Event Schedule

Times for this Event are in Eastern Standard Time (EST)

• Welcome
• Out of the Shadows: ​ Real-time Asset Visibility and Security for Every Connected Device 9:05 am

  Presented by Ordr

  For many years now, enterprises have seen an explosive rise in connected devices, from traditional IT devices like servers, workstations and PCs to new and more vulnerable IoT, IoMT, and OT like building systems, medical equipment and manufacturing machines.  This myriad of devices from different manufacturers, operating systems and protocols expand the attack surface. IoT, IoMT, and OT bring their own challenges as they are typically not designed with security in mind. The bad news? Security teams are still responsible for all of them. It’s time for a modern approach. In this session, Ordr’s Chief Strategy Officer Danelle Au outlines why connected device security should be on your security initiatives in 2021, and presents a framework that starts with real-time asset inventory and ends with scalable security. Learn best practices and implementation considerations for device discovery, profiling and segmentation as you start your connected device security journey.

  Click to Expand

  Speaker:

  Danelle Au

  Danelle Au

  Chief Strategy Officer

  Collapse This Item

• Do’s and Don’ts for Business Email Compromise (BEC) and Email Account Compromise (EAC) 9:30 am

  Presented by Proofpoint

  Email fraud leads to two main threats- one is Business Email Compromise (BEC) where attackers pretend to be you; the other one is Email Account Compromise (EAC) where attackers actually become you. BEC/EAC scams have cost the victimized businesses over $26 billion since 2016. What they have in common is that they both target people. They both rely on social engineering and are designed to solicit fraudulent wire transfers or payment. Unlike malware attacks, BEC and EAC don’t typically include detectable malicious payload. These types of threats can be hard to recognize because to the target these business requests sent by the impostors seem very routine and reasonable.

  Join this session and learn about:

  • What is BEC and EAC? And how do they work?
  • What are the common attack tactics regarding this new form of email threats?
  • Best practices to defend against BEC and EAC

  Click to Expand

  Speaker:

  Ash Valeski

  Ash Valeski

  Email Security Product Evangelist

  Collapse This Item

• Morning Coffee Break
• Threat Hunting and the Rise of Targeted eCrime Intrusions 10:10 am

  Presented by Crowdstrike

  “Threat hunting” is a term getting thrown around a lot in the security industry, but there is still a lot of confusion about what it actually means. Does it mean responding to alerts? Is it another SOC? Is threat hunting the same thing as incident response? How would an organization start doing threat hunting?

  In this session, we will dive into what threat hunting means and how you can use it to actively find intrusions. We will discuss how to use it effectively and then look at techniques being used in actual intrusions.

  You will see intrusions that were executed by nation-states and eCrime groups. We will cover the exact command lines they executed, what the attacks accomplish, and how the bad guys attempted to avoid discovery.

  As we discuss each intrusion, we will discuss some threat hunting techniques that can be used to discover the attacks used. You can then use this information to start doing your own threat hunting.

  Attendees will learn:
  • What threat hunting is, it’s benefits and how it’s different than other activities
  • Targeted intrusion techniques recently observed in the wild
  • How to use threat hunting to discover threat actors before they accomplish their objectives

  Click to Expand

  Speaker:

  Jason Wood

  Jason Wood

  Senior Researcher, Tactical Intelligence

  Collapse This Item

• Moving Beyond Password to Delight & Secure Users 10:30 am

  Presented by Okta

  Passwords have been a constant throughout the internet era. As we’ve moved from desktops to smartphones, from on-premises infrastructure to cloud services, we’ve all relied on passwords to access and safeguard our data and resources across the applications we use on a daily basis.

  But in this new digital age where data breaches are rampant, passwords are no longer good enough. Not only are they insecure, they are expensive and offer a poor user experience. Fortunately, there’s a better way to protect your applications and stop account takeover incidents.

  In this session, we’ll discuss the benefits of passwordless authentication and explain how eliminating the password can help improve user experience, admin visibility and control, and scalability. We’ll also walk through key considerations and first steps as you embark on your passwordless journey.

  Click to Expand

  Speaker:

  Michael Patterson

  Michael Patterson

  Solutions Engineer

  Collapse This Item

• Morning Break
• 2021 Trends - Expert Panel Discussion 11:05 am

  2021 Trends & Directions

  What will define cybersecurity in 2021?  What carries over from 2020?

  Risk comes from all angles in 2020 users, vendors, partners, systems.  In this panel, we will discuss some of the many facets encountered by security leaders in organizations of all sizes, with particular focus to the threat landscape seen across the continent.

  Obviously, COVID and the associated rush to work-from-home played a big part. Beyond that, what are the key cybersecurity trends we need to watch out for in 2021?

  Click to Expand

  Panel Participants:

  Daniel Petrillo

  Daniel Petrillo

  Director of Security Strategy

  Tom Atkins

  Tom Atkins

  Area VP

  E.J. Hilbert

  E.J. Hilbert

  Former FBI Cyber Agent, CISO & Founder of KCECyber

  Collapse This Item

• Cyber Resilience: Rethinking Your Data Protection Strategy in the Age of Ransomware 11:45 am

  Presented by Zerto

  Ransomware threats increased by 300% last year, and the industry is expecting it to get worse. Ransomware victims’ greatest pains are downtime and data loss. Current DR and Backup solutions aren’t equipped to help you manage it at the speed of business. Join us for this discussion on how to transform your data protection approach to ensure you can protect your data and resume operations almost instantly when facing a ransomware attack. See you there!

  Click to Expand

  Speaker:

  Andy Fernandez

  Andy Fernandez

  Senior Technology Evangelist

  Collapse This Item

• The Last Line of Defense: The Importance of Having a Robust and Comprehensive Data Protection Strategy 12:05 pm

  Presented by Pure Storage

  Data protection is experiencing a resurgence. Historically it’s been seen as an innovation backwater and as “insurance”, but with the growth of Ransomware and cybercrime, and increasing risk, organizations are having to modernize their data protection architectures and strategies to ensure that data can be recovered quickly to ensure that an Organization can survive an attack. Join this session to learn about the latest innovations in the data protection space and how they can be deployed to provide a comprehensive last line of defense.

  Click to Expand

  Speaker:

  David Huskisson

  David Huskisson

  Rapid Restore Solutions Lead

  Collapse This Item

• Lunch Break
• Keynote | DHS Briefing: SolarWinds Threat Response & 2021 Cyber Landscape 12:50 pm

  CISA Regional Cybersecurity Advisor & State Cybersecurity Coordinator, State of Indiana

  DHS-CISA Cybersecurity Advisor, and newly appointed State of Indiana Cybersecurity Officer JD Henry will reveal the latest intelligence regarding the SolarWinds supply chain compromise. Emergency Directive 21-01, which covers the APT compromise of government agencies, critical infrastructure and private sector organizations has rocked the cybersecurity landscape in 2021. 

  Mr. Henry will share the latest (TLP: White) intelligence he can on who the attackers are, how they got in, and what organizations in the Indiana and Michigan regions can and should be doing to address it.  He’ll dig into the poor patching practices that have led to new zero day attacks, trends CISA has seen in recent IoT attacks, and what tools are available right now that can help IT Security leaders in the region. 

  Don’t miss this important update from the Cybersecurity Infrastructure Security Agency (CISA), which will correlate the SolarWinds hack in the context of the major progressions seen in large-scale malware attacks.

  Click to Expand

  Speaker:

  JD Henry

  JD Henry

  CISA Regional Cybersecurity Advisor and CISA State Cybersecurity Coordinator, State of Indiana

  Collapse This Item

• Building Cyber Resilience: Finding Factors Not Fault 1:40 pm

  Presented by eSentire

  Given an outcome, we often exaggerate our ability to predict and therefore avoid the same fate. In cybersecurity, this misconception can lead to a false sense of corporate security, or worse, bury the true causes of incidents and lead to repeated data breaches or business disrupting cyber incidents. In this session, we will explore real-world incidents and threats to assemble an actionable cyber resilience framework that adapts to distributed assets, remote workers, and virtual workloads.

  Click to Expand

  Speaker:

  Mark Sangster

  Mark Sangster

  Cybersecurity Expert & Author “No Safe Harbor”

  Collapse This Item

• Practical Cyber Fusion – Operationalizing Threat Intelligence 2:05 pm

  Presented by Anomali

  “Cyber Fusion Centers” have moved from radical concept to marketing hype in just a few years. However, the concept is still important. Don’t let the hype stop you from grasping the true value a cyber fusion center can provide.

  The cyber fusion center can be a worthwhile pursuit if the outcome is the ability to use threat intelligence to drive coordinated decisions across your security organization and functions to improve the overall security posture.

  Anomali Chief Product Officer, Mark Alba, reviews the basic principles of cyber threat intelligence (CTI) maturity levels and explores how a virtual cyber fusion center can be leveraged to support the effective operationalization of CTI.

  Click to Expand

  Speaker:

  Mark Alba

  Mark Alba

  Chief Product Officer

  Collapse This Item

• Afternoon Coffee Break
• SolarWinds Hack - Expert Panel Discussion 2:30 pm

  SolarWinds Hack: What we Learned About Backdoor Supply Chain Attacks

  On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds Orion platform, which is used by organizations to monitor and manage IT infrastructure. FireEye has given the campaign an identifier of UNC2452 and is further naming the trojanized version of the SolarWinds Orion component SUNBURST (Microsoft has used the “Solorigate” identifier for the malware and added detection rules to its Defender antivirus). SolarWinds has issued a separate advisory for the incident.

  What have we learned from there?  Our expert panelists will discuss separate facets of the breach, what it means for supply chain security, third party risk management, and cybersecurity in general.

  Click to Expand

  Panel Participants:

  Jeff Horne

  Jeff Horne

  CSO

  Mark Sangster

  Mark Sangster

  Cybersecurity Expert & Author “No Safe Harbor”

  JD Henry

  JD Henry

  CISA Regional Cybersecurity Advisor and CISA State Cybersecurity Coordinator, State of Indiana

  Collapse This Item

• Intro to MITRE ATT&CK for Assessing and Mitigating Risk 3:05 pm

  Presented by Morphisec

  The MITRE ATT&CK framework has been growing dramatically in both popularity and scope in recent years. Their adversary emulation planning, evaluations, and matrices can offer great value to businesses as they assess their risk and plan their defense strategies. However, it is often difficult for organizations to know where to begin, especially when every business has unique constraints, assets, and threats to manage. This talk offers pragmatic guidance on how any organization can begin using MITRE ATT&CK for a personalized assessment and mitigation.

  Click to Expand

  Speaker:

  Daniel Petrillo

  Daniel Petrillo

  Director of Security Strategy

  Collapse This Item

• Afternoon Break
• Office, Home or Hybrid - manage and secure endpoints anywhere, anytime 3:25 pm

  Presented by baramundi

  Cyberattacks have quadrupled since the beginning of the pandemic. Lots of endpoints are currently on their own when it comes to being managed and protected. What will happen when these machines come back to the office, or are they coming back at all? This presentation will address the different scenarios that companies may encounter and how to resolve them by automating their endpoint management.

  Click to Expand

  Panel Participants:

  Alex Peters

  Alex Peters

  Endpoint Security Executive

  Collapse This Item

• Disrupting Lateral Movement by Securing Active Directory 3:55 pm

  Presented by Attivo Networks

  Organizations continue to build their security stacks, yet advanced threats and insiders continue to breach networks and extract valuable data. A common tactic among most of these Ransomware and Advanced Threat Actors today involves leveraging Active Directory.  AD contains all of the information that an attacker needs to successfully move laterally and accomplish their mission. 

   In this session, Tom Atkins will explore a new method for securing Active Directory that can (for the first time) actually prevent an attacker from progressing laterally through your enterprise network.  Some key highlights include:

  • How Threat Actors use AD to accomplish their goals
  • Why Monitoring Active Directory is not enough
  • What simple tools you can deploy to dramatically improve your security posture by better securing AD

  Click to Expand

  Speaker:

  Tom Atkins

  Tom Atkins

  Area VP

  Collapse This Item

• CISO Panel 4:15 pm

  Panel Participants:

  Mitchell Parker

  Mitchell Parker

  CISO - Indiana University Health

  Jeffrey Ingalsbe

  Jeffrey Ingalsbe

  Chief Information (Security) Officer - Flexible Plan Investments, Ltd.

  Doug Copley

  Doug Copley

  Founder & CEO - Data Protection Partners

  Rajiv Das

  Rajiv Das

  Principal - Plante Moran

  Zahira (Zah) Rodriguez Gonzalvo

  Zahira (Zah) Rodriguez Gonzalvo

  SVP and Chief Information Security and Privacy Officer - Flagstar Bank

  Dan Mathis

  Dan Mathis

  Director, Compliance Center of Excellence - Indiana Office of Technology

  Arun DeSouza

  Arun DeSouza

  CISO & CPO - Nexteer Automotive Corporation

  Collapse This Item

• Summit Closing Session