ISE® West 2015
Reinventing Data > Download Whitepaper
Widespread use of traditional data masking solutions has been limited by the high cost of repeating data masking steps each time data is distributed to development, test, reporting or other copies. Delphix is the first solution to eliminate the distribution challenges of masked data. With Delphix Service-Based Data Masking, sensitive data only needs to be masked once, after which copies and updates can be delivered to any location in minutes. This eliminates compliance-driven pushback to cloud adoption and offshoring. Additionally, application teams get full, fresh, and secure data sets in minutes. Lastly, Delphix reduces the surface area of data exposed to breaches through consolidation and centralized auditing of sensitive data access.
Mobile Security: The 5 Questions Modern Organizations Are Asking > Download Whitepaper
The modern organization has recognized the need to embrace mobile devices in the workplace. Some have fully implemented a bring-your-own-device (BYOD) program, while some have adopted a hybrid model of corporate-owned and employee-owned devices. Meanwhile, others are now just starting to consider these mobility programs.
Wherever you fall on this spectrum of mobility adoption, the global trend is moving towards BYOD to benefit from enhanced worker productivity, increased revenues, and reduced device and data expenses. In fact, more than 45% of global firms are now introducing or expanding BYOD programs, according to recent survey from Forrester Research.
However, the increase in mobile devices bring with them important security implications. As the CSO’s 2015 Mobile Security Survival Guide notes, mobile security risks are growing “because much enterprise data today is created and consumed on mobile devices. This clearly explains why mobile security persistently tops the list of most pressing enterprise security concerns.”
The problem with privileged users: What you don’t know can hurt you > Download Whitepaper
Today’s users need easy “anytime, anywhere” access to information and services so they can do their jobs. The technologies needed to deliver that simplicity have become increasingly complex, and someone has to be there to keep it all running. These administrators (or super users) need “privileged” access to everything within the system in order to troubleshoot, resolve issues and maintain that immediate level of access.
THE CYBERSECURITY LITERACY CONFIDENCE GAP > Download Whitepaper
Despite the fact that most organizations are more aware of cybersecurity risks than ever and are making significant investments in security technology, cybercriminals are targeting a broader set of corporate assets and using more sophisticated tactics to achieve their goals. Although organizations have improved their network defenses, many cyberattacks still remain undetected for more than eight months, and large-scale public breaches continue to dominate the news cycle. It’s well understood that for every breach that is made public there are many more that go unreported either because they aren’t detected or don’t affect consumer data or critical infrastructure. As a result, organizations are not required to disclose them.
Cybersecurity In the Boardroom > Download Whitepaper
Following the slew of major cyberattacks reported in 2014—the Year of the Breach, according to Forbes—cybersecurity has become a boardroom-level conversation on an unprecedented scale.
The resignation of Target’s CEO and CIO following that company’s breach shows that responsibility is no longer being placed solely upon the CISO, but rather across the entire C-suite. In addition, high-profile vulnerabilities such as Heartbleed and Shellshock illustrate how much businesses rely on widely used open-source and third-party software components that have not been properly vetted for security. Yet there has been little visibility into the role the board is playing in addressing cybersecurity risk for companies.
To that end, NYSE Governance Services, in partnership with Veracode, surveyed nearly 200 directors of public companies representing a variety of industries—including financial services, technology, and health care—to discover how they view cybersecurity in the boardroom. Our goal was to gain insight into how cybersecurity is being understood, prioritized, and addressed at the board level.
Rob Fry
Sr. Information Security Architect
Netflix
Biography
FIDO: Building Defense on the Inside - Download Presentation
Fully Integrated Defense Operation (FIDO) is a custom-built solution leveraging partnerships with vendors and internal innovators to deliver a platform that addresses one of the biggest challenges the Netflix security team has faced. FIDO works to combat a lack of talented security professionals and alert fatigue at the same time by reducing the number of manual actions that analysts have to take. It also enriches and enhances alerts so that every piece of information has been checked with various security stack components and existing threat feeds so that analysts have richer information. The Netflix team has also made FIDO open source so other companies can benefit from it and build upon it. Learn how FIDO has improved operations and productivity of analysts, reduced the number of false positives, and aided in the ability to move swiftly during an incident.
Marci McCarthy
CEO and President
T.E.N.
Biography
The Balancing Act: Managing Expectations Across the Enterprise - Download Presentation
Ongoing breaches and reports of cyber espionage have brought Information Security center stage with executive management, boards of directors and customers alike. The business expects the CISO to manage an agile, high-performing security program, yet consistently fails to adequately underwrite or provide the range of resources necessary to meet growing demands. Now expected to be a transformative leader, CISOs are struggling to balance new perceptions when such a disconnect exists between expectations and reality. Just as managing the complexity of the threat environment mandates a solution-based, multi-layer approach, so does navigating the complex relationships necessary to bridge the gaps between security and the enterprise. During this presentation, learn how to work with various business units and departments to build and empower your leadership team, so that you can better manage the heavy burden of defending your organization against the unrelenting array of cyber threats.
Pete Lindstrom
Research Director Security Products
IDC
Biography
IDC's State of the "C" in CISO Survey 2015 - Download Presentation
Pete Lindstrom shares the results of the 2015 IDC's State of the "C" in CISO Survey.
Bill Boni
Vice President and Corporate Information Security Officer
T-Mobile USA
ISE® North America Commercial Executive Award Finalist 2007
ISE® Central Executive Award Winner 2007
Biography
The Era of Cyber War Games Has Arrived – Are You Prepared to Play? > Summary
When the movie War Games hit theaters back in 1983, the concept of computer hacking was little more than science fiction. Fast forwarding more than 30 years later, gripping sci-fi dilemmas featuring cyber-attacks have become real life nightmares for many organizations. The era of the modern cyber war games has arrived with nation states backing large scale cyber terrorist attacks, issuing demands, and bringing huge organizations to their knees for months on end. Private user data, sensitive employee credentials, and even unreleased products are being disclosed and used as ammunition against major corporations like Sony, Target, JP Morgan Chase, and Home Depot on this digital field of battle. These companies face not only financial losses in the millions, but also must cope with equally crippling brand disintegration due to public backlash and customer fallout. Now that fiction is reality, an important question remains – is your team prepared for these cyber war games?
Darren Challey
VP, Enterprise InfoSec
Expedia
Cyber Threat Intelligence: A Gold Mine of Value > Summary
An intelligence capability empowers organizations to identify potential threats and vulnerabilities in order to minimize the ‘threat attack window‘ and limit the amount of time an adversary gains access to the network before they are discovered. Organizations that operate with an intelligence-led mindset understand that threat intelligence is the ‘mechanism’ that drives cyber security investment and operational risk management. The number of cyber threat intelligence providers continues to increase and the idea of threat intelligence is gaining widespread acceptance. While increased awareness of the cyber security threat is a positive trend, many organizations still need to put in place the fundamentals of intelligence management to gain real value from threat intelligence. This will be a crucial for instilling confidence in board members – and ensure that the organizations are equipped to leverage the gold mine of value that can be extracted from cyber threat intelligence./p>
Michael Dierickx
Information Security Officer
Panasonic Avionics
Biography
Securing Your Data across Channels: Strategies for Outpacing Zero Day Threats and Sophisticated Hackers > Summary
Mobile, social and cloud technologies enable an organization’s efficiency and productivity, and can often provide competitive and brand differentiation. However, the widespread adoption of these services often results in an environment where free-flowing data quickly outpaces an organization’s ability to proactively defend against imminent and emerging security threats. All companies with valuable IP should assume both zero day threats and sophisticated hackers are targeting them. Mobile, social and cloud technologies drive productivity. But they also open the door to data theft and advanced attacks that can slip right by anti-virus, URL filtering and firewall defenses. A continued focus on siloed controls is insufficient for today’s threats as attacks are highly advanced, well-funded and persistently targeting enterprise environments.
Kim Green
Chief Information Security & Privacy Officer
Zephyr Health
Biography
Security & Compliance: What is the secret to success? > Summary
The compliance and technology landscape has changed dramatically in recent years with progressively strict regulations, especially in industries such as energy, oil and gas, health care, retail and financial services. Regulators are increasing scrutiny and fines, while internal policies and controls, particularly in relation to data, have posed debilitating for communication and collaboration needs. Additionally, it has become increasingly common for emerging threats to strike at points between the enterprise and third-party vendors, which further escalates the necessity for secure collaboration. How are your peers facing these challenges? Join this discussion to discover best practices for meeting industry requirements while ensuring secure collaboration in the complex marketplace.