Events

Another Penetration Test? Penetration testing your environment is one of the most important tasks an organization can perform. It is part of every regulation and industry security standard for good reason. However, there are times when performing a penetration test...

Cloud Testing is Now Crucial It’s abundantly clear that penetration testing is critical to validating the safeguards in a well-functioning security program. While cloud computing has been around for over 12 years, testing the client’s (i.e., your) security areas of...

‘Our Program has Grown Organically.’ Regardless of the type of industry or business, security leaders struggle to overcome inherent roadblocks in how security programs develop over time. Security programs tend to mature through problem resolution and struggle to maintain consistent...

Open-Source Libraries: What’s Good for the Goose is Good for the Gander. Whether in the software supply chain or part of your own DevSecOps process, the use of open-source libraries has grown due to the ability to release higher-quality code...

Building on the success of our previous webinar, Coverage Not Guaranteed: Navigating Cyber Insurance, we are pairing up with an insurance industry expert to help clients better prepare for answering uncomfortable questions from executives during the insurance renewal process. Do...

Download a copy of the webinar slides Ransomware is a Different Beast Human-operated ransomware represents a unique challenge to backup infrastructures. Unlike other disaster scenarios, a ransomware attack specifically targets and attempts to destroy backup systems to increase the likelihood...

Cyber insurance has become a popular topic among CISOs over the last six months. Ransomware Has Changed the Game With successful ransomware attacks netting millions of dollars in payments for hacking groups, the necessity for cyber insurance is costing all...

If your organization is involved in contracting with the US federal government, you’ve likely come across the requirement to have a System Security Plan (SSP) in place. For those looking to understand or implement an SSP, there are many resources...

In any risk equation or framework, one of the most formidable variables to gaining a proper understanding of risks to an organization is the determination of threats and threat capabilities. Practitioners of the quantitative risk framework Factor Analysis of Information...

Incident Response in the Cloud Has Some Major Nuances. The cloud can significantly improve Incident Response capabilities if appropriately leveraged. However, many organizations, even those with traditional Incident Response plans, have faced a rude awakening with their first cloud incident....

This webinar was recorded on May 12, 2021. Ever Wanted to Know the Difference Between the Hacking Certifications? Certifications can help you better understand threat actor techniques and how they affect an organization with regard to security, but there are...

Get the Right Provisions for Your Journey on the Privacy Trail The rush to implement GDPR and become compliant may be over, but organizations have plenty of work left to do and changes to implement. Learning about the types of...

Recorded on Wednesday, March 3rd, 2021 Early Lessons Learned on Cybersecurity Maturity Model Certification If you are in possession of Federal Contract Information (FCI) or Controlled Unclassified Information (CUI) and are looking to get ahead in your Cybersecurity Maturity Model...

Recorded on January 20, 2021. Do You Have Security Questions That Never Get Answers? A lot of research organizations are putting out predictions for security, but some don’t make much sense. TrustedSec CEO David Kennedy and Advisory Practice Lead Justin...

Recorded on Wednesday, December 9, 2020. The goal of the Security Information and Event Management (SIEM), and theSecurity Operations Center (SOC) or Managed Security Service Provider (MSSP) that manage it, is to relay actionable intelligence that enables security teams to...

Recorded on November 4, 2020 Many penetration tests are falling short It’s becoming commonplace for penetration testers to encounter maturing products that recognize common attack patterns or post-exploitation activities. Many go-to testing tools are becoming ineffective without code modification to...

Recorded on October 21st, 2020 Understanding the real-world effectiveness of your security controls is a crucial element in constructing a robust security posture.  Red Team engagements (or “Adversarial Attack Simulations” as they’re known at TrustedSec) are extended, goal-oriented engagements using...

The Pressure is on to Reduce Cost While Improving Performance Clearly, we are in an uncertain time where some organizations are facing sustained pressure to grow…while others may be desperately working just to survive. And yet, there is also increased...

This webinar was recorded on April 22, 2020. If you are in possession of Federal Contract Information (FCI) or Controlled Unclassified Information (CUI), now is the time to better address security and the new Cybersecurity Maturity Model Certification (CMMC). Not...

This webinar was recorded on 3/19/20. As populations are affected by disaster, what can you and your organization do now to mitigate security risk? Preparing for the worst For those who aren’t fully prepared, what are the major areas that...

This webinar was recorded on January 22, 2020 No one likes surprises, especially of the security kind. We’d all like to know what the future holds. A lot of research organizations are putting out predictions for security that are all...

Recorded on Wednesday, September 25th Ain’t nobody got time for that! Are you feeling overwhelmed? Have you been diagnosed with a case of audit fatigue? The growth in third-party assessment requests has exploded–more and more organizations are being forced to...

Recorded May 30, 2019 at 1 P.M. EST The majority of organizations that are in the process of building a security program are starting with a security framework. Frameworks seek to provide a reference for planning but also ensure that...

Recorded July 25th, 2018 at 1:00 PM EST The End of the Beginning After 3+ years of hype, where are we now with the Internet of Things security, and where are we going? There is continuing pressure to keep our...

Recorded May 23, 2018 at 1:00 PM EST There is continuing pressure to keep our information secure and breach-free. At the same time, management often doesn’t see the need of increasing budget if there isn’t an incident occurring or a...

Recorded April 18, 2018 at 1:00 PM EST The General Data Protection Regulation (GDPR) (Regulation [EU] 2016/679) has many organizations “gnashing their teeth” trying to become compliant. And if you think this Facebook’s privacy debacle doesn’t have anything to do...