Overcoming Cloud & Security Challenges

Join BSI for a webinar where we’ll explore findings from the 2019 State of the Phish Report by our partner, Proofpoint. It provides the data-driven intelligence you and your team need to manage end-user risk more effectively within your organization. In this webinar, we will explore data related to the following: Tens of millions of simulated phishing emails: Analysis of tens of millions of simulated phishing emails sent to end users over a 12-month period. 16 industries: Comparisons of activities and results from organizations and their employees across 16 industries. Nearly 15,000 survey responses from infosec professionals: Responses reveal the challenges they are facing, their views of the threat landscape, and the actions they’re taking to fend off phishing attacks.

When usernames and passwords are compromised in a data breach, the consequences extend far beyond the victim organization due to rampant password reuse. For this reason, NIST recently recommended that organizations check users’ credentials against a set of known compromised passwords. However, by patroning dark web forums and paying for spilled credentials, enterprises indirectly support the criminal ecosystem. Furthermore, attackers often don’t publicly post stolen data until months or years after the breach, if at all. Is there a better way to follow NIST guidelines and protect users from account takeover? Join Justin Richer, co-author of NIST Digital Identity Guidelines 800-63B, and Gautam Agarwal, Shape's Senior Director of Product Management, for a lively discussion on NIST’s password recommendations and how best to prevent account takeover fraud at your organization.

The Domain Name System (DNS) plays a critical role in modern network connectivity. Unfortunately, it is also a central part of many cyber-attacks as DNS is involved in more than 90% of malware/ransomware and nearly half of all data exfiltration incidents. So how exactly how do cyber-criminals use DNS to carry out attacks? In this webinar we will examine the many ways cybercriminals exploit the unique properties of DNS.

The MITRE ATT&CK framework is quickly growing in popularity as an effective method to get on the offense of threat detection and response. In this webinar, presenters go beyond definitions and demonstrate how to apply the MITRE ATT&CK framework to your security monitoring. Paul Asadoorian and Matt Alderman of Security Weekly provide an overview of the MITRE ATT&CK framework, discuss how to prioritize the capabilities of the framework, and review some of the existing open source tools for testing/mapping to MITRE.