Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Webinar Archives

Upcoming Webinars
Automating Cybersecurity Functions in Your Enterprise
Date: Jun 12, 2019

View archived webinar

Organizations face tremendous challenges when trying to keep pace with the volume of cyber incidents they are seeing today. Information security leaders are looking to the benefits of security orchestration and automation to relieve the strain on their incident response teams. While the promise of orchestration is great, achieving success requires great care in choosing which processes and investigative actions to automate.

Thinking Like a Cyber Attacker: Strategies for Defense
Date: Jun 06, 2019

View archived webinar

Increasingly, enterprises are discovering that the best way to test and defend their organization is to view their IT environment from the perspective of an attacker. But how do you predict an attacker's motives and simulate their methods, and how do you know that you aren’t overlooking key vulnerabilities? In this Dark Reading webinar, experts discuss methods for testing your security’s mettle by thinking like your adversary.

Becoming a Threat Hunter in Your Enterprise
Date: May 14, 2019

View archived webinar

For years, most IT security organizations have waited to detect new threats and  then moved swiftly to defend against them. Today, however, there is a new wave  of “threat hunting,” in which the security team takes a more proactive approach --seeking out potential threats before the attackers have a chance to act. How do enterprises build threat hunting programs? How do they staff them, and what tools do they need? What skills and training does a great threat hunter need? In  this Dark Reading webinar, a top expert discusses the process for building a threat hunting program, and for optimizing the efforts of designated threat hunters in the organization.

The CISO Challenge
Date: May 09, 2019

View archived webinar

New research highlights key management and communication issues facing those responsible for cyber security, including entrenched perceptions by senior leadership and employees. Nearly 50% of cyber security professionals, for example, believe executive boards see them in just a maintenance role, rather than a source of innovation that contributes to the business. Given the enormous impact of security breaches and the increase in compliance requirements, CISOs need to communicate the value of cyber security across all levels of their organizations.

Join Chief Security Scientist, Joseph Carson as he discusses the changes cyber security professionals must make in order to expand their influence and align cyber security with business priorities so executive boards can see the business case for security investments.

Building an Incident Readiness and Response Playbook
Date: May 08, 2019

View archived webinar

The cyber attackers hit their mark: now what do you do? Whom do you call first? Do you have a plan to contain the damage, eliminate the threat, avoid destruction of forensic evidence, and keep the business operational at the same time? Do you know how to uphold compliance requirements, address customer questions, and pay for all the unforeseen costs of an emergency? Don't make a data breach any harder than it needs to be. In this webinar, learn the Xs and Os of any good security incident readiness and response playbook.

Developing the Right Strategy for Secure Email
Date: May 01, 2019

View archived webinar

Many of today's most damaging cyber attacks begin with a simple hack of the corporate email system. Yet many enterprises still don't have a unified approach to protecting their email and messaging systems, leaving themselves open to a wide range of online exploits. In this webinar, top experts discuss strategies for limiting access to critical email systems, when to encrypt email attachments and transmissions, and how to build a day-to-day process for protecting email against common cyber attacks.

End-User Security Awareness Programs That Work
Date: Apr 30, 2019

View archived webinar

Most successful cyber-attacks begin by manipulating an end user, via a phishing message or other social engineering attack. Instead of just being weak spots, imagine your users could be the security department's eyes and ears--the first to alert you to a potential threat. End users can only help, though, if you give them training that both educates them and makes them care about security. In this webinar learn how to create an end-user security awareness program that engages your users, builds a security culture, and reduces attackers' success rate.

A Day in the Life of an OT Cybersecurity Expert
Date: Apr 17, 2019

View archived webinar

What are the critical must-haves and pitfalls to avoid when it comes to safeguarding industrial facilities in the age of the Industrial Internet of Things? Threats to the safety and security of critical infrastructure make headlines on a regular basis. CISOs and their IT teams may be ultimately accountable for the security of industrial control systems in critical industries such as oil and gas, refining, chemical processing and power generation, but they can benefit greatly from the expertise of their operation technology (OT) cybersecurity teams.

Join us for a panel discussion with three OT cybersecurity experts who share their experience and lessons learned when securing the critical infrastructure. We’ll dive into critical success factors for effectively managing OT risk while ensuring safe and reliable production within the plant.

Dark Reading Virtual Event 2019
Date: Mar 21, 2019

View archived webinar

Pending

How to Use Artificial Intelligence and Machine Learning to Improve Enterprise Security
Date: Mar 19, 2019

View archived webinar

Many cybersecurity vendors today use terms such as “AI” and “machine learning” (ML) to describe the capabilities of their products. But what exactly do these technologies do, and how can you implement them to improve your everyday IT security processes?

In this enlightening Dark Reading webinar, a top expert will offer some useful definitions of terms and will discuss some practical applications of the technology that might speed your incident reaction time and improve your use of IT security staff resources.

Disrupting Lateral Movement
Date: Mar 14, 2019

View archived webinar

Attackers don't have to hit your most critical assets directly -they'll find a soft spot in your perimeter defenses and move laterally through your environment until they reach their target.

In this webinar you'll learn about the tools and techniques you can use to detect attackers' lateral movement within your computing environment and how to stop them before they launch their final payload.

Overcoming Cyberthreats to Critical Infrastructure with Integrated IT/OT Cybersecurity
Date: Mar 06, 2019

View archived webinar

Many organizations reliant on critical infrastructure networks are striving to reduce risk with cybersecurity strategies that bridge both IT and OT asset domains. However, achieving comprehensive IT/OT cybersecurity is often a more challenging task in practice than it is conceptually.

Security professionals interested in effectively executing an integrated IT/OT cybersecurity strategy should join this webinar to learn how they can achieve end-to-end visibility into the full spectrum of both IT and OT network devices, as well as unified business risk management for today’s continuously evolving cyberthreat landscape. During this webinar, we will dive into four foundational elements of a comprehensive IT/OT cybersecurity strategy, including asset visibility, asset management, risk & compliance and investigation & response, with use cases of each.

Closing the Threat Intelligence Effectiveness Gap
Date: Feb 27, 2019

View archived webinar

In a recently released Ponemon Institute report, "The Value of Threat Intelligence: Annual Study of North American & United Kingdom Companies," the importance of threat intelligence in achieving a strong cybersecurity posture is rated as very high at 85%, but only 41% of respondents felt that they are utilizing their threat intelligence effectively.

The report reveals that security professionals believe threat intelligence is often too voluminous and/or complex to provide actionable insights. It also states that - despite security being a business priority - security professionals struggle in sharing essential threat data to the C-Suite and above. Findings also suggest security teams are not optimized to deliver on threat intelligence and they often lack experienced subject matter experts.

Tune in to this webinar to learn about the overload of threat intelligence data and what your peers are citing as important in the day-to-day protection of their networks.

Understanding and Preventing Social Engineering Attacks
Date: Feb 20, 2019

View archived webinar

While cyber attackers continually develop more sophisticated methods for penetrating enterprise computing systems, most exploits begin with a simple step: fooling users into breaking security policy. These "social engineering" attacks – including phishing, "watering holes", and social network attacks – are  designed to trick your users into giving up passwords, opening malicious email attachments, or installing malware. How can enterprises prevent this sort of attack? Can users be trained to recognize such exploits and avoid them? In this webcast, experts discuss the most effective methods of defending against social engineering attacks.

Practical Cyber Defense for Industrial Control Systems
Date: Feb 14, 2019

View archived webinar

Industrial control systems (ICS) environments are being targeted by more sophisticated threats every day; but the security professionals who defend ICS environments face significant limitations. Patching practices and scanning tools that are common in most IT environments are often unacceptable for ICS, which may operate critical infrastructure and require 24/7 uptime. In this Dark Reading webinar, top experts offers insight on the threat posed to ICS systems, and how you can expand your security strategies to protect them. 

Getting More from Less: 3 Ways Replacing AV with a Security Platform Can Help You
Date: Jan 31, 2019

View archived webinar

The threat landscape is growing increasingly sophisticated and is bypassing traditional antivirus. To combat this, IT and security professionals are adding products to their security stack. In fact, 48% of organizations are using more than 25 different discrete or point security tools to manage, investigate, and respond to security threats. Each has its own endpoint agent, dataset, console, and back end. The result is a lot of complexity and not enough efficacy.

It doesn’t have to be this way.
What if it was possible to have a single platform that simplified your security stack and improved your protection?

How IT Security Teams Can Use Machine Learning to Improve Data Defense
Date: Jan 29, 2019

View archived webinar

A new wave of machine learning technology promises to help IT security operations teams detect cyber threats sooner and respond to them more quickly. But machine learning is used in a wide variety of ways, and not all machine learning-based products work in the same fashion.

In this webinar, experts will discuss the ways that machine learning can help in security operations, how it can speed threat analysis, and how to evaluate and choose technologies that will work in your organization.

Choosing the Right Strategies for Endpoint Security
Date: Jan 23, 2019

View archived webinar

There are many tools for protecting enterprise endpoints from attack, but most organizations still do not have a comprehensive strategy for endpoint protection that extends across the enterprise. In this webinar, experts will discuss methods for rationalizing endpoint protection tools and strategies and building a comprehensive strategy that works across the entire organization.

Consistency is Key with Cloud Security
Date: Jan 17, 2019

View archived webinar

When it comes to cloud security, consistency is everything – your cloud controls should mimic your on-premise implementations, so you have complete consistency of security policy enforcement across environments.

Cloud security breaches have not been the result of brilliant criminal masterminds. Rather, they have been the result of self-inflicted errors that are often caused by faulty migration and deployment practices – particularly when the right security personnel are excluded from the process.

Stopping Email-Borne Threats Before They Spread
Date: Dec 18, 2018

View archived webinar

Your organization likely has extensive security protections for your inbound email from the Internet. However, as much as two-thirds of many organizations’ total email traffic is generated internally by users. And, of course, attackers know this. Are you inspecting your internal email with the same diligence as your inbound email? What about the emails being sent out to your partners, suppliers, and customers?

Building a Cyber Defense for 2019
Date: Dec 12, 2018

View archived webinar

A Dark Reading Virtual Event

When it comes to enterprise cybersecurity, the only constant is change. On one side, many organizations are being transformed by technological change, including the rapid movement toward cloud services, digital transformation, and the Internet of Things. On the other side, security teams are rethinking their defense strategies to respond to new threats such as ransomware, crypto mining, and next-generation malware. And as if that isn’t enough, major regulatory changes such as GDPR are putting new pressures on enterprise security and privacy.

What are the key cybersecurity steps that enterprises should be taking in the coming year? What are the critical changes that IT organizations should anticipate, and how should they prioritize their security initiatives? At this Dark Reading virtual event, security practitioners, industry visionaries, and technology developers come together to discuss the key changes to expect in the next 12 months – and how you can prepare for them.

Using Security Champions to Build a DevSecOps Culture Within Your Organization
Date: Dec 11, 2018

View archived webinar

The security industry has made great strides developing tools and technology to integrate software security into the application development life cycle. However, it’s important not to ignore the people and process aspects of DevSecOps. Building security into application teams’ culture is necessary for DevSecOps to be successful.

Outside the software security group, Security Champions are the leaders of this cultural change.

Developing a Customized Defense Against Targeted Attacks
Date: Dec 06, 2018

View archived webinar

"Targeted attack" doesn't necessarily mean sophisticated malware and nation-state threat actors. What it does mean, is that the attack will be aimed directly at your organization, so your defenses should be focused where targeted attackers will hit you hardest.

So who wants what corporate intellectual property, who wants to take down what system, who wants to cause harm to what individual, and what tools and know-how do these threat actors have at their disposal?  This webinar can help.  Join us and learn how to predict where targeted attackers will hit you hardest and how to tune your defenses accordingly.

Cyber Threat Intelligence Inside Your Organization
Date: Nov 14, 2018

View archived webinar

Information sharing and data about global attacks are useful, but some of the most important threat intelligence resides right inside your own organization. What can you learn by taking a closer look at your user lists and internal network traffic, your business plans and risk assessments?

In this webinar, learn about the tools that can help your internal threat intelligence gathering, how to fine-tune your monitoring efforts, and how efforts like these could help you detect attackers and defend your business.

10 Emerging Threats to Today's Enterprise Applications
Date: Nov 08, 2018

View archived webinar

Cyberattacks to today’s enterprises often begin by exploiting a new or recently discovered software vulnerability. What are some of these emerging application vulnerabilities, and how are attackers using them to crack security and expose critical business data?

In this Dark Reading webinar, application security experts offer a look at some of the latest and most potentially damaging threats to current enterprise apps, and how those threats can expose your organization to data compromise and theft. The experts also offer some practical advice on how to identify these threats and vulnerabilities in your organization – and how to secure your applications to limit the impact of an application-focused attack.

The Insider Threat: Real Defense for Real Businesses
Date: Nov 07, 2018

View archived webinar

Insider data leaks, whether malicious or accidental, can be caused by anyone: the extra-helpful customer service rep, the highly privileged IT admin or the jet-setting CFO. How do you detect and mitigate insider data leaks and reduce the potential for such incidents in the first place?

In this webinar, learn how cybersecurity professionals can address the insider threat without shutting down business.

SOC Evolution: How and Why to Update Your Security Operations Center
Date: Oct 30, 2018

View archived webinar

The average security operations center (SOC) is overwhelmed by threat alerts, hard-pressed to prioritize one threat over another, and too understaffed to properly investigate threats anyway. However, some organizations are rethinking and retooling their SOCs, to reduce alert fatigue and increase the agility of their security response.

In this webinar, learn the benefits of updating your security operations center and get recommendations on how to implement the essential tools and practices of a next-gen SOC.

Is Your Email Authentication Technology Really Automated?
Date: Oct 25, 2018

View archived webinar

Fake emails are at the root of so many of today’s cybersecurity woes. Scammers use spoofed email addresses in endlessly creative fashions. Some of the most devasting attacks that mislead email recipients about where the email is coming from.  Buyer beware, because the truthfulness of automation claims in the email authentication market varies wildly by vendor. It takes a diligent buyer to sift between facts and marketing hype.

Purple Team Tactics and Threat Intelligence for Effectively Training Your Cybersecurity Team
Date: Oct 23, 2018

View archived webinar

In this webinar, you will see how purple team tactics and tactical threat intelligence can be used to enhance your security team's capabilities against the next-generation cyber-attacks.

It has been proven that adding security technology cannot completely eliminate cyber-attacks however, training the human can definitely upgrade an organization's security posture. In this webinar, IT security managers and operators will witness how (advanced) adversary simulation, TTP reverse engineering and analysis, scenario-based training, red and blue team synergy and tactical threat intelligence can be used at the core of your training program, to create complete and fully up-to-date IT security professionals.

Effective Cyber Risk Assessment
Date: Oct 17, 2018

View archived webinar

The perils of security breaches are widely publicized, but do you know exactly how an attack or breach would affect your business? Have you considered the security risks of simply doing business with third parties – perhaps picking up a new security weakness at every stop on the supply chain?

Hear as top experts explain how to quantify the risks cyber threats pose to your organization – empowering you to make smarter decisions about defense strategy and spending.

Cybersecurity for Small- to Medium-Sized Businesses: 10 Steps to Success
Date: Oct 11, 2018

View archived webinar

Small and medium-sized businesses (SMBs) are learning the hard way that they are indeed prime targets for cyber attackers. But many enterprise security tools and practices don’t work for SMBs, which have neither the budget nor the skills to operate their own IT security department.

In this Dark Reading webinar, a top expert offers some tips and recommendations for securing the smaller enterprise, and for implementing simple, affordable tools and best practices that make sense for the resource-limited SMB (and maybe even resource-limited large enterprises).

The Real Impact of a Data Security Breach
Date: Oct 03, 2018

View archived webinar

A major breach of your enterprise's critical data could potentially threaten the life of your business. In addition to the potential loss of customer data or intellectual property, a breached company faces public scrutiny, IT security overhauls, potential lawsuits, brand damage, and loss of customers. In this webcast, experts discuss the real losses associated with a breach, and how an effective data breach response program can help mitigate the damage.

Email and the Web - Go Great Together for Attackers, But What About for the Defenders?
Date: Sep 25, 2018

View archived webinar

According to the Verizon Data Breach Investigations Report 2018, 92% of malware, such as ransomware, trojans, and RATs were delivered via malicious email attachments, with most of the remainder delivered via the web.

With nearly all security incidents and breaches originating from both email and the web -- and the necessity of these tools for your organizations day to day operations -- how can you protect your organization from the cyberattackers and their malicious work? And how you can best defend against these types of threats in a way your organization can afford to acquire, deploy, and manage?  If these are questions you’re grappling with then this webinar is for you.

Email's Original Sin and How Automated Authentication is Changing it
Date: Sep 19, 2018

View archived webinar

As email evolved from its early days, nobody could have predicted that there would one day be more than 3.8 Billion email users sending 270 Billion emails a day, and that email would become the number one source of cyberattacks. Business Email Compromise (BEC) and impersonation attacks are now one of the most insidious threats to organizations. Take a walk through the history of email with us to learn how email's "original sin" – its inherent lack of authentication – is being addressed with identity-based automated email authentication, including DMARC enforcement and other strategies to bring trust back to email.

Strategies for Monitoring and Measuring Cloud Security
Date: Sep 04, 2018

View archived webinar

There are many tools and processes for improving security in cloud IT environments, but many enterprise security teams still complain about their lack  of “visibility” into the cloud. In this Dark Reading webinar, a top expert offers a look at practices and tools that will help your team monitor security in IT environments that incorporate many cloud applications and services. You’ll also get advice on how to evaluate and measure cloud security, and how to work with service providers to improve it.

Endgame Ends Document-Based Phishing
Date: Aug 22, 2018

View archived webinar

According to the 2018 Verizon Data Breach Investigations Report, “… on average 4% of people in any given phishing campaign will click it...” Successful attacks are inevitable. Just this year we saw cyberattacks on the World Cup, PyeongChang Winter Olympics, financial, chemical and biological threat prevention labs, and Russian election interference. The one thing these all have in common is that they began with email delivered malicious attachments. But phishing is not limited to email and is up 100 percent on social media as well.

Are you suffering from agent overload, alert fatigue or the skills shortage? Do you need a better solution to document based phishing? If so, then this informative, interactive webinar is for you.

Understanding and Preventing the Latest Social Engineering Attacks
Date: Aug 21, 2018

View archived webinar

While hackers and cyber attackers are continually developing more sophisticated methods for penetrating enterprise systems, most of their exploits begin with a simple step: fooling users into breaking security policy. These "social engineering" attacks – including phishing, social networking scams, and online "watering holes" – are designed to trick your users into giving up their passwords or opening email attachments that contain malware.  But how can enterprises prevent this sort of attack? Can users be trained to recognize such exploits and avoid them? In this webcast, experts discuss the most effective methods of defending against social engineering attacks.

How to Use Artificial Intelligence and Machine Learning to Improve Enterprise Security
Date: Aug 16, 2018

View archived webinar

Many cybersecurity vendors today use terms such as “AI” and “machine learning” to describe the capabilities of their products. But what exactly do these technologies do, and how can you implement them to improve your everyday IT security processes?  In this Dark Reading webinar, a top expert will offer some useful definitions of terms, and will discuss some practical applications of the technology that might speed your incident reaction time and improve your use of IT security staff resources.

Inside Web Domain Fraud: The First Step in Phishing
Date: Jul 24, 2018

View archived webinar

Suspicious and infringing domains are on the rise as hackers are outpacing brands. Suspicious registrations outnumbered brand-owned defensive registrations 20-to-1 in 2017, further emphasizing the importance of strategic domain management. Learn the latest in domain fraud trends and how to secure your brand’s domain footprint.

Improving Enterprise Authentication
Date: Jul 19, 2018

View archived webinar

Many enterprises have implemented some basic methods for managing user authentication to sensitive data, and some have even mastered the “single sign-on” problem for data access. But today’s IT environment increasingly involves a wide range of user devices and locations, including mobile equipment, cloud services, and even Internet of Things devices. In this Dark Reading webinar, experts will discuss emerging methods for solving the authentication problem, and the need for building authentication strategies that go beyond the enterprise premises.

 

Malware & Fileless Malware: How It's Created, How It Spreads, and What To Do About It
Date: Jul 17, 2018

View archived webinar

Malware has come a long way since the early days of computer viruses.  During this Dark Reading webinar you will hear from experts as they provide an in-depth look at the latest innovations in malware; as well as in “fileless malware,” which forgo the use of malicious payloads in favor of using trusted programs in malicious ways. You’ll also get tips and recommendations on how to detect, and block the latest malware, by improving your IT security processes and using the right tools.

Why Cybercriminals Attack
Date: Jun 27, 2018

View archived webinar

A day-long look at who your attackers are, how they behave, and what you can do about them

No matter what industry you’re in, the spectrum of cyber attackers who are targeting you is growing. Financially-motivated cybercriminals, nation-state-sponsored intelligence gatherers, politically-motivated hackers, and even your competitors are among those who might be testing your systems today, looking for a way to get in.

In this special, day-long Dark Reading virtual event, top industry experts will offer a range of information and insight on who the bad guys are – and why they might be targeting your enterprise. You’ll learn about emerging threat actor groups, new cyber exploits, and the various methods and motivations behind today’s online attacks. Even more importantly, you’ll learn about current attacker behavior, and how you can adjust your defenses to mitigate current attacks before they affect your systems and data.

7 Truths About BEC Scams
Ericka Chickowski, Contributing Writer,  6/13/2019
DNS Firewalls Could Prevent Billions in Losses to Cybercrime
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/13/2019
Cognitive Bias Can Hamper Security Decisions
Kelly Sheridan, Staff Editor, Dark Reading,  6/10/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7472
PUBLISHED: 2019-06-15
The "Count per Day" plugin before 3.2.6 for WordPress allows XSS via the wp-admin/?page=cpd_metaboxes daytoshow parameter.
CVE-2019-12839
PUBLISHED: 2019-06-15
In OrangeHRM 4.3.1 and before, there is an input validation error within admin/listMailConfiguration (txtSendmailPath parameter) that allows authenticated attackers to achieve arbitrary command execution.
CVE-2019-12840
PUBLISHED: 2019-06-15
In Webmin through 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi.
CVE-2019-12835
PUBLISHED: 2019-06-15
formats/xml.cpp in Leanify 0.4.3 allows for a controlled out-of-bounds write in xml_memory_writer::write via characters that require escaping.
CVE-2019-12830
PUBLISHED: 2019-06-15
In MyBB before 1.8.21, an attacker can exploit a parsing flaw in the Private Message / Post renderer that leads to [video] BBCode persistent XSS to take over any forum account, aka a nested video MyCode issue.