Virtual Summit
Chicago
Virtual Cybersecurity Summit
The Chicago Virtual Cybersecurity Summit is a new way to connect with like-minded executives, innovative solutions providers, experts and luminaries. With a shared interest in security innovation in the region, summit attendees have a lot to talk about in the live, immersive virtual experience.
Date
Tue. Apr 20 — Wed. Apr 21
Event Schedule
Times for this Event are in Central Standard Time (CST)
The Summit will be open from 8AM to 6PM.
- Breakfast Briefing 8:55 am
- Welcome
-
Understanding and Combating Credential Stuffing Attacks 9:25 am
Click to Expand
Credential stuffing attacks are the most common threats observed at Auth0. These attacks can lead to fraud, loss of reputation, and ultimately, loss of revenue.
In credential stuffing attacks, threat actors use stolen credentials from one breach to take over users’ other accounts. This is effective because, according to Google, 65% of people reuse passwords across multiple accounts. On some days, these attacks originate from more than 50,000 IP addresses and may account for as much as half of all login attempts using our platform. Even the most mature companies are vulnerable if they don’t have the right preventative measures in place.
Join Auth0 to learn:
- How credential stuffing attacks work
- What effect they can have on your company
- Steps to detect and mitigate these attacks
Panel Participants:
-
Using Security Testing to know What’s Working 9:45 am
Click to Expand
The security team needs to stop being invisible. When we’re not on the forefront on business mind-share, security becomes a cost-center that only appears if something goes wrong. Using security testing to show what is going right – quarter by quarter – demonstrates the direct and real impact of the security team on the safety and strength of the business itself. This session will dive into topics regarding how continuous security validation can demonstrate ROI on investment, how to show that those investments have a real impact on the reputation and revenue of the business, and how any new spend can be justified in terms of continued benefit to the bottom line.
Panel Participants:
- Morning Coffee Break
-
Why do Small Businesses Need Big Protection? 10:20 am
Click to Expand
As a Small and Medium Business (SMB), it’s easy to feel like some of the biggest cybersecurity challenges are aimed at large organizations. The opposite is true. Small businesses face many of the same cybersecurity challenges as larger businesses: 66% experienced a cyberattack in 2019, and 63% experienced a data breach.
Yet, 75% of SMBs know they need more security – and 41% say they worry about breaches from SaaS Apps, which they rely heavily on. At the base of many of these challenges lies DNS Security. DNS protection is easier to add, and more impactful on reducing overall threats than any other single upgrade that can be made to an average system.
Rohit will discuss a simple, cloud-delivered security service that is cost-effective for a team of any size to deploy, use, and manage.
Panel Participants:
-
IoT Security Is Bad. It’s Time For a Different Approach 10:45 am
Click to Expand
For many years now, enterprises have seen an explosive rise in unmanaged, IoT and IoMT devices. These devices are hard to discover, often run obsolete operating systems, and can be in service for years. They cannot be protected by typical agent-based security technologies. It’s time for a modern approach. In this session, Ordr CISO Jeff Horne discusses a modern framework for connected device security. This includes real-time, continuous asset inventory, monitoring of device behavior and risks, and automated Zero Trust policies to allow device access while limiting exposure.
Panel Participants:
- Expert Panel Discussion #1 11:05 am
- Lunch Break
-
Keynote: Presentation on CISA Ransomware Response Campaign 12:15 pm
Click to Expand
Session Details Coming Soon
Panel Participants:
-
Automate or Die Trying: The New Cybersecurity Reality 1:10 pm
Click to Expand
As the nature of threats continue to evolve as well as the volume of threats increase, a new reality is setting upon cybersecurity teams – automation. Paired with human error and the insurmountable amount of data to manage, it is inevitable that a potential threat will slip through the cracks for businesses who rely too heavily on manual process.
Implementing automation could be vital in order to reliably protect your organization and ensure resilience through robust and repeatable processes.
Join our session to learn:
- Key security considerations when implementing automation programs
- Advice for how companies can begin finding success with AI and machine learning
Panel Participants:
-
Extortionware: Your Privacy Problems Made Public 1:30 pm
Click to Expand
Over the last decade, ransomware has increasingly become the most popular option for hackers to monetize the access they’ve obtained to corporate computer systems around the world. Over the last few years, we’ve observed ransomware software and techniques adapt and evolve to include the theft and exposure of private information, creating extortionware as a new breed of malicious software. This talk will provide an overview of these techniques and discuss the potential privacy and security impacts you may face as a result.
Panel Participants:
- Afternoon Coffee Break
-
Moving Beyond Password to Delight & Secure Users 2:05 pm
Click to Expand
Passwords have been a constant throughout the internet era. As we’ve moved from desktops to smartphones, from on-premises infrastructure to cloud services, we’ve all relied on passwords to access and safeguard our data and resources across the applications we use on a daily basis.
But in this new digital age where data breaches are rampant, passwords are no longer good enough. Not only are they insecure, they are expensive and offer a poor user experience. Fortunately, there’s a better way to protect your applications and stop account takeover incidents.
In this session, we’ll discuss the benefits of passwordless authentication and explain how eliminating the password can help improve user experience, admin visibility and control, and scalability. We’ll also walk through key considerations and first steps as you embark on your passwordless journey.
Panel Participants:
-
Shifting PAM into High Gear with Zero Standing Privilege (ZSP) 2:30 pm
Click to Expand
Zero Standing Privilege (PAM) was a new term introduced in 2019 and might just be the best approach to shift your PAM strategy into high gear. In this short presentation, we’ll discuss how PAM projects were managed historically and highlight a new PAM approach to reduce the impact of compromised admin credentials.
- Do you know what admin credentials exist today or even how they change over time in your organization? This is just one of several challenges we’ll discuss, offer a solution and discuss the need and value of frequent scanning of admin rights, reporting on current standing privileges and the adoption of a ZSP and Just-In-Time administration.
- So, if you’re looking for quick wins in PAM, including removing local admin rights and support for DevOps+PAM use cases, join the discussion and learn how other organizations like yours have succeeded.
Panel Participants:
-
Expert Panel Discussion #2 2:50 pm
Click to Expand
Session Details Coming Soon
- Afternoon Break
-
The Rise of Secure Access Service Edge (SASE) 3:35 pm
Click to Expand
Secure access service edge (SASE) offerings are cloud-delivered platforms that give consistent security across different applications, devices, web destinations, on-premises resources, and infrastructure. To achieve this, these platforms deliver a variety of functionality from complementary security solutions. As organizations operate in our frenetic business world, SASE becomes imperative. In this session, you will learn:
- Why organizations need SASE
- The key components of SASE offerings
- How SASE architectures impact performance
Panel Participants:
-
Guest Keynote: Confessions of a Rogue FBI Agent 3:55 pm
Click to Expand
Mr. EJ Hilbert is a former FBI Agent, AND among many other endeavors, he was a technical consultant on movies like Die Hard and Untraceable. Yes, that’s right, to say he has one of the most exciting life stories is an understatement.
In the early days of cybercrime, back in the late ’90s, the FBI formed a new division to handle identity theft and other cybercrime, fighting criminals that worked OUTSIDE our national borders. EJ Hilbert was there in the beginning. He’ll talk about case studies from that time, and walk through the sensational story of his travels, which led him to bring down the first major Russian CyberHacker, and later land him squarely in the crosshairs of an international spy thriller, complete with corporate espionage, rogue agents, questionable officials and bad actors.
Panel Participants:
- Day One Closing Session
- Day Two
- Welcome / Introductions
-
Do’s and Don’ts for Business Email Compromise (BEC) and Email Account Compromise (EAC) 9:25 am
Click to Expand
Email fraud leads to two main threats- one is Business Email Compromise (BEC) where attackers pretend to be you; the other one is Email Account Compromise (EAC) where attackers actually become you. BEC/EAC scams have cost the victimized businesses over $26 billion since 2016. What they have in common is that they both target people. They both rely on social engineering and are designed to solicit fraudulent wire transfers or payment. Unlike malware attacks, BEC and EAC don’t typically include detectable malicious payload. These types of threats can be hard to recognize because to the target these business requests sent by the impostors seem very routine and reasonable.
Join our session and learn about:
- What is BEC and EAC? And how do they work?
- What are the common attack tactics regarding this new form of email threats?
- Best practices to defend against BEC and EAC
Panel Participants:
-
The Cloud Requires an Evolution Beyond the Secure Email Gateway 9:45 am
Click to Expand
Cloud email requires a new approach to security. If your corporate email relies on Microsoft or Google, you may have deployed (or are considering) a Secure Email Gateway (SEG). Originally designed as a perimeter solution for on-premise email, you should ask these questions:
- Why do you disable the native security in our platform?
- How can my configuration allow attackers to bypass the gateway?
- How do we block insider email attacks?
- How can we quarantine a compromised account?
- How can we prevent Business Email Compromise (BEC) or impersonation email attacks?
Our cloud security expert Jeff will explain where an SEG approach falls short protecting cloud-hosted email. Touch upon fundamental architectural weaknesses of a proxy design, and arm attendees to help them make smart decisions to protect their users.
Panel Participants:
- Morning Coffee Break
-
Small businesses deserve big protection 10:20 am
Click to Expand
Small businesses are facing many of the same cybersecurity challenges as larger businesses. 66% of small businesses experienced a cyberattack in 2019, and 63% experienced a data breach. But securing your business doesn’t have to be complicated. Cybersecurity tools should be easy for a team of any size to deploy, use, and manage — letting you focus on more important things (like running your business!) Join Kate MacLean from Cisco to learn more about small business cybersecurity and how cloud-delivered security provides powerful protection against today’s biggest cyberthreats.
Panel Participants:
-
2020 Threats in Review 10:45 am
Click to Expand
2020 was a year of uncertainty, drastic change, and unprecedented challenge for businesses. Security leaders, in particular, have had to adapt their strategies fast, as remote and hybrid workforces become the norm.
Join Brianna Leddy, Director of Analysis at Darktrace, as she looks back at 2020’s most important threat trends, reflects on how the landscape has evolved, and discuss proactive solutions to the cyber challenges faced this year.
2020 was a year of uncertainty, drastic change, and unprecedented challenge for businesses. Security leaders, in particular, have had to adapt their strategies fast, as remote and hybrid workforces become the norm.
Join Brianna Leddy, Director of Analysis at Darktrace, as she looks back at 2020’s most important threat trends, reflects on how the landscape has evolved, and discuss proactive solutions to the cyber challenges faced this year.
She will present insights on the most significant threats discovered by self-learning Cyber AI in 2020, including advanced email phishing campaigns, SaaS account hijacks, and APT41.
Panel Participants:
- Expert Panel Discussion #3 11:05 am
- Lunch Break
- Keynote: 12:15 pm
-
The Last Line of Defense: The Importance of having a robust and comprehensive Data Protection strategy 1:10 pm
Click to Expand
Data protection is experiencing a resurgence. Historically it’s been seen as an innovation backwater and as “insurance”, but with the growth of Ransomware and cybercrime, and increasing risk, organizations are having to modernize their data protection architectures and strategies to ensure that data can be recovered quickly to ensure that an Organization can survive an attack. Join this session to learn about the latest innovations in the data protection space and how they can be deployed to provide a comprehensive last line of defense.
Panel Participants:
-
Why Office 365 Backup is ESSENTIAL 1:30 pm
Click to Expand
The role IT professionals play in a landscape where data loss, security breaches, and invasion of privacy are the new normal has never been more critical. With that spotlight comes great pressure to deliver on the organization’s expectations that data is safe, privacy is not compromised, productivity is unencumbered, and brand reputation is intact.
Join this session to review the data security challenges organizations face in today’s computing landscape, by uncovering the gaps in the out-of-the-box security features found in Office 365, that require action to achieve an effective backup and recovery strategy.
Panel Participants:
- Afternoon Coffee Break
-
Earn More Trust Through Vulnerability Management Best Practices 2:05 pm
Click to Expand
COVID has brought on a set of security challenges that has security teams pivoting and spinning up new applications to meet the unique demands of quarantine and remote work. When external and even internal environments demand that you move quickly, how do you measure and communicate changes? And how do you build trust with customers, staff and the board, ensuring data and other investments are protected? Join Synack’s VP of Operations, Nick Harrahill, for a discussion on how to meet these unique demands.
You’ll learn:
- Best practices security leaders can pursue to harden vulnerability programs
- How leveraging a continuous crowdsourced testing model can help measure and communicate security posture
- How to maximize trust with customers and throughout organizations
Panel Participants:
-
InfoSec Stories 2:30 pm
Click to Expand
This presentation will focus on vulnerability exploitation examples that boosted the success of Social Engineering campaigns. Additionally, will present a Secure SDLC process and how many of our clients benefited from it. Data from our recent InfoSec adventures will be used during the presentation.
Panel Participants:
-
Expert Panel Discussion #4 2:50 pm
Click to Expand
Session Details Coming Soon
- Afternoon Break
-
Securing Legacy Hardware Architecture Apps in Modern Cloud Infrastructure 3:30 pm
Click to Expand
Mission-critical applications running on legacy hardware, such as SPARC, Alpha, VAX, or PA-RISC, are posing a significant, ongoing threat to IT security in addition to risk of unplanned downtime, increasing costs, and diminishing support. Legacy hardware also complicates digital transformation brought about by embracing new technologies. In this presentation, we’ll discuss some effective strategies for migrating legacy apps away from aging hardware to a private or public cloud. We’ll also discuss bringing improved availability and enhanced security leveraging zero trust architecture to these previously brittle legacy apps.
Panel Participants:
-
Keynote: Mitigating cyber security threats using Artificial Intelligence 3:55 pm
Presented by Navy Personnel Command
Click to ExpandThis presentation will focus on vulnerability exploitation examples that boosted the success of Social Engineering campaigns. Additionally, will present a Secure SDLC process and how many of our clients benefited from it. Data from our recent InfoSec adventures will be used during the presentation.
Panel Participants:
- Summit Final closing Session
Registration
Tue. Apr 20 — Wed. Apr 21
Data Connectors events are for IT professionals only. Required fields are marked with an asterisk (*).
