Many speak of the cloud as either secure or insecure, but cloud security is much more than a switch that is turned on or off. We will explore the nuances of an appropriate cloud security framework including data ownership, destruction, and change control. We will also discuss how to ensure a cloud provider is meeting their security obligations as well as the responsibilities of the consumer.
The field of cyber security is often presented as highly technical, full of jargon, and beyond the influence of executives (with the exception of budget authorizations). While there are still highly technical aspects, the area of social engineering is one where anyone can make a difference, even a business executive. This presentation will give an overview of social engineering in general, and cite specific examples. Business executives should leave with some concrete ideas of what they can do to decrease the vulnerability of their organization to social engineering attacks.
As our world becomes increasingly digital, it also, increasingly, puts our personal data at risk. Every day we hear of additional date theft in the news or online, and many of these breaches can be prevented through the use of some basic security concepts. This session will feature some 100 and 200 level IT security concepts for business professionals and IT Pros alike. Some topics covered include, password best practices, secure systems management, social media security, and current trends in the industry.
EMV stands for Europay, MasterCard, and Visa, the three companies which originally created the standard. EMV is a technical standard for smart payment cards and for payment terminals and automated teller machines which can accept them. EMV cards are cards which store their data on integrated circuits (chips) rather than magnetic stripes.
As of October 1, 2015, nine major payment networks began shifting liability for card fraud from the card issuer to merchants that are not EMV-compliant. What does this mean to merchants? Do all cards have chips? Does EMV impact online payments? Are all terminals EMV ready? Do consumers have any idea what EMV is and why they are receiving a new card? In this session, we will discuss these questions and how and when the "liability shift" really impacts merchants.
The Federal Trade Commission has been engaged in privacy and data security issues for well over a decade. Since around 2002, the FTC has brought more than 130 spam and spyware cases, over 40 general privacy cases, and more than 50 data security cases. As the amount of consumer data that is collected continues to grow exponentially, the importance of being aware of applicable laws grows at least as fast. Come find out what the FTC is doing in these areas and what advice it offers to businesses.
Join Chris Panek, an FTC consumer protection attorney, as he discusses the FTC’s general consumer protection mission, the FTC’s recent data security and privacy cases, and business education materials and other guidance recently made available by the FTC.
If your organization had a major interruption and your technology assets were unavailable, what would it take for you to recover? At what cost? As a leader, acknowledging these challenges means thinking about how to service customers, assessing the safety of your physical locations, to say nothing of protecting and restoring your intangible—yet extremely valuable—digital assets. At Trivalent, we guide organizations as they mitigate continuity risk and create plans to get back on track as quickly as possible in the event of a disaster. Our comprehensive Disaster Recovery & Business Continuity Planning suite, BIASurvivor (“Be a Survivor”), leads the market in helping executives prioritize their recovery time and objectives.
Cyber-attacks once were mainly the concern of governments, large corporations and other highly visible networks. Not anymore. The financial rewards generated from the theft of credit card information and other sensitive data gave rise to a new breed of malware, the polymorphic threat, and with it, the amount of malware has skyrocketed.
Most of today's malware is polymorphic and highly adept at changing its identity to evade standard, signature-based security platforms. Alone, these platforms will not recognize many of these threats. Advanced persistent threats, or APTs, increase the threat level by employing sophisticated evasion capabilities to get payloads past a network's defenses where they persist, undetected. APTs are targeted to an organization or a specific technology and often leverage zero day vulnerabilities - flaws for which no patch is available and no signature has been written. Any organization can become a victim.
