Event Schedule

Times for this Event are in Eastern Standard Time (EST)

  • Welcome
  • Out of the Shadows: ​ Real-time Asset Visibility and Security for Every Connected Device 9:05 am

    Presented by Ordr

    For many years now, enterprises have seen an explosive rise in connected devices, from traditional IT devices like servers, workstations and PCs to new and more vulnerable IoT, IoMT, and OT like building systems, medical equipment and manufacturing machines.  This myriad of devices from different manufacturers, operating systems and protocols expand the attack surface. IoT, IoMT, and OT bring their own challenges as they are typically not designed with security in mind. The bad news? Security teams are still responsible for all of them. It’s time for a modern approach. In this session, Ordr’s Chief Strategy Officer Danelle Au outlines why connected device security should be on your security initiatives in 2021, and presents a framework that starts with real-time asset inventory and ends with scalable security. Learn best practices and implementation considerations for device discovery, profiling and segmentation as you start your connected device security journey.

    Click to Expand

    Speaker:

    Danelle Au
    Danelle Au

    Danelle Au

    Chief Strategy Officer

    Collapse This Item

  • Do’s and Don’ts for Business Email Compromise (BEC) and Email Account Compromise (EAC) 9:30 am

    Presented by Proofpoint

    Email fraud leads to two main threats- one is Business Email Compromise (BEC) where attackers pretend to be you; the other one is Email Account Compromise (EAC) where attackers actually become you. BEC/EAC scams have cost the victimized businesses over $26 billion since 2016. What they have in common is that they both target people. They both rely on social engineering and are designed to solicit fraudulent wire transfers or payment. Unlike malware attacks, BEC and EAC don’t typically include detectable malicious payload. These types of threats can be hard to recognize because to the target these business requests sent by the impostors seem very routine and reasonable.

    Join this session and learn about:

    • What is BEC and EAC? And how do they work?
    • What are the common attack tactics regarding this new form of email threats?
    • Best practices to defend against BEC and EAC
    Click to Expand

    Speaker:

    Ash Valeski
    Ash Valeski

    Ash Valeski

    Email Security Product Evangelist

    Collapse This Item

  • Morning Coffee Break
  • Threat Hunting and the Rise of Targeted eCrime Intrusions 10:10 am

    Presented by Crowdstrike

    “Threat hunting” is a term getting thrown around a lot in the security industry, but there is still a lot of confusion about what it actually means. Does it mean responding to alerts? Is it another SOC? Is threat hunting the same thing as incident response? How would an organization start doing threat hunting?

    In this session, we will dive into what threat hunting means and how you can use it to actively find intrusions. We will discuss how to use it effectively and then look at techniques being used in actual intrusions.

    You will see intrusions that were executed by nation-states and eCrime groups. We will cover the exact command lines they executed, what the attacks accomplish, and how the bad guys attempted to avoid discovery.

    As we discuss each intrusion, we will discuss some threat hunting techniques that can be used to discover the attacks used. You can then use this information to start doing your own threat hunting.

    Attendees will learn:
    • What threat hunting is, it’s benefits and how it’s different than other activities
    • Targeted intrusion techniques recently observed in the wild
    • How to use threat hunting to discover threat actors before they accomplish their objectives

    Click to Expand

    Speaker:

    Jason Wood
    Jason Wood

    Jason Wood

    Senior Researcher, Tactical Intelligence

    Collapse This Item

  • Moving Beyond Password to Delight & Secure Users 10:30 am

    Presented by Okta

    Passwords have been a constant throughout the internet era. As we’ve moved from desktops to smartphones, from on-premises infrastructure to cloud services, we’ve all relied on passwords to access and safeguard our data and resources across the applications we use on a daily basis.

    But in this new digital age where data breaches are rampant, passwords are no longer good enough. Not only are they insecure, they are expensive and offer a poor user experience. Fortunately, there’s a better way to protect your applications and stop account takeover incidents.

    In this session, we’ll discuss the benefits of passwordless authentication and explain how eliminating the password can help improve user experience, admin visibility and control, and scalability. We’ll also walk through key considerations and first steps as you embark on your passwordless journey.

    Click to Expand

    Speaker:

    Michael Patterson
    Michael Patterson

    Michael Patterson

    Solutions Engineer

    Collapse This Item

  • Morning Break
  • 2021 Trends - Expert Panel Discussion 11:05 am

    2021 Trends & Directions

    What will define cybersecurity in 2021?  What carries over from 2020?

    Risk comes from all angles in 2020 users, vendors, partners, systems.  In this panel, we will discuss some of the many facets encountered by security leaders in organizations of all sizes, with particular focus to the threat landscape seen across the continent.

    Obviously, COVID and the associated rush to work-from-home played a big part. Beyond that, what are the key cybersecurity trends we need to watch out for in 2021?

    Click to Expand

    Panel Participants:

    Daniel Petrillo
    Daniel Petrillo

    Daniel Petrillo

    Director of Security Strategy

    Tom Atkins
    Tom Atkins

    Tom Atkins

    Area VP

    E.J. Hilbert
    E.J. Hilbert

    E.J. Hilbert

    Former FBI Cyber Agent, CISO & Founder of KCECyber

    Collapse This Item

  • Cyber Resilience: Rethinking Your Data Protection Strategy in the Age of Ransomware 11:45 am

    Presented by Zerto

    Ransomware threats increased by 300% last year, and the industry is expecting it to get worse. Ransomware victims’ greatest pains are downtime and data loss. Current DR and Backup solutions aren’t equipped to help you manage it at the speed of business. Join us for this discussion on how to transform your data protection approach to ensure you can protect your data and resume operations almost instantly when facing a ransomware attack. See you there!

    Click to Expand

    Speaker:

    Andy Fernandez
    Andy Fernandez

    Andy Fernandez

    Senior Technology Evangelist

    Collapse This Item

  • The Last Line of Defense: The Importance of Having a Robust and Comprehensive Data Protection Strategy 12:05 pm

    Presented by Pure Storage

    Data protection is experiencing a resurgence. Historically it’s been seen as an innovation backwater and as “insurance”, but with the growth of Ransomware and cybercrime, and increasing risk, organizations are having to modernize their data protection architectures and strategies to ensure that data can be recovered quickly to ensure that an Organization can survive an attack. Join this session to learn about the latest innovations in the data protection space and how they can be deployed to provide a comprehensive last line of defense.

    Click to Expand

    Speaker:

    David Huskisson
    David Huskisson

    David Huskisson

    Rapid Restore Solutions Lead

    Collapse This Item

  • Lunch Break
  • Keynote | DHS Briefing: SolarWinds Threat Response & 2021 Cyber Landscape 12:50 pm

    CISA Regional Cybersecurity Advisor & State Cybersecurity Coordinator, State of Indiana

    DHS-CISA Cybersecurity Advisor, and newly appointed State of Indiana Cybersecurity Officer JD Henry will reveal the latest intelligence regarding the SolarWinds supply chain compromise. Emergency Directive 21-01, which covers the APT compromise of government agencies, critical infrastructure and private sector organizations has rocked the cybersecurity landscape in 2021. 

    Mr. Henry will share the latest (TLP: White) intelligence he can on who the attackers are, how they got in, and what organizations in the Indiana and Michigan regions can and should be doing to address it.  He’ll dig into the poor patching practices that have led to new zero day attacks, trends CISA has seen in recent IoT attacks, and what tools are available right now that can help IT Security leaders in the region. 

    Don’t miss this important update from the Cybersecurity Infrastructure Security Agency (CISA), which will correlate the SolarWinds hack in the context of the major progressions seen in large-scale malware attacks.

    Click to Expand

    Speaker:

    JD Henry
    JD Henry

    JD Henry

    CISA Regional Cybersecurity Advisor and CISA State Cybersecurity Coordinator, State of Indiana

    Collapse This Item

  • Building Cyber Resilience: Finding Factors Not Fault 1:40 pm

    Presented by eSentire

    Given an outcome, we often exaggerate our ability to predict and therefore avoid the same fate. In cybersecurity, this misconception can lead to a false sense of corporate security, or worse, bury the true causes of incidents and lead to repeated data breaches or business disrupting cyber incidents. In this session, we will explore real-world incidents and threats to assemble an actionable cyber resilience framework that adapts to distributed assets, remote workers, and virtual workloads.

    Click to Expand

    Speaker:

    Mark Sangster
    Mark Sangster

    Mark Sangster

    Cybersecurity Expert & Author “No Safe Harbor”

    Collapse This Item

  • Practical Cyber Fusion – Operationalizing Threat Intelligence 2:05 pm

    Presented by Anomali

    “Cyber Fusion Centers” have moved from radical concept to marketing hype in just a few years. However, the concept is still important. Don’t let the hype stop you from grasping the true value a cyber fusion center can provide.

    The cyber fusion center can be a worthwhile pursuit if the outcome is the ability to use threat intelligence to drive coordinated decisions across your security organization and functions to improve the overall security posture.

    Anomali Chief Product Officer, Mark Alba, reviews the basic principles of cyber threat intelligence (CTI) maturity levels and explores how a virtual cyber fusion center can be leveraged to support the effective operationalization of CTI.

    Click to Expand

    Speaker:

    Mark Alba
    Mark Alba

    Mark Alba

    Chief Product Officer

    Collapse This Item

  • Afternoon Coffee Break
  • SolarWinds Hack - Expert Panel Discussion 2:30 pm

    SolarWinds Hack: What we Learned About Backdoor Supply Chain Attacks

    On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds Orion platform, which is used by organizations to monitor and manage IT infrastructure. FireEye has given the campaign an identifier of UNC2452 and is further naming the trojanized version of the SolarWinds Orion component SUNBURST (Microsoft has used the “Solorigate” identifier for the malware and added detection rules to its Defender antivirus). SolarWinds has issued a separate advisory for the incident.

    What have we learned from there?  Our expert panelists will discuss separate facets of the breach, what it means for supply chain security, third party risk management, and cybersecurity in general.

    Click to Expand

    Panel Participants:

    Jeff Horne
    Jeff Horne

    Jeff Horne

    CSO

    Mark Sangster
    Mark Sangster

    Mark Sangster

    Cybersecurity Expert & Author “No Safe Harbor”

    JD Henry
    JD Henry

    JD Henry

    CISA Regional Cybersecurity Advisor and CISA State Cybersecurity Coordinator, State of Indiana

    Collapse This Item

  • Intro to MITRE ATT&CK for Assessing and Mitigating Risk 3:05 pm

    Presented by Morphisec

    The MITRE ATT&CK framework has been growing dramatically in both popularity and scope in recent years. Their adversary emulation planning, evaluations, and matrices can offer great value to businesses as they assess their risk and plan their defense strategies. However, it is often difficult for organizations to know where to begin, especially when every business has unique constraints, assets, and threats to manage. This talk offers pragmatic guidance on how any organization can begin using MITRE ATT&CK for a personalized assessment and mitigation.

    Click to Expand

    Speaker:

    Daniel Petrillo
    Daniel Petrillo

    Daniel Petrillo

    Director of Security Strategy

    Collapse This Item

  • Afternoon Break
  • Office, Home or Hybrid - manage and secure endpoints anywhere, anytime 3:25 pm

    Presented by baramundi

    Cyberattacks have quadrupled since the beginning of the pandemic. Lots of endpoints are currently on their own when it comes to being managed and protected. What will happen when these machines come back to the office, or are they coming back at all? This presentation will address the different scenarios that companies may encounter and how to resolve them by automating their endpoint management.

    Click to Expand

    Panel Participants:

    Alex Peters
    Alex Peters

    Alex Peters

    Endpoint Security Executive

    Collapse This Item

  • Disrupting Lateral Movement by Securing Active Directory 3:55 pm

    Presented by Attivo Networks

    Organizations continue to build their security stacks, yet advanced threats and insiders continue to breach networks and extract valuable data. A common tactic among most of these Ransomware and Advanced Threat Actors today involves leveraging Active Directory.  AD contains all of the information that an attacker needs to successfully move laterally and accomplish their mission. 

     In this session, Tom Atkins will explore a new method for securing Active Directory that can (for the first time) actually prevent an attacker from progressing laterally through your enterprise network.  Some key highlights include:

    • How Threat Actors use AD to accomplish their goals
    • Why Monitoring Active Directory is not enough
    • What simple tools you can deploy to dramatically improve your security posture by better securing AD
    Click to Expand

    Speaker:

    Tom Atkins
    Tom Atkins

    Tom Atkins

    Area VP

    Collapse This Item

  • CISO Panel 4:15 pm

    Panel Participants:

    Mitchell Parker
    Mitchell Parker

    Mitchell Parker

    CISO - Indiana University Health

    Jeffrey Ingalsbe
    Jeffrey Ingalsbe

    Jeffrey Ingalsbe

    Chief Information (Security) Officer - Flexible Plan Investments, Ltd.

    Doug Copley
    Doug Copley

    Doug Copley

    Founder & CEO - Data Protection Partners

    Rajiv Das
    Rajiv Das

    Rajiv Das

    Principal - Plante Moran

    Zahira (Zah) Rodriguez Gonzalvo
    Zahira (Zah) Rodriguez Gonzalvo

    Zahira (Zah) Rodriguez Gonzalvo

    SVP and Chief Information Security and Privacy Officer - Flagstar Bank

    Dan Mathis

    Dan Mathis

    Director, Compliance Center of Excellence - Indiana Office of Technology

    Arun DeSouza
    Arun DeSouza

    Arun DeSouza

    CISO & CPO - Nexteer Automotive Corporation

    Collapse This Item

  • Summit Closing Session