Every cybersecurity professional needs to keep a toolkit of programs, apps, and resources for troubleshooting and securing systems. This rapid-fire presentation, updated for 2022, showcases apps, websites and resources used in cybersecurity testing, investigations, administration, compliance, and just day-to-day work. You’ll experience advanced techniques using tools such as MITRE ATT&CK and D3FEND, OSINT Framework, MS SysInternal Suite, NIST CSF/RMF/PF, Center for Internet Security Controls and Benchmarks, and many more. You will get many tricks and techniques for optimizing their use based on your organization’s needs. This session also provides a variety of websites, references and resources to help you do your job as a cybersecurity professional and local tech support and then tips to keeps yourself and others out of trouble. Attendees will leave with ideas to help them make intelligent choices as cybersecurity professionals and keep their skills sharp.
BST timezone test
According to a recent survey, 80% of cybersecurity professionals believe that quantum computers will become powerful enough over the next few years to break current encryption methods. However, most professionals believe their organizations have not done enough to prepare against this threat and are unsure of the best way forward. The good news is that quantum-resilient cryptography can also be found in quantum computing.
In this webinar on April 25, 2022 at 1:00 p.m. BST, quantum cybersecurity expert Duncan Jones will discuss how to best protect your organization against threats to encryption before "Q-Day" arrives, including:
It was the early 90's, WIRED magazine had just launched, extolling the techno-anarchism utopia of the emerging internet. While our moderator for this event, Brandon Dunlap, was just a young security engineer, tracing data flows in Visio, Winn Schwartau was busy briefing 3 letter agencies and politicians around the world on the threat of Information Warfare. Brandon had just picked up his book of the same name in 1995 at the Border's in Tysons Corner, VA (likely with the latest issue of WIRED) and it changed his entire outlook on our profession. Despite working in the shadow of the beltway, Brandon was oblivious to the types of conversations Winn was having with the Military Industrial Complex, but the message wasn't lost.
On May 9, 2022 from 1:00 p.m. – 2:30 p.m. ET, we are delighted to invite you into a conversation between Brandon & Winn as we check in on Winn’s dire predictions against the current backdrop of global conflict, social media disinformation and citizen privacy concerns.
As organizations transform into becoming Cloud-First they have the opportunity to re-engineer their cybersecurity defenses. Firewall technology and web application defenses have proved to be defenseless against attackers and the onset on ransomware. Cloud-native applications and their supporting architectures (e.g., microservices, containers, and orchestration) are requiring more security. Both machine and human user identities must be protected at an even higher level of assurance.
Making Zero Trust a practical reality for organizations today requires not only strategic governance and oversight, but security engineering knowledge and implementation skill. In this presentation we examine the principles of Zero Trust and how they can be applied to defend not only identities, but also data, infrastructure, network components, web-service endpoints, and applications. Building on core principles we show how-to effectively implement Zero Trust in the Cloud for comprehensive security coverage, how-to strengthen the coverage using machine learning, and how identity and access management can be simplified. We provide a workbook where participants can evaluate their own organizations readiness for Zero Trust and conduct a mock vendor selection for Zero-Trust solutions and services.Learning Objectives:
Our supply chains are currently stretched, a result of various factors including markets recovering from the pandemic, labour shortages and hostilities in Ukraine among many. We rely on technology to make our supply chains efficient, yet the security of this technology is often overlooked. We will look at the security of various transport systems, some of which have already been attacked to generate income for nefarious actors.
What can we learn from these issues? What can we take from this and what stones can we turn over in our own organisations? When we engage with supply chains, how can security help our businesses assure the integrity of our supplies?
Zero Trust is revolutionizing network security architecture: it is data and device-centric and designed to stop data breaches while protecting critical infrastructure. In this session, John will discuss the concept of Zero Trust and explains why Zero Trust is the world's only true cybersecurity strategy. In 2020, President Biden issued an Executive Order mandating that all US Federal Goverment Agencies move towards adopting Zero Trust.
Zero Trust is both strategically resonant to the highest levels of the business, but also practically and tactically implementable using commercial off-the-shelf technologies. Because Zero Trust focus on providing granular protections around sensitive assets, this architectural model - which designs the network from the inside out - is perfectly positioned to solve the security challenges of modern critical infrastructure and IOT networks. For example, Zero Trust networks protect East-West traffic by default by enforcing micro-perimeters around critical assets or data. Therefore, internal malware propagation is stopped automatically. Zero Trust innovations also add a layer of agility to modern networks that is impossible to achieve in traditional network designs. This means that your network can respond to the speed of business. These 21st century networks have been adopted by large enterprises and government entities around the world. John will explain how a Zero Trust Network Strategy will achieve tactical and operational goals that make security organizations a business enabler, not a business inhibitor.
The MITRE ATT&CK® knowledgebase has expanded to more than 600 tactics, techniques, and procedures. It’s crucial information but making use of it can be overwhelming for even advanced cyber defenders.
During this interactive webinar, MITRE veteran Richard Struse, Chief Technology Officer at Tidal Cyber, will discuss how MITRE ATT&CK can be operationalized to help organizations achieve a proactive cybersecurity posture by implementing threat-informed defense, empowering them to go beyond patching vulnerabilities.
Join us live online and learn: