Welcome to sababa [talks]!
In Sababa Security we conduct regular sababa [talks] webinars, dedicated to various aspects of cybersecurity. We invite guest speakers working for various security vendors, internal colleagues, partners and just community friends to look at how diverse companies and their security needs are, and therefore, how challenging it can be to find the right security solution.
During every session we pick up a security technology, training, or service, and learn why it is useful and how it works, as well as explain how your business can benefit from it. Live demos and giveaways to guests are included.
Pick up the topic, register now, and see you soon!
Next webinars
Date | Title | Registration Link |
01/03/2023 16.00-17.00 GMT+1 | Sababa Awareness: Prevenire gli attacchi di phishing tramite un approccio integrato alla formazione dei dipendenti [ITALIAN] |
Automotive cybersecurity lungo tutta la supply chain
01/02/2023 [Italian]
with Omar Morando (Sababa Security) and Stefano Brusaferro (HWG)
Il mercato automotive si sta trasformando attivamente. Si prevede infatti un aumento del 134% dei veicoli connessi a livello globale, da 330 milioni nel 2018 a 775 milioni nel 2023. Entro il 2025, ogni auto connessa produrrà 25 GB di dati all'ora e fino a 500 GB se completamente autonoma, al fine di scambiare dati con sistemi cloud e comunicare con gli altri veicoli e le infrastrutture. OEM, fornitori e post vendor si troveranno quindi a gestire una quantità enorme di dati, dovendo garantire la sicurezza del veicolo dal punto di vista cyber, nonché l'integrità, la riservatezza e la disponibilità dei dati stessi.
MDR-XDR-SOC: Guía de Seguridad Gestionada
15/01/2023 [Spanish]
with Hedi Marcassoli and Pedro García-Villacañas (Sababa Security)
El ransomware y otros ciberataques complejos pueden tardan en desarrollarse. Después del acceso inicial, los atacantes, generalmente, intentarán establecer una conexión con el servidor C&C y así poder realizar una serie de movimientos laterales para obtener privilegios administrativos y, eventualmente, poder controlar las copias de seguridad activas.
Sababa RedEx: il programma di riduzione della vostra cyber exposure per i prossimi 3 anni
14/12/2022 [Italian]
with Andrea Ghislandi (Sababa Security)
Mentre ci lasciamo alle spalle le restrizioni imposte dal COVID, le aziende si trovano ad affrontare una nuova serie di sfide macroeconomiche, tra cui l'inflazione, un’instabilità economica globale e il rallentamento nella crescita dei clienti. Ciò porta i titolari a considerare strategie di sviluppo a lungo termine. La cattiva notizia è che anche i migliori piani aziendali spesso sottovalutano l'importanza degli aspetti legati alla cybersecurity. Sebbene il ransomware rimanga la principale minaccia strategica, le conseguenze degli incidenti di sicurezza possono essere imprevedibili e dannose per il business e non solo, vanificando gli sforzi di una pianificazione strategica.
Minimizando el estrés en la Seguridad ICS – a Través de un Enfoque Estructurado y Buenas Prácticas
30/11/2022 [Spanish]
with Hedi Marcassoli and Pedro García-Villacañas (Sababa Security)
La protección de los Sistemas de Control Industrial, desde infraestructuras críticas hasta productores de bebidas, siempre es un desafío. Equipos industriales sensibles, software y hardware vulnerable, falta de personal interno con conocimientos en ciberseguridad OT, políticas de ciberseguridad poco maduras, redes de IT y OT interconectadas no solo representan riesgos de seguridad para las propias organizaciones, sino que también crean riesgos de seguridad para las personas y el medio ambiente. Los profesionales en seguridad de ICS están sometidos a altos niveles de estrés debido al alto nivel de complejidad y criticidad en la seguridad de estos entornos, una forma de minimizar este estrés es usando un enfoque estructurado de varios pasos para proteger estos entornos.
Bienvenido Virtual CISO – Conexión de competencias en Ciberseguridad
16/11/2022 [Spanish]
with Hedi Marcassoli and Pedro García-Villacañas (Sababa Security)
Los incidentes en ciberseguridad siguen estando en la parte alta de la lista de riesgos para los negocios. Se espera que los equipos de seguridad corporativa asuman el liderazgo y demuestren una visión estratégica y habilidades de planificación a largo plazo además de sus múltiples actividades diarias. Con la falta global de profesionales de ciberseguridad por un lado y la creciente complejidad de los proyectos de seguridad por otro, puede ser un desafío incluso para las grandes organizaciones encontrar, atraer y retener profesionales experimentados en ciberseguridad. El CISO virtual puede ser una excelente alternativa y una valiosa extensión de su equipo de seguridad interna, ya que respalda su negocio sin exigir demasiado esfuerzo de su parte.
Guida Pratica al VAPT: Scegliere ed Adottare il Servizio Giusto per la Tua Azienda
26/10/2022 [Italian]
with Omar Morando (Sababa Security)
Che siate responsabili della sicurezza informatica per una banca, un’azienda di telecomunicazione, una catena di supermercati, una centrale elettrica o un produttore automobilistico, avrete probabilmente sentito parlare di Vulnerability Assessment e Penetration Testing (VAPT). Essere proattivi nello scoprire potenziali backdoor è un modo efficace per prevenire gli incidenti di sicurezza - naturalmente, se si sa come coniugare le vaste potenzialità del VAPT con i requisiti specifici del proprio verticale e gli obiettivi aziendali.
Approccio Strutturato e Best Practice per una Sicurezza ICS senza Stress
19/10/2022 [Italian]
with Omar Morando (Sababa Security)
Attrezzature industriali sensibili, software e hardware OT vulnerabili, mancanza di esperti di cyber security in ambito OT, policy di sicurezza immature, reti IT e OT interconnesse – moltiplicati per i regolari attacchi informatici (come quello alla centrale nucleare spagnola o a Rovagnati) – non solo rappresentano rischi di sicurezza per le aziende stesse, ma mettono a rischio anche l’incolumità delle persone e la salvaguardia dell’ambiente. I responsabili della sicurezza ICS potrebbero essere stressati da un livello così elevato di complessità e criticità, a meno che non utilizzino un approccio strutturato – articolato in più fasi – per proteggere le infrastrutture OT.
Estrategia de Ciberseguridad Paso 0: Evaluación de Seguridad
18/10/2022 [Spanish]
with Hedi Marcassoli and Pedro García-Villacañas (Sababa Security)
Ya sea porque su empresa se esté transformando o simplemente esté pensando en la próxima inversión en ciberseguridad, deténgase un momento. Los vectores de riesgo se multiplican, las tendencias tecnológicas van y vienen, la complejidad de las soluciones crece, lo que hace que sea casi imposible (y muy poco eficiente) basar su estrategia de ciberseguridad en estos factores en constante cambio. Comience con una evaluación de seguridad como fuente alternativa de información sobre el estado real de la seguridad dentro de su organización.
Sababa MDR 2.0 – Protezione Avanzata Gestita da Professionisti Italiani della Sicurezza
28/09/2022 [Italian]
with Andrea Salvaterra and Alessandro Stobbia (Sababa Security)
Anche se sei alla guida dell'ultimo modello di auto, devi comunque guardare la strada per evitare incidenti. Lo stesso vale per la protezione degli endpoint: anche la tecnologia EDR più avanzata non può garantire un rilevamento e una risposta ottimali se non c'è nessuno che controlla costantemente il suo operato e prende decisioni tempestive.
Guerra por el DNS: Controle el Tráfico para Burlar el Ransomware
21/09/2022 [Spanish]
con Hedi Marcassoli and Pedro García Villacañas (Sababa Security)
¿Sabía que el 91% de las aplicaciones, los documentos y los sitios web maliciosos se comunican con los servidores DNS corporativos para robar datos o redirigir el tráfico a sitios maliciosos? WannaCry, NotPetya, SolarWinds son solo algunos de los ejemplos más famosos, pero hay
muchos más.
Concienciación en Seguridad para equipos no técnicos
08/06/2022 [Spanish]
with Hedi Marcassoli and Perdo García-Villacañas (Sababa Security)
Una investigación reciente de Sababa Security da como resultado que 21 usuarios de cada 100 realizan acciones inseguras al recibir un correo electrónico de phishing. Estas acciones incluyen hacer clic en los enlaces, descargar archivos adjuntos y compartir datos confidenciales con estafadores. Aumentar la resiliencia de su empresa al phishing es posible una vez que forme a sus equipos internos para que reconozcan las técnicas de ingeniería social y comuniquen adecuadamente cualquier actividad sospechosa.
The Power of Cyber Intelligence: Make Your Business Benefit from Practical Threat Intelligence
07/06/2022 [English]
with Alessandro Anselmi (Sababa Security)
Cyber intelligence is fundamental and still one of the most mysterious elements of the security scenario in the newly digitized information world. It allows knowledge of threat scenarios and criminal contexts to be translated into a better understanding of security risks to determine the best defence strategy and tactics for a company. During the webinar you will learn what is cyber intelligence, how to classify online crime, and how to use cyber intelligence in practice to prevent cyber-attacks.
Dispositivi IoT: Come Gestirli in Sicurezza con Sababa e Phosphorus
24/05/2022 [Italian]
con Alessio Aceti (Sababa Security)
Sababa Security è lieta di invitarti ad un webinar esclusivo dedicato ad un’innovativa soluzione di Phosphorus per la gestione dei dispositivi IoT – dai Display della Digital Signage allo Smart Meeting Display, dalle stampanti alle telecamere, dagli Access Point ai telefoni VoIP, e non solo. Molto spesso, infatti, questi device hanno firmware obsoleti e password di default che espongono la tua azienda ad elevati rischi cyber, rappresentando una vulnerabilità facilmente sfruttabile dagli attaccanti.
Cyber Due Diligence: La Sicurezza e la Software Governance Necessarie Per Prendere Decisioni Importanti
29/03/22 [Italian]
with Augusto Fedriani, Alessandro Anselmi (Sababa Security), Alexandro Regoli, Sabrina Di Cristofaro (SoftwareONE)
La cybersecurity, così come la software governance, possono essere tanto importanti quanto complesse per le imprese, soprattutto quando un'azienda deve acquisirne un’altra o quando un'organizzazione si deve preparare per un audit di verifica. In queste situazioni, ciascuna parte coinvolta vuole essere a conoscenza di qualsiasi vulnerabilità esistente o potenziale rischio in anticipo, così da poter prendere decisioni sagge – basate su fatti – per il futuro delle proprie imprese.Play and Learn: Practical Tips for Successful Security Awareness Training
29/03/22
with Virginia Puleo (Sababa Security)
When you have a clear objective of spreading awareness among teams inside your organisation, you can easily come across different levels of technical skills and understanding of cybersecurity challenges. Moreover, you have to deal with users engaged in many diverse daily activities. Training people in cybersecurity is not just a matter of providing a ton of information and hoping that they will digest it, it is about behavioural changes too. And one of the most efficient ways of doing that is by actively engaging users. Within this perspective, findings show that gamification positively impacts on learners’ ability to recall, retain and make practical use of the training content, leading to faster and more notable results.Is the Era of SIEM Over? - New Extended Detection & Response (XDR) Tools
02/03/22
with Anrea Salvaterra (Sababa Security), Leonardo Antichi (Sababa Security) and Antonio Pusceddu (Secureworks)
XDR (Extended Detection and Response) solutions represent the next generation of tools for detecting and responding to targeted cyber-attacks of all kinds. But how do these new generation solutions differ from traditional security services? And what impact can an XDR solution have on business productivity and efficiency? During the webinar to find out: • How to protect your company’s attack surface at 360 degrees • How to reduce your IT resource’s workload: no more " false positives " and "background noise" • That “SOC as a service” is a team of specialists supporting you for during the security management and incident response cycle - with one click • Why it is important to have a localised first line of SOC and how to leverage from additional managed services provided by local suppliersCybersecurity Fundamentals: Quick Start Kit to Protect Your Business
24/11/2021
with Leonardo Antichi (Sababa Security) Whether a company only starts thinking of its cybersecurity strategy or needs to identify the next security investment, it should be careful. The market generously offers any kind of technology, service, and training, that can make anyone overwhelmed. In order to make the right choice, decision makers need to know what the company’s needs are. Therefore, we made Sababa Cybersecurity Fundamentals – a package of 3 short services, that combine general and technical assessments with hardening of Active Directory. As a result, businesses gain crystal-clear understanding of their risk vectors as well as next step guidelines with respect to their maturity level, industrial compliance standards, business plans and budgets.Sababa Security Portfolio: Tailored Approach to Cybersecurity
10/11/2021
with Alessio Aceti (Sababa Security) When it comes to defining the next cybersecurity investment or building up a long-term security strategy for an organization, details matter. Does the company have a connected OT infrastructure and IoT devices to be protected alongside its IT network? Are there any specific compliance standards to consider? How mature are the company’s security processes and internal IT teams? What are its business objectives? Answers to the above and a bunch of other questions are vital to define the blend and consequence of security technologies, services, and training most efficient for the organization. Sababa Security comes up with a portfolio of security solutions that meets the unique combination of security requirements for each client. During the session Alessio Aceti, the CEO at Sababa Security, will guide you through the portfolio and reply to your questions.Virtual CISO and the Real Problems He Handles
30/06/2021
with Riccardo Sepe (Sababa Security) Why does a company need a Virtual CISO? Good cybersecurity execution requires strategic vision and proper planning, based on the insights on modern attacks used by cyber criminals and benchmarking with the reference industry. It also needs the latest best cybersecurity practices to set up right protection mechanisms to improve your security posture and resilience. Learn how a Virtual CISO can help your team from this webinar.Security Is Nothing Without Control
23/06/2021
with Olga Orlova, Alfonso Danese and Marco Pasetto (Sababa Security) While companies grow, their infrastructures get more and more complex. As a result, an average company may gain a few security technologies, including firewall, endpoint protection, proxy, network security and more. While the technologies can be properly configured, up and running, and the security policies, passwords, and user administration rights properly managed, the IT and OT networks can still be exposed to security breaches, if nobody is monitoring their security systems.During the session you will learn, what is a “yellow zone” and why it is a perfect place for a cyber-attack to incubate. You will discover, that the security technologies you are already using, can be enough to protect your company, and find out how you can boost their effectiveness with 24x7x365 security monitoring.
Automotive Cybersecurity: Hacking IoT Systems from Remote
09/06/2021
with Omar Morando (Sababa Security) and Giuseppe Faranda (Drivesec) Cyber security, and therefore the resilience to digital attacks, of IoT systems and in general of connected systems, is the enabling element for any network-based and digital ecosystem. The European legislator has started working on regulations for the certification of the security requirements of IoT systems. The automotive sector is the first one to adopt legislation (UN regulation 155) which establishes safety requirements valid for the approval of cars.The best way to check the level of resilience is the use of penetration tests carried out by specialized personnel. The system that will be described aims to make the penetration tests of IoT systems more agile, monitorable and effective thanks to the "remote control of the testbed", that is, through a platform that brings together supply and demand, supporting the execution of tests without the need for physical access to devices.
MFA: Protect and Simplify Access to Remote Applications
26/05/2021
with Leonardo Antichi (Sababa Security) Manuel Minzoni and Romain Breysse (inWebo) Now more than ever, Software-as-a-Service (SaaS) applications not only enable communication and collaboration, but are also a lifeline for remote workers and help organizations efficiently manage internal operations and innovate quickly to keep up with the competition and provide value for consumers.Proper security and management of the SaaS applications is an essential part of a comprehensive cybersecurity strategy, therefore, using Multi-Factor Authentication (MFA) becomes an excellent way to promote employee mobility and productivity. Find out how inWebo MFA helps companies around the world to face the challenge of a digital transformation: increasingly sophisticated cyber-attacks, smartworking, and data protection in the Cloud.
When It Comes to Cybersecurity, Education is Critical
12/05/2021
with Olga Orlova (Sababa Security) and Dasha Diaz (itrainsec) If you understand that knowledge on cybersecurity is important for your company’s human resource resilience, you are on the right track. Security awareness platforms address most of the topics and introduce common security skills and daily habits to non-IT teams. But how do you train your CEO and C-level management, who are attacked 4 times more often and ingeniously? Or how do you upgrade your IT professionals, that may need additional knowledge and practice in Threat Intelligence, or OT security for industrial environments?Learn from the live streaming with the CEO of itrainsec - our partners that brings advanced cybersecurity training programs to Italian enterprises and security partners. Delivered by recognized trainers from Google, VirusTotal, Skyscanner, DeNexus and others, they can practically upskill and inspire your key cybersecurity stakeholders.
