Proactive Endpoint Protection: What it Is and What it Is Not
Breach damage caused by hackers has accelerated in 2020 despite the fact that businesses are spending more than ever on endpoint security. This is because the incremental improvements being made to EDR and NGAV are outmatched by the fundamental changes we’ve seen in adversarial techniques. Morphisec’s Sam Osterhout will show out a proactive approach to endpoint security offers a means of preventing even the most advanced zero-days, fileless attacks, and exploits. This is not a better, faster, improved version of the tools that have failed us in the past, it’s an entirely new approach to endpoint security that can be quickly and effectively implemented by any business.
Sam is a Senior Security Advisor for Morphisec. In his role, he works with cybersecurity and IT security teams primarily in the Western United States. In his consultations with clients, he generally talks about their threat detection and response strategies, including deception and Morphsec’s “moving target defense” strategy. Sam has several years of experience in security since his tenure as a US Army Infantry team leader. Sam has been a trusted, consultative voice for organizations he works with, relying on his technical depth and understanding of their broader business challenges.
Data Connectors is proud to host the Great Lakes Virtual Cybersecurity Summit.
Times for this Event are in Central Standard Time (CST)
Surviving the Digital Storm – IoT Security Deluge
We are on the verge of entering our 4th industrial revolution: the era of the Internet of Things (IoT). IoT is a broad term that comes to describe physical devices, embedded with electronics, software, sensors, actuators and network connectivity – all capable of collecting and exchanging data with other devices. The direct communications and data sharing between devices – among themselves or directly with various cloud services – are aimed to shorten development cycles, reduce energy consumption, enable precise view of a device status, and to streamline business processes with higher efficiency.
This revolution has already impacted various industries including healthcare, automotive, industrial control systems, transportation and smart homes. Due to the wide variety of attacks on IoT, there is a need for a substantial granularity while managing the security policies of these devices. IoT delivers the promise of becoming the next industrial revolution, and driving the next generation of efficiency and productivity. But this revolution will not flourish unless cyber security becomes one of its corner stones.
Joel Hollenbeck is a Cyber Security Visionary with the Office of the CTO at Check Point Software Technologies Inc., the worldwide leader in securing the Internet. His background includes over 20 years of experience deploying application protection and network-based security. Mr. Hollenbeck has been securing networks and systems since 1994, including developing and executing on strategies to connect some of the most sensitive networks for the Federal Government and Financial Institutions to the Internet in the earliest days of commercial internet connectivity. Mr. Hollenbeck has served as a consulting Security Architect with Check Point Software Technologies advising a wide variety of clients across many verticals on Security Best Practices, Security Architecture, and deriving the maximum value from investments in security, prior to joining Check Point, Mr. Hollenbeck has held various security engineering, leadership and executive roles within organizations local to St Louis.
Managing Digital Risk Amid Disruption
Digital transformation is not only changing how companies think about business. It is changing how we think about risk. We need to *act* on risk, not worry about it. We need to start and end with the basics. In this session we review several key areas of digital risk management to target as you are challenged to be a key contributor in your company’s digital journey.
Ben Smith is Field Chief Technology Officer (Field CTO – US) with RSA, a Dell Technologies business. With 25 years’ experience in the information security, networking and telecommunications industries, he regularly consults on RSA’s security and risk management solutions. His prior employers include UUNET, CSC, and the US Government, along with several technology-oriented startups. He holds industry certifications in information security (CISSP), risk management (CRISC), and privacy (CIPT), and has presented on RSA’s behalf internationally at cybersecurity events sponsored by Gartner, FS-ISAC, SANS, IANS, CERT/SEI, RSAC, ISSA, (ISC)2, ISACA, Infosecurity, IIA, RMA, BSides, ASIS, InfraGard, HTCIA, SecureWorld, MWCA, ICI and other organizations.
The Evolution of Ransomware:
One constant truth Sophos has found over our 30 years of creating effective defenses against ever-changing threats: there is no silver bullet in security. Solutions need to evolve and adapt to new and emerging threats all the time. When it comes to ransomware, the same rules apply. Bad actors are finding ways to exploit your organization’s weaknesses and their bag of tricks is continuously growing. You need an adaptive approach to keep up and defend your organization. Join our experts as they discuss ways you can navigate the dangerous waters where bad actors lurk.
Kris is seasoned engineer in the IT security industry, having previously spent time at MSPs and Cloud Service Providers before joining the Sophos team. He understands the complex challenges companies face to maintain security and compliance in an ever-evolving threat landscape, and he continually strives to help companies stay ahead of the bad guys.
Kris will bring his experience working with organizations all over the greater Arizona and Nevada area, and talk about how new developments will have impacted the way those firms interdict ransomware.
Automate or Die Trying: The New Cybersecurity Reality
As the nature of threats continue to evolve as well as the volume of threats increase, a new reality is setting upon cybersecurity teams – automation. Paired with human error and the insurmountable amount of data to manage, it is inevitable that a potential threat will slip through the cracks for businesses who rely too heavily on manual process.
Implementing automation could be vital in order to reliably protect your organization and ensure resilience through robust and repeatable processes.
Join our leading security and product development experts to learn:
With 10 years’ experience, Ryan Smith is Vice President of Product, responsible for bringing to market a world-class cloud security and compliance platform. In his current role, Ryan is responsible for the product vision and strategy, product delivery execution, and product culture at Armor. In previous roles, he served as the Director of Product Marketing for Armor, Director of Product for SandBox Commerce, and MuvData Product Manager for The New Office, Inc focused on bringing SaaS technologies to market for modern enterprises. Ryan holds a PhD in Mass Media and Communication Studies from European Graduate School.
Session Details Coming Soon
Reducing Friction and Managing Remote Work Environments
The business world has changed and many of those changes, like remote working, are here to stay. And keeping your teams safe during this period is a no-brainer—as is making sure their remote endpoints are managed and secure. But with these changes come a list of concerns and issues that many organizations just are not ready to address, sometimes highlighting legacy support policies and even out-of-standard technological needs. The friction of everyday management of the full enterprise has increased, putting a strain on the IT and support staff as well as the users.
During this presentation, I will address common areas of friction in endpoint management as well as ways to pinpoint friction in your environment, and finally ways to address the problems and setup your organization for scalability with endpoint management.
Jay Goodman is a product marketing expert and intelligence consultant with experience working with Fortune 500 companies and startups alike. Jay joined Automox in 2019 and is responsible for the messaging and intelligence gathering functions within the company. Previously, Jay was a Product Manager for McAfee and an avid participant in the cybersecurity and competitive intelligence communities.
The Rise of Secure Access Service Edge (SASE)
Secure access service edge (SASE) offerings are cloud-delivered platforms that give consistent security across different applications, devices, web destinations, on-premises resources, and infrastructure. To achieve this, these platforms deliver a variety of functionality from complementary security solutions. As organizations operate in our frenetic business world, SASE becomes imperative. In this session, you will learn:
4 Seed Questions:
Jacob is a cybersecurity expert working as a Sr. Product Marketing Manager at Bitglass in Silicon Valley. He is passionate about helping others to protect their personal information and earned his MBA at San Jose State University where he graduated at the top of his class.
Lunch Briefing – Starts at 12 noon
The Last Line of Defense: The Importance of having a robust and comprehensive Data Protection strategy
Data protection is experiencing a resurgence. Historically its been seen as an innovation backwater and as “insurance”, but with the growth of Ransomware and cybercrime, and increasing risk, organisations are having to modernize their data protection architectures and strategies to ensure that data can be recovered quickly to ensure that an Organisation can survive an attack. Join this session to learn about the latest innovations in the data protection space and how they can be deployed to provide a comprehensive last line of defence.
David joined Pure Storage in October 2018 as the Rapid Restore Solutions Director and is responsible for the
Rapid Restore solutions roadmap, working with our Data Protection partners (Veritas, Veeam, CommVault & Rubrik) and making sure the Pure sales field have all the tools and enablement they need to be successful. Previously,
David spent a year at Amazon Web Services building a competitive team to work directly with Amazon’s sellers and customers. Before that David spent 17 years at Veritas Technologies in a number of roles – SE, SE Manager and later was responsible for building
a Competitive Intelligence team. He left Veritas as the Director of Competitive and Market Intelligence in 2017.
Lunch / Solutions Showcase open
Cyber-Security: A Case for Information Sharing
Most organizations can not possibly answer, respond or address every cyber threat that presents itself. By cooperating, and sharing cyber threat intelligence, companies can leverage that information to enhance their cyber security posture and better defend themselves.
Chris Stoddard graduated from the U. S. Naval Academy with a Bachelor of Science in Political Science, and went on to serve as an artillery officer and instructor in the U. S. Marine Corps. Chris started his career in the U. S. Secret Service in 1998, assigned to the Richmond Field Office, Richmond, VA. He transferred to the Chicago Field Office, and was assigned to the newly formed Chicago Electronic Crimes Task Force as computer forensics examiner. Following his time in Chicago, Chris was assigned to the Bush Protective Division, Houston, TX as a shift agent and rescue swimmer for former President George H. W. Bush. Upon completion of his protection duties, he transferred to the Miami Field Office, and assigned to the Miami Electronic Crimes Task Force. There he served as a computer/mobile forensics examiner, and group supervisor for the computer forensics laboratory. In 2014, Chris transferred to Pittsburgh, PA where he was assigned to Secret Service’s CERT Liaison Program at the Software Engineering Institute, Carnegie Mellon University. He later assumed the role as program manager/supervisory special agent at CERT, and took on the additional duties as the U. S. Secret Service liaison to the National Cyber Forensics and Training Alliance (NCFTA) in Pittsburgh, PA. In 2018, he assumed the position as the Assistant Special Agent in Charge and Electronic Crimes Task Force supervisor of the Pittsburgh Field Office. Chris retired from the U. S. Secret Service in 2020, after over 32 years in government service. He recently assumed his current duties as the Director of Operations at NCFTA. Chris and his wife Kathi have been married for over twenty-five years, and have three children.
Building Cyber Resilience: Finding Factors not Fault
Given an outcome, we often exaggerate our ability to predict and therefore avoid the same fate. In cybersecurity, this misconception can lead to a false sense of corporate security, or worse, bury the true causes of incidents and lead to repeated data breaches or business disrupting cyber incidents. In this session, we will explore real-world incidents and threats to assemble an actionable cyber resilience framework that adapts to distributed assets, remote workers, and virtual workloads.
Mark Sangster is the author of “NO SAFE HARBOR: The Inside Truth About Cybercrime and How to Protect Your Business.”
Mark is an award-winning speaker at international conferences and prestigious stages including the Harvard Law School, and author on various subjects related to cybersecurity.
He is a contributing author to several leading industry publications (CSO magazine, SC Magazine, LegalTech News), an invited speaker at 40+ conferences a year, and regular guest on well-respected podcasts.
Mark has served on the LegalSEC Council with the International Legal Technology Association (ILTA), and now advises the National Association of Manufacturers (NAM) to establish their cybersecurity policies.
His thought provoking work and perspective on shifting risk trends has influenced industry thought leader, and is a go-to subject matter expert for leading publications and media outlets including the Wall Street Journal and Canadian Broadcast Corporation when covering major data breach events.
His 25-year career was established with industry giants like Intel Corporation, BlackBerry, and Cisco Systems. At BlackBerry, Mark worked on the first secure devices for government agencies. Since then, he has continued to build mutually beneficial relationships with regulatory agencies in key industry sectors including legal, finance, healthcare and manufacturing.
SCHOOL’S IN SESSION: How One University Automated the Sensitive Data Discovery Process to Increase Data Security & Streamline Data Governance
Like many organizations, Point Park University (PPU) — a private liberal arts university located in Pittsburgh, PA — is faced with the complex task of monitoring and managing the location and usage of sensitive data for thousands of users on a variety of devices. The importance of a streamlined approach to data governance presented itself when the school received a cease-and-desist letter requiring PPU to find and delete a copyrighted video that existed on the local laptops without their knowledge. Responding manually to this incident and other information management needs took significant — and costly — time and resources away from the University’s IT team.
Join us Sherpa Software VP of Strategy & Solution Rick Wilson shares details about how the university overcame its security challenge to help the school quickly search vast numbers of unstructured and structured files across their network. He will also discuss audit trails, compliance and reduced security costs. (Extra credit: PPU will save nearly $100,000 annually by adopting the practices outlined in this session.)
All attendees will receive a game plan document that can guide them in formulating a project approach similar to the one discussed in the session. Stop by the Sherpa Software booth to get yours.
In his role as VP of strategy & solutions — Rick Wilson serves as a member of Sherpa’s senior leadership team. His primary focus is aligning Sherpa’s software tools and service offerings to support the organization’s overall strategic direction. As a certified AIIM Information Governance Practitioner and ARMA INFO specialist, he regularly speaks on the topic of data discovery at industry events. In addition, Rick works closely with Sherpa Software partners and clients to maximize the value they realize from Altitude, Sherpa’s signature platform for policy-driven information governance.
Session Details Coming Soon
CyberSecurity Ratings: Market Forces and Future Considerations
In this session, David will examine the most prevalent issues that attribute to third party breaches. He will review the challenges surfaced by the current work from home requirements, new COVID-19 risks, and additional concerns posed by the necessity for expanded collaboration.
He will explain what is a cybersecurity rating, and what are the major factors that comprise one. Comparing this with traditional Vendor Risk Management, he will revisit some of the challenges due to questionnaire exchange, manual processes, third-parties with access to sensitive data, and risk mitigation strategies.
David will explain the key elements included in a Cyber Risk Management solution, and contrast the drawbacks of point-in-time solutions that try to address these risks. Highlighting a recent case study, he discusses key requirements–such as automation, collaboration, centralized insights, prevention, and maximizing ROI–which led to multi-million dollar savings.
Looking to the future, David will share some cybersecurity rating predictions, discussing the major tailwinds in vendor risk management. He will explain how these solutions enable organizations to make more informed, less risky, and decisions faster.
David Ortiz is the Senior Director of Systems Engineering, Western United States and Asia territories, at SecurityScorecard.
With over 20 years in Network and Security industries, David has worked closely with Fortune 500 and SMB companies and partners to architect security solutions, including SaaS, Cloud, Mobile, and Security technologies. He has previously held management positions at HPE, Symantec, and Novell in strategic roles within Engineering, Business Development, Sales, and Services. In addition, he holds certifications from Cisco, Oracle, VMware, Fortinet, to name a few. He has trained hundreds of professionals in networking and security technologies. David holds an MBA from Santa Clara University.
Changing Cyber Landscapes: The Battle of Algorithms
Among rapidly evolving technological advancements, the emergence of AI-enhanced malware is making cyber-attacks exponentially more dangerous, and harder to identify. Mounted at speed and scale, AI-powered cyber-attacks will drastically increase yield for cyber-criminals, and may even result in the subtle manipulation or distortion of information or data.
In the face of offensive AI attacks, organizations are turning to defensive cyber AI, which can identify and neutralize emerging malicious activity, no matter when, or where, it strikes.
In this session, learn about:
David Masson is Darktrace’s Director of Enterprise Security, and has over two decades of experience working in fast moving security and intelligence environments in the UK, Canada and worldwide. With skills developed in the civilian, military and diplomatic worlds, he has been influential in the efficient and effective resolution of various unique national security issues. David is an operational solutions expert and has a solid reputation across the UK and Canada for delivery tailored to customer needs. At Darktrace, David advises strategic customers across North America and is also a regular contributor to major media outlets in Canada where he is based, included CBC and The Globe and Mail. He holds a master’s degree from Edinburgh University.
Session Details Coming Soon
Rise of the Machines: Best Practices for Securing Unmanaged and IoT Devices
For many years now, enterprise networks have seen an explosive rise in devices that are challenging for security teams to secure. These include not only unmanaged devices, but also the extensive portfolio of Internet of Things (IoT) in enterprises such IP cameras, conference room TVs, smart building systems, manufacturing machines and medical devices.
Join Ordr CSO Jeff Horne in this webinar to learn:
Understanding and Combating Credential Stuffing Attacks
Credential stuffing attacks are the most common threats observed at Auth0. These attacks can lead to fraud, loss of reputation, and ultimately, loss of revenue.
In credential stuffing attacks, threat actors use stolen credentials from one breach to take over users’ other accounts. This is effective because, according to Google, 65% of people reuse passwords across multiple accounts. On some days, these attacks originate from more than 50,000 IP addresses and may account for as much as half of all login attempts using our platform. Even the most mature companies are vulnerable if they don’t have the right preventative measures in place.
Join Auth0 to learn:
Chris Scott is a Senior Solutions Engineer at Auth0. Leveraging his past experience in both software development and enterprise sales, Chris provides education and guidance to security professionals looking to strengthen their identity strategy.