Webinar Archives

Upcoming Webinars
Stopping Email-Borne Threats Before They Spread
Date: Dec 18, 2018

View archived webinar

Your organization likely has extensive security protections for your inbound email from the Internet. However, as much as two-thirds of many organizations’ total email traffic is generated internally by users. And, of course, attackers know this. Are you inspecting your internal email with the same diligence as your inbound email? What about the emails being sent out to your partners, suppliers, and customers?

Building a Cyber Defense for 2019
Date: Dec 12, 2018

View archived webinar

A Dark Reading Virtual Event

When it comes to enterprise cybersecurity, the only constant is change. On one side, many organizations are being transformed by technological change, including the rapid movement toward cloud services, digital transformation, and the Internet of Things. On the other side, security teams are rethinking their defense strategies to respond to new threats such as ransomware, crypto mining, and next-generation malware. And as if that isn’t enough, major regulatory changes such as GDPR are putting new pressures on enterprise security and privacy.

What are the key cybersecurity steps that enterprises should be taking in the coming year? What are the critical changes that IT organizations should anticipate, and how should they prioritize their security initiatives? At this Dark Reading virtual event, security practitioners, industry visionaries, and technology developers come together to discuss the key changes to expect in the next 12 months – and how you can prepare for them.

Using Security Champions to Build a DevSecOps Culture Within Your Organization
Date: Dec 11, 2018

View archived webinar

The security industry has made great strides developing tools and technology to integrate software security into the application development life cycle. However, it’s important not to ignore the people and process aspects of DevSecOps. Building security into application teams’ culture is necessary for DevSecOps to be successful.

Outside the software security group, Security Champions are the leaders of this cultural change.

Developing a Customized Defense Against Targeted Attacks
Date: Dec 06, 2018

View archived webinar

"Targeted attack" doesn't necessarily mean sophisticated malware and nation-state threat actors. What it does mean, is that the attack will be aimed directly at your organization, so your defenses should be focused where targeted attackers will hit you hardest.

So who wants what corporate intellectual property, who wants to take down what system, who wants to cause harm to what individual, and what tools and know-how do these threat actors have at their disposal?  This webinar can help.  Join us and learn how to predict where targeted attackers will hit you hardest and how to tune your defenses accordingly.

Cyber Threat Intelligence Inside Your Organization
Date: Nov 14, 2018

View archived webinar

Information sharing and data about global attacks are useful, but some of the most important threat intelligence resides right inside your own organization. What can you learn by taking a closer look at your user lists and internal network traffic, your business plans and risk assessments?

In this webinar, learn about the tools that can help your internal threat intelligence gathering, how to fine-tune your monitoring efforts, and how efforts like these could help you detect attackers and defend your business.

10 Emerging Threats to Today's Enterprise Applications
Date: Nov 08, 2018

View archived webinar

Cyberattacks to today’s enterprises often begin by exploiting a new or recently discovered software vulnerability. What are some of these emerging application vulnerabilities, and how are attackers using them to crack security and expose critical business data?

In this Dark Reading webinar, application security experts offer a look at some of the latest and most potentially damaging threats to current enterprise apps, and how those threats can expose your organization to data compromise and theft. The experts also offer some practical advice on how to identify these threats and vulnerabilities in your organization – and how to secure your applications to limit the impact of an application-focused attack.

The Insider Threat: Real Defense for Real Businesses
Date: Nov 07, 2018

View archived webinar

Insider data leaks, whether malicious or accidental, can be caused by anyone: the extra-helpful customer service rep, the highly privileged IT admin or the jet-setting CFO. How do you detect and mitigate insider data leaks and reduce the potential for such incidents in the first place?

In this webinar, learn how cybersecurity professionals can address the insider threat without shutting down business.

SOC Evolution: How and Why to Update Your Security Operations Center
Date: Oct 30, 2018

View archived webinar

The average security operations center (SOC) is overwhelmed by threat alerts, hard-pressed to prioritize one threat over another, and too understaffed to properly investigate threats anyway. However, some organizations are rethinking and retooling their SOCs, to reduce alert fatigue and increase the agility of their security response.

In this webinar, learn the benefits of updating your security operations center and get recommendations on how to implement the essential tools and practices of a next-gen SOC.

Is Your Email Authentication Technology Really Automated?
Date: Oct 25, 2018

View archived webinar

Fake emails are at the root of so many of today’s cybersecurity woes. Scammers use spoofed email addresses in endlessly creative fashions. Some of the most devasting attacks that mislead email recipients about where the email is coming from.  Buyer beware, because the truthfulness of automation claims in the email authentication market varies wildly by vendor. It takes a diligent buyer to sift between facts and marketing hype.

Purple Team Tactics and Threat Intelligence for Effectively Training Your Cybersecurity Team
Date: Oct 23, 2018

View archived webinar

In this webinar, you will see how purple team tactics and tactical threat intelligence can be used to enhance your security team's capabilities against the next-generation cyber-attacks.

It has been proven that adding security technology cannot completely eliminate cyber-attacks however, training the human can definitely upgrade an organization's security posture. In this webinar, IT security managers and operators will witness how (advanced) adversary simulation, TTP reverse engineering and analysis, scenario-based training, red and blue team synergy and tactical threat intelligence can be used at the core of your training program, to create complete and fully up-to-date IT security professionals.

Effective Cyber Risk Assessment
Date: Oct 17, 2018

View archived webinar

The perils of security breaches are widely publicized, but do you know exactly how an attack or breach would affect your business? Have you considered the security risks of simply doing business with third parties – perhaps picking up a new security weakness at every stop on the supply chain?

Hear as top experts explain how to quantify the risks cyber threats pose to your organization – empowering you to make smarter decisions about defense strategy and spending.

Cybersecurity for Small- to Medium-Sized Businesses: 10 Steps to Success
Date: Oct 11, 2018

View archived webinar

Small and medium-sized businesses (SMBs) are learning the hard way that they are indeed prime targets for cyber attackers. But many enterprise security tools and practices don’t work for SMBs, which have neither the budget nor the skills to operate their own IT security department.

In this Dark Reading webinar, a top expert offers some tips and recommendations for securing the smaller enterprise, and for implementing simple, affordable tools and best practices that make sense for the resource-limited SMB (and maybe even resource-limited large enterprises).

The Real Impact of a Data Security Breach
Date: Oct 03, 2018

View archived webinar

A major breach of your enterprise's critical data could potentially threaten the life of your business. In addition to the potential loss of customer data or intellectual property, a breached company faces public scrutiny, IT security overhauls, potential lawsuits, brand damage, and loss of customers. In this webcast, experts discuss the real losses associated with a breach, and how an effective data breach response program can help mitigate the damage.

Email and the Web - Go Great Together for Attackers, But What About for the Defenders?
Date: Sep 25, 2018

View archived webinar

According to the Verizon Data Breach Investigations Report 2018, 92% of malware, such as ransomware, trojans, and RATs were delivered via malicious email attachments, with most of the remainder delivered via the web.

With nearly all security incidents and breaches originating from both email and the web -- and the necessity of these tools for your organizations day to day operations -- how can you protect your organization from the cyberattackers and their malicious work? And how you can best defend against these types of threats in a way your organization can afford to acquire, deploy, and manage?  If these are questions you’re grappling with then this webinar is for you.

Email's Original Sin and How Automated Authentication is Changing it
Date: Sep 19, 2018

View archived webinar

As email evolved from its early days, nobody could have predicted that there would one day be more than 3.8 Billion email users sending 270 Billion emails a day, and that email would become the number one source of cyberattacks. Business Email Compromise (BEC) and impersonation attacks are now one of the most insidious threats to organizations. Take a walk through the history of email with us to learn how email's "original sin" – its inherent lack of authentication – is being addressed with identity-based automated email authentication, including DMARC enforcement and other strategies to bring trust back to email.

Strategies for Monitoring and Measuring Cloud Security
Date: Sep 04, 2018

View archived webinar

There are many tools and processes for improving security in cloud IT environments, but many enterprise security teams still complain about their lack  of “visibility” into the cloud. In this Dark Reading webinar, a top expert offers a look at practices and tools that will help your team monitor security in IT environments that incorporate many cloud applications and services. You’ll also get advice on how to evaluate and measure cloud security, and how to work with service providers to improve it.

Endgame Ends Document-Based Phishing
Date: Aug 22, 2018

View archived webinar

According to the 2018 Verizon Data Breach Investigations Report, “… on average 4% of people in any given phishing campaign will click it...” Successful attacks are inevitable. Just this year we saw cyberattacks on the World Cup, PyeongChang Winter Olympics, financial, chemical and biological threat prevention labs, and Russian election interference. The one thing these all have in common is that they began with email delivered malicious attachments. But phishing is not limited to email and is up 100 percent on social media as well.

Are you suffering from agent overload, alert fatigue or the skills shortage? Do you need a better solution to document based phishing? If so, then this informative, interactive webinar is for you.

Understanding and Preventing the Latest Social Engineering Attacks
Date: Aug 21, 2018

View archived webinar

While hackers and cyber attackers are continually developing more sophisticated methods for penetrating enterprise systems, most of their exploits begin with a simple step: fooling users into breaking security policy. These "social engineering" attacks – including phishing, social networking scams, and online "watering holes" – are designed to trick your users into giving up their passwords or opening email attachments that contain malware.  But how can enterprises prevent this sort of attack? Can users be trained to recognize such exploits and avoid them? In this webcast, experts discuss the most effective methods of defending against social engineering attacks.

How to Use Artificial Intelligence and Machine Learning to Improve Enterprise Security
Date: Aug 16, 2018

View archived webinar

Many cybersecurity vendors today use terms such as “AI” and “machine learning” to describe the capabilities of their products. But what exactly do these technologies do, and how can you implement them to improve your everyday IT security processes?  In this Dark Reading webinar, a top expert will offer some useful definitions of terms, and will discuss some practical applications of the technology that might speed your incident reaction time and improve your use of IT security staff resources.

Inside Web Domain Fraud: The First Step in Phishing
Date: Jul 24, 2018

View archived webinar

Suspicious and infringing domains are on the rise as hackers are outpacing brands. Suspicious registrations outnumbered brand-owned defensive registrations 20-to-1 in 2017, further emphasizing the importance of strategic domain management. Learn the latest in domain fraud trends and how to secure your brand’s domain footprint.

Improving Enterprise Authentication
Date: Jul 19, 2018

View archived webinar

Many enterprises have implemented some basic methods for managing user authentication to sensitive data, and some have even mastered the “single sign-on” problem for data access. But today’s IT environment increasingly involves a wide range of user devices and locations, including mobile equipment, cloud services, and even Internet of Things devices. In this Dark Reading webinar, experts will discuss emerging methods for solving the authentication problem, and the need for building authentication strategies that go beyond the enterprise premises.

 

Malware & Fileless Malware: How It's Created, How It Spreads, and What To Do About It
Date: Jul 17, 2018

View archived webinar

Malware has come a long way since the early days of computer viruses.  During this Dark Reading webinar you will hear from experts as they provide an in-depth look at the latest innovations in malware; as well as in “fileless malware,” which forgo the use of malicious payloads in favor of using trusted programs in malicious ways. You’ll also get tips and recommendations on how to detect, and block the latest malware, by improving your IT security processes and using the right tools.

Why Cybercriminals Attack
Date: Jun 27, 2018

View archived webinar

A day-long look at who your attackers are, how they behave, and what you can do about them

No matter what industry you’re in, the spectrum of cyber attackers who are targeting you is growing. Financially-motivated cybercriminals, nation-state-sponsored intelligence gatherers, politically-motivated hackers, and even your competitors are among those who might be testing your systems today, looking for a way to get in.

In this special, day-long Dark Reading virtual event, top industry experts will offer a range of information and insight on who the bad guys are – and why they might be targeting your enterprise. You’ll learn about emerging threat actor groups, new cyber exploits, and the various methods and motivations behind today’s online attacks. Even more importantly, you’ll learn about current attacker behavior, and how you can adjust your defenses to mitigate current attacks before they affect your systems and data.

Phishing: Trends, Attacks and Defense Strategies
Date: Jun 14, 2018

View archived webinar

With over 1.2 million phishing threats detected in 2017 alone, enterprises are under constant attack.  While Ransomware has received the lion’s share of attention, everyday “beachhead” attacks were 2.5 times more prevalent.  
 
This session analyzes the phishing trends, attacks and defense strategies across global enterprises and will even offer some predictions of what to expect in 2018.

Real-World Ways to Fight Phishing
Date: Jun 12, 2018

View archived webinar

Despite our best efforts, most successful cyber attacks still begin with a humble phishing message. If your security awareness programs aren’t getting the job done, how do you do the basics better, and what new tools and techniques can you add to your arsenal?

Malicious Insiders: Real Defense for Real Businesses
Date: Jun 05, 2018

View archived webinar

Which one of your co-workers will it be? The disgruntled worker with oodles of access privileges? The jet-setting workaholic who will find a workaround for every security measure just so she can stay connected and keep working from anywhere, anytime? The eager-to-please front desk staff who always opens the door and shares documents to any stranger who comes along? Insider threats, malicious and accidental, can be anywhere, but your business cannot run without people who are helpful and hardworking. Too much end-user surveillance could damage employee morale. What are your options? In this webinar, learn how cybersecurity professionals can address the insider threat without shutting down business.

Threat Intelligence: Where to Start & What to Ask
Date: May 31, 2018

View archived webinar

The good news in IT security is that there is a growing list of resources and services that can inform you on the latest threats in cyber space and the criticality of each. The bad news is that with so many sources and so much data, using threat intelligence to improve your cyber defenses can be a bewildering process. In this session, you'll get a look at some of the different types and sources of threat intelligence data, and you'll get advice on how to choose the right ones – and how to use these varied information sources to improve your defenses.

Protecting Your Data In the Cloud
Date: May 24, 2018

View archived webinar

Cloud computing services and technology offer a level of efficiency and cost savings that most enterprises simply can’t pass up. But does the growing use of cloud technology create a growing threat to enterprise data? How can IT organizations track and secure data as it travels through the cloud? Do you need on-premises security tools to help secure an increasing number of cloud applications and service providers? In this session, a cloud security expert will discuss how rather than be afraid of cloud computing, security experts can take better advantage of the cloud to improve security across the board.

Migrating On-Premises Security Controls to the Cloud
Date: May 23, 2018

View archived webinar

As enterprises increasingly move traditional, data center-based applications and storage to the cloud, they face a variety of security challenges.

In this informative webinar, top experts in cloud security discuss the transition of legacy, on-premises security systems to the cloud, and how your organization can protect your data and operations against potential threats while expanding your use of cloud services.

The Impact of a Data Breach
Date: May 17, 2018

View archived webinar

To understand the cyber risk your organization faces, you need to understand the likelihood of a breach – and its potential cost. In this session, a top expert discusses the many – and sometimes hidden – costs of a data breach, including its impact on customers and end users. You'll also get insight on the frequency of data breaches and a better understanding of how likely it is to happen to your organization.

Ransomware Defense and Preparedness - Before the Attack
Date: May 15, 2018

View archived webinar

Ransomware is infecting more and more businesses each day – but there are ways to limit its impact. In this webinar top experts will discuss methods for preventing ransomware code from getting through your enterprise defenses, and how you can limit its reach.

Outsourcing IT Security: Strategies for Working with Third Parties
Date: May 09, 2018

View archived webinar

The growing IT security skills shortage means that many enterprises simply do not have the staff they need to handle new projects or ongoing threats. In addition, many businesses are increasingly relying on network and cloud service providers, taking key security functions out of their hands. How can enterprise security teams work with third-party contractors and service providers to improve overall security? In this Dark Reading webinar, a top expert discusses security outsourcing strategies, tools for measuring service provider security, and ways to use third-party services to supplement your in-house cybersecurity skills.

Bulletproof Your Digital Footprint From Emerging Threats
Date: May 08, 2018

View archived webinar

Whether or not you choose to participate in a digital channel, such as social media, cyber criminals can create fake accounts and domains that appear to represent your brand. Even in the dark web where corporations have clearly opted out, bad actors can plan attacks on your key personnel and physical assets. Learn how to enhance your security posture and protect your brand across social, mobile, domain and the dark web.
 

Cyber Threats to Industrial Control and Other Vertical-Industry Systems
Date: Apr 25, 2018

View archived webinar

Whether you work in utilities, manufacturing, health care, or another industry, it’s likely that you have purpose-built systems that are both digital and unprotected by conventional IT security tools. As your use of these vertical systems grows, how can you be sure that they won’t be hacked?  In this Dark Reading webinar, top experts offer insight on the threat posed to industrial control systems (ICS) and other vertical-industry systems, and how you can expand your enterprise security strategies to protect them.

Detecting and Mitigating Ransomware and Other Malware
Date: Apr 12, 2018

View archived webinar

In the past, most cyber attack campaigns were primarily random, and they simply exploited the most vulnerable systems they could find. Today, however, there is an increasing number of sophisticated attacks – in particular, ransomware -- that target specific companies, data, or even employees. These attacks are often extremely well-disguised and may escape the security tools that most enterprises use to screen out more random attacks. What tools and defenses are there to prevent targeted attacks on your organization? In this session, you will hear about the latest types of targeted attacks and what your enterprise can do to stop them.

Developing and Testing an Effective Incident Response Program
Date: Apr 05, 2018

View archived webinar

If your organization doesn't have a plan for handling a major data breach, you're already in trouble. In order to swiftly and effectively respond to a cyber compromise, you must develop a program for first response in the data center, and downstream response in the business units and in the public eye. This session offers some guidance on how to build an incident response plan that can identify and repair compromises as quickly as possible -- and how to test and practice that plan so that you're ready for the real thing.

Integrating, Coordinating, and Orchestrating Your Enterprise Security Tools
Date: Apr 04, 2018

View archived webinar

Over the past decade, enterprises have purchased a wide range of security tools and systems, many designed to solve only one problem. Today, security teams are looking for ways to aggregate and integrate the capabilities of these systems to help identify sophisticated threats and improve overall enterprise security.

In this Dark Reading webinar, attendees will learn strategies for tying security systems together and orchestrating them to build a better data defense.

How Online Attackers Research Your Organization
Date: Mar 21, 2018

View archived webinar

Whether they are large or small, most targeted cyberattacks begin with some simple research on your organization. This process of collecting “open source intelligence” (OSINT) may include discovering employee information on e-mail or social networks, investigating your enterprise via sophisticated search techniques or the Dark Web, or basic social engineering methods that fool trusted users into giving up credentials or other information. In this fascinating webinar, top experts discuss the methods that online attackers use to perform reconnaissance on your organization – and they offer advice on how you can make it more difficult for attackers to collect the information they need to launch an exploit.

Accelerate Your OODA Loop with Threat Intelligence and Orchestration
Date: Mar 14, 2018

View archived webinar

Today’s adversaries are moving faster than ever before, and for organizations trying to protect themselves against advanced and evolving threats, speed is essential. You need both orchestration and threat intelligence to be able to quickly make informed decisions for your organization. To demonstrate this, we’ll use the OODA loop. A decision making cycle, the OODA loop stands for: Observe, Orient, Decide, and Act. Not only is it vital to be able to complete the loop, but also important to accelerate it to keep up with adversaries. Register for this webinar to learn how to effectively shrink the attack surface and enable your team to make faster, more accurate decisions.

Why Hackers Attack: Understanding Threats and Motivations for Online Intrusion
Date: Mar 13, 2018

View archived webinar

To develop a strong defense, you must have a good understanding of who is likely to attack your organization – and why.

In this Dark Reading webinar, a top expert discusses the different types of attackers that may test your defenses, and the different methods that each category of attacker might use to penetrate your systems. You’ll also get advice and recommendations on how to use your knowledge of attackers to build a more effective, customized defense that increases the security of your critical data.

Security For the Internet of Things: A Practical Approach
Date: Mar 08, 2018

View archived webinar

Today’s IT environment increasingly employs a variety of devices that are intelligent and Internet-connected – but are not computers or phones. What’s the best strategy for securing these devices as they are added to your corporate computing environment? What can you do during the deployment phase to ensure that attackers don't use these devices as a means to compromise your corporate data? A top IoT security expert offers some insight.

Strategies for Improving Enterprise Application Security
Date: Mar 07, 2018

View archived webinar

Most online attacks begin when a hacker discovers a single vulnerability in an enterprise application. But how can organizations eliminate these vulnerabilities before they are exploited?  While most enterprises are focused on application scanning and remediation, many software development experts are advocating better, more secure application development initiatives that prevent vulnerabilities from occurring in the first place. In this webcast, experts on application security and the DevOps movement discuss the steps that enterprises can take to build security into the app development process.

Building Your Identity-aware Infrastructure
Date: Feb 22, 2018

View archived webinar

As the world of identity continues to evolve, the goals remain the same. A proper identity management program should ensure the right people have the right access to the right data at the right time. Identity governance is what helps you ensure those goals are attained.

Join Darran Rolls, the CTO & CISO of SailPoint, the leader in the Gartner Magic Quadrant for Identity Governance and Administration, as he demonstrates how to build an identity-aware infrastructure.

Insider Threats and Data Leaks: What You Dont Know CAN Hurt You
Date: Feb 22, 2018

View archived webinar

Major data leaks such as Edward Snowden’s release of NSA data are only the tip of the iceberg when it comes to insider threats. Every day, enterprises face the threat of losing valuable insider information – not only through malicious actions but through unintentional, accidental violations of security rules that lead to exposure of critical information. In this session, a top expert offers some essential advice on stopping data loss from within.

The Real Risks of Mobile Technology In the Enterprise
Date: Feb 15, 2018

View archived webinar

Most companies today have embraced a bring-your-own-device (BYOD) policy that enables end users to use their own tools to access corporate data. But how can you enforce security in such a flexible technology environment? And what are the real threats faced by today’s wireless devices?

In this session, a top expert will debunk some of the myths about mobile security while raising up some threats and vulnerabilities you may not know about.

Strategies for Monitoring and Measuring Cloud Security
Date: Feb 14, 2018

View archived webinar

There are many tools and processes for improving security in cloud IT environments, but many enterprise security teams still complain about their lack of "visibility" into the cloud. In this Dark Reading webinar, a top expert offers a look at practices and tools that will help your team monitor security in IT environments that incorporate many cloud applications and services. You'll also get advice on how to evaluate and measure cloud security, and how to work with service providers to improve it.

Strategies for Using Cyber Threat Intelligence
Date: Feb 13, 2018

View archived webinar

Between threat intelligence tools, industry ISACs, and a wide range of other services, IT organizations are flooded with ways to keep up to date on the latest security threats. But without mechanisms in place to actually use the information, these alerts provide little benefit. Learn how your IT organization can develop processes to quickly digest threat data and turn it into real actions, improving response to new threats and increasing overall security.

Securing End User Identities
Date: Feb 08, 2018

View archived webinar

Not so long ago, the notion of “endpoint security” focused on the management of desktop devices. But today’s end user employs a wide variety of devices in a wide variety of locations – many of which don’t belong to your organization. How can enterprises build a security strategy that identifies the end user and applies the appropriate security – no matter what their location or device? This session provides new insights on securing your end users.

GDPR: Gain Visibility and Control of Your Customers Data
Date: Jan 31, 2018

View archived webinar

Does your database contain personally identifiable information (PII) on EU citizens? If so, are you sharing it in compliance with GDPR? You must, if you are going to avoid crippling fines. PII belonging to European partners and customers is distributed across your organization: in your file shares, content management and cloud storage systems. It’s possible for organizations to have total visibility and control of their customers’ data—where content resides, which employees have access to it, and what they are doing with it. Having unified access to the systems that hold customer data and the ability to share this data securely will give your data protection officer peace of mind & help him/her sleep at night.
 
Join us for an informative webinar to learn how you can achieve your data privacy goals as it pertains sharing PII beyond your enterprise boundaries.

LTE in Unlicensed Spectrum: Driving Innovation in the Enterprise
Date: Jan 25, 2018

View archived webinar

Enterprise networking has long faced a standardized competitive environment largely defined by Wi-Fi solutions. That is about to change with the introduction of MulteFire, a new wireless solution that will bring seamless connectivity to users with enhanced coverage and capacity.

This new LTE-based technology can be deployed standalone in unlicensed or shared spectrum, allowing Enterprises to deploy private and neutral host LTE networks with fewer access points than traditional solutions, ultimately reducing CapEx. Harbor Research, a strategy and technology research firm that works with leading technology innovators, product OEMs and service providers, has forecast that the total addressable revenue for Enterprise markets deploying MulteFire will reach nearly $2.5B in 2023. In this webinar, the MulteFire Alliance joins Harbor Research to provide insight into how this technology will help venue owners and operators reduce costly distributed antenna systems and licensed carrier small cells, while ensuring coverage and capacity for users, regardless of carrier.

Becoming a Threat Hunter in Your Enterprise
Date: Jan 25, 2018

View archived webinar

For years, most IT security organizations have waited to detect new threats and then moved swiftly to defend against them. Today, however, there is a new wave of “threat hunting,” in which the security team takes a more proactive approach -- sinking hands into threat intelligence feeds, digging into behavioral analytics reports and following clues to a would-be attacker before they can do significant damage to critical data.
How do these enterprises build threat hunting programs? How do they staff them, and what tools and data do they need?

How to Talk to Management About Cybersecurity and Risk
Date: Jan 25, 2018

View archived webinar

As an IT professional, you’ve developed some ideas on how cyber attackers might compromise your enterprise data, and how you can defend against them. Now you have another challenge: how to present those threats and strategies to business managers who know nothing about IT security technology. How can you convey the current state of your IT security posture to top management? How can you make a business case for investing in additional IT security resources? 

In this informative session, you’ll get advice and recommendations on how to present security issues to your management – in language they can understand.

5 Things to Prepare For in Third-Party Cyber Risk Management in 2018
Date: Jan 18, 2018

View archived webinar

In 2017, we saw an increase in third-party related breaches bring a renewed focus to third-party risk management. But with this renewed focus, comes new challenges. From increased regulations and more involvement from the boardroom, to greater financial implications, third-party risk management has the potential to get more complicated in 2018.

Why Your IT Security Program Is Broken And How To Fix It
Date: Jan 18, 2018

View archived webinar

You may be compliant with every data security and privacy regulation. You may have your traditional IT infrastructure securely locked down. And yet despite that, you may have an IT security program that is failing -- failing to stop attackers and failing to support your organization. What's missing?

In this session, learn from a top expert how to shift away from an old, ineffective security mindset and towards one that is risk-based, threat-aware, and aligned to your business.

The State of the Enterprise Security Department
Date: Jan 11, 2018

View archived webinar

Cybersecurity has become one of the most critical issues in business, but have cybersecurity departments -- and the businesses they support -- adapted accordingly? Are they prepared for the caliber of data breaches and DDoSes organizations now experience? What are the chief threats that security departments face, and what are they doing about them? What are today's top priorities for security professionals and how do they relate to those of the CEO and board room? This session will explore all those questions, revealing data from two recent surveys of IT and security executives.

Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Worst Password Blunders of 2018 Hit Organizations East and West
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
2019 Attacker Playbook
Ericka Chickowski, Contributing Writer, Dark Reading,  12/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
[Sponsored Content] The State of Encryption and How to Improve It
[Sponsored Content] The State of Encryption and How to Improve It
Encryption and access controls are considered to be the ultimate safeguards to ensure the security and confidentiality of data, which is why they're mandated in so many compliance and regulatory standards. While the cybersecurity market boasts a wide variety of encryption technologies, many data breaches reveal that sensitive and personal data has often been left unencrypted and, therefore, vulnerable.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19790
PUBLISHED: 2018-12-18
An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9 and 4.2.x before 4.2.1. By using backslashes in the `_failure_path` input field of login forms, an attacker can work around the redirection target restricti...
CVE-2018-19829
PUBLISHED: 2018-12-18
Artica Integria IMS 5.0.83 has CSRF in godmode/usuarios/lista_usuarios, resulting in the ability to delete an arbitrary user when the ID number is known.
CVE-2018-16884
PUBLISHED: 2018-12-18
A flaw was found in the Linux kernel in the NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel id and cause a use-after-free. Thus a malicious container user can cause a host kernel memory corruption and a system ...
CVE-2018-17777
PUBLISHED: 2018-12-18
An issue was discovered on D-Link DVA-5592 A1_WI_20180823 devices. If the PIN of the page "/ui/cbpc/login" is the default Parental Control PIN (0000), it is possible to bypass the login form by editing the path of the cookie "sid" generated by the page. The attacker will have acc...
CVE-2018-18921
PUBLISHED: 2018-12-18
PHP Server Monitor before 3.3.2 has CSRF, as demonstrated by a Delete action.