The Pesky Password Problem: How Hackers and Defenders Battle for Your Network Control

KnowBe4

What really makes a “strong” password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about your authentication methods? In this unique webinar you will learn about the recent NIST controversy and related password cracking problems. The “combatants” will be on the one side KnowBe4's Chief Hacking Officer, Kevin Mitnick with decades of first-hand “red-side” penetration testing experience, and on the other side Roger Grimes, KnowBe4's Data-Driven Defense Evangelist with decades of experience on the blue team.
Watch Now

Spotlight

"We’ve all seen the reports about what goes wrong when proper controls are not implemented while storing and transferring data.  Large enterprises face messy notifications, customer dissatisfaction and, in many cases large fines.  In fact, a data breach in the U.S. comes with an average price tag of $5.5 million, according to a 2011 Ponemon Institute study. 

This paper from Imation Mobile Security explains when compliance alone may not offer the protection enterprises need to prevent data breaches that can cost millions of dollars, inflict untold damage to corporate brands and customer relationships, and invite weeks or months of negative publicity.

The paper pays special attention to the difference between FIPS 140-2 Level 2, a standard of protection that meets the vast majority of compliance requirements, and FIPS 140-2 Level 3, a significantly higher level of protection designed to put sensitive data beyond the reach of a much larger population of hackers and thieves."

OTHER ON-DEMAND WEBINARS

Playbook For Defending Your Network And Reducing The Risk Of A Cyberattack

Cybersecurity Ventures

When was the last time you had a breach? Are you sure? Today’s attackers are remarkably sophisticated—and can lie in wait for months before you even notice their presence. Here’s the hard truth: if you haven’t detected an attack/compromise in the last 12 months, it is NOT because it’s not happening – it’s because you’re not looking in the right places. A compromise in your network is inevitable – if it isn’t already happening now, it will soon. Given that 100% security simply doesn’t exist, what can you do to control and minimize the damage from attacks? In this previously recorded webinar, my firm will provide a playbook for approaching organizational security from this perspective. You’ll learn how a proper foundation for security is key, followed by proactive threat hunting and active defense.
Watch Now

Attack Tactics 6! Return of the Blue Team

Black Hills Information Security

In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed in Attack Tactics Part 5. Introduction, password spray toolkit, account lockout, honey accounts, canary tokens, and two factor authorization. fixthefuture , two factor authorization, dumping global address lists, mailsniper 20:30 Lateral movement, OWA, VPN, SSH. Scanning and enumeration, Nmap, SSH Brute Force, “Find Open”, LLMNR, LLMNR Responder, and NrlmRelayX.
Watch Now

Understanding privacy regulations and compliance

Baker Tilly

Data is among an organization’s most valuable assets. Its management and protection should be viewed as a mission-critical stewardship rather than mere compliance. Larger and more costly cybersecurity incidents coincide with annually increasing regulatory and liability pressures. Looming U.S. privacy legislation on the horizon coupled with the General Data Protection Regulation’s impacts (Google recently received a $57 million fine), intensifies pressure on organizations to understand their legal compliance obligations and to safeguard private information.
Watch Now

The Key Privileged Access and Security Implications of Granting Third-Party Vendor Access

BeyondTrust

Several different remote access solutions are built into Microsoft Windows to extend third-party vendors access to your systems. In this webinar, Windows and IT security expert Russell Smith weighs in on the pros and cons of using virtual private networks (VPNs), Workplace Join, Remote Desktop Services, and Web Application Proxy to provide third-party remote access.
Watch Now

Spotlight

"We’ve all seen the reports about what goes wrong when proper controls are not implemented while storing and transferring data.  Large enterprises face messy notifications, customer dissatisfaction and, in many cases large fines.  In fact, a data breach in the U.S. comes with an average price tag of $5.5 million, according to a 2011 Ponemon Institute study. 

This paper from Imation Mobile Security explains when compliance alone may not offer the protection enterprises need to prevent data breaches that can cost millions of dollars, inflict untold damage to corporate brands and customer relationships, and invite weeks or months of negative publicity.

The paper pays special attention to the difference between FIPS 140-2 Level 2, a standard of protection that meets the vast majority of compliance requirements, and FIPS 140-2 Level 3, a significantly higher level of protection designed to put sensitive data beyond the reach of a much larger population of hackers and thieves."

resources