October 18 @ 8:00 am - 5:00 pm
The Vancouver Cyber Security Conference features 40-60 vendor exhibits and 8-12 educational speaker sessions discussing current cyber-security issues such as cloud security, email security, VoIP, LAN security, wireless security & more. We give away numerous prizes including cash and gift cards up to $100, the latest tech gadgets and much more! You'll come away with advice and knowledge so you can start proactively protecting your environment from the latest security breaches. Your registration will include your breakfast, lunch, conference materials and entrance into the conference sessions and exhibit area. THIS CONFERENCE QUALIFIES FOR CPE CREDITS. View the full conference agenda below.
For information on participating as a vendor: email@example.com
Data Connectors is proud to host the Cybersecurity Strategies Conference.
Autonomous Cyber Defense: AI and the Immune System Approach
From insiders to sophisticated external attackers, the reality of cyber security today is that the threat is already inside. Legacy approaches to cyber security, which rely on knowledge of past attacks, are simply not sufficient to combat new, evolving attacks, and no human cyber analyst can watch so much or react quickly enough. A fundamentally new approach to cyber defense is needed to detect and respond to these threats that are already inside the network – before they turn into a full-blown crisis.
Self-learning systems represent a fundamental step-change in automated cyber defense, are relied upon by organizations around the world, and can cover up to millions of devices. Based on machine learning and probabilistic mathematics, these new approaches to security can establish a highly accurate understanding of normal behavior by learning an organization’s ‘pattern of life,’. They can therefore spot abnormal activity as it emerges and even take precise, measured actions to automatically curb the threat.
Discover why autonomous response and machine learning is the future of defense and how the ‘immune system’ approach to cyber security provides complete network visibility and the ability to prioritize threats in order to better allocate time and resources.
In this session, learn:
- How new machine learning and mathematics are automating advanced cyber defense
- Why full network visibility allows you to detect and autonomously respond to threats
- How smart prioritization and visualization of threats allows for better resource allocation and lower risk
- Real-world examples of unknown threats detected by ‘immune system’ technology
Lauren Koenig is the Regional Manager of Western Canada at Darktrace, the world’s leading machine learning company for cyber defense. She has worked extensively with clients across numerous industry verticals, from Oil and Gas to Legal, helping them deploy Darktrace’s Enterprise Immune System, the only AI technology capable of detecting and autonomously responding to early-stage cyber-threats. Koenig graduated with a MA from the University of Edinburgh and Masters and MSc from London School of Economics. She manages Darktrace’s Vancouver office located on Seymour Street.
Sr. Product Marketing Manager
Cyber Exposure – The Next Frontier
The attack surface for today’s IT landscape is a far cry from the past. Once focused on protecting traditional data centers, cybersecurity professionals are increasingly guarding a complex litany of modern assets like cloud instances, web-based applications, mobile devices, application containers and more. Failure to appropriately manage the unique characteristics of these technologies as a whole can jeopardize the entire risk management program. Join us for a discussion on how companies can reduce their risk and close their overall cyber exposure gap resulting from today’s challenging attack surfaces.
Most online services are offering now Web APIs. These APIs allow for easier and faster interoperability and data exchange between services, but at a cost. Compared to traditional websites APIs expose more of your services internal systems, have fewer business controls in place, and are slower to update. Despite this increased risk Web APIs are frequently less protected than traditional websites. In this session find out how a proxy server can be used to limit the exposure, provide increased security and act as a virtual patch for API vulnerabilities.
Sean Power is a Solutions Architect at DOSarrest Internet Security. He has over 15 years experience in the fields of networking and security for enterprise and service provider networks. For the past 4 years he has specialized in designing denial of service defence strategies for all levels of systems.
An Overview of WLAN Security
As employees at all levels default to Wi-Fi to access the corporate network, controlling who can join – and what they can do – has become business critical. The rise of low sophistication ‘things’ also rapidly increases the attack surface – with rising popularity of IoT hacks.
So how do different security models stand up to this new reality, and how secure is your connection? Bring your questions and join our speaker to cover:
- The 5 tenets of WLAN security
- Choosing the proper authentication and encryption model that doesn’t force user workarounds
- Utilizing Private PSK technology
- Device and user access control
- Future challenges for Wi-Fi security and WPA3
Troy Martin is a Systems Engineer at Aerohive Networks, specializing in mobile and cloud technology. In addition to teaching others how Wi-Fi works, his work includes designing, provisioning, and troubleshooting Wi-Fi networks . Prior to Aerohive, Troy provided Wi-Fi consulting in multiple verticals including service provider, enterprise, education and industrial environments such as mines, refineries and chemical plants. He is passionate about connecting things without wires. Troy is a P.Eng. who holds Bachelor degrees in both Electrical Engineering and Computer Science along with several industry certifications, most notably the CWNE, GAWN and CISSP.
Senior Security Strategist
Securing Privileged Access Across the Hybrid Enterprise
How do you defend against privileged user breaches and losses?
Whether they are obtained maliciously or leveraged inappropriately by a valid user, exploited privileged user accounts are the common thread of most data breaches. And as your environment grows increasingly complex, so does the challenge of defending against ever more sophisticated—and damaging—attacks.
This session will discuss what is a privileged account, where would you find them in your organization, and best practices for managing and controlling these accounts. We will conclude with some recommendations for a privileged access management program.
Alan Hrabinski serves as a Senior Security Strategist for CA Technologies. In this role he advises clients on how they can address their requirements for information security and risk management. He also counsels clients on the role of identity and access management in their digital transformation.
Alan has over 30 year’s experience working with the world’s largest customers on how to use enterprise systems to enhance and accelerate their business initiatives and processes. He has shared his experiences and expertise as a conference speaker around the world.
Win Big with IT Resilience
In this presentation we shall discuss a key component of business transformation — the evolution of BC/DR to IT Resilience and how to leverage Zerto to protect, transform and innovate your business. IT Resilience allows you manage both unplanned disruptions, including outages, ransomware attacks, natural disasters as well as the planned disruptions, such as moving to cloud or data center consolidations. With Zerto you can be resilient and ready to accelerate transformation by seamlessly adapting to new technology, while protecting the business and customers from disruptions.
How They Bypass Office 365 Security
The move to SaaS has changed the phishing landscape: your Office 365 inbox is the #1 threat vector and your Office 365 credentials are their #1 target. In this talk, we will demonstrate the techniques attackers use to bypass Microsoft’s defenses. Learn how they use Microsoft’s own services to fool filters and utilize built-in tools to launch them internally–bypassing your email security gateway.
During this session, we’ll demonstrate how to protect Office 365 from:
- Email-based phishing, spoofing, and malware
- Account takeover, insider threats, compromised Microsoft credentials
- Loss of sensitive data from OneDrive, SharePoint and Office 365
Automating Security Integrations at Scale
Organizations are deploying a plethora of security solutions in their networks and yet cybercrime continues to extract its toll. It is estimated that approximately 1% of global GDP is lost to cybercrime every year. The challenge is not that companies don’t have enough security solutions monitoring the various attack vectors but rather that the tools are siloed and do not work together in an automated fashion to respond to incidents fast. Increasing global regulations on breach response and shortage of skilled security resources make it all the more imperative that security operations teams use automation as much as possible when investigating threats.
During this session, learn how security automation at scale drives productivity in any organization. Infoblox’s approach leverages the power of DNS, DHCP and IPAM data for event correlation, while automatically supplying threat intelligence, IOCs and context to existing security infrastructure for faster remediation. It provides tools for resource constrained SecOps teams to quickly investigate threats while bridging the various silos in a security architecture. 1 click at scale saves 10 clicks at every level in an organization. So, learn how to better automate your security operations.
Srikrupa has 20 years of experience in technology in various roles including software development, product management and product marketing. Currently, she leads messaging, positioning and bringing to market Infoblox’s security solutions that ease security operations and provide DNS based security. She has an MBA from University of California, Haas School of Business and a Computer Science Engineering degree.
VP and Country Manager
How stealthier attacks are blurring the lines between cybercrime and statecraft
Join CrowdStrike as we reveal some of the most alarming tactics, techniques and procedures (TTPs) being employed by today’s highly sophisticated adversaries. This session addresses the enhanced risks companies face, how organizations should leverage security capabilities and resources to best defend their assets and how a robust intelligence program separates the strong from the weak in operational security.
- The current global threat landscape and some of the latest cyber trends that have been uncovered by a team of elite intelligence professionals
- Some of the most advanced tactics, techniques and procedures (TTPs) utilized by nation-state actors, which are finding their way into mainstream criminality – these are an indicator of what to prepare for
- Best practice strategies you can implement to best protect your organization from increasingly sophisticated attacks
With over 20 years of Information Technology Management and Security experience working with both Private and Public Sector in Canada, Serge Bertini is the VP and Country Manager for CrowdStrike in Canada. Prior to joining CrowdStrike, he was the VP and GM for the Security Division of HPE Canada. His understanding of the security challenges organizations face on a daily basis, has helped his customers to develop and implement successful business-focused cyber strategies. Previous to HPE, he was the Regional Director for Intel Security/McAfee where he was named McAfee’s Global Sales Regional Manager of the year. Serge has a degree in Electrical Engineering and Computer Science from Fairleigh Dickinson University in Teaneck NJ. He lives in Toronto with his wife and their three children. He is an avid cyclist and amateur cook and enjoys hosting his family and friends for large dinner parties!
White Collars & Black Hats: Bitcoin, Dark Nets and Insider Trading
We know criminal hacking is big business, over the past decade, we have seen criminal syndicates get creative with ways of generating revenue, through markets selling stolen credit cards, selling of tools and services and more recently ransomware. With the rise of popularity in Bitcoin, there has been an increasing interest from those in the financial sector in the pseudo-anonymous currency as well as underground markets and sites sharing information via hidden services in the Tor network and other platforms. Financially savvy white collar criminals now have increased access to criminal hackers who can target, steal and share nonpublic data about companies, this paired with the anonymous nature of hidden services and Bitcoin reduces the risk of getting caught, but with large financial gains. In this talk we will review several cases where criminals have gained millions of dollars through compromising PR and legal firms and steps organizations can take to protect this data.
Ken Westin is currently Senior Security Specialist at Splunk, helping organizations aggregate, analyze and operationalize disparate security data sources to identify and mitigate threats in various forms. In his past he has helped solve crimes with data, tracking stolen devices, breaking up organized crime groups, recovered stolen vehicles, even solved a violent carjacking, leading to the prosecution of dozens of criminals. He has at presented at DEF CON, Black Hat, RSA and other security conferences. His research has been featured in Wired, Forbes Magazine, Motherboard, BBC, Dateline NBC, USA Today and other publications around the world.
Cyber Due Diligence – Is it still relevant and how to demonstrate it?
In today’s technology driven world, it is a no-brainer that any organization has to demonstrate proper due-diligence in anticipation of a cyber-attack.
Whatever be the approach, the end goal mantra always remains the same, clearly define goals and expectations ahead of a breach.
As today’s cybercriminals are hitting business by attacking the crown jewels using various techniques, it has become important that enterprises adopt a holistic approach towards their digital forensics and incident response approaches to contain, respond and prevent any breach.
In this engaging discussion you will learn about how to budget and prioritize. It will also demonstrate some of the best practices in secure IT operational discipline, providing a solid foundation in the cyber resiliency. Additionally, you will also learn more about the technologies available and how to match them against the security maturity model for context as well as the key differentiators between Reactive, Proactive and Adaptive security.
Sangameswaran Iyer Manikkayam is Manager – System Engineering for Trustwave Canada. He brings with him over 18 years of industry experience in Information Security and Risk in large projects involving infrastructure software and emerging security technology solutions. He has designed IT solutions targeted in the arena of enterprise security, vulnerability assessment, end-point security enforcement & GRC. He has worked with customers across the globe in diverse verticals including: DoD, government, law enforcement agencies, telecom, banking & finance, transportation, energy and education.
Sangameswaran has experience in different aspects of information security solutions, from programming to security architecture. He is a qualified security expert with leading industry certifications such as GSEC, CISSP, CISM, CRISC, CCSK and VTSP. He has also presented on diverse topics at various security forums like ISACA, TASK and SecTor and was invited by Interpol to speak at the International Cybersecurity Conference held in New Delhi, India.
Credential Abuse in O365
Today’s security and compliance tools focus on safeguarding the perimeter. They help you manage endpoints and patch system vulnerabilities. But cyber criminals generally don’t target technical flaws, they target human weakness. To stop today’s advanced attacks, you need to focus on protecting your people. Proofpoint calls this human focused strategy, People Centric Security. Threat actors will increasingly continue to target people and the move to the cloud changes the way an organization needs to protect themselves. In a cloud first world, the credential and human are inseparable. Therefore, Proofpoint has expanded its cloud protection services to include credential centric security as part of its overall threat protection services. This session will focus on how Proofpoint integrates the VAP (Very Attacked Person) and VAC (Very Attacked Credential) to identify and root out bad actors.
Phillip White is an eighteen-year cyber security industry veteran based in Atlanta, Georgia. He has an extensive background in identity management, managed security services and cloud data protection. Phillip recently joined Proofpoint’s Advanced Technology Group focused on expanding Proofpoint’s cloud protection services. Prior to joining Proofpoint, Phillip worked at a Kleiner-Perkins, Google Venture, Goldman Sachs start-up focused on cloud scale data protection and orchestration. Phillip’s career includes successful stints at Symantec, Oracle and Sun Microsystems.