Archived National Webcast Initiative Presentations

  • June 18, 2014

    Malware Defenses for 2014 and Beyond

    State and local governments are prime targets for attack. Facing millions of malware variants, and more coming daily, state and local government security teams must not only invest in dedicated anti-malware products, but also leverage every tool in their arsenal capable of helping combat the problem. This session will explore:

    • What's driving malware proliferation?
    • Strategies for building effective, long-term malware defenses.
    • Extending existing malware defenses with next-generation capabilities
  • April 17, 2014

    What is Cross Site Scripting and How to Mitigate It?

    Cross Site Scripting (XSS) Defense is difficult. Some programming languages do not even provide native defenses necessary to thoroughly prevent XSS. As technologies such as Content Security Policy emerge, we still need pragmatic advice to stop XSS in the construction of web applications. First generation encoding libraries had both performance and completeness problems that prevent developers from thorough, production-safe XSS defense. This discussion will deeply review the OWASP Java Encoder Project and the OWASP Java HTML Sanitizer Project and give code samples highlighting their use. Additional mitigation and design advice will be provided regarding XSS defense in next-generation JavaScript and JSON workflows using the OWASP Java JSON Sanitizer and safe JavaScript API's. Although this discussion with be Java focused, the techniques translate across all web frameworks. Encoders and Sanitizers needed in other languages and frameworks will be addressed.

  • February 12, 2014
    Emerging Trends and Threats/2014 Cyber Security Outlook
    2014 is off to soaring start for security professionals, with high profile breaches and new types of attacks. Will the rest of the year be any different? This presentation will talk about what is currently happening in the threat landscape and what it means for the future. It will explore the emerging trends and threats and what can be done about them.
  • December 5, 2013
    Advanced Persistent Threat
    This webcast explored topics such as: the difference between APT and cyber crime, what are APT adversaries targeting, the use of social components for intrusions, how traditional tools and practices might not be effective, and that it doesn't have to be advanced to be APT: it's more about the intent than the sophistication.
  • October 10, 2013
    Cyber Security Is Our Shared Responsibility
    As part of the October awareness month activities, the MS-ISAC coordinated a joint webcast with DHS and NASCIO to discuss strategies on how to promote cyber security awareness at all levels, including government, businesses and academia, with specific advice about how individuals and entities can be actively involved to help facilitate a safe Internet experience. The goal of the webcast was to help raise cyber security awareness nationwide and empower citizens, businesses, government and schools to improve their cyber security preparedness and help promote a safe Internet experience.
  • August 8, 2013
    Creating an Information Security Program
    The speaker addressed the importance of the programs overall milestones, goals, and measurable outcomes, especially as it pertains to building out reporting and communication strategies involving upper management. This session brought perspective on varying approaches to include the pros and cons that both early-stage and advanced programs should consider.
  • June 5, 2013
    Anatomy of a Cyber Attack: Threat Visibility and Intelligence Insight
    This webcast explored the top ten reasons why agencies and private companies are failing, and provided simple tactics to change the security posture in public and private organizations. Attendees gained insight in to common attack mechanisms and trends, the assets most often targeted by cybercriminals and new tricks that an organization may be overlooking.
  • April 4, 2013
    Bring Your Own Risk: Protecting Confidential Information on Mobile Devices
    This webcast explored the most reliable, replicable strategies (from both the public and private sectors) for securing and managing user-owned mobile devices. The broadcast discussed tried-and-tested techniques for minimizing risk while maximizing business agility and employee productivity.
  • February 6, 2013
    Cyber Security Emerging Trends and Threats for 2013
    In this presentation we examined the changing cyber threat landscape and what we expect to see during 2013. Discussion included how threats are transferring to new platforms, the evolution of some of the most prevalent attacks (including the increasing sophistication of threats to Android), the progression of direct cost threats from Fake Antivirus to Ransomware and the evolution of exploit kits.