Virtual Summit
Capital Region Virtual Cybersecurity Summit
The Capital Region Virtual Cybersecurity Summit is a new way to connect with like-minded executives, innovative solutions providers, experts and luminaries. With a shared interest in security innovation in the region, summit attendees have a lot to talk about in the live, immersive virtual experience.
Date
Wed. Sep 30
Event Schedule
-
Don’t Get Phished! See How Ironscales' Self-Learning Email Security Platform Stops Tomorrow’s Phishing Attacks Today! 8:40 am
Presented by Ironscales
Click to ExpandCyber Criminals don’t care. From holiday seasons, elections, tax-day or our current pandemic COVID-19. They’re ready to exploit people’s vulnerability.
Email phishing is their weapon of choice. 10 years ago, traditional solutions like secure email gateways (SEGs) or in-built security from mailbox providers were enough to stop cyber criminals from gaining access to our accounts. In 2020, attackers are more sophisticated and are changing tactics just as rapidly as businesses are moving to Office 365 and G-Suite.
In the face of this evolving threat, how can you stay ahead of micro-targeted attacks and defend against malicious emails before they gain access to your confidential data? How do you protect end-users confronted by fake login pages (after all, it’s not their job to determine what looks real and what doesn’t)? How do you ensure that your SOC team isn’t overwhelmed by the burden of identifying and remediating phishing threats?
Join Ironscales and learn about:
- What techniques bad actors use to bypass traditional security measures
- What new attacks are being used by bad actors to take advantage of the pandemic
- What can you quickly do to protect your Office 365/G-Suite users who are working remotely
- How automation & collaboration tools can enable your SOC team to respond to incidents faster, giving them time savings so that they can focus on other projects.
Speaker:
-
Managing Digital Risk Amid Disruption 9:05 am
Presented by RSA
Click to ExpandDigital transformation is not only changing how companies think about business. It is changing how we think about risk. We need to *act* on risk, not worry about it. We need to start and end with the basics. In this session we review several key areas of digital risk management to target as you are challenged to be a key contributor in your company’s digital journey.
Speaker:
-
The Passwordless Experience 9:25 am
Presented by Entrust
Click to ExpandAs long as we’ve had computers, people have been able to steal our passwords. Join Rajan Barara in discussing current industry pain points and how Entrust can help you with our high assurance, credential based passwordless solutions.
Speaker:
-
Developing Your Identity Strategy 10:10 am
Presented by SailPoint
Click to ExpandRemember when identity management meant creating new accounts and resetting user’s passwords? Over the years, digital identity has evolved into much, MUCH more. Your identity program now includes not just identity management, but also access management, privilege management, and even customer identity management, all of this falling under the umbrella of identity governance. More importantly, identity has shifted from being a basic operations function to the cornerstone for business enablement and digital transformation. In this presentation, Rob walks you through key considerations when developing your identity strategy to help you improve the current state of your program while building a solid foundation for the future of your identity program.
Speaker:
-
Reducing Friction and Managing Remote Work Environments 10:30 am
Presented by Automox
Click to ExpandThe business world has changed and many of those changes, like remote working, are here to stay. And keeping your teams safe during this period is a no-brainer—as is making sure their remote endpoints are managed and secure. But with these changes come a list of concerns and issues that many organizations just are not ready to address, sometimes highlighting legacy support policies and even out-of-standard technological needs. The friction of everyday management of the full enterprise has increased, putting a strain on the IT and support staff as well as the users.
During this presentation, I will address common areas of friction in endpoint management as well as ways to pinpoint friction in your environment, and finally ways to address the problems and setup your organization for scalability with endpoint management.
Speaker:
-
Q&A on Identity: The New Perimeter? 11:10 am
Click to Expand
The 2000’s view of “perimeter” in terms of security conjures up an analogy about castles and moats… but today, the question is, where is the moat? As we turbo-charged Work From Home this year, and BYOD is just a way of life – have your Identity and Access Management practices kept-up?
-
Cyber Resilience: Rethinking Your Data Protection Strategy in the Age of Ransomware 11:35 am
Presented by Zerto
Click to ExpandRansomware threats increased by 300% last year, and the industry is expecting it to get worse. Ransomware victims’ greatest pains are downtime and data loss. Current DR and Backup solutions aren’t equipped to help you manage it at the speed of business. Join us for this discussion on how to transform your data protection approach to ensure you can protect your data and resume operations almost instantly when facing a ransomware attack. See you there!
Speaker:
-
Continuous Vulnerability Management: Striving for a 14-Day SLA 12:00 pm
Presented by Ivanti
Click to ExpandThe importance of having a continuous vulnerability management process as part of an overall security program such as that provided by the CIS controls framework.
When threat actors exploit weaknesses in an organization’s IT infrastructure, the consequences can be devastating to productivity, reputation, and financially. Without treating cybersecurity as an ongoing process, hackers can find, weaponize, deploy, and attack your infrastructure faster than your team can patch the vulnerability leaving your infrastructure unprotected. Your systems may be secure today, but next week, a cybersecurity criminal may discover and exploit a critical vulnerability in your environment. Join us as we discuss how continuous vulnerability management can be executed effectively.
Speaker:
- Break
-
Resilience Matters: Cyber Threat Landscape and Cisa Cybersecurity Resources Available for Building Operational Resilience 12:45 pm
Presented by CISA
Click to ExpandAssistant Director John Felker from CISA will give a few words and introduce Ben Gilbert, the keynote speaker
When it comes to cyber-attacks, It’s not a matter of if. It’s no longer even a matter of when. More so, it’s how frequent and how impactful will cyber-attacks be to operations. It’s not enough for organizations to simply focus on what protective measures to deploy. Organizations need to take a more holistic approach to managing cybersecurity risks in order to limit impacts to their operations. This presentation will provide a brief on cyber threats that cause impacts to operations, a discussion on operational resilience, cybersecurity risk management practices that enables operational resilience, and no-cost CISA cybersecurity resource available to public and private sector partners for building operational resilience.
Speakers:
-
Stopping Attacker Movement Before They Reach Your Crown Jewels 1:30 pm
Presented by Illusive
Click to ExpandDuring a normal workday, credentials and connections proliferate within a network. Once inside, attackers use Mimikatz and other attack tools to automate and accelerate credential harvesting, network discovery, and privilege escalation. Until now, defenders have lacked the ability to get ahead of this process. Identifying and removing excess, high-risk, and rogue connections has been a manual effort and impossible to scale. The giant, sudden transition by millions of employees to working from home has only made the attack surface even more volatile.
In this webinar, we examine the various ways to deprive attackers of what they need to move laterally in your network by identifying and removing the riskiest pathways that lead to your crown jewels including:
- How normal business activity creates dangerous opportunities for malicious lateral movement
- The cyber hygiene functions needed to harden the network against modern APT attacks
- How continuous visibility into your attack surface can augment other core security functions, such as privileged access management (PAM) and vulnerability management
Speaker:
-
Ramping up With FedRAMP – Best Practices Using Real-World Examples for Your Compliance Projects 1:50 pm
Presented by Capsule8
Click to ExpandSo many acronyms such little time – FISMA, FedRAMP, OBM, 3PAO – you may have heard these acronyms uttered in the same sentence, but at the end of the day, what compliance standards and controls are required when an organization intends to do business with Federal agencies and institutions?
In this session, Cynthia Burke, compliance expert from Capsule8, will give a high level overview of the Federal Risk and Authorization Management Program (FedRAMP) landscape and will discuss some of the challenges of and best practices for FedRAMP compliance using specific case study examples to help guide you and your team up the compliance hill with FedRAMP.
Speaker:
-
Q&A: Users as the Attack Vector – People and Security 2:25 pm
Click to Expand
Users, those carbon-based life forms usually roaming the halls of your buildings, are the last line of defense. Training, tools, and education help – but what are we doing to make sure they are not the weakest link?
-
A New Spin on Securing Active Directory 2:50 pm
Presented by Attivo Networks
Click to ExpandCISOs, Penetration Testers, and Incident Responders all agree that Active Directory is a primary target for attackers. So why isn’t AD defended more effectively? Join us in this session to learn who is attacking AD, why AD Security has traditionally been so difficult, and some groundbreaking new techniques for securing Active Directory.
Speaker:
-
A People-Centric Approach to Cyber Risk Management 3:10 pm
Presented by Proofpoint
Click to ExpandToday’s threat landscape is characterized by attacks which focus on humans. For the third straight year, Proofpoint Threat Research has confirmed that over 99% of attacks are human-activated.
Developing a holistic cyber security program involves educating end users on where and how they are exposed to cyber-attacks, gathering metrics, and highlighting key areas where proactive steps can be identified to minimize risks to cyber-attacks.
During this presentation, we’ll cover:
- The clearly defined risk areas that are frequently targeted in cyber-attacks, with clear examples and use cases
- How organizations can implement a People-Centric security approach, decreasing their vulnerability to cyber threats.
Speaker:
-
Q&A: Defense in Depth (3rd Party Risk) 3:50 pm
Click to Expand
Layering Defense in Depth (DiD) with intentional redundancies increases the security of a system as a whole and addresses many different attack vectors. From individual laptops, to VPN to the WAN, the old paradigm of “castles and moats” is soooo 1999. How are organizations defending against inventive hackers penetrating their systems in 2020?
-
The Anatomy of a Cyber Incident Response – Dissecting a Real-World Event & Critical Mitigation Steps 4:15 pm
Presented by rmSource
Click to ExpandIt’s the day IT leaders dread — Ransomware has taken control of your entire network. A few hours ago, everyone was working productively, and now the entire company has come to a screeching halt. The network, email, CRM, ERP, internal and customer databases are down. Could this have been prevented? The answer is almost always: Yes
Speaker:
- Closing Session
