Welcome / Introductions8:30 am -
Data Connectors is proud to host the Florida-Southern Virtual Cybersecurity Summit.
Session One8:40 am -
The IoT storm … Will we survive the coming deluge?
IoT devices permeate the most intimate aspects of our everyday lives. Now more than ever we must address the risks associated with these always on, always connected devices!
Robert Falzon is currently the Head of Engineering within the office of the CTO for Check Point Software Technologies Inc., the worldwide leader in securing the Internet. His background includes over 20 years of experience in large-scale network security architecture, design, and deployment projects for government and business organizations spanning the globe. Currently leading a large team of the most talented cyber security engineers in the industry, Robert and his team are responsible for educating the market on the latest cyber security trends.
Other past responsibilities have included operational, management, and developmental duties for major accounts within EDS Canada’s network security team, and lead engineer for many major European Telco accounts with Alcatel in Paris France. While with Alcatel, Robert worked to assist those accounts in moving to emerging voice technologies while maintaining a focus on security.
After obtaining his CISSP certification, Robert went on to provide security process and audit/penetration testing training to major financial and energy customers within Europe and the Middle East, in addition to providing audit and penetration testing and consulting services to customers worldwide.
Session Two9:00 am -
The Evolution of Ransomware
One constant truth Sophos has found over our 30 years of creating effective defenses against ever-changing threats: there is no silver bullet in security. Solutions need to evolve and adapt to new and emerging threats all the time. When it comes to ransomware, the same rules apply. Bad actors are finding ways to exploit your organization’s weaknesses and their bag of tricks is continuously growing. You need an adaptive approach to keep up and defend your organization. Join our experts as they discuss ways you can navigate the dangerous waters where bad actors lurk.
With over 17 years of experience in IT security, Brandon currently serves as a product specialist at Sophos. Throughout his career, he has been a member of the United States Air Force, worked for EDS and HP in Data Center Hosting, and spent several years as a security architect specializing in HIPAA and PCI Compliance. At Sophos, he has been primarily focused on educating clients on the latest malware threats and how to best architect their environments to guard against them.
Session Three9:40 am -
Achieving Secure Remote Access with RDP
With so many employees sheltering in place due to the coronavirus, enterprises with Windows are depending on VPNs and Microsoft’s Remote Desktop Protocol (RDP). However, while this allows employees to access company apps and files, using VPN and RDP surfaces other, longer-lasting problems. Adopting additional security measures can help. Check out this session to learn how; by providing a layer of security over all RDP servers under management, isolating hosts from the Internet, effectively eliminating the application attack surface.
Gil Azrielant is co-founder and CTO of Axis Security. Gil is responsible for technology strategy and the development of the company’s cloud-based zero-trust application access platform. Prior to joining Axis Security, Gil was co-founder & CTO of Cool Cousin, a cloud-based platform for travelers looking to unlock outstanding travel experiences.
Gil’s cybersecurity career began in the elite Unit 8200 of the Israeli Army Intelligence Corps, where he worked on advanced cyber security and code decryption. He served five years inside this elite unit, working as a researcher and team leader.
Gil holds a Bachelor of Science degree in Computer Science and graduated magna cum laude from IDC Herzliya, one of Israel’s leading academic institutions.
Session Four10:00 am -
Automate or Die Trying: The New Cybersecurity Reality
As the nature of threats continue to evolve as well as the volume of threats increase, a new reality is setting upon cybersecurity teams – automation. Paired with human error and the insurmountable amount of data to manage, it is inevitable that a potential threat will slip through the cracks for businesses who rely too heavily on manual process.
Implementing automation could be vital in order to reliably protect your organization and ensure resilience through robust and repeatable processes.
Join our leading security and product development experts to learn:
- Key security considerations when implementing automation programs
- Advice for how companies can begin finding success with AI and machine learning
With 10 years’ experience, Ryan Smith is Vice President of Product, responsible for bringing to market a world-class cloud security and compliance platform. In his current role, Ryan is responsible for the product vision and strategy, product delivery execution, and product culture at Armor. In previous roles, he served as the Director of Product Marketing for Armor, Director of Product for SandBox Commerce, and MuvData Product Manager for The New Office, Inc focused on bringing SaaS technologies to market for modern enterprises. Ryan holds a PhD in Mass Media and Communication Studies from European Graduate School.
QA Panel #110:45 am -
Session Details Coming Soon
session five11:15 am -
Building Cyber Resilience: Finding Factors not Fault
Given an outcome, we often exaggerate our ability to predict and therefore avoid the same fate. In cybersecurity, this misconception can lead to a false sense of corporate security, or worse, bury the true causes of incidents and lead to repeated data breaches or business disrupting cyber incidents. In this session, we will explore real-world incidents and threats to assemble an actionable cyber resilience framework that adapts to distributed assets, remote workers, and virtual workloads.
As a member of the LegalSec Council with the International Legal Technology Association (ILTA), Mark Sangster is a cybersecurity evangelist who has spent significant time researching and speaking to peripheral factors influencing the way that legal firms integrate cybersecurity into their day-to-day operations. In addition to his passion for cybersecurity, Mark’s 20-year sales and marketing career was established with industry giants like Intel Corporation, BlackBerry, and Cisco Systems. Mark’s experience unites a strong technical aptitude and an intuitive understanding of regulatory agencies. During his time at BlackBerry, Mark worked on the first secure devices for government agencies. Since then, he has continued to build mutually beneficial relationships with regulatory agencies in key sectors. Mark holds a Bachelor’s degree in Psychology from the University of Western Ontario and a Business Diploma from Humber College.
session six11:40 am -
About Dasher Technologies
Dasher is more than just an end-to-end IT solution provider with expert engineers in technology infrastructure. We assess, architect, and service IT solutions that digitally transform businesses. We are the trusted technology partner for hundreds of clients. And we provide personal service to deliver positive outcomes.
Dasher solves critical IT challenges and supports your IT journey with a consultative, vendor-agnostic approach. To do so, we forge strategic relationships with world-class technology manufacturers. As our clients’ businesses grow and evolve, we architect and implement IT solutions that minimize disruption and maximize ROI.
lunch break12:00 pm - 12:25 pm
Lunch / Solutions Showcase Open
Session Seven1:15 am -
Security Scorecard – CyberSecurity Ratings: Market Forces and Future Considerations
In this session, David will examine the most prevalent issues that attribute to third party breaches. He will review the challenges surfaced by the current work from home requirements, new COVID-19 risks, and additional concerns posed by the necessity for expanded collaboration.
He will explain what is a cybersecurity rating, and what are the major factors that comprise one. Comparing this with traditional Vendor Risk Management, he will revisit some of the challenges due to questionnaire exchange, manual processes, third-parties with access to sensitive data, and risk mitigation strategies.
David will explain the key elements included in a Cyber Risk Management solution, and contrast the drawbacks of point-in-time solutions that try to address these risks. Highlighting a recent case study, he discusses key requirements–such as automation, collaboration, centralized insights, prevention, and maximizing ROI–which led to multi-million dollar savings.
Looking to the future, David will share some cybersecurity rating predictions, discussing the major tailwinds in vendor risk management. He will explain how these solutions enable organizations to make more informed, less risky, and decisions faster.
David Ortiz is the Senior Director of Systems Engineering, Western United States and Asia territories, at SecurityScorecard.
With over 20 years in Network and Security industries, David has worked closely with Fortune 500 and SMB companies and partners to architect security solutions, including SaaS, Cloud, Mobile, and Security technologies. He has previously held management positions at HPE, Symantec, and Novell in strategic roles within Engineering, Business Development, Sales, and Services. In addition, he holds certifications from Cisco, Oracle, VMware, Fortinet, to name a few. He has trained hundreds of professionals in networking and security technologies. David holds an MBA from Santa Clara University.
Session Eight1:30 pm -
Three Things You Need to Know About New CCPA Regulations
This presentation describes the many cyber security requirements of the California Consumer Privacy Act and offers insights into effectively meeting them in advance of the July 1, 2020 deadline. Included is an analysis of additional requirements recently published by the California Attorney General.
- Understand the most pressing elements of the Regulations
- Learn how to prioritize and rationalize your compliance efforts
- How to leverage your efforts in advance of CCPA 2.0
Scott M. Giordano is an attorney with more than 20 years of legal, technology, and risk management consulting experience. An IAPP Fellow of Information Privacy and a Certified Information Security Systems Professional (CISSP), Scott serves as Spirion’s subject matter expert on multinational data protection and its intersection with technology, export compliance, internal investigations, information governance, and risk management. Prior to joining Spirion, he served as Director, Data Protection for Robert Half Legal and established the global privacy program for Esterline Technologies Corporation in Bellevue, WA.
During his career, Scott has held senior positions at several legal technology firms and is listed as co-inventor on Intelligent Searching of Electronically Stored Information, patent application no. 13/842,910. In addition, he taught the first law school course anywhere on electronic evidence and e-discovery.
Scott is a member of the bar in Washington state, California, and the District of Columbia.
QA Panel #22:10 pm -
Session Details Coming Soon
Session Nine2:30 pm -
Identity and Access Management: Embracing the complexity
Admittedly, IAM can be intimidating. Ensuring company assets are being accessed only by those who are authorized is a crucial, non-trivial task but we should embrace the challenge. In this session we will discuss the complexities of IAM by reviewing what digital identity really is, and what challenges exist when implementing access management controls. We will discuss a typical IAM use-case and how we can embrace its complexities while avoiding the need for large architectural changes.
Hello! I’m Matt, a cybersecurity engineer with a desire to make our online world safer and more secure. In the years leading to Auth0, I have co-founded a Toronto based startup Jukebox, previously Booth & Bottle which has over 5000+ users, I’ve built a fully-functioning ticketing platform called xTickets, I have worked for a worldwide VPN company that was acquired (twice!) which led to my work in security at Symantec, and in my early years while in university, I managed the IT and infrastructure for numerous corporate organizations. If we haven’t met before you’ll likely find me in a local coffee shop reading security white papers, writing code, watching DEFCON videos, or on hackthebox.eu. If I’m not there I’ll be at your local gym pumping iron. Security Certifications: CISSP (In Progress), Penetration Testing with Kali Linux, Certified Ethical Hacker, ComTIA Security+.
Session Ten2:50 pm -
The Last Line of Defense: The Importance of having a robust and comprehensive Data Protection strategy
Data protection is experiencing a resurgence. Historically its been seen as an innovation backwater and as “insurance”, but with the growth of Ransomware and cybercrime, and increasing risk, organisations are having to modernize their data protection architectures and strategies to ensure that data can be recovered quickly to ensure that an Organisation can survive an attack. Join this session to learn about the latest innovations in the data protection space and how they can be deployed to provide a comprehensive last line of defence.
David joined Pure Storage in October 2018 as the Rapid Restore Solutions Director and is responsible for the Rapid Restore solutions roadmap, working with our Data Protection partners (Veritas, Veeam, CommVault & Rubrik) and making sure the Pure sales field have all the tools and enablement they need to be successful. Previously, David spent a year at Amazon Web Services building a competitive team to work directly with Amazon’s sellers and customers. Before that David spent 17 years at Veritas Technologies in a number of roles – SE, SE Manager and later was responsible for building a Competitive Intelligence team. He left Veritas as the Director of Competitive and Market Intelligence in 2017.
QA Panel #33:25 pm - 4:00 pm
Session Details Coming Soon
session eleven3:50 pm -
The Anatomy of A Cyber Incident Response – Dissecting A Real-World Event & Critical Mitigation Steps
It’s the day IT leaders dread — Ransomware has taken control of your entire network. A few hours ago, everyone was working productively, and now the entire company has come to a screeching halt. The network, email, CRM, ERP, internal and customer databases are down. Could this have been prevented? The answer is almost always: Yes
With cybersecurity and network experience spanning more than two decades, Michael C. Sullivan is focused on keeping an organization’s data healthy and safe. Michael’s core capabilities include network security, routing, switching, wireless, and WAN optimization with an emphasis in cybersecurity. He is a CISSP and Certified Ethical Hacker along with 4011 and 4013 recognitions from the National Security Agency (NSA) and Committee on National Security Systems (CNSS). Under his leadership, the network and security teams provide in-depth consulting and implementation services to architect complex security and network solutions for government and private sector organizations.
Michael holds a BS in computer science from Framingham State University, in Framingham, MA and is a native of the Boston area.
Session twelve4:10 pm -
Introduction to Proactive Prevention
Despite continued infosec investments, data breaches continue while companies contend with complicated security architectures composed of disconnected technologies that produce mountains of non-actionable data. A renewed focus on prevention may hold the answer. Security architecture can be broken down into three main elements: Prevention, Detection and Remediation. Prevention should be considered the most strategically important defense element, as by default good true time zero prevention dramatically reduces latency, risks and operational costs of the security structure as a whole. As advanced threats evolve and data center transformation forces enterprise teams to consolidate security, the need for faster, easier and more deterministic threat prevention is essential, thus corporations need to consider a purpose-built stack of true prevention capabilities, that isn’t available in a singular off-the-shelf solution, and add Detection based tools, which by definition have a huge latency, false alerts and are cost prohibitive, where and when appropriate, but not as a prevention tool.
Netta Schmeidler, VP Product at Morphisec, has more than 25 years of experience delivering complex enterprise applications and managing global development groups and product teams. Her broad expertise includes all aspects of defining, building and successfully bringing solutions to market. Prior to Morphisec, Netta held senior product management and engineering roles at VMware (Digital Fuel), BMC, Identify Software, and Mercury. She received an MBA from Tel Aviv University, and a BSc in Computer Science from Hebrew University.
CISO PANEL4:35 pm -
Closing Session + Prize drawing
Solution Showcase Open Until 6:00 pm