Data Connectors is proud to host the Denver Cybersecurity Conference.
Data Connectors is proud to host the Denver Cybersecurity Conference.
Why Does Asset Management Matter for Cybersecurity?
Today, security professionals encounter many cybersecurity asset management challenges, from aggregating disparate data sets to establishing real-time visibility in a fluid environment. Trends in emerging technologies, such as IoT deployments, and in workplace modernization, like BYOD, continue to complicate the situation. Enterprises have a wide range of security solutions at their disposal to help tackle security challenges, but few resources to manage them. In this session, you’ll discover 3 modern asset trends, learn from 5 real-life asset management challenges, and gain a 6-step checklist on how to successfully manage your company’s assets.
Threat Intelligence and Modern Layered Security
The term ‘Threat Intelligence’ is getting a lot of buzz these days, but what does it mean? And, more importantly, how can it help protect your network? In this presentation, we answer these questions within the context of a layered security approach that integrates Threat Intelligence with existing security methodologies. We also use real-world examples to examine how Threat Intelligence improves a network’s defenses at the perimeter and allows administrators to gain more visibility on the inside.
Ted has worked with web and network security technologies for more than 20 years. He began his career in technology as a full-stack engineer in web development and design. As Chief Operating Officer, Ted guides the overall operations of Sentinel IPS, the CINS Active Threat Intelligence System, and all other supporting technologies. You may also find him presenting at an information security conference or trade show, spreading the word about shared threat intelligence.
One of Sentinel’s first employees, Ted is not afraid to get his hands dirty supporting Sentinel customers or lending a hand in Sentinel software development. Ted received his Bachelor of Business Administration from the University of Iowa (Go Hawks!) and his Master of Education (Secondary Mathematics) from the University of North Texas.
He resides in the DFW area with his wife and two sons, which keep him busy on seemingly every karate dojo and auditorium in the North Texas area. He can also be found swinging a hammer for Habitat for Humanity or riding his beloved bicycle for Team in Training.
Coffee Break / Vendor Exhibit Time
Trends in Cybercrime
Assistant to the Special Agent in Charge (ATSAIC) Ike Barnes is a graduate of the United States Military Academy at West Point. After serving in the US Army, ATSAIC Barnes became a Special Agent with the Secret Service in 2000 and was assigned to the New York Field Office. While there, ATSAIC Barnes was a member of the New York Electronic Crimes Task Force and other criminal investigative squads. After his assignment to the New York Field Office, ATSAIC Barnes was assigned to the Presidential Protective Division. After the Presidential Protective Division, ATSAIC Barnes was assigned to Secret Service Headquarters. ATSAIC Barnes is currently assigned to the Denver Field Office and is in charge of the Colorado Electronic Crimes Task Force.
Coffee Break / Vendor Exhibit Time
Real talk on ransomware
We all know what ransomware is – we know the stats, we’ve seen the headlines, we’re all in the mindset of “if, not when.” With all the fear, uncertainty and doubt constantly bombarding IT professionals, Arcserve dives into the realities of ransomware attacks and the real impacts on organizations. We offer participants an opportunity to “sound off” on ransomware and share experiences and challenges with your peers to better understand how prepared organizations are to defend against ransomware attacks.
Break / Vendor Booth Time / Lunch
The Paradox of Securing Workloads
Servers contain an organization’s most valuable assets and underpin its operational capabilities. These are the ultimate targets of many cybercriminals. Yet strategies for defending them often rely on client-grade technologies like AV and EDR. This exposes the enterprise at a time when many companies are migrating workloads to the cloud. Gartner’s model for Cloud Workload Protection Platforms offers insights on the must-haves and nice-to-haves of server protection, on-prem and in the cloud. It also points to ways of safeguarding them from unknown attacks by using deterministic technology like moving target defense.
Arthur has more than 25 years of executive management and sales leadership experience, including over a decade and a half in the data and cyber security industry. Before joining Morphisec, he was Vice President at Big Belly, leading their private sector expansion. Prior to Big Belly, he served as VP Strategic Accounts at CloudLock, a cloud cybersecurity company, where he focused on large enterprise customers. Prior to that, Arthur built the major accounts strategy and portfolio for Digital Guardian. Previously, he held executive-level roles at Escort Inc., ArchiText, Polaroid and AT&T. He serves in the advisory boards of GreatHorn and Jeenie, two startups, and is a co-founder of Language Line Services.
Dessert and Coffee Break / Vendor Exhibit Time
Protect Your Keys or Don’t Waste Your Time Encrypting Your Data
For over 2000 years, governments, armies, businesses and lovers have been encrypting messages. For the same amount of time, the keys used to perform the encryption have been the weakest link in the chain. After 2000 years, technology has advanced such that the keys can be protected but many companies don’t understand how important it really is. Mr. Beutlich will explain in an entertaining (and sometimes graphic) fashion why protecting the encryption key is more important than the encryption itself.
Brad Beutlich, Vice President of Western and LATAM Sales at nCipher (formerly Thales and now part of Entrust Datacard), is an information security professional who has worked with numerous US based companies over the past 20 years, providing security solutions ranging from end-point, to data security.
The last 11 years he has worked for Thales eSecurity providing security solutions that protect customer data, financial transactions and IoT device manufacturing. Brad holds a BS in Electrical Engineering Technology from Bradley University, and is an award-winning writer and speaker on numerous security topics. His passion as a historian is on brass-era (pre 1913) automobiles, of which he owns a 120-year-old car that runs on steam. As an avid skier, he hits the slopes on the weekends when possible. Brad resides with his wife and three children in Southern California.
Overcoming Today’s Most Common Security & Privacy Challenges
Managing third-party vendor risk before, during and after on-boarding is a continuous effort under global privacy laws and security regulations. While outsourcing operations to vendors can alleviate business challenges, managing the associated risk with manual tools like spreadsheets is complex and time consuming. To streamline this process, organizations must put procedures in place to secure sufficient vendor guarantees and effectively work together during an audit, incident – or much more. In this session, we’ll breakdown a practical approach for automating third-party vendor risk management and explore helpful tips and real-world practical advice to automate third-party privacy and security risk programs.
Zach Reed serves as a Third-Party Risk Solutions Engineer for OneTrust VendorpediaTM– a purpose-built software designed to operationalize third-party risk management. In his role, Reed advises companies throughout their third-party risk management implementations to help meet requirements relating to relevant standards, frameworks, and laws (e.g. ISO, NIST, SIG, GDPR and CCPA). Reed works with clients to centralize their third-party information across business units, assess risks and performance, and monitor threats throughout the entire third-party relationship, from onboarding to offboarding.
Break / Vendor Exhibit Time
Cybercrime, Inc: Exposing the Business of the Dark Web
The Dark Web is growing at an exponential rate, with hackers doubling down on cybercrime-as-a-service – allowing non-traditional and unskilled hackers to wreak havoc in ways previously impossible. Criminals don’t have to be skilled to get your data; they just have to hire someone who is.
The session aims to expose the inner workings and business of the cyber underground, focusing on the following:
– Cryptocurrency – the impact digital currency has had on the rate of growth of cybercrime
– Cybercrime-as-a-service – the expansion of services offered by skilled hackers & for low costs
– Money laundering & money mules – ways criminals are skirting around laws/regulations to get paid
– How businesses can protect themselves from all levels of cybercriminals; emphasis on the importance of investing in proactive threat hunting
Michael Mayes is a senior writer and researcher at Armor in Richardson, Texas. His career in technology communications includes work with the Human Genome Project, handheld software during the Palm and Pocket PC era, blockchain development, and cybersecurity. He began his research in black markets in 2013 during a PhD year in professional and technical writing at the University of Memphis where he wrote on the early days of Bitcoin and its defining proof of concept, the Silk Road.
Digital Transformation – Knowing the Threat Landscape
Digital Transformation is real. How prepared is your business to understand the associated risks within your organization across the threat landscape.
Craig Goodard has over 25 years of IT sales experience here in Colorado, Nationally and with Global accounts. The past 7-years have been focused on selling IT Security solutions. The knowledge of selling IT solutions into the datacenter, networking and security teams for the past 25-years has enabled Craig to have a deeper understanding of how security affects all parts of an organizations security threat landscape and the need to work together.
A Risk Based Privacy Approach
A privacy program in this environment must take into account: An understanding of what current requirements are applicable to each business process which involves personal information, and the business reasons for the use of that personal information; how those requirements translate into technical and process changes, and how those changes are best addressed from the application level to the organizational level; future-proofing against changing applications and business needs, additional regulatory requirements, increased customer and partner expectations, and peer competitor strategies. This program must be risk based and designed to achieve an MVP defensible position in the shortest amount of time, without boiling the ocean, and should include a road map for continuous improvement and recurring risk and privacy assessments.
Understand how to create an operational approach to privacy compliance, including business and technical impacts, create a prioritized assessment and implementation plan, and be able to demonstrate compliance and comply with privacy rights requests in a timely and efficient manner.
Matthew Corwin is an attorney and consultant specializing in privacy and cybersecurity. Well-versed in regulatory compliance, data management, IT infrastructure, security & privacy applications, and automation/AI, he has consulted globally for organizations in the US, EU, APAC, and Latin America. Matthew has also held leadership roles at a number of companies including: Cognizant, where he led the North America unit of the Cognizant global privacy consulting practice; Symantec, where he led the PCI DSS and GDPR programs; and Calpop.com, where he served as Chief Compliance Officer. Other clients have included A+E Networks, Delta Airlines, SAP, Albertsons Companies, Disney Media Networks, Farmers Insurance, Hubspot, Toyota Motors North America, and a number of top law firms.
The California Consumer Privacy Act isn’t the first US or state privacy law, but it may have the biggest potential impact on a wide range of US based businesses that use consumer personal information. It also won’t be the last, as privacy regulation at the state and federal level is just beginning to unfold.