Data Connectors is proud to host the Dallas Virtual Cybersecurity Summit.

Times for this Event are in Central Standard Time (CST)

Identifying Risky Vendors: 7 Warning Signs You Shouldn’t Ignore

For individuals managing third-party risk, there is one primary question that needs answering: Are your vendors safe to do business with? Answering that question is not so straightforward. Third-party risk comes loaded with complexities and compromises. However, there are “red flags” you can look for when evaluating the security, privacy, and compliance programs of your vendors. ​

TAKE AWAYS​

• How to spot “red flags” from risky vendors​
• What leading third-party risk professionals look for when evaluating vendors​
• How to evaluate vendors using assessment communities and shared due diligence data​

Why Zero Trust Architecture Will Be the New Normal in 2021

The COVID-19 pandemic brought changes no IT team was ready for: employees were sent home, customer interaction models changed, and cloud transformation efforts abruptly accelerated. Cloudflare recently commissioned Forrester Consulting to explore the impact of 2020 disruptions on security strategy and operations among companies of all sizes. To do so, they surveyed 317 global security decision makers from around the world.

Join Brian Parks, for an in-depth discussion of the survey results, followed by practical guidance for next year’s planning.

Key Takeaways:

• How 2020’s disruptions created challenges and opportunities for security teams of all sizes
• Specific challenges North American companies faced in securing the change
• Why executive buy-in for Zero Trust security initiatives is higher than ever
• What peer security leaders are prioritizing for Zero Trust initiatives in 2021
• How to drive successful Zero Trust pilot projects with Cloudflare for Teams

Speaker’s Bio:

Brian Parks has two decades of experience helping technology companies grow revenues including diverse responsibilities managing Direct and Channel Sales, Partnerships, Marketing, Customer Success, Product Management & Engineering.

Veteran’s Day (moment of silence)

Get Rich Quick with Ransomware: A Lazy Hacker’s Perspective for Enterprises

Think Ransomware isn’t for you? In this enlightening talk, Gil Azrielant, co-founder of Axis Security, will quickly discuss the business opportunities, the technologies, the industry and the mechanics that attract hackers to ransomware. In the process Gil will reveal how some enterprises can use new technologies to defend themselves against attack.

Speaker’s Bio:

Gil Azrielant is co-founder and CTO of Axis Security. Gil is responsible for technology strategy and the development of the company’s cloud-based zero-trust application access platform. Prior to joining Axis Security, Gil was co-founder & CTO of Cool Cousin, a cloud-based platform for travelers looking to unlock outstanding travel experiences.

Gil’s cybersecurity career began in the elite Unit 8200 of the Israeli Army Intelligence Corps, where he worked on advanced cyber security and code decryption. He served five years inside this elite unit, working as a researcher and team leader.

Gil holds a Bachelor of Science degree in Computer Science and graduated magna cum laude from IDC Herzliya, one of Israel’s leading academic institutions.

The Last Line of Defense: The Importance of having a robust and comprehensive Data Protection strategy

Data protection is experiencing a resurgence. Historically it’s been seen as an innovation backwater and as “insurance”, but with the growth of Ransomware and cybercrime, and increasing risk, organizations are having to modernize their data protection architectures and strategies to ensure that data can be recovered quickly to ensure that an Organization can survive an attack. Join this session to learn about the latest innovations in the data protection space and how they can be deployed to provide a comprehensive last line of defense.

Speaker’s Bio:

David joined Pure Storage in October 2018 as the Rapid Restore Solutions Director and is responsible for the

 Rapid Restore solutions roadmap, working with our Data Protection partners (Veritas, Veeam, CommVault & Rubrik) and making sure the Pure sales field have all the tools and enablement they need to be successful. Previously,

 David spent a year at Amazon Web Services building a competitive team to work directly with Amazon’s sellers and customers. Before that David spent 17 years at Veritas Technologies in a number of roles – SE, SE Manager and later was responsible for building

 a Competitive Intelligence team. He left Veritas as the Director of Competitive and Market Intelligence in 2017.

IoT – Security at the Edge

The Internet of Things (IoT) poses entirely new challenges. With 35 billion IoT devices expected to be in operation by next year – weak passwords, insecure network services and a lack of secure update mechanisms concern every organization.

The 2020 Cybersecurity Skills Shortage

The cybersecurity skills shortage is real and getting worse: according to ISC(2), nearly three million cybersecurity positions worldwide are currently unfilled, and Cyberseek reports that more than 300,000 positions are available just in the United States. A lack of cybersecurity analysts, researchers, and other security experts means that bad actors have even more of an upper hand because there are fewer people available to investigate potential threats, analyze attacks, and remediate security problems. The lockdowns arising from the COVID-19 pandemic has made the problem worse.

Osterman Research has conducted an in-depth study and produced a white paper focused squarely on this issue, and Michael Osterman will be presenting the results of that research. In this session you will learn:

• The seriousness with which your peers taking the cybersecurity skills shortage.
• What they’re doing to address it.
• How executive management and employees view their organizations’ cybersecurity function.
• How cybersecurity professionals are dealing with the stresses of doing their job.
• How the cybersecurity skills shortage might be solved, both in the near-term and longer term.

Speaker’s Bio:

Michael Osterman is the principal analyst of Osterman Research, a market research and consulting firm focused on understanding the technologies and processes involved in workplace communication and collaboration. Michael has been the head of Osterman Research for 19 years and in the tech-focused market research industry for many years before that. The company covers a number of topics related to security, security awareness training, content archiving and other areas that are focused on how people communicate and collaborate. The company is based in Washington State.

Q&A @ 1:10 PM

Developing Your Identity Strategy

Remember when identity management meant creating new accounts and resetting user’s passwords? Over the years, digital identity has evolved into much, MUCH more. Your identity program now includes not just identity management, but also access management, privilege management, and even customer identity management, all of this falling under the umbrella of identity governance. More importantly, identity has shifted from being a basic operations function to the cornerstone for business enablement and digital transformation. In this presentation, Rob walks you through key considerations when developing your identity strategy to help you improve the current state of your program while building a solid foundation for the future of your identity program.

Speaker’s Bio:

Rob is a veteran of the cybersecurity industry with over 20 years of experience. Throughout his career he has focused on Identity governance & access management, as well as APIs & microservices. Rob’s ability to address both business and technical requirements, and provide effective solutions has enabled him to become a trusted advisor for clients across multiple industries. Rob holds a Bachelor of Technology Management, a MSc in IT, and Advanced Certificates in Telecommunications Management and Enterprise Architecture.  When not working with clients, he enjoys outdoor activities with family, gaming, and having lively conversations.

Hacking Exposed: Learning from the Adversaries

Fileless attacks and fileless malware have grown in sophistication, especially in their ability to obfuscate and hide from both traditional and next-generation anti-virus. Join us to discover the techniques being used by APT32/OceanLotus to attack their victims and learn how to replicate them to better test your defenses. In this very short demonstration, you will learn techniques to make a weaponized document that is designed to not just bypass AV but also human threat hunters through a sophisticated method of obfuscation and the use of built-in trusted tools. The document is capable of allowing the attacker to gain remote access to the victim system and exfiltrate sensitive data. You will get to see, firsthand, the attack compromise both a Windows PC as well as a MacOS.

Speaker’s Bio:

Brian Robison is the Chief Evangelist at BlackBerry, where he educates the world that preventing cybersecurity threats is actually possible and a much better approach than detecting and responding after the attack. Prior to joining Cylance, Robison spent five years helping secure corporate data on mobile devices—three years at Citrix as Director of Technical Marketing and two years driving enterprise product strategy at Good Technology. Before moving into the mobile security space, Robison’s career focused on endpoint security and risk and compliance. At McAfee, he led the effort to bring ePolicy Orchestrator into the modern age as well as managing the vulnerability management and policy compliance solutions. Prior to McAfee, Robison held many roles over his seven-year career at Tripwire, Inc.

CyberSecurity Author Interview: No Safe Harbor 

In this interview, our CSO, Michael Hiskey, interviews Mark Sangster. Mark is the author of the recent book, No Safe Harbor: the inside truth about cyber crime and how to protect your business. In this short conversation, Michael talks with the author about the stories in the book, what the key takeaways are, and the process of writing it.

Wargaming: Who, What and How of a Strategic Tabletop

The last thing any captain wants to do while the ship is sinking is say, “Well I hope the emergency procedures work.” The last thing an organization wants to say in the midst of an incident is, “We hope our Incident Response Plan works!” Tabletop exercises have many different positive outcomes that a company can utilized to further develop their security and incident response program. Though this is seen and categorized as strategic planning, there are many technical and tactical components needed to ensure the tabletop is effective at all levels of implementation. The last thing anyone wants are untested processes, tools, and procedures when the ship is taking on water.

Speaker’s Bio:

Joshua Harr studied MS Cybersecurity and Resilience at Northeastern University. In addition to his role at Rapid7 as a Senior Advisory Services Consultant, he is a Cyber Planner for Joint Force AFCYBER, Air Force Reserves. Joshua’s areas of expertise include incident response, threat hunting, industrial control systems, cybersecurity stregtic planning and security policy and development.

Surviving the Digital Storm – IoT Security Deluge

We are on the verge of entering our 4th industrial revolution: the era of the Internet of Things (IoT). IoT is a broad term that comes to describe physical devices, embedded with electronics, software, sensors, actuators and network connectivity – all capable of collecting and exchanging data with other devices. The direct communications and data sharing between devices – among themselves or directly with various cloud services – are aimed to shorten development cycles, reduce energy consumption, enable precise view of a device status, and to streamline business processes with higher efficiency.

This revolution has already impacted various industries including healthcare, automotive, industrial control systems, transportation and smart homes. Due to the wide variety of attacks on IoT, there is a need for a substantial granularity while managing the security policies of these devices. IoT delivers the promise of becoming the next industrial revolution, and driving the next generation of efficiency and productivity. But this revolution will not flourish unless cyber security becomes one of its corner stones.

Speaker’s Bio:

Joel Hollenbeck is a Cyber Security Visionary with the Office of the CTO at Check Point Software Technologies Inc., the worldwide leader in securing the Internet. His background includes over 20 years of experience deploying application protection and network-based security. Mr. Hollenbeck has been securing networks and systems since 1994, including developing and executing on strategies to connect some of the most sensitive networks for the Federal Government and Financial Institutions to the Internet in the earliest days of commercial internet connectivity. Mr. Hollenbeck has served as a consulting Security Architect with Check Point Software Technologies advising a wide variety of clients across many verticals on Security Best Practices, Security Architecture, and deriving the maximum value from investments in security, prior to joining Check Point, Mr. Hollenbeck has held various security engineering, leadership and executive roles within organizations local to St Louis.

Defense-in-Depth: 3rd Party Risk

Layering Defense in Depth (DiD) with intentional redundancies increases the security of a system as a whole and addresses many different attack vectors. From individual laptops, to VPN to the WAN, the old paradigm of “castles and moats” is soooo 1999. How are organizations defending against inventive hackers penetrating their systems in 2020?  

The Dark Web: A New Underground Economy

How Dark Markets are Innovating and Why It Matters

Throughout history, underground economies thrive following war, natural disaster or political upheaval. While difficult to accurately discern, the underground economy in the U.S. is estimated to be 11-12% of GDP or $2.5 trillion–excluding illegal drug sales, gambling or prostitution! Over the last two years, dark web marketplaces and other underground commerce methods have been innovative and growing, preparing for a new economic reality. While drugs are still popular, malware and stolen data have become far more lucrative for sellers and buyers. In this session, analyst Michael Mayes will share the latest on dark web market innovation and activity, including the sale of COVID-19 related drugs and supplies.

Speaker’s Bio:

Michael Mayes is a writer and cybersecurity threat researcher in Dallas, Texas. Since 2013, his work has focused on darknet anonymous markets and the technology, including Bitcoin, that makes them possible. His research on dark markets and ransomware has been featured in Forbes, Dark Reading, ZDNET and BusinessWeek.

Feature Keynote Q&A @ 4:20 PM

Solution Showcase Open until 6:00

Don’t get Phished! See How IRONSCALES Self-Learning Email Security Platform Stops Tomorrow’s Phishing Attacks Today!

Cyber Criminals don’t care. From holiday seasons, elections, tax-day or our current pandemic COVID-19. They’re ready to exploit people’s vulnerability.

Email phishing is their weapon of choice. 10 years ago, traditional solutions like secure email gateways (SEGs) or in-built security from mailbox providers were enough to stop cyber criminals from gaining access to our accounts. In 2020, attackers are more sophisticated and are changing tactics just as rapidly as businesses are moving to Office 365 and G-Suite.

In the face of this evolving threat, how can you stay ahead of micro-targeted attacks and defend against malicious emails before they gain access to your confidential data? How do you protect end-users confronted by fake login pages (after all, it’s not their job to determine what looks real and what doesn’t)? How do you ensure that your SOC team isn’t overwhelmed by the burden of identifying and remediating phishing threats?

Join IRONSCALES and learn about:

• What techniques bad actors use to bypass traditional security measures
• What new attacks are being used by bad actors to take advantage of the pandemic
• What can you quickly do to protect your Office 365/G-Suite users who are working remotely
• How automation & collaboration tools can enable your SOC team to respond to incidents faster, giving them time savings so that they can focus on other projects.

Speaker’s Bio:

Upon joining IRONSCALES, Ian brought over 20 years of extensive industry experience in the Information Security, Technology and Communications fields and has held various positions including both individual contributor and systems engineering management roles. Ian has regularly presented at various industry events on security topics such as threat prevention, ransomware, and best practices. His last position was Americas Director of Data Center Sales for NetApp covering Canada, Latin America and the US. Ian has worked for large multinational technology companies such as Palo Alto Networks, Foundry Networks/Brocade, Alcatel Lucent, and Fore Systems/Marconi. Ian is originally from South Africa, and now resides in the United States.

Data Connectors is proud to host Day 2 of the Dallas Virtual Cybersecurity Summit.