Better cybersecurity log management: Data backups are sent offsite, why aren’t most security logs?
It takes an average of 256 days to identify and contain a breach. So why do we typically only retain 90 days of security log data? How can you find IoC in your environment many months ago? Discover how a cloud System of Record (SoR) gives you the advantage with extensive backwards cover and end-to-end timeline visibility.
Recorded on: Monday 27th September 2021
Spear phishing in 2021: Why organisations need new methods to combat new tricks
Phishing is a threat most security leaders are concerned about. Not only are attacks frequent, time-consuming to investigate, and expensive to recover from, but solutions such as SEGs and native tools aren’t enough. With 2m malicious emails managing to bypass ‘robust’ security controls over one year, we need new ways to defend against this evolving threat.
Recorded on: Friday 24th September 2021
Interactive ransomware cyber crisis simulation
Would you make the crucial decisions needed after a ransomware attack to save your organisation’s operations and reputation? Play along in this simulation to find out how you would fare as a key member of the Incident Response team. Will you pay the ransom? There’s only one way to find out…
Recorded on: Monday 20th September 2021
Exclusive preview of the new National Cyber Resilience Group - the flagship UK policing project that needs you!
Ahead of the formal launch in October, SASIG is delighted to have an insight into a new policing project. Not-for-profit cyber resilience centres have successfully brought together police and private sector companies – now a national company will launch in October. Join us to discover the organisation’s plans.
Recorded on: Monday 6th September 2021
REvil Kaseya ransomware attack: What you need to know
Last weekend, the REvil ransomare gang exploited a vulnerability in Kaseya VSA, effectively distributing ransomware downstream to hundreds of organisations. Join us to learn how the group was able to execute this supply chain attack and how to find out if you are at risk. We’ll also give you practical mitigation and recovery steps.
Recorded on: Friday 16th July 2021
What is threat hunting? Why you need it, and how to make it easy for your analysts
Cybersecurity often feels like a game of cat and mouse. Just as a solution gets close to preventing an attack, the adversaries change their techniques. With threats going undetected by traditional security tools and lurking in networks for months, threat hunting means no more waiting around for that dreaded alert.
Recorded on: Tuesday 6th July 2021
Practical use of security awareness training
A look at the recently discovered Carbanak APT group and their infection process with the people who discovered it. We use this as a base to discuss the how and why security awareness training provides an important part to play in preventing such sophisticated attacks.
Recorded on: Wednesday 30th June 2021
Take a walk on the DarkSide: A pipeline cyber crisis simulation
Do you have the tools, skills, and staffing needed to prevent a ransomware attack threatening national industrial infrastructure? Join this interactive webinar to see the impact of a major cyber breach first-hand and discover whether your incident response strategies and tactics can bring the situation under control…
Recorded on: Tuesday 15th June 2021
Authors of their own misfortune: Accidental managers and the onset of crisis
The term crisis is often used incorrectly and invariably applied to high profile and catastrophic events. So is it a crisis when managers embed the vulnerability for failure within the very systems and processes they are meant to manage? This presentation explores what happens when management theory and practice hit the fan!
Recorded on: Monday 7th June 2021
Embedding incident response and the relevance of awareness training
As anyone who has suffered a breach will testify, speed is of the essence when you need to minimise the consequences and reassert control. Join us to learn how giving your people the proper awareness training improves your defences and buys you time when you’re at panic stations.
Recorded on: Tuesday 1st June 2021
Seeing beyond the obvious: Why rigor AND due diligence are vital in vulnerability management
Traditional methods of scanning and patching are rigorous and leave gaps in vulnerability management. To yield complete results, these methods must include exposure analysis which pinpoints exposed vulnerabilities on important assets. Join us to learn how this method drives due diligence, improves SLAs and reduces operational inefficiencies.
Recorded on: Wednesday 19th May 2021
Incident response 101
You can never guarantee you won’t be breached, so do you have all the right personnel and procedures in place to deal with n incident? Join us to learn the key stages of responding to a cyber security incident and how to prepare an incident response plan. We’ll also talk you through who is responsible for each step.
Recorded on: Tuesday 18th May 2021
Building cyber community engagement through the CyberScotland Partnership
Join us for an outline of Scotland’s approach to creating the right conditions for a cyber resilient nation. Explore the partnership’s role in supporting delivery of the strategic framework for a cyber resilient Scotland and the success of CyberScotland Week, as well as some of its other current projects.
Recorded on: Monday 17th May 2021
Insider threats: An interactive crisis simulation
Join us to experience the impact of an insider compromise first-hand. This interactive webinar will throw attendees into an emerging insider threat simulation taking place at a fictional pharmaceutical company. Use your decision-making skills to find the insider threat, manage the growing crisis, and prevent the loss of potentially billions of dollars.
Recorded on: Monday 26th April 2021
Are you ready to tackle IR in cloud and hybrid environments?
Cloud and hybrid environments are unique and present challenges to classic incident readiness methodologies. Join us for an interactive session where you will learn about IR, the activities that will empower your organisation’s ability to manage real incidents when they occur, and frameworks for review and action.
Recorded on: Monday 15th March 2021
The three Cs of avoiding the security heebie-jeebies
Attackers are becoming more adaptable and capable, and their ingenuity coupled with the increased threats makes a CISO’s role more complicated. Security incidents are now inevitable where complex environments and inventive attacks collide. Join us to learn why traditional approaches are no longer effective and the importance of automation in response.
Recorded on: Monday 1st March 2021
Looking at cyber recovery: The chicken or the egg dilemma
Traditionally, organisations are focussed on defences, but given the likelihood of a successful attack, having the ability to recover quickly should also be a key consideration. Join us for this session, as Charlie and Richard explore cyber recovery and why it has become a vital component of cyber resilience, based on the growing number of ransom-based attacks.
Recorded on: Thursday 17th December 2020
Developing a playbook for corporate communications after a data breach
After a data breach, getting communications right can make a significant difference in public perceptions and ultimately, a company’s bottom line. This talk presents a new, freely available playbook to support organisations through this process, which is based on case studies, research and interviews with senior security and crisis response professionals.
Recorded on: Monday 23rd November 2020
To remediate or not to remediate? That is THE question
The single most heated conversation during every incident response is around remediation: When, what, how - and should we? We analyse this from different angles to understand how to best deal with it depending on the specific context of the breach you’re dealing with. We’ll also look at the key impacts upon a business and conveying the rationale to the board.
Recorded on: Friday 16th October 2020
Coping strategies from an F-14 Fighter Pilot to help with today’s extreme situations
How do we safeguard our organisation from a technological or reputational crisis? In an emergency, the public relies on the police, fire and the military, trained to deal with stress and complexity. Trained as an F-14 Pilot for the US Navy, Rob shares more of his tips, tricks and war stories that we can all learn from, relating them to our current situation.
Recorded on: Wednesday 7th October 2020
Coping strategies from an F-14 Fighter Pilot
How do we safeguard our organisation in a crisis, whether it be technological or reputational? In an emergency, the public relies on the police, fire, trauma surgeons and the military, trained to deal with stress and complexity. Trained as an F-14 Pilot for the US Navy, Rob shares some tips, tricks and war stories with us that all of us can learn from, relating them to this new world we live in.
Recorded on: Monday 10th August 2020
'Oh crisis, what art thou?': The nature and characteristics of crisis
A crisis event is composed of different but interlinked phases. The attributes are often 'incubated' into an organisation's processes, and it's this vulnerability that moves a company away from what is was designed. We explore the three phases of crisis, highlighting points of intervention for managers... before the proverbial hits the fan.
Recorded on: Friday 24th April 2020
The anatomy of a ransomware attack, and how to protect your organisation
Ransomware and extortion hacks are now one of the most common forms of cybercrime, carried out by well organised gangs. Leading experts from DLA Piper and SRM-inform will take us through the types of vulnerabilities that are exploited, how to successfully navigate such attacks, and the key decisions victims need to make in their investigations.
Recorded on: Friday 17th April 2020
Sharing knowledge about cybersecurity incidents
There has been a significant increase in phishing attacks and online scams since the Covid-19 crisis started, preying on fear and uncertainty. The rise in home working from insecure locations over potentially unsafe networks has added to the danger. We'll consider models for establishing levels of trust between organisations, lessons-learned from incidents, and how we can socialise them quickly.
Recorded on: Monday 6th April 2020
Incident response: Hunting and detecting the latest threats
While IT teams are rushing to ensure users can work remotely, it’s business as usual for attackers. Varonis are currently seeing the highest number of VPN and Office 365 incidents ever. So join us in this session to discover what attacks are widespread right now and how you can successfully detect and respond to the latest incidents.