Better cybersecurity log management: Data backups are sent offsite, why aren’t most security logs?
It takes an average of 256 days to identify and contain a breach. So why do we typically only retain 90 days of security log data? How can you find IoC in your environment many months ago? Discover how a cloud System of Record (SoR) gives you the advantage with extensive backwards cover and end-to-end timeline visibility.
Recorded on: Monday 27th September 2021
Spear phishing in 2021: Why organisations need new methods to combat new tricks
Phishing is a threat most security leaders are concerned about. Not only are attacks frequent, time-consuming to investigate, and expensive to recover from, but solutions such as SEGs and native tools aren’t enough. With 2m malicious emails managing to bypass ‘robust’ security controls over one year, we need new ways to defend against this evolving threat.
Recorded on: Friday 24th September 2021
The evolution and commoditisation of the cybercriminal ecosystem
We explore how cybercriminal communities have evolved to become more professional and commoditised over time and what this means for organisations today, including the amplified threat posed by cybercrime and ransomware operations. Watch to gain an understanding of not just how cybercrime has matured, but also what to do about it.
Recorded on: Wednesday 22nd September 2021
Interactive ransomware cyber crisis simulation
Would you make the crucial decisions needed after a ransomware attack to save your organisation’s operations and reputation? Play along in this simulation to find out how you would fare as a key member of the Incident Response team. Will you pay the ransom? There’s only one way to find out…
Recorded on: Monday 20th September 2021
Supply chain attacks are the new high-water mark of attacks
Attackers will always choose the easiest path most likely to succeed. And which is a target more likely to open – the unknown email with an attachment, or an invoice from a known and trusted supplier? We analyse some of the most prominent recent supply chain attacks and share how to combat them.
Recorded on: Friday 17th September 2021
Exclusive preview of the new National Cyber Resilience Group - the flagship UK policing project that needs you!
Ahead of the formal launch in October, SASIG is delighted to have an insight into a new policing project. Not-for-profit cyber resilience centres have successfully brought together police and private sector companies – now a national company will launch in October. Join us to discover the organisation’s plans.
Recorded on: Monday 6th September 2021
4 steps to navigating insider risk
With the massive shift to remote working in 2020, organisations have been racing to rethink their security programs to manage the risk from within as well as guard from external attacks. This webinar explores the unique risk of insider threats and show you the 4 steps you can take to protect your organisation.
Recorded on: Tuesday 27th July 2021
REvil Kaseya ransomware attack: What you need to know
Last weekend, the REvil ransomare gang exploited a vulnerability in Kaseya VSA, effectively distributing ransomware downstream to hundreds of organisations. Join us to learn how the group was able to execute this supply chain attack and how to find out if you are at risk. We’ll also give you practical mitigation and recovery steps.
Recorded on: Friday 16th July 2021
Hacking the golf course
Organisations often forget that physical and cyber security are linked. Jake is used to hacking up the golf course with his 8 iron, but join us to hear how he recently used his other hacking skills to pen-test a golf club. The results are mind-blowing and even comical!
Recorded on: Thursday 15th July 2021
What is the Metropolitan Police Cyber Choices Team?
The Metropolitan Police Cyber Choices programme is designed to reduce cybercrime by working with individuals who may be vulnerable to it. They promote legal and ethical cyber opportunities to divert people away from crime and encourage them to make informed decisions. Learn more about the important work this team does.
Recorded on: Tuesday 13th July 2021
What is threat hunting? Why you need it, and how to make it easy for your analysts
Cybersecurity often feels like a game of cat and mouse. Just as a solution gets close to preventing an attack, the adversaries change their techniques. With threats going undetected by traditional security tools and lurking in networks for months, threat hunting means no more waiting around for that dreaded alert.
Recorded on: Tuesday 6th July 2021
Do video games really breed hackers?
We explore how the online wild west of gaming seemingly escalates young gamers from simple cheat codes to full-scale DDoS attacks and state-sponsored espionage. Join us to discuss whether cheating at a video game encourages young people to become hackers, or if hackers just happen to like playing video games…
Recorded on: Monday 5th July 2021
EDR/NDR/XDR/WTFDR - Confused?
So were we. Come join us and learn the difference. With every vendor having a ‘Detection & Response’ story, we hope to explain the differences, remove the fog, and identify the gaps and therefore the blind spots. Is EDR/NDR really a quick fix alternative to fully functioning SIEM/SOC deployment?
Recorded on: Wednesday 31st March 2021
Dark Halo and M365: How Microsoft helped attackers hide in plain sight
Microsoft 365 is the latest major attack vector. Misconfigurations are now a favoured channel for unauthorised use of identities and access to data without alerting security teams. We look at why M365 is fast becoming the target, recent breaches of M365 (including the Dark Halo breach), and what we need to do to detect and mitigate the risk.
Recorded on: Monday 29th March 2021
Threat hunting in the real world and how attackers avoid endpoints
Cybercriminals constantly evolve their tactics to avoid detection. Join us for two webinars in one – First we demonstrate how attackers avoid your endpoints and detection. Learn how to identify attacks and defend against them. We also look at creating a threat hunting programme, the key processes needed and the challenges you will face.
Recorded on: Wednesday 10th March 2021
Domain Trust: Building trust in the domain name ecosystem
Thousands of criminal domains are registered every day. Domain Trust provides high quality, large-scale data sets on these suspected malicious domains and provides intelligence to allow further action: investigation, suspension, or disablement. Join us to hear more from GCA about the issue, the platform, the partners, and the impact of Domain Trust.
Recorded on: Monday 8th March 2021
Cyber Attack Lab live demonstration – Malware, C&C, and DNS exfiltration
A live malware attack demonstration also featuring C&C and DNS exfiltration. The demo starts with convincing a user to open an infected document, establishing a connection to the network, then stealing top-secret data. You’ll also learn how to run a fast and conclusive investigation – without wasting hours stitching logs or running reports.
Recorded on: Tuesday 2nd March 2021
The world of the expert witness and how to interact with them
In IT-related litigation - civil and criminal - the courts and participants often require experts to investigate, analyse and explain. Indeed, you may need to employ them. So join us as Peter explains the rules that you and the experts must follow, and that you should understand. Learn about the actual experience of interacting with them from real cases.
Recorded on: Wednesday 16th December 2020
The Police Cyber Alarm: Giving police real-time threat data, so organisations protect themselves
Policing lacks the true picture of the scale, nature and impact of cybercrime on business in the UK. We learn how policing is moving into the machine learning world with the Police Cyber Alarm. This provides police with real-time data on suspicious activity and attacks. Law enforcement can locate and pursue criminals, advising organisations on how to protect themselves.
Recorded on: Tuesday 8th September 2020
A cornucopia of cybersecurity good news
Gain insight into excellent cybersecurity initiatives, including: The Cyber Security Body of Knowledge, providing knowledge from international experts; The Cyber Helpline, giving free, expert advice to cybercrime victims; The Metropolitan Police Cyber Choices Team, educating and deterring individuals from cybercrime; and the Deciphering the Cyber Market platform, bringing users and vendors together.
Recorded on: Monday 17th August 2020
As the world transformed in the face of a global pandemic, how did hackers of all stripes react?
While there have been many attention-grabbing headlines about the rise of cybercrime during the coronavirus pandemic, most proved to be wide of the mark. We are delighted for Geoff to join us as he takes us behind the hyperbole, with a fascinating cybercrime story of how the different groups that make up today's cyber threat responded to the global pandemic.