Oh Behave! The Annual Cybersecurity Attitudes and Behaviors Report 2021
It’s widely recognised that the human aspect of cybersecurity is critical but not well understood. The empirical evidence is limited. In a first-of-its-kind project, user security behaviours and attitudes have been examined with scientific rigor. Join us to discover and explore the key findings.
Recorded on: Friday 15th October 2021
Is psychological safety the missing link to successful security initiatives?
Have you ever considered how your organisation's ability to create and maintain a psychologically safe environment – where employees know they will not be punished or humiliated for speaking up – can impact your security initiatives? Discover how to take these principles forward and create successful initiatives.
Recorded on: Monday 11th October 2021
When we can’t protect everyone all the time, who gets the Kevlar jacket?
With so many people and limited resources, it can be difficult to focus our attention and prioritise the right risks. We discuss the ways to identify users who are imminent targets and those who pose a high risk, and how to address the needs of different groups based on their profile – in a timely fashion.
Recorded on: Wednesday 6th October 2021
Why you should include suppliers in your security risk assessments
Supply chain attacks have increased in frequency and severity in recent years and even months, but what makes these attacks different from other cyber attacks? And what do they mean for our businesses? Learn how to manage your supply chain risks and the precautions corporations can take.
Recorded on: Friday 1st October 2021
Spear phishing in 2021: Why organisations need new methods to combat new tricks
Phishing is a threat most security leaders are concerned about. Not only are attacks frequent, time-consuming to investigate, and expensive to recover from, but solutions such as SEGs and native tools aren’t enough. With 2m malicious emails managing to bypass ‘robust’ security controls over one year, we need new ways to defend against this evolving threat.
Recorded on: Friday 24th September 2021
Interactive ransomware cyber crisis simulation
Would you make the crucial decisions needed after a ransomware attack to save your organisation’s operations and reputation? Play along in this simulation to find out how you would fare as a key member of the Incident Response team. Will you pay the ransom? There’s only one way to find out…
Recorded on: Monday 20th September 2021
What's important for DPOs in this cyber dilemma?
Cybersecurity and privacy are both growing concerns for many organisations. These topics overlap and intersect but sometimes work in silos. So where can we double up and work together? In this webinar, we explore the cyber needs of the DPO from a privacy perspective and how those needs can be shaped to align with the privacy programme.
Recorded on: Monday 13th September 2021
Exclusive preview of the new National Cyber Resilience Group - the flagship UK policing project that needs you!
Ahead of the formal launch in October, SASIG is delighted to have an insight into a new policing project. Not-for-profit cyber resilience centres have successfully brought together police and private sector companies – now a national company will launch in October. Join us to discover the organisation’s plans.
Recorded on: Monday 6th September 2021
How to get your security programme proposals approved
Have you been passionate about a proposed solution, only to find that nobody understands how it could positively impact the business? This doesn't need to happen. Join us to learn how to leverage your research and project management skills to tell a compelling story, create a proposal that justifies investment, and generate buy-in.
Recorded on: Wednesday 1st September 2021
What is the impact of the changing face of EDR?
EDR has changed significantly over the course of the last 10 years, developing from simplistic anti-virus to complex end-point productions. It can now enable a much more effective preventative posture for a business that may be under attack. Learn why EDR is important and how to get the best out of its deployment.
Recorded on: Thursday 29th July 2021
4 steps to navigating insider risk
With the massive shift to remote working in 2020, organisations have been racing to rethink their security programs to manage the risk from within as well as guard from external attacks. This webinar explores the unique risk of insider threats and show you the 4 steps you can take to protect your organisation.
Recorded on: Tuesday 27th July 2021
The supply chain: Our modern Achilles' heel?
Recent ransomware attacks have once again highlighted both our dependence on supply chains and our vulnerability to attacks through them. Do we fully understand the risks, or have we become overwhelmed by their complexity? Join us as we explore how to manage supply chain risks and the steps you can take to mitigate them.
Recorded on: Wednesday 21st July 2021
What is threat hunting? Why you need it, and how to make it easy for your analysts
Cybersecurity often feels like a game of cat and mouse. Just as a solution gets close to preventing an attack, the adversaries change their techniques. With threats going undetected by traditional security tools and lurking in networks for months, threat hunting means no more waiting around for that dreaded alert.
Recorded on: Tuesday 6th July 2021
Threat trends: 2021 so far
Join us for a critical look at the eventful start to 2021’s cyber threat landscape. We share observations and thoughts on what to expect for the rest of the year regarding cyber threats and the ever-changing landscape.
Recorded on: Thursday 20th May 2021
Illuminating risk indicators with readily available telemetry data from standard admin tools
Many risk indicators in Incident Response are just below the surface and relatively simple to uncover with standard admin tools. Practical telemetry data is readily available to all organisations and illuminates key risk indicators. This session looks at what telemetry is useful and how to create a no-cost data lake to question, giving you the insight to drive your cyber operational workflows.
Recorded on: Wednesday 3rd February 2021
Using dependency modelling to dynamically visualise and understand business risk
Understanding how interdependent business systems impact risk is challenging. Dependency modelling is a powerful approach that helps visualise risk, aid analysis and lead to more resilient designs. Andy takes us through simple examples of how to quickly model and understand new risks, determine key sensitivities and optimise a design for maximum resilience.
Recorded on: Monday 7th December 2020
How to mitigate insider risk and how regulated firms can stay ahead
Insider risk is a challenge across many industries, particularly within regulated industries, including financial services. It can lead to fraud, financial loss, data leak and regulatory fines. Join us as we explore the main insider threat profiles, why insider threats require more context and how to reduce response time and costs by speeding up investigations.
Recorded on: Tuesday 1st December 2020
From cybersecurity to cyber-maturity – a journey worth taking
The cyber landscape is being squeezed by an increase in risk on one side and an ever more complex business environment on the other. This session unashamedly looks at non-technical approaches to building a robust cyber-maturity strategy. One that is evidential and measurable in its approach to better direct your operational and technical priorities.
Recorded on: Wednesday 25th November 2020
Pragmatic risk-based cybersecurity: How to use threat and risk analysis in your organisation
We are delighted world-renowned security evangelist Peter joins us to look at the challenges of testing your cybersecurity. Our cyber enemies are sophisticated and strategic with clear objectives and lots of resources. To counter their attacks, we need a pragmatic approach to threat and risk analysis to feed our cybersecurity ecosystem and focus on protecting our most important assets.
Recorded on: Wednesday 19th August 2020
35 Views of cyber risk
As the pace of change has accelerated, so has the need for our understanding of the world we live in. This creates a challenge in aiming for clarity and is the problem in understanding cyber risks. But while we may never fully know the cyber world, we can better understand it by combining knowledge from several fields - combinative thinking. John brings together 35 views as he navigates around the cyber risk environment and gives us some food for thought along the way.