Come and learn from ENISA, the European Union's Agency for Cybersecurity), about the NIS2, the EU's cybersecurity legislation, which will come into force this year across all the EU's critical sectors. This seminar will help you get ready for the NIS2 incident reporting and security measures requirements, what NIS2 will mean for organizations doing business in the European Union, and what skills you may need to implement the NIS2. This online...

Data can end up in the unlikeliest of places, even for those organizations that have developed formal data governance policies and implemented technical controls to (try to) keep data in central data stores. Especially troublesome is data stored and worked with on user endpoints—workstations, laptops, devices—such as original unstructured files or containing data extracted from structured data sources. With this survey, SANS is see...

The cloud has changed infrastructure for all organizations and Federal agencies are no exception. However, it’s not as easy as simply “flipping the switch” because there are a myriad of regulatory requirements and considerations to navigate, and it requires careful planning and implementation. Join us on April 25, 2024, at 3:30 ET where SANS analyst Matt Bromiley and Cisco’s Technical Marketing Engineer, Christian Claus...

In the field of cybersecurity, we are failing to acknowledge that we have a big problem. Our job titles and job descriptions have the word security in it even though security isn’t our job. I have never met a security professional who claims that their organization will never be breached. Yet, we call ourselves security? When a breach does occur, it reflects poorly on us. Did it mean we did our jobs poorly that day? Let’s have the...

The number of cloud security breaches in the headlines have been staggering lately. It seems like a week cannot go by without a massive amount of sensitive data being leaked from either AWS, Azure, or Google Cloud. One example that would be funny if it were not so sad is the September 2023 incident where the Microsoft AI team leaked 38TB of sensitive data, including employee workstation backups and 30,000 internal Teams messages, due to a misc...

Are you struggling to get both your leadership and workforce to buy into cybersecurity? Do you feel overwhelmed and need to scale the impact of your security team? Learn how to engage and transform your organization into the biggest believers and supporters of cybersecurity by institutionalizing a strong security culture. What is a strong security culture and how it helps you Indicators of a strong security culture Top three drivers of a stron...

Step into the forefront of manufacturing resilience as we navigate today’s cybersecurity challenges. This dialogue with Matt Cowell, VP of Business Development at Dragos, and Mark Cristiano, Global Commercial Director – Cyber Security Services at Rockwell Automation, is dedicated to the shifting tides in cyber threats that manufacturers face, strategizing against the escalation of digital risks, and charting a progressive course of...

Stop Waiting for the Adversary It’s 2024. Ransomware is no longer new, the threats and risks are well known, the cases and payouts are public. Even with this ominous threats, why are security teams still caught off guard when their environments fall victim? It’s 2024 - the year we stop waiting for the adversary. In this 2024 Ransomware Summit, let’s explore all the angles. How ransomware actors find success, where they get in...

Our applications and APIs are the gateways to our most sensitive and valuable data. As such, application and API security has become more and more essential to protecting our organizations. On this webcast, SANS certified instructor David Hazar will review the results of our 2024 AppSec/DevSecOps survey, and provide insight into: The best way to provide API security Investment trends in automated testing technologies Which tests are more impor...

As cloud security controls mature, it’s common to find that a wide variety of security controls and configuration capabilities are melding into a single platform or service fabric, in addition to the cloud provider infrastructure. Ranging from CNAPP to CSPM to CWPP and beyond, controls that cover the pipeline, workload security, cloud environment configuration, IaC templates, and runtime (and much more) are starting to evolve into a much...