Dont risk it - Using a risk-based approach to increase the security of web apps and other IT assets.
- Thursday, May 28th, 2015 at 3:00 PM EDT (19:00:00 UTC)
- John Pescatore and Demetrios Lazarikos
You can now attend the webcast using your mobile device!
- The risk-based approach to understanding and reducing the risk of security breaches is key to: Knowing which application security vulnerabilities leave the business most exposed to breaches and why.
- Gaining visibility into your application security risks and the optimal approach to reducing those risks?
- Determining and quantifying the level of risk you are willing to accept for breaches that occur in your externally facing web applications.
While many organizations understand the value of the risk-based approach, they need guidance on best practices for implementation. In this webinar, we will discuss how to transform application security with a business-focused approach to managing risk. This will be relevant to Chief Information Security Officers (CISOs) and security managers who are looking to establish proven processes for identifying, reducing and communicating application security risk levels.
In this webinar, participants will be informed about implementing risk-based approaches used by leading industry practitioners to secure their web application and IT assets. Topics to be discussed include industry best practices used to:
- Align application security projects and deliverables with business drivers
- Select the most meaningful metrics for tracking application security and driving higher levels of resiliency
- Create dashboards that track key metrics, highlight key trends quantify the potential application risks identified
John Pescatore joined SANS as director of emerging security trends in January 2013, bringing with him over 35 years of experience in computer, network and information security. Prior to SANS, he was Gartner's lead security analyst for more than 13 years, working with Global 5000 corporations, government agencies and major technology and service providers. In 2008, John was named one of the top 15 most influential people in security and has frequently testified before Congress on issues relating to cybersecurity.
Demetrios Lazarikos (Laz)
Demetrios Lazarikos (Laz), a recognized visionary for building Information Security, fraud, and big data analytics solutions, is the vArmour Chief Information Security Officer (CISO). Laz has more than 30 years experience in building and supporting some of the largest InfoSec programs for Financial Services, Retail, Hospitality, and Transportation verticals. Laz's past roles include: IT Security Researcher and Strategist at Blue Lava Consulting, CISO at Sears, CISO at Silver Tail Systems (acquired by RSA/EMC), VP of Strategic Initiatives at ReddShell Corporation (acquired by TrustWave), and a former PCI QSA. Laz is a Professor at Pepperdine University's Graziadio School of Business and Management, holds a Master's in Computer Information Security from the University of Denver, an MBA from Pepperdine University, and has earned several security and compliance certifications.