Texas

Virtual Cybersecurity Summit

The Texas Virtual Cybersecurity Summit will be the largest gathering of senior cybersecurity professionals in the Lone Star State this year. Connect with like-minded executives, innovative solutions providers, experts and luminaries. With a shared interest in security innovation in the region, summit attendees have a lot to talk about in the live, immersive virtual experience.

Enter Now

View Video

Texas

Date

Wed. Apr 07 — Thu. Apr 08

Event Schedule

Times for this Event are in Central Time (CDT/CST)

The Summit will be open from 8AM to 6PM.

Welcome
Broken Authentication: Fixing one of the most critical web application security risks 9:25 am
Presented by Auth0
Authentication is a cornerstone capability of any application. Ensuring a user is who they say they are is crucial to maintaining data privacy and preventing fraud and data breaches. Consequently, improperly implemented authentication, known as broken authentication, is a potentially devastating application vulnerability. In fact, the Open Web Application Security Project (OWASP) lists broken authentication as the second most critical security risk to web applications.

This session will provide:
- An overview of broken authentication;
- Why it’s so dangerous;
- The types of threats that can take advantage of this vulnerability;
- How you can prevent this most critical application security risk.
Click to Expand
Panel Participants:

Andrew Akers
Andrew Akers
Senior Manager, Solutions at Auth0

Collapse This Item
Small Businesses Deserve Big Protection 9:45 am

Presented by Cisco

Small businesses are facing many of the same cybersecurity challenges as larger businesses. 66% of small businesses experienced a cyberattack in 2019, and 63% experienced a data breach. But securing your business doesn’t have to be complicated. Cybersecurity tools should be easy for a team of any size to deploy, use, and manage — letting you focus on more important things (like running your business!) Join Kate MacLean from Cisco to learn more about small business cybersecurity and how cloud-delivered security provides powerful protection against today’s biggest cyberthreats.

Click to Expand

Panel Participants:

Kate MacLean
Kate MacLean
Cloud Security Evangelist at Cisco

Collapse This Item
Morning Coffee Break
The Intersection of Data Backup and Data Security 10:20 am

Presented by Druva

Cyber attackers launch an attack every 6 seconds, and ransomware as a service is one of the fastest growing industries in the world. Meanwhile, data is now sprawled around the world – data centers, endpoints, SaaS applications, the cloud, and edge. There are so many new attack vectors for cyber criminals, that it is nearly impossible to build a moat around the company. Therefore, the question is not “will be breached?” but more “how do we handle our breaches?”

Historically, organizational silos have left gaps for cyber criminals to attack. Data protection teams have a unique perspective across all the data and applications in the organization, while security teams have a view across all the security events in the company. Unfortunately, even though data is the organization’s biggest asset, that information has not been integrated.

Now that cyber attackers are targeting data, security,data protection, compliance, and legal teams need to partner together. In this talk, we will cover best practices to manage attacks on an organization’s data. We will begin with how to limit the scope of an attack, detect attacks, and recover your data and applications. Then, we will walk through how to conduct forensic analysis and a legal assessment after the attack is over and the company is running again.

Click to Expand

Panel Participants:

Stephen Manley
Stephen Manley
Chief Technology Officer

Collapse This Item
Disrupting Lateral Movement by Securing Active Directory 10:45 am
Presented by Attivo Networks
Organizations continue to build their security stacks, yet advanced threats and insiders continue to breach networks and extract valuable data. A common tactic among most of these Ransomware and Advanced Threat Actors today involves leveraging Active Directory. AD contains all of the information that an attacker needs to successfully move laterally and accomplish their mission.

In this session, Tom Atkins will explore a new method for securing Active Directory that can (for the first time) actually prevent an attacker from progressing laterally through your enterprise network. Some key highlights include:
- How Threat Actors use AD to accomplish their goals
- Why Monitoring Active Directory is not enough
- What simple tools you can deploy to dramatically improve your security posture by better securing AD
Click to Expand
Panel Participants:

Tom Atkins
Tom Atkins
Regional VP at Attivo

Collapse This Item
Expert Panel Discussion: User-Centric Security 11:05 am

User-Centric Security

Users, those carbon-based life forms usually roaming the halls of your buildings, are the last line of defense. Data suggests that CEOs are ready to spend more money to contravene against attacks aimed at users. Training, tools, and education help – but what are we doing to make sure they are not the weakest link?

Our Subject Matter Experts will look at the problem from multiple angles… Business Email Compromises (BEC)/Phishing and Account Takeover… as well as Endpoint Security, Identity and Access Management, and Password (-less) solutions. Attendees will understand the myriad of challenges from multiple perspectives, and different concepts on how to address.

Click to Expand

Panel Participants:

Michael Cole
Michael Cole
Principal Advisory Services Consultant
Craig Broussard
Craig Broussard
Director of Global Infrastructure - NCH Corporation
Mark Sangster
Mark Sangster
Cybersecurity Expert & Author “No Safe Harbor”

Collapse This Item
Lunch Break
Keynote - Protecting Your Critical Infrastructure: Every Day is Game Day! 12:15 pm

Protecting Your Critical Infrastructure: Every Day is Game Day!

Special Agent In Charge William Smarr, from the US Secret Service Dallas Field Office will share the details of his agency’s cyber strategy and the criticality of establishing trusted partnerships before an incident occurs. The Secret Service’s world-wide network of Cyber Fraud Task Forces (CFTF) join together federal, state and local law enforcement, along with private sector partners and academia to combat cyber criminals across the globe. His talk will cover the authority, capabilities, and cyber strategy of the CFTF network and how the Secret Service strives to build partnerships at all levels and in all critical infrastructure sectors to ensure when a crisis does occur, the phone call to law enforcement will be met with a familiar voice.

As a cybersecurity leader in Texas, you should have the Secret Service CFTF team’s number in your mobile phone. In this discussion, SAIC Smarr will talk about tabletop exercises, how to assure senior executives are bought-in on cyber strategy, and share useful resources from the Secret Service and other agencies that stand ready to support organizations in the region.

In this exclusive briefing for the Texas Virtual Cybersecurity Summit audience, he will share insights from recent case studies from across the state.

Click to Expand

Panel Participants:

William Smarr
William Smarr
US Secret Service Special Agent in Charge - Dallas Field Office

Collapse This Item
The Last Line of Defense: Data Protection 1:00 pm

Presented by Pure Storage

With the growth of Ransomware and cybercrime, Data protection is experiencing a resurgence. Organizations are quickly having to modernize their data protection architecture and strategies to meet not only these demands but also the demand that digital transformation is placing upon them; current approaches are designed around a backup centric approach, whereas a new approach centered around restore and getting organizations back up and running as quickly as possible are critical. Join this session to learn about the latest innovations in the data protection space and how they can be implemented to provide a restore centric approach and provide a true last line of defense.

Click to Expand

Panel Participants:

David Huskisson
David Huskisson
Director, Data Protection Solutions at Pure Storage

Collapse This Item
Rethinking Your Data Protection Strategy in the Age of Ransomware 1:20 pm

Presented by Zerto

With the proliferation of data-driven digital business growing at an exponential pace, so is the pace of cyber security threats and attacks, such as ransomware. Cyberattacks can cost a company $1.4 Million on average in recovery when you add in the cost of lost productivity, reputation damage, and service disruption. Are you at risk? Can your backup keep pace with the speed of recovery that’s needed today? Attend this session to find out why traditional backup won’t save you from ransomware attack and how continuous data protection helps you to prepare, respond and recover from an attack.

Click to Expand

Panel Participants:

Andy Fernandez
Andy Fernandez
Senior Technology Evangelist at Zerto

Collapse This Item
Afternoon Coffee Break
Feature Keynote: Digital Forensics - USSS 2:00 pm

Digital Forensics: Insights from the Secret Service Texas Field Lab!

Local, state, and federal law enforcement agencies across Texas rely on the US Secret Service Regional Forensic Lab, headed by Senior Special Agent Steve Gemperle. Together with Special Agent Clarke Skoby from the Houston Field Office, they will share (as much as they’re allowed) some of the cutting-edge practices used by the lab for prosecuting criminals. It’s not just ransomware and business email compromise – but also robberies and homicides that have a cyber element; this is when agencies across Texas rely on the Digital Forensics Lab.

Ever wondered what happens to those confiscated laptops? Server images with advanced malware? How about when digging information from a biometric-locked mobile device that can prove to be the lynchpin of a criminal investigation? These agents spend their days working behind the scenes, doing the stuff we’ve all seen depicted in the movies and TV crime dramas.

More importantly, they will explain for the Data Connectors audience what cybersecurity leaders can do to make themselves more secure. They’ll cover how to assure employee user agreements are in place, how to think about logging and audit, systems to consider, relationships to have in advance of a breach that could save you from problems down the road. Relating local stories that may seem familiar from headlines, this exclusive insight into the digital forensics’ lab will be a unique opportunity to learn about the innovative and exciting tactics used by the Secret Service protect citizens and financial infrastructure.

Click to Expand

Panel Participants:

Stephen Gemperle
Stephen Gemperle
Senior Special Agent, USSS - San Antonio Field Office & Lab Director for Regional Forensic Lab
Clarke Skoby
Clarke Skoby
Advanced Digital Forensics Expert and Technical Staff Assistant at USSS - Houston Field Office

Collapse This Item
Top 4 Reasons Why Privileged Access Management Implementations Fail 2:40 pm

Presented by Remediant

It is shocking that, year over year, stealing credentials is still the top tactic used by attackers to breach organizations. Why is this still happening? Hint: It isn’t only because of weak passwords. Organizations have invested heavily into privileged access management technologies, but these solutions have struggled to address the problem for five key reasons. In this discussion, we will address the gaps in current access management approaches but, more importantly, show you how to quickly close the gaps and significantly reduce security risks without disrupting your current investments or systems.

Click to Expand

Panel Participants:

JD Sherry
JD Sherry
Chief Strategy Officer

Collapse This Item
Afternoon Break
Latest network-layer DDoS trends and the rise of ransom-driven attacks 3:15 pm
Presented by Cloudflare
Unprecedented changes in how people live and work around the world since the COVID-19 pandemic led to changing patterns of Internet usage. And as our reliance on the Internet surged, so did the frequency, sophistication, and distribution of cyberattacks.

In this talk, Cloudflare’s Head of Solution Engineering will discuss the latest DDoS attack trends observed over Cloudflare’s network. Join this talk to understand:
- Key trends and shifts in the DDoS landscape
- Ransom-based attacks: what are they and how to respond?
- Steps organizations can take to better protect their networks
Click to Expand
Panel Participants:

Trey Guinn
Trey Guinn
Head of Solution Engineering

Collapse This Item
Guest Keynote: The Risk Balance Sheet 3:30 pm

The Risk Balance Sheet

When executives around the C-suite converse about business issues, they have some standard ways of accounting for concerns. Accounting is the language of business, and the balance sheet a standardized way of looking across business units, organizations and industries. This makes it easy for even an outside party, or a board member who sits with multiple organizations, to assess the health of the business.

So why not a risk balance sheet? In this guest keynote, Andrew Vezina, VP and Chief Information Security Officer (CISO) at Equitable Bank (EQ Bank) in Canada talks about his ground-breaking idea for a new way to look at risk. You’ll hear how it works, and how it enables CISOs to convey to non-technical executives where risks lie in the business, and how they have been mitigated by processes, technologies and other means.

Click to Expand

Panel Participants:

Andrew Vezina
Andrew Vezina
VP and CISO at Equitable Bank

Collapse This Item
Expert Panel Discussion: Risk Balance Sheet 4:00 pm

The Risk Management “Balance Sheet”

Managing risk has always been a part of the CISO responsibility set; however, the ways in which it is managed has no clear definition. With new ransomware threats, supply chain attacks, and third-party risk in the mix – perhaps a new way to budget risk is required. Is there an effective way to have a “risk balance sheet” – a way in which the CISO could communicate risk to the rest of the C-suite in a consistent language they would understand?

Click to Expand

Panel Participants:

Andrew Vezina
Andrew Vezina
VP and CISO at Equitable Bank
Andrew “Drew” Daniels
Andrew “Drew” Daniels
CIO/CISO
Sailaja Kotra-Turner
Sailaja Kotra-Turner
Global Information Security Leader, CISO - Brown-Forman
Cecil Pineda
Cecil Pineda
Senior VP & CISO at R1 RCM, Inc.
Craig Broussard
Craig Broussard
Director of Global Infrastructure - NCH Corporation

Collapse This Item
Day One Closing Session
Day Two
Welcome / Introductions
Office, Home or Hybrid - Manage and Secure Endpoints Anywhere, Anytime 9:25 am

Presented by baramundi

Cyberattacks have quadrupled since the beginning of the pandemic. Lots of endpoints are currently on their own when it comes to being managed and protected. What will happen when these machines come back to the office, or are they coming back at all? This presentation will address the different scenarios that companies may encounter and how to resolve them by automating their endpoint management.

Click to Expand

Panel Participants:

Axel Peters
Axel Peters
VP West Operations, baramundi

Collapse This Item
A Modern Approach to Information Protection 9:45 am
Presented by Proofpoint
Data Loss Prevention (DLP) solutions alone can no longer address today’s data privacy requirements. Customer PII data is the most often lost or stolen data, and more than half of these breaches involve malicious attacks. Challenges like increasing threat activity, difficulty protecting a remote workforce, and accelerating migration of data to cloud platforms make it harder to secure data and comply with privacy regulations – especially when analysts need multiple tools to investigate data leakages. So how can you better protect your company in 2021?

Join us as we discuss how you can reimagine data privacy with a modern approach to information protection. In this session, we will cover:
- Modern data security challenges
- The convergence of data and threat protection to secure data from internal and external threats
- How people-centric investigations lead to more rapid investigative outcomes
Click to Expand
Panel Participants:

Mike Stacy
Mike Stacy
Global Cloud and Information Protection Director at Proofpoint

Collapse This Item
Morning Coffee Break
How to Put Leverage Into the Cybersecurity Process 10:20 am
Presented by SEI
SEI IT Services will deconstruct the elements of the cybersecurity process. As the pace of technology and cyber threats increases, businesses are always trying to figure out ways to keep up without constantly increasing employee count and costs. Naturally, as a business grows so does security risks but does your IT budget increase as well? In today’s presentation, you will learn about a few concepts in a cybersecurity model that will help you provide leverage for better security.

Join Justin Estadt and Peter Misurek as they deconstruct the elements of a mature cybersecurity model.
- Three Phases of Security
- The Pyramid of Pain
- The Ultimate Outcome
Click to Expand
Panel Participants:

Justin Estadt
Justin Estadt
Head of Product, IT Services
Peter Misuerk
Peter Misuerk
Solutions Director

Collapse This Item
Top tips for minimizing email security threats 10:45 am

Presented by Cisco

Email continues to be the most effective way to gain a foothold in a business network and is often where successful compromises or breaches start. It’s the primary vector for malware infection because it effortlessly puts malicious payloads in front of the user, putting them one click away from exploitation. In this session, email security expert, Rob Marchi, shares how to overcome these challenges and how you can proactively address these ongoing issues with top tips for minimizing email security threats.

Click to Expand

Panel Participants:

Rob Marchi
Rob Marchi
Sr Product Manager

Collapse This Item
Expert Panel Discussion: Defense in Depth 11:05 am

New Strategies for 2021

Layering Defense in Depth (DiD) with intentional redundancies increases the security of a system as a whole and addresses many different attack vectors. From individual laptops, to VPN to the WAN, the old paradigm of “castles and moats” is soooo 1999. How are organizations defending against inventive hackers penetrating their systems in 2020?

Click to Expand

Panel Participants:

Justin Estadt
Justin Estadt
Head of Product, IT Services
Niles Pyelshak
Niles Pyelshak
Technical Engineer
Carlo Beronio
Carlo Beronio
Director Systems Engineering West/Central at Attivo Networks
Frank McClain
Frank McClain
Senior Threat Analyst

Collapse This Item
Lunch Break
CISO Panel 12:15 pm

Panel Participants:

Roman Medina, Jr.
Roman Medina, Jr.
CISO - Jefferson Bank – San Antonio, Texas
Luis Ossorio
Luis Ossorio
Director IT - FROSCH
Ray Jay Yepes
Ray Jay Yepes
Texas Department of Family and Protective Services
Marc Crudgington
Marc Crudgington
CISO; SVP Information Security - Woodforest National Bank
Mark Adams
Mark Adams
Senior Manager, IT Security and Compliance, and vCISO - Superior Energy
John Frushour
John Frushour
Vice President & Deputy Chief Information Security Officer at New York-Presbyterian Hospital, Department of Information Technology
Mike Davis
Mike Davis
CISO - ExactlyIT, Inc.

Collapse This Item
Faking It: Stopping Impersonation Attacks With Cyber AI 1:10 pm

Presented by Darktrace

Today, 94% of cyber-threats still originate in the inbox. ‘Impersonation attacks’ are on the rise, as artificial intelligence is increasingly being used to automatically generate spear-phishing emails, or ‘digital fakes’, that expertly mimic the writing style of trusted contacts and colleagues.

Humans can no longer distinguish real from fake on their own – businesses are increasingly turning to AI to distinguish friend from foe and fight back with autonomous response.

In an era when thousands of documents can be encrypted in minutes, ‘immune system’ technology takes action in seconds – stopping cyber-threats before damage is done.

Find out how in this session.

Click to Expand

Panel Participants:

Mariana Pereira
Mariana Pereira
Director of Email Security Products at Darktrace

Collapse This Item
Earn More Trust Through Vulnerability Management Best Practices 1:30 pm
Presented by Synack
COVID has brought on a set of security challenges that has security teams pivoting and spinning up new applications to meet the unique demands of quarantine and remote work. When external and even internal environments demand that you move quickly, how do you measure and communicate changes? And how do you build trust with customers, staff and the board, ensuring data and other investments are protected? Join Synack’s VP of Operations, Nick Harrahill, for a discussion on how to meet these unique demands.

You’ll learn:
- Best practices security leaders can pursue to harden vulnerability programs
- How leveraging a continuous crowdsourced testing model can help measure and communicate security posture
- How to maximize trust with customers and throughout organizations
Click to Expand
Panel Participants:

Nick Harrahill
Nick Harrahill
VP of Operations at Synack

Collapse This Item
Afternoon Coffee Break
Introduction to Risk-Based Vulnerability Management 2:05 pm
Presented by Kenna Security
Organizations have millions of vulnerabilities. And our research has shown that those same organizations, large or small, on average, can only fix one in 10 of those vulnerabilities.

But as a security executive you still need to keep your organization secure, so how do you do that when you can’t possibly fix all of your vulnerabilities? The answer is to focus on your highest-risk vulnerabilities first.

Join Kenna Security’s CTO and Co-Founder Ed Bellis as he:
- Reviews what years of research into vulnerability management data uncovered about the scope of the challenge
- Details the findings on how risk-based is the way to get ahead in vulnerability management
- Lays out several factors that drive better remediation performance
- Provides steps for setting up a successful risk-based vulnerability management program
Click to Expand
Panel Participants:

Ed Bellis
Ed Bellis
CTO and Co-Founder at Kenna Security

Collapse This Item
Cyberwarfare 2021: Next Level $#@! You Need to Know for Today's Cyber Battleground 2:25 pm

Presented by Checkpoint Software

Nation States, Non-Nation State Actors, Hacktivists, enterprise cyber criminals, shadow government agencies, terrorist organizations, loosely affiliated groups are using this next level $#@! as we speak to conduct cyber warfare: irregular warfare and proxy attacks, disinformation and disruption campaigns, “truth decay” (‎RAND Corp);to manipulate and influence public opinion, foment criminal violence; infiltrate organizations to conduct fraud, scam, and harass; highjack legitimate real human accounts for impersonation; and to distribute malware. These are very interesting times we are living in and this is the new cyber battleground.

Click to Expand

Panel Participants:

Micki Boland
Micki Boland
Cybersecurity Evangelist Check Point Software Technologies Office of the CTO

Collapse This Item
Expert Panel Discussion: AI & ML in Cybersecurity 2:50 pm

Can We ‘Science the Heck’ Out of Trouble?

We get it, Artificial Intelligence (AI) with particular focus on Machine Learning (ML) is one way to overcome advanced threats with particular attention to scale. That said, those terms are thrown at our executives to delight, amaze and confuse them. How do we really discern between them as tools in our kit versus ‘Weapons of Mass Distraction’?

Click to Expand

Panel Participants:

Kim Berry
Kim Berry
Principal Threat Intelligence Researcher - Auth0
Tad Dickie
Tad Dickie
CSO & VP - Colonial Savings Bank
John Frushour
John Frushour
Vice President & Deputy Chief Information Security Officer at New York-Presbyterian Hospital, Department of Information Technology

Collapse This Item
Afternoon Break
Is Your Active Directory Environment Secure from Cyberattacks? 3:35 pm
Presented by Semperis
Active Directory is the heart of many organizations’ information systems: It’s used for identity management by 90 percent of businesses. But this 20-year-old technology is increasingly under attack by cyber-criminals who use AD to gain access to your network–and your data. Recent incidents like the Hafnium attack on Microsoft Exchange have highlighted the urgent need for the ability to properly restore an Active Directory forest (without re-introducing malware) and to constantly monitor for well-known vulnerabilities.

What you’ll learn:
- Essentials of restoring an AD forest after a cyber-attack
- How cybercriminals can compromise your environment with well-known vulnerabilities such as zerologon and weak service account passwords (used for kerberoasting)
- How to scan your AD environment for indicators of exposure (IOEs) and indicators of compromise (IOCs).
Click to Expand
Panel Participants:

Sean Deuby
Sean Deuby
Director of Services

Collapse This Item
Keynote: CISA Briefing: Texas Cyber Update - Awareness, Prevention & Response 4:00 pm

CISA Briefing: Texas Cyber Update - Awareness, Prevention & Response

Interactive Chat – CISA Briefing: This exclusive briefing for the Data Connectors audience will focus on the latest updates from the Department of Homeland Security (DHS) Cyber Infrastructure Security Agency (CISA) Advisor for Region 6, which includes all of Texas. The SolarWinds Orion Code Compromise, which was the subject of Emergency Directive (ED) 21-01 earlier this year, and the “Hafnium” (Microsoft Exchange On-Premises Product Vulnerabilities) of ED 21-02 have brought state-sponsored attacks to the forefront for Cybersecurity Executives across Texas.

In this interactive discussion, CSA Reeves will go over specific points and actions, and welcome questions on: Texas-based threats, recent attacks, awareness/training, prevention and enforcement actions from agencies like CISA and the FBI.

Bring questions, and take notes!

Click to Expand

Panel Participants:

George Reeves
George Reeves
Region 6 Cybersecurity Advisor, DHS-CISA

Collapse This Item
Summit Final Closing Session