From little acorns grow mighty oaks: Why small behavioural changes lead to significant risk reduction
The links between security behaviours and risks are not always clear. Knowing how different behaviours affect risks gives us clarity, allowing us to design focussed approaches and measure the results. Learn how to use open-source tools to identify and prioritise security behaviours.
Recorded on: Thursday 3rd June 2021
Cybersecurity metrics (part 2): The value of strategic intelligence
When it comes to cybersecurity, you have to be right every time; yet malicious actors only have to be right once. Threats cannot be eliminated completely, but they can be prevented with the right precautions. Discover how macro changes can reduce risk, why a good security function needs high-quality intelligence, and how intelligence is like a moving tanker.
Recorded on: Wednesday 26th May 2021
Seeing beyond the obvious: Why rigor AND due diligence are vital in vulnerability management
Traditional methods of scanning and patching are rigorous and leave gaps in vulnerability management. To yield complete results, these methods must include exposure analysis which pinpoints exposed vulnerabilities on important assets. Join us to learn how this method drives due diligence, improves SLAs and reduces operational inefficiencies.
Recorded on: Wednesday 19th May 2021
Cybersecurity metrics (part 1): The good, the bad, and the ugly
In this first session from Secrutiny and SentinelOne, we delve into the purpose of good metrics, the golden rules of measuring what matters, examples of good and bad metrics, and the best methods of presenting findings to the board. We also discuss why we are more like Formula One race drivers than you think…
Recorded on: Tuesday 11th May 2021
Anonymisation – Is it a double-edged sword?
How often do we believe our data has been anonymised, when it hasn’t? We discuss how the research value of data sets is retained while personal information is removed, and the associated legal requirements. Anonymisation has been critical to research, especially in the fight against Covid-19, but how does it work? And can we trust the process?
Recorded on: Thursday 8th April 2021
Cyber readiness: Attacks don’t happen on paper, so why measure human capability that way?
So why do we still measure skills on paper? This session will challenge traditional training methods and explore how organisations can equip teams with useful expertise and utilise gamification in skills development. You will also see unique approaches to mapping human capabilities when they face evolving threats and adversaries.
Recorded on: Wednesday 17th February 2021
SASIG Metrics Academy Session 1 - Meaningful metrics (part 1): Why and how data is changing the way we manage human cyber risk
Join us for the first session in our four-part Metrics Academy series. The ‘security awareness’ space is evolving. Rapidly. So what has changed? And why? Find out how metrics, data and reporting have evolved cybersecurity from simple compliance to human-focussed risk management. This interactive session will include a panel discussion and workshop.
Recorded on: Friday 5th February 2021
Using the MITRE ATT&CK framework to drive risk remediation programs and mitigate cyber attacks
This webinar explores the value and utility of the MITRE ATT&CK framework - a globally accessible knowledgebase of adversary tactics and techniques. Learn how to leverage the MITRE framework to assess your cyber maturity against security standards and define a prioritised roadmap for addressing critical gaps in your security, based on common, high-frequency tactics and techniques.