Welcome / Introductions9:00 am - 9:05 am
Data Connectors is proud to host the St. Louis & Oklahoma Virtual Cybersecurity Summit.
Session One9:05 am - 9:30 am
Threat Hunting & Modern Security: 3 Fundamental Flaws
Security Operations is a discipline continuously evolving – with the evolution of tools and processes , there are still 3 fundamental flaws that exist with Modern Security Operations. We will examine 3 specific flaws of modern security operations:
- Risk Acceptance
- SOC Alert Overload
- Inability to mitigate all Zero-Day Attacks.
We will start the discussion with a quick SOC capacity expertise, review in detail the 3 fundamental security flaws, revisit the math from the SOC capacity exercise to understand “what is being missed based upon my current capacity?” We will also cover costs to the business for associated with these flaws and wrap up with some suggestions for mitigation.
Jim Rohde, Director of Presales Engineering at CRITICALSTART is responsible for leading a team of security experts supporting technical conversations for CRITICALSTART’s products & services, including their flagship offering: Managed Detection & Response. Prior to CRITICALSTART, Jim held leadership roles at large Managed Security Service providers including Secureworks & Trustwave where he has received numerous awards for customer & company exceeding objectives. Jim’s expertise in a multitude of security domains over his career has made him a sought after Trusted advisor for organizations of all sizes.
Session Two9:30 am - 9:55 am
Cyber Resilience: Rethinking your data protection strategy in the age of ransomware.
Ransomware threats increased by 300% last year, and the industry is expecting it to get worse. Ransomware victims’ greatest pains are downtime and data loss. Current DR and Backup solutions aren’t equipped to help you manage it at the speed of business. Join us for this discussion on how to transform your data protection approach to ensure you can protect your data and resume operations almost instantly when facing a ransomware attack. See you there!
Andy Fernandez is a Global Product Marketing Manager at Zerto. With a focus on product marketing and launches, he strives to translate technical innovation to business value. After spending years in various technology companies and entrepreneurship pursuits, Andy is focused on launching industry-leading products and accelerating their adoption.
Session Three9:55 am - 10:20 am
Vision of Cyber Security
We are on the verge of entering our 4th industrial revolution: the era of the Internet of Things (IoT). IoT is a broad term that comes to describe physical devices, embedded with electronics, software, sensors, actuators and network connectivity – all capable of collecting and exchanging data with other devices. The direct communications and data sharing between devices – among themselves or directly with various cloud services – are aimed to shorten development cycles, reduce energy consumption, enable precise view of a device status, and to streamline business process with higher efficiency.
This revolution has already impacted various industries including healthcare, automotive, industrial control systems, transportation and smart homes. Due to the wide variety of attacks on IoT, there is a need for a substantial granularity while managing the security policies of these devices. IoT delivers the promise of becoming the next industrial revolution, and driving the next generation of efficiency and productivity. But this revolution will not flourish unless cyber security becomes one of its corner stones.
Joel Hollenbeck is a Cyber Security Visionary with the Office of the CTO at Check Point Software Technologies Inc., the worldwide leader in securing the Internet. His background includes over 20 years of experience deploying application protection and network-based security. Mr. Hollenbeck has been securing networks and systems since 1994, including developing and executing on strategies to connect some of the most sensitive networks for the Federal Government and Financial Institutions to the Internet in the earliest days of commercial internet connectivity. Mr. Hollenbeck has served as a consulting Security Architect with Check Point Software Technologies advising a wide variety of clients across many verticals on Security Best Practices, Security Architecture, and deriving the maximum value from investments in security, prior to joining Check Point, Mr. Hollenbeck has held various security engineering, leadership and executive roles within organizations local to St Louis.
Session Four10:35 am - 11:00 am
About Attivo Networks
Attivo Networks® is the leader in deception for cyber security defense. Founded in 2011, Attivo Networks provides a comprehensive deception platform that in real-time detects inside-the-network intrusions in networks, public and private data centers, and specialized environments such as Industrial Control System (ICS) SCADA, Internet of Things (IoT), and Point of Sale (POS) environments. Founded on the premise that even the best security systems cannot prevent all attacks, Attivo provides the required visibility and actionable, substantiated alerts to detect, isolate, and defend against cyber attacks. Unlike prevention systems, Attivo assumes the attacker is inside the network and uses high-interaction decoys and endpoint, server, and application deception lures placed ubiquitously across the network to deceive threat actors into revealing themselves.
session five11:00 am - 11:25 am
Automate or Die Trying: The New Cybersecurity Reality
As the nature of threats continue to evolve as well as the volume of threats increase, a new reality is setting upon cybersecurity teams – automation. Paired with human error and the insurmountable amount of data to manage, it is inevitable that a potential threat will slip through the cracks for businesses who rely too heavily on manual process.
Implementing automation could be vital in order to reliably protect your organization and ensure resilience through robust and repeatable processes.
Join our leading security and product development experts to learn:
- Key security considerations when implementing automation programs
- Advice for how companies can begin finding success with AI and machine learning
With 10 years’ experience, Ryan Smith is Vice President of Product, responsible for bringing to market a world-class cloud security and compliance platform. In his current role, Ryan is responsible for the product vision and strategy, product delivery execution, and product culture at Armor. In previous roles, he served as the Director of Product Marketing for Armor, Director of Product for SandBox Commerce, and MuvData Product Manager for The New Office, Inc focused on bringing SaaS technologies to market for modern enterprises. Ryan holds a PhD in Mass Media and Communication Studies from European Graduate School.
session six11:25 am - 11:50 am
Reducing Friction and Managing Remote Work Environments
The business world has changed and many of those changes, like remote working, are here to stay. And keeping your teams safe during this period is a no-brainer—as is making sure their remote endpoints are managed and secure. But with these changes come a list of concerns and issues that many organizations just are not ready to address, sometimes highlighting legacy support policies and even out-of-standard technological needs. The friction of everyday management of the full enterprise has increased, putting a strain on the IT and support staff as well as the users.
During this presentation, I will address common areas of friction in endpoint management as well as ways to pinpoint friction in your environment, and finally ways to address the problems and setup your organization for scalability with endpoint management.
Richard Melick has spent over a decade advancing through the security industry with his considerable experience and considerable focus on the stories surrounding ransomware, hacking, and cyber attacks. He has been a security speaker on five continents and has even advised royalty on how to make and distribute ransomware.
Morning q&a session11:50 am - 12:20 pm
This session will feature all of the presenters from the morning agenda, answering questions from the audience live via video, in a panel format. Each presenter will take questions that pertain to their topic, and if there is time, they will also respond to a few questions about larger trends and directions that face all members of the cyber-security community.
lunch break12:20 pm - 12:40 pm
session seven1:40 pm - 2:05 pm
Threat Intelligence and Layered Security in the Modern Era
The term ‘Threat Intelligence’ has always attracted lots of hype and attention, but what does it actually mean? And, more importantly, how can it help you protect your network? In this presentation, we’ll discuss what Threat Intelligence really looks like in the context of a layered security approach and we’ll use real-world examples to show how it can even improve a network’s defenses at the perimeter while saving your analyst’s time.
Ted has worked with web and network security technologies for more than 20 years. He began his career in technology as a full-stack engineer in web development and design. As Chief Operating Officer, Ted guides the overall operations of Sentinel IPS, the CINS Active Threat Intelligence System, and all other supporting technologies. You may also find him presenting at an information security conference or trade show, spreading the word about shared threat intelligence.
One of Sentinel’s first employees, Ted is not afraid to get his hands dirty supporting Sentinel customers or lending a hand in Sentinel software development. Ted received his Bachelor of Business Administration from the University of Iowa (Go Hawks!) and his Master of Education (Secondary Mathematics) from the University of North Texas.
He resides in the DFW area with his wife and two sons, which keep him busy on seemingly every karate dojo and auditorium in the North Texas area. He can also be found swinging a hammer for Habitat for Humanity or riding his beloved bicycle for Team in Training.
Session Eight2:05 pm - 2:30 pm
Developing Your Identity Strategy
Remember when identity management meant creating new accounts and resetting user’s passwords? Over the years, digital identity has evolved into much, MUCH more. Your identity program now includes not just identity management, but also access management, privilege management, and even customer identity management, all of this falling under the umbrella of identity governance. More importantly, identity has shifted from being a basic operations function to the cornerstone for business enablement and digital transformation. In this presentation, Rob walks you through key considerations when developing your identity strategy to help you improve the current state of your program while building a solid foundation for the future of your identity program.
Rob is a veteran of the cybersecurity industry with over 20 years of experience. Throughout his career he has focused on Identity governance & access management, as well as APIs & microservices. Rob’s ability to address both business and technical requirements, and provide effective solutions has enabled him to become a trusted advisor for clients across multiple industries. Rob holds a Bachelor of Technology Management, a MSc in IT, and Advanced Certificates in Telecommunications Management and Enterprise Architecture. When not working with clients, he enjoys outdoor activities with family, gaming, and having lively conversations.
Session Nine2:30 pm - 2:55 pm
Identity and Access Management: Embracing the complexity
Admittedly, IAM can be intimidating. Ensuring company assets are being accessed only by those who are authorized is a crucial, non-trivial task but we should embrace the challenge. In this session we will discuss the complexities of IAM by reviewing what digital identity really is, and what challenges exist when implementing access management controls. We will discuss a typical IAM use-case and how we can embrace its complexities while avoiding the need for large architectural changes.
Hello! I’m Matt, a cybersecurity engineer with a desire to make our online world safer and more secure. In the years leading to Auth0, I have co-founded a Toronto based startup Jukebox, previously Booth & Bottle which has over 5000+ users, I’ve built a fully-functioning ticketing platform called xTickets, I have worked for a worldwide VPN company that was acquired (twice!) which led to my work in security at Symantec, and in my early years while in university, I managed the IT and infrastructure for numerous corporate organizations. If we haven’t met before you’ll likely find me in a local coffee shop reading security white papers, writing code, watching DEFCON videos, or on hackthebox.eu. If I’m not there I’ll be at your local gym pumping iron. Security Certifications: CISSP (In Progress), Penetration Testing with Kali Linux, Certified Ethical Hacker, ComTIA Security+.
session ten3:10 pm - 3:35 pm
Introduction to Proactive Prevention
Despite continued infosec investments, data breaches continue while companies contend with complicated security architectures composed of disconnected technologies that produce mountains of non-actionable data. A renewed focus on prevention may hold the answer. Security architecture can be broken down into three main elements: Prevention, Detection and Remediation. Prevention should be considered the most strategically important defense element, as by default good true time zero prevention dramatically reduces latency, risks and operational costs of the security structure as a whole. As advanced threats evolve and data center transformation forces enterprise teams to consolidate security, the need for faster, easier and more deterministic threat prevention is essential, thus corporations need to consider a purpose-built stack of true prevention capabilities, that isn’t available in a singular off-the-shelf solution, and add Detection based tools, which by definition have a huge latency, false alerts and are cost prohibitive, where and when appropriate, but not as a prevention tool.
Netta Schmeidler, VP Product at Morphisec, has more than 25 years of experience delivering complex enterprise applications and managing global development groups and product teams. Her broad expertise includes all aspects of defining, building and successfully bringing solutions to market. Prior to Morphisec, Netta held senior product management and engineering roles at VMware (Digital Fuel), BMC, Identify Software, and Mercury. She received an MBA from Tel Aviv University, and a BSc in Computer Science from Hebrew University.
session eleven3:35 pm - 4:00 pm
Session Details Coming Soon
Afternoon Q&A session4:00 pm - 4:20 pm
This session will feature all of the presenters from the afternoon agenda, answering questions from the audience live via video, in a panel format. Each presenter will take questions that pertain to their topic, and if there is time, they will also respond to a few questions about larger trends and directions that face all members of the cyber-security community.
Closing Session + Prize Drawing
Solution Showcase Open Until 6:00 pm