We're in an era of unprecedented digital interconnectedness. This new connected landscape has helped governments make major advances in service delivery and constituent experiences; it's also shined light on a clear need for comprehensive cybersecurity preparedness. According to the latest study from the National Association of State CIOs, 50% of Chief Information Security Officers (CISOs) report outdated technology as their biggest hurdle in...

Achilles Systems, a fictitious IT service provider to human resources teams in medium and large businesses, has fallen victim to an attack in which sensitive customer data and, potentially, customer networks, have been compromised. Achilles has a small security team who has historically focused on basic controls and compliance. However, it seems clear this attack was the work of a sophisticated adversary capable of circumventing the controls i...

Join this webcast to explore SANS and GIAC's latest industry-leading training and certifications to help cyber-practitioners, and the organizations they protect, keep pace with dynamic market conditions. Cut through the noise with this comprehensive showcase and discover the skills you and your teams will need to navigate the evolving landscape of cybersecurity. First, Rich Greene ventures into our fresh new training courses, covering topics f...

Today, most security professionals are actively architecting and implementing cloud security controls across SaaS, PaaS, and IaaS environments. We’ve learned that what once worked on-premises may not work quite the same in the cloud, and a wide range of new and innovative security platforms and services have emerged and evolved in recent years to address critical cloud security use cases and categories, including: Cloud security monitori...

Is it really over when you are hacked? Or is it only over when our adversary has secured their impact and actions on objective? Perimeters are bound to be broken, but our game-over" scenarios should still be defended. We need to not only protect our inside, but carefully define what exactly are we defending? What has the highest impact on our organization, and from there on carefully architect our defenses to ensure we can always survive, even...

The idea of DevOps, the term the industry had initially decided on for the work between the Application and Operations teams, was coined 15 years ago. To give perspective, the iPhone 3GS came out that year. If we think of what we had to work with in 2009, we now know in hindsight that we have better options, solutions, software, and patterns. We have an iPhone 15; we no longer have BlackBerry OS or Nokia. Windows 8.1? I hope not. Here are a fe...

In its fifth year, SANS Cyber Solutions Fest aims to brings together an ensemble of security professionals, solution providers, gurus and experts ready to share knowledge about the latest developments and innovative technologies in the cybersecurity industry. Join the attack surface & vulnerability management track to hear from chairperson Matt Bromiley and a host of leading cyber security experts as they walk through specific use cases an...

In the field of cybersecurity, we are failing to acknowledge that we have a big problem. Our job titles and job descriptions have the word security in it even though security isn’t our job. I have never met a security professional who claims that their organization will never be breached. Yet, we call ourselves security? When a breach does occur, it reflects poorly on us. Did it mean we did our jobs poorly that day? Let’s have the...

Are you struggling to get both your leadership and workforce to buy into cybersecurity? Do you feel overwhelmed and need to scale the impact of your security team? Learn how to engage and transform your organization into the biggest believers and supporters of cybersecurity by institutionalizing a strong security culture. What is a strong security culture and how it helps you Indicators of a strong security culture Top three drivers of a stron...

In the past year, cyber threats are once again top of mind for organizations of all types. The global geopolitical situation continues to become more unstable, leading to increased conflicts and hybrid threats. As a result, cyber threat intelligence (CTI) professionals face significant challenges in managing the evolving threat landscape and providing actionable intelligence to their stakeholders. On this webcast, SANS Certified Instructor Reb...