ISF Cyber Awareness Showcase Week – Oct 2024

Hear directly from Alex Jordan, Head of Tools and Methodologies, and Francesca Williamson, ISF Analyst, about the recently updated ISF Tools Suite that is aligned to the 2024 version of the ISF Standard of Good Practice (SOGP). The ISF Tools Suite offers a holistic approach to security that is centred around industry-leading good practice, and assists security teams with risk management (IRAM2), control assessments (Benchmark), and managing supply chain risk (Supplier Security).

This webinar will include:
• An introduction to each of the ISF Tools
• An overview of the new topics covered, including Artificial Intelligence and Stakeholder Engagement
• An outline of the standards and frameworks the SOGP is aligned to, including ISO/IEC 27001:2022 and the NIST Cyber Security Framework v2.0.

The cloud has changed everything. Software supply chains, applications, and cloud environments are not only growing more complex, the attack surface has also expanded, with attackers now targeting the entire software supply chain—from source code management and CI/CD systems to developer identities.
The days of treating code, pipelines, and cloud in isolation are over. Security must now be integrated across every stage of development. Comprehensive cloud security is no longer about shifting left. It’s about starting left–and going all the way to the right.

Join Ziad Ghalleb, Product Marketing Manager at Wiz, to learn:

•why application security can no longer be separated from cloud security.
•how a code-to-cloud approach empowers your developers to move at the speed of the cloud without compromising security

Web applications are central to modern life. For governments, they are an important channel to communicate information to the public and provide essential services. For businesses, they serve as a source of revenue, efficiency, and customer insights.

Take a close look at the most important trends shaping the web application and API threat landscape today, including vulnerability exploitation, DDoS attacks, bot traffic, and third-party supply chain risk.

Join Sheril Nagoormeera, Principal Solutions Architect for a discussion on the latest application and API security threat research sourced from Cloudflare’s global network, including:

• Shifts in blocked web application and API traffic
• The growth and increased complexity of DDoS attacks
• The weaponization of vulnerabilities at breakneck speed
• The growing risk of shadow APIs
• Risks associated with third-party components such as scripts, outbound connections, and cookies

We’ve identified three challenges posed by today’s uncertain world with the aim of equipping you – security and business leaders and their teams – with insight into why they matter, and how you can keep you and your organization’s future safe within strained budgets and resources.

This event will be part of our Cyber Awareness Month webinar program. Attend this session to:
- Gain perspective on the critical challenges facing organizations worldwide
- Equip yourself with the knowledge required to mitigate these challenges with increasingly limited resources
- Ask yourself the right questions to see where you stand on your cyber journey

As the deadline to meet the NIS 2 directive fast approaches, organisations are realising that satisfying this legislation will be an ongoing activity.

Resulting from workshops, events and assessments, ISF has identified 7 common challenges of NIS 2.

Join our in house EU regulatory expert Luka Ivezic, as he outlines these challenges and how organisations can successfully achieve compliance.

Cyber security awareness programmes have been running for decades, but are they effective? The human element is still the single most common factor in causing security incidents. Security awareness programmes haven’t changed that or reduced our susceptibility to an acceptable level. It’s time to do more than just raise awareness: we need to change the conversation and talk about behaviour and culture instead.

Based on ISF research, this webinar will provide hints and tips on how organisations can move beyond raising awareness, to embedding security behaviours. It will outline how to:

•understand and address the psychological vulnerabilities we all have, and which attackers exploit
•create a programme for behavioural change across all levels of the organisation
•develop a human-centred security culture
•positively influence security behaviour.

Planning for the next iteration of cyber threats is a difficult task, the ISF have over 15 years’ experience of predicting the next big thing for security teams to worry about. Threat Horizon can be part of your future proofing your security protections, hear from Paul Holland, Head of Research at the ISF, who will explain more about Threat Horizon and how our predictions have a habit of coming true.

Based on ISF research, this webinar will provide insight into the ISF Threat Horizon report and how it can be used for future proofing your cyber security plans:

• Learn about the ISF Threat Horizon report
• See how our threat predictions are made
• Discover how accurate our past and present predictions have been
• Understand how Threat Horizon can help future cyber security planning

How do we move from separated teams, separated tooling, poor operational efficiencies, to a Cloud SOC that hums and keeps critical cloud infrastructure safe?

Leveraging popular economist and thinker Nassim Taleb's ideas of Black Swan events and risk management, this session covers how current people, process and technology issues are leading to fragile cloud security operations for many organisations. In this session, we explore the opportunities and ways to rebuild more anti-fragile Cloud SOC.

Join Chris Hosking, Cloud Security Evangelist at SentinelOne, to learn:

• Key causes of fragile cloud SOC
• Technology opportunities to build cloud security resiliency

Earlier this year, the ISF introduced the latest edition of its Standard of Good Practice for information security (SOGP).

Organisations can leverage the SOGP to strengthen their policy frameworks and to assure stakeholders that they are aligned with industry-leading standards.

Join ISF experts Nick Frost, Dan Rycroft and Jean-Michel Chapon as they guide you through:

• The key updates in the 2024 Standard of Good Practice and the rationale behind them

• A comprehensive approach to policy framework development covering stakeholder engagement, alignment with budget cycles, and other key steps

• A case study demonstrating how the ISF supported an organisation in successfully refreshing its policy framework to align with business objectives

Some consider that cyber attacks are one of the four most important global concerns that society faces, to include Climate Change, Weapons of Mass Destruction and Disease Pandemics. Whether sensational talk or fact, cyber attacks are both increasing in number and scale.

Join Steve Dobson, Operations Director at the ISF, as he kicks-off the ISF Cyber Security Showcase Week to discuss:
- What are cyber attacks?
- What are the reasons behind the growth of cyber attacks?
- Who is most at risk?
- What are the five key steps everyone can do to be better aware - and better protected - from attack?

Disclaimer: This is a pre-recorded webinar