Virtual Summit
Denver
Virtual Cybersecurity Summit
The Denver Virtual Cybersecurity Summit will feature industry leaders across the Rocky Mountain region, as well as offer an opportunity for cybersecurity professionals to connect, learn, and grow professionally. This live, virtual experience will help you navigate the complicated waters of information security on behalf of your organization. Live panels will be covering topics including the impact of recent ransomware attacks, along with some new thoughts on how to move forward with a successful cyber infrastructure.
The agenda features a panel of insightful, unbiased CISOs, as they discuss tackling the current cybersecurity landscape from their leadership positions, as well as a litany of subject matter experts discussing risk assessment, managing active directory, and endpoint security.
Date
Thu. Jul 22
-
Featured Speakers
Pamela Clegg
![Pamela Clegg]()
Keynote: Ransomware Investigations and Actionable Intelligence from DarkSide and REvil
Doug Staubach![Doug Staubach]()
CISO RoundTable
Randall Frietzsche![Randall Frietzsche]()
CISO RoundTable
Stephanie Evans![Stephanie Evans]()
CISO RoundTable
Douglas Brush![Douglas Brush]()
CISO RoundTable
E.J. Hilbert![E.J. Hilbert]()
CISO RoundTable
Event Schedule
Times for this Event are in Mountain Time (MDT/MST)
The Summit will be open from 8AM to 6PM.
- Welcome / Introductions
-
The Ultimate Vendor Risk Assessment Checklist 8:40 am
Click to Expand
Vendor risk assessments are essential to truly understand the security, privacy, and compliance programs of the third parties you work with. As a result, nearly every organization endures an endless back-and-forth with third parties. Lengthy questionnaires, broken processes, time-consuming reviews;these challenges are common, and as such, there are concrete steps your organization can take to save time and reduce assessment-related headaches.
In this webinar, we’ll outline the ultimate checklist for better vendor risk assessments, including:
- Actionable takeaways to quickly improve your assessment operations
- Long-term changes you can make to set yourself up for success
- Real advice and lessons learned from leading assessment experts
Panel Participants:
-
Disrupting Lateral Movement by Securing Active Directory 9:00 am
Click to Expand
Organizations continue to build their security stacks, yet advanced threats and insiders continue to breach networks and extract valuable data. A common tactic among most of these Ransomware and Advanced Threat Actors today involves leveraging Active Directory. AD contains all of the information that an attacker needs to successfully move laterally and accomplish their mission.
In this session, Tom Atkins will explore a new method for securing Active Directory that can (for the first time) actually prevent an attacker from progressing laterally through your enterprise network. Some key highlights include:
- How Threat Actors use AD to accomplish their goals
- Why Monitoring Active Directory is not enough
- What simple tools you can deploy to dramatically improve your security posture by better securing AD
Panel Participants:
-
The State of Secure Identity 2021 9:40 am
Click to Expand
Digital identities control access to an ever-growing number of applications, services, and critical systems. This makes identity an interesting attack vector for threat actors, and highlights the importance of authentication and authorization in preserving trust and security. The 2021 Auth0 State of Secure Identity report highlights the latest trends in identity security, including what types of attacks Auth0 has observed, the characteristics of these attacks, what industries are most affected, and the adoption rates for identity protection technologies.
During this session, we’ll provide greater insight into which industries are:
- Most highly targeted by credential stuffing attacks
- Most highly targeted by SQL injection attacks
- Leading the way in MFA adoption to improve overall security posture
We’ll also shed light on: fake account creation, MFA bypass attacks, and what defensive measures are being adopted to combat these identity security threats.
Panel Participants:
-
Latest network-layer DDoS trends and the rise of ransom-driven attacks 10:00 am
Click to Expand
Unprecedented changes in how people live and work around the world since the COVID-19 pandemic led to changing patterns of Internet usage. And as our reliance on the Internet surged, so did the frequency, sophistication, and distribution of cyberattacks.
In this talk, Cloudflare’s Head of Solution Engineering will discuss the latest DDoS attack trends observed over Cloudflare’s network. Join this talk to understand:
- Key trends and shifts in the DDoS landscape
- Ransom-based attacks: what are they and how to respond?
- Steps organizations can take to better protect their networks
Panel Participants:
-
Expert Panel Discussion: Application Security 10:20 am
Application Security in Hybrid, Multi-Cloud Environments
Click to Expand89% of CISOs say microservices, containers, and Kubernetes have created application security blind spots. As the application landscape continues to grow, and the increased use of cloud-native architectures challenges traditional approaches, cybersecurity leaders are often looking for new ways to understand potential vulnerabilities. With faster iterations from Agile Development pushing the DevSecOps Teams to move as quickly as possible, there is ample room for gaps to appear.
In this panel, our experts will discuss some of the various approaches to address these issues. The discussion will cover challenges faced by teams of all sizes, and processes, tools and methods that are in use to address.
Panel Participants:
-
Application Security Beyond Effective Bot Mitigation 11:05 am
Presented by Shape Security a part of F5
Click to ExpandThe past twelve months have been punctuated by soaring data breaches, new attack patterns and phishing scams catalyzed by COVID-19 with Credential Stuffing and other brute force attacks resulting in hard losses surpassing billions of dollars. Now, more so than ever in this digital-first world, must organizations seek cross-functional, convergent platforms with strong digital fraud solutions to combat the relentless sources of cybercrime that continue to abuse our online platforms.
Join Shape to explore how truly effective digital transformation journeys must transcend traditional bot mitigation and understand why defending our web and mobile applications without harming user experience or hampering revenue growth and brand reputation will become organizing principles for 2021 and beyond.
Panel Participants:
-
Office, Home or Hybrid - manage and secure endpoints anywhere, anytime 11:30 am
Click to Expand
Cyberattacks have quadrupled since the beginning of the pandemic. Lots of endpoints are currently on their own when it comes to being managed and protected. What will happen when these machines come back to the office, or are they coming back at all? This presentation will address the different scenarios that companies may encounter and how to resolve them by automating their endpoint management.
Panel Participants:
- Lunch Break
-
Lunch Briefing - THE LAST LINE OF DEFENSE: DATA PROTECTION 12:00 pm
Click to Expand
With the growth of Ransomware and cybercrime, Data protection is experiencing a resurgence. Organizations are quickly having to modernize their data protection architecture and strategies to meet not only these demands but also the demand that digital transformation is placing upon them; current approaches are designed around a backup centric approach, whereas a new approach centered around restore and getting organizations back up and running as quickly as possible are critical. Join this session to learn about the latest innovations in the data protection space and how they can be implemented to provide a restore centric approach and provide a true last line of defense.
Panel Participants:
-
Keynote: Ransomware Investigations and Actionable Intelligence from DarkSide and REvil 12:20 pm
Ransomware Investigations and Actionable Intelligence from DarkSide and REvil
Click to ExpandRansomware is now a threat equal to terrorism. Cryptocurrencies have proven to be a lucrative modus operandi for criminal groups and state-actors looking to launder funds and evade sanctions. Cryptocurrency intelligence products, such as CipherTrace Inspector, can remove the financial incentives from ransomware perpetrators without risking brute force attacks. In May 2021, US-based Colonial Pipeline paid 75 BTC ($4.3M USD at the time) after a ransomware attack from DarkSide severely hindered the refinery’s operations. In March 2020, a DOJ Verified complaint illustrated how North Korea launched sophisticated attacks on cryptocurrency exchanges to finance their WMD program by laundering hundreds of millions of dollars’ worth of the stolen cryptocurrency through several banks and cryptocurrency exchanges. An uptick in Iranian and DPRK state-sponsored ransomware also led to OFAC issuing an advisory in October 2020 to alert companies that engage with victims of ransomware attacks of the potential sanctions risks for facilitating ransomware payments.
Learn how investigators were able to utilize blockchain analysis tools to follow the illicit flow of funds and see exactly how bad actors moved stolen crypto to virtual asset service providers and, eventually, banks.
Objectives:
- Examine how blockchain analytics enabled investigators to follow the flow of funds in recent ransomware cases like DarkSide (Colonial Pipeline)
- Explore the role banks play in converting crypto to fiat
- Understand how ransomware is used to evade sanctions
- Look at the risks financial institutions face by processing ransomware payments for customers
- Learn which methods North Korean hackers have used to steal, obfuscate, and launder their crypto
Panel Participants:
-
Your Ransomware Hostage Rescue Guide 1:05 pm
Click to Expand
Ransomware attacks are on the rise and are estimated to cost global organizations $20 billion. As ransomware attacks become more targeted and more damaging, your organization faces increased risk that can leave your networks down for days or even weeks. So, how can your organization avoid getting held hostage?
Join Erich Kron CISSP, Security Awareness Advocate at KnowBe4, as he looks at concerning features of new ransomware strains, provides actionable info that you need to prevent infections, and gives you tips on what to do when you are hit with ransomware.
In this webcast we will cover:
- What new scary ransomware strains are in the wild
- Am I infected?
- I’m infected, now what?
- Proven methods of protecting your organization
- How to create your human firewall
Don’t get held hostage by ransomware and become a statistic!
Panel Participants:
-
Don’t Phreak Out: Bring VOIP, P2P, and Server-initiated Access into the Zero Trust Era 1:25 pm
Click to Expand
It all started with phreaking the phone network and a few clever hackers. Today business runs on IP networks and VOIP is an important application used by employees, contractors, and partners. Hackers today focus on attacking these private IP networks and they target vulnerable VPNs to gain access. Consequently, organizations are turning to zero trust network access (ZTNA) to protect their networks and applications against these attacks. For the longest time only VPNs were used to enable remote access for VOIP, P2P, or server-initiated flows. That changes now. Learn how you can add VOIP, P2P, and server-initiated flows into a zero trust network access model.
Panel Participants:
-
Expert Panel Discussion: AI & ML in Cybersecurity 2:00 pm
AI & ML in Cybersecurity: Can we ‘Science the heck’ out of trouble?
Click to ExpandWe get it, Artificial Intelligence (AI) with particular focus on Machine Learning (ML) is one way to overcome advanced threats with particular attention to scale. That said, those terms are thrown at our executives to delight, amaze and confuse them. How do we really discern between them as tools in our kit versus ‘Weapons of Mass Distraction’?
Panel Participants:
-
Faking It: Stopping Impersonation Attacks with Cyber AI 2:25 pm
Click to Expand
Today, 94% of cyber-threats still originate in the inbox. ‘Impersonation attacks’ are on the rise, as artificial intelligence is increasingly being used to automatically generate spear-phishing emails, or ‘digital fakes’, that expertly mimic the writing style of trusted contacts and colleagues.
Humans can no longer distinguish real from fake on their own – businesses are increasingly turning to AI to distinguish friend from foe and fight back with autonomous response.
In an era when thousands of documents can be encrypted in minutes, ‘immune system’ technology takes action in seconds – stopping cyber-threats before damage is done.
Panel Participants:
-
Small businesses deserve big protection 2:45 pm
Click to Expand
Small businesses are facing many of the same cybersecurity challenges as larger businesses. 66% of small businesses experienced a cyberattack in 2019, and 63% experienced a data breach. But securing your business doesn’t have to be complicated. Cybersecurity tools should be easy for a team of any size to deploy, use, and manage — letting you focus on more important things (like running your business!) Join Kate MacLean from Cisco to learn more about small business cybersecurity and how cloud-delivered security provides powerful protection against today’s biggest cyberthreats.
Panel Participants:
-
Expert Panel Discussion: Beyond SolarWinds 3:25 pm
Beyond SolarWinds: Supply Chain & Third-Party Risk Management for 2021
Click to ExpandEven before SolarWinds Orion Code Compromise, Supply Chain Attacks were up over 400% in 2020. As 2021 rolls on, this attack vector has received tremendous attention. Along with third-party risk in general, partner organizations and software systems with unfettered, privileged, deep access to infrastructure create “a perfect storm” threat for modern cyber executives.
In this panel, our experts will discuss these challenges in detail, as well as the multiple approaches to identify the best means of using supply chains while keeping the third-party risks at a minimum.
Panel Participants:
-
Zero Trust Tips from Cisco’s SVP, Chief Security & Trust Officer 3:55 pm
Click to Expand
Interested in bringing zero trust to your workforce but unsure of where to begin? This talk will cover the basics of workforce zero trust and best practices for implementation at organizations big and small. Practical learnings from Cisco’s rollout to its 100,000+ users will be shared to help you get started on your journey and plan for success.
Panel Participants:
-
Rethinking data protection in the age of ransomware 4:15 pm
Click to Expand
With the proliferation of data-driven digital business growing at an exponential pace, so is the pace of cyber security threats and attacks, such as ransomware. Cyberattacks can cost a company $1.4 Million on average in recovery when you add in the cost of lost productivity, reputation damage, and service disruption. Are you at risk? Can your backup keep pace with the speed of recovery that’s needed today? Attend this session to find out why traditional backup won’t save you from ransomware attack and how continuous data protection helps you to prepare, respond and recover from an attack.
Panel Participants:
-
CISO RoundTable 4:40 pm
Click to Expand
Submit your bio for consideration to participate on our CISO RoundTable
to [email protected] or fill out our Call for Speakers form here.
Panel Participants:
- Summit Final closing Session
-
Partners
Gold Partners
![Attivo Networks]()
![Auth0]()
![Cloudflare - Alternate]()
![OneTrust]()
![Pure Storage - Alternate]()
![Shape Security Part of F5]()
Silver Partners
![Axis Security]()
![baramundi - Alternate]()
![Cisco Secure]()
![Darktrace]()
![Duo Security - Alternate]()
![KnowBe4]()
![Zerto]()
Bronze Partners
![Arctic Wolf Networks - Alternate]()
![Synopsys]()
Exhibiting Partners
Affiliate Partners
![AFCEA Rocky Mountain Chapter]()
