Data Connectors is proud to host the Dallas Virtual Cybersecurity Summit.

TPRM 2.0: How to Reduce the Burden of Vendor Risk Assessments

You spend countless hours assessing your vendors, stuck in spreadsheets, trying to sift through last year’s emails to find the right vendor contact and the most up-to-date questionnaire. And when assessments are finally completed (which can take months), you still need to review and validate the answers, as well as mitigate any identified risks.

As your program evolves, the need to simplify the vendor risk assessment process becomes unavoidable. So, what can you do to streamline assessment completion and simplify vendor risk reviews? In this webinar, we’ll outline the latest vendor risk assessment tips and tactics that you can implement to build a more efficient third-party risk management practice.

Key points:

• How you can save hours on vendor risk assessments
• How you can leverage inherent risks and tiered assessments
• How Cyber Risk Exchanges are reinventing the assessment process

Speaker’s Bio:

Emily Couch serves as a Third-Party Risk Consultant for OneTrust Vendorpedia – a purpose-built software designed to operationalize third-party risk management. In her role, Couch advises companies throughout their third-party risk management implementations to help meet requirements relating to relevant standards, frameworks, and laws (e.g. ISO, NIST, SIG, GDPR and CCPA). Couch works with clients to centralize their third-party information across business units, assess risks and performance, and monitor threats throughout the entire third-party relationship, from onboarding to offboarding.

Developing Your Identity Strategy

Remember when identity management meant creating new accounts and resetting user’s passwords? Over the years, digital identity has evolved into much, MUCH more. Your identity program now includes not just identity management, but also access management, privilege management, and even customer identity management, all of this falling under the umbrella of identity governance. More importantly, identity has shifted from being a basic operations function to the cornerstone for business enablement and digital transformation. In this presentation, Rob walks you through key considerations when developing your identity strategy to help you improve the current state of your program while building a solid foundation for the future of your identity program.

Speaker’s Bio:

Rob is a veteran of the cybersecurity industry with over 20 years of experience. Throughout his career he has focused on Identity governance & access management, as well as APIs & microservices. Rob’s ability to address both business and technical requirements, and provide effective solutions has enabled him to become a trusted advisor for clients across multiple industries. Rob holds a Bachelor of Technology Management, a MSc in IT, and Advanced Certificates in Telecommunications Management and Enterprise Architecture.  When not working with clients, he enjoys outdoor activities with family, gaming, and having lively conversations.

Achieving Secure Remote Access with RDP

With so many employees sheltering in place due to the coronavirus, enterprises with Windows are depending on VPNs and Microsoft’s Remote Desktop Protocol (RDP). However, while this allows employees to access company apps and files, using VPN and RDP surfaces other, longer-lasting problems. Adopting additional security measures can help. Check out this session to learn how; by providing a layer of security over all RDP servers under management, isolating hosts from the Internet, effectively eliminating the application attack surface.

Speaker’s Bio:

Gil Azrielant is co-founder and CTO of Axis Security. Gil is responsible for technology strategy and the development of the company’s cloud-based zero-trust application access platform. Prior to joining Axis Security, Gil was co-founder & CTO of Cool Cousin, a cloud-based platform for travelers looking to unlock outstanding travel experiences.

Gil’s cybersecurity career began in the elite Unit 8200 of the Israeli Army Intelligence Corps, where he worked on advanced cyber security and code decryption. He served five years inside this elite unit, working as a researcher and team leader.
Gil holds a Bachelor of Science degree in Computer Science and graduated magna cum laude from IDC Herzliya, one of Israel’s leading academic institutions.

Credential Harvesting As a Service: How this Dark Web Organization Steals Your Microsoft Credentials Presentation 

In this presentation, we will analyze the attack methods of a single advanced persistent threat organization that guarantees its dark-web customers that their messages will bypass Microsoft security. We will review the software they use to send email from anywhere in the world, their techniques that take advantage of both short- and long-lived vulnerabilities and the infrastructure to harvest credentials and perform attacks almost instantaneously. You will be surprised by the sophistication of the tools as well as their ease of use. Updated regularly with release notes and training videos, they are not ‘hackers’, so much as software developers with a very clear product offer: 100% access to your inbox. We will watch them over time and show how the tricks they use provide us with the indicators-of-attack we need to stop them.

Session Details Coming Soon

Lunch / Solutions Showcase Open

The U.S. Secret Service will discuss their role in defending our critical financial infrastructure, and also discuss the USSS’s role in responding to financial threats during the COVID 19 virus.

Surviving the Digital Storm – IoT Security Deluge

We are on the verge of entering our 4th industrial revolution: the era of the Internet of Things (IoT). IoT is a broad term that comes to describe physical devices, embedded with electronics, software, sensors, actuators and network connectivity – all capable of collecting and exchanging data with other devices. The direct communications and data sharing between devices – among themselves or directly with various cloud services – are aimed to shorten development cycles, reduce energy consumption, enable precise view of a device status, and to streamline business processes with higher efficiency.

This revolution has already impacted various industries including healthcare, automotive, industrial control systems, transportation and smart homes. Due to the wide variety of attacks on IoT, there is a need for a substantial granularity while managing the security policies of these devices. IoT delivers the promise of becoming the next industrial revolution, and driving the next generation of efficiency and productivity. But this revolution will not flourish unless cyber security becomes one of its corner stones.

Speaker’s Bio:

Joel Hollenbeck is a Cyber Security Visionary with the Office of the CTO at Check Point Software Technologies Inc., the worldwide leader in securing the Internet. His background includes over 20 years of experience deploying application protection and network-based security. Mr. Hollenbeck has been securing networks and systems since 1994, including developing and executing on strategies to connect some of the most sensitive networks for the Federal Government and Financial Institutions to the Internet in the earliest days of commercial internet connectivity. Mr. Hollenbeck has served as a consulting Security Architect with Check Point Software Technologies advising a wide variety of clients across many verticals on Security Best Practices, Security Architecture, and deriving the maximum value from investments in security, prior to joining Check Point, Mr. Hollenbeck has held various security engineering, leadership and executive roles within organizations local to St Louis.

Session Details Coming Soon

Identity and Access Management: Embracing the complexity

Admittedly, IAM can be intimidating. Ensuring company assets are being accessed only by those who are authorized is a crucial, non-trivial task but we should embrace the challenge. In this session we will discuss the complexities of IAM by reviewing what digital identity really is, and what challenges exist when implementing access management controls. We will discuss a typical IAM use-case and how we can embrace its complexities while avoiding the need for large architectural changes.

Speaker’s Bio:

Hello! I’m Matt, a cybersecurity engineer with a desire to make our online world safer and more secure. In the years leading to Auth0, I have co-founded a Toronto based startup Jukebox, previously Booth & Bottle which has over 5000+ users, I’ve built a fully-functioning ticketing platform called xTickets, I have worked for a worldwide VPN company that was acquired (twice!) which led to my work in security at Symantec, and in my early years while in university, I managed the IT and infrastructure for numerous corporate organizations. If we haven’t met before you’ll likely find me in a local coffee shop reading security white papers, writing code, watching DEFCON videos, or on hackthebox.eu. If I’m not there I’ll be at your local gym pumping iron. Security Certifications: CISSP (In Progress), Penetration Testing with Kali Linux, Certified Ethical Hacker, ComTIA Security+.

Rise of the Machines: Best Practices for Securing Unmanaged and IoT Devices

For many years now, enterprise networks have seen an explosive rise in devices that are challenging for security teams to secure. These include not only unmanaged devices, but also the extensive portfolio of Internet of Things (IoT) in enterprises such IP cameras, conference room TVs, smart building systems, manufacturing machines and medical devices.

Join Ordr CSO Jeff Horne in this webinar to learn:

• Risks and vulnerabilities associated with unmanaged and IoT devices
• Why traditional networking and security tools fall short
• Security best practices to protect these devices without impacting business operations

Session Details Coming Soon

Submit your bio for consideration to participate on our CISO Panel
to [email protected] or fill out our Call for Speakers form here.

Solution Showcase Open until 6:00

Data Connectors is proud to host Day 2 of the Dallas Virtual Cybersecurity Summit.

Attivo Networks – A Modern Approach to Deception

Modern threat deception does not rely upon signatures nor behavioral patterns. It flips the paradigm on the attacker to be perfect or be detected. History and experience have shown us that human attackers can bypass next-gen perimeter and endpoint controls. Threat deception provides early detection of external, insider, and 3rd party attackers – protecting against new types of Active Directory attacks, delivering actionable alerts, strengthening overall defensive posture, while being simple to deploy and maintain with a small staff. Whether your organization is a Fortune 10 or one with less than 1000 employees, organizations across the globe are deploying modern Attivo Deception both on-prem and the cloud as a proactive measure to combat cyber criminals.

Speaker’s Bio:

Jonathan Randall, CISSP has been on the business side of Cyber Security for more than 20 years, working at large global technology vendors, and small US based startups.

He is an advocate of clear communication, and unique approaches to security problem solving.

About Aruba

Aruba, a Hewlett Packard Enterprise company, is a leading provider of next-generation network access solutions for the mobile enterprise. The company designs and delivers Mobility-Defined Networks that empower IT departments and #GenMobile, a new generation of tech-savvy users who rely on their mobile devices for every aspect of work and personal communication. To create a mobility experience that #GenMobile and IT can rely upon, Aruba Mobility-Defined Networks™ automate infrastructure-wide performance optimization and trigger security actions that used to require manual IT intervention. The results are dramatically improved productivity and lower operational costs.