The UMSA WebTracks Series provides education to participants from high-level industry speakers and specialists. As an online learning tool, UMSA WebTracks are webinars with topics that provide relevant information to those in the areas of information security, business continuity, risk management, IT and disaster recovery that can be utilized in the workplace or to future professional growth and development.
The UMSA WebTracks Series is a free education service to anyone wishing to participate. All webinars are held from 12 – 1 p.m. CST (1 p.m. Eastern, 10 a.m. Western). Please view our Calendar of Events for a full list of upcoming UMSA events and WebTracks, or click below for the next WebTracks event coming up.
Tweet along! Follow and tweet what you’re learning during our webinars by using the hashtag #WebTracks
Upcoming WebTracks Series webinars:
6 high-risk lessons for website defenders
Did you know that bot fraud was predicted to take a $7.2 billion bite out of ad budgets in 2016? Simple malicious bots were originally created as command line scripts to download websites and pilfer content. Being “dumb,” they’re a dying breed. Today, advanced persistent bots (APMBs) fly under the radar of many existing security solutions and, as such, are much harder to identify and block than their predecessors.
In this session, Edward Roberts will review current malicious bot mitigation methodologies and their limitations, discuss the rise of APBs, in addition to their new threat vectors such as cookie harvesting, poisoning, and the enabling of malicious content injections that target websites. This session will also cover the use of self-optimizing, machine learning algorithms.
Speaker: Edward Roberts leads Product Marketing and has over twenty years experience in technology marketing. Previously he worked for Juniper Networks, heading up Product Marketing for the Counter Security team.
Previous WebTracks Series webinars:
Security on the grind
Listeners listened to NMI’s Senior Software Engineer and Security Specialist, Timothy Bolton discuss the many unglamorous but extremely vital parts of the software development life cycle and the day to day security essentials your team needs to be aware of. Bolton also covered the important cybersecurity categories of:
- Common vulnerabilities and mitigation
- Testing with security in mind
- Performing code reviews with security in mind
- Tools and automation
Listen and watch now for free!
Protecting your data from cyber crime
Listeners gained insight into the world of cyber criminals and the risk they pose to any organization, emphasizing health care organizations. The current status of cyber-crime in the health care industry, how cyber-crime networks have grown and motivations have changed, discussion of the tools and techniques to breach current defensive technology were discussed along with multiple case studies of real health care facilities that experienced breaches. Participants walked through low cost, yet effective steps they can take to safe guard their data based on the SANS Top 20 Critical Controls for Cyber Defense.
What the ISO?! Taking a look at the new ISO 22317 standard for business impact analysis
Recently, ISO has released the new ISO 22317 Standard for Business Impact Analysis. In this webinar, Bryan Strawser speaks on the recent trend where organizations are adopting the ISO 22301 standard for their business continuity management systems. Listen in to also learn about several different strategies to build an effective BIA that will help you advance your business continuity strategies.
Security Vision: Inspiring People to Embrace Security
In this presentation, veteran security leader, as well as a CEO, Andrew Plato discussed how to use security vision to improve the conversation with your team. We discussed communication, leadership, and motivational strategies that inspire co-workers to embrace good security practices.
Ethics in IT security, why is it so critical?
In today’s ever-changing business environment, ethics has continued to be an increasingly important need for the information security professional. In this webinar, Kelley Archer will provides real-world cases/facts demonstrating how you as an information security professional must deal with situations that may cause you to make a decision between your ethical beliefs or a company’s decision.
DevOps + Security Transformation
Shannon Leitz explores how DevOps is being rapidly adopted throughout the industry and more so with Cloud adoption. This means that security transformation is under heavy demand and there is a never before expectation to make security everyone’s responsibility. The path forward can be achieved and requires a new set of skills, a scientific mindset, and an iterative approach. This talk will explore several use cases and some of the most pressing topics that hold back DevOps + Security transformation, for example: Separation of Duties, Limited Privilege, Approvals and Sign-offs, and Compliance.
The 2015 DBIR: Before and Beyond the Breach
This presentation by Chris Novak, RISK Team Director at Verizon, was based on information collected from over 60 partner organizations as well as the Verizon caseload by exploring the 2015 Verizon Data Breach Investigation Report (DBIR)—a rare and comprehensive view into the world of corporate cybercrime. This research has been used by thousands of organizations to evaluate and improve their security programs. The presentation discussed the evolution of results over the 7 years of data and delve into the people, methods and motives that drive attackers today to better inform your own security program.
There were a few technical difficulties, but you can listen to the last half of the webinar now for free!
3 Factors of Fail: The Authentication Problem
Barry Caplin, CISO for Fairview Health Services, presented on the current state of authentication, examine weaknesses in authentication factors, introduce the fourth factor of authentication and consider some solutions.
Communicating Risk to Executive Leadership
This presentation by Andrew Plato discussed strategies for improving how to communicate risk to executive leadership in a more effective manner, including the value of business risk intelligence, how to execute a rapid risk assessment, making risk assessments a leadership tool and the benefits of simplified, business-centric risk assessments.
This presentation by Josh More of Eyra Security explored some core concepts of natural evolution and how it has allowed many species to survive despite a deluge of attacks going back millennia. By exploring evolution and how it applies to business practices like economics and workflow, we can refocus our efforts from attempting to win an unwinnable game to survival. Survival is often all we need and striving for more can be what causes us to fail.
Information Security Awareness Programs – Dos and don’ts
This webinar presented by Christophe Veltsos covers the often neglected side of the security equation: human behavior. Veltsos discusses how to improve security awareness programs by sharing lessons we can draw from other fields when it comes to influencing behavior and how we can improve our ability to reach and engage people and impart our message of security awareness in a meaningful and lasting way.
The impact of emerging and disruptive technologies on you and your business
This webinar presented by Robert Stroud, vice president of strategy and innovation at CA Technologies, covers emerging technologies that you are dealing with now, those that will impact you tomorrow and how new business models will impact you in the near future. It will challenge your very understanding of there the boundaries of technology and business are and will consider some new practices in your role.
Suspicion Indicators Recognition & Assessment
This webinar presented by Michael Rozin, president of Rozin Security Consulting, covers an innovative behavior detection and security-interviewing program founded on methods developed by the Israeli Security Agency, and focused on identifying both intent and potential weaponry, to enhance security & law enforcement agencies ability to prevent violent acts.
DataCom Vulnerability and Resiliencey Assessment: Protect the Pipes
This hour-long webinar covers datacom risk assessment. Jeff Daniels, executive vice president at InfoBunker, covers the major causes of outages, including vandalism and terrorist acts. Participants will learn about the cost/benefit analysis of datacom failover strategies and how remote sites and alternate failover methods work. Additional topics covered in this session will include:
- Physical security of fiber and telecom routes
- Route resiliency and carrier due diligence
- Risk mitigation through use of non-terrestrial based datacom means
Cataloging Security Incidents with VERIS
In this session Kevin Thompson from the Verizon RISK team explains the Vocabulary for Event Recording and Incident Sharing (VERIS) and shows you how you can use this open framework to record the same information about your security incidents that Verizon uses to produce the DBIR.