Find out what's inside the December 2021 edition of the Journal & download a free copy of this month's featured article
Past Web ConferencesHome » ISSA Web Conferences bring together ISSA members from around the world to share leading industry presentations and answer members' questions. Each event is designed to address the timely needs of our members through a live, online event and a subsequent recorded version for on-demand viewing. All content is developed by the ISSA Web Conference Committee. CPE Credit Available: ISSA Members will be eligible for a certificate of attendance, after successful completion of a post-event quiz, to submit CPE credits for various certifications.
The first year is always the most critical as we wind our way through legislation with companies, courts, and people working to understand and adjust the rules. Well It has been one year since GDPR became active. In that time how many cases have been tried, fines levied, and what changes have been made?
Why passwords are a thin illusion of protection and what to do about it. Passwords have become nothing more than a thin illusion of protection. Human nature and human error are the weakest links in protecting organizations from cyberattacks and data breaches. Users choose poor passwords and then re-use them across multiple applications and systems, leaving them vulnerable to phishing and social engineering by bad actors. For years, users have been encouraged to create complex passwords and change them frequently.
How can IT security professionals take advantage of Security-as-a-Service to supplement their existing security programs? While cyber-attacks are increasing, your IT budgets and available security staff probably isn’t. You have too little time, too many alerts, and security tools are becoming more expensive and time-consuming. In this presentation, Ryan Kelly, Solutions Engineer, AT&T Cybersecurity and Kevin Landt, VP of Product Management, Cygilant, will explore ways that IT security professionals can leverage Security-as-a-Service options
At the end of the day it is not about the technology that runs the system but the humans that detect, respond, and or are co-opted to circumvent it. This session will provide insight into attacks as well as the human breach interactions.
CASBs have quickly evolved into highly specialized solutions that are an essential part of any cloud security strategy. They help organizations to govern the use of the cloud and protect sensitive data. According to Gartner, at least 99% of cloud security failures will be the customer’s fault through 2023. So, how do you ensure that you have the right tools in place as your organization adopts more and more cloud applications?
One key aspect of digital transformation for many companies has been the evolution and rise of the remote user. Application access from any device, anywhere has become an imperative for success, but with transformation comes challenges with attack surface and network vulnerability. Adopting a zero trust model is key to combat cybercriminals who are probing security perimeters and enterprise resources for vulnerabilities with a distinct purpose. Application access and identity is one of the key areas to begin.
This year saw IPv6 adoption worldwide surpassing the twenty-five percent mark. While previously only used by some innovative attackers, the incentive to explore the space for fresh targets grows as more than a quarter of the Internet is now IPv6-capable. Many organizations are challenged with adequate monitoring of their IPv6 networks, misconfigured devices and a shortage of time to implement IPv6 best practices.
This session will cover the traditional breach reports as well as a new style of reports and analysis.
In this session, ExtraHop CISO Jeff Costlow will discuss how security operations teams can escape the cycle of reactivity characterized by constantly responding to a flood of alerts, and move toward a more proactive stance by using the right data sources and workflows, driven by network traffic analysis, to focus on developing proactive capabilities like continuous encryption auditing, policy auditing, and more advanced use cases like threat hunting.
The Zero Trust Architecture model accepts that secure data can no longer be adequately protected by network perimeter firewall design because there is no longer a physical network perimeter to protect. Digital entities (people and things) cannot be trusted until they have been authenticated through integrated digital ID services. High assurance digital identity has quickly become the center of IT cybersecurity. Fortunately, there are several side benefits to solving this security challenge.
The world is changing, attacks come at the speed of light, and are changing so fast detection is almost impossible. So, how do we tell when we are being attacked? What new technologies are coming down the pipe? This session will cover these and many more topics.
Cyber hygiene is the flossing of cybersecurity — something we all know we should do but regularly ignore. While it may be more exciting to get the latest silver bullet to solve a zero-day problem, improving processes to better leverage what you already have will go further in protecting against the next cyber attack.