Keeping up with the latest developments and best practices in Information Security can be a real challenge. Most of us have day jobs that keep us tied to an office and meeting rooms. Many of us are involved in important projects and just don’t have time to lose half a day or more travelling for training. Some of us in IT have different priorities, like keeping the systems running and available. Well, there are other options available to everyone and anyone that is interested in maintaining a secure IT operation, and that should include everyone in IT.
Here are a few educational seminars that can be attended from the comfort of your own computer screen. Attending some of the live broadcasts can also earn the attendees Continuing Professional Education (CPE) credits that can be used towards maintaining certification requirements. Many of these upcoming sessions can also be viewed later in their recorded format. You just won’t be able to ask questions of the hosts if it isn’t a live broadcast or gain the CPEs. Many are offered free of charge.
- Legal Considerations About Cloud Computing – Wednesday, March 30 2011 – 10am EST This 90-minute presentation focuses on cloud computing, the legal considerations regarding security and privacy, and the responsibilities and risks of e-discovery and records retention. (Cost: $ 295) http://www.govinfosecurity.com/webinarsDetails.php?webinarID=159
- Get HIPAA HITECH Compliant – March 30, 2011 – 1pm EST This 1 hour presentation reviews a case history of a local practice that endured an audit and publicity nightmare over stolen equipment, and offer first-hand looks at the kinds of things the Office of Civil Rights expects you to provide for when they perform a compliance audit. Jack Anderson, a pioneer in delivering compliance and accreditation services over the Internet, will show you how a new service can help you get compliant, stay compliant, and prove compliance with the “Compliance Meter” product. (FREE) http://www.compliancehelper.com/post/286722-get-hipaa-hitech-compliant-avoid-the
- Improve firewall security odds: Prevent misconfigurations and compliance concerns – Thursday, April 7, 2011 – 9am EST This 1 hour presentation will outline how automation can keep your firewalls configured to block threats and keep you in compliance, and reduce the time you spend analyzing rule changes and access problems. (FREE) https://www.sans.org/webcasts/improve-firewall-security-odds-prevent-misconfigurations-compliance-concerns-automating-fir-94274
- U.S. Dept. of Justice on Payment Card Fraud Trends & Threats – Monday April 11, 2011 – 10am EST This 60-minute presentation looks at financial data breach trends. From ATM skimming to the Zeus malware toolkit, credit and debit cards are under increased attack by fraudsters, and organizations need to step up their efforts to protect their customers and themselves. What steps can you take to avoid being the next payment card fraud victim? (Cost: $ 295) http://www.govinfosecurity.com/webinarsDetails.php?webinarID=169
- SANS Monthly Internet Storm Center – Wednesday April 13, 2011 1pm EST (every second Wed of the month) The SANS Internet Storm Center analyzes data collected from thousands of sensors in over 60 countries. Experienced analysts monitor data feeds for trends and anomalies to identify potential threats. This monthly webcast discusses recent threats observed by the Internet Storm Center, and discusses new software vulnerabilities or system exposures that were disclosed over the past month. The general format is about 30 minutes of presentation by senior ISC staff, followed by a question and answer period. (FREE) https://www.sans.org/webcasts/isc-threat-update-20110413-94083
- Addressing the Top 20 Critical Security Controls with SIEM – Thursday April 14, 2011 – 1pm EST In this webcast, the SANS analyst responsible for co-developing the Top 20 guidelines, will discuss the development of the Top 20 controls and how SIEM can be applied to some of the key security and compliance challenges. (FREE) https://www.sans.org/webcasts/addressing-top-20-critical-security-controls-siem-94333
- Achieving Cloud Security and Leveraging Web App Security in the Cloud – Friday April 15, 2011 – 1pm EST In this live Web seminar, we discuss the current state of cloud technologies; identify trends in Web App Security, and how they relate to securing your cloud-based information assets. To illustrate the concepts, we cover case studies and chart a roadmap with specific solutions on how to manage the security issues for the cloud and stay secure. (FREE) https://www.sans.org/webcasts/roadmap-achieving-cloud-security-leveraging-web-application-security-cloud-94313
- Extensible Role-based Access Controls (XRBAC) – April 19, 2011 – 1pm EST In this webcast, learn more about extending RBAC to centralize controls for ease of use, heterogeneous administration, granular authorization, and compliance in Unix/Linux-flavored environments, bridge to ActiveDirectory to also centralize access and roles for Windows servers, and manage access all the way down to the operating resource and file level. (FREE) https://www.sans.org/webcasts/extensible-role-based-access-controls-xrbac-94383
- Defending Against the Insider Threat – Thursday April 21, 2011 – 3:30pm EST This 90 minute presentation will examine mitigating internal threats and fraud. The insider threat may be the hardest to detect, yet it poses the greatest risk to information security and regulatory compliance. With recent, high-profile data breaches resulting from insider abuses, the topic is hotter than ever. (Cost: $ 295) http://www.govinfosecurity.com/webinarsDetails.php?webinarID=67
- 7th Annual Log Management Survey Webcast – April 25 & 26, 2011 1pm EST With the increased awareness of what log data can be collected and what it can be used for, the biggest problem respondents have now is putting the logs to use. Respondents in 2010 cited their top challenges as “searching” and “reporting”, and organizations aren’t fully benefiting from the intelligence, insight and business uses they would like to leverage their logs for. (FREE) https://www.sans.org/webcasts/7th-annual-log-management-survey-webcast-94244
- Stop Social Engineers in Their Tracks – Friday, April 29 2011 – 10am EST This 90 minute presentation addresses the management of social engineering at your organization. Learn new ways to test the effectiveness of your awareness efforts. Fraudsters will lie, cheat and steal their way past your organization’s security controls. Their goals: theft, fraud or espionage. Your best line of defense: Your people. (Cost: $ 295) http://www.govinfosecurity.com/webinarsDetails.php?webinarID=89
- Business Continuity Planning Best Practices – Thursday May 12, 2011 – 3:30pm EST This 2.5 hour presentation outlining best practices for an effective business continuity plan. Natural and man-made incidents have directly disrupted business operations across all industries. Having a definitive plan and response technique is essential to remain viable, especially in today’s rough economic climate. (Cost: $ 295 – 3 CPE credits!) http://www.govinfosecurity.com/webinarsDetails.php?webinarID=27
- Debunking Continuous Monitoring Myths – Tuesday May 17, 2011 – 1pm EST SANS analyst, Eugene Schultz, PhD, debunks the myths that are holding organizations back from getting started on their continuous monitoring efforts. For example, continuous monitoring doesn’t always mean continuous, and real-time doesn’t mean always real-time. (FREE) https://www.sans.org/webcasts/debunking-continuous-monitoring-myths-94408
- Malware, Crimeware and Phishing an In Depth Look at Threats, Defenses – Sunday, January 1, 2012 – 10am EST This 90 minute presentation will impart what organizations should be doing, lay out best proactive approaches to crimeware and phishing, describe the different kinds of services available to react to attacks, show you how to evaluate current vulnerabilities to existing attacks and potential for future attacks. (Cost: $ 295 – 2 CPE credits!) http://www.govinfosecurity.com/webinarsDetails.php?webinarID=30
These are not all of the webinars available, just the ones that popped into my inbox and piqued my interest.