Skip Navigation

File-borne attacks are on the rise, and 80% of successful breaches are new, unknown, or zero-day attacks that are not recognized by traditional signature-based detection solutions, such as antivirus. An example of this is an April 2020 attack that delivered Dridex ransomware to FedEx, UPS, and DHL customers. Sophisticated phishing emails—cleverly disguised to appear to be from company email accounts were sent with legitimate-looking attachments that delivered the payload. This threat's signature was not recognized in antivirus databases for 2 entire days, leaving the business' vulnerable.

In the past, detection and alert-based security tools were best-in-class. But in a world of zero-days and an overwhelming amount of attacks, these solutions miss massive quantities of threats—as much as 40%—leaving security teams fighting both alert fatigue and new threats from all fronts.

In this talk, Brent Hansen, Thales TCT's CTO, and Richard Hosgood, white hat hacker and North American Director of Engineering at file security company, Votiro, dissects the April 2020 phishing attack, the gaps that antivirus and next-generation antivirus leave for unknown and zero-day threats, and how an emerging technology called Positive Selection technology can prevent these types of attacks.

Download Now

We are at digital war and data is the target. No organization is immune from data security threats and the US Federal government is no exception. More than half of federal data is now stored in the cloud, and a significant portion is sensitive. Yet, despite this exposure, in the 2020 Thales Data Threat Report 99% of federal government respondents say at least some of their sensitive data in the cloud is not encrypted. IT security departments must now, more than ever, embrace and own their portion of the cloud shared responsibility model and implement data security best practices, as the cloud provider does not guarantee security at the data level. This digital event highlighted results from the 2020 Thales Data Threat Report and explored best practices for securing data in cloud and multi-cloud environments.

Download Now

U.S. Federal agencies often require PKI certificate-based authentication to perform Windows Logon and to access public key enabled systems. This requires use of a multi-factor authentication token that performs a cryptographic operation using the certificate and keys residing within the token.

Traditional multi-factor authentication introduces roadblocks to technologies like Robotic Process Automation (RPA). The OMB Memo M-19-17 outlines a policy that requires management of digital identities of non-person entities such as software robots. This means that all software robots are required to have individual digital identities and credentials that are managed in the same fashion as traditional user identities. Although software robots cannot be issued a physical token, they can utilize multi-factor login capabilities through the use of a centralized, hardware security module-based authentication system.

View this webinar to learn how Thales TCT’s Luna Credential System integrates with UiPath’s RPA platform to provide hardware-protected PKI credentials for software robots. The session will discuss topics including:

  • An introduction to RPA
  • RPA cryptographic authentication best practices
  • OMB Memo M-19-17 compliance RPA
  • RPA Defense Department Implementation Overview

Watch Now

Historically, organizations have taken a perimeter based approach to cyber security, with the belief that a strong perimeter protected the IT infrastructure behind it. But, as agencies modernize legacy systems and move apps, systems and workloads to the cloud – and more employees, contractors and citizens connect remotely and from multiple devices – something is happening across federal networks; the perimeter is dissolving. Data is the new perimeter. Therefore, identifying and protecting data wherever it is created, shared, or stored, through its entire lifecycle becomes the priority. This digital briefing unveiled the survey results in the 2020 Thales Data Threat Report – Federal and shared best practices in creating a cohesive data security strategy in a perimeterless world. 

Watch Now

With cloud and digital initiatives underway throughout U.S. Federal agencies, new attacks occurring daily, and traditional threats, many agencies are struggling to protect critical citizen data, financial information and government secrets. This is especially true as more agencies move applications and sensitive data to the cloud. In this session we’ll address the state of data security in U.S. Federal agencies today, the changing landscape of risks to data, and agency IT security pros priorities for data security today.

Based on the results from the 2020 Thales Data Threat Report – Federal Edition (now in its eighth year), expect to learn about:

• How the adoption of digital transformation technologies, and especially cloud, are putting sensitive data at greater risk
• The data security challenges facing agencies today
• Critical analyst recommendations for how agencies can be most effective when investing in protecting their crown jewels – their sensitive data

Download Now

Federal agencies require a simple way to correlate all security-relevant data so they can manage their security posture. Instead of merely watching events after they occur, agencies should anticipate their occurrence and implement measures to limit vulnerabilities in real time. For that, agencies need an analytics-driven SIEM platform such as Splunk.

However, once data is correlated by SEIM tools, it becomes extremely valuable. By integrating an encryption and key management solution such as Vormetric Data Security Platform with Splunk, agencies can ensure that their operational intelligence is protected from surreptitious attacks.

View this on-demand recording with Thales TCT to learn how to protect Splunk indexes and provide enhanced visibility on the processes and users who are accessing protected data.

Download Now

Thales Trusted Cyber Technologies, offers a network security solution that provides high-assurance data protection; dedicated encryption devices from 100Mbps to 100Gbps, support for multiple network and protocol configurations, secure key management, and authenticated end-to-end encryption.

During this on-demand webinar, you will have the opportunity to learn about:

  • Thales High Speed Encryption product line
  • High Speed Encryption use cases and network configuration
  • High Speed Encryption enterprise management
  • Transport Independent Mode

Download Now

Attendees of this webcast learned how to easily secure data in a virtual environment through encryption in order to:

  • Ensure compliance with regulations and security policies
  • Protect directory services and intellectual property
  • Secure data in disaster recovery sites

Download Now

Attendees of this SafeNet Assured Technologies, Carahsoft, Emergent and V3Gate webinar learned how to apply the Encrypt Everything philosophy to protect PHI data. We broke down the HIPAA mandate and taught participants how to implement best practices to address key regulations, such as:

  • Workforce and workplace security
  • Information access management
  • Contingency plans
  • Personal and entity authentication 
  • Transmission security 

Download Now

Attendees of this webcast learned about next generation authentication methods that provide secure access to networks and applications from a variety of devices while ensuring compliance. We also discussed:

  • FISMA Compliance & Electronic Authentication Guidelines
  • HSPD-12 Compliance & PIV Derived Credentials for Remote Identity Populations

Download Now

Attendees of this webcast learned the best practices for Layer 2 network encryption, such as:

  • Protecting networks from fiber tapping threats and private VLAN vulnerabilities
  • Complying with mandates
  • Implementing flexible, future-proof designs
  • Ensuring performance and efficiency
  • Employing a cost effective solution

Download Now

Attendees of this webcast learned about best practices for high speed network encryption. During this time, we explored:

  • Benefits of layer 2 network encryption
  • Utilizing transmission security to protect data in motion
  • Protecting closed-circuit television and video surveillance transmissions
  • Securing point-to-point and point-to-multi point communications

Download Now

Attendees of this webcast learned about best practices for protecting high value data-at-rest, including:

  • Implementing dynamic encryption for data-at-rest protection
  • Centralizing key management to secure and manage encryption keys
  • Separating server administration responsibility from data access and key management

Download Now

Attendees of this webcast learned about best practices for protecting high value data-at-rest, including:

  • Implementing dynamic encryption for data-at-rest protection
  • Centralizing key management to secure and manage encryption keys
  • Separating server administration responsibility from data access and key management

Download Now

Attendees of this webcast learned more about the three-step process to effective data at rest protection. During this time we discussed:

  • How to identify your high value data assets and create a plan to protect them
  • Different encryption methods for structured and unstructured data
  • Importance of key management

Download Now

Attendees of this webcast learned why enterprise key management is a vital component of a robust data security architecture enabling you to:

  • Protect data against physical theft of disk drives
  • Meet compliance and/or audit mandates
  • Protect intellectual property in multi-tenant environments
  • Secure data located in disaster recovery sites
  • Refresh legacy key management solutions
  • Maintain high performance and availability of user files

Download Now

Attendees of this webcast learned how encryption provides a trusted storage security solution for:

  • Data isolation in multi-tenant environments
  • Privileged user risk mitigation
  • Compliance
  • Archived data and intellectual property protection

Download Now

Attendees of this webcast learned why securing encryption keys in a dedicated hardware key manager better protects your data. During this time, we discussed:

  • Vulnerabilities of storing keys on a server
  • Benefits of external hardware key management
  • Importance of separating administrative duties

Download Now

Attendees of this webcast learned more about the:

  • Administrative burden required to manage fragmented key stores and associated lifecycle operations
  • Inability to provide a consistent policy across multiple encryption solutions
  • Importance of enhanced key protection (FIPS 140-2 Level 3) and governance across key lifecycles

Download Now

Attendees of this webcast learned how you can employ a hardware-based digital signature solution to ensure the validity of critical documents with an easy-to-deploy, high-assurance solution using Adobe® LiveCycle® and SafeNet's Luna SA Hardware Security Module, including how to:

  • Guarantee signer authenticity and data integrity
  • Streamline business processes
  • Reduce costs associated with traditional paper-based processes
  • Ensure legal compliance

Download Now

Attendees of this learned how to easily deploy a cost-effective DNSSEC solution that does not increase the burden on DNS administrators and:

  • Boosts security
  • Reduces costs
  • Controls access
  • Maintains application integrity
  • Scales to accommodate high volume processing

Download Now

Attendees of this webcast learned how to protect cryptographic keys by easily integrating hardware security modules to applications in order to secure:

  • PKI/Certificate Services
  • Database and File Encryption
  • Web Services
  • Cloud Services

Download Now

Attendees of this F5 | SafeNet webcast learned how to secure and optimize the delivery of enterprise applications, including how F5's BIG-IP System integrated with SafeNet's Luna SA HSM can:

  • Deliver high performance processing
  • Provide robust security
  • Meet compliance standards
  • Secure the transport layer while improving data center performance

Download Now

During this session, we discussed the best practices for protecting cryptographic keys. Attendees learned how to::

  • Meet compliance mandates such as HIPAA, FISMA, FedRAMP
  • Safely store sensitive data in the cloud
  • Mitigate the insider threat
  • Protect intellectual property in multi-tenant environments

Download Now

Core data center functionality is moving to the field as part of battlefield multi-domain transformation. It is becoming commonplace for command posts, mobile command centers, and even mobile platforms: vehicles, ships, and planes to contain micro data centers that provide new capabilities and services at the cyber-edge to the warfighter. What still needs to be addressed is how to effectively transition existing core cyber security controls so that data is protected in the field when faced with conditions such as:

  • Harsh environments
  • Bandwidth-limited and disconnected environment
  • Supply Chain Security
  • Overrun or hostile scenarios
  • SWaP Constraints

This session will discuss how core cyber security controls can be transitioned to the tactical field in order to safely provide highly sensitive data for command and warfighters at the cyber-edge.

Download Now

Cipher Summit 2019 Replay

Check out the on demand videos and presentations from the event. Download Now

This site uses cookies to store information on your computer. Some are essential to make our site work properly; others help us improve the user experience.

By using the site, you consent to the placement of these cookies. For more information, read our cookie policy and our privacy policy.

Accept