Filter By:

Recent Blogs & Podcasts


\ Event Takeaway 

September 18, 2017 | Risk Management
By Rich Guida, IANS Faculty

 Infosec Risk Management: How to Focus on the Business Units

Information security professionals spend a lot of time doing risk management, but how do we know what the enterprise’s biggest risks are? How did we determine them? In this webinar, IANS Faculty Rich Guida discusses ways to ensure that business units (and their executive leaders) can be brought to the table and contribute meaningfully in risk identification and ranking, so when you ask for money to mitigate those risks, you have confidence that leadership has bought in to them.

Read More »

August 14, 2017 | Embedded Systems and Internet of Things
By Aaron Turner, IANS Faculty

 The Internet of Criminal Things: How Technology Commoditization Has Driven Our Current IoT Nightmares

Just like all technologists, criminals have taken advantage of the low costs of high-performance components such as Bluetooth and cellular modems. In this webinar, IANS Faculty Aaron Turner discusses how enterprises can use a diverse set of technologies to monitor for the presence of “Criminal Things” and what kinds of controls are available to help solve the problem in the long term.

Read More »

June 19, 2017 | Privacy
By Rebecca Herold, IANS Faculty

 Building a Framework for Data Privacy and Protection in the Cloud

With more and more security incidents originating in the cloud, new data privacy and protection regulations are emerging. Cloud services must establish and maintain effective privacy and compliance programs, while organizations that leverage cloud services need to establish sound frameworks for mitigating risks in their own right. In this webinar, IANS Faculty Rebecca Herold reviews the most common risks cloud services must address and details specific steps organizations can take to prevent breaches and the corresponding penalties.   

Read More »

May 15, 2017 | Data Classification
By Kevin Beaver, IANS Faculty

 Sensible Approaches to Data Classification

Most organizations want to protect their sensitive electronic assets, yet effective data classification programs are all but nonexistent. You certainly can’t secure what you don’t properly acknowledge, and that’s a big reason why many security organizations struggle in this area. In this webinar, IANS Faculty Kevin Beaver details an approach to data classification that involves taking a few basic steps early on and periodically moving the program forward.

Read More »

April 18, 2017 | Penetration Testing and Red Teaming
By Dave Kennedy, IANS Faculty

 Adversarial Simulations - Evolving Penetration Testing

Penetration testing has been given quite a few names over the past few years, including everything from “vulnerability scanning” all the way to “targeted and direct attacks” against organizations. This comes as attacker techniques themselves are shifting based on organizations adding more detection capabilities into their environments. In this webinar, IANS Faculty Dave Kennedy dives into some of the latest attack vectors and discusses why adversarial simulations are some of the most effective methods for building defenses within your organization. 

Read More »

March 10, 2017 | Architecture, Configuration and Segmentation
By Marcus Ranum, IANS Faculty,
     Ron Dilley, IANS Faculty

 Securing Your Network With Overlapping Controls

Many security practitioners complain about being flooded with alerts and vulnerabilities, because they don't get to design their systems so that the alerts are useful. Segmentation is one of many techniques these practitioners can use to manage alerts and reduce breach
impact. In this webinar, IANS Faculty Marcus Ranum and Ron Dilley describe a model for administratively breaking your network apart into management "zones" that can be analyzed and secured separately.

Read More »

February 16, 2017 | Cloud Access Security Brokers
By George Gerchow, IANS Faculty

 Deciphering the Dynamic CASB Marketplace

The cloud access security broker (CASB) market continues to mature. In this report, IANS Faculty George Gerchow provides an update, detailing the relevant vendors, their latest capability sets and the various deployment models available. He also offers some guidance on choosing the right CASB for your needs and cloud maturity level, as well as trends to expect in the future.

Read More »

January 6, 2017 | Team Structure and Management
By David Kolb, IANS Faculty

 Keeping CALM: Building the Business Relationships that Drive Infosec Success

CISOs and information security leaders are called upon to develop partnerships throughout their organizations in an effort to better align their objectives with those of the business. To do this, they need to understand how other leaders operate and determine how to best motivate them. In this webinar, professional development expert and IANS Faculty David C. Kolb, Ph.D. discussed his model for improving communication and facilitating leadership that drives effective partnerships, rather than simply transactional relationships.

Read More »

November 14, 2016 | Endpoints
By Dave Shackleford, IANS Faculty

 Endpoint Protection: Burn and Churn

Malware containment has devolved into an arms race, with a steady stream of solutions and rapidly evolving new problems, leaving IT security struggling to keep up and make sense of it all. In this webinar, IANS Faculty Dave Shackleford examines the new players and techniques in the space, and reviews some of the tried-and-true strategies, including whitelisting, sandboxing, segmentation and configuration management.

Read More »

November 3, 2016 | Malware and Advanced Threats
By Michael Pinch, IANS Faculty

 Health Care Roundtable: Tackling Ransomware

Ransomware is a scourge across every vertical but it seems to have found a soft spot in health care. For this roundtable, IANS brought together a group of health care sector security executives to talk about the problems they face and the strategies they are using to get ahead of the ransomware issue.

Read More »