation
As daunting as securing a Fortune 50 company, adding 14 independently subsidiaries to the mix, stretches leadership and innovation. Resiliency to market demands, continuous change in threats and 14 completely different companies ranging from financial services, international markets and consumer healthcare forces the Global Security Officer to manage each security program uniquely while leveraging core Aetna techniques and solutions. At Aetna, a model was developed to identify risks, measure maturity and implement solutions maintaining the unique DNA of each company while assuring the security as they operate within the boutique styles required for competitive advantage and speed to market. Join our conversation to learn how the Aetna team developed a revolutionary way of measuring controls against one baseline that turns into 15 unique sets of operational security programs with integration into 14 security technologies.


Katie Kolon

Katie Kolon
Executive Assistant to the CISO
Cook County Department of Homeland Security and Emergency Management
Biography

Ricardo Lafosse

Ricardo Lafosse
CISO
Cook County Department of Homeland Security and Emergency Management
Biography

Strengthening the Cybersecurity Landscape  > Download Presentation
The Cook County Department of Homeland Security and Emergency Management, Information Security Office set out to provide a mechanism for a stronger, collaborative front against malware, distributed denials of service, Ransomware and other cybercrime especially for municipalities and communities with limited resources. Additionally, the team needed to create an effective threat notification service that formats alerts that are actionable for security specialists yet are easily understandable for city and county analysts. The Cook County Cyber Threat Intelligence Grid (CCCTIG) integrates with existing infrastructure but allows for sharing with external entities in a secure manner and provides a security solution for smaller communities that cannot always afford the cost of other cybersecurity solutions. Join our conversation to learn how the CCCTIG was able to provide participating municipalities with access to a secure platform which shares a wealth of cyber-threat intelligence which includes bad actors, malicious campaigns and security incidents.


Marcia Peters

Marcia Peters
SVP, Information Security Governance, Risk, and Compliance
US Bank
Biography

Risk vs. Reward: Strengthening and Maturing Information Security Processes and Controls  > Download Presentation
U.S. Bank’s Process Alignment and Risk Management Enhancements (PARE) project sought to mature their information security program and create a more robust control set. The project started with a pilot of high risk information security processes in which the U.S. Bank team identified the need to be more granular at the process level and the need to work hand in hand with the oversight teams. The objective of the PARE project was to document information security processes, risks, and controls and align to the National Institute of Standards and Technology’s Cybersecurity Framework (NIST CSF). Join our conversation to learn how the U.S. Bank Team was able to develop a method for tying controls to inherent risk, thereby achieving an acceptable level of residual risk which allows their peer organizations to generate cost savings, increase resource productivity and enhance information security processes and procedures.