Infosecurity Magazine Webinar Week: call for speakers
October 13, 2014 2 Comments
Infosecurity Magazine’s next Webinar Week is in November. I am currently putting together panels for two sessions and am looking for speakers.
Preference is given to CISOs and information security professionals, independent security experts, consultants, analysts and academics. Unfortunately it’s not usually possible to have security vendor spokespeople as guests. Speakers can be in any geography, however.
Please contact me using the form at the end of this post if you’re interested in taking part.
Thursday 13 November – 3pm GMT
Developing a Holistic Approach to Patch Management
Patch management continues to pose a huge challenge for information security practitioners as they grapple with the challenges of prioritising which vulnerability to patch first. Legacy systems, the speed of technological changes, and the sheer number of network devices and applications within an organization make patching a complex, costly and time-consuming task.
This practical webinar will provide attendees with the knowledge they need to develop a robust patch management strategy within their organization and integrate it into their wider security controls.
- Discover how to integrate patch management into an information security and vulnerability management strategy
- Understand how to evaluate vulnerabilities, prioritise patches and determine the timing of patch deployment
- Dissect the compliance requirements related to patch management and how to meet these standards
- Gain techniques and tactics to acquire, verify and audit patches
Friday 14 November – 3pm GMT
Cybersecurity Intelligence Sharing: Facilitating Breach Disclosure and Collaboration
As cybercrime outstrips the information security profession’s ability to tackle it, the need for increased collaboration between enterprises, governments and organizations has never been more important.
Actionable intelligence on current and future attacks is critical if organizations are going to be able develop effective risk mitigation tactics. The challenges to open collaboration are significant however, as organizations fear losing their competitive advantage, and governments fear national security. The lack of incentives to share information is also an inhibitor, as is the lack of a framework and common terminology. Whilst many informal information sharing networks exist between peers and colleagues, this has limited value for the sector as a whole.
As cybersecurity risks increase, how can governments, enterprises and organizations work together to share information that will arm them with actionable intelligence that will enable them to tackle their cyber-adversaries? There are some calls for mandatory reporting. In the EU it is already mandatory for communications providers to report breaches, with the planned EU General Data Protection Regulation including a 24 hour breach notification clause. In the US, there there some disclosure laws, but they remain inconsistent. Does mandatory breach disclosure mean that the lessons learned will be disseminated to other organizations that can then benefit from them?
During this panel the speakers will look at how government, enterprises and organizations can co-operate to enable cybersecurity intelligence sharing.
- Analyse the key challenges to cybersecurity collaboration and co-operation and how to overcome them
- Understand the lessons that can be learned from the aviation and health sectors regarding incident reporting
- Determine what a best practice framework for intelligence sharing would look like and a roadmap for industry to work towards this