Event Schedule

Times for this Event are in Pacific Standard Time (PST)

The Summit will be open from 8AM to 6PM.

  • Welcome
  • Using Security Testing to know What’s Working 10:05 am

    Presented by Cymulate

    The security team needs to stop being invisible. When we’re not on the forefront on business mind-share, security becomes a cost-center that only appears if something goes wrong. Using security testing to show what is going right – quarter by quarter – demonstrates the direct and real impact of the security team on the safety and strength of the business itself. This session will dive into topics regarding how continuous security validation can demonstrate ROI on investment, how to show that those investments have a real impact on the reputation and revenue of the business, and how any new spend can be justified in terms of continued benefit to the bottom line.

    Click to Expand

    Panel Participants:

    Mike DeNapoli
    Mike DeNapoli

    Mike DeNapoli

    Lead of Solution Architecture

    Collapse This Item

  • The Ultimate Vendor Risk Assessment Checklist 10:25 am

    Presented by OneTrust

    Vendor risk assessments are essential to truly understand the security, privacy, and compliance programs of the third parties you work with. As a result, nearly every organization endures an endless back-and-forth with third parties. Lengthy questionnaires, broken processes, time-consuming reviews;these challenges are common, and as such, there are concrete steps your organization can take to save time and reduce assessment-related headaches. 

    In this webinar, we’ll outline the ultimate checklist for better vendor risk assessments, including: 

    • Actionable takeaways to quickly improve your assessment operations
    • Long-term changes you can make to set yourself up for success
    • Real advice and lessons learned from leading assessment experts
    Click to Expand

    Panel Participants:

    Jason Sabourin
    Jason Sabourin

    Jason Sabourin

    Product Manager

    Collapse This Item

  • Risk Management - Expert Panel Discussion 10:45 am

    Risk Management: Analytics, Intelligence & Response

    Managing risk has always been a part of the CISO responsibility set; however, the ways in which it is managed has no clear definition. With new ransomware threats, supply chain attacks, and third-party risk in the mix – perhaps a new way to budget risk is required.  Is there an effective way to have a “risk balance sheet” – a way in which the CISO could communicate risk to the rest of the C-suite in a consistent language they would understand?

    Click to Expand

    Collapse This Item

  • Morning Coffee Break
  • Out of the Shadows: ​ Real-time Asset Visibility and Security for Every Connected Device 11:35 am

    Presented by Ordr

    For many years now, enterprises have seen an explosive rise in connected devices, from traditional IT devices like servers, workstations and PCs to new and more vulnerable IoT, IoMT, and OT like building systems, medical equipment and manufacturing machines.  This myriad of devices from different manufacturers, operating systems and protocols expand the attack surface. IoT, IoMT, and OT bring their own challenges as they are typically not designed with security in mind. The bad news? Security teams are still responsible for all of them. It’s time for a modern approach. In this session, Ordr’s Chief Strategy Officer Danelle Au outlines why connected device security should be on your security initiatives in 2021, and presents a framework that starts with real-time asset inventory and ends with scalable security. Learn best practices and implementation considerations for device discovery, profiling and segmentation as you start your connected device security journey.

    Click to Expand

    Panel Participants:

    Danelle Au
    Danelle Au

    Danelle Au

    Chief Strategy Officer

    Collapse This Item

  • Moving Beyond Password to Delight & Secure Users 11:55 am

    Presented by Okta

    Passwords have been a constant throughout the internet era. As we’ve moved from desktops to smartphones, from on-premises infrastructure to cloud services, we’ve all relied on passwords to access and safeguard our data and resources across the applications we use on a daily basis.

    But in this new digital age where data breaches are rampant, passwords are no longer good enough. Not only are they insecure, they are expensive and offer a poor user experience. Fortunately, there’s a better way to protect your applications and stop account takeover incidents.

    In this session, we’ll discuss the benefits of passwordless authentication and explain how eliminating the password can help improve user experience, admin visibility and control, and scalability. We’ll also walk through key considerations and first steps as you embark on your passwordless journey.

    Click to Expand

    Panel Participants:

    Michael Patterson
    Michael Patterson

    Michael Patterson

    Solutions Engineer

    Collapse This Item

  • Lunch Break
  • Lunch Sponsor / Briefing - Small businesses deserve big protection 12:15 pm

    Presented by Cisco

    Small businesses are facing many of the same cybersecurity challenges as larger businesses. 66% of small businesses experienced a cyberattack in 2019, and 63% experienced a data breach. But securing your business doesn’t have to be complicated. Cybersecurity tools should be easy for a team of any size to deploy, use, and manage — letting you focus on more important things (like running your business!) Join Rohit Sawhney from Cisco to learn more about small business cybersecurity and how cloud-delivered security provides powerful protection against today’s biggest cyberthreats.

    Click to Expand

    Panel Participants:

    Rohit Sawhney
    Rohit Sawhney

    Rohit Sawhney

    Product Leader, Cloud Security

    Collapse This Item

  • Keynote: Cyber Security Briefing – Cyber Fraud Task Force 12:45 pm

    Presented by US Secret Service

    Cyber Security Briefing – Cyber Fraud Task Force – United States Secret Service

    Click to Expand

    Panel Participants:

    Collapse This Item

  • Rethinking your data protection strategy in the age of ransomware. 1:30 pm

    Presented by Zerto

    With the proliferation of data-driven digital business growing at an exponential pace, so is the pace of cyber security threats and attacks, such as ransomware. Cyberattacks can cost a company $1.4 Million on average in recovery when you add in the cost of lost productivity, reputation damage, and service disruption. Are you at risk? Can your backup keep pace with the speed of recovery that’s needed today? Attend this session to find out why traditional backup won’t save you from ransomware attack and how continuous data protection helps you to prepare, respond and recover from an attack.

    Click to Expand

    Panel Participants:

    Andy Fernandez
    Andy Fernandez

    Andy Fernandez

    Senior Technology Evangelist

    Collapse This Item

  • Are You Ready for Intelligent SOC? 1:50 pm

    Presented by Netenrich

    Invoked by experts, Intelligent SOC solves today’s problems (and tomorrow’s issues) better and faster by going beyond the SIEM—and even beyond AI—to combine threat intelligence (TI), attack surface management (ASM), and pay-as-you-grow SOC-as-a-Service. Hear how this expansive approach transforms your security investments and operations into better ROI and safer outcomes—in hours or days versus weeks, months, or years.

    Click to Expand

    Panel Participants:

    Brandon Hoffman
    Brandon Hoffman

    Brandon Hoffman

    Head of Security Strategy & CISO

    Collapse This Item

  • Afternoon Coffee Break
  • IoT - Expert Panel Discussion 2:25 pm

    IoT - Security at the Edge

    The Internet of Things (IoT) poses entirely new challenges. With 35 billion IoT devices expected to be in operation by next year – weak passwords, insecure network services and a lack of secure update mechanisms concern every organization.

    Click to Expand

    Panel Participants:

    Jeff Horne
    Jeff Horne

    Jeff Horne

    CSO

    Collapse This Item

  • Why Zero Trust Architecture Will Be the New Normal in 2021 2:50 pm

    Presented by Cloudflare

    The COVID-19 pandemic brought changes no IT team was ready for: employees were sent home, customer interaction models changed, and cloud transformation efforts abruptly accelerated. Cloudflare recently commissioned Forrester Consulting to explore the impact of 2020 disruptions on security strategy and operations among companies of all sizes. To do so, they surveyed 317 global security decision makers from around the world.

    Join Brian Parks, for an in-depth discussion of the survey results, followed by practical guidance for next year’s planning.

    Key Takeaways:

    • How 2020’s disruptions created challenges and opportunities for security teams of all sizes
    • Specific challenges North American companies faced in securing the change
    • Why executive buy-in for Zero Trust security initiatives is higher than ever
    • What peer security leaders are prioritizing for Zero Trust initiatives in 2021
    • How to drive successful Zero Trust pilot projects with Cloudflare for Teams
    Click to Expand

    Panel Participants:

    Brian Parks
    Brian Parks

    Brian Parks

    Go-To-Market Leader

    Collapse This Item

  • Afternoon Break
  • CISO Panel 3:25 pm

    Submit your bio for consideration to participate on our CISO Panel

    to [email protected] or fill out our Call for Speakers form here.

    Click to Expand

    Panel Participants:

    Robert Thomas
    Robert Thomas

    Robert Thomas

    CISO - 180AConsulting.com

    Hadas Cassorla
    Hadas Cassorla

    Hadas Cassorla

    Principal and CISO - Scale Security Group

    Dave Estlick
    Dave Estlick

    Dave Estlick

    CISO - Chipotle Mexican Grill

    Bryan Hurd
    Bryan Hurd

    Bryan Hurd

    VP/CISO - Aon Cyber Solutions

    Dennis Tomlin
    Dennis Tomlin

    Dennis Tomlin

    Chief Information Security Officer - Multnomah County

    Jon Washburn
    Jon Washburn

    Jon Washburn

    Chief Information Security Officer - Stoel Rives

    Kevin Morrison
    Kevin Morrison

    Kevin Morrison

    CISO - Alaska Airlines

    Collapse This Item

  • Day One Closing Session
  • Day Two
  • Welcome / Introductions
  • Gaining Visibility into Virtual Environments 10:05 am

    Presented by Gigamon

    With the shift to the cloud we gain scalability, but we lose visibility. In this session, we will discuss the problems we encounter and the options we have to get back the visibility into the data. 

    • Come learn what the options are
    • How to gain deeper hybrid cloud visibility
    • Scale faster, manage more easily
    • Some of the pros and cons

    By the end of the session, you’ll have the knowledge on how you can get back control of the data and keep an eye out for bad guys.

    Click to Expand

    Panel Participants:

    James Mandelbaum
    James Mandelbaum

    James Mandelbaum

    Senior Security Engineer

    Collapse This Item

  • Application Security Beyond Effective Bot Mitigation 10:25 am

    Presented by Shape Security

    The past twelve months have been punctuated by soaring data breaches, new attack patterns and phishing scams catalyzed by COVID-19 with Credential Stuffing and other brute force attacks resulting in hard losses surpassing billions of dollars. Now, more so than ever in this digital-first world, must organizations seek cross-functional, convergent platforms with strong digital fraud solutions to combat the relentless sources of cybercrime that continue to abuse our online platforms.

     Join Shape to explore how truly effective digital transformation journeys must transcend traditional bot mitigation and understand why defending our web and mobile applications without harming user experience or hampering revenue growth and brand reputation will become organizing principles for 2021 and beyond.

    Click to Expand

    Panel Participants:

    Gary Newe
    Gary Newe

    Gary Newe

    VP of Solutions Engineering - Shape Security Solutions

    Collapse This Item

  • Cloud Security 2021: What’s New, What Changes - Expert Panel Discussion 10:50 am

    Although it seems like a decade – just a few years ago, industry analysts were still advising the CISO community to keep the “crown jewel” data in private data centers.  Requirements for the security OF the cloud, and the security IN the cloud have accelerated quickly and today – amid the pandemic – that transition is near-complete.

    This is a broad topic – so our panel today will focus on the nuances of security IN the cloud, and some of the cutting-edge practices that innovative organizations are doing today to get ahead of threat actors who target online storage, protocols, email, file shares, and other data and network access that can be accidentally be exposed.

    Click to Expand

    Collapse This Item

  • Morning Coffee Break
  • Microsoft Teams Vulnerabilities 11:30 am

    Presented by Avanan

    Microsoft Teams has quickly become the go-to application for remote work, accelerating dramatically in usage over the last year. Millions of users turned to Microsoft Teams to help keep businesses going in 2020—and hackers have noticed. As Teams is still relatively new, much is unknown about how it operates and how hackers will approach it.

    While the increased usage has been well-documented, what’s not been documented is whether the app is vulnerable to hacking. We will talk about discoveries that have already been made, potential risks that we see in the future, and how to best secure this relatively new communication vector.

    This session will walk attendees through:

    • The many inherent vulnerabilities in the platform
    • The popular attack types
    • How hackers act differently within Teams than they do on email
    Click to Expand

    Panel Participants:

    Jeff Raymond
    Jeff Raymond

    Jeff Raymond

    Senior Sales Engineer

    Collapse This Item

  • The Dark Web: Exposing the Business of Cybercrime 11:50 am

    Presented by Armor Defense

    The Dark Web is growing at an exponential rate, with hackers doubling down on cybercrime-as-a-service—allowing non-traditional and unskilled hackers to wreak havoc in ways previously unheard of. Criminals don’t have to be skilled to get your data;they just need to know where and who to go to for help.

    This session aims to expose the inner workings and business of the cyber underground, focusing on the following:

    • Cryptocurrency – The impact digital currency has had on the rate of growth of cybercrime
    • Cybercrime-as-a-service – The expansion of services offered by skilled hackers and for low cost
    • Money laundering and money mules – Ways criminals are skirting around laws and regulations to get paid
    • Mitigating risk – How businesses can protect themselves from all levels of cybercriminals with an emphasis on the importance of investing in proactive threat-hunting
    Click to Expand

    Panel Participants:

    Joone Nijjar
    Joone Nijjar

    Joone Nijjar

    Product Manager

    Collapse This Item

  • Get beyond compliance and achieve real data security 12:10 pm

    Presented by Imperva

    To keep pace with the database activity explosion that has accompanied recent rapid technology innovations, organizations must rethink their strategy for securing their data assets. A strategy designed to meet compliance requirements is not enough. Organizations need to develop new approaches that augment traditional agent-based monitoring to achieve real data security today and in the future.We’ll provide insight into how you can automate data collection and monitoring so you may apply more resources to identifying non-compliant behavior and orchestrating rapid responses, regardless of where your data is or the size of your data estate.

    Click to Expand

    Panel Participants:

    Terry Ray
    Terry Ray

    Terry Ray

    SVP Strategy and Imperva Fellow

    Collapse This Item

  • Lunch Break
  • Keynote: Ronald Watters - CISA Region X 1:00 pm

    Ronald Watters

    Department of Homeland Security

    Cybersecurity Advisor DHS-CISA

    Don’t miss this CISA Briefing on responding to the cyber threats we’re facing in 2021, including the SolarWinds supply chain compromise and ongoing breaches that threaten the U.S. 

    Click to Expand

    Panel Participants:

    Ronald Watters
    Ronald Watters

    Ronald Watters

    Cybersecurity Advisor-Region X Cybersecurity and Infrastructure Security Agency (CISA)

    Collapse This Item

  • Hacking Exposed: Learning from the Adversaries 1:30 pm

    Presented by Blackberry

    Fileless attacks and fileless malware have grown in sophistication, especially in their ability to obfuscate and hide from both traditional and next-generation anti-virus. Join us to discover the techniques being used by APT32/OceanLotus to attack their victims and learn how to replicate them to better test your defenses. In this very short demonstration, you will learn techniques to make a weaponized document that is designed to not just bypass AV but also human threat hunters through a sophisticated method of obfuscation and the use of built-in trusted tools. The document is capable of allowing the attacker to gain remote access to the victim system and exfiltrate sensitive data. You will get to see, firsthand, the attack compromise both a Windows PC as well as a MacOS.

    Click to Expand

    Panel Participants:

    Brian Robison
    Brian Robison

    Brian Robison

    Chief Evangelist

    Collapse This Item

  • Subject Matter Expert Session - More Details To Come 1:50 pm

    Session Details Coming Soon

    Click to Expand

    Collapse This Item

  • Subject Matter Expert Session - More Details To Come 2:10 pm

    Session Details Coming Soon

    Click to Expand

    Collapse This Item

  • Afternoon Coffee Break
  • Featured Keynote: Functional Testing: A New Era of Pentesting 3:45 pm

    Presented by John Helmus

    As the cloud begins to take over the technology era, so does the ever-growing threat landscape of companies’ infrastructure. Today, copious amounts of businesses are relying on cloud providers to help build infrastructure quickly and efficiently – doing so allows companies to scale rapidly and maintain relevance into today’s competitive markets.

    However, the billy mays would say, “”BUT WAIT, THERE’S MORE!””.

    Cloud security comes at a cost that does not always present itself. That cost comes in the form of security and how adequate security can be applied to cloud infrastructure.

    This talk is going to discuss how security professionals can not use the same security guidelines for the cloud as they use for physical and on-prem systems. New technology mersity

    and new tactics and strategies, such as a new way of effectively pentesting. In this talk, attendees can expect to learn new ways of thinking about security and pentesting when it comes to targeting cloud providers – while also providing efficient adversarial assessments that assess the cloud.

     

    Click to Expand

    Panel Participants:

    Jonathan Helmus
    Jonathan Helmus

    Jonathan Helmus

    Manager of Pentest Community - Cobalt.io

    Collapse This Item

  • Expert Panel Discussion: Pentesting 3:10 pm

    Session Details Coming Soon

    Click to Expand

    Panel Participants:

    Ray Espinoza
    Ray Espinoza

    Ray Espinoza

    Head of Security, CISO

    Collapse This Item

  • Summit Final closing Session

Registration

Wed. Mar 31 — Thu. Apr 01

Data Connectors events are for IT professionals only. Required fields are marked with an asterisk (*).

Register