T.E.N. Knowledge Base

ISE® West 2017

Bolstering Trust in the Email Ecosystem  > Download Whitepaper
Email is inexpensive, instant and ubiquitous. Email has become deeply entrenched as our favorite tool for sharing, collaborating, coordinating and archiving. Forget the telephone or social media, when it comes to consumers and companies communicating, email holds an unshakeable dominance.



2017 Study on Mobile and IoT Application Security  > Download Whitepaper
Ponemon Institute is pleased to present the ndings of the 2017 Study on Mobile and Internet of Things Application Security sponsored by IBM and Arxan Technologies. The purpose of this research is to understand how companies are reducing the risk of mobile apps and Internet of Things (IoT) in the workplace. The risks created by mobile apps have been well researched and documented. This study reveals how companies are unprepared for risks created by vulnerabili- ties in IoT apps.



On the Radar: Attivo Networks offers deception, vulnerability assessment, and response automation  > Download Whitepaper
Attivo Networks develops technology for threat deception, with products for network and endpoint, as well as threat visibility/vulnerability assessment and incident response. Its deception capability works across a company’s user network, data center, cloud infrastructure, remote office/branch office (ROBO), industrial control systems (ICS), Internet of Things (IoT), and point-of-sales (POS) networks. Decoys can be made to look like a wide variety of targets, including a human-machine interface (HMI) device in operational technology (OT), an IoT node, or a POS terminal.



Ransomware on the Rise: An Enterprise Guide to Preventing Ransomware Attacks  > Download Whitepaper
Ransomware isn’t new. In fact, it’s 30-years-old. What IS new is ransomware’s sudden rise as a favored attack by cyber criminals. Cyber crime has become a lucrative business and, unfortunately, ransomware has become an integral attack method that many organizations are ghting a losing battle against.



Best Practices for Privileged Identity Management in the Modern Enterprise  > Download Whitepaper
Data breaches continue to be top of mind for organizations large and small. Three key dynamics are making that challenge much harder — the cloud, the growing sophistication of attackers, and dramatic growth in outsourced services. In this paper, we explore the modern enterprise — a hybrid organization with infrastructure spread across on-premises data centers as well as hosted in the cloud and one where IT functions are split between internal and 3rd-party administrators. We look at these and related trends impacting our data security and speci cally, best practices on how to manage and govern privileged user access to mitigate these risks.



The Fidelis Platform Overview  > Download Whitepaper
Modern attacks make it through the rewall and penetrate the perimeter. Security operations teams lack the complete, visibility-enhancing and automated technology to both see and respond to these kinds of modern and advanced compromises. Instead, they have patchwork systems strung together that create more work and complexity than solutions. We have changed all that.



Enterprise Phishing Susceptibility and Resiliency Report  > Download Whitepaper
Welcome to PhishMe’s 2016 Enterprise Phishing Susceptibility and Resiliency report. The report we published in 2015 focused solely on susceptibility, only telling half of the story. Now, with over 5 million active installations of PhishMe ReporterTM across the globe, we can publish statistically significant metrics about the rate and accuracy of humans reporting phishing emails. We are excited to share this data as it has been missing from phishing studies in the past. Armed with this new data, we hope that security organizations focus their attention on the ratio of Report-To-Click instead of dwelling on susceptibility metrics.



Jason Lish

Jason Lish
Senior Vice President and Chief Security Officer
Alight Solutions
ISE® West Executive of the Year Award Winner 2016
ISE® North America Executive Award Finalist 2016 - Financial Category

Security Talent Today & Tomorrow  > Download Presentation
Investment in Cyber Security has increased dramatically over the last few years and in turn, many companies are still struggling to fill much need roles with qualified security talent. Earlier this year, the 2017 Global Information Security Workforce Study estimated that the job gap is growing, with the projected shortage reaching 1.8 million professionals by 2022. While the gap is not news, the fact that it is growing should be a huge concern to an already exhausted workforce. The shortage itself has been linked to everything from employers demanding too many skills in new hires, poor compensation for the required skillsets, lack of effective education options, and inefficient recruiting processes. So how should companies address the issue? Join Jason Lish as he examines the industry need for finding and retaining the right security talent, key skillsets needed to improve the security industry, and how current InfoSec professionals can ensure they’re continually improving themselves to ensure a more secure future.


Sancheti_Hardik

Hardik Sancheti
Senior Manager, Identity Management Infrastructure
Seagate

Balancing Security and Business: Building a Next Gen SSO Program  > Download Presentation
Upon moving to a zero trust security model, the team at Seagate decided to replace their previous SSO infrastructure to support this new model. The NextGen Single Sign-On (SSO) program sought to solve one of the issues of the previous SSO infrastructure regarding potential vulnerabilities to a malicious insider who could acquire users’ SSO cookie in a “watering hole” attack. The project replaced Seagate’s SSO infrastructure with a secure platform that supports risk-based authentication and robust federation. The infrastructure was deployed across two data centers and two disaster recovery sites and included migrating over 150 applications and 50 federations (SSO across two or more domains / companies) with positive impact to Seagate’s business. Join our conversation to learn how the Seagate team was able to not only sole the “watering hole” issue, but also enhance overall security and access management capabilities by implementing end-to-end SSL, risk-based authentication and session assurance as well as better align the infrastructure to business initiatives for SSO, mobile, social and cloud integrations.


Ocegueda_Luis

Luis Ocegueda
Senior Security Engineer
Walmart
Biography

A Framework for a Secure Future  > Download Presentation
Walmart operates one of the largest cloud environments and leverages the open source tool OneOps to manage applications and operating systems. The OneOps Security Framework is an integration that allows applying security best practices and configurations to any application or operating system automatically at deployment to save time while meeting security and compliance requirements. The OneOps Security Framework project has helped teams meet security objectives seamlessly thus saving thousands of man-hours on configuration, testing, implementation, and remediation. The framework has also been made available to all industry users of OneOps through Walmart’s open source initiate. Join our conversation to learn how the Walmart team leveraged their OneOps management tools to develop a process for testing new configurations, apply configurations prior to deployment, and force application and operating system configurations or updates at deployment time.


tim smith

Tim Smith
Sr. IT Manager of End User Computing and Corporate Information Security
Western Union
Biography

Building a Blueprint for Better Mobile Security  > Download Presentation
Western Union is a huge proponent of empowering their end users via mobile devices, and in 2016 they wanted to make sure they had a strong mobile threat defense solution in place that would properly safeguard their employee’s mobile devices and data. To accomplish this, they required a solution which provided protection across the most common mobile threat vectors- malware, malicious networks, and OS/configuration vulnerabilities- and which was easy to deploy and manage, offered in-depth reporting and analysis, protected devices in real-time, and could mitigate threats automatically. Join our conversation to learn how Western Union was able to deploy an effective and easy to use mobile security solution that helped them empower a safe but mobilized workforce.