welcome / introductions8:50 am - 8:55 am
Data Connectors is proud to host the San Antonio & Austin Virtual Cybersecurity Summit.
Session One8:55 am - 9:15 am
Okta is the leading independent provider of identity for the enterprise. The Okta Identity Cloud enables organizations to both secure and manage their extended enterprise, and transform their customers’ experiences. With over 5,500 pre-built integrations to applications and infrastructure providers, Okta customers can easily and securely adopt the technologies they need to fulfill their missions. Over 5,150 organizations, including 20th Century Fox, JetBlue, Nordstrom, Slack, Teach for America and Twilio trust Okta to securely connect their people and technology.
Session Two9:15 am - 9:35 am
Managing Digital Risk Amid Disruption
Digital transformation is not only changing how companies think about business. It is changing how we think about risk. We need to *act* on risk, not worry about it. We need to start and end with the basics. In this session we review several key areas of digital risk management to target as you are challenged to be a key contributor in your company’s digital journey.
Ben Smith is Field Chief Technology Officer (Field CTO – US) with RSA, a Dell Technologies business. With 25 years’ experience in the information security, networking and telecommunications industries, he regularly consults on RSA’s security and risk management solutions. His prior employers include UUNET, CSC, and the US Government, along with several technology-oriented startups. He holds industry certifications in information security (CISSP), risk management (CRISC), and privacy (CIPT), and has presented on RSA’s behalf internationally at cybersecurity events sponsored by Gartner, FS-ISAC, SANS, IANS, CERT/SEI, RSAC, ISSA, (ISC)2, ISACA, Infosecurity, IIA, RMA, BSides, ASIS, InfraGard, HTCIA, SecureWorld, MWCA, ICI and other organizations.
session three9:35 am - 9:55 am
Threat Hunting & Modern Security: 3 Fundamental Flaws
Security Operations is a discipline continuously evolving – with the evolution of tools and processes, there are still many flaws that exist around people & process. We will examine 3 specific flaws of modern security operations: 1.) Risk Acceptance 2.) SOC Alert Overload 3.) Inability to mitigate all Zero-Day Attacks.
We will start the discussion with a quick SOC capacity expertise, review in detail the 3 fundamental security flaws, revisit the math from the SOC capacity exercise to understand “what is being missed based upon my current capacity?” We will also cover costs to the business for associated with these flaws and wrap up with some suggestions for mitigation.
Jim Rohde, Director of Presales Engineering at CRITICALSTART is responsible for leading a team of security experts supporting technical conversations for CRITICALSTART’s products & services, including their flagship offering: Managed Detection & Response. Prior to CRITICALSTART, Jim held leadership roles at large Managed Security Service providers including Secureworks & Trustwave where he has received numerous awards for customer & company exceeding objectives. Jim’s expertise in a multitude of security domains over his career has made him a sought after Trusted advisor for organizations of all sizes.
Session Four10:20 am - 10:40 am
Best Practices for Implementing a Multi-Cloud, Security, Compliance and Governance Program
Lack of visibility of cloud assets, identifying misconfigurations and enforcing security, regulatory and corporate compliance policies are the most common problems experienced when migrating to the public cloud. According to Gartner, “through 2025, at least 99% of cloud security failures will be the customer’s fault.”
This session will explore the challenges of the Public Cloud Shared Responsibility Model, and present a 6-step process that can be used to develop a more secure public cloud framework for your business.
We will show how new solutions for Cloud Security Posture Management can provide a “single source of truth” for managing the complexity of multi-cloud infrastructures, all while enforcing your governance and compliance policies.
Lee is a Cloud Security Specialist Check Point engaging with customers in the southeast to enable and accelerate their digital transformation and cloud initiatives, by designing secure, compliant solutions that protect their corporate assets and data in the public cloud.
Before joining Check Point, Lee held Sales, Management and Business Development positions focused on emerging services with technology leaders, including AT&T, HP, IBM, Equinix and NetApp.
He has deep industry knowledge across WAN, IT infrastructure, data center, private, hybrid and public clouds, and first-hand experience working with hundreds of enterprise customers across the US.
session six11:00 am - 11:20 am
Developing Your Identity Strategy
Remember when identity management meant creating new accounts and resetting user’s passwords? Over the years, digital identity has evolved into much, MUCH more. Your identity program now includes not just identity management, but also access management, privilege management, and even customer identity management, all of this falling under the umbrella of identity governance. More importantly, identity has shifted from being a basic operations function to the cornerstone for business enablement and digital transformation. In this presentation, Rob walks you through key considerations when developing your identity strategy to help you improve the current state of your program while building a solid foundation for the future of your identity program.
Rob is a veteran of the cybersecurity industry with over 20 years of experience. Throughout his career he has focused on Identity governance & access management, as well as APIs & microservices. Rob’s ability to address both business and technical requirements, and provide effective solutions has enabled him to become a trusted advisor for clients across multiple industries. Rob holds a Bachelor of Technology Management, a MSc in IT, and Advanced Certificates in Telecommunications Management and Enterprise Architecture. When not working with clients, he enjoys outdoor activities with family, gaming, and having lively conversations.
morning Q&A session11:20 am - 11:45 am
This session will feature all of the presenters from the morning agenda, answering questions from the audience live via video, in a panel format. Each presenter will take questions that pertain to their topic, and if there is time, they will also respond to a few questions about larger trends and directions that face all members of the cyber-security community.
Lunch Break11:45 am - 12:10 pm
Lunch / Solutions Showcase Open
keynote12:10 pm - 1:00 pm
The Cybersecurity and Infrastructure Security Agency (CISA) is the Nation’s risk advisor and at the heart of mobilizing a collective defense as we lead the Nation’s efforts to understand and manage risk to our critical infrastructure. Considering a large majority of our critical infrastructure is owned and operated by the private sector, collaboration is imperative to secure and allow us to address the systemic risks facing U.S. critical infrastructure. This talk discusses how CISA is working with partners to defend against today’s threats and collaborating to build a more secure and resilient infrastructure for the future.
George Reeves is a Cybersecurity Advisor with the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.
Mr. Reeves works to foster collaboration and coordination on cyber preparedness, risk mitigation and incident response, and to provide cyber security resources, including training, exercises, and assessments, in support of the nation’s Critical Infrastructure Key Resource sectors and with state and local government.
Session seven1:00 pm - 1:20 pm
The Last Line of Defense:
The Importance of having a robust and comprehensive Data Protection strategy
Data protection is experiencing a resurgence. Historically its been seen as an innovation backwater and as “insurance”, but with the growth of ransomware and cyber crime, and increasing risk, organisations are having to modernize their data protection architectures and strategies to ensure that data can be recovered quickly to ensure that an Organisation can survive an attack. Join this session to learn about the latest innovations in the data protection space and how they can be deployed to provide a comprehensive last line of defence.
David joined Pure Storage in October 2018 as the Rapid Restore Solutions Director and is responsible for the Rapid Restore solutions road map, working with our Data Protection partners (Veritas, Veeam, CommVault & Rubrik) and making sure the Pure sales field have all the tools and enablement they need to be successful. Previously, David spent a year at Amazon Web Services building a competitive team to work directly with Amazon’s sellers and customers. Before that David spent 17 years at Veritas Technologies in a number of roles – SE, SE Manager and later was responsible for building a Competitive Intelligence team. He left Veritas as the Director of Competitive and Market Intelligence in 2017.
Session Eight1:20 pm - 1:40 pm
Cyber Resilience: Rethinking your data protection strategy in the age of ransomware.
Ransomware threats increased by 300% last year, and the industry is expecting it to get worse. Ransomware victims’ greatest pains are downtime and data loss. Current DR and Backup solutions aren’t equipped to help you manage it at the speed of business. Join us for this discussion on how to transform your data protection approach to ensure you can protect your data and resume operations almost instantly when facing a ransomware attack. See you there!
Andy Fernandez is a Global Product Marketing Manager at Zerto. With a focus on product marketing and launches, he strives to translate technical innovation to business value. After spending years in various technology companies and entrepreneurship pursuits, Andy is focused on launching industry-leading products and accelerating their adoption.
session ten2:25 pm - 2:45 pm
Offensive AI vs. Defensive AI: Battle of the Algorithms
Among rapidly evolving technological advancements, the emergence of AI-enhanced malware is making cyber-attacks exponentially more dangerous and harder to identify. In the near future, we will begin to see supercharged, AI-powered cyber-attacks leveraged at scale. To protect against Offensive AI attacks, organizations are turning to defensive cyber AI, which can identify and neutralize emerging malicious activity, no matter when, or where, it strikes.
In this session, learn about:
- Paradigm shifts in the cyber landscape
- Advancements in offensive AI attack techniques
- The Immune System Approach to cyber security and defensive, Autonomous Response capabilities
- Real-world examples of emerging threats that were stopped with Cyber AI
David Masson is Darktrace’s Director of Enterprise Security, and has over two decades of experience working in fast moving security and intelligence environments in the UK, Canada and worldwide. With skills developed in the civilian, military and diplomatic worlds, he has been influential in the efficient and effective resolution of various unique national security issues. David is an operational solutions expert and has a solid reputation across the UK and Canada for delivery tailored to customer needs. At Darktrace, David advises strategic customers across North America and is also a regular contributor to major media outlets in Canada where he is based, included CBC and The Globe and Mail. He holds a master’s degree from Edinburgh University.
session eleven2:45 pm - 3:05 pm
Threat Landscape Review of Current Trends in 2020
The purpose of this brief is to provide a threat intelligence review of the most current threat actor trends across both eCrime and nation-state adversaries. This brief will cover changes in tactics, techniques, and procedures (TTPs), how ransomware is continuing to evolve, as well as a review of how threat actors are exploiting current worlds events (such as COVID-19). Additionally, this presentation will include use cases around how organizations can operationalize threat intelligence in order to empower a more defensible environment within their organizations.
Global Director – Strategic Threat Advisory Group: I am an internationally experienced intelligence, cybersecurity, and national defense leader with 13+ years experience innovating at the intersection of security operations and technology. Over the course of my career, I have protected Fortune 500 companies and government agencies by conceiving of solutions to the problems presented by the world’s most dangerous adversaries.
I currently serve as a Director at CrowdStrike where I provide threat intelligence thought leadership to commercial and government organizations throughout the globe. Prior to CrowdStrike, I served as a Manager at Deloitte where I led the development of threat intelligence programs for Fortune 500 clients and large U.S. federal government agencies. I am also a veteran of the United States armed forces where I served for over six and a half years in the U.S. Army as an Intelligence Officer and attained the rank of Captain. While in the Army, I participated in a variety of intelligence roles, including assignments at the National Security Agency (NSA), United States Cyber Command (USCYBERCOM), as well as served in combat tours overseas.
Session twelve3:05 pm - 3:30 pm
Identity and Access Management: Embracing the complexity
Admittedly, IAM can be intimidating. Ensuring company assets are being accessed only by those who are authorized is a crucial, non-trivial task but we should embrace the challenge. In this session we will discuss the complexities of IAM by reviewing what digital identity really is, and what challenges exist when implementing access management controls. We will discuss a typical IAM use-case and how we can embrace its complexities while avoiding the need for large architectural changes.
Hello! I’m Matt, a cybersecurity engineer with a desire to make our online world safer and more secure. In the years leading to Auth0, I have co-founded a Toronto based startup Jukebox, previously Booth & Bottle which has over 5000+ users, I’ve built a fully-functioning ticketing platform called xTickets, I have worked for a worldwide VPN company that was acquired (twice!) which led to my work in security at Symantec, and in my early years while in university, I managed the IT and infrastructure for numerous corporate organizations. If we haven’t met before you’ll likely find me in a local coffee shop reading security white papers, writing code, watching DEFCON videos, or on hackthebox.eu. If I’m not there I’ll be at your local gym pumping iron. Security Certifications: CISSP (In Progress), Penetration Testing with Kali Linux, Certified Ethical Hacker, ComTIA Security+.
afternoon Q&A session3:35 pm - 4:00 pm
This session will feature all of the presenters from the afternoon agenda, answering questions from the audience live via video, in a panel format. Each presenter will take questions that pertain to their topic, and if there is time, they will also respond to a few questions about larger trends and directions that face all members of the cyber-security community.