ISE® Central 2014
Seven Key Features to Help You Stop Advanced Evasion Techniques at the Firewall > Download Whitepaper
Computer networks are built to facilitate the flow of communication, not stop it. Unfortunately, data packets can be manipulated to look normal yet contain an exploit. These techniques evade standard security measures and, in most cases, can deliver a malicious payload without detection. Often, these advanced evasion techniques (AETs) take advantage of rarely used protocol properties in unexpected combinations. Most network security devices are not capable of detecting them. While many pass industry tests with high ratings, those ratings are based on protection against a limited number of threats. The exact number of AETs is unknown, but it is close to hundreds of millions.
Advanced Persistant Threats > Download Whitepaper
These days having an identity and access management solution is a must. Businesses cannot operate without knowing who their employees are and granting appropriate access. However, this begs the question: are you sure the user credentials used to access your systems are being used by the correct individual?
Accenture and Symantec Information Protection Solution > Download Whitepaper
Continually evolving security threats can change an organization’s security posture from healthy to critical in seconds. To enable meaningful insight into the status of technology assets, data and infrastructure, enterprises need an end-to-end information protection solution that provides visibility into the security stack—and detection and resolution mechanisms to help manage and maintain security across the enterprise.
Cyber Preppers Guide > Download Whitepaper
There is a tectonic shift in cybersecurity underway right now. Sophisticated malware is reshaping the threat landscape, laying waste to yesterday’s security best practices and raiding corporate and government networks with impunity. Become a Cyber Prepper and join ThreatTrack Security in the fight against Advanced Persistent Threats (APTs), targeted attacks and all the other sophisticated malware that easily evades your traditional cyber defenses. This Cyber Preppers Guide will open your eyes to the new cyber reality and empower you to once again take control of your cybersecurity.
20 CRITICAL QUESTIONS YOUR SECURITY PROGRAMS MUST ANSWER > Download Whitepaper
The secret is to be prepared. But with so many threats from so many sources, how can you be confident you’ve done everything within reason you can to keep your business safe? Fortunately, help is at hand. Working with the NSA, SANS and the Council on CyberSecurity have identified and ranked the top 20 critical controls every business should have in place. The question is: Are you ready? Check out the questions your security programs must address and find the gaps before the cyber criminals do it for you. Then go deeper with our range of guides and resources to make sure your organization is protected.
Using Anomalies in Crash Reports to Detect Unknown Threats > Download Whitepaper
This white paper examines the “risk indicators” that can be observed in the anomalous activity taking place across a network. This anomalous activity includes behaviors (e.g., application crashes) that might indicate the presence of previously unseen attacks. While such risk indicators are rarely a smoking gun by themselves, they can be augmented with security intelligence and contextual understanding to both uncover previously undiscovered attacks and to help organizations understand the risk associated with those attacks.
When Tinfoil Hats Aren't Enough: Effective Defenses Against Advanced Persistent Threats (APTs) > Download Presentation
You probably know about the threat posed by APTs. You also may know that most experts will tell you that there are no cost-effective ways to completely prevent a determined attacker from getting into your systems. So what to do? Since returning to an agrarian society is likely not a viable option, this presentation will cover common APT techniques and ways to detect those techniques in action and rapidly react. We'll talk about how to leverage the Identity-powered enterprise to improve the accuracy and effectiveness of prevention, detection, and response.
Senior Vice President, Information Security
Texas Capital Bank
ISE® West People's Choice Award Winner and Executive Finalist 2013
ISE® Central Celebrated Executive 2013
ISE® North America People’s Choice Award Winner 2013
CISO: From Technologist to Trusted Advisor > Download Presentation
Whether accurate or not, the CISO is perceived as just a technical role. We are expected to be experts in hacking, firewalls, SQL injection, networking, and all sorts of vulnerabilities. What about business strategy? What about operations and growth? CISOs talk a lot about being “business enablers”, but what are we doing to be seen as a valuable contributor to the business? How can the CISO truly become a trusted business advisor?
Retail Cyber Intelligence Sharing Center
Public-Private Partnerships: How the State of Texas is Leading the Charge > Download Presentation
As both business and government become increasingly reliant on technology, the need for a strong cyber security framework to protect critical infrastructure escalates, and along with it, the need for collaboration. Learn how Brian Engle has lead the charge in the State of Texas, creating public-private partnerships between the state’s most significant players in an effort to develop a Security Program Essentials framework and cultivate a sizable, high-quality cyber security workforce to ensure economic competitiveness for the State of Texas.
Chief Security Officer
Parkland Health & Hospital System
eDiscovery Automation: Best Practices for Navigating Complex Challenges > Download Presentation
eDiscovery law is a rapidly evolving and highly impactful issue for large enterprises. The complex challenges often encompass multiple departments and numerous technology solutions, necessitating a reliable process that integrates and streamlines workflow for all involved. Learn how Parkland Health & Hospital System created a defensible, repeatable and transparent eDiscovery process that linked multiple systems, automated processes and established a best-of-breed collection and review platform.
Threat Intelligence to the Rescue? > Download Presentation
Threat intelligence is the latest in a long line of silver bullets destined to protect our environments against an overwhelming threat landscape. In this presentation, Forrester analyst Rick Holland will discuss the current state and limitations of threat intelligence. Rick will wrap up the presentation talking about the future of threat intelligence.
Chief Security Officer
Alliance Data Systems
ISE® Central Executive Award Winner 2008
CISO as a Salesman: Win Support for Your Key Initiatives > Read Summary
Major information security initiatives can be costly. InfoSec executives too often find that their organization’s leadership may not see the initial financial investment in security as business critical…at least not until data or infrastructure is compromised. What upper management does not know about information security can and will hurt them. They cannot claim to their customers, shareholders or even the government that due diligence has been performed if they ignore best practices or simply delegate the information security function to the IT team and forget about it.
Upper management approves the budgets and signs the checks. Securing information assets is ultimately their responsibility, but the CISO must put information security on their radar and prove its value. A CISO must lead efforts to build consensus for security as a priority in the enterprise by selling the Board and C-suite on the benefits of a proactive approach.
Security vs Risk vs Privacy: Who Leads the Charge? > Read Summary
As the field of security has evolved, so has the role of the Chief Information Security Officer, but debates are heated regarding exactly what responsibilities this title-bearer should assume. Although the classic model calls for a CISO with a strong technical background to manage enterprise level security efforts, many global organizations have shifted from a focus on information security programs to a holistic risk management approach, which calls for a more business savvy CISO. Others have found combining their privacy and security teams under single leadership can help to manage risk. Others still see security, risk and privacy as vital roles that merit their own c-suite members. What’s the best model? Join our conversation to debate the merits for the CISO as a risk and privacy officer and share your insight about the evolution of the CISO role.
Chief Security Officer
Parkland Health & Hospital System
Is BYOS the Real Problem in Mobility? > Read Summary
Many organizations are concerned about mobiles apps on BYOD devices triggering security, privacy and intellectual property problems. But perhaps the bigger issue in mobility is Bring-Your-Own-Software (BYOS). BYOS offers an attractive way for employees to streamline work activities, collaborate with colleagues, and be more productive. With free trials, inexpensive subscriptions, and easy-to-cancel policies, the barrier to adoption is low. However, organizations struggle to balance these benefits with the downside as this ad-hoc adoption of cloud services could pose greater risk than an external threat. Could BYOS be the biggest challenge in mobility?
Executive Director of Information Security Operations
The Growing Complexity of IT Security: How Do We Manage? > Read Summary
Network security has undergone a tremendous change in the past 20 years. Not only have attacks grown more sophisticated, but the network itself has been completely reinvented. No longer is it sufficient to provide protection solely at the major entry and exit points of a network. With the rise of BYOD, identity is the new perimeter and global, borderless security is the new challenge.
Network security has grown into a complex set of rules that define how business is conducted over the network, inside the organization and at touch points with external networks. Where network security policy was once implemented and managed by a small group of firewall experts, today it is a complex operation based on sophisticated processes that involve numerous stakeholders. Businesses are operating complex infrastructures, sometimes with hundreds of firewalls and thousands of network devices that need to be managed simultaneously. This is compounded by complex security rule sets, each of which needs to be evaluated sequentially, with unwieldy rules for each component.