UPCOMING WEBINARS

Training Your Analysts: Tips for a More Effective Security Operations Center

Date: Wednesday, February 15th, 2012
Time: 10:00 am Pacific
Duration: 60 minutes

SC Magazine’s fifth annual “Guarding Against a Data Breach” survey uncovered that although budgets will be tight this year, IT security leaders are pushing ahead to take on a 2012 that promises still more of the advanced cyber attacks they saw last year. As such, the industry is seeing a hiring frenzy for analysts and managers as organizations expand their Security Operations Centers and capabilities.

But not every new hire can be an expert.

During this Webinar, you will hear from our Security Operations expert who will share best practices for analyst training and coaching based on his experiences staffing and managing a global SOC including:

• Various training approaches you can leverage to better prepare your analysts
• Mandatory basic curriculum as well as advanced courses that should be taken by senior analysts
• An understanding of the importance of “training up” your analysts using one of the aforementioned methods (because it works!)

Don’t miss this unique learning opportunity!

Addressing “The Unlucky Seven” - Security and Compliance Issues That Matter Most to the Mid-Market

On Demand Webinar

This webinar will go through the most critical challenges faced by mid-market companies, and illustrate how collecting and analyzing event data across the enterprise can address those challenges in the context of budget and staff constraints.

ArcSight Logger Technical Overview – The Universal Log Management Solution

On Demand Webinar

The industry’s first universal log management solution, ArcSight Logger 5.0, allows you to capture everything, analyze anything and it can be used everywhere. It unifies searching, reporting, alerting and analysis across any type of enterprise log data – making it unique in its ability to collect, analyze and store massive amounts of data generated by modern networks.
Join this session and learn how to:

• Consolidate silos of logs into a single rapidly searchable log repository
• Simultaneously handle cybercrime, compliance and operations issues
• Download, install and start getting instant value out of your logs in minutes

Demonstrating the ROI of SIEM

On Demand Webinar

Join the ArcSight security experts and learn how to define Return on Investment (ROI) for SIEM projects. We will showcase how several organizations have successfully realized high returns on their SIEM investment. The companies profiled in this webinar saved millions of dollars through automation while increasing their ability to secure their corporate networks. More importantly, these companies demonstrated these savings via hard dollar amounts to internal stakeholders.
Register today and learn how you can measure the ROI of a SIEM investment.

HOT TOPICS

Advanced Endpoint Protection with SIEM

The SIEM provides a single pane of glass for a Security Operations Center, collecting and correlating security events from different IT infrastructure sources to uncover threats that otherwise would go unnoticed. As threats evolve, so should the sources of feeds to the SIEM. Given the ineffectiveness of antivirus and explosion of malware, the endpoint has become a blind spot.

Bit9, going beyond traditional endpoint defenses, acts as endpoint sensor for the SIEM to identify the presence of modern malware. The ArcSight SIEM platform acts as the centralized command and control system in the security operations center that provides a real-time view of enterprise-wide threats that can originate from non-compliant end-points.

Watch this webcast from ArcSight and Bit9 to learn how to remove the endpoint blind spot from your enterprise security picture.

At the SOC - Tips to Managing Cyberthreats

1 hour duration

Get the most from your SOC services by fully utilizing your existing security tools and solutions. Join this session and you will learn how to:

- Decrease response times by modeling your network
- Increase relevance by integrating vulnerability scan data
- Prevent work duplication by using effective workflow
- Stay current with the latest threats by integrating security intelligence

Automated vs. Automatic Threat Response Systems

You no longer need to implement a costly and time-consuming NAC solution for DOS, DDOS, viruses, worms or even BOTNET-based attacks. Learn how Boston Medical Center has eliminated troubleshooting and saved vast amounts of time and money with an automated attack response time of less than two minutes.

Automating GRC and Endpoint Compliance; Real-world Issues, Considerations and Results

How can you improve security compliance AND save money? Through automation. Watch this webinar to learn how ForeScout Technologies’ network access control system can integrate with the ArcSight SIEM platform to provide greater intelligence and a higher degree of security automation. Using these two products together gives you:

• Improved operational efficiency and compliance management of endpoints
• Stronger security based on visibility of non-compliant endpoints and unauthorized users
• Real-time, automated remediation of enterprise-wide threats

And hear a real-world story about how a large bank is saving $400,000 annually through this automated GRC solution.

Combining Application Security Monitoring and SIEM

Most information security experts agree that the old paradigm of defending the perimeter, hosts, and endpoints is broken. Perimeters have become too porous and hackers can take advantage of mobile devices, compromised web sites, social networking applications, and other poorly defended avenues into corporate networks.

This Webinar reviews how you can strengthen your company’s security posture by utilizing a new technology, Application Security Monitoring, combined with your SIEM system to achieve the highest levels of application monitoring and attack detection. Benefits include:

• Better protection against cyber attacks and insider security threats.
• Simplified compliance with government regulations and industry standards through better monitoring of application and user actions.
• The effective use of custom business logic and business context to detect fraud and sophisticated attacks targeting specific industries and companies.

Also, all registrants will receive a complimentary copy of the Next-Generation Application Monitoring: Combining Application Security Monitoring and SIEM whitepaper.

Contain Data Leakage by Raising Your Security IQ

Headlines about compromised enterprises seem to be a weekly, if not daily, occurrence lately. Whether data leakage incidents are driven by the likes of botnets, malware, viruses, etc., or non-malicious insiders, organizations’ bottom line and reputations are being severely affected.

From published internal emails to entire customer lists, intellectual property theft is often the result of a simple security program oversight. This webinar has been designed to help companies better comprehend the scope of data leakage and IP theft, and more importantly, how you can glean better security intelligence by:

• Considering the focus areas your company needs to encompass in your security program, from devices to education
• Understanding what use cases to look for and which Primary Data Sources to gather and monitor to gain the most visibility into the security and threats both internal and external
• Reviewing best practices for handling SIEM events and reducing Mean Time to Resolution (MTTR) for any detected breaches

Don’t let your company be the next headline!

Could a Cyber Attack Bankrupt your Company?

What would happen to your business if your company's intellectual property, records or customer data were stolen? How much would it cost your firm to recover?

The Ponemon Institute research, The First Annual Cost of Cyber Crime Study, published in 2010 found in a benchmark study of 45 global companies that successful cyberattacks now cost large enterprises on average $6M a year. In today's threat environment good governance practices and complete business protection is essential. Join this webinar and hear from Dr. Larry Ponemon, founder of the Ponemon Institute, as he discusses his latest study findings.

Current Trends in Security and Compliance Monitoring

Learn about the current trends in security and compliance monitoring, why those are changing customer needs for SIEM, and how the ArcSight SIEM platform meets these evolving requirements.

Detect Advanced Persistent Malware with SIEM

How do you detect something that looks like everyday traffic? Join this webinar and learn how to:

• Detect malware beacon events, quickly and easily
• Combat this sophisticated cyberthreat using multiple correlation techniques
• Detect malware before it activates and does damage
• Reduce or eliminate system downtime due to Malware Outbreaks

Detect and Address Worms and Malware

Join this ArcSight/Unisys webinar to learn about the methods used by Unisys security experts to detect and stop Conficker using ArcSight SIEM. We will review the specific rules as well as firing conditions used to prevent false positives, and practical techniques for securing your networks from the Conficker worm using a SIEM solution.

Detecting Advanced Forms of Cybercrime

The evolution of cybercrime has outpaced many of the tools security and fraud professionals use to fight it. In addition, the substantial sums of money involved have driven cybercriminals’ creativity to new heights.

Register now and hear from ArcSight security expert, Ryan Kalember, Director of Product Marketing, CISSP, to learn about the evolution of cybercrime and countermeasures that can be used to detect and defeat new criminal techniques.

Detecting and Stopping Modern Botnets with Damballa and ArcSight

Modern malware is more sophisticated and aggressive than ever before. Botnets can infiltrate any organization, compromising security and confidentiality. They can be difficult to detect, and even harder to fully eradicate, leaving companies at risk. However, equally sophisticated and aggressive solutions exist for stopping the botnet threat. Industry leaders Damballa and ArcSight deliver integrated solutions for detecting and eliminating modern botnets. This webinar describes the modern botnet problem and how Damballa and ArcSight solve that problem.

Five Essential Steps for Protecting Your Organization from Insider Threats

Will you be held hostage or have implemented a prevention, detection and response plan? Listen in as we discuss the controls required to mitigate risk.

Getting It Right! Best Practices in Selecting a Log Management Solution That’s Right for You

An effective Log Management solution must support quick and easy analysis across large log volumes. What about audit quality and deployment flexibility? What else needs to be considered when making a Log Management investment?

Hacking the Odds - Gaining a “House Advantage” Over Modern Threats

21st Century businesses are highly dependent on digital technologies and they have more to do than ever to beat the odds against a coordinated cyber attack. In recent years, cybercrimes have dramatically increased in quantity, diversity and sophistication. In 2008 alone, over 20 million malicious programs such as viruses, worms and Trojans were created and over 45,000 different botnets were involved in cybercrimes. Join ArcSight CEO, Tom Reilly, and his guests as they discuss some of the architectural issues that enable modern security threats as well as techniques for shutting them down and new solutions for detecting and stopping cybercrimes.

Guests:
- Joseph Menn, Author of the new book - Fatal System Error
- Dr. Nir Kshetri, Author of the new book - The Global Cybercrime Industry
- Barrett Lyon, CEO, 3Crowd Technologies and Computer Wizard who penetrated both the Russian cyber-mob and American Mafia
- Andy Crocker, COO, Cybersecurity Shield and former investigator with the National Hi Tec Crime Unit at the National Crime Squad in the UK
- Dr. Prescott Winter, CTO for Public Sector, ArcSight

How many Log Management Solutions do you ideally need?

Some would say you need a software solution, others might stress on an appliance-based solution, and some might suggest a cloud version. Based on the use cases, some solutions were designed for security, some for compliance and some for IT operations. So, how many log management solutions do you ideally need? The answer is just ONE – A Universal Log Management Solution. Come attend this webcast to find out how to select The Universal Log Management Solution.

I am a Patient: Perspectives of Security and Data Privacy in Healthcare

We are security professionals, healthcare experts and developers but above all we are patients who have a very personal interest in making sure our medical records are safe. In this webinar you will hear from a security expert who has designed and developed multiple electronic medical record systems and health information exchanges as well as interfaced with over 100 different EMRs. She will walk you through various ways to evaluate the security of a healthcare system from different perspectives and suggest plans of attack for increasing healthcare security and data privacy.

You will learn:
• Different areas of the Healthcare ecosystem which are most at risk of data privacy breaches
• What feeds should be gathered and monitored to achieve specific goals of a healthcare company
• How to prepare for breaches by making sure the required information is accessible and how to handle a breach when it does occur

Identity Governance: The Security of Privileged Users

The Insecurity of Privileged Users, a soon to be released global benchmark study sponsored by HP Enterprise Security and independently conducted by the Ponemon Institute, examines the inherent risk caused by a lack of control and oversight of privileged users in the workplace and what should be done to minimize this risk. The study surveyed privileged users who are defined as having broad access rights to IT networks, enterprise systems, applications and information assets based on their roles and responsibilities within their organization.

This Webinar, featuring Dr. Larry Ponemon of the Ponemon Institute, will help organizations better understand the state of access governance in global organizations and the likelihood privileged users will abuse or misuse IT resources. Dr Ponemon will highlight key findings from this highly informative study, along with their implications and provide recommendations, including:

• The critical success factors for governing, managing and controlling privileged user access across the enterprise
• How recent changes in the IT ecosystem affect the need for strong authentication and network intelligence technologies, including SIEM

All registrants will receive a complimentary copy of The Insecurity of Privileged Users benchmark study.

Identity Monitoring in an Imperfect World

Despite the billions of dollars that enterprises have invested in identity and access management technologies, access control problems are getting worse, not better. As more companies turn to contractors and Cloud services, IT security departments face even greater difficulty deploying identity management technologies and role managers to control, revoke and apportion access rights. And yet the burning question still remains, can you ever perfectly monitor everyone in an imperfect world?

Attend this session and learn how leading enterprises are using identity monitoring solutions to:

• Mitigate security and compliance risks
• Provide a window into user activity that solves many of the risk and compliance challenges caused by imperfect access governance
• Effectively monitor what their key system administrators, contractors and other employees are doing with the access rights they’ve been given

Immunity for the Enterprise: Using a Security Platform to Ensure Your Organization Stays Healthy

Enterprises are faced with a new threatscape of persistent adversaries using custom malware. This means that compromises are nearly inevitable for Internet-connected systems. ArcSight security expert, Ryan Kalember, explains how a platform-based approach to security can provide protection when perimeter and endpoint security fails.

Integrate Enterprise and Cloud Security for a 360-degree View of User Activity

Organizations of all sizes are looking at cloud services as a way to cut costs and increase efficiency. However, as parts of your IT infrastructure move off of your network, how will you monitor security in a hybrid environment? Monitoring users as they access internal applications and databases plus cloud services can reduce many security risks. Join ArcSight and Ping Identity to understand how leading organizations are securing their operations while cutting costs via the cloud.

Join this session and learn how to:
• Maintain enterprise access control while embracing cloud based apps
• Establish proper audit trails for compliance and regulatory requirements quickly and easily
• Implement plans that strengthen security, simplify user access, and are easily managed by IT

It’s the End of the (Security) World as We Know It

Today’s cybercriminals are using traditional delivery techniques to spread highly advanced malware designed to evade common detection and prevention techniques. The good news is that by preventing the spread of malicious software across unsuspecting business hosts and servers, organizations can put a stop to cyber attacks and reduce the risk faced by the business.

Join this webinar and hear from ArcSight security expert, Aarij M. Khan, who will discuss:

•New threat vectors being employed by cyber criminals today
•Why traditional point techniques like signatures and anti-virus are ineffective
•The advanced recognition techniques needed to thwart cyber criminals

Log Management for IT Operations – 5 Best Practices, 5 Big Mistakes, 5 Minutes to Get Started!!!

According to Gartner, 80% of downtime is due to people or processes. Moreover, downtime of even an hour means loss of business, reputation and efficiency. You can easily be on top of these downtimes by using a log management solution for change management, application management and network and infrastructure management. Attend this webinar to learn about:

• Gaining visibility into cryptic IT data to better manage applications and servers, in minutes
• 5 best practices in IT operations log management
• 5 big mistakes to avoid

Log Management in 2011 and Beyond …

To continue the series we started last year, we will talk about the changes that 2011 will bring to the realm of log management. Attend this webinar to learn:

• About the technologies that can and will impact your security posture
• The changes that need to be made to your log infrastructure to be better prepared
• How to accomplish more with less using a universal log management solution

Mitigating Fraudulent Application Transactions.

This Webinar will explore the various problems associated with protecting financial organizations from fraudulent activity. Several solutions will be outlined and case studies will be explored that illustrate the advantages of leveraging a more holistic approach to incident detection and response.

Outsiders vs. Insiders: Who should manage your security events?

MSSPs provide an extremely valuable service to companies in helping to alleviate security operations from an internal staff. However, do the benefits outweigh building your own SOC? In this session, we’ll look at the benefits of using an MSSP versus building your own SOC.

Ponemon’s Predictions on Trends in Information Security

What does the future hold for the security of sensitive and confidential information?

Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute – an independent research firm focusing on privacy, data protection and information security policy – will provide key insights to help you navigate the changing information security landscape more confidently and gain a clearer understanding of current trends, practices, perceptions and potential threats.

Dr. Ponemon is joined by Ponemon Institute Fellow Stanton Gatewood, who is the Chief Information Security & ePrivacy Officer for the Board of Regents of the University System of Georgia and the principal advisor to USG senior executives and security officers on matters related to cyberspace security and privacy issues. They will review the following topics:

• How cyber attacks are influencing the IT security environment and culture
  
• The importance of managing complexity in IT security to deal with future cyber threats
  
• If the cost of a data breach will continue to climb and why
  
• The most serious threats to an organization’s sensitive and confidential information
  
• If the focus on compliance will keep organizations from achieving a strong security posture

Real-time Privileged Identity Monitoring and Compliance for the Enterprise

ArcSight and Cyber-Ark have partnered to provide a solution that gives you complete visibility into who is on your network, what data they are seeing, and which actions they are taking with that data to help you meet compliance and best practice requirements.

Attend this webinar to learn how you can:

• Prevent intranet threats by detecting role violations through monitoring all privileged user activity

• Comply more readily with PCI, SOX, NERC, HIPAA and other industry requirements with pre-packaged dashboards and reports

• Conduct stronger forensics analysis and evidence collection by drilling down into privileged user sessions

The ArcSight SIEM Platform provides centralized activity monitoring through broad data collection and correlation from over 300 different enterprise event sources. Cyber-Ark’s Privileged Identity Management Suite (PIM) securely manages shared privileged accounts such as UNIX Root, Windows Admin, SQL SA, and Cisco Enable, and provides the ArcSight Platform with an authoritative audit trail to monitor privileged user activity.

Security Operations: Getting Over the Waterfall

Agile software development methodologies have revolutionized software engineering. These same principles and tools can be adapted for building a flexible and dynamic security operations. Learn how to take wikis, scrums, and user stories and utilize them in incident responses, shift turnovers, and ArcSight use cases.

Security Operations for Sale

You believe that your organization would benefit from building its own SOC to help mitigate risk and monitor cybercrime, but your management doesn’t want to spend money on “foot apparel” (SOCs). This session will cover the key business requirements, show how to manage and structure the costs, and help you transform the ‘no’ into an executive “yes.”

Security Stories from the Trenches

Today's IT environments are dynamic and complex. Security Information and Event Management can automate the process of event collection, analysis and storage. Attend this webinar to hear customer success stories and find out how you can leverage your existing IT infrastructure to improve your security posture.

SIEM & SAML- Secrets to Securing the Cloud

While CIOs and CISOs are weighing through a broad range of cloud services to cut costs and streamline operations, they all share one common concern: how to retain visibility over user activity when applications move to the cloud?

Join SIEM market share leader ArcSight’s Vice President of Product Marketing Rick Caccia and Internet Identity Security market leader Ping Identity’s CTO Patrick Harding in a free Webinar in which they will discuss best practices for better security and compliance in the cloud.

SIEM as a Tool for Fraud Prevention

Online fraud is becoming increasingly sophisticated, relying on misdirection and gaps in detection systems. As a fraud detection technology, security information event management (SIEM) is uniquely suited to correlating transaction information to detect fraud. While many financial institutions have deployed channel-specific fraud prevention products, correlating across these and across channels remains difficult.

In this webinar, we will discuss ways that SIEM technology can be used to detect sophisticated online fraud, as well as real-world examples of fraud prevention using the ArcSight SIEM platform.

Signs of Growth - Is Your SOC Maturing?

Security operations is rather new in the plethora of IT services especially when dealing with ongoing threat of cybercrime. While you may know how to determine whether your mainframe or distributed operations are mature, relatively few groups assess the overall maturity of security operations. In this session, you will learn how to discover whether your people, processes, and SIEM technology have matured.

Social Networking Risks within Enterprise Environments

Social networking is becoming part of our DNA. This is especially true for newer generations of workers. Current and future employees will expect to blog and use social networking with corporate assets while using corporate bandwidth. These new technologies are also being used for corporate marketing and communication, making them ubiquitous in the enterprise environment.

This technological shift underscores the importance of securing all aspects of your infrastructure and more importantly, the people that drive your organization today. Security involves educating people, testing and revising corporate processes and implementing correct security technologies.

This highly informative Webinar provide insight into:
• The benefits and security risks inherit in social networking across all business verticals
• A use case analysis gathered via web beacons that harvest information unknowing to the user

Stop New Security Threats on Day Zero

Conducting business in a networked world seems to be more dangerous than ever. New malware, botnets, and hackers are causing new security breaches at a rapid pace. Traditional defenses are not working well, but new solutions exist for detecting and stopping zero-day outbreaks.

Join ArcSight experts as they present in this webinar, some of the architectural issues that enable modern security threats; as well as techniques for shutting them down.

The ArcSight ETRM Platform: The Enterprise Cybersecurity Solution

The latest release of ArcSight ETRM Platform enables organizations of any size to operate in a modern business environment that includes virtualized, mobile, and cloud architectures and provides visibility into who is on the network, what they are seeing and doing, and how that impacts business risk.
Join this session and learn how to:

• Mitigate security and compliance risks
• Get powerful analysis of user behavior to detect threats immediately
• Provide a window into user activity that solves many of the risk and compliance challenges caused by imperfect access governance

The Cost of Cyber Crime: Calculating the Economic Consequences

Cyber crime can do serious harm to an organization’s bottom line, but how severe are the potential economic consequences? In the First Annual Cost of Cyber Crime Study, sponsored by ArcSight and independently conducted by Ponemon Institute, found that the median annualized cost of cyber crime of the 45 organizations in the benchmark study is $3.8 million per year, but can range from $1 million to $52 million per year, per company.

In this session, Dr. Ponemon will present the most interesting and surprising findings from the study and how companies can calculate the potential financial impact to their organizations.
Key takeaways from this webinar:

• The inside story of how the Cost of Cyber Crime Study was conducted.
• The most disastrous cyber attacks faced by companies in our study and why.
• The best approaches to reduce the threat of cyber crime.
• How this study can help organizations determine the appropriate amount of investment and resources needed to prevent or mitigate the devastating consequences of an attack.

Top 10 Security Breaches

A review of the top ten security breaches and proactive steps to limit damages.

2008 was a record year for security breaches and 2009 already has started with several high-profile incidents. This presentation covers a list of the top 10, how the list is created, and some of the important lessons that can be learned to help keep your company out of the headlines.

Top 10 Ways to Ensure Your Security Operation Center Fails

The business of running a Security Operations Center (SOC) is a difficult one. Who has the time to retain the right people, build comprehensive processes and procedures, and implement a robust Security Event and Information Management (SIEM) infrastructure? Those tasks require time, expertise and experience. Would you like to take a shortcut? This session will give you the tips and tricks based on actual client engagements that you’ll need to side-step, bypass, and throw out the rigorous project needed to make a successful SOC. Need a SOC up and running in two weeks, but don’t necessarily care about it running one year from now? This session is for you.

Top 5 Security Threats to Watch For In the Coming Year

In 2011, we saw many examples of organizations falling victim to hackers and malicious insiders – from major cyberattacks like Sony, malware like Stuxnet to massive data breaches like Epsilon Interactive. As you begin making improvements to your security programs in 2012, it is critical to review these breaches to betting prepare for the trends taking place in the information security arena.

In this webinar, we will take a close look at the security risks you should expect to face in 2012 and how you can prevent a major security incident from occurring in your organization. You will gain valuable insight into:

• Notable security incidents in 2011
• Top security threats to watch for in 2012
• The steps you can take to secure your organization NOW

You will also hear about case studies illustrating how organizations have successfully prevented security attacks and improved their security and compliance posture.

Universal Log Management with ArcSight Logger 5

Did you know the industry’s first universal log management solution, ArcSight Logger 5.0, allows you to capture everything, analyze anything and can be used everywhere?

Register today and learn how ArcSight Logger 5.0 unifies searching, reporting, alerting and analysis across any type of enterprise log data – making it unique in its ability to collect and store massive amounts of data generated by modern networks.

Join this session and learn how to:
• Consolidate silos of logs into a single rapidly searchable log repository
• Streamline IT operations, combat cybercrime and demonstrate compliance using a single log management solution
• Download, install and start getting instant value out of your logs in minutes for only $49

When Insiders Go Rogue: Tactics for Monitoring and Containing Breaches

The true cost of an insider data breach is unknown, however if headlines about compromised enterprises are any indication, it can be as much as tens of millions of dollars. What’s more, a recent benchmark study conducted by the Ponemon Institute, the 2010 Annual Study: U.S. Cost of a Data Breach, revealed that data breaches grew more costly for the fifth year in a row. This study also revealed that negligence remains the most common threat to an organization.

Another significant financial impact to an organization is the remediation cost that follows breach detection. Faster detection can help organizations reduce the size of their breaches and thus, lower remediation costs.

This webinar has been designed to help companies better understand the scope of insider threats and glean best practices for monitoring and containing breaches. You will learn:

• The sources of insider threats, both careless employee behavior or malicious actions, and how to recognize them in your organization
• Best practices for monitoring high-risk users and anomalous behavior to identify possible breaches before they become large scale
• Reporting metrics to monitor the business threats and ensuring incident response processes are in place to quickly remediate any breach

TECHNOLOGY SOLUTIONS

SIEM | Log Management | User Monitoring

SIEM

(ISC)2 ThinkT@nk Roundtable: Using SIEM/Log Management to Achieve Significant ROI

In today’s tough economic condition where resources are shrinking and logs are exploding, enterprises are seeking ways to utilize logs to ensure high ROI, short payback times, less investment, simple deployment and lowering ongoing administrative cost. On June 23rd, 2009, (ISC)² and ArcSight will present a ThinkTank Roundtable on SIEM/Log Management ROI. Brandon Dunlap of BrightFly will moderate a panel of experts including A. J. Wright, Chief Architect University of Tennessee’s Technical Review Board and Varun Kohli, Sr. Manager of Product Marketing at ArcSight that will look at three key use cases of SIEM/Log Management solutions that can aid in huge savings which include Storage, Compliance and IT Security and IT Operations.

(ISC)2 Member ID required.

Advanced Endpoint Protection with SIEM

The SIEM provides a single pane of glass for a Security Operations Center, collecting and correlating security events from different IT infrastructure sources to uncover threats that otherwise would go unnoticed. As threats evolve, so should the sources of feeds to the SIEM. Given the ineffectiveness of antivirus and explosion of malware, the endpoint has become a blind spot.

Bit9, going beyond traditional endpoint defenses, acts as endpoint sensor for the SIEM to identify the presence of modern malware. The ArcSight SIEM platform acts as the centralized command and control system in the security operations center that provides a real-time view of enterprise-wide threats that can originate from non-compliant end-points.

Watch this webcast from ArcSight and Bit9 to learn how to remove the endpoint blind spot from your enterprise security picture.

Automating GRC and Endpoint Compliance; Real-world Issues, Considerations and Results

How can you improve security compliance AND save money? Through automation. Watch this webinar to learn how ForeScout Technologies’ network access control system can integrate with the ArcSight SIEM platform to provide greater intelligence and a higher degree of security automation. Using these two products together gives you:

• Improved operational efficiency and compliance management of endpoints
• Stronger security based on visibility of non-compliant endpoints and unauthorized users
• Real-time, automated remediation of enterprise-wide threats

And hear a real-world story about how a large bank is saving $400,000 annually through this automated GRC solution.

Demonstrating Return on Investment for SIEM

The need to secure systems, applications and data have increased as networked environments get larger, more complex and more transparent to outsiders. However, security professionals such as yourself often struggle to justify security investments to business owners.

Join the ArcSight security experts and learn how to define Return on Investment (ROI) for SIEM projects. We will showcase how several organizations have successfully realized high returns on their SIEM investment. The companies profiled in this webinar saved millions of dollars through automation while increasing their ability to secure their corporate networks. More importantly, these companies demonstrated these savings via hard dollar amounts to internal stakeholders.
Register today and learn how you can measure the ROI of a SIEM investment.

Detect and Address Worms and Malware

Join this ArcSight/Unisys webinar to learn about the methods used by Unisys security experts to detect and stop Conficker using ArcSight SIEM. We will review the specific rules as well as firing conditions used to prevent false positives, and practical techniques for securing your networks from the Conficker worm using a SIEM solution.

Immunity for the Enterprise: Using a Security Platform to Ensure Your Organization Stays Healthy

Enterprises are faced with a new threatscape of persistent adversaries using custom malware. This means that compromises are nearly inevitable for Internet-connected systems. ArcSight security expert, Ryan Kalember, explains how a platform-based approach to security can provide protection when perimeter and endpoint security fails.

Ponemon’s Predictions on Trends in Information Security

What does the future hold for the security of sensitive and confidential information?

Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute – an independent research firm focusing on privacy, data protection and information security policy – will provide key insights to help you navigate the changing information security landscape more confidently and gain a clearer understanding of current trends, practices, perceptions and potential threats.

Dr. Ponemon is joined by Ponemon Institute Fellow Stanton Gatewood, who is the Chief Information Security & ePrivacy Officer for the Board of Regents of the University System of Georgia and the principal advisor to USG senior executives and security officers on matters related to cyberspace security and privacy issues. They will review the following topics:

• How cyber attacks are influencing the IT security environment and culture
  
• The importance of managing complexity in IT security to deal with future cyber threats
  
• If the cost of a data breach will continue to climb and why
  
• The most serious threats to an organization’s sensitive and confidential information
  
• If the focus on compliance will keep organizations from achieving a strong security posture

SIEM & SAML- Secrets to Securing the Cloud

While CIOs and CISOs are weighing through a broad range of cloud services to cut costs and streamline operations, they all share one common concern: how to retain visibility over user activity when applications move to the cloud?

Join SIEM market share leader ArcSight’s Vice President of Product Marketing Rick Caccia and Internet Identity Security market leader Ping Identity’s CTO Patrick Harding in a free Webinar in which they will discuss best practices for better security and compliance in the cloud.

SIEM 3.0: The Next Generation of Security and Compliance Monitoring

Learn about the current trends in security and compliance monitoring, why those are changing and what a next-generation solution will look like. If you are considering a SIEM solution, this webinar is a can't-miss and will change the way you evaluate monitoring technology.

SIEM as a Tool for Fraud Prevention

Online fraud is becoming increasingly sophisticated, relying on misdirection and gaps in detection systems. As a fraud detection technology, security information event management (SIEM) is uniquely suited to correlating transaction information to detect fraud. While many financial institutions have deployed channel-specific fraud prevention products, correlating across these and across channels remains difficult.

In this webinar, we will discuss ways that SIEM technology can be used to detect sophisticated online fraud, as well as real-world examples of fraud prevention using the ArcSight SIEM platform.

SIEM Thought Leadership Roundtable

Most IT security departments are swamped. On one hand they’re contending with a highly dynamic threat landscape and an ever-expanding technology portfolio that requires protection. At the same time they’re doing what they can to help fulfill a burgeoning list of audit and regulatory compliance requirements. And on their third hand … if only that were possible! Fortunately, Security Information and Event Management (SIEM) – which has long offered IT Security the prospect of re-gaining control – is possible. In this Thought Leadership Roundtable, we’ll get to the bottom of what makes SIEM different from other security management solutions as well as what level of investment is required to make it work.

Stop New Security Threats on Day Zero

Conducting business in a networked world seems to be more dangerous than ever. New malware, botnets, and hackers are causing new security breaches at a rapid pace. Traditional defenses are not working well, but new solutions exist for detecting and stopping zero-day outbreaks.

Join ArcSight experts as they present in this webinar, some of the architectural issues that enable modern security threats; as well as techniques for shutting them down.

The First Line of Defense: Perimeter Security in a Changed World

The threat landscape continues to evolve with cyber attacks becoming more sophisticated and frequent. In tandem, the traditional enterprise perimeter with a small number of tightly controlled gateways has become obsolete in the face of ubiquitous internet connectivity, greater mobility, and the growth of cloud computing.

However, increasing the security of your organization’s complex perimeter has substantial value as a deterrent for cyber criminals. This webinar has been designed to help companies better understand the changing scope of perimeter threats and more importantly, how to derive the security intelligence needed to better secure their businesses.

You will learn:
• Why perimeter security monitoring is a best practice for any security program in any industry.
• What use cases to target and which primary data sources to gather and monitor to gain the most visibility into the security and threats of a perimeter environment.
• Best practices for handling SIEM events based on their priority, including repeatable processes and procedures to handle events.

Log Management

(ISC)2 ThinkT@nk Roundtable: Using SIEM/Log Management to Achieve Significant ROI

In today’s tough economic condition where resources are shrinking and logs are exploding, enterprises are seeking ways to utilize logs to ensure high ROI, short payback times, less investment, simple deployment and lowering ongoing administrative cost. On June 23rd, 2009, (ISC)² and ArcSight will present a ThinkTank Roundtable on SIEM/Log Management ROI. Brandon Dunlap of BrightFly will moderate a panel of experts including A. J. Wright, Chief Architect University of Tennessee’s Technical Review Board and Varun Kohli, Sr. Manager of Product Marketing at ArcSight that will look at three key use cases of SIEM/Log Management solutions that can aid in huge savings which include Storage, Compliance and IT Security and IT Operations.

(ISC)2 Member ID required.

ArcSight Logger Tips, Tricks and Use Cases – Save Time and Boost Productivity

Now that you have purchased ArcSight Logger - Downloadable Version, we thought you would like to hear about some tips and tricks on how to get the most out of it. In this webcast, ArcSight log management expert, Varun Kohli, will cover some Logger use cases around IT operations, security, compliance, and application development. Attend this webcast to learn how to:

• Collect, analyze and store massive amounts of generated data
• Search, report and alert on any type of information, anytime
• Streamline IT operations, demonstrate compliance, combat cybercrime and simplify application development

Driving Compliance with Log Management at Tyson Foods

Establishing a Universal Log Management Strategy

In today's evolving world of complex security, compliance, and IT requirements, a fragmented approach to log management will no longer suffice. A universal log management strategy is needed that addresses requirements from all areas of the organization.
In this webinar, we will discuss:

Key considerations for establishing an effective log management strategy
• Best practices in universal log management
• How to achieve greater operational efficiencies and reduce costs

Get More Out of Your ESM Investment with ArcSight Logger

This webinar will review the architecture, benefits, and capabilities of ArcSight Logger with an emphasis on its complementary value and bi-directional integration with ArcSight ESM.

How many Log Management Solutions do you ideally need?

Some would say you need a software solution, others might stress on an appliance-based solution, and some might suggest a cloud version. Based on the use cases, some solutions were designed for security, some for compliance and some for IT operations. So, how many log management solutions do you ideally need? The answer is just ONE – A Universal Log Management Solution. Come attend this webcast to find out how to select The Universal Log Management Solution.

Is Your Log Management Solution Obsolete?

Find out how ArcSight Logger revolutionizes and redefines log management by joining us for an exclusive, complimentary webinar.

Log Management for IT Operations – 5 Best Practices, 5 Big Mistakes, 5 Minutes to Get Started!!!

According to Gartner, 80% of downtime is due to people or processes. Moreover, downtime of even an hour means loss of business, reputation and efficiency. You can easily be on top of these downtimes by using a log management solution for change management, application management and network and infrastructure management. Attend this webinar to learn about:

• Gaining visibility into cryptic IT data to better manage applications and servers, in minutes
• 5 best practices in IT operations log management
• 5 big mistakes to avoid

Log Management in 2010 and beyond …

Attend this webinar and learn how log management will change the course of fighting cybercrime in the next decade. Instead of choosing point solutions, global organizations are choosing a single log management platform to simultaneously handle the needs of cybersecurity, compliance and IT operations. Join the industry experts and learn how ArcSight Logger 4 enables leading organizations to combat cybercrime, demonstrate regulatory compliance and streamline IT operations

Log Management in 2011 and Beyond …

To continue the series we started last year, we will talk about the changes that 2011 will bring to the realm of log management. Attend this webinar to learn:

• About the technologies that can and will impact your security posture
• The changes that need to be made to your log infrastructure to be better prepared
• How to accomplish more with less using a universal log management solution

Marrying the SOC and NOC Logs

In most organizations, security and network operations teams do not interact that much, however the converse is true for the SOC and NOC logs. In fact, more often than not, a problem in NOC is related to a pattern seen in SOC and vice versa.

During this webinar log management expert, Varun Kohli, will review how to centralize NOC and SOC logs in a single universal log management repository that will allow you to:

• Quickly perform forensic analysis on ANY problem
• Access security background on NOC issues and operations background on SOC issues
• Collect and mine ALL IT data for ultrafast searches, reports and alerts

And to help you get started, all registrants will get a FREE copy of the industry’s first and only Universal Log Management solution, ArcSight Logger (a $49 value).

Navigating the Data Stream without Boiling the Ocean: Case Studies in Effective Log Management

What makes a log management program effective? Log management activities must be prioritized in order to operate your security team effectively. We will review and analyze best practices for implementing log management programs as well as address SIEMs’ influence on the goal of optimization. This virtual discussion is ideal for risk, compliance, and security managers, as well as anyone looking for new approaches to gain intelligence from their log data.

SANS Webcast: Log Management for Security Monitoring and IT Operations

SANS Webinar: Log Management Requirements, Drivers & Trends

This webinar will cover drivers and basic requirements when adding to, developing or acquiring log management systems, followed by an overview of the ArcSight Log Management system.

Stop New Security Threats on Day Zero

Conducting business in a networked world seems to be more dangerous than ever. New malware, botnets, and hackers are causing new security breaches at a rapid pace. Traditional defenses are not working well, but new solutions exist for detecting and stopping zero-day outbreaks.

Join ArcSight experts as they present in this webinar, some of the architectural issues that enable modern security threats; as well as techniques for shutting them down.

Tackle Security, Privacy, and Compliance in the Healthcare Payer Sector

The growing incidence of data breaches and regulatory oversight have made security and privacy a top priority for healthcare payers. Join this webinar to learn how Priority Health, a major healthcare payer, utilizes the ArcSight SIEM platform and effectively addresses regulatory compliance, privacy, and security challenges through comprehensive event and log monitoring. Register today and also find out how Priority Health streamlines regulatory audits and protects their organization against a variety of external and internal threats.

Universal Log Management with ArcSight Logger 5

Did you know the industry’s first universal log management solution, ArcSight Logger 5.0, allows you to capture everything, analyze anything and can be used everywhere?

Register today and learn how ArcSight Logger 5.0 unifies searching, reporting, alerting and analysis across any type of enterprise log data – making it unique in its ability to collect and store massive amounts of data generated by modern networks.

Join this session and learn how to:
• Consolidate silos of logs into a single rapidly searchable log repository
• Streamline IT operations, combat cybercrime and demonstrate compliance using a single log management solution
• Download, install and start getting instant value out of your logs in minutes for only $49

User Monitoring and Improved Medical Data Privacy for Clinical Applications

The growing incidence of medical data breaches and the ARRA HITECH Act of 2009 have raised the importance of monitoring healthcare provider infrastructure and clinical applications.

Find out how the ArcSight and FairWarning joint solution can enable 360 degree user monitoring and improve medical data privacy.

Using Logs To Investigate Cyber Threats In The Enterprise

When security professionals suspect a security breach or infection in their enterprises, they begin an investigative process that is often complex and time-consuming. Combing through system and application logs to find clues on the source of the breach is a tedious and difficult process -- at a time when speed is of the essence. How can IT workers find the information they need to resolve these business-threatening security events -- with a minimum of delay?

Together with ArcSight expert Ansh Patnaik, Director of Industry Solutions, the Dark Reading team will discuss these key topics:

* Current trends in attacks and breaches
* Best practices for detecting potential security compromises
* Key methods for responding to a potential breach
* How to efficiently scan and analyze logs to find the source of a compromise
* Tips for monitoring logs to speed future incident response

Why You Need a Needle When You Have a Sword: The Difference Between Logger and ESM

Have you ever tried to sew with a sword? There are a number of use cases which can be best handled by a Security Intelligence Management solution as compared to a Security Event Management solution. Attend this webinar to learn the differences between ArcSight ESM and ArcSight Logger and when to use what. Log management expert, Varun Kohli, will cover the following in this webinar:

• How to efficiently collect ALL enterprise log data (structured, unstructured, file-based, syslog, third party etc.) with or without ArcSight SmartConnectors
• How to cost-effectively store terabytes of log information and adhere to multiple retention policies
• How to streamline IT operations, demonstrate compliance and combat cybercrime using a single universal log management solution

User Monitoring

ArcSight + Oracle for a 360 Degree View of Users, Roles and Activities

Combining the strength of ArcSight SIEM Platform with the Identity & Access Management Suites from Oracle, you can correlate events and actions with specific identities, roles, and authentications to identify and rapidly mitigate fraud, risk and compliance violations.

This session will demonstrate how Oracle Identity Management enhances your ArcSight Investment.

CSI Webinar Series: Using Identity Data to add Context to Security Information Management

The sources of log and real time data have multiplied, and correlation of current with archived events has made fully integrated log management much more desirable. With these trends has come a need for more context than that offered by the logs themselves. By better integrating data, security professionals get more context about what is right, what is questionable and what is clearly wrong at any given time. Join us to to get the full picture.

Detecting Advanced Forms of Cybercrime

The evolution of cybercrime has outpaced many of the tools security and fraud professionals use to fight it. In addition, the substantial sums of money involved have driven cybercriminals’ creativity to new heights.

Register now and hear from ArcSight security expert, Ryan Kalember, Director of Product Marketing, CISSP, to learn about the evolution of cybercrime and countermeasures that can be used to detect and defeat new criminal techniques.

Hey You Get Off of my Cloud: Enterprise Solutions for Ubiquitous User Monitoring

As cloud technology and vendors have matured, many enterprises have selectively deployed parts of their infrastructure and some of their applications as cloud services, while the majority of their environment remains more traditional. This hybridization presents a challenge for security and IT teams charged with detecting security threats against their organizations.

ID Management: More than a people problem

This webinar will delve into the need for agencies to manage the identity of not only computer users, but also the computer devices themselves to ensure hackers can't "spoof" a device to gain access to the network, and corrupt systems don't wreak havoc on networks.

Identity Monitoring in an Imperfect World

Despite the billions of dollars that enterprises have invested in identity and access management technologies, access control problems are getting worse, not better. As more companies turn to contractors and Cloud services, IT security departments face even greater difficulty deploying identity management technologies and role managers to control, revoke and apportion access rights. And yet the burning question still remains, can you ever perfectly monitor everyone in an imperfect world?

Attend this session and learn how leading enterprises are using identity monitoring solutions to:

• Mitigate security and compliance risks
• Provide a window into user activity that solves many of the risk and compliance challenges caused by imperfect access governance
• Effectively monitor what their key system administrators, contractors and other employees are doing with the access rights they’ve been given

Integrate Enterprise and Cloud Security for a 360-degree View of User Activity

Organizations of all sizes are looking at cloud services as a way to cut costs and increase efficiency. However, as parts of your IT infrastructure move off of your network, how will you monitor security in a hybrid environment? Monitoring users as they access internal applications and databases plus cloud services can reduce many security risks. Join ArcSight and Ping Identity to understand how leading organizations are securing their operations while cutting costs via the cloud.

Join this session and learn how to:
• Maintain enterprise access control while embracing cloud based apps
• Establish proper audit trails for compliance and regulatory requirements quickly and easily
• Implement plans that strengthen security, simplify user access, and are easily managed by IT

Making a List and Checking IT Twice: Creative Solutions for Validating Employee Access Rights

Making sure employees, contractors, and third parties have only the access they need is a difficult process. Whether the organization calls it attestation, certification, or an access review, the process of validating who accessed what systems, and whether they should have been able to do so is difficult and time-consuming for most security groups. What if there was a way to automate the review and save time so that security teams can devote their full efforts to protecting their enterprises?

Join ArcSight security expert, Ryan Kalember, for an enlightening discussion of the approaches that forward-thinking organizations are taking to automate and reduce the pain of the access review process.

Preventing Fraud and Data Theft with SIEM Technologies - A Gartner Webcast

Discover how to control of your intellectual property and hear how Security Information and Event Management (SIEM) protects your assets and complies with government and industry mandates.

Protect Your Business with User Activity Monitoring

Join the ArcSight security experts as they discuss the internal security issues that arise from employees, contractors and third parties' ability to access confidential information within their organisations. Learn how ArcSight enables business efficiency by allowing both internal and out-of-house staff full access to the data they need to perform their jobs, while seamlessly maintaining security, as well as providing compliance posture for their organisation.

Real-time Privileged Identity Monitoring and Compliance for the Enterprise

ArcSight and Cyber-Ark have partnered to provide a solution that gives you complete visibility into who is on your network, what data they are seeing, and which actions they are taking with that data to help you meet compliance and best practice requirements.

Attend this webinar to learn how you can:

• Prevent intranet threats by detecting role violations through monitoring all privileged user activity

• Comply more readily with PCI, SOX, NERC, HIPAA and other industry requirements with pre-packaged dashboards and reports

• Conduct stronger forensics analysis and evidence collection by drilling down into privileged user sessions

The ArcSight SIEM Platform provides centralized activity monitoring through broad data collection and correlation from over 300 different enterprise event sources. Cyber-Ark’s Privileged Identity Management Suite (PIM) securely manages shared privileged accounts such as UNIX Root, Windows Admin, SQL SA, and Cisco Enable, and provides the ArcSight Platform with an authoritative audit trail to monitor privileged user activity.

Secure the Business with a 360-Degree View of Users, Data, and Application Activities

See how event correlation, integrated with user and data monitoring, can help secure and control the enterprise network.

Security Operations: Getting Over the Waterfall

Agile software development methodologies have revolutionized software engineering. These same principles and tools can be adapted for building a flexible and dynamic security operations. Learn how to take wikis, scrums, and user stories and utilize them in incident responses, shift turnovers, and ArcSight use cases.

Security Operations for Sale

You believe that your organization would benefit from building its own SOC to help mitigate risk and monitor cybercrime, but your management doesn’t want to spend money on “foot apparel” (SOCs). This session will cover the key business requirements, show how to manage and structure the costs, and help you transform the ‘no’ into an executive “yes.”

SIEM & SAML- Secrets to Securing the Cloud

While CIOs and CISOs are weighing through a broad range of cloud services to cut costs and streamline operations, they all share one common concern: how to retain visibility over user activity when applications move to the cloud?

Join SIEM market share leader ArcSight’s Vice President of Product Marketing Rick Caccia and Internet Identity Security market leader Ping Identity’s CTO Patrick Harding in a free Webinar in which they will discuss best practices for better security and compliance in the cloud.

The ArcSight ETRM Platform: The Enterprise Cybersecurity Solution

The latest release of ArcSight ETRM Platform enables organizations of any size to operate in a modern business environment that includes virtualized, mobile, and cloud architectures and provides visibility into who is on the network, what they are seeing and doing, and how that impacts business risk.
Join this session and learn how to:

• Mitigate security and compliance risks
• Get powerful analysis of user behavior to detect threats immediately
• Provide a window into user activity that solves many of the risk and compliance challenges caused by imperfect access governance

User Monitoring and Improved Medical Data Privacy for Clinical Applications

The growing incidence of medical data breaches and the ARRA HITECH Act of 2009 have raised the importance of monitoring healthcare provider infrastructure and clinical applications.

Find out how the ArcSight and FairWarning joint solution can enable 360 degree user monitoring and improve medical data privacy.

When Insiders Go Rogue: Tactics for Monitoring and Containing Breaches

The true cost of an insider data breach is unknown, however if headlines about compromised enterprises are any indication, it can be as much as tens of millions of dollars. What’s more, a recent benchmark study conducted by the Ponemon Institute, the 2010 Annual Study: U.S. Cost of a Data Breach, revealed that data breaches grew more costly for the fifth year in a row. This study also revealed that negligence remains the most common threat to an organization.

Another significant financial impact to an organization is the remediation cost that follows breach detection. Faster detection can help organizations reduce the size of their breaches and thus, lower remediation costs.

This webinar has been designed to help companies better understand the scope of insider threats and glean best practices for monitoring and containing breaches. You will learn:

• The sources of insider threats, both careless employee behavior or malicious actions, and how to recognize them in your organization
• Best practices for monitoring high-risk users and anomalous behavior to identify possible breaches before they become large scale
• Reporting metrics to monitor the business threats and ensuring incident response processes are in place to quickly remediate any breach

COMPLIANCE

Basel II | HIPAA | NERC | PCI | Red Flags | SOX

Basel II

Addressing Basel II Requirements with SIEM

Basel II compliance requirements may seem complex but banks can gain a competitive advantage by using a security information and event management solution to achieve the operational objectives. Covered institutions need to collect and maintain detailed audit records and logs. Join this webinar to find out how compliance automation solutions can take financial information technology sources to pinpoint errors and provide transparency to risk.

HIPAA

Five Compliance and Security Lessons You Can Learn from Recent HIPAA-Related Incidents

This presentation will discuss recent events in healthcare compliance and provide several easy steps for securing Electronic Protected Health Information (EPHI) to meet the latest enforcement of HIPAA and new regulations.

Has HIPAA gone HITECH?

The HITECH (Health Information Technology for Economic and Clinical Health) Act, a section of the American Recovery and Reinvestment Act, allocated tens of billions of dollars to develop and enhance secure electronic health records. What does this mean for investment in security technology and changes to the existing HIPAA Privacy and Security Rules? Join this webinar to learn about the new rules for information security management in healthcare, from managing logs and breach notification rules to penalties for non-compliance.

Solving Security and Privacy Concerns in Today’s Healthcare System

The increased occurrences of PHI breaches coupled with the reinforcement of HIPAA by the Federal Stimulus Package (ARRA / HITECH Act) have made security and privacy a top priority for healthcare providers across the nation. Register now and discover how Weill Cornell Medical College, a top-ranked clinical and medical research center in the country, successfully manages the closely linked goals of regulatory compliance, privacy, and security in the healthcare provider sector.

Tackle Security, Privacy, and Compliance in the Healthcare Payer Sector

The growing incidence of data breaches and regulatory oversight have made security and privacy a top priority for healthcare payers. Join this webinar to learn how Priority Health, a major healthcare payer, utilizes the ArcSight SIEM platform and effectively addresses regulatory compliance, privacy, and security challenges through comprehensive event and log monitoring. Register today and also find out how Priority Health streamlines regulatory audits and protects their organization against a variety of external and internal threats.

User Monitoring and Improved Medical Data Privacy for Clinical Applications

The growing incidence of medical data breaches and the ARRA HITECH Act of 2009 have raised the importance of monitoring healthcare provider infrastructure and clinical applications.

Find out how the ArcSight and FairWarning joint solution can enable 360 degree user monitoring and improve medical data privacy.

NERC

Automation for SOX and NERC compliance

Responsible entities face numerous regulatory requirements such as NERC CIP and the Sarbanes Oxley Act (SOX). Creating documentation and reporting on compliance is labor and capital intensive for each, which has led to centralized solutions with automation that can handle multiple regulations. Automation not only frees valuable resources to focus on core business, but also helps reduce the risk of human error. Attend this webinar to learn how to build an integrated approach for CIP and SOX compliance using Security Information and Event Management (SIEM) and log management products.

Cybersecurity Solutions for NERC CIP-002 to CIP-009

The Federal Energy Regulatory Commission (FERC) recently approved eight new mandatory critical infrastructure protection (CIP) cyber security standards developed by the North American Electric Reliability Council (NERC). Are you prepared?

Eight Steps to NERC CIP CyberSecurity Compliance

The NERC cybersecurity requirements for June 2009 and June 2010 are fast approaching. Do you have the necessary analysis and implementation plans to meet a demanding compliance schedule?

ArcSight has teamed with Coalfire Systems, a leading CIP compliance auditor, to provide an in-depth review of compliance requirements, deadlines and solutions to accelerate any NERC CIP compliance program. We will provide real-world examples from past projects to help guide your program to meet or exceed the intent of CIP-002-1 through CIP-009-1.

Has your NERC CIP program become a big gulp?

Maintaining compliance with the NERC CIP (Critical Infrastructure Protection) standards requires organizations to implement and validate strong security controls for cyber assets. Yet, interpreting the requirements, selecting the appropriate controls, and measuring their effectiveness remain a challenge for many utilities.

This session will address those challenges and provide a blueprint for effective NERC CIP compliance.

Powerful Cybersecurity Lessons: A cost-effective approach to NERC compliance

The cyber security of the North American electricity grid is under increased scrutiny by elected representatives as well as the public.

This presentation will review accelerated bulk power cyber security compliance steps, lessons learned, and how to meet or exceed regulator, legislature and even customer requirements without breaking the bank.

PCI

Bridging the Gap Between Compliance and Security

From Sarbanes-Oxley to HIPAA and from PCI to NERC, IT security and compliance teams have both faced the onslaught of regulatory oversight in the last decade. Security practitioners claim regulations lack specificity and set a low bar by calling for periodic audits of lagging security indicators. From the standpoint of regulators and compliance teams, audits enable transparency and a degree of ambiguity is key to enabling flexibility in risk management based on differences across organizations. Regardless of the perspective, it is undeniable that the cost of audits continues to spiral while cyberthreats also continue to exact a rising toll. The divergence between the objectives and outcomes of security and compliance has created a divide which begs for alignment.

View this webinar and learn how today’s multi-regulated organizations can successfully bridge that long standing gap and:

• Transition from reactive to proactive security and compliance
• Overcome organization and industry specific barriers to effective monitoring
• Gain continuous visibility into security and compliance risk
• Contain the cost of audits and simultaneously protect against security threats

Conquering PCI Compliance

Meeting the demands of PCI compliance is a daunting task for any size organization. In this webinar we’ll review and discuss how leveraging ArcSight log management and SIEM technology can help you:

• Efficiently manage PCI security measures on an ongoing basis
• Quickly prepare for upcoming PCI audits
• Immediately demonstrate PCI compliance to auditors

Speaker

Greg Martin, Principal Consultant - Enterprise Business Software Security

Greg Martin is an IT professional with over 12 years experience and is an expert in network penetration testing, intrusion prevention and SIEM technologies. He has been a technical adviser to the FBI, the United States Secret Service, and NASA, and has been employed by and consulted with numerous corporations, financial institutions, and law enforcement agencies including NTT, Sentinel IPS, Layered Technologies, Firehost, Alchemy Security, ING, ArcSight and HP.

How McAfee Security Innovation Alliance program helps with PCI Data Security Standards

Log Management, Identities and PCI DSS 1.2

The PCI Security Standards Council has released a new version of the Data Security Standard. Are you ready? Have you anticipated these changes or will you need time to adjust? Join us and find out!

McAfee Security Innovation Alliance Program Helps with PCI DSS

PCI Compliance Made Easier: The Value of Security Information and Event Management

PCI Compliance Made Easy for Level 2 through 4 Merchants

See how level 2 through 4 merchants can: Reduce the cost of PCI compliance through automated monitoring, enable quick and easy forensic investigations into PCI violations, and extend to broader security and compliance initiatives.

SANS Webcast: Be a Perfect 10: Nail the PCI Requirement

SC Magazine PCI eConference & Expo

The PCI Race for Level 1 and Level 2 Merchants: A Sprint or a Marathon?

Red Flags

Are You Ready for the Red Flags Rule?

Government agencies including the FTC have issued a new rule to help detect, prevent and mitigate identity theft. Are you ready?

Automating GRC and Endpoint Compliance; Real-world Issues, Considerations and Results

How can you improve security compliance AND save money? Through automation. Watch this webinar to learn how ForeScout Technologies’ network access control system can integrate with the ArcSight SIEM platform to provide greater intelligence and a higher degree of security automation. Using these two products together gives you:

• Improved operational efficiency and compliance management of endpoints
• Stronger security based on visibility of non-compliant endpoints and unauthorized users
• Real-time, automated remediation of enterprise-wide threats

And hear a real-world story about how a large bank is saving $400,000 annually through this automated GRC solution.

SOX

Addressing Multiple Regulations with a Broad Set of Compliance Controls

This presentation will show how an IT governance framework can be used to achieve and manage multiple compliance regulations efficiently with a consolidated view across an entire organization.

INDUSTRIES

Finance | Government | Healthcare | Retail | Utilities

Finance

Addressing Basel II Requirements with SIEM

Basel II compliance requirements may seem complex but banks can gain a competitive advantage by using a security information and event management solution to achieve the operational objectives. Covered institutions need to collect and maintain detailed audit records and logs. Join this webinar to find out how compliance automation solutions can take financial information technology sources to pinpoint errors and provide transparency to risk.

Are You Ready for the Red Flags Rule?

Government agencies including the FTC have issued a new rule to help detect, prevent and mitigate identity theft. Are you ready?

Breaking the Bank - Online Fraud Detection and Prevention

This webinar will explore fundamental fraud concepts relating to e-Commerce, including banking, online wealth management and healthcare. We will take an in-depth look at the most prevalent threats for the coming years as well as advanced detection mechanisms. This topic is relevant to not only e-Banking but any organization where transactions can take place through an online system. This includes both internal employees as well as the external customers accessing systems through web portals. During these tough economic times, it is more important than ever to protect the business.

Conquering PCI Compliance

Meeting the demands of PCI compliance is a daunting task for any size organization. In this webinar we’ll review and discuss how leveraging ArcSight log management and SIEM technology can help you:

• Efficiently manage PCI security measures on an ongoing basis
• Quickly prepare for upcoming PCI audits
• Immediately demonstrate PCI compliance to auditors

Speaker

Greg Martin, Principal Consultant - Enterprise Business Software Security

Greg Martin is an IT professional with over 12 years experience and is an expert in network penetration testing, intrusion prevention and SIEM technologies. He has been a technical adviser to the FBI, the United States Secret Service, and NASA, and has been employed by and consulted with numerous corporations, financial institutions, and law enforcement agencies including NTT, Sentinel IPS, Layered Technologies, Firehost, Alchemy Security, ING, ArcSight and HP.

Webinar: Detect Advanced Cybercrime In The Financial Sector

Professional cybercrime is no longer a scale game in which hackers sell large quantities of credit card data online for ever-diminishing prices. Instead, cybercrime is evolving significantly in both sophistication and variability, and the risks are greater than ever.

Join ArcSight experts as they present in this webinar, new developments in cybercrimes against financial services organizations, as well as counter-measures that can be used to detect and defeat these new techniques.

Government

Government Executive.com Webinar: Cyber Security: What’s Coming Next & How To Prepare

President Obama has put an unprecedented emphasis on cyber security in the White House, holding a press conference in May to discuss the problems agencies face in trying to protect their networks from constant attack.

Join us for a webinar that will provide listeners with insights about what your agencies can expect in the coming months from the administration and how you can prepare for what will certainly be a hot spotlight on protecting information.

Impact of Obama’s Cyberspace Policy Review on Government IT Operations

The Nation’s approach to cyber-security has failed to keep pace with developing threats. An effective SIEM/Log Management solution can address most of the guidelines laid out in the 2009 Cyberspace Policy Review. Join Government Security News and ArcSight to learn how are your peers achieving a “safe, secure and resilient digital environment”

Healthcare

Cloudy With a Chance of Better Healthcare: Security and Compliance Fundamentals for Healthcare Data

Healthcare organizations are widely adopting cloud-based services to exchange medical, financial and related sensitive data. While these technologies offer cost-savings and efficiencies of on demand computing and access to necessary sensitive records, they also create new privacy and security vulnerabilities for patient medical, eligibility, financial and other sensitive data.

In this webcast, hear from SANS Analyst and healthcare privacy/security expert, Barbara Filkins, about health information exchange (HIE), health insurance exchange (HIX) networks and other types of clouds already forming. She will also discuss the type of sensitive applications and data healthcare IT organizations are processing in public and private clouds, and the regulation and security risks associated with these data types processed in the cloud. Also learn how cloud identity management and monitoring solutions used in other industries--such as Cloud SSO and federated identity, access policy management, SIEM and log management--play important roles in helping organizations securely migrate sensitive data into the cloud.

Five Compliance and Security Lessons You Can Learn from Recent HIPAA-Related Incidents

This presentation will discuss recent events in healthcare compliance and provide several easy steps for securing Electronic Protected Health Information (EPHI) to meet the latest enforcement of HIPAA and new regulations.

Has HIPAA gone HITECH?

The HITECH (Health Information Technology for Economic and Clinical Health) Act, a section of the American Recovery and Reinvestment Act, allocated tens of billions of dollars to develop and enhance secure electronic health records. What does this mean for investment in security technology and changes to the existing HIPAA Privacy and Security Rules? Join this webinar to learn about the new rules for information security management in healthcare, from managing logs and breach notification rules to penalties for non-compliance.

Healthcare 2010: Healing Security, Privacy, Compliance and Fraud Pains

On-demand webinar
1 hour duration

The HITECH Act, medical fraud, and medical data breaches have made security and privacy a top priority in healthcare. View this on-demand webinar to learn how comprehensive monitoring can effectively tackle HIPAA audit requirements and detect internal and external threats to security or privacy in the healthcare sector. View this on-demand webinar and you will learn about:
• Security, Privacy, and Compliance Challenges in Healthcare
• Unique monitoring requirements of providers vs. payers
• Requirements for a comprehensive monitoring solution

I am a Patient: Perspectives of Security and Data Privacy in Healthcare

We are security professionals, healthcare experts and developers but above all we are patients who have a very personal interest in making sure our medical records are safe. In this webinar you will hear from a security expert who has designed and developed multiple electronic medical record systems and health information exchanges as well as interfaced with over 100 different EMRs. She will walk you through various ways to evaluate the security of a healthcare system from different perspectives and suggest plans of attack for increasing healthcare security and data privacy.

You will learn:
• Different areas of the Healthcare ecosystem which are most at risk of data privacy breaches
• What feeds should be gathered and monitored to achieve specific goals of a healthcare company
• How to prepare for breaches by making sure the required information is accessible and how to handle a breach when it does occur

Protecting Electronic Information - Challenges and Solutions for Today’s Healthcare Providers.

This presentation focused on striking a balance across efficiency, privacy and security. A methodological approach to application, data, identity and IT infrastructure monitoring will be explored in addition to several healthcare provider use case examples.

Solving Security and Privacy Concerns in Today’s Healthcare System

The increased occurrences of PHI breaches coupled with the reinforcement of HIPAA by the Federal Stimulus Package (ARRA / HITECH Act) have made security and privacy a top priority for healthcare providers across the nation. Register now and discover how Weill Cornell Medical College, a top-ranked clinical and medical research center in the country, successfully manages the closely linked goals of regulatory compliance, privacy, and security in the healthcare provider sector.

Tackle Security, Privacy, and Compliance in the Healthcare Payer Sector

The growing incidence of data breaches and regulatory oversight have made security and privacy a top priority for healthcare payers. Join this webinar to learn how Priority Health, a major healthcare payer, utilizes the ArcSight SIEM platform and effectively addresses regulatory compliance, privacy, and security challenges through comprehensive event and log monitoring. Register today and also find out how Priority Health streamlines regulatory audits and protects their organization against a variety of external and internal threats.

User Monitoring and Improved Medical Data Privacy for Clinical Applications

The growing incidence of medical data breaches and the ARRA HITECH Act of 2009 have raised the importance of monitoring healthcare provider infrastructure and clinical applications.

Find out how the ArcSight and FairWarning joint solution can enable 360 degree user monitoring and improve medical data privacy.

Retail

Conquering PCI Compliance

Meeting the demands of PCI compliance is a daunting task for any size organization. In this webinar we’ll review and discuss how leveraging ArcSight log management and SIEM technology can help you:

• Efficiently manage PCI security measures on an ongoing basis
• Quickly prepare for upcoming PCI audits
• Immediately demonstrate PCI compliance to auditors

Speaker

Greg Martin, Principal Consultant - Enterprise Business Software Security

Greg Martin is an IT professional with over 12 years experience and is an expert in network penetration testing, intrusion prevention and SIEM technologies. He has been a technical adviser to the FBI, the United States Secret Service, and NASA, and has been employed by and consulted with numerous corporations, financial institutions, and law enforcement agencies including NTT, Sentinel IPS, Layered Technologies, Firehost, Alchemy Security, ING, ArcSight and HP.

How McAfee Security Innovation Alliance program helps with PCI Data Security Standards

Log Management, Identities and PCI DSS 1.2

The PCI Security Standards Council has released a new version of the Data Security Standard. Are you ready? Have you anticipated these changes or will you need time to adjust? Join us and find out!

McAfee Security Innovation Alliance Program Helps with PCI DSS

PCI Compliance Made Easier: The Value of Security Information and Event Management

PCI Compliance Made Easy for Level 2 through 4 Merchants

See how level 2 through 4 merchants can: Reduce the cost of PCI compliance through automated monitoring, enable quick and easy forensic investigations into PCI violations, and extend to broader security and compliance initiatives.

SANS Webcast: Be a Perfect 10: Nail the PCI Requirement

SC Magazine PCI eConference & Expo

The PCI Race for Level 1 and Level 2 Merchants: A Sprint or a Marathon?

Utilities

Automation for SOX and NERC compliance

Responsible entities face numerous regulatory requirements such as NERC CIP and the Sarbanes Oxley Act (SOX). Creating documentation and reporting on compliance is labor and capital intensive for each, which has led to centralized solutions with automation that can handle multiple regulations. Automation not only frees valuable resources to focus on core business, but also helps reduce the risk of human error. Attend this webinar to learn how to build an integrated approach for CIP and SOX compliance using Security Information and Event Management (SIEM) and log management products.

Cybersecurity Solutions for NERC CIP-002 to CIP-009

The Federal Energy Regulatory Commission (FERC) recently approved eight new mandatory critical infrastructure protection (CIP) cyber security standards developed by the North American Electric Reliability Council (NERC). Are you prepared?

Eight Steps to NERC CIP CyberSecurity Compliance

The NERC cybersecurity requirements for June 2009 and June 2010 are fast approaching. Do you have the necessary analysis and implementation plans to meet a demanding compliance schedule?

ArcSight has teamed with Coalfire Systems, a leading CIP compliance auditor, to provide an in-depth review of compliance requirements, deadlines and solutions to accelerate any NERC CIP compliance program. We will provide real-world examples from past projects to help guide your program to meet or exceed the intent of CIP-002-1 through CIP-009-1.

Has your NERC CIP program become a big gulp?

Maintaining compliance with the NERC CIP (Critical Infrastructure Protection) standards requires organizations to implement and validate strong security controls for cyber assets. Yet, interpreting the requirements, selecting the appropriate controls, and measuring their effectiveness remain a challenge for many utilities.

This session will address those challenges and provide a blueprint for effective NERC CIP compliance.

Powerful Cybersecurity Lessons: A cost-effective approach to NERC compliance

The cyber security of the North American electricity grid is under increased scrutiny by elected representatives as well as the public.

This presentation will review accelerated bulk power cyber security compliance steps, lessons learned, and how to meet or exceed regulator, legislature and even customer requirements without breaking the bank.

User Monitoring and Improved Medical Data Privacy for Clinical Applications

The growing incidence of medical data breaches and the ARRA HITECH Act of 2009 have raised the importance of monitoring healthcare provider infrastructure and clinical applications.

Find out how the ArcSight and FairWarning joint solution can enable 360 degree user monitoring and improve medical data privacy.