Historically, fraud detection and cybersecurity have been separate disciplines with unique objectives and approaches. But as criminal organizations seek to take advantage of online tools for fraudulent campaigns, they’ve created integrated techniques that encompass elements of both domains. Therefore, professionals charged with defending corporate networks and assets must also come together to defend against these shared adversaries.
In 2018, GDPR brought data privacy to the forefront. The prior regulation had the impact of “ankle biters” and was often ignored. However, the new version has the potential chomp of a Megalodon for non-compliance. The rapid pace of technology innovation, paired with the maturation of the Internet of Things, digitation/automation efforts along with big/deep data analysis, creates a world where ensuring data privacy seems impossible. Every week there are new reports of data breaches or privacy violations. Two recent examples are Ring Doorbell and Facebook.
Managing security within a cloud-native development pipeline requires reimagining traditional security rituals. With hybrid and multi-cloud deployments as well as different container runtimes, orchestration platforms, and technology stacks, getting it right requires more than tooling. We must understand how our teams build software and consume telemetry gleaned through operations. Securing the pipeline from developer tools to production infrastructure requires a continuous approach to security, by shifting left and shifting right too.
Abstract
As more organizations have strengthened their cyber risk management, adversaries have shifted focus to third party ecosystems that historically have weaker defenses. To better manage these challenges, Delta Dental of California has built an adaptable third party risk assurance capability. It uses an innovative approach that tailors rigor and frequency of testing based on the impact and nature of each business relationship. It also incorporates threat intelligence to efficiently allocate valuable talent. Join us to learn how to apply these principles within your organization.
Artificial Intelligence (AI) and Machine Learning (ML) have become the buzz words for Cyber Security. Everyone is talking about them, as if they are magic black boxes. In this talk, we are going to white-box ML to some extent to understand what is possible with the current generalization of technology in particular for the cyber security field. Furthermore, we will dive into one important example, how we can use Graph ML to better “connecting the dots” and to link multiple individual suspicious activities to understand the big picture of attacks.
Supervisory Special Agent, Cyber Squad, FBI San Francisco
Sponsored by: Abnormal Security
After that, Come by
Red Dog
and have a great time with fellow ISSA Members and RSA Friends.