Don’t get Phished! See How IRONSCALES Self-Learning Email Security Platform Stops Tomorrow’s Phishing Attacks Today!

Cyber Criminals don’t care. From holiday seasons, elections, tax-day or our current pandemic COVID-19. They’re ready to exploit people’s vulnerability. 

Email phishing is their weapon of choice. 10 years ago, traditional solutions like secure email gateways (SEGs) or in-built security from mailbox providers were enough to stop cyber criminals from gaining access to our accounts. In 2020, attackers are more sophisticated and are changing tactics just as rapidly as businesses are moving to Office 365 and G-Suite. 

In the face of this evolving threat, how can you stay ahead of micro-targeted attacks and defend against malicious emails before they gain access to your confidential data? How do you protect end-users confronted by fake login pages (after all, it’s not their job to determine what looks real and what doesn’t)? How do you ensure that your SOC team isn’t overwhelmed by the burden of identifying and remediating phishing threats? 

Join IRONSCALES and learn about: 

• What techniques bad actors use to bypass traditional security measures 
• What new attacks are being used by bad actors to take advantage of the pandemic 
• What can you quickly do to protect your Office 365/G-Suite users who are working remotely 
• How automation & collaboration tools can enable your SOC team to respond to incidents faster, giving them time savings so that they can focus on other projects.

Speaker’s Bio:

Brian Cesca has a 20+ year career in sales located in the Charlotte market. Sixteen of those years were in selling technology services ranging from mergers and acquisitions internationally, to brand image and identification, to technology training (several years of which he started and owned his own IT training company), to staffing. With most of those organizations he was either the top sales rep or the sales manager. Brian joined IRONSCALES in 2018. 

Cesca’s interests include playing in sports leagues for softball, football, and bowling with championships in all three. He enjoys hacking around a golf course. Growing up he was captain of the high school crew team and swim team and was recruited to swim at UNC Charlotte. Random little know fact is that he has sung in rock bands since he was in high school. Cesca is an avid Pirates, Penguins and Steelers fan.

Data Connectors is proud to host the Dallas Virtual Cybersecurity Summit.

Times for this Event are in Central Standard Time (CST)

TPRM 2.0: How to Reduce the Burden of Vendor Risk Assessments

You spend countless hours assessing your vendors, stuck in spreadsheets, trying to sift through last year’s emails to find the right vendor contact and the most up-to-date questionnaire. And when assessments are finally completed (which can take months), you still need to review and validate the answers, as well as mitigate any identified risks.

As your program evolves, the need to simplify the vendor risk assessment process becomes unavoidable. So, what can you do to streamline assessment completion and simplify vendor risk reviews? In this webinar, we’ll outline the latest vendor risk assessment tips and tactics that you can implement to build a more efficient third-party risk management practice.

Key points:

• How you can save hours on vendor risk assessments
• How you can leverage inherent risks and tiered assessments
• How Cyber Risk Exchanges are reinventing the assessment process

Speaker’s Bio:

Emily Couch serves as a Third-Party Risk Consultant for OneTrust Vendorpedia – a purpose-built software designed to operationalize third-party risk management. In her role, Couch advises companies throughout their third-party risk management implementations to help meet requirements relating to relevant standards, frameworks, and laws (e.g. ISO, NIST, SIG, GDPR and CCPA). Couch works with clients to centralize their third-party information across business units, assess risks and performance, and monitor threats throughout the entire third-party relationship, from onboarding to offboarding.

Session Details Coming Soon

Get Rich Quick with Ransomware: A Lazy Hacker’s Perspective for Enterprises

Think Ransomware isn’t for you? In this enlightening talk, Gil Azrielant, co-founder of Axis Security, will quickly discuss the business opportunities, the technologies, the industry and the mechanics that attract hackers to ransomware. In the process Gil will reveal how some enterprises can use new technologies to defend themselves against attack.

Speaker’s Bio:

Gil Azrielant is co-founder and CTO of Axis Security. Gil is responsible for technology strategy and the development of the company’s cloud-based zero-trust application access platform. Prior to joining Axis Security, Gil was co-founder & CTO of Cool Cousin, a cloud-based platform for travelers looking to unlock outstanding travel experiences.

Gil’s cybersecurity career began in the elite Unit 8200 of the Israeli Army Intelligence Corps, where he worked on advanced cyber security and code decryption. He served five years inside this elite unit, working as a researcher and team leader.

Gil holds a Bachelor of Science degree in Computer Science and graduated magna cum laude from IDC Herzliya, one of Israel’s leading academic institutions.

The Last Line of Defense: The Importance of having a robust and comprehensive Data Protection strategy

Data protection is experiencing a resurgence. Historically its been seen as an innovation backwater and as “insurance”, but with the growth of Ransomware and cybercrime, and increasing risk, organisations are having to modernize their data protection architectures and strategies to ensure that data can be recovered quickly to ensure that an Organisation can survive an attack. Join this session to learn about the latest innovations in the data protection space and how they can be deployed to provide a comprehensive last line of defence. 

Speaker’s Bio:

David joined Pure Storage in October 2018 as the Rapid Restore Solutions Director and is responsible for the

 Rapid Restore solutions roadmap, working with our Data Protection partners (Veritas, Veeam, CommVault & Rubrik) and making sure the Pure sales field have all the tools and enablement they need to be successful. Previously,

 David spent a year at Amazon Web Services building a competitive team to work directly with Amazon’s sellers and customers. Before that David spent 17 years at Veritas Technologies in a number of roles – SE, SE Manager and later was responsible for building

 a Competitive Intelligence team. He left Veritas as the Director of Competitive and Market Intelligence in 2017.

Session Details Coming Soon

Lunch Briefing – Starts at 12 noon

The Passwordless Experience

As long as we’ve had computers, people have been able to steal our passwords. Join Rajan Barara in discussing current industry pain points and how Entrust can help you with our high assurance, credential based passwordless solutions.

Speaker’s Bio:

Rajan Barara is Director of Product Management for Identity at Entrust. In this webinar, he will speak about passwordless experience and what organizations should look for in a passwordless solution for comprehensive security. He will also highlight when to use FIDO vs Credentials based security.

Lunch / Solutions Showcase Open

The U.S. Secret Service will discuss their role in defending our critical financial infrastructure, and also discuss the USSS’s role in responding to financial threats during the COVID 19 virus.

Developing Your Identity Strategy

Remember when identity management meant creating new accounts and resetting user’s passwords? Over the years, digital identity has evolved into much, MUCH more. Your identity program now includes not just identity management, but also access management, privilege management, and even customer identity management, all of this falling under the umbrella of identity governance. More importantly, identity has shifted from being a basic operations function to the cornerstone for business enablement and digital transformation. In this presentation, Rob walks you through key considerations when developing your identity strategy to help you improve the current state of your program while building a solid foundation for the future of your identity program.

Speaker’s Bio:

Rob is a veteran of the cybersecurity industry with over 20 years of experience. Throughout his career he has focused on Identity governance & access management, as well as APIs & microservices. Rob’s ability to address both business and technical requirements, and provide effective solutions has enabled him to become a trusted advisor for clients across multiple industries. Rob holds a Bachelor of Technology Management, a MSc in IT, and Advanced Certificates in Telecommunications Management and Enterprise Architecture.  When not working with clients, he enjoys outdoor activities with family, gaming, and having lively conversations.

Hacking Exposed: Learning from the Adversaries

Fileless attacks and fileless malware have grown in sophistication, especially in their ability to obfuscate and hide from both traditional and next-generation anti-virus. Join us to discover the techniques being used by APT32/OceanLotus to attack their victims and learn how to replicate them to better test your defenses. In this very short demonstration, you will learn techniques to make a weaponized document that is designed to not just bypass AV but also human threat hunters through a sophisticated method of obfuscation and the use of built-in trusted tools. The document is capable of allowing the attacker to gain remote access to the victim system and exfiltrate sensitive data. You will get to see, firsthand, the attack compromise both a Windows PC as well as a MacOS.

Speaker’s Bio:

Brian Robison is the Chief Evangelist at BlackBerry, where he educates the world that preventing cybersecurity threats is actually possible and a much better approach than detecting and responding after the attack. Prior to joining Cylance, Robison spent five years helping secure corporate data on mobile devices—three years at Citrix as Director of Technical Marketing and two years driving enterprise product strategy at Good Technology. Before moving into the mobile security space, Robison’s career focused on endpoint security and risk and compliance. At McAfee, he led the effort to bring ePolicy Orchestrator into the modern age as well as managing the vulnerability management and policy compliance solutions. Prior to McAfee, Robison held many roles over his seven-year career at Tripwire, Inc.

Wargaming: Who, What and How of a Strategic Tabletop

The last thing any captain wants to do while the ship is sinking is say, “Well I hope the emergency procedures work.” The last thing an organization wants to say in the midst of an incident is, “We hope our Incident Response Plan works!” Tabletop exercises have many different positive outcomes that a company can utilized to further develop their security and incident response program. Though this is seen and categorized as strategic planning, there are many technical and tactical components needed to ensure the tabletop is effective at all levels of implementation. The last thing anyone wants are untested processes, tools, and procedures when the ship is taking on water.

Speaker’s Bio:

Joshua Harr studied MS Cybersecurity and Resilience at Northeastern University. In addition to his role at Rapid7 as a Senior Advisory Services Consultant, he is a Cyber Planner for Joint Force AFCYBER, Air Force Reserves. Joshua’s areas of expertise include incident response, threat hunting, industrial control systems, cybersecurity stregtic planning and security policy and development.

Surviving the Digital Storm – IoT Security Deluge

We are on the verge of entering our 4th industrial revolution: the era of the Internet of Things (IoT). IoT is a broad term that comes to describe physical devices, embedded with electronics, software, sensors, actuators and network connectivity – all capable of collecting and exchanging data with other devices. The direct communications and data sharing between devices – among themselves or directly with various cloud services – are aimed to shorten development cycles, reduce energy consumption, enable precise view of a device status, and to streamline business processes with higher efficiency.

This revolution has already impacted various industries including healthcare, automotive, industrial control systems, transportation and smart homes. Due to the wide variety of attacks on IoT, there is a need for a substantial granularity while managing the security policies of these devices. IoT delivers the promise of becoming the next industrial revolution, and driving the next generation of efficiency and productivity. But this revolution will not flourish unless cyber security becomes one of its corner stones.

Speaker’s Bio:

Joel Hollenbeck is a Cyber Security Visionary with the Office of the CTO at Check Point Software Technologies Inc., the worldwide leader in securing the Internet. His background includes over 20 years of experience deploying application protection and network-based security. Mr. Hollenbeck has been securing networks and systems since 1994, including developing and executing on strategies to connect some of the most sensitive networks for the Federal Government and Financial Institutions to the Internet in the earliest days of commercial internet connectivity. Mr. Hollenbeck has served as a consulting Security Architect with Check Point Software Technologies advising a wide variety of clients across many verticals on Security Best Practices, Security Architecture, and deriving the maximum value from investments in security, prior to joining Check Point, Mr. Hollenbeck has held various security engineering, leadership and executive roles within organizations local to St Louis.

Session Details Coming Soon

Submit your bio for consideration to participate on our CISO Panel
to [email protected] or fill out our Call for Speakers form here.

Solution Showcase Open until 6:00

Data Connectors is proud to host Day 2 of the Dallas Virtual Cybersecurity Summit.

Rise of the Machines: Best Practices for Securing Unmanaged and IoT Devices

For many years now, enterprise networks have seen an explosive rise in devices that are challenging for security teams to secure. These include not only unmanaged devices, but also the extensive portfolio of Internet of Things (IoT) in enterprises such IP cameras, conference room TVs, smart building systems, manufacturing machines and medical devices.

Join Ordr CSO in this webinar to learn:

• Risks and vulnerabilities associated with unmanaged and IoT devices
• Why traditional networking and security tools fall short
• Security best practices to protect these devices without impacting business operations

Speaker’s Bio: 

Jeff Horne is currently the CSO at Ordr where he is responsible for security direction both within Ordr products and internal security. Prior to Ordr Jeff was the VP of Information Security for Optiv where he was responsible for all Security Operations, Governance Risk and Compliance, Endpoint, Internal Incident Response, Physical Security, and Employee Security Awareness groups. Before Optiv Jeff was the Senior Director of Information Security for SpaceX where he was responsible for the overall security strategy of SpaceX and managing the Information Security, Compliance (ITAR), Security Operations, and Physical Security groups. Previous to SpaceX Jeff was the Vice President of R&D and Chief Architect for Accuvant LABS where he managed teams of researchers and consultants specializing in reverse engineering, malicious code, incident response, breach analysis, and vulnerability assessment. Prior to Accuvant Jeff was the Director of Threat Research at Webroot Software where he led several teams of malware researchers, reverse engineers, and a development organization specializing in creating anti-malware functionality and detection signatures for all Webroot products. Jeff began his career as a Vulnerability Researcher at Internet Security Systems where he was responsible for vulnerability discovery, exploit creation, IDS evasion research, and behavioral detection of malware. Jeff is well known for his insight in interviews for numerous news channels and publications, speaking roles at various security conferences, as well as authoring several vulnerability disclosures and patents.

Understanding and Combating Credential Stuffing Attacks

Credential stuffing attacks are the most common threats observed at Auth0. These attacks can lead to fraud, loss of reputation, and ultimately, loss of revenue.

In credential stuffing attacks, threat actors use stolen credentials from one breach to take over users’ other accounts. This is effective because, according to Google, 65% of people reuse passwords across multiple accounts. On some days, these attacks originate from more than 50,000 IP addresses and may account for as much as half of all login attempts using our platform. Even the most mature companies are vulnerable if they don’t have the right preventative measures in place.

Join Auth0 to learn:

•       How credential stuffing attacks work
•       What effect they can have on your company
•       Steps to detect and mitigate these attacks

Speaker’s Bio:

Chris Scott is a Senior Solutions Engineer at Auth0. Leveraging his past experience in both software development and enterprise sales, Chris provides education and guidance to security professionals looking to strengthen their identity strategy.

A new Spin on Securing Active Directory

CISOs, Penetration Testers, and Incident Responders all agree that Active Directory is a primary target for attackers. So why isn’t AD defended more effectively? Join us in this session to learn who is attacking AD, why AD Security has traditionally been so difficult, and some groundbreaking new techniques for securing Active Directory.

Speaker’s Bio:

Tom Atkins is a veteran Information Security professional with over 25 years of experience. Tom specializes in guiding young technology companies successfully into new markets. He works closely with leading companies to identify and resolve their core security challenges. At FireEye, he was the first customer-facing employee for the East Coast and at OpenDNS held a similar role building the Enterprise sales organization and strategy and managing the transition through the acquisition by Cisco in 2015. Tom is currently leading the East sales team for Attivo Networks, the leading deception company in the market.