To enter to win daily prizes associated with the North Pole Breaches 2011 campaign (December 12-16, 2011), register for each daily webinar on the AppSecInc website and winners will be announced at the end of each webinar. Must still be online to win. Watch all five webinars to be automatically entered to win an Apple iPad.
2011: A Bad Year For Data Security and Personal Privacy
Mon, Dec 12, 2011 2:00 PM - 2:30 PM EST
2011 has been a banner year for data breaches. The spate of activity by hacktivist groups and nation-state attacks, as well as the overall number of records compromised, has set a new high-water mark. Chances are you have heard about these high profile breaches in the media, perhaps within your own organization, or at home around the dinner table. What you may not be hearing about are details of how they happened, and more importantly, how they may impact you.
During this half hour webinar we will re-cap some of the more prominent breaches of 2011, discuss the approach surrounding each breach, and provide straight-forward, meaningful advice to help you mitigate the risk to your organization.
The DBA Stole Your Data. What You Need To Know About Insider Threats And Data Security
Tue, Dec 13, 2011 2:00 PM - 2:30 PM EST
Organizations require a security strategy that focuses on both external and internal threats to mitigate database risk. Historically, organizations focused efforts on perimeter security and external attacks. They invested in firewalls, antivirus software, and secure router configurations.
Despite these investments, inappropriate user activity from inside the organization remains largely unaddressed and is becoming an increasing challenge. Malicious insider attacks, while less common than outside attacks, can cause more grief and financial loss to organizations. As a result, organizations must implement best practices that manage internal risk, external risk, and secure the infrastructure where the data resides.
During this half hour presentation, we will discuss how to:
- - Identify users with inappropriate and undesired access to sensitive data
- - Document and monitor access privileges
- - Provide an accurate audit trail of how a user’s rights were assigned
- - Monitor compliance with security guidelines
How The Grinch Stole Your Intellectual Property: Defending Against Attacks From Nation States, Corporate Espionage, And Organize
Wed, Dec 14, 2011 2:00 PM - 2:30 PM EST
What are hackers after? The answer is that they seek sensitive data—specifically corporate intellectual property, government secrets, and Personally Identifiable Information (PII). Whether they seek illegal profit, financial gain, military or competitive advantage, these criminals want access and will do whatever it takes to get it.
With 92 percent of attacks deemed “not difficult” and 96 percent “avoidable through simple controls” (Verizon Data Breach Report 2011), organizations must take an active approach to protecting sensitive data. The Ponemon Institute reported that the average corporate data breach cost $7.2 million. The Department of Defense currently detects approximately three million unauthorized probes on its computer networks every day, and the cyber-attacks on Google were just a wake-up call.
As high-profile database breaches are increasing, and identity theft has become a $388+ billion per year industry (as large as the illegal drug trade), organizations must take an active stance and protect sensitive data where it resides – in the database.
- - During this half hour presentation, we will:
- - Give an overview of the types of attackers and the implications
- - Show how to implement the simple controls that will help protect data
- - Provide an overview of Advanced Persistent Threats
Anonymous Is Remaining Anonymous While Making You Memorable: A Background On Hacktivism and How To Protect Sensitive Assets
Thu, Dec 15, 2011 2:00 PM - 2:30 PM EST
There are many different types of hackers – but now more than ever, “hacktivists” are taking to their computers to make a point about social, ideological, religious, or political issues. Tools used by hacktivists to make their point include website defacements, redirects, DDoS attacks, SQL Injections, and data theft.
This year has been the year of Anonymous, a loosely-knit group that has targeted organizations such as NATO, PayPal, Wal-Mart, Adidas, Capital One, VISA, US law enforcement agencies, BART, Finland, El Salvador, Mexican drug cartels, and the Syrian Minister of Defense, to name a few.
During this half hour presentation we’ll discuss:
- What hacktivism is and who have been 2011’s top targets
- What methods have been used by hacktivists
- An overview of the top database vulnerabilities and misconfigurations that put organizations at risk
Are You Destined for Insecurity? A Look Ahead to 2012’s Database Security Top Tips & Risks
Fri, Dec 16, 2011 2:00 PM - 2:30 PM EST
Databases have become increasingly vulnerable to attack. Given this reality, organizations require a security strategy that eliminates vulnerabilities, identifies user access, monitors database activity, and mitigates risk at the database level.
Please join us for our 2012 Database Security Top Tips and Risks webinar and learn more about the current threat climate and top tips for protecting sensitive information in the database. During this half hour webinar, we will discuss new and emerging security threats that IT professionals should be aware of when it comes to developing a database defense strategy for 2012.
During this half hour presentation, we will discuss the top database risks for 2012 and ways to protect sensitive data where it lives – in the database.