Data can end up in the unlikeliest of places, even for those organizations that have developed formal data governance policies and implemented technical controls to (try to) keep data in central data stores. Especially troublesome is data stored and worked with on user endpoints—workstations, laptops, devices—such as original unstructured files or containing data extracted from structured data sources. With this survey, SANS is see...

The cloud has changed infrastructure for all organizations and Federal agencies are no exception. However, it’s not as easy as simply “flipping the switch” because there are a myriad of regulatory requirements and considerations to navigate, and it requires careful planning and implementation. Join us on April 25, 2024, at 3:30 ET where SANS analyst Matt Bromiley and Cisco’s Technical Marketing Engineer, Christian Claus...

Come and learn from ENISA, the European Union's Agency for Cybersecurity), about the NIS2, the EU's cybersecurity legislation, which will come into force this year across all the EU's critical sectors. This seminar will help you get ready for the NIS2 incident reporting and security measures requirements, what NIS2 will mean for organizations doing business in the European Union, and what skills you may need to implement the NIS2. This online...

The idea of DevOps, the term the industry had initially decided on for the work between the Application and Operations teams, was coined 15 years ago. To give perspective, the iPhone 3GS came out that year. If we think of what we had to work with in 2009, we now know in hindsight that we have better options, solutions, software, and patterns. We have an iPhone 15; we no longer have BlackBerry OS or Nokia. Windows 8.1? I hope not. Here are a fe...

Is it really over when you are hacked? Or is it only over when our adversary has secured their impact and actions on objective? Perimeters are bound to be broken, but our game-over" scenarios should still be defended. We need to not only protect our inside, but carefully define what exactly are we defending? What has the highest impact on our organization, and from there on carefully architect our defenses to ensure we can always survive, even...

Join us for the inaugural year of SANS Emerging Technologies Track! Are you interested in learning more about new cutting-edge technology in the cybersecurity industry? This is the place for you! Learn from the best and brightest in the industry as selected organizations review their latest tools and solutions that will better equip you for your battle with the bad guys and assist you as your team works hard to keep networks safe from intrusio...

Join this webcast to explore SANS and GIAC's latest industry-leading training and certifications to help cyber-practitioners, and the organizations they protect, keep pace with dynamic market conditions. Cut through the noise with this comprehensive showcase and discover the skills you and your teams will need to navigate the evolving landscape of cybersecurity. First, Rich Greene ventures into our fresh new training courses, covering topics f...

Public Cloud Environments can make things, well, rather public. While there are ways to prevent this, and the cloud providers have made strides, retroactive changes are not a thing. As such, we still find very poorly configured environments today. Join us for this first of eight workshops in the Aviata Solo Flight Challenge Workshop series. We will show you how to look at a target organization's misconfigured public items. This lab will begin...

Achilles Systems, a fictitious IT service provider to human resources teams in medium and large businesses, has fallen victim to an attack in which sensitive customer data and, potentially, customer networks, have been compromised. Achilles has a small security team who has historically focused on basic controls and compliance. However, it seems clear this attack was the work of a sophisticated adversary capable of circumventing the controls i...

The cloud has changed infrastructure for all organizations and Federal agencies are no exception. However, it’s not as easy as simply “flipping the switch” because there are a myriad of regulatory requirements and considerations to navigate, and it requires careful planning and implementation. Join us on March 26, 2024, at 10:30 ET where SANS analyst Matt Bromiley and Cisco’s Technical Marketing Engineer, Christian Clau...