Posts Tagged ‘Webinars’
As I sat down to watch the new James Bond film with my usual supplies of fizzy drinks and sugary sweets, I was very surprised when he decided to take on the cyber terrorist at large and solve the problem single-handedly, physically and without the need for a Security product in sight!
Of course we don’t all have our a secret agent in our organization, driving around eradicating danger. However, security teams can prepare and have clear flexible strategies in place to reduce risk on their network.
The premise of the film (spoiler alert) is a cyber terrorist getting into the British Secret Service network undetected and causing harm to key personnel. The clever methods used to infiltrate the network highlight what is happening on a daily basis to security teams globally, and though a great film, probably made many security personnel squirm slightly in their chairs when seeing the consequences that could occur!
From internal constraints to the rise of Advanced Persistent Threats (an ESG research report highlighted that 59% of enterprise organizations think they have been a target of on APT attack), the role of the security team is becoming ever more complex. The requirement for a clear security strategy, which is able to adapt and be flexible to an organization evolving needs, is vital.
In an exclusive webcast with Dark Reading on 12/13/2012 at 1200 ET Q1 Labs very own James Bond, Michael Applebaum and Jon Oltsik, Senior Principal Analyst at ESG will be presenting “Information Security in Transition: Top things to consider in 2013”. In this must attend event there will be recommendations on how to improve your organizations’ information security model and importantly key issues that you are likely to face in 2013.
If you don’t want to wait for our webcast to get this information, please download Jon Oltsik’s report “Enterprise Information Security in Transition”.
With due deference to Oscar Wilde, companies are becoming increasingly ‘earnest’ in their approach to gaining greater intelligence about their security posture.
Media headlines have shown us over the past couple of years that there is an ever-increasing number of security breaches, and what has surprised many security experts is the variety and sophistication of these attacks.
The targeting of specific individuals and groups within an organization; aimed at compromising confidential information has led to security being not just an ad hoc topic in the boardroom but a “top of the agenda” discussion point.
The recent study “Finding a strategic voice” by IBM Center for Applied Insights revealed that over 2/3 of the security leaders interviewed, said their senior execs are paying more attention to security than two years ago and that there is an increased shift towards risk management, meaning organizations are focusing on being more proactive than reactive.
An interesting statistic by EU Justice Commissioner, Viviane Reading, at the Digital Life Design (DLD) conference in Munich Jan 2012, backed the importance of data protection: “In 1993, the Internet carried only 1% of all telecommunicated information. Today, the figure has risen to more than 97%”. This just shows how much easier it is for hacktivists to harness information and plan targeted attacks on a certain individuals online profile.
The need for long-term security strategies that allow organizations to harness their volumes of security-relevant information, has become ever more crucial. We call the product of these strategies ‘security intelligence’.
To help aid your organizations security strategy and provide learn real-world lessons about applying Security Intelligence and next-generation SIEM for threat protection, forensics and network visibility, Q1 Labs, an IBM Company, has two webcasts that you should attend:
Dark Reading Webcast:
“Gaining Insight and Visibility with Next-Generation SIEM: An End User Perspective”
12th September 1200-1300 ET
SC MAG UK Webcast:
“Avoiding the front page; Security strategies to stay out of the headlines”
26th September 1500-1600 GMT (1000-1100 ET)
Borrowing a line from Oscar Wilde’s immortal play: “To miss one of these webinars would be considered unfortunate, to miss both would be downright careless!”
Government agencies, like their private sector brethren, are knee deep in IT security challenges, threats, and regulations. While that’s not much of a shock, this might be – according to the Government Accountability Office, the number of reported security incidents increased by over 650 percent during fiscal years 2006–2010. At the same time, government agencies have widespread deficiencies in security controls, leading to vulnerabilities undetected breaches, and insider fraud.
To help meet these challenges, the federal government is implementing a risk-based IT security strategy based on deploying enterprise continuous monitoring solutions. These solutions will continually assess the actual security state of agencies’ IT networks and systems, while providing scoring information that managers can use to prioritize actions needed to reduce risk and improve their security grades. Continuous monitoring will enable agencies to determine their own security health and compare it to other agencies. Scoring will also allow the different lines of business within an agency to more effectively work together, while enabling agencies to gain the same operating efficiencies from IT investments that Fortune 500 companies have realized.
Recently, along with our friends at 1105 Media and partner Accuvant, we discussed the importance of continuous monitoring and related steps agencies should take while approaching it. Security intelligence plays a critical role in achieving continuous monitoring because of its ability to centralize information into a single console from various data sources.
Most importantly, we talked about how many government agencies are successfully addressing previously disparate functions — including SIEM, risk management, log management, and network behavior analytics — into a total security intelligence solution that fits the constrained budgets and resources of government agencies. The QRadar Security Intelligence Platform enables our customers to leverage existing assets, stabilize budgets, and easily comply with new mandates while maintaining a proactive stance on risk management and security.
If you missed the webinar, or just want to revisit it, watch the whole thing HERE. For a deeper look at how security intelligence helps federal agencies adopt a continuous monitoring security program without requiring additional resources, download this white paper.
Welcome to the final part of our “customer use perspective” series, where one of our biggest retail customers talks about using network flow data to add a whole new dimension to their security posture. When we talk about network flow, it’s not limited to the typical formats – i.e. NetFlow, J-Flow and sFlow. While standard network flow is useful for establishing a general understanding of network conversations, it doesn’t provide deep visibility into network activity beyond basic network characteristics such as IP address and protocol transport.
To help fill this gap, there is QRadar QFlow, which provides Layer 7 visibility (application layer) and stateful classification of applications and protocols such as voice over IP (VoIP), social media, ERP, database, and thousands of other protocols and applications. While this information is powerful on its own, it becomes extremely useful when correlated with network and security events as part of a SIEM and Log Management solution.
Watch the clip to hear how our customer is using QRadar QFlow in their environment:
What can you do with QRadar QFlow?
- Detect zero-day threats through traffic profiling
- Comply with policy and regulatory mandates via deep analysis of application data and protocols
- Monitor social media traffic
- Advanced incident analysis via correlation of flow and event data
- Continuous profiling of assets
Learn more about QRadar QFlow and be sure to listen to the full webcast to hear more about how our customer is utilizing the QRadar Security Intelligence Platform to help meet compliance regulations, centralize logs, correlate network events, and detect anomalies that other solutions might miss.
Welcome to the fourth installment of our latest “customer use perspective” series, featuring a large Q1 Labs customer who is a well known luxury brand in the retail industry. If you missed the first three, you can find them all here.
In this part of the series, our customer covers a few tips, tricks, and best practices when rolling out QRadar.
Below are a few of the high-level topics addressed by our customer, and a synopsis of their thoughts on each.
After you install the appliances, progress through interactive startup menu, setup IP addresses, DNS entries, etc., have your network hierarchy ready to go before roll-out for a quicker deployment.
Specific to reporting, there are a number of preset templates. However, it’s simple to create a report on any type of data you want to focus on.
Tech support will help you tweak and tune your installation, whether it’s via phone and/or via a secure tunnel. Our customer greatly appreciated the secure tunneling to get their request completed as fast as possible.
The last part of this series will wrap up with a focus on network flow, which can vastly improve your ability to detect anomalies. Until then, watch the first three videos in the series and check out the full on-demand webinar.