Event Schedule

Times for this Event are in Central Time (CDT/CST)

The Summit will be open from 8AM to 6PM.

  • Welcome
  • Broken Authentication: Fixing one of the most critical web application security risks 9:25 am

    Presented by Auth0

    Authentication is a cornerstone capability of any application. Ensuring a user is who they say they are is crucial to maintaining data privacy and preventing fraud and data breaches. Consequently, improperly implemented authentication, known as broken authentication, is a potentially devastating application vulnerability. In fact, the Open Web Application Security Project (OWASP) lists broken authentication as the second most critical security risk to web applications.

     This session will provide:

    • An overview of broken authentication; 
    • Why it’s so dangerous;
    • The types of threats that can take advantage of this vulnerability;
    • How you can prevent this most critical application security risk.
    Click to Expand

    Panel Participants:

    Andrew Akers
    Andrew Akers

    Andrew Akers

    Senior Manager, Solutions

    Collapse This Item

  • Small Businesses Deserve Big Protection 9:45 am

    Presented by Cisco

    Small businesses are facing many of the same cybersecurity challenges as larger businesses. 66% of small businesses experienced a cyberattack in 2019, and 63% experienced a data breach. But securing your business doesn’t have to be complicated. Cybersecurity tools should be easy for a team of any size to deploy, use, and manage — letting you focus on more important things (like running your business!) Join Kate MacLean from Cisco to learn more about small business cybersecurity and how cloud-delivered security provides powerful protection against today’s biggest cyberthreats.

    Click to Expand

    Panel Participants:

    Kate MacLean
    Kate MacLean

    Kate MacLean

    Cloud Security Evangelist

    Collapse This Item

  • Morning Coffee Break
  • The Intersection of Data Backup and Data Security 10:20 am

    Presented by Druva

    Cyber attackers launch an attack every 6 seconds, and ransomware as a service is one of the fastest growing industries in the world. Meanwhile, data is now sprawled around the world – data centers, endpoints, SaaS applications, the cloud, and edge. There are so many new attack vectors for cyber criminals, that it is nearly impossible to build a moat around the company. Therefore, the question is not “will be breached?” but more “how do we handle our breaches?”

    Historically, organizational silos have left gaps for cyber criminals to attack. Data protection teams have a unique perspective across all the data and applications in the organization, while security teams have a view across all the security events in the company. Unfortunately, even though data is the organization’s biggest asset, that information has not been integrated.

    Now that cyber attackers are targeting data, security,data protection, compliance, and legal teams need to partner together. In this talk, we will cover best practices to manage attacks on an organization’s data. We will begin with how to limit the scope of an attack, detect attacks, and recover your data and applications. Then, we will walk through how to conduct forensic analysis and a legal assessment after the attack is over and the company is running again.

    Click to Expand

    Panel Participants:

    Stephen Manley
    Stephen Manley

    Stephen Manley

    Chief Technology Officer

    Collapse This Item

  • Disrupting Lateral Movement by Securing Active Directory 10:45 am

    Presented by Attivo Networks

    Organizations continue to build their security stacks, yet advanced threats and insiders continue to breach networks and extract valuable data. A common tactic among most of these Ransomware and Advanced Threat Actors today involves leveraging Active Directory.  AD contains all of the information that an attacker needs to successfully move laterally and accomplish their mission. 

     In this session, Tom Atkins will explore a new method for securing Active Directory that can (for the first time) actually prevent an attacker from progressing laterally through your enterprise network.  Some key highlights include:

    • How Threat Actors use AD to accomplish their goals
    • Why Monitoring Active Directory is not enough
    • What simple tools you can deploy to dramatically improve your security posture by better securing AD
    Click to Expand

    Panel Participants:

    Tom Atkins
    Tom Atkins

    Tom Atkins

    Area VP

    Collapse This Item

  • Expert Panel Discussion: User-Centric Security 11:05 am

    User-Centric Security

    Users, those carbon-based life forms usually roaming the halls of your buildings, are the last line of defense.  Data suggests that CEOs are ready to spend more money to contravene against attacks aimed at users. Training, tools, and education help – but what are we doing to make sure they are not the weakest link?

    Our Subject Matter Experts will look at the problem from multiple angles… Business Email Compromises (BEC)/Phishing and Account Takeover…  as well as Endpoint Security, Identity and Access Management, and Password (-less) solutions.  Attendees will understand the myriad of challenges from multiple perspectives, and different concepts on how to address.

    Click to Expand

    Panel Participants:

    Michael Cole
    Michael Cole

    Michael Cole

    Principal Advisory Services Consultant

    Craig Broussard
    Craig Broussard

    Craig Broussard

    Director of Global Infrastructure - NCH Corporation

    Mark Sangster
    Mark Sangster

    Mark Sangster

    Cybersecurity Expert & Author “No Safe Harbor”

    Collapse This Item

  • Lunch Break
  • Keynote - Protecting Your Critical Infrastructure: Every Day is Game Day! 12:15 pm

    Protecting Your Critical Infrastructure: Every Day is Game Day!

    Special Agent In Charge William Smarr, from the US Secret Service Dallas Field Office will share the details of his agency’s cyber strategy and the criticality of establishing trusted partnerships before an incident occurs. The Secret Service’s world-wide network of Cyber Fraud Task Forces (CFTF) join together federal, state and local law enforcement, along with private sector partners and academia to combat cyber criminals across the globe. His talk will cover the authority, capabilities, and cyber strategy of the CFTF network and how the Secret Service strives to build partnerships at all levels and in all critical infrastructure sectors to ensure when a crisis does occur, the phone call to law enforcement will be met with a familiar voice.

    As a cybersecurity leader in Texas, you should have the Secret Service CFTF team’s number in your mobile phone. In this discussion, SAIC Smarr will talk about tabletop exercises, how to assure senior executives are bought-in on cyber strategy, and share useful resources from the Secret Service and other agencies that stand ready to support organizations in the region. 

    In this exclusive briefing for the Texas Virtual Cybersecurity Summit audience, he will share insights from recent case studies from across the state. 

    Click to Expand

    Panel Participants:

    William Smarr
    William Smarr

    William Smarr

    US Secret Service Special Agent in Charge - Dallas Field Office

    Collapse This Item

  • The Last Line of Defense: Data Protection 1:00 pm

    Presented by Pure Storage

    With the growth of Ransomware and cybercrime, Data protection is experiencing a resurgence. Organizations are quickly having to modernize their data protection architecture and strategies to meet not only these demands but also the demand that digital transformation is placing upon them; current approaches are designed around a backup centric approach, whereas a new approach centered around restore and getting organizations back up and running as quickly as possible are critical. Join this session to learn about the latest innovations in the data protection space and how they can be implemented to provide a restore centric approach and provide a true last line of defense.

     

    Click to Expand

    Panel Participants:

    David Huskisson
    David Huskisson

    David Huskisson

    Rapid Restore Solutions Lead

    Collapse This Item

  • Rethinking Your Data Protection Strategy in the Age of Ransomware 1:20 pm

    Presented by Zerto

    With the proliferation of data-driven digital business growing at an exponential pace, so is the pace of cyber security threats and attacks, such as ransomware. Cyberattacks can cost a company $1.4 Million on average in recovery when you add in the cost of lost productivity, reputation damage, and service disruption. Are you at risk? Can your backup keep pace with the speed of recovery that’s needed today? Attend this session to find out why traditional backup won’t save you from ransomware attack and how continuous data protection helps you to prepare, respond and recover from an attack.

    Click to Expand

    Panel Participants:

    Andy Fernandez
    Andy Fernandez

    Andy Fernandez

    Senior Technology Evangelist

    Collapse This Item

  • Afternoon Coffee Break
  • Feature Keynote: Digital Forensics - USSS 2:00 pm

    Digital Forensics: Insights from the Secret Service Texas Field Lab!

    Local, state, and federal law enforcement agencies across Texas rely on the US Secret Service Regional Forensic Lab, headed by Senior Special Agent Steve Gemperle.  Together with Special Agent Clarke Skoby from the Houston Field Office, they will share (as much as they’re allowed) some of the cutting-edge practices used by the lab for prosecuting criminals.  It’s not just ransomware and business email compromise – but also robberies and homicides that have a cyber element; this is when agencies across Texas rely on the Digital Forensics Lab.

     Ever wondered what happens to those confiscated laptops? Server images with advanced malware? How about when digging information from a biometric-locked mobile device that can prove to be the lynchpin of a criminal investigation?  These agents spend their days working behind the scenes, doing the stuff we’ve all seen depicted in the movies and TV crime dramas.

     More importantly, they will explain for the Data Connectors audience what cybersecurity leaders can do to make themselves more secure. They’ll cover how to assure employee user agreements are in place, how to think about logging and audit, systems to consider, relationships to have in advance of a breach that could save you from problems down the road. Relating local stories that may seem familiar from headlines, this exclusive insight into the digital forensics’ lab will be a unique opportunity to learn about the innovative and exciting tactics used by the Secret Service protect citizens and financial infrastructure.

    Click to Expand

    Panel Participants:

    Stephen Gemperle
    Stephen Gemperle

    Stephen Gemperle

    Senior Special Agent, USSS - San Antonio Field Office & Lab Director for Regional Forensic Lab

    Clarke Skoby
    Clarke Skoby

    Clarke Skoby

    Special Agent, USSS - Houston Field Office - Advanced Digital Forensics Expert

    Collapse This Item

  • Top 4 Reasons Why Privileged Access Management Implementations Fail 2:40 pm

    Presented by Remediant

    It is shocking that, year over year, stealing credentials is still the top tactic used by attackers to breach organizations. Why is this still happening? Hint: It isn’t only because of weak passwords. Organizations have invested heavily into privileged access management technologies, but these solutions have struggled to address the problem for five key reasons. In this discussion, we will address the gaps in current access management approaches but, more importantly, show you how to quickly close the gaps and significantly reduce security risks without disrupting your current investments or systems. 

    Click to Expand

    Panel Participants:

    JD Sherry
    JD Sherry

    JD Sherry

    Chief Strategy Officer

    Collapse This Item

  • Afternoon Break
  • Latest network-layer DDoS trends and the rise of ransom-driven attacks 3:15 pm

    Presented by Cloudflare

    Unprecedented changes in how people live and work around the world since the COVID-19 pandemic led to changing patterns of Internet usage. And as our reliance on the Internet surged, so did the frequency, sophistication, and distribution of cyberattacks. 

    In this talk, Cloudflare’s Head of Solution Engineering will discuss the latest DDoS attack trends observed over Cloudflare’s network. Join this talk to understand:

    • Key trends and shifts in the DDoS landscape
    • Ransom-based attacks: what are they and how to respond?
    • Steps organizations can take to better protect their networks
    Click to Expand

    Panel Participants:

    Trey Guinn
    Trey Guinn

    Trey Guinn

    Head of Solution Engineering

    Collapse This Item

  • Guest Keynote: The Risk Balance Sheet 3:30 pm

    The Risk Balance Sheet

    When executives around the C-suite converse about business issues, they have some standard ways of accounting for concerns.  Accounting is the language of business, and the balance sheet a standardized way of looking across business units, organizations and industries. This makes it easy for even an outside party, or a board member who sits with multiple organizations, to assess the health of the business.

    So why not a risk balance sheet?  In this guest keynote, Andrew Vezina, VP and Chief Information Security Officer (CISO) at Equitable Bank (EQ Bank) in Canada talks about his ground-breaking idea for a new way to look at risk.  You’ll hear how it works, and how it enables CISOs to convey to non-technical executives where risks lie in the business, and how they have been mitigated by processes, technologies and other means.

    Click to Expand

    Panel Participants:

    Andrew Vezina
    Andrew Vezina

    Andrew Vezina

    Vice President and Chief Information Security Officer - Equitable Bank

    Collapse This Item

  • Expert Panel Discussion: Risk Balance Sheet 4:00 pm

    The Risk Management “Balance Sheet”

    Managing risk has always been a part of the CISO responsibility set; however, the ways in which it is managed has no clear definition. With new ransomware threats, supply chain attacks, and third-party risk in the mix – perhaps a new way to budget risk is required.  Is there an effective way to have a “risk balance sheet” – a way in which the CISO could communicate risk to the rest of the C-suite in a consistent language they would understand?

    Click to Expand

    Panel Participants:

    Andrew Vezina
    Andrew Vezina

    Andrew Vezina

    Vice President and Chief Information Security Officer - Equitable Bank

    Andrew “Drew” Daniels
    Andrew “Drew” Daniels

    Andrew “Drew” Daniels

    CIO/CISO

    Sailaja Kotra-Turner
    Sailaja Kotra-Turner

    Sailaja Kotra-Turner

    Global Information Security Leader, CISO - Brown-Forman

    Cecil Pineda
    Cecil Pineda

    Cecil Pineda

    Cybersecurity and Data Privacy - Critical Start

    Craig Broussard
    Craig Broussard

    Craig Broussard

    Director of Global Infrastructure - NCH Corporation

    Collapse This Item

  • Day One Closing Session
  • Day Two
  • Welcome / Introductions
  • Office, Home or Hybrid - Manage and Secure Endpoints Anywhere, Anytime 9:25 am

    Presented by baramundi

    Cyberattacks have quadrupled since the beginning of the pandemic. Lots of endpoints are currently on their own when it comes to being managed and protected. What will happen when these machines come back to the office, or are they coming back at all? This presentation will address the different scenarios that companies may encounter and how to resolve them by automating their endpoint management.

    Click to Expand

    Panel Participants:

    Alex Peters
    Alex Peters

    Alex Peters

    Endpoint Security Executive

    Collapse This Item

  • A Modern Approach to Information Protection 9:45 am

    Presented by Proofpoint

    Data Loss Prevention (DLP) solutions alone can no longer address today’s data privacy requirements. Customer PII data is the most often lost or stolen data, and more than half of these breaches involve malicious attacks. Challenges like increasing threat activity, difficulty protecting a remote workforce, and accelerating migration of data to cloud platforms make it harder to secure data and comply with privacy regulations – especially when analysts need multiple tools to investigate data leakages. So how can you better protect your company in 2021? 

    Join us as we discuss how you can reimagine data privacy with a modern approach to information protection. In this session, we will cover: 

    • Modern data security challenges 
    • The convergence of data and threat protection to secure data from internal and external threats 
    • How people-centric investigations lead to more rapid investigative outcomes
    Click to Expand

    Panel Participants:

    Mike Stacy
    Mike Stacy

    Mike Stacy

    Global Cloud and Information Protection Director

    Collapse This Item

  • Morning Coffee Break
  • How to Put Leverage Into the Cybersecurity Process 10:20 am

    Presented by SEI

    SEI IT Services will deconstruct the elements of the cybersecurity process. As the pace of technology and cyber threats increases, businesses are always trying to figure out ways to keep up without constantly increasing employee count and costs. Naturally, as a business grows so does security risks but does your IT budget increase as well? In today’s presentation, you will learn about a few concepts in a cybersecurity model that will help you provide leverage for better security.

    Join Justin Estadt and Peter Misurek as they deconstruct the elements of a mature cybersecurity model.

    • Three Phases of Security
    • The Pyramid of Pain
    • The Ultimate Outcome
    Click to Expand

    Panel Participants:

    Justin Estadt
    Justin Estadt

    Justin Estadt

    Head of Product, IT Services

    Peter Misuerk
    Peter Misuerk

    Peter Misuerk

    Solutions Director

    Collapse This Item

  • Top tips for minimizing email security threats 10:45 am

    Presented by Cisco

    Email continues to be the most effective way to gain a foothold in a business network and is often where successful compromises or breaches start. It’s the primary vector for malware infection because it effortlessly puts malicious payloads in front of the user, putting them one click away from exploitation. In this session, email security expert, Rob Marchi, shares how to overcome these challenges and how you can proactively address these ongoing issues with top tips for minimizing email security threats.

    Click to Expand

    Panel Participants:

    Rob Marchi
    Rob Marchi

    Rob Marchi

    Sr Product Manager

    Collapse This Item

  • Expert Panel Discussion: Defense in Depth 11:05 am

    New Strategies for 2021

    Layering Defense in Depth (DiD) with intentional redundancies increases the security of a system as a whole and addresses many different attack vectors. From individual laptops, to VPN to the WAN, the old paradigm of “castles and moats” is soooo 1999. How are organizations defending against inventive hackers penetrating their systems in 2020?  

    Click to Expand

    Panel Participants:

    Justin Estadt
    Justin Estadt

    Justin Estadt

    Head of Product, IT Services

    Niles Pyelshak
    Niles Pyelshak

    Niles Pyelshak

    Technical Engineer

    Carlo Beronio
    Carlo Beronio

    Carlo Beronio

    Director Systems Engineering West/Central

    Frank McClain
    Frank McClain

    Frank McClain

    Senior Threat Analyst

    Collapse This Item

  • Lunch Break
  • CISO Panel 12:15 pm

    Panel Participants:

    Roman Medina, Jr.
    Roman Medina, Jr.

    Roman Medina, Jr.

    CISO - Jefferson Bank – San Antonio, Texas

    Luis Ossorio
    Luis Ossorio

    Luis Ossorio

    Director IT - FROSCH

    Ray Jay Yepes
    Ray Jay Yepes

    Ray Jay Yepes

    Texas Department of Family and Protective Services

    Marc Crudgington
    Marc Crudgington

    Marc Crudgington

    CISO; SVP Information Security - Woodforest National Bank

    Mark Adams
    Mark Adams

    Mark Adams

    Senior Manager, IT Security and Compliance, and vCISO - Superior Energy

    John Frushour
    John Frushour

    John Frushour

    Deputy Chief Information Security Officer (D-CISO) - New York-Presbyterian Hospital

    Mike Davis
    Mike Davis

    Mike Davis

    CISO - ExactlyIT, Inc.

    Collapse This Item

  • Faking It: Stopping Impersonation Attacks With Cyber AI 1:10 pm

    Presented by Darktrace

    Today, 94% of cyber-threats still originate in the inbox. ‘Impersonation attacks’ are on the rise, as artificial intelligence is increasingly being used to automatically generate spear-phishing emails, or ‘digital fakes’, that expertly mimic the writing style of trusted contacts and colleagues. 

    Humans can no longer distinguish real from fake on their own – businesses are increasingly turning to AI to distinguish friend from foe and fight back with autonomous response. 

    In an era when thousands of documents can be encrypted in minutes, ‘immune system’ technology takes action in seconds – stopping cyber-threats before damage is done. 

    Find out how in this session.

    Click to Expand

    Panel Participants:

    Marianna Pereira
    Marianna Pereira

    Marianna Pereira

    Director of Email Security Products

    Collapse This Item

  • Earn More Trust Through Vulnerability Management Best Practices 1:30 pm

    Presented by Synack

    COVID has brought on a set of security challenges that has security teams pivoting and spinning up new applications to meet the unique demands of quarantine and remote work. When external and even internal environments demand that you move quickly, how do you measure and communicate changes? And how do you build trust with customers, staff and the board, ensuring data and other investments are protected? Join Synack’s VP of Operations, Nick Harrahill, for a discussion on how to meet these unique demands.

    You’ll learn: 

    • Best practices security leaders can pursue to harden vulnerability programs
    • How leveraging a continuous crowdsourced testing model can help measure and communicate security posture
    • How to maximize trust with customers and throughout organizations
    Click to Expand

    Panel Participants:

    Nick Harrahill
    Nick Harrahill

    Nick Harrahill

    VP of Operations

    Collapse This Item

  • Afternoon Coffee Break
  • Introduction to Risk-Based Vulnerability Management 2:05 pm

    Presented by Kenna Security

    Organizations have millions of vulnerabilities. And our research has shown that those same organizations, large or small, on average, can only fix one in 10 of those vulnerabilities. 

    But as a security executive you still need to keep your organization secure, so how do you do that when you can’t possibly fix all of your vulnerabilities? The answer is to focus on your highest-risk vulnerabilities first. 

    Join Kenna Security’s CTO and Co-Founder Ed Bellis as he: 

    • Reviews what years of research into vulnerability management data uncovered about the scope of the challenge 
    • Details the findings on how risk-based is the way to get ahead in vulnerability management 
    • Lays out several factors that drive better remediation performance 
    • Provides steps for setting up a successful risk-based vulnerability management program
    Click to Expand

    Panel Participants:

    Ed Bellis
    Ed Bellis

    Ed Bellis

    CTO and Co-Founder

    Collapse This Item

  • Cyberwarfare 2021: Next Level $#@! You Need to Know for Today's Cyber Battleground 2:25 pm

    Presented by Checkpoint Software

    Nation States, Non-Nation State Actors, Hacktivists, enterprise cyber criminals, shadow government agencies, terrorist organizations, loosely affiliated groups are using this next level $#@! as we speak to conduct cyber warfare: irregular warfare and proxy attacks, disinformation and disruption campaigns, “truth decay” (‎RAND Corp);to manipulate and influence public opinion, foment criminal violence; infiltrate organizations to conduct fraud, scam, and harass; highjack legitimate real human accounts for impersonation; and to distribute malware. These are very interesting times we are living in and this is the new cyber battleground.

    Click to Expand

    Panel Participants:

    Micki Boland
    Micki Boland

    Micki Boland

    Cybersecurity Evangelist Check Point Software Technologies Office of the CTO

    Collapse This Item

  • Expert Panel Discussion: AI & ML in Cybersecurity 2:50 pm

    Can We ‘Science the Heck’ Out of Trouble?

    We get it, Artificial Intelligence (AI) with particular focus on Machine Learning (ML) is one way to overcome advanced threats with particular attention to scale. That said, those terms are thrown at our executives to delight, amaze and confuse them. How do we really discern between them as tools in our kit versus ‘Weapons of Mass Distraction’?

    Click to Expand

    Panel Participants:

    Kim Berry
    Kim Berry

    Kim Berry

    Principal Threat Intelligence Researcher - Auth0

    Tad Dickie
    Tad Dickie

    Tad Dickie

    CSO & VP - Colonial Savings Bank

    John Frushour
    John Frushour

    John Frushour

    Deputy Chief Information Security Officer (D-CISO) - New York-Presbyterian Hospital

    Collapse This Item

  • Afternoon Break
  • Is Your Active Directory Environment Secure from Cyberattacks? 3:35 pm

    Presented by Semperis

    Active Directory is the heart of many organizations’ information systems: It’s used for identity management by 90 percent of businesses. But this 20-year-old technology is increasingly under attack by cyber-criminals who use AD to gain access to your network–and your data. Recent incidents like the Hafnium attack on Microsoft Exchange have highlighted the urgent need for the ability to properly restore an Active Directory forest (without re-introducing malware) and to constantly monitor for well-known vulnerabilities.

    What you’ll learn:

    • Essentials of restoring an AD forest after a cyber-attack
    • How cybercriminals can compromise your environment with well-known vulnerabilities such as zerologon and weak service account passwords (used for kerberoasting)
    • How to scan your AD environment for indicators of exposure (IOEs) and indicators of compromise (IOCs).
    Click to Expand

    Panel Participants:

    Sean Deuby
    Sean Deuby

    Sean Deuby

    Director of Services

    Collapse This Item

  • Keynote: CISA Briefing: Texas Cyber Update - Awareness, Prevention & Response 4:00 pm

    CISA Briefing: Texas Cyber Update - Awareness, Prevention & Response

    Interactive Chat – CISA Briefing: This exclusive briefing for the Data Connectors audience will focus on the latest updates from the Department of Homeland Security (DHS) Cyber Infrastructure Security Agency (CISA) Advisor for Region 6, which includes all of Texas.  The SolarWinds Orion Code Compromise, which was the subject of Emergency Directive (ED) 21-01 earlier this year, and the “Hafnium” (Microsoft Exchange On-Premises Product Vulnerabilities) of ED 21-02 have brought state-sponsored attacks to the forefront for Cybersecurity Executives across Texas.

    In this interactive discussion, CSA Reeves will go over specific points and actions, and welcome questions on: Texas-based threats, recent attacks, awareness/training, prevention and enforcement actions from agencies like CISA and the FBI.

    Bring questions, and take notes!

    Click to Expand

    Panel Participants:

    George Reeves
    George Reeves

    George Reeves

    Cybersecurity Advisor, DHS-CISA

    Collapse This Item

  • Summit Final Closing Session