• Featured Speakers

    Collapse This Item

Event Schedule

Times for this Event are in Mountain Time (MDT/MST)

The Summit will be open from 8AM to 6PM.

  • Welcome / Introductions
  • The Ultimate Vendor Risk Assessment Checklist 8:40 am

    Presented by OneTrust

    Vendor risk assessments are essential to truly understand the security, privacy, and compliance programs of the third parties you work with. As a result, nearly every organization endures an endless back-and-forth with third parties. Lengthy questionnaires, broken processes, time-consuming reviews;these challenges are common, and as such, there are concrete steps your organization can take to save time and reduce assessment-related headaches. 

    In this webinar, we’ll outline the ultimate checklist for better vendor risk assessments, including: 

    • Actionable takeaways to quickly improve your assessment operations
    • Long-term changes you can make to set yourself up for success
    • Real advice and lessons learned from leading assessment experts
    Click to Expand

    Panel Participants:

    Jason Sabourin
    Jason Sabourin

    Jason Sabourin

    Product Manager at OneTrust

    Collapse This Item

  • Disrupting Lateral Movement by Securing Active Directory 9:00 am

    Presented by Attivo Networks

    Organizations continue to build their security stacks, yet advanced threats and insiders continue to breach networks and extract valuable data. A common tactic among most of these Ransomware and Advanced Threat Actors today involves leveraging Active Directory.  AD contains all of the information that an attacker needs to successfully move laterally and accomplish their mission. 

     In this session, Tom Atkins will explore a new method for securing Active Directory that can (for the first time) actually prevent an attacker from progressing laterally through your enterprise network.  Some key highlights include:

    • How Threat Actors use AD to accomplish their goals
    • Why Monitoring Active Directory is not enough
    • What simple tools you can deploy to dramatically improve your security posture by better securing AD
    Click to Expand

    Panel Participants:

    Joseph Salazar
    Joseph Salazar

    Joseph Salazar

    Technical Deception Engineer, CISSP, CEH, EnCE at Attivo

    Collapse This Item

  • The State of Secure Identity 2021 9:40 am

    Presented by Auth0

    Digital identities control access to an ever-growing number of applications, services, and critical systems. This makes identity an interesting attack vector for threat actors, and highlights the importance of authentication and authorization in preserving trust and security. The 2021 Auth0 State of Secure Identity report highlights the latest trends in identity security, including what types of attacks Auth0 has observed, the characteristics of these attacks, what industries are most affected, and the adoption rates for identity protection technologies.

    During this session, we’ll provide greater insight into which industries are:

    • Most highly targeted by credential stuffing attacks
    • Most highly targeted by SQL injection attacks
    • Leading the way in MFA adoption to improve overall security posture

    We’ll also shed light on: fake account creation, MFA bypass attacks, and what defensive measures are being adopted to combat these identity security threats.

    Click to Expand

    Panel Participants:

    Ian Hassard
    Ian Hassard

    Ian Hassard

    Senior Manager, Product Management at Auth0

    Collapse This Item

  • Latest network-layer DDoS trends and the rise of ransom-driven attacks 10:00 am

    Presented by Cloudflare

    Unprecedented changes in how people live and work around the world since the COVID-19 pandemic led to changing patterns of Internet usage. And as our reliance on the Internet surged, so did the frequency, sophistication, and distribution of cyberattacks. 

    In this talk, Cloudflare’s Head of Solution Engineering will discuss the latest DDoS attack trends observed over Cloudflare’s network. Join this talk to understand:

    • Key trends and shifts in the DDoS landscape
    • Ransom-based attacks: what are they and how to respond?
    • Steps organizations can take to better protect their networks
    Click to Expand

    Panel Participants:

    Trey Guinn
    Trey Guinn

    Trey Guinn

    Head of Solution Engineering

    Collapse This Item

  • Expert Panel Discussion: Application Security 10:20 am

    Application Security in Hybrid, Multi-Cloud Environments

    89% of CISOs say microservices, containers, and Kubernetes have created application security blind spots.  As the application landscape continues to grow, and the increased use of cloud-native architectures challenges traditional approaches, cybersecurity leaders are often looking for new ways to understand potential vulnerabilities.  With faster iterations from Agile Development pushing the DevSecOps Teams to move as quickly as possible, there is ample room for gaps to appear. 

    In this panel, our experts will discuss some of the various approaches to address these issues. The discussion will cover challenges faced by teams of all sizes, and processes, tools and methods that are in use to address. 

    Click to Expand

    Panel Participants:

    Zakk Karrazzi
    Zakk Karrazzi

    Zakk Karrazzi

    Chief Security Strategist at Attivo

    Hadas Cassorla
    Hadas Cassorla

    Hadas Cassorla

    CISO - M1 Finance

    Megan O’Neil
    Megan O’Neil

    Megan O’Neil

    Senior Architect - Security, Identity, & Compliance at Amazon Web Services

    Collapse This Item

  • Application Security Beyond Effective Bot Mitigation 11:05 am

    Presented by Shape Security a part of F5

    The past twelve months have been punctuated by soaring data breaches, new attack patterns and phishing scams catalyzed by COVID-19 with Credential Stuffing and other brute force attacks resulting in hard losses surpassing billions of dollars. Now, more so than ever in this digital-first world, must organizations seek cross-functional, convergent platforms with strong digital fraud solutions to combat the relentless sources of cybercrime that continue to abuse our online platforms. 

    Join Shape to explore how truly effective digital transformation journeys must transcend traditional bot mitigation and understand why defending our web and mobile applications without harming user experience or hampering revenue growth and brand reputation will become organizing principles for 2021 and beyond.

    Click to Expand

    Panel Participants:

    Partha Sarathy
    Partha Sarathy

    Partha Sarathy

    Global Fraud Strategist at Shape Security

    Collapse This Item

  • Office, Home or Hybrid - manage and secure endpoints anywhere, anytime 11:30 am

    Presented by baramundi

    Cyberattacks have quadrupled since the beginning of the pandemic. Lots of endpoints are currently on their own when it comes to being managed and protected. What will happen when these machines come back to the office, or are they coming back at all? This presentation will address the different scenarios that companies may encounter and how to resolve them by automating their endpoint management.

    Click to Expand

    Panel Participants:

    Axel Peters
    Axel Peters

    Axel Peters

    Endpoint Security Executive at baramundi

    Collapse This Item

  • Lunch Break
  • Lunch Briefing - THE LAST LINE OF DEFENSE: DATA PROTECTION 12:00 pm

    Presented by Pure Storage

    With the growth of Ransomware and cybercrime, Data protection is experiencing a resurgence. Organizations are quickly having to modernize their data protection architecture and strategies to meet not only these demands but also the demand that digital transformation is placing upon them; current approaches are designed around a backup centric approach, whereas a new approach centered around restore and getting organizations back up and running as quickly as possible are critical. Join this session to learn about the latest innovations in the data protection space and how they can be implemented to provide a restore centric approach and provide a true last line of defense. 

    Click to Expand

    Panel Participants:

    David Huskisson
    David Huskisson

    David Huskisson

    Rapid Restore Solutions Director at Pure Storage

    Collapse This Item

  • Keynote: Ransomware Investigations and Actionable Intelligence from DarkSide and REvil 12:20 pm

    Ransomware Investigations and Actionable Intelligence from DarkSide and REvil

    Ransomware is now a threat equal to terrorism. Cryptocurrencies have proven to be a lucrative modus operandi for criminal groups and state-actors looking to launder funds and evade sanctions. Cryptocurrency intelligence products, such as CipherTrace Inspector, can remove the financial incentives from ransomware perpetrators without risking brute force attacks. In May 2021, US-based Colonial Pipeline paid 75 BTC ($4.3M USD at the time) after a ransomware attack from DarkSide severely hindered the refinery’s operations. In March 2020, a DOJ Verified complaint illustrated how North Korea launched sophisticated attacks on cryptocurrency exchanges to finance their WMD program by laundering hundreds of millions of dollars’ worth of the stolen cryptocurrency through several banks and cryptocurrency exchanges. An uptick in Iranian and DPRK state-sponsored ransomware also led to OFAC issuing an advisory in October 2020 to alert companies that engage with victims of ransomware attacks of the potential sanctions risks for facilitating ransomware payments. 

    Learn how investigators were able to utilize blockchain analysis tools to follow the illicit flow of funds and see exactly how bad actors moved stolen crypto to virtual asset service providers and, eventually, banks.   

     Objectives: 

    • Examine how blockchain analytics enabled investigators to follow the flow of funds in recent ransomware cases like DarkSide (Colonial Pipeline)
    • Explore the role banks play in converting crypto to fiat  
    • Understand how ransomware is used to evade sanctions  
    • Look at the risks financial institutions face by processing ransomware payments for customers  
    • Learn which methods North Korean hackers have used to steal, obfuscate, and launder their crypto
    Click to Expand

    Panel Participants:

    Pamela Clegg
    Pamela Clegg

    Pamela Clegg

    VP of Financial Investigations at CipherTrace

    Collapse This Item

  • Your Ransomware Hostage Rescue Guide 1:05 pm

    Presented by KnowBe4

    Ransomware attacks are on the rise and are estimated to cost global organizations $20 billion. As ransomware attacks become more targeted and more damaging, your organization faces increased risk that can leave your networks down for days or even weeks. So, how can your organization avoid getting held hostage? 

    Join Erich Kron CISSP, Security Awareness Advocate at KnowBe4, as he looks at concerning features of new ransomware strains, provides actionable info that you need to prevent infections, and gives you tips on what to do when you are hit with ransomware.

    In this webcast we will cover:

    • What new scary ransomware strains are in the wild
    • Am I infected?
    • I’m infected, now what?
    • Proven methods of protecting your organization
    • How to create your human firewall

    Don’t get held hostage by ransomware and become a statistic!

    Click to Expand

    Panel Participants:

    Erich Kron
    Erich Kron

    Erich Kron

    Security Awareness Advocate at KnowBe4

    Collapse This Item

  • Don’t Phreak Out: Bring VOIP, P2P, and Server-initiated Access into the Zero Trust Era 1:25 pm

    Presented by Axis Security

    It all started with phreaking the phone network and a few clever hackers. Today business runs on IP networks and VOIP is an important application used by employees, contractors, and partners. Hackers today focus on attacking these private IP networks and they target vulnerable VPNs to gain access. Consequently, organizations are turning to zero trust network access (ZTNA) to protect their networks and applications against these attacks. For the longest time only VPNs were used to enable remote access for VOIP, P2P, or server-initiated flows. That changes now. Learn how you can add VOIP, P2P, and server-initiated flows into a zero trust network access model.

    Click to Expand

    Panel Participants:

    Gil Azrielant
    Gil Azrielant

    Gil Azrielant

    Co-Founder and CTO at Axis Security

    Collapse This Item

  • Expert Panel Discussion: AI & ML in Cybersecurity 2:00 pm

    AI & ML in Cybersecurity: Can we ‘Science the heck’ out of trouble?

    We get it, Artificial Intelligence (AI) with particular focus on Machine Learning (ML) is one way to overcome advanced threats with particular attention to scale. That said, those terms are thrown at our executives to delight, amaze and confuse them. How do we really discern between them as tools in our kit versus ‘Weapons of Mass Distraction’?

    Click to Expand

    Panel Participants:

    Smriti Jaggi
    Smriti Jaggi

    Smriti Jaggi

    Sr. Product Manager at Shape Security

    Ian McShane
    Ian McShane

    Ian McShane

    Field CTO at Arctic Wolf

    David Masson
    David Masson

    David Masson

    Director of Enterprise Security at Darktrace

    Collapse This Item

  • Faking It: Stopping Impersonation Attacks with Cyber AI 2:25 pm

    Presented by Darktrace

    Today, 94% of cyber-threats still originate in the inbox. ‘Impersonation attacks’ are on the rise, as artificial intelligence is increasingly being used to automatically generate spear-phishing emails, or ‘digital fakes’, that expertly mimic the writing style of trusted contacts and colleagues. 

    Humans can no longer distinguish real from fake on their own – businesses are increasingly turning to AI to distinguish friend from foe and fight back with autonomous response. 

    In an era when thousands of documents can be encrypted in minutes, ‘immune system’ technology takes action in seconds – stopping cyber-threats before damage is done. 

    Click to Expand

    Panel Participants:

    Mariana Pereira
    Mariana Pereira

    Mariana Pereira

    Director of Email Security Products at Darktrace

    Collapse This Item

  • Small businesses deserve big protection 2:45 pm

    Presented by Cisco Secure

    Small businesses are facing many of the same cybersecurity challenges as larger businesses. 66% of small businesses experienced a cyberattack in 2019, and 63% experienced a data breach. But securing your business doesn’t have to be complicated. Cybersecurity tools should be easy for a team of any size to deploy, use, and manage — letting you focus on more important things (like running your business!) Join Kate MacLean from Cisco to learn more about small business cybersecurity and how cloud-delivered security provides powerful protection against today’s biggest cyberthreats.

    Click to Expand

    Panel Participants:

    Kate MacLean
    Kate MacLean

    Kate MacLean

    Cloud Security Evangelist at Cisco

    Collapse This Item

  • Expert Panel Discussion: Beyond SolarWinds 3:25 pm

    Beyond SolarWinds: Supply Chain & Third-Party Risk Management for 2021

    Even before SolarWinds Orion Code Compromise, Supply Chain Attacks were up over 400% in 2020.  As 2021 rolls on, this attack vector has received tremendous attention.  Along with third-party risk in general, partner organizations and software systems with unfettered, privileged, deep access to infrastructure create “a perfect storm” threat for modern cyber executives.  

    In this panel, our experts will discuss these challenges in detail, as well as the multiple approaches to identify the best means of using supply chains while keeping the third-party risks at a minimum. 

    Click to Expand

    Panel Participants:

    Tim Mackey
    Tim Mackey

    Tim Mackey

    Principal Security Strategist at Synopsys

    Colin Henderson
    Colin Henderson

    Colin Henderson

    VP IT & Information Security at OneTrust

    David Telehowski
    David Telehowski

    David Telehowski

    Director, Security Engineering - Auth0

    Collapse This Item

  • Zero Trust Tips from Cisco’s SVP, Chief Security & Trust Officer 3:55 pm

    Presented by Duo Security

    Interested in bringing zero trust to your workforce but unsure of where to begin? This talk will cover the basics of workforce zero trust and best practices for implementation at organizations big and small. Practical learnings from Cisco’s rollout to its 100,000+ users will be shared to help you get started on your journey and plan for success.

    Click to Expand

    Panel Participants:

    Brad Arkin
    Brad Arkin

    Brad Arkin

    SVP, Chief Security & Trust Officer at Cisco

    Collapse This Item

  • Rethinking data protection in the age of ransomware 4:15 pm

    Presented by Zerto

    With the proliferation of data-driven digital business growing at an exponential pace, so is the pace of cyber security threats and attacks, such as ransomware. Cyberattacks can cost a company $1.4 Million on average in recovery when you add in the cost of lost productivity, reputation damage, and service disruption. Are you at risk? Can your backup keep pace with the speed of recovery that’s needed today? Attend this session to find out why traditional backup won’t save you from ransomware attack and how continuous data protection helps you to prepare, respond and recover from an attack.

    Click to Expand

    Panel Participants:

    Andy Fernandez
    Andy Fernandez

    Andy Fernandez

    Senior Technology Evangelist at Zerto

    Collapse This Item

  • CISO RoundTable 4:40 pm

     

    Submit your bio for consideration to participate on our CISO RoundTable

    to [email protected] or fill out our Call for Speakers form here.

    Click to Expand

    Panel Participants:

    Doug Staubach
    Doug Staubach

    Doug Staubach

    CISO at ServiceSource International

    Randall Frietzsche
    Randall Frietzsche

    Randall Frietzsche

    Enterprise Chief Information Security Officer (CISO) - Denver Health and Hospitals Authority,Inc.

    Stephanie Evans
    Stephanie Evans

    Stephanie Evans

    CIO at Viaero Wireless

    Douglas Brush
    Douglas Brush

    Douglas Brush

    Global Advisory CISO at Splunk

    E.J. Hilbert
    E.J. Hilbert

    E.J. Hilbert

    Former FBI Cyber Agent, CISO & Founder at KCECyber

    Collapse This Item

  • Summit Final closing Session