Archived Webcasts

Log Monitoring Best Practice – Get Beyond the Network Layer (03/09/2010)

A sound log management approach defines what your company needs to monitor and retain in order to satisfy both security and compliance needs. For this reason, it is critical that organizations focus not only on network logs, but also the logs from hosts and applications that support critical business processes. Join SecureWorks as we discuss how to develop a more effective log management strategy that addresses your security and compliance requirements.

Social Media Security (02/23/2010)

Social networking websites are some of the most trafficked sites on the Internet. The increase in popularity and activity of these sites has created new risks to not only individuals but also organizations. The same properties that make these sites attractive communication tools also make them well-suited for malicious activity. Join Ben Feinstein, a Director on SecureWorks' highly regarded research team, the Counter Threat Unit(TM), as he discusses risks and attacks on social networking systems and examples of recent Twitter scams.  Mr. Feinstein has over a decade of experience designing and implementing security-related information systems and extensive expertise in IDS/IPS, digital forensics, incident response and secure messaging.

Cyber Attack Trends in the Financial Industry (02/11/2010)

Tough economic times have resulted in increased security attacks across virtually all industries. Financial institutions are one of the primary targets for cyber attacks and the attacks are increasing in volume and sophistication. For example, the number of banking Trojans like Clampi and Zeus increased nearly 200% in the first half of 2009. Staying informed about the latest threats is a best practice for any security program and will help you protect your organization against cyber attacks. Join SecureWorks VP Jeff Multz, an expert on security risks and defenses in the financial sector, as he discusses the five latest cyber attack methods used by criminals to exfiltrate personal and financial data.

New HIPAA and HITECH Rules: Experts discuss the impact on healthcare firms and business associates (02/02/2010)

Please note we have changed the time of tomorrow's webcast. We will begin at 2 pm EST, not 3 pm as originally communicated. If you are unable to attend the live webcast due to the time change, we will be posting the webcast archive recording on our website approximately 48 hours after the live event. Thank you for your flexibility. We look forward to an interesting webcast.

Enforcement of the HITECH Act begins February 2010. The update added more rigorous data-breach notification requirements and increased penalties for violations. It also extended the compliance requirement to business associates of healthcare organizations. Any organization that handles patient health information, as well as other protected information, is now required to be HIPAA compliant. Join SecureWorks and a panel of HIPAA security experts as we discuss how these new requirements could impact your organization's security policies and practices and what steps the experts recommend for getting and staying compliant.

Panel Members:
Beau Woods, Solutions Architect, SecureWorks Security and Risk Consulting
Sharon Finney, Corporate Data Security Officer, Adventist Health System
Mac McMillan, Consultant
Heather Hilliard, Attorney

Security in a New Era of Threats (01/07/2010)

Podcast

In this podcast, Jon Ramsey, CTO at SecureWorks, addresses an array of security issues currently facing businesses, including security in the cloud, insider attacks, securing mobile devices and how to manage spam and malware. The story of a CEO whose Gmail account was hacked eventually leading to the loss of $1 million will shock you.

The transcript of this podcast is available here.

Best Practices for Windows Log Monitoring (12/10/2009)

Many organizations rely on Windows systems for key business processes and data support, making them a key source of security and compliance information. Monitoring the audit logs across these systems enables you to quickly identify and thwart malicious activity. However, performing effective log monitoring requires the right mix of technology, expertise and resources.  Join SecureWorks as we discuss the right log monitoring approach to help keep your organization efficient and compliant.

Testing and Training – Imperatives for Maintaining a Strong Security Posture (11/19/2009)

By orchestrating proactive security practices, your organization can increase system-wide security and compliance. Penetration tests or "pen tests" are a vital part of this process. By subjecting your system to a simulated real-world attack, you can identify the extent to which your system is vulnerable to an actual determined attack. Another vital part in maintaining a strong security posture is educating your employees about information security; security breaches often occur due to human error and lax attitudes about security procedures. Join SecureWorks as we discuss the Pen Testing Process and Security Awareness Training for all of your company’s employees and your IT staff.

Anatomy of a Web Application Attack: Looking Through the Eyes of an Attacker and an Analyst (11/10/2009)

Web applications, particularly those that handle medical and financial information, are a prime vector of attack. But preventing application attacks requires a different approach from that used to protect against classic network attacks. Join SecureWorks and Imperva – leaders in managed Web security services – for a fascinating look at Web application attacks from the perspective of an attacker as well as from that of a Managed Security Services Provider (MSSP) responsible for defending against them.

Intelligent Intrusion Prevention: Why "human intelligence" is critical to effective IPS (10/15/2009)

An Intrusion Prevention System is only as good as it’s tuning, which is why many financial institutions fail to get optimum protection from their IPS appliances. According to a survey by Infonetics, only 70% of IPS devices are deployed in-line where they can actively block attacks. The industry standard is that only 60% of signature updates are actually applied to IPS devices, leaving financial assets vulnerable and exposed. In this webcast, you will learn how SecureWorks’ iSensor IPS turns the industry standard on its head and provides unmatched protection for financial institutions.  

Elevated Risk: How to Protect Against the Increasing Insider Threat (09/29/2009)

With growing financial pressures, staff reductions and economic uncertainty, the risk of malicious activity by trusted individuals is greater than ever. Join us for a free webcast as we discuss how you can cost-effectively reduce the risk your organization faces from rogue employees, contractors and others with access to sensitive systems and data.

Comprehensive Web App Protection (09/24/2009)

According to Gartner, "80% of organizations will experience an application security incident by 2010." Regulators have also recognized the risk that insecure Web applications pose. Many compliance mandates including PCI, FFIEC, NERC CIP, FISMA and others now require organizations to secure their Web applications and protect them from attack. To protect against Web application threats, organizations must go beyond traditional network defenses. Join us for a free webcast as we discuss how SecureWorks provides businesses with comprehensive security for their Web applications.

Web App Firewall (WAF): Securing Financial Applications and Data (08/20/2009)

Financial institutions rely on Web applications to support key business processes and interact with their customers, partners and employees. However, attackers are increasingly exploiting the vulnerabilities in Web applications to bypass security controls and steal sensitive data. Join our complimentary webcast as we discuss how financial institutions can cost-effectively block Web application threats and secure the applications on their websites.

PCI 6.6: What’s the Best Option for You? (08/04/2009)

Requirement 6.6 of the Payment Card Industry Data Security Standard mandates steps organizations must take to secure their public-facing Web applications. Many companies struggle to comply with section 6.6, despite guidance issued last year by the PCI Security Standards Council. Companies successful in complying are finding an approach that not only satisfies section 6.6, but also enables their organization to run more efficiently and more securely. Join experts from Imperva and SecureWorks as they discuss how enterprises are satisfying PCI 6.6 and safeguarding their web applications.

Elevated Risk: How to Protect Against the Increasing Insider Threat (07/23/2009)

With growing financial pressures, staff reductions and economic uncertainty, the risk of malicious activity by trusted individuals is greater than ever. Join us for a free webcast as we discuss how you can cost-effectively reduce the risk your organization faces from rogue employees, contractors and others with access to sensitive systems and data.

Emerging and Zero-Day Threats: Combating Cybercrime with the Counter Threat Unit(SM) (06/23/2009)

Leveraging a wide array of data sources – including information from across our client base – the Counter Threat Unit (CTU) identifies emerging threats and develops countermeasures to protect against them. Join Don Jackson, Director of Threat Intelligence, as he discusses how Threat Intelligence is gathered, analyzed and used by the CTU to combat cybercrime and safeguard client assets.

Log Management SaaS: A Better Alternative (06/09/2009)

Log Management is a key operational process for security and compliance with regulatory mandates, but many banks face challenges implementing, managing and maintaining the technology required for efficient Log Management. Join us for a free webcast as we discuss Log Management technology and Software-as-a-Service alternatives that help banks overcome Log Management challenges quickly and cost effectively.

Compliance Update: ID Theft Red Flags, PCI and HIPAA (05/19/2009)

The emergence of the FACTA ID Theft Red Flags Rule, updates to the PCI Data Security Standard and the new Administration’s focus on healthcare technology have all shifted the regulatory compliance landscape for companies in the healthcare industry. Join our complimentary webcast as we discuss these issues and best practices for compliance.

Staying Secure in a Down Economy (05/07/2009)

Budget cuts are inevitable during an economic downturn. However, organizations still have to stay ahead of hackers and malicious insiders even while trimming back security spending. This means doing more with less to protect their assets from today’s threats. Join our complimentary webcast as we discuss pragmatic ways that organizations of all sizes can make the most of their security resources.

Log Management SaaS: A Better Alternative (04/28/2009)

Log Management is a key operational process for security and compliance with regulatory mandates, but many credit unions face challenges implementing, managing and maintaining the technology required for efficient Log Management. Join us for a free webcast as we discuss Log Management technology and Software-as-a-Service alternatives that help credit unions overcome Log Management challenges quickly and cost effectively.

Building a Cost-Effective InfoSecurity Program with Security Services (04/07/2009)

When it comes to security, cutting corners can lead to disaster. However, building a strong information security program is no easy task when confronted by growing compliance requirements and shrinking IT budgets. Join our complimentary webcast as we discuss how colleges and universities can take advantage of security services to enhance their security program while making the most of their allocated resources.

Log Management SaaS: A Better Alternative (03/31/2009)

Log Management is a key operational process for security and compliance, but many enterprises face challenges implementing, managing and maintaining the technology required for efficient Log Management. Join us for a free webcast as we discuss Log Management technology and Software-as-a-Service alternatives that help enterprises overcome Log Management challenges quickly and cost effectively.

Virtual Security: Safeguarding Virtual Machines (03/24/2009)

According to Gartner, "Virtualization will transform how IT is managed, what is bought, how it is deployed, how companies plan and how they are charged." Seeking to gain the benefits of virtualization, many utilities are using virtualization now or planning to deploy virtual machines in the near future. Join us for our free webcast as we discuss the security implications of using virtual machines in your environment.

Web Application Security: A Comprehensive Approach (03/10/2009)

Web applications are one of the fastest growing vectors of attack. In fact, over eighty percent of all internet attacks target applications according to Counter Threat Unit^SM analysis of attack data from across SecureWorks’ client base. Join us for our free webcast as we discuss how to secure web applications with a balanced, defense-in-depth approach that minimizes risk.

Vendor Management: You Can't Outsource Risk (02/26/2009)

Vendor Management is a top priority for NCUA examiners this year. According to the FFIEC, "Financial institutions should have a comprehensive outsourcing risk management process to govern their technology service provider (TSP) relationships (FFIEC IT Examination Handbook)." Join our complimentary webcast as we discuss regulatory guidance for managing vendor risk and how you can improve your vendor risk management program.

Managing Third Party Risk and Compliance (02/10/2009)

Tight integration with suppliers, service providers, franchisees and other third parties is essential to success in today’s interconnected business world. However, third parties introduce security and compliance risks that must be managed to protect sensitive information and satisfy regulatory requirements. Join our complimentary webcast as we discuss best practices for managing third party risk and improving your risk management programs.

Vendor Management: You Can't Outsource Risk (01/27/2009)

Vendor Management is a top priority for examiners this year. According to the FFIEC, “Financial institutions should have a comprehensive outsourcing risk management process to govern their technology service provider (TSP) relationships (FFIEC IT Examination Handbook).” Join our complimentary webcast as we discuss regulatory guidance for managing vendor risk and how you can improve your vendor risk management program.

Emergency Procedures: Best Practices for Incident Response (01/15/2009)

Are you prepared to respond during and after a successful attack on your organization? When an incident occurs, how quickly and thoroughly you respond has a major impact on the damage done by hackers or malicious insiders. Join us for our complimentary webcast as we discuss best practices for emergency response to data breaches, internet attacks and other security incidents.

PCI DSS 1.2: Getting on the Path to Compliance (11/18/2008)

The Payment Card Industry Data Security Standard (PCI DSS) version 1.2 is comprised of 12 broad requirements which organizations must meet each year to maintain compliance. As with other regulations and guidelines, PCI DSS compliance cannot be achieved through technology alone. It requires establishing and maintaining a PCI Program that incorporates the appropriate policies, procedures and technology to ensure ongoing compliance through continuous protection of payment card data that is collected, stored or transmitted. Join our free webcast as we discuss how to build a successful PCI Program that will help your organization achieve and maintain compliance with the PCI DSS version 1.2.

Top 5 SIEM Pitfalls: Understanding the Risks (10/28/2008)

Security Information and Event Management (SIEM) is a key operational security process, but many SIEM projects fail due to unforeseen risks that result in higher costs and unmet expectations. Join us for a free webcast as we discuss the top 5 pitfalls enterprises encounter when deploying SIEM and how to avoid them.

Best Practices for Managing Vendor Risk (10/21/2008)

Vendors play a key role in your Bank’s success. However, outside vendors introduce security risks that must be managed to protect sensitive information. Because of this, examiners with the FDIC, OTS, OCC and FRB are increasing their scrutiny on the Vendor Management Programs Banks have in place. Join our complimentary webcast as we discuss best practices for managing vendor risk and meeting FFIEC guidelines for Vendor Management.

Red Flag Update: Developing Your Program (10/16/2008)

Recently, the OTS revealed ID Theft/Red Flag Examination Procedures to assess compliance after the November 1 deadline. These procedures have been agreed upon by each agency and will encompass verification of a comprehensive written Program, periodic identification of covered accounts, appropriate training and effective oversight. Join our complimentary webcast as we discuss what to expect in examinations and how to develop a successful ID Theft/Red Flag Program.

PCI DSS 1.2: What You Need to Know (10/14/2008)

The Payment Card Industry (PCI) Security Standards Council recently announced revisions to the PCI Data Security Standard that will be incorporated into version 1.2 when it is released to the public. Join us for our free webcast as our PCI Qualified Security Assessors (QSAs) discuss the new changes and how they will impact merchants and service providers.

Red Flag Update: Developing Your Program (10/08/2008)

Recently, the OTS revealed ID Theft/Red Flag Examination Procedures to assess compliance after the November 1 deadline. These procedures have been agreed upon by each agency and will encompass verification of a comprehensive written Program, periodic identification of covered accounts, appropriate training and effective oversight. Join our complimentary webcast as we discuss what to expect in examinations and how to develop a successful ID Theft/Red Flag Program.

Best Practices for PCI Compliance (10/07/2008)

The Payment Card Industry Data Security Standard has had a major impact on Universities. After an initial period of uncertainty and inaction towards PCI compliance, many Universities have learned the hard way that PCI compliance is not optional if your institution processes, stores or transmits credit card data. Join our complimentary webcast as we discuss Best Practices for PCI Compliance and how Universities are meeting the requirements.

Aligning Your Security Program with Your Business (09/23/2008)

Understanding the impact of security issues on your business is essential to aligning your security program with business objectives. Recognizing the potential risks to your business processes allows you to prioritize security operations and allocate resources to more effectively manage those risks. In this complimentary webcast, we will discuss best practices for determining the business impact of security risks.

Best Practices for IT Security Compliance (09/16/2008)

Regulations and standards for protecting sensitive data continue to raise the compliance bar for companies providing insurance coverage. Falling under the scope of GLBA, SOX, PCI, HIPAA and other regulations, insurance providers must comply with multiple requirements for securing their networks and data. Join our complimentary webcast as we discuss methods for satisfying key regulations and streamlining the compliance process.

IT Security Triage: Critical Needs for Healthcare (08/19/2008)

Prioritizing critical needs is essential when resources are insufficient to address everything. In IT Security, that means identifying the biggest risks to your IT assets and determining the best way to address them. Join our free webcast as we discuss top IT security needs for healthcare providers and best practices for satisfying those needs in a cost effective fashion.

Red Flag Update (08/12/2008)

Set to go into effect on November 1 of this year, the Red Flag Regulations require Credit Unions to institute an ID theft prevention program to detect common indicators of fraud - a.k.a. "red flags" - in an effort to stem the billions of dollars identity fraud costs businesses and individuals every year. Some organizations have already implemented measures to comply, while many others still have questions about what steps their institution should take. Join our complimentary webcast as we review the Red Flag Regulations and discuss how they have impacted Credit Unions so far.

Building and Sustaining a Security Operations Center (07/29/2008)

Your security team plays a crucial role in securing and maintaining the confidentiality, integrity and availability of your business' IT assets. However, time and resource constraints limit security operations and their effectiveness. Join our free webcast as we discuss best practices for building sustainable security operations that meet your business needs and make the most of your security team.

Red Flag Update (07/17/2008)

In an effort to stem the billions of dollars that identity fraud costs businesses and individuals every year, the Red Flag Regulations require Banks to institute an ID theft prevention program to detect common indicators of fraud - a.k.a. "red flags". Set to go into effect on November 1 of this year, some organizations have already implemented measures to comply with the Red Flag Regulations, while many others still have questions about what steps their institution should take. Join our complimentary webcast as we review the Red Flag Regulations and discuss what Banks are doing to satisfy them.

Security Business Impact Analysis (06/24/2008)

Understanding the impact security has on your business is essential to aligning your security program with business objectives. Recognizing the potential risks to your business processes allows you to prioritize security operations and allocate resources to more effectively manage those risks. However, many organizations experience "disconnects" between their IT security operations and the business processes they protect.

Join our free webcast as we discuss best practices for analyzing your business processes, identifying critical IT assets, determining their relative value and leveraging that information to improve your security program.

Security Landscape for Retailers (06/10/2008)

Attacks on retailers continued to rise in 2007 with cybercriminals taking advantage of new attack vectors and techniques to steal sensitive data. Protecting more than 2,000 organizations from internet threats, SecureWorks has unique insight into the attacks and security trends impacting retailers today. Join our free webcast as we review attack stats and trends from 2007 and provide guidance on how you can protect IT assets in a rapidly changing security landscape.

Making the Most of Your Security Budget (05/20/2008)

With IT spending growth projected to drop substantially this year, organizations will be faced with the challenge of meeting increasing security and compliance requirements without increasing their IT security spending. Join our complimentary webcast as we discuss various ways businesses can protect their IT assets and comply with regulations while making the most of their security dollars.

Security Landscape for Credit Unions (05/06/2008)

Attacks on Credit Unions continued to rise in 2007 with cybercriminals taking advantage of new attack vectors and techniques to steal sensitive financial data. Protecting more than 1,500 financial institutions from internet threats, SecureWorks has unique insight into the attacks and security trends impacting Credit Unions today. Join our free webcast as we review attack stats and trends from 2007 and provide guidance on how you can protect your organization in a rapidly changing security landscape.

Hand in Hand: Security and Compliance (05/01/2008)

SecureWorks' Ted Keniston and Yankee Group's Sandra Palumbo discuss the importance of keeping security and compliance initiatives aligned and working toward the same goals. Listen as they discuss key guidelines, the hottest trends and the relationship between security and compliance. PDF is also available.

PCI DSS Update: SAQ Version 1.1 (04/29/2008)

On February 6, a new Self Assessment Questionnaire (SAQ) was issued by the PCI Security Standards Council. Designed to assist merchants and service providers in evaluating their compliance with the Payment Card Industry Data Security Standard (PCI DSS), the new SAQ version 1.1 is significantly different than the previous version.

After April 30, merchants and service providers will be required to complete and submit a new Self Assessment Questionnaire (SAQ) to validate their compliance with the Payment Card Industry Data Security Standard Version 1.1. Join our complimentary webcast to learn about the new SAQ and understand the impact it will have on your organization.

Securing Your Global Network (04/15/2008)

The demand for global visibility and on-demand production data has led to widely distributed manufacturing networks. By connecting facilities, suppliers and customers to their corporate networks, many manufacturers have leveraged the internet to streamline their operations. However, this has also introduced security concerns that must be addressed. Securing these networks and managing the risks introduced by global facilities and suppliers is a significant challenge.

Join us for a complimentary webcast as we discuss common manufacturing security issues and best practices for protecting your global network.

Security Landscape for Banks (04/08/2008)

Attacks on Banks continued to rise in 2007 with cybercriminals taking advantage of new attack vectors and techniques to steal sensitive financial data. Protecting more than 1,500 financial institutions from internet threats, SecureWorks has unique insight into the attacks and security trends impacting Banks today. Join our free webcast as we review attack stats and trends from 2007 and provide guidance on how you can protect your organization in a rapidly changing security landscape.

Building a Successful PCI Program (03/18/2008)

The Payment Card Industry Data Security Standard (PCI DSS) version 1.1 is comprised of 12 broad requirements which organizations must meet each year to maintain compliance. As with other regulations and guidelines, PCI DSS compliance cannot be achieved through technology alone. It requires establishing and maintaining a PCI Program that incorporates the appropriate policies, procedures and technology to ensure ongoing compliance through continuous protection of payment card data that is collected, stored or transmitted.

A successful PCI Program will help your organization achieve and maintain compliance with the Payment Card Industry Data Security Standard (PCI DSS). In this webcast we will discuss best practices you can use to develop and implement a program for PCI compliance that fits your organization's needs and requirements.

The State of Healthcare IT Security (03/11/2008)

As healthcare providers continue to leverage IT to improve patient care and services, the risk of a data breach grows greater. In response, many providers have recognized the need for better IT security controls around private healthcare information. Join our complimentary webcast as we discuss the state of healthcare IT security and detail best practices being used by many providers to help address their security and compliance requirements.

Security On Demand: SIEM as a Service (02/26/2008)

Making sense of the logs produced by all of the devices on your network is no simple task. Many organizations have purchased Security Information and Event Management (SIEM) platforms to assist in their log monitoring efforts, only to find out that they do not have the resources or knowledge to effectively and efficiently deploy, manage and maintain the technology.

Security Information and Event Management (SIEM) technology offers strong security and compliance benefits by collecting, correlating and analyzing security data from many diverse systems across your network. In this webcast, we will discuss a Software as a Service (SaaS) solution that provides proven SIEM technology on demand and full-featured SIEM solutions deployed as a service - without any management or maintenance burden.

Best Practices for Log Management (02/12/2008)

Coming from devices all over your network, logs are rich with information. But collecting and retaining all of this log data and making sense of it, poses a significant challenge for most enterprises. Millions of logs are generated every day by firewalls, IDS/IPS, routers, switches, servers, databases, applications and other sources, making log management a difficult task.

Fueled by security and compliance requirements, many enterprises are turning to log management technology to ensure compliance and support forensic efforts. In this webcast we will discuss best practices to help you overcome the challenge of collecting, analyzing and retaining millions of logs everyday in an enterprise environment.

Regulators Raise the Bar: Latest FIL (02/05/2008)

In 2008, Credit Unions will find themselves grappling with two major developments from the regulatory bodies. First, the Red Flag rules for Identity Theft Prevention were passed in October and require the development and implementation of a written Identity Theft Prevention Program by November 1, 2008. Second, the FDIC has just issued a letter titled "Information Technology - Risk Management Program." In the FIL the FDIC makes significantly more explicit the examination expectations for Financial Institutions, including requiring commitments from officers similar to Sarbanes-Oxley.

The Information Technology - Risk Management FIL and Red Flag regulations significantly raise the bar for documentation and infrastructure in the financial community. In this webcast we will discuss the impact of these new regulatory tools and how they impact Credit Unions.

Securing SCADA Networks (01/29/2008)

Responsible for monitoring and controlling critical infrastructure processes, SCADA networks are core utility assets. With the recent CIA confirmation of cyber attacks disrupting power equipment and affecting multiple cities, it is clear that SCADA networks must be protected from cyber threats. However, unique protocols and systems make securing SCADA networks a challenge for many utilities. Protecting these vital networks from cyber threats requires a combination of security expertise and in-depth knowledge of the specialized protocols and systems that are a part of SCADA networks.

In this webcast we will discuss how SCADA networks can be secured and protected against cyber threats.

Regulators Raise the Bar: Latest FIL (01/24/2008)

In 2008, Banks will find themselves grappling with two major developments from the regulatory bodies. First, the Red Flag rules for Identity Theft Prevention were passed in October and require the development and implementation of a written Identity Theft Prevention Program by November 1, 2008. Second, the FDIC has just issued a letter titled "Information Technology - Risk Management Program." In the FIL the FDIC makes significantly more explicit the examination expectations for Financial Institutions, including requiring commitments from officers similar to Sarbanes-Oxley.

The Information Technology - Risk Management FIL and Red Flag regulations significantly raise the bar for documentation and infrastructure in the banking community. In this webcast we will discuss the impact of these new regulatory tools and how they impact Banks.

Thinking Beyond the Firewall: How the Next Generation of Internet Threats is Bypassing Traditional Government Defenses (09/14/2006)

The majority of new Internet attacks targeting businesses completely bypass the firewall. Instead, they focus on vulnerable websites and applications. Cross Site Scripting, Cookie Tampering, SQL Injection and File Inclusion are just a few of the new attack methods that bypass firewalls and anti-virus. Join us to learn more about these threats and how you can protect yourself. Click to Access Webcast