Oh Behave! The Annual Cybersecurity Attitudes and Behaviors Report 2021
It’s widely recognised that the human aspect of cybersecurity is critical but not well understood. The empirical evidence is limited. In a first-of-its-kind project, user security behaviours and attitudes have been examined with scientific rigor. Join us to discover and explore the key findings.
Recorded on: Friday 15th October 2021
How to use actionable network modelling to improve your organisation’s security
The digital world is transforming at the speed of light. The adoption of new technologies, expansion into the cloud, and distributed workforces all leave attack surfaces undefended. Learn why scanning and patching are no longer adequate, how to collect the right data, and how to remediate with network context.
Recorded on: Friday 8th October 2021
When we can’t protect everyone all the time, who gets the Kevlar jacket?
With so many people and limited resources, it can be difficult to focus our attention and prioritise the right risks. We discuss the ways to identify users who are imminent targets and those who pose a high risk, and how to address the needs of different groups based on their profile – in a timely fashion.
Recorded on: Wednesday 6th October 2021
Better cybersecurity log management: Data backups are sent offsite, why aren’t most security logs?
It takes an average of 256 days to identify and contain a breach. So why do we typically only retain 90 days of security log data? How can you find IoC in your environment many months ago? Discover how a cloud System of Record (SoR) gives you the advantage with extensive backwards cover and end-to-end timeline visibility.
Recorded on: Monday 27th September 2021
Spear phishing in 2021: Why organisations need new methods to combat new tricks
Phishing is a threat most security leaders are concerned about. Not only are attacks frequent, time-consuming to investigate, and expensive to recover from, but solutions such as SEGs and native tools aren’t enough. With 2m malicious emails managing to bypass ‘robust’ security controls over one year, we need new ways to defend against this evolving threat.
Recorded on: Friday 24th September 2021
The evolution and commoditisation of the cybercriminal ecosystem
We explore how cybercriminal communities have evolved to become more professional and commoditised over time and what this means for organisations today, including the amplified threat posed by cybercrime and ransomware operations. Watch to gain an understanding of not just how cybercrime has matured, but also what to do about it.
Recorded on: Wednesday 22nd September 2021
Interactive ransomware cyber crisis simulation
Would you make the crucial decisions needed after a ransomware attack to save your organisation’s operations and reputation? Play along in this simulation to find out how you would fare as a key member of the Incident Response team. Will you pay the ransom? There’s only one way to find out…
Recorded on: Monday 20th September 2021
Supply chain attacks are the new high-water mark of attacks
Attackers will always choose the easiest path most likely to succeed. And which is a target more likely to open – the unknown email with an attachment, or an invoice from a known and trusted supplier? We analyse some of the most prominent recent supply chain attacks and share how to combat them.
Recorded on: Friday 17th September 2021
Top 10 ways to test your security function without breaking the bank
When it comes to testing defences, most people will be familiar with PenTesting, Red/Blue/Purple Teaming, and Breach and Attack Simulations, but there are also many excellent security tools available for free or minimal cost. Discover 10 of these technologies, including free intrusion detection systems.
Recorded on: Wednesday 28th July 2021
4 steps to navigating insider risk
With the massive shift to remote working in 2020, organisations have been racing to rethink their security programs to manage the risk from within as well as guard from external attacks. This webinar explores the unique risk of insider threats and show you the 4 steps you can take to protect your organisation.
Recorded on: Tuesday 27th July 2021
REvil Kaseya ransomware attack: What you need to know
Last weekend, the REvil ransomare gang exploited a vulnerability in Kaseya VSA, effectively distributing ransomware downstream to hundreds of organisations. Join us to learn how the group was able to execute this supply chain attack and how to find out if you are at risk. We’ll also give you practical mitigation and recovery steps.
Recorded on: Friday 16th July 2021
SASIG IoT Academy Session 2: IoT; the threat it poses and how to secure it
With the prevalence of IoT devices, how do we take on the mammoth challenge of identifying and securing the devices on our networks? Join us to learn how bad actors can use IoT devices to gain access to your network, how to apply ringfencing principles to IoT devices, and how to identify shadow devices with AI techniques.
Recorded on: Friday 9th July 2021
Cyber threat intelligence: Where should you start?
Many organisations can gain a lot by applying Cyber Threat Intelligence (CTI), but where do you start? And what should you consider if you plan to rely on it? Join us as we look at how to start using CTI to build better defences and to keep up to date with the threat landscape. We will also discuss some of the common pitfalls to avoid.
Recorded on: Wednesday 7th July 2021
What is threat hunting? Why you need it, and how to make it easy for your analysts
Cybersecurity often feels like a game of cat and mouse. Just as a solution gets close to preventing an attack, the adversaries change their techniques. With threats going undetected by traditional security tools and lurking in networks for months, threat hunting means no more waiting around for that dreaded alert.
Recorded on: Tuesday 6th July 2021
Do video games really breed hackers?
We explore how the online wild west of gaming seemingly escalates young gamers from simple cheat codes to full-scale DDoS attacks and state-sponsored espionage. Join us to discuss whether cheating at a video game encourages young people to become hackers, or if hackers just happen to like playing video games…
Recorded on: Monday 5th July 2021
SASIG IoT Academy Session 1: What is modern IoT and where is it?
Maturing technologies mean just about everything can be cheaply connected to the internet, but with a lack of regulation and technology standards, has the security of IoT become a maturity nightmare? We discuss what modern IoT looks like, where it sits on our networks, and what needs to be done to secure it.
Recorded on: Friday 2nd July 2021
The ABCs of cyber risk prioritisation: Fixing what really matters
Identifying and prioritising the risks that pose the biggest threat to your organisation can lead to a more robust defence against attacks. Join us to explore what the process of cyber risk prioritisation should look like and why it matters. We’ll also reveal what you should be worried about, according to the latest threat intelligence.
Recorded on: Tuesday 29th June 2021
MITRE ATT&CK Mania: A guide to understanding vendor positioning and why it matters
MITRE Engenuity tests the most important EDR manufacturers and checks how well they perform in a real attack scenario. The results are always eagerly awaited. Join us to learn why these tests are relevant and how they are relevant to you. We also discuss the criteria used for the evaluation, the results, and how they should be interpreted.
Recorded on: Wednesday 9th June 2021
APT developments, Q1 2021: A review of the activities of the most sophisticated threat actors
Kaspersky currently tracks around 900 advanced threat actors and their activities. We highlight the latest campaigns, tactics and techniques used by these bad actors. Join us for a review of the most significant events and developments in the cyber-threat landscape during the first quarter of 2021.
Recorded on: Thursday 27th May 2021
Threat trends: 2021 so far
Join us for a critical look at the eventful start to 2021’s cyber threat landscape. We share observations and thoughts on what to expect for the rest of the year regarding cyber threats and the ever-changing landscape.
Recorded on: Thursday 20th May 2021
Seeing beyond the obvious: Why rigor AND due diligence are vital in vulnerability management
Traditional methods of scanning and patching are rigorous and leave gaps in vulnerability management. To yield complete results, these methods must include exposure analysis which pinpoints exposed vulnerabilities on important assets. Join us to learn how this method drives due diligence, improves SLAs and reduces operational inefficiencies.
Recorded on: Wednesday 19th May 2021
Weaknesses in software supply chains: Cyber’s unspoken reality
Over the last few years, supply chains have become an increasingly lucrative target for hackers. And when the core software supply chain itself is compromised, the results are often catastrophic. Join us as we examine the weaknesses in software supply chains and discover what you can do to protect your organisation from malicious attacks.
Recorded on: Friday 14th May 2021
Is your dishwasher trying to kill you? (The dangers of IoT in the smart home)
From fridges to toothbrushes, the world is getting smarter - but what are the risks? Internet-connected devices have taken the market by storm, but how easily can they be hacked? And could they plot to take you out?! Join us as we unravel the potential hack and leaks malicious actors could use to target you.
Recorded on: Friday 30th April 2021
Data dive: M-Trends 2021
Join us for a look at the latest M-Trends report – packed with data from Mandiant’s frontline incident response experience and threat intelligence into the most impactful breaches from around the world. Discover what these findings mean for your organisation and which mitigation solutions are best suited to improve your security posture.
Recorded on: Thursday 22nd April 2021
Enabling Industry 4.0 and Digital Transformation by bridging IoT security gaps
The acceleration of Industry 4.0 brings unprecedented levels of new technology risk. As organisations embrace digital transformation, they need to understand their accountability for security in the ecosystem. This webinar will highlight the importance of security and resilience of IoT devices, their applications and the data they generate.
Recorded on: Monday 12th April 2021
Before it’s FINished: Real defences require real adversary simulations
Discover how Mandiant Red Team uses experience and knowledge gained from incident response frontlines to provide adversarial simulation programs which mimic the most devastating ransomware attacks organisations will face in 2021. These simulations provide real-life assessments of readiness before organisations suffer real-life impacts.
Recorded on: Monday 22nd March 2021
Are you ready to tackle IR in cloud and hybrid environments?
Cloud and hybrid environments are unique and present challenges to classic incident readiness methodologies. Join us for an interactive session where you will learn about IR, the activities that will empower your organisation’s ability to manage real incidents when they occur, and frameworks for review and action.
Recorded on: Monday 15th March 2021
Intelligent threats call for threat intelligence
It’s time for businesses to reassess how they gather and assess information about threats, and what they do with that information. They need to understand the threat landscape and their threat exposure. Join us to learn what it means to be intelligence-led and why it is so important.
Recorded on: Thursday 25th February 2021
Threat Intelligence: How do we make it more relevant to inform your defence?
Threat intelligence comes in all shapes and sizes. Does yours provide valuable insight or just distractions? When intelligence is properly contextualised, it provides real insight, a focus for your defences, and the ability to predict attackers’ next moves. Join this webinar to find out how to make your threat intelligence pertinent and relevant.
Recorded on: Monday 15th February 2021
Last year as seen by ESET: Top cyberthreats, trends and predictions
Discover the contents of the ESET Q4 2020 Threat Report before anyone else. Find out about ESET’s fresh batch of data, updates on the techniques used by ransomware and other cybercriminal gangs, and details on the TrickBot disruption. ESET researchers, detection engineers and security experts will also give their threat landscape predictions for 2021.
Recorded on: Monday 1st February 2021
2020 Cyber Threat Recap - Set your cyber security resolutions for 2021
Join Senior Systems Engineer Bradley Bosher as he looks back on the most important developments in cybersecurity from the past year. We brief you on the biggest breaches (including SolarWinds), how to check if you were breached, and the key advancements to help shape your plans for 2021.
Recorded on: Wednesday 20th January 2021
Often 'A', sometimes 'P', but always a 'T': The current trends and future development of APTs
Kaspersky currently tracks the activities of around 700 advanced threat actors. David gives his insight into the campaigns, tools and tactics employed by established and emerging threat actors. He also outlines the most significant trends of 2020 and provides Kaspersky's forecast of the developments that are likely to loom large in the coming year and beyond.
Recorded on: Tuesday 5th January 2021
Using the MITRE ATT&CK framework to drive risk remediation programs and mitigate cyber attacks
This webinar explores the value and utility of the MITRE ATT&CK framework - a globally accessible knowledgebase of adversary tactics and techniques. Learn how to leverage the MITRE framework to assess your cyber maturity against security standards and define a prioritised roadmap for addressing critical gaps in your security, based on common, high-frequency tactics and techniques.
Recorded on: Friday 18th December 2020
Threat intelligence and APT Trends in 2020: The latest campaigns, tools and targets
Kaspersky expert David Emm will guide us on the current advanced persistent threats and share his unique insider view on recent activity by threat actors. We'll discover the most significant events that had the most impact. Mirza Asrar Baig also discusses the value of threat intelligence, and how to use it to protect your organisation against these threats.
Recorded on: Friday 23rd October 2020
Combatting ransomware and APT activity with process-level monitoring
As ransomware attacks continue to hit the headlines, they pose a significant threat to all organisations. So how do you reduce the associated risk to protect your organisation? Andrew and Dan discuss recent ransomware incidents, why ransomware is more prevalent and destructive than ever before and give you practical tips to help detect and respond to them.
Recorded on: Tuesday 20th October 2020
Ransomware trends and the opportunities of an intelligence-led security programme
Ransomware is remote digital extortion. It’s disruptive, costly to address and affects all kinds of organisations. Threat intelligence expert Dr Jamie Collier explains the latest ransomware trends in the threat landscape, the common characteristics in these and how an intelligence-led security programme can be used to improve your organisation’s defenses.
Recorded on: Monday 14th September 2020
Keeping an 'I' on APTs: What threat intelligence reveals about advanced threat actors
Kaspersky expert David Emm guides us on the current advanced persistent threats and shares his unique insider view on recent activity by established and emerging threat actors. We discover the most significant events that had the most impact, which innovative campaigns were introduced and how you can protect your organisation from these fast-emerging attacks.
Recorded on: Monday 24th August 2020
M-Trends 2020: A briefing on current cyber-attacks
We explore FireEye's latest release of their annual M-Trends Report, based on their frontline investigations of the most interesting and impactful cyber-attacks. We will discuss the latest attack trends in today’s evolving threat landscape, and cover best practices learned from the front lines of incident response.