Please join us for a teleseminar this Wednesday, April 23 at 12 Noon ET on what you need to know about the Heartbleed security bug, presented by Khurram Nasir Gore and Timothy J. Nagle of Reed Smith’s Data Privacy, Security, and Management group, and leading internet security company, IID.
Key information to be presented includes:
Heartbleed – it’s not just about your website. What are your full risks and exposures with any software, be it open source libraries or other code you deploy widely? Custom apps, networking gear, email servers, mobile apps – they can all be affected.
Taking advantage of this opportunity to do a full inventory and understand your exposures/risks ahead of the next major vulnerability announcement, so you can prepare ahead of time.
Who is taking advantage of Heartbleed or the next incident like this to penetrate your network or steal your protected information? In the hours after Heartbleed was announced, several companies and organizations were attacked with usernames/passwords syphoned. How can you find out about these kinds of attacks and defend yourself while mitigating the problem, since you can’t take everything offline?
What kinds of tools, techniques, processes do you need to minimize damage from wide-ranging issues like this that affect entire industries or ecosystems?
How can you get quality information about wide-impact issues like this as they unfold, and collaborate with your peers to react responsibly and appropriately?
Date and Time:
Wednesday, April 23, 2014
12:00 p.m. ET / 11:00 a.m. CT / 9:00 a.m. PT
Rod Rasmussen, President and Chief Technology Officer, IID
Khurram Nasir Gore, Reed Smith LLP, New York
Timothy J. Nagle, Reed Smith LLP, Washington, D.C.
On April 7, 2014, the Heartbleed bug came to light as a massive blow to the security of the Internet, and all things connected. The Heartbleed bug is not a virus, but a security vulnerability caused by an error in the software writing of OpenSSL, an open-source implementation of the SSL and TLS protocols. Preliminary analyses indicate that up to two-thirds of all web servers were exposed to this security vulnerability. While the first response clearly should be to update all affected corporate systems, corporate counsel and information security officers will also have an opportunity to step back and consider the sufficiency of their incident-response procedures and configuration-management processes.