T.E.N. Knowledge Base

ISE® Central 2018

Attivo Networks - ThreatDefend  > Download Whitepaper
We had intended to include Attivo Networks’ ThreatDefendTM Detection and Response Platform in our deception networks group but after looking pretty closely at it we decided that it is quite a bit more than a deception grid. It is true, of course, that this system includes BOTsink, a deception tool that is both effective and well-known. But BOT- sink is just part of the story. This is a full-fea- tured incident response system.



Protecting Against Data Breaches  > Download Whitepaper
We have entered an era where massive data breaches are a regular occurrence. Not surprisingly, protecting against breaches has become a top priority for modern businesses. Breaches continue to occur in spite of our best efforts; increased spending, long hours and constant vigilance. The fight is made harder due to escalating technological and landscape realities.



Everything visible. Everything secure.  > Download Whitepaper
Unparalleled 2-second visibility across all of your global IT assets – on premises, endpoints and Private or Public Clouds



Application Security Operations Center (ASOC)  > Download Whitepaper
Saltworks takes a holistic approach to application security, working with our customers to integrate appropriate security measures into the Software Development Lifecycle (SDLC) to ensure that applications are secure and delivered on time and within budget. The need to integrate application security into the SDLC is even more important with the shift to Agile and DevOps approaches to development and delivery. If security isn’t fully integrated security will slip or time lines will be missed.



Next Generation SOC - Challenges Facing the Modern SOC  > Download Whitepaper
The industry has reached an inflection point. Despite the fact that security has become a major focus of the IT agenda; despite significant deployments of detection and prevention tools; despite the reality that the average medium to large size companies now spend upwards of $15 million annually on security, the war on cybercrime seems to be an impossible one. Attacks keep increasing in prevalence and intensity, growing at a compound annual growth rate of 60 percent.



GDPR Compliance with CloudSOC/CASB 2.0  > Download Whitepaper
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a new set of rules by which the European Union (EU) intends to standardize data protection requirements for all personal data for individuals within its borders. It also addresses the export of personal data outside the EU. GDPR will become enforceable as of May 25, 2018.



Employee Benefits Organization Reduces Phishing Susceptibility by More Than 89%  > Download Whitepaper
In early 2015, a retirement benefits organization for public employees in the western United States was researching options for security awareness training. As part of that process, the association wanted more insight into its level of phishing susceptibility. “That is when we first engaged with Wombat Security,” said the organization’s IT systems manager. “They were able to perform a proof of concept [POC] for us, which came with our cyber liability policy.” But these assessments were just the start of the association’s focus on cybersecurity. Ultimately, the IT team was tasked with developing and delivering a comprehensive, organization-wide security awareness and training program



Hoppe_Kristin

Kristin Hoppe
SR. Application Analyst/Programmer
Parkland Health & Hospital System

Kai Kert

Kai Kert
IT Security Architect Manager
Parkland Health & Hospital System

A Three Phase Approach to Improving 3rd Party Risk Management  > Download Presentation
Parkland Health & Hospital System contracts with more than 248 vendors for on-site, hosted and hybrid cloud solutions. To ensure adequate security controls are in place and risk is properly documented and managed, the Parkland team developed a 3-phase risk analysis approach to vetting, approving and managing vendors before and after the onboarding of new IT solutions. Join our conversation as the Parkland Team shares how they were able to improve their security posture and awareness of security requirements across projects, as well as reduce vendor risk exposure.


Nicole Darden Ford

Nicole Darden Ford
Vice President, IT – Global Information Security & Chief Information Security Officer
Baxter International
ISE® Central Executive Award Finalist 2018
Biography

Passing the Baton – The Role of CISOs as Cybersecurity Culture Creators  > Download Presentation
Like the starting runner in a race, the CISO sets the pace for greater security awareness across the organization. Time is of the essence to run ahead of cyberthreats. The CISO’s role is to ensure cybersecurity is embedded across the organization. The CISO’s leadership – endurance training, knowledge and experience – will help engage and motivate every team member to play their part. Learn what the CISO role can do to make cybersecurity a global effort and create a true cybersecurity culture.

Michael Madero

Michael Madero
Manager, Security Architecture
HMS

Faster, Efficient, and More Secure with Cloud  > Download Presentation
HMS felt it was imperative that they look for new and efficient ways to meet market demand by leveraging a cloud-first adoption strategy. The objective of their Secure Cloud Infrastructure project was to create an environment that could support highly sensitive data and meet HMS' high security standards while complying with government and commercial compliance frameworks. The successful implementation of this project has allowed them to make fast and consistent application deployments that leverage cross-platform single sign-on technology. Join our conversation as the HMS team shares how they were able to take advantage of faster development and deployment patterns without giving up the visibility required to deliver on their regulatory and contractual security obligations.

figurski_sandy

Sandy Figurski
SVP and Chief Information Officer
Horace Mann
Biography

Sponsored by:

Evolving the SOC through Security Orchestration  > Summary
Security teams not only face an ever-expanding threat landscape, but they also contend with a variety of operational challenges. Proliferation of disparate security tools. Staffing shortages. Lack of documented, repeatable processes. The result is that nearly half of daily security alerts go uninvestigated. Security orchestration platforms can act as the catalyst for significant improvement in day-to-day security operations and in creating internal consistency between NOCs and SOCs. Because of the centralized approach and consolidated view security orchestration solutions deliver, security teams are enabled to become more efficient and effective while using fewer interfaces, improving reporting and executing highly consistent, repeatable processes.


Kevin Dunn

Kevin Dunn
SVP & Chief Information Officer
U.S. Retirement and Benefits Partners
Biography

Gone Phishing: Securing the Enterprise from Social Engineering Attacks  > Summary
Social media, a digital medium that is rooted in sharing personal and professional data, continues to be a favorite target for cyber-criminals because it offers a virtual treasure trove of readily accessible information. The very nature of how information is shared via social media goes against many longstanding core information security principals. Businesses of all shapes and sizes can be targets of social media engineering and phishing attacks. While phishing itself is an incredibly well-known attack technique, it still continues to be a major security issues for many organizations. Symantec’s 2017 Internet Security Threat Report found that Business Email Compromise (BEC) scams, relying on spear-phishing emails, targeted over 400 businesses every day, draining $3 billion over the last three years. While it’s critical for security teams to keep up to date on current social engineering and phishing attacks, what else needs to be done to ensure the enterprise at large is aware of the dangers and pitfalls of these kinds of attacks?


Alex Nehlebaeff

Alex Nehlebaeff
Corporate Information Security Manager/CISO
Harley-Davidson Financial Services, Inc.
Biography

Outsourcing Cybercrime: Combatting Ransomware as a Service  > Summary
Ransomware is certainly nothing new in the cybersecurity business, with the first instances having appeared more than a decade ago. However, this old threat has undergone some deadly changes over the last few years. The rise of the Ransomware as a Service (RaaS) distribution model gives would-be cybercriminals the means to launch a cyber-extortion business with virtually no technical expertise required, flooding the market with new ransomware strains in the process. 2017 saw an influx of potent and damaging RaaS attacks like Petya and WannaCry, both of which showed the attack model’s devastating potential to spread quickly and cause serious damage. As the use of RaaS continues to grow, Information Security executives and their security teams need to take new precautions in order to combat this new form of a familiar threat.


Van Nguyen

Van Nguyen
Director, Information Security
Federal Reserve System

The Increasing Impact of Insider Threats  > Summary
Insider threats continue to be one of the top cyber security threats and have proven that they are a force to be reckoned with. According to a 2017 Insider Threat Report, 53% of companies estimate remediation costs of $100,000 and more, with 12% estimating a cost of more than $1 million. The same report suggests that 74% of companies feel that they are vulnerable to insider threats, with 7% reporting extreme vulnerability. Every company will face an insider-related breach sooner or later regardless of whether it will be caused by a malicious action or an honest mistake. As costs related to insider threats continue to grow, what can Information Security Executives and their security teams do to combat this all too familiar foe?