Agenda

  • Wed 31st Oct 08:30 - 09:20
  • The State of Hacking & Cybercrime Add to Schedule Samy Kamkar   |   Independent   |   The Keynote

    The Keynote Theatre

    Wed 31st Oct 08:30 to 09:20

    The State of Hacking & Cybercrime

    Samy Kamkar: Fun, Fascinating, Terrifying

     

    Meet the man who changed the internet forever.

     

    Best known for creating the fastest spreading virus of all time, the MySpace Worm, Samy Kamkar is a cyber security expert whose work is cited by the NSA, triggers hearings on Capitol Hill, and is used as the basis for security advancements across virtually all web browsers, smartphones, and other technologies. He is speaking at Cyber Security Dallas about the insecurities in every day technologies in his seminar “The State of Hacking and Cyber Crime” which is described as revealing something fun, fascinating and terrifying. Expect eye opening live hacks, demonstrations & audience involvement from the hacker that changed the internet forever.

    Speaker

    Photo Speaker Name Profile
    Samy Kamkar Samy Kamkar View Profile
  • Wed 31st Oct 09:30 - 10:00
  • AI-Based Autonomous Response: Are Humans Ready? Add to Schedule Nicole Eagan  |   Darktrace  |   The Keynote

    The Keynote Theatre

    Wed 31st Oct 09:30 to 10:00

    AI-Based Autonomous Response: Are Humans Ready?

    Global ransomware attacks like WannaCry already move too quickly for humans to keep up, and even more advanced attacks are on the horizon. Cyber security is quickly becoming an arms race — machines fighting machines on the battleground of corporate networks. Algorithms against algorithms.
     
    Artificial intelligence-based cyber defense can not only detect threats as they emerge but also autonomously respond to attacks in real time. As the shortage of trained cyber analysts worsens, the future of security seems to be automatic. But are humans ready to accept the actions machines would take to neutralize threats? In this presentation, we will discuss our lessons learned and explore several use-cases in which autonomous response technology augmented human security teams.

    Speaker

    Photo Speaker Name Profile
    Nicole Eagan Nicole Eagan View Profile
  • How to Build Effective Defensive Strategies Against Privileged Attacks Add to Schedule Morey J. Haber  |   BeyondTrust  |   Cyber Hack

    Cyber Hack Theatre

    Wed 31st Oct 09:30 to 10:00

    How to Build Effective Defensive Strategies Against Privileged Attacks

    Cyber-attacks continue to increase in sophistication and are occurring in such volume that the daily newsfeed is littered with tales of new breaches and the cyber infonomics ramifications. Central to almost each of these stories is an element of privilege abuse and misuse that resulted in either the initial exploit, or that was implicated in allowing an initial foothold to metastasize into a security event inflicting widespread reputation and economic damage.

    Based on strategies developed by BeyondTrust and presented in the recently published book, “Privileged Attack Vectors,” security professionals will learn how privileges, passwords, and vulnerabilities are being leveraged as attack vectors, and how you can take measurable steps to defend against them.

    Speaker

    Photo Speaker Name Profile
    Morey J. Haber Morey J. Haber View Profile
  • Brought to you by CrowdStrike Add to Schedule

    Network Security, Ransomware & IOT Theatre

    Wed 31st Oct 09:30 to 10:00

  • Comprehensive Application Security Tooling (CAST) in your CI pipeline Add to Schedule Utsav Sanghani  |   Black Duck by Synopsys  |   Future Cyber Tech, Application Security & DevOps

    Future Cyber Tech, Application Security & DevOps Theatre

    Wed 31st Oct 09:30 to 10:00

    Comprehensive Application Security Tooling (CAST) in your CI pipeline

    This session will discuss how different analysis capabilities, when stitched together, can provide complete security coverage for your critical applications built using CI. Learn more about each technology and how to automate them as part of any CI pipeline.

    Speaker

    Photo Speaker Name Profile
    Utsav Sanghani Utsav Sanghani View Profile
  • Wed 31st Oct 10:10 - 10:40
  • Microsoft Office 365 – Make it a Secure Journey for Digital Transformation Add to Schedule Todd Bursch  |   Forcepoint   |   Cloud, Mobile & IAM

    Cloud, Mobile & IAM Theatre

    Wed 31st Oct 10:10 to 10:40

    Microsoft Office 365 – Make it a Secure Journey for Digital Transformation

    Office 365 adoption is continuing at a strong pace, and is often the corner stone for a company’s digital transformation journey.  The decision to implement Office 365 is often a top-down decision, resulting in lack of awareness in terms of security and capabilities when the platform is initially rolled out.  However, this rapid change puts pressure on departments to adapt, exposes weaknesses, and creates new security challenges as IT remodels its security posture to protect the new ecosystem.

    This session will provide insights into how only Forcepoint can secure Office 365 and all your other SaaS applications.

    Speaker

    Photo Speaker Name Profile
    Todd Bursch Todd Bursch View Profile
  • Brought to you by Twistlock Add to Schedule

    Future Cyber Tech, Application Security & DevOps Theatre

    Wed 31st Oct 10:10 to 10:40

  • Wed 31st Oct 10:50 - 11:20
  • Can You Be Just a Little Bit Beyond? Add to Schedule Wendy Nather   |   Duo Security   |   The Keynote

    The Keynote Theatre

    Wed 31st Oct 10:50 to 11:20

    Can You Be Just a Little Bit Beyond?

    Some organizations are afraid that going to a zero-trust model (such as Google's BeyondCorp) means all or nothing, and that they may face security risks in the middle of migrating. Even Google didn’t do it in a day, so let’s talk about incremental changes that don’t require a sudden switchover.

    Speaker

    Photo Speaker Name Profile
    Wendy Nather Wendy Nather View Profile
  • Minimizing the detection to recovery timeframe Add to Schedule Brent Feller  |   eSentire   |   Network Security, Ransomware & IOT

    Network Security, Ransomware & IOT Theatre

    Wed 31st Oct 10:50 to 11:20

    Minimizing the detection to recovery timeframe

    Avoid the potential effects sophisticated threat actors can have on business operations and new breach notification mandates.

    While recent trends have shown attackers are more frequently using simple tools and tactics to make a big impact to the overall global cost of data breaches, sophisticated threat actors utilizing advanced techniques to avoid detection could potentially have the greatest impact to an organization’s bottom line in 2018. While commodity threats continue to make the case for investment in preventative technologies, stricter regulations around breach notifications all but mandates increased investment in advanced detection and response capabilities. Now more than ever is minimizing the detection to response timeframe of utmost importance to ensure an organization is able to not only detect threats but contain and respond in a timeframe that minimizes the potential risk of impacting their clients and suffering the business altering implications of compliance violations.

    As organizations begin to address this transition, knowing where to start is a challenge. We invite you to join Brent Feller, Senior Solutions Engineer at eSentire who will cover the best path going forward and real-life examples of how advanced detection and response capabilities were able to thwart attackers and satisfy even the most stringent emerging regulatory requirements.

    Speaker

    Photo Speaker Name Profile
    Brent Feller Brent Feller View Profile
  • Adopting an Automation-First Strategy for Identity and Access Management Add to Schedule Bryan Christ  |   Hitachi ID   |   Cloud, Mobile & IAM

    Cloud, Mobile & IAM Theatre

    Wed 31st Oct 10:50 to 11:20

    Adopting an Automation-First Strategy for Identity and Access Management

    Process automation within an IAM environment can be challenging. Many systems that excel at governance and certification tasks are simply not well suited for automation. Many organizations believe their requirements are simply too unique to be automated and/or their existing home grown solutions will suffice. A thorough data cleanup is often advocated for before automation technologies are deployed however this is the wrong approach as such technologies can actually help with the data cleansing effort. In this session we will explore many aspects of IAM automation and deliver concrete recommendations towards achieving the goal of identity management automation.

    Speaker

    Photo Speaker Name Profile
    Bryan Christ Bryan Christ View Profile
  • Advanced Attackers And Evolving Enterprise Defenses Add to Schedule Tommy Hui  |   SentinelOne   |   Future Cyber Tech, Application Security & DevOps

    Future Cyber Tech, Application Security & DevOps Theatre

    Wed 31st Oct 10:50 to 11:20

    Advanced Attackers And Evolving Enterprise Defenses

    Advanced attackers are always looking for ways to stay hidden. The growing use of traffic encryption — over 50% of Web traffic today is encrypted — provides a simple trick for attackers to hide their threats and communications channels. Exploit kits, malware, adware, callbacks, as well as command & control channels leverage encrypted communications to infiltrate organizations and exfiltrate information.
     
    Look into encrypted traffic, without the need for a proxy or additional agents and ensure full coverage of threats hiding within covert channels. Learn how EPP capabilities can be extended to provide an integrated workflow from visibility & detection to response & remediation. A single agent, single console architecture provides deployment simplicity and operational agility to improve productivity and minimize business impact of threats.

    Speaker

    Speaker Name Profile
    Tommy Hui View Profile
  • Wed 31st Oct 11:30 - 12:00
  • Hacking Dumberly, Just Like the Bad Guys Add to Schedule Tim Medin  |   Red Siege  |   The Keynote

    The Keynote Theatre

    Wed 31st Oct 11:30 to 12:00

    Hacking Dumberly, Just Like the Bad Guys

    Tim will discuss the dumbest red team tricks and hacks he's encountered over the years. He is going to take the A out of APT, because so few attackers really need to use advanced techniques. He'll also discuss the simple defenses that make an attacker's life much more difficult.

    Speaker

    Photo Speaker Name Profile
    Tim Medin Tim Medin View Profile
  • The New Era of Cyber-Threats: The Shift to Self-Learning, Self-Defending Networks Add to Schedule Cameron Armstrong  |   Darktrace   |   Network Security, Ransomware & IOT

    Network Security, Ransomware & IOT Theatre

    Wed 31st Oct 11:30 to 12:00

    The New Era of Cyber-Threats: The Shift to Self-Learning, Self-Defending Networks

    With machines fighting machines and increasingly sophisticated human attackers, we are now entering a new era of cyber-threats. The battle is no longer at the perimeter but inside of our organizations, and no security team can keep up with its speed. Cyber-attackers are quickly becoming silent and stealthy, and cyber defense has turned into an arms race.
     
    This new wave of cyber-threats has seen skilled attackers that may lie low for weeks or months. By the time they take definitive steps, their actions blend in with the everyday hum of network activity. These attacks call for a change in the way we protect our most critical assets.
     
    Self-learning and self-defending systems are now being deployed to continually assess business environments. Known as ‘immune system’ defense, this approach is used to uncover threats that have already penetrated the network border, and then automatically fight back. Unlike legacy approaches, which rely on rules or signatures, these technologies work autonomously, enable the security team to focus on high-value tasks, and can counter even fast-moving, automated attackers.

    Speaker

    Photo Speaker Name Profile
    Cameron Armstrong Cameron Armstrong View Profile
  • Security in Modern Era: The Threat of Quantum Computers to Cyber Security Add to Schedule Avesta Hojjati  |   DigiCert, Inc.  |   Future Cyber Tech, Application Security & DevOps

    Future Cyber Tech, Application Security & DevOps Theatre

    Wed 31st Oct 11:30 to 12:00

    Security in Modern Era: The Threat of Quantum Computers to Cyber Security

    Quantum computing is still in its infancy but already poses challenges to digital security. We’ll look at the high-level issues that cyber security companies will face in the near future, as well as the threats to security-sensitive industries such as finance and health care. We’ll also discuss how cyber security companies can prepare for the post-quantum crypto era.

    Speaker

    Photo Speaker Name Profile
    Avesta Hojjati Avesta Hojjati View Profile
  • Piracy, Yesterday and Today Add to Schedule Adam Hogan  |   CrowdStrike   |   Cyber Hack

    Cyber Hack Theatre

    Wed 31st Oct 11:30 to 12:10

    Piracy, Yesterday and Today

    The pirate companies of the 1600s were criminals opportunistically exploiting the new world of sail. This makes them far more similar to the adversaries of cyberspace than traditional thieves or organized crime. Pirates were forced to innovate or die, turned into some of the most progressive companies the world had ever seen. There is a lot of learn from this stunning level of innovation. I believe that understanding how these criminals organize offers insight into what we can learn about cyber criminals - and how to combat them.

    Speaker

    Photo Speaker Name Profile
    Adam Hogan Adam Hogan View Profile
  • Wed 31st Oct 01:00 - 01:30
  • Global Scale Vulnerability Management Add to Schedule Matthew O’Connor   |   Google  |   The Keynote

    The Keynote Theatre

    Wed 31st Oct 01:00 to 01:30

    Global Scale Vulnerability Management

    Heartbleed, ShellShock, POODLE, Spectre, and Meltdown! How do you manage and protect against vulnerabilities which affect the entire internet? In this session, you will learn about Google’s approach to managing large-scale security vulnerabilities, coordinating efforts  and communications across businesses, engineering the solution, and working cross-industry to ensure commercial and consumer customers are safe and secure.

    Speaker

    Photo Speaker Name Profile
    Matthew O’Connor Matthew O’Connor View Profile
  • Introduction to Internet of Things (IoT) and Industrial Internet of Things (IIoT) Add to Schedule Leonard Jacobs  |   Netsecuris Inc.  |   Network Security, Ransomware & IOT

    Network Security, Ransomware & IOT Theatre

    Wed 31st Oct 01:00 to 01:30

    Introduction to Internet of Things (IoT) and Industrial Internet of Things (IIoT)

    The Internet of Things (IoT) and Industrial Internet of Things (IIoT) devices communicate more effectively with publish-subscribe-based lightweight messaging protocols as compared to utilizing the traditional request-response nature of TCP/IP communication.  The presentation provides a review of the prominent messaging protocols (MQTT, OpenFMB, and others) utilized today with IoT and IIoT communications. The cyber security protection mechanisms for these messaging protocols will be addressed.
     
     

    Speaker

    Photo Speaker Name Profile
    Leonard Jacobs Leonard Jacobs View Profile
  • A DevOps State of Mind: Continuous Security with Kubernetes Add to Schedule Chris Van Tuin  |   Red Hat  |   Future Cyber Tech, Application Security & DevOps

    Future Cyber Tech, Application Security & DevOps Theatre

    Wed 31st Oct 01:00 to 01:30

    A DevOps State of Mind: Continuous Security with Kubernetes

    With the rise of DevOps, containers are at the brink of becoming a pervasive technology in Enterprise IT to accelerate application delivery for the business. When it comes to adopting containers in the enterprise, Security is the highest adoption barrier. Is your organization ready to address the security risks with containers for your DevOps environment?  In this presentation, you'll learn about:

    • Best practices for addressing the top container security risks in a  container environment including images, builds, registry, deployment, hosts, network, storage, APIs, monitoring & logging, and federation
    • Automating and integrating security vulnerability management & compliance checking for container images in a DevOps CI/CD pipeline
    • Deployment strategies for deploying container security updates including recreate, rolling, blue/green, canary and a/b testing.

    Speaker

    Photo Speaker Name Profile
    Chris Van Tuin Chris Van Tuin View Profile
  • Exercise the cyber demogorgons Add to Schedule Heather Gantt-Evans  |   Ernst & Young, LLP  |   Cyber Hack

    Cyber Hack Theatre

    Wed 31st Oct 01:00 to 01:50

    Exercise the cyber demogorgons

    As businesses become more digitally dependent, security ops become more intertwined with the business. To test, measure and validate this alignment, we present a model of cyclical, intensity increasing and threat scenario-driven exercises designed to stress test the entire business’ ability to respond. Today, cyber-incidents are business incidents, cyber threats are business threats.

    Speaker

    Photo Speaker Name Profile
    Heather Gantt-Evans Heather Gantt-Evans View Profile
  • Wed 31st Oct 01:40 - 02:10
  • DHS Cybersecurity Assessments and Resources Add to Schedule Chad Adams  |   US Department of Homeland Security  |   The Keynote

    The Keynote Theatre

    Wed 31st Oct 01:40 to 02:10

    Speaker

    Photo Speaker Name Profile
    Chad Adams Chad Adams View Profile
  • Developing and Retaining Excellence in a Competitive Market Add to Schedule Jim Motes  |   Knights View Consulting, LLC  |   Future Cyber Tech, Application Security & DevOps

    Future Cyber Tech, Application Security & DevOps Theatre

    Wed 31st Oct 01:40 to 02:10

    Developing and Retaining Excellence in a Competitive Market

    It's no secret that we are currently experiencing a critical shortage of trained and experienced cyber security practitioners.  The competition for qualified team members is fierce and long-term retention of your valuable team members is a key success factor for creating and maintaining a first-rate security team.  Exceptional security personnel are looking for opportunities to perform interesting and challenging work.  Too often those same personnel are relegated to perform mundane and repetitive tasks that fail to adequately engage and develop them professionally. CISOs/CSOs wishing to retain and mature their organizations should look for opportunities to drive efficiencies and optimize their security program while minimizing the administrative burden on their teams.  

    Low-cost, high-return activities such as establishing formal or semi-formal collaborative relationships with their peers for mutual security support and training opportunities combined with conducting security program rationalization and optimization projects can deliver significant value and introduce fresh insight into your security program.  Security executives should also consider how machine learning and Security Orchestration, Automation, and Response (SOAR) solutions may reduce time spent on lower skill, repetitive tasks, and improve overall team competency and retention.

    Speaker

    Photo Speaker Name Profile
    Jim Motes Jim Motes View Profile
  • Wed 31st Oct 02:00 - 02:50
  • Advanced Attackers And Evolving Enterprise Defenses Add to Schedule Parker Cook  |   SentinelOne   |   Cyber Hack

    Cyber Hack Theatre

    Wed 31st Oct 02:00 to 02:50

    Advanced Attackers And Evolving Enterprise Defenses

    Advanced attackers are always looking for ways to stay hidden. The growing use of traffic encryption — over 50% of Web traffic today is encrypted — provides a simple trick for attackers to hide their threats and communications channels. Exploit kits, malware, adware, callbacks, as well as command & control channels leverage encrypted communications to infiltrate organizations and exfiltrate information.
     
    Look into encrypted traffic, without the need for a proxy or additional agents and ensure full coverage of threats hiding within covert channels. Learn how EPP capabilities can be extended to provide an integrated workflow from visibility & detection to response & remediation. A single agent, single console architecture provides deployment simplicity and operational agility to improve productivity and minimize business impact of threats.

    Speaker

    Speaker Name Profile
    Parker Cook View Profile
  • Wed 31st Oct 02:20 - 02:50
  • Why Security Incidents are Different from IT Incidents Add to Schedule Patrick Hayes  |   Online Business Systems  |   Network Security, Ransomware & IOT

    Network Security, Ransomware & IOT Theatre

    Wed 31st Oct 02:20 to 02:50

    Why Security Incidents are Different from IT Incidents

    Organizations are challenged with ensuring that their customers and staff have access to the systems and services needed to conduct business. Often times what could be perceived as a simple disruption to service can become a serious and damaging security breach. If treated and remediated without the due care of a security incident, you may lack the important steps necessary in addressing the serious nature of the event.  With data breaches at an all-time high, ensuring that organizations are properly addressing security incidents is paramount in protecting corporate and customer information, as well as maintaining the availability of services.

    Speaker

    Photo Speaker Name Profile
    Patrick Hayes Patrick Hayes View Profile
  • The Resource Dilemma: How Security Professionals Can Win the Funding Battle to Get the Resources They Need to Prepare an Adequate Cyber Defense Add to Schedule Mark Langford  |   Aberfoyle Associates  |   Cloud, Mobile & IAM

    Cloud, Mobile & IAM Theatre

    Wed 31st Oct 02:20 to 02:50

    The Resource Dilemma: How Security Professionals Can Win the Funding Battle to Get the Resources They Need to Prepare an Adequate Cyber Defense

    This presentation is focused on strategies to help security professionals get the funding approval they need for additional investment in tools, external consulting support, staff training, 3rd party testing, audits, and assessments, as well as to obtain needed internal resources such as floorspace, collaboration from all employees, and more security staff.

    Speaker

    Photo Speaker Name Profile
    Mark Langford Mark Langford View Profile
  • PANEL: The House of Horrors Add to Schedule Valmiki Mukherjee  |   Ernst & Young LLP  |   The Keynote

    The Keynote Theatre

    Wed 31st Oct 02:20 to 03:10

    Speaker

    Speaker Name Profile
    Valmiki Mukherjee View Profile
  • Wed 31st Oct 03:00 - 03:30
  • Navigating the Slew of Laws and Regulations of Cybersecurity Add to Schedule Tony Porras   |   Porras Law  |   Network Security, Ransomware & IOT

    Network Security, Ransomware & IOT Theatre

    Wed 31st Oct 03:00 to 03:30

    Navigating the Slew of Laws and Regulations of Cybersecurity

    How to decipher the many laws and regulation imposed on businesses today by State, Federal and Foreign Governments and how to create a technical framework to comply that at the same time will give you a stronger cybersecurity posture. We will go over the major laws governing cybersecurity requirements and a technical framework that will help make sense of your cybersecurity investments. We will also review how to implement a plan that makes sense for your organization. This plan will not only help you combat the bad guys but also help you comply with the many laws and regulations.

    Speaker

    Photo Speaker Name Profile
    Tony Porras Tony Porras View Profile
  • Wed 31st Oct 03:30 - 04:30
  • MEETUP: Women in Cyber Secuirty Add to Schedule

    Network Security, Ransomware & IOT Theatre

    Wed 31st Oct 03:30 to 04:30

  • Thu 1st Nov 08:30 - 09:00
  • Criminal Perspectives: Former US Most Wanted Cybercriminal Brett Johnson Discusses His History of Cybercrime, Its Current State, and Where Its Going Add to Schedule Brett Johnson  |     |   The Keynote

    The Keynote Theatre

    Thu 1st Nov 08:30 to 09:00

    Criminal Perspectives: Former US Most Wanted Cybercriminal Brett Johnson Discusses His History of Cybercrime, Its Current State, and Where Its Going

    Join "The Original Internet Godfather" Brett Johnson for a one of a kind presentation on cybercrime. Brett will detail his cybercrime past before walking the audience through the current state of online crime and showing the audience exactly how todays cybercriminals commit Synthetic Fraud, Business Email Compromise, Account Takeovers, and more. Learn how crooks commit those crime, but more importantly learn what you can do to protect yourself and your business.

    Speaker

    Photo Speaker Name Profile
    Brett Johnson Brett Johnson View Profile
  • Thu 1st Nov 09:30 - 10:00
  • How to Protect Next Generation Technology from Modern Threats Add to Schedule Morey J. Haber  |   BeyondTrust  |   Network Security, Ransomware & IOT

    Network Security, Ransomware & IOT Theatre

    Thu 1st Nov 09:30 to 10:00

    How to Protect Next Generation Technology from Modern Threats

    Next generation technology such as the cloud, DevOps, and IoT are not immune to privilege security threats, vulnerabilities, and poor cyber security hygiene. Managing privileges and vulnerability assessments are therefore critical layers in identity and asset centric cyber defense. Privileged Access Management (PAM) and Vulnerability Management (VM) together provide a complete approach to preventing NextGen breaches by unifying visibility and control across on-premise, cloud, IoT, and DevOps environments with reliable and predictable threat management.

    Based on a recent survey by BeyondTrust, security professionals will learn how privileges, passwords, and vulnerabilities are being leveraged against next generation technologies, and how you can take measurable steps to defend against them.

    Speaker

    Photo Speaker Name Profile
    Morey J. Haber Morey J. Haber View Profile
  • Cyber Security Defense Maturity Model (CSDMM) Add to Schedule Eric Jeffery  |   IBM  |   Future Cyber Tech, Application Security & DevOps

    Future Cyber Tech, Application Security & DevOps Theatre

    Thu 1st Nov 09:30 to 10:00

    Cyber Security Defense Maturity Model (CSDMM)

    Discuss cyber security defense maturity model (CSDMM) that places technology families on a scatter plot delineating capability level with defensive maturity. Organizations need controls in place and an understanding of their defensive position. Too often, organizations use a whack a mole process or they defend against the risk of the day or, worse yet, what vendors tell them to buy. The CSDMM provides entities with an understanding of where they are so they can determine where they want to go. This model delineates what technologies entities need to implement so they can achieve a more sophisticate and mature defensive posture.

    Speaker

    Photo Speaker Name Profile
    Eric Jeffery Eric Jeffery View Profile
  • Thu 1st Nov 10:10 - 10:40
  • The Industrial Immune System: Using Machine Learning & AI for OT Cyber Defense Add to Schedule Jeff Cornelius   |   Darktrace   |   Network Security, Ransomware & IOT

    Network Security, Ransomware & IOT Theatre

    Thu 1st Nov 10:10 to 10:40

    The Industrial Immune System: Using Machine Learning & AI for OT Cyber Defense

    There is an urgent need for a new approach to combat the next generation of cyber-threats, across both OT and IT environments. While total prevention of compromise is untenable, utilizing automated self-learning technologies to detect and respond to emerging threats within a network is an achievable cyber security goal, irrespective of whether the suspicious behavior originated on the corporate network or ICS.

    Speaker

    Photo Speaker Name Profile
    Jeff Cornelius Jeff Cornelius View Profile
  • Thu 1st Nov 10:50 - 11:20
  • CIO, CISO and Cloud Transformation: Who’s watching the watcher? Add to Schedule Mark Mincin  |   McAfee  |   The Keynote

    The Keynote Theatre

    Thu 1st Nov 10:50 to 11:20

    CIO, CISO and Cloud Transformation: Who’s watching the watcher?

    If all InfoSec-related tasks in Information Technology were performed by a member of the Information Security team, we wouldn’t need an IT team at all. Do we even need an IT team? Mark will discuss what IT does in organizations using a hybrid cloud strategy, for Public and Private cloud.  What’s the practical and good-practice boundary between InfoSec and IT? What are the most important cloud security priorities and who covers what tasks for which?

    Speaker

    Photo Speaker Name Profile
    Mark Mincin Mark Mincin View Profile
  • Minimizing the detection to recovery timeframe Add to Schedule Brent Feller  |   eSentire   |   Network Security, Ransomware & IOT

    Network Security, Ransomware & IOT Theatre

    Thu 1st Nov 10:50 to 11:20

    Minimizing the detection to recovery timeframe

    Avoid the potential effects sophisticated threat actors can have on business operations and new breach notification mandates.

    While recent trends have shown attackers are more frequently using simple tools and tactics to make a big impact to the overall global cost of data breaches, sophisticated threat actors utilizing advanced techniques to avoid detection could potentially have the greatest impact to an organization’s bottom line in 2018. While commodity threats continue to make the case for investment in preventative technologies, stricter regulations around breach notifications all but mandates increased investment in advanced detection and response capabilities. Now more than ever is minimizing the detection to response timeframe of utmost importance to ensure an organization is able to not only detect threats but contain and respond in a timeframe that minimizes the potential risk of impacting their clients and suffering the business altering implications of compliance violations.

    As organizations begin to address this transition, knowing where to start is a challenge. We invite you to join Brent Feller, Senior Solutions Engineer at eSentire who will cover the best path going forward and real-life examples of how advanced detection and response capabilities were able to thwart attackers and satisfy even the most stringent emerging regulatory requirements.

    Speaker

    Photo Speaker Name Profile
    Brent Feller Brent Feller View Profile
  • Thu 1st Nov 11:30 - 12:00
  • Brought to you by CrowdStrike Add to Schedule

    Network Security, Ransomware & IOT Theatre

    Thu 1st Nov 11:30 to 12:00

  • Forecast: Increasing Clouds with a High Chance it’s Your Fault Add to Schedule Grant Asplund   |   Dome9 Security  |   Future Cyber Tech, Application Security & DevOps

    Future Cyber Tech, Application Security & DevOps Theatre

    Thu 1st Nov 11:30 to 12:00

    Forecast: Increasing Clouds with a High Chance it’s Your Fault

    Using public clouds for enterprise datacenters is mainstream. However, the number of services and options being offered is daunting. Using a ‘one-size-fits-all’ interface to scroll through thousands of assets trying to find a misconfigured or exposed S3 bucket is folly.
     
    You likely don’t have experienced, trained security professionals maintaining your cloud environment(s) either and this gap exacerbates your risks…unskilled hands or one fat-finger can have dire consequences.
     
    In this session you’ll learn why Gartner says, “Through 2022, at least 95% of cloud security failures will be the customer’s fault.” and how you can avoid validating their forecast.

    Speaker

    Photo Speaker Name Profile
    Grant Asplund Grant Asplund View Profile
  • Putting the Human Back Into Network Security Add to Schedule Michael Knapp  |   Forcepoint   |   Cyber Hack

    Cyber Hack Theatre

    Thu 1st Nov 11:30 to 12:10

    Putting the Human Back Into Network Security

    Network security technology is shifting from just being a way to keep threats out of your network to providing operational insights that can make your people more effective and your organization more efficient. With the growth of unmanaged devices like phones, tables, appliances and Internet of Things (IoT) gadgets, the network often is the only place where sensing and enforcement can be done consistently. Advances in behavioral monitoring, analytics and machine learning are converging, enabling security to go beyond the old black-and-white, threat-centric approach of separating activities into “good” and “bad.” Now, security is becoming context-based, addressing the fuzzy “gray” area where today’s greatest productivity and greatest risks are found.

    Speaker

    Photo Speaker Name Profile
    Michael Knapp Michael Knapp View Profile
  • Thu 1st Nov 01:00 - 01:30
  • The Importance of Cyber Resilience for Email Add to Schedule TJ Adamowicz  |   Mimecast   |   Network Security, Ransomware & IOT

    Network Security, Ransomware & IOT Theatre

    Thu 1st Nov 01:00 to 01:30

    Speaker

    Speaker Name Profile
    TJ Adamowicz View Profile
  • Thu 1st Nov 01:40 - 02:10
  • Machine learning and the evolution of cyber security Add to Schedule Zeus Kerravala   |   ZK Research   |   The Keynote

    The Keynote Theatre

    Thu 1st Nov 01:40 to 02:10

    Machine learning and the evolution of cyber security

    Cybersecurity budgets continue to grow but security teams are still falling further behind.  ZK Research data finds that the average time to detect a breach is still almost three months indicating a change is needed in cybersecurity.  Machine learning has matured as a technology and is now in a position to impact the security industry be quickly finding breaches in the massive amount of data being generated by networks, endpoints and other infrastructure. ML will transform cyber security faster that ever before and enable security practitioner to keep up with the growing number of advanced threat actor.

    Speaker

    Photo Speaker Name Profile
    Zeus Kerravala Zeus Kerravala View Profile
  • Use of Guerrilla Warfare for the Blue Team Add to Schedule Rob Carson  |   SemperSec  |   Network Security, Ransomware & IOT

    Network Security, Ransomware & IOT Theatre

    Thu 1st Nov 01:40 to 02:10

    Use of Guerrilla Warfare for the Blue Team

    Blue Team Security is a hard job. It's not sexy, and it is always complicated navigating between the people, processes, and technology of the organization. Blue teams try to defend meanwhile breaches still happen. Why? adversaries (external AND internal) just need to find a pin-hole or create one. Or buy one. That simple.

    Its time, we start thinking and acting like a guerrilla and adopt some practices from irregular warfare.  Irregular warfare has a long history of defeating larger and better-equipped adversaries while using limited resources.  Let’s talk about how we can adopt these tools, technique and procedures to win.

    Speaker

    Photo Speaker Name Profile
    Rob Carson Rob Carson View Profile
  • Reading the Tea Leaves: Preparing for the Future Cybersecurity Job Market Add to Schedule Gary Nichols  |   Charles Schwab  |   Future Cyber Tech, Application Security & DevOps

    Future Cyber Tech, Application Security & DevOps Theatre

    Thu 1st Nov 01:40 to 02:10

    Reading the Tea Leaves: Preparing for the Future Cybersecurity Job Market

    Cyber warfare has evolved from a once futuristic concern of science fiction writers to an almost daily headline in the news. As attackers, methods and destructive capabilities evolve, so must those responsible for the defense and wellbeing of information systems. Explore the current state of both defensive and offensive human and technology capabilities, what the tea leaves are telling us about the near-term future, the gaps that exist, and the shift that is occurring that will reshape the cybersecurity job market to come. Understand what is coming, and invest in the right skill sets today to protect the information landscape of tomorrow.

    Speaker

    Photo Speaker Name Profile
    Gary Nichols Gary Nichols View Profile
  • Thu 1st Nov 02:20 - 03:10
  • PANEL: Cyber Security Dallas: The Year Ahead Add to Schedule

    The Keynote Theatre

    Thu 1st Nov 02:20 to 03:10

Your schedule where you can plan your day, viewing all your scheduled seminars print or email them to yourself

Top