Welcome / Introductions8:50 am - 8:55 am
Data Connectors is proud to host the Great Lakes Virtual Cybersecurity Summit.
Session One8:55 am - 9:15 am
Surviving the Digital Storm – IoT Security Deluge
We are on the verge of entering our 4th industrial revolution: the era of the Internet of Things (IoT). IoT is a broad term that comes to describe physical devices, embedded with electronics, software, sensors, actuators and network connectivity – all capable of collecting and exchanging data with other devices. The direct communications and data sharing between devices – among themselves or directly with various cloud services – are aimed to shorten development cycles, reduce energy consumption, enable precise view of a device status, and to streamline business processes with higher efficiency.
This revolution has already impacted various industries including healthcare, automotive, industrial control systems, transportation and smart homes. Due to the wide variety of attacks on IoT, there is a need for a substantial granularity while managing the security policies of these devices. IoT delivers the promise of becoming the next industrial revolution, and driving the next generation of efficiency and productivity. But this revolution will not flourish unless cyber security becomes one of its corner stones.
Joel Hollenbeck is a Cyber Security Visionary with the Office of the CTO at Check Point Software Technologies Inc., the worldwide leader in securing the Internet. His background includes over 20 years of experience deploying application protection and network-based security. Mr. Hollenbeck has been securing networks and systems since 1994, including developing and executing on strategies to connect some of the most sensitive networks for the Federal Government and Financial Institutions to the Internet in the earliest days of commercial internet connectivity. Mr. Hollenbeck has served as a consulting Security Architect with Check Point Software Technologies advising a wide variety of clients across many verticals on Security Best Practices, Security Architecture, and deriving the maximum value from investments in security, prior to joining Check Point, Mr. Hollenbeck has held various security engineering, leadership and executive roles within organizations local to St Louis.
Session Two9:15 am - 9:35 am
Managing Digital Risk Amid Disruption
Digital transformation is not only changing how companies think about business. It is changing how we think about risk. We need to *act* on risk, not worry about it. We need to start and end with the basics. In this session we review several key areas of digital risk management to target as you are challenged to be a key contributor in your company’s digital journey.
Ben Smith is Field Chief Technology Officer (Field CTO – US) with RSA, a Dell Technologies business. With 25 years’ experience in the information security, networking and telecommunications industries, he regularly consults on RSA’s security and risk management solutions. His prior employers include UUNET, CSC, and the US Government, along with several technology-oriented startups. He holds industry certifications in information security (CISSP), risk management (CRISC), and privacy (CIPT), and has presented on RSA’s behalf internationally at cybersecurity events sponsored by Gartner, FS-ISAC, SANS, IANS, CERT/SEI, RSAC, ISSA, (ISC)2, ISACA, Infosecurity, IIA, RMA, BSides, ASIS, InfraGard, HTCIA, SecureWorld, MWCA, ICI and other organizations.
session three9:35 am - 9:55 am
The Evolution of Ransomware
One constant truth Sophos has found over our 30 years of creating effective defenses against ever-changing threats: there is no silver bullet in security. Solutions need to evolve and adapt to new and emerging threats all the time. When it comes to ransomware, the same rules apply. Bad actors are finding ways to exploit your organization’s weaknesses and their bag of tricks is continuously growing. You need an adaptive approach to keep up and defend your organization. Join our experts as they discuss ways you can navigate the dangerous waters where bad actors lurk.
With over 17 years of experience in IT security, Brandon currently serves as a product specialist at Sophos. Throughout his career, he has been a member of the United States Air Force, worked for EDS and HP in Data Center Hosting, and spent several years as a security architect specializing in HIPAA and PCI Compliance. At Sophos, he has been primarily focused on educating clients on the latest malware threats and how to best architect their environments to guard against them.
Session four10:20 am - 10:40 am
Automate or Die Trying: The New Cybersecurity Reality
As the nature of threats continue to evolve as well as the volume of threats increase, a new reality is setting upon cybersecurity teams – automation. Paired with human error and the insurmountable amount of data to manage, it is inevitable that a potential threat will slip through the cracks for businesses who rely too heavily on manual process.
Implementing automation could be vital in order to reliably protect your organization and ensure resilience through robust and repeatable processes.
Join our leading security and product development experts to learn:
- Key security considerations when implementing automation programs
- Advice for how companies can begin finding success with AI and machine learning
With 10 years’ experience, Ryan Smith is Vice President of Product, responsible for bringing to market a world-class cloud security and compliance platform. In his current role, Ryan is responsible for the product vision and strategy, product delivery execution, and product culture at Armor. In previous roles, he served as the Director of Product Marketing for Armor, Director of Product for SandBox Commerce, and MuvData Product Manager for The New Office, Inc focused on bringing SaaS technologies to market for modern enterprises. Ryan holds a PhD in Mass Media and Communication Studies from European Graduate School.
Session Five10:40 am - 11:00 am
Reducing Friction and Managing Remote Work Environments
The business world has changed and many of those changes, like remote working, are here to stay. And keeping your teams safe during this period is a no-brainer—as is making sure their remote endpoints are managed and secure. But with these changes come a list of concerns and issues that many organizations just are not ready to address, sometimes highlighting legacy support policies and even out-of-standard technological needs. The friction of everyday management of the full enterprise has increased, putting a strain on the IT and support staff as well as the users.
During this presentation, I will address common areas of friction in endpoint management as well as ways to pinpoint friction in your environment, and finally ways to address the problems and setup your organization for scalability with endpoint management.
Richard Melick has spent over a decade advancing through the security industry with his considerable experience and considerable focus on the stories surrounding ransomware, hacking, and cyber attacks. He has been a security speaker on five continents and has even advised royalty on how to make and distribute ransomware.
Morning q&a session11:20 am - 11:45 am
This session will feature all of the presenters from the morning agenda, answering questions from the audience live via video, in a panel format. Each presenter will take questions that pertain to their topic, and if there is time, they will also respond to a few questions about larger trends and directions that face all members of the cyber-security community.
Lunch11:45 am - 12:10 pm
Lunch / Solutions Showcase open
Session Seven1:00 pm - 1:20 pm
Building Cyber Resilience: Finding Factors not Fault
Given an outcome, we often exaggerate our ability to predict and therefore avoid the same fate. In cybersecurity, this misconception can lead to a false sense of corporate security, or worse, bury the true causes of incidents and lead to repeated data breaches or business disrupting cyber incidents. In this session, we will explore real-world incidents and threats to assemble an actionable cyber resilience framework that adapts to distributed assets, remote workers, and virtual workloads.
As a member of the LegalSec Council with the International Legal Technology Association (ILTA), Mark Sangster is a cybersecurity evangelist who has spent significant time researching and speaking to peripheral factors influencing the way that legal firms integrate cybersecurity into their day-to-day operations. In addition to his passion for cybersecurity, Mark’s 20-year sales and marketing career was established with industry giants like Intel Corporation, BlackBerry, and Cisco Systems. Mark’s experience unites a strong technical aptitude and an intuitive understanding of regulatory agencies. During his time at BlackBerry, Mark worked on the first secure devices for government agencies. Since then, he has continued to build mutually beneficial relationships with regulatory agencies in key sectors. Mark holds a Bachelor’s degree in Psychology from the University of Western Ontario and a Business Diploma from Humber College.
Session eight1:20 pm - 1:40 pm
Learn from Fortune 100 Leaders: Protecting Remote Data
Even prior to COVID-19, more people were working from home than ever before. According to the Bureau of Labor, 25% of Americans performed some work from their homes in 2017-2018. Additionally, according to the Federal Reserve, the share of the workforce that works from home has tripled in the last 15 years. It seems apparent that remote working will be an even higher percentage of the workforce post COVID-19.
In this session, we will share remote workstation data risk management approaches from our Fortune 100 customers. You’ll hear how these enterprise leaders have located, analyzed, classified and remediated data located on employee and contractor PCs, such as .PST files and how to easily identify PII, such as social security number, names, addresses, etc.
Don’t worry you won’t need a Fortune 100 budget to implement these same approaches in your organization. Session attendees and Sherpa Software booth visitors will receive a free remote workstation data risk assessment so that you can discover the sensitive data lurking on your remote workstations.
In his role as VP of strategy & solutions — Wilson serves as a member of Sherpa’s senior leadership team. His primary focus is aligning Sherpa’s software tools and service offerings to support the organization’s overall strategic direction. As a certified AIIM Information Governance Practitioner and ARMA INFO specialist, he regularly speaks on the topic of data discovery at industry events. In addition, he works closely with Sherpa Software partners and clients to maximize the value they realize from Altitude, Sherpa’s signature platform for policy-driven information governance.
Session Nine1:40 pm - 2:00 pm
Three Things You Need to Know About New CCPA Regulations
This presentation describes the many cyber security requirements of the California Consumer Privacy Act and offers insights into effectively meeting them in advance of the July 1, 2020 deadline. Included is an analysis of additional requirements recently published by the California Attorney General.
- Understand the most pressing elements of the Regulations
- Learn how to prioritize and rationalize your compliance efforts
- How to leverage your efforts in advance of CCPA 2.0
Scott M. Giordano is an attorney with more than 20 years of legal, technology, and risk management consulting experience. An IAPP Fellow of Information Privacy and a Certified Information Security Systems Professional (CISSP), Scott serves as Spirion’s subject matter expert on multinational data protection and its intersection with technology, export compliance, internal investigations, information governance, and risk management. Prior to joining Spirion, he served as Director, Data Protection for Robert Half Legal and established the global privacy program for Esterline Technologies Corporation in Bellevue, WA.
During his career, Scott has held senior positions at several legal technology firms and is listed as co-inventor on Intelligent Searching of Electronically Stored Information, patent application no. 13/842,910. In addition, he taught the first law school course anywhere on electronic evidence and e-discovery.
Scott is a member of the bar in Washington state, California, and the District of Columbia.
Session Ten2:25 pm - 2:45 pm
Offensive AI vs. Defensive AI: Battle of the Algorithms
Among rapidly evolving technological advancements, the emergence of AI-enhanced malware is making cyber-attacks exponentially more dangerous and harder to identify. In the near future, we will begin to see supercharged, AI-powered cyber-attacks leveraged at scale. To protect against Offensive AI attacks, organizations are turning to defensive cyber AI, which can identify and neutralize emerging malicious activity, no matter when, or where, it strikes.
In this session, learn about:
- Paradigm shifts in the cyber landscape
- Advancements in offensive AI attack techniques
- The Immune System Approach to cyber security and defensive, Autonomous Response capabilities
- Real-world examples of emerging threats that were stopped with Cyber AI
David Masson is Darktrace’s Director of Enterprise Security, and has over two decades of experience working in fast moving security and intelligence environments in the UK, Canada and worldwide. With skills developed in the civilian, military and diplomatic worlds, he has been influential in the efficient and effective resolution of various unique national security issues. David is an operational solutions expert and has a solid reputation across the UK and Canada for delivery tailored to customer needs. At Darktrace, David advises strategic customers across North America and is also a regular contributor to major media outlets in Canada where he is based, included CBC and The Globe and Mail. He holds a master’s degree from Edinburgh University.
session eleven2:45 pm - 3:05 pm
Rise of the Machines: Best Practices for Securing Unmanaged and IoT Devices
For many years now, enterprise networks have seen an explosive rise in devices that are challenging for security teams to secure. These include not only unmanaged devices, but also the extensive portfolio of Internet of Things (IoT) in enterprises such IP cameras, conference room TVs, smart building systems, manufacturing machines and medical devices.
Join Ordr CSO Jeff Horne in this webinar to learn:
- Risks and vulnerabilities associated with unmanaged and IoT devices
- Why traditional networking and security tools fall short
- Security best practices to protect these devices without impacting business operations
session twelve3:05 pm - 3:30 pm
Identity and Access Management: Embracing the complexity
Admittedly, IAM can be intimidating. Ensuring company assets are being accessed only by those who are authorized is a crucial, non-trivial task but we should embrace the challenge. In this session we will discuss the complexities of IAM by reviewing what digital identity really is, and what challenges exist when implementing access management controls. We will discuss a typical IAM use-case and how we can embrace its complexities while avoiding the need for large architectural changes.
Hello! I’m Matt, a cybersecurity engineer with a desire to make our online world safer and more secure. In the years leading to Auth0, I have co-founded a Toronto based startup Jukebox, previously Booth & Bottle which has over 5000+ users, I’ve built a fully-functioning ticketing platform called xTickets, I have worked for a worldwide VPN company that was acquired (twice!) which led to my work in security at Symantec, and in my early years while in university, I managed the IT and infrastructure for numerous corporate organizations. If we haven’t met before you’ll likely find me in a local coffee shop reading security white papers, writing code, watching DEFCON videos, or on hackthebox.eu. If I’m not there I’ll be at your local gym pumping iron. Security Certifications: CISSP (In Progress), Penetration Testing with Kali Linux, Certified Ethical Hacker, ComTIA Security+.
afternoon q&a session3:35 pm - 4:00 pm
This session will feature all of the presenters from the afternoon agenda, answering questions from the audience live via video, in a panel format. Each presenter will take questions that pertain to their topic, and if there is time, they will also respond to a few questions about larger trends and directions that face all members of the cyber-security community.
CISO PANEL4:10 pm - 5:00 pm
Closing Session + Prize Drawing
Solution Showcase Open Until 6:00 pm