Virtual Summit
Capital Region
Virtual Cybersecurity Summit
The Federal Capital Region Virtual Cybersecurity Summit – featuring the US Secret Service Global Investigative Operations Center Romance Scam Symposium. In this 12th annual visit to the Washington, DC Metro Area, Data Connectors is proud to host a two day live, interactive online event. The agenda will feature multiple keynote presentations, five expert panel discussions, and host an exclusive collaboration that features the FBI Cyber Division, Internet Crime Complaint Center (IC3) and the Secret Service GIOC in partnership with private organizations.
Community Members in attendance will get access to live panels, keynotes, and educational presentations. They will have more than 18 hours to peruse the Solutions Showcase, which features over 30 partners and affiliates, who will have their teams of cybersecurity experts on hand to answer questions, give demonstrations and network with summit attendees.
Date
Wed. Jun 23 — Thu. Jun 24
Event Schedule
Times for this Event are in Eastern Time (EDT/EST)
The Summit will be open from 8AM to 6PM.
- DAY ONE
- Welcome / Introductions
-
Moving Beyond Password to Delight & Secure Users 9:40 am
Click to Expand
Passwords have been a constant throughout the internet era. As we’ve moved from desktops to smartphones, from on-premises infrastructure to cloud services, we’ve all relied on passwords to access and safeguard our data and resources across the applications we use on a daily basis.
But in this new digital age where data breaches are rampant, passwords are no longer good enough. Not only are they insecure, they are expensive and offer a poor user experience. Fortunately, there’s a better way to protect your applications and stop account takeover incidents.
In this session, we’ll discuss the benefits of passwordless authentication and explain how eliminating the password can help improve user experience, admin visibility and control, and scalability. We’ll also walk through key considerations and first steps as you embark on your passwordless journey.
Panel Participants:
-
Small businesses deserve big protection 9:55 am
Click to Expand
Small businesses are facing many of the same cybersecurity challenges as larger businesses. 66% of small businesses experienced a cyberattack in 2019, and 63% experienced a data breach. But securing your business doesn’t have to be complicated. Cybersecurity tools should be easy for a team of any size to deploy, use, and manage — letting you focus on more important things (like running your business!) Join Kate MacLean from Cisco to learn more about small business cybersecurity and how cloud-delivered security provides powerful protection against today’s biggest cyberthreats.
Panel Participants:
-
Latest network-layer DDoS trends and the rise of ransom-driven attacks 10:45 am
Click to Expand
Unprecedented changes in how people live and work around the world since the COVID-19 pandemic led to changing patterns of Internet usage. And as our reliance on the Internet surged, so did the frequency, sophistication, and distribution of cyberattacks.
In this talk, Cloudflare’s Head of Solution Engineering will discuss the latest DDoS attack trends observed over Cloudflare’s network. Join this talk to understand:
- Key trends and shifts in the DDoS landscape
- Ransom-based attacks: what are they and how to respond?
- Steps organizations can take to better protect their networks
Panel Participants:
-
A Modern Approach to Information Protection 11:05 am
Click to Expand
Data Loss Prevention (DLP) solutions alone can no longer address today’s data privacy requirements. Customer PII data is the most often lost or stolen data, and more than half of these breaches involve malicious attacks. Challenges like increasing threat activity, difficulty protecting a remote workforce, and accelerating migration of data to cloud platforms make it harder to secure data and comply with privacy regulations – especially when analysts need multiple tools to investigate data leakages. So how can you better protect your company in 2021?
Join us as we discuss how you can reimagine data privacy with a modern approach to information protection. In this session, we will cover:
- Modern data security challenges
- The convergence of data and threat protection to secure data from internal and external threats
- How people-centric investigations lead to more rapid investigative outcomes
Panel Participants:
-
Expert Panel Discussion: Recover from Ransomware 11:25 am
Recover from Ransomware/Ransomware Ex Post Facto: Coming Back After an Attack
Click to ExpandWhether you chose to pay the ransomware or not, industry experts tell you to treat your entire network as contaminated. Rebuilding images, devices, re-formatting storage, and all the rest is part of this process. In this panel, our experts will talk about what to do first – and what to avoid, and where the traps may lie.
Panel Participants:
- Lunch Break
-
Guest Keynote: Andrew Hoover a Key architect of the CMMC 12:30 pm
Development of the CMMC and its benefits to an Organization
Click to ExpandCMMC was developed to drive a cultural shift in the DIB away from reactive compliance to proactive cybersecurity measures. One of the key CMMC model architects from the Software Engineering Institute (SEI) at Carnegie Mellon University (CMU) will walk through how CMMC was developed on top of, rather than replacing, existing regulations and why additional practices were added to those already existing in NIST 800-171. We will then look at how the implementation of process maturity can benefit organizations and show data which supports the effectiveness of these processes.
Panel Participants:
-
Disrupting Lateral Movement by Securing Active Directory 1:20 pm
Click to Expand
A common tactic among advanced threat actors and ransomware attacks today involves leveraging Active Directory to move laterally and accomplish their mission. Active Directory data can give attackers credentials, privileges, access, and persistence. Protecting it must be a high priority for any organization.
Active Directory security requires time, resources, expertise, and visibility. Typical best practices focus on limiting privileged accounts, conducting audits, and hardening systems, but these no longer suffice to address advanced attacks.
Join this session to explore new options that automate defending AD from compromise to prevent lateral movement.
Highlights include:
- Live detection for attacks targeting Active Directory
- Attack surface reduction at both Active Directory and the endpoint
- Continuous visibility to AD changes that introduce new exposures
- Addressing Active Directory assurance to reduce risks and pass Red team tests
Panel Participants:
-
Rethinking your data protection strategy in the age of ransomware. 1:40 pm
Click to Expand
With the proliferation of data-driven digital business growing at an exponential pace, so is the pace of cyber security threats and attacks, such as ransomware. Cyberattacks can cost a company $1.4 Million on average in recovery when you add in the cost of lost productivity, reputation damage, and service disruption. Are you at risk? Can your backup keep pace with the speed of recovery that’s needed today? Attend this session to find out why traditional backup won’t save you from ransomware attack and how continuous data protection helps you to prepare, respond and recover from an attack.
Panel Participants:
-
Insider Risk Management: The alternative to traditional data protection is here! 2:20 pm
Click to Expand
We live in a world where employees are almost twice as likely to expose corporate data than they were prior to the pandemic. As a result, organizations have been struggling to solve this problem with legacy solutions such as DLP and need a dedicated Insider Risk Program instead. By attending this session, you will learn how an Insider Risk Management approach can provide the visibility you need to quickly mitigate data exposure risks without the obstacles commonly associated with blocking and tackling.
Panel Participants:
-
Faking It: Stopping Impersonation Attacks with Cyber AI 2:40 pm
Click to Expand
Today, 94% of cyber-threats still originate in the inbox. ‘Impersonation attacks’ are on the rise, as artificial intelligence is increasingly being used to automatically generate spear-phishing emails, or ‘digital fakes’, that expertly mimic the writing style of trusted contacts and colleagues.
Humans can no longer distinguish real from fake on their own – businesses are increasingly turning to AI to distinguish friend from foe and fight back with autonomous response.
In an era when thousands of documents can be encrypted in minutes, ‘immune system’ technology takes action in seconds – stopping cyber-threats before damage is done.
Find out how in this session.
Panel Participants:
-
Expert Panel Discussion: Trends in Federal Cybersecurity 3:05 pm
Click to Expand
In the wake of “top tier tradecraft” nation-state sponsored cyberattacks, new executive order regulation looms. The ecosystem around the federal government sector for those that work IN or WITH three-letter agencies is ever-changing. Even as the new administration has kept much of the previous ones’ cyber plans on track – the key trends like Zero Trust, SOAR, CARTA, IAM, etc. that are important to all our Community Members are intensified by FedRAMP, CMMC and a host of new requirements.
Whether you spend all day thinking about the next DoD requirement or don’t know your C3PAO from TIC 3.0, our expert discussion will approach the topic from multiple angles that promises an educational opportunity for everyone.
Panel Participants:
- CISO Panel 3:55 pm
- Day One Closing Session
- DAY TWO
- Welcome / Introductions
-
Leveling up to prevent cyber extortion: A blueprint for outcome-based cybersecurity investments and more effective public-private partnership model. 9:35 am
Click to Expand
In today’s evolving threat landscape — which features malicious actors frequently innovating at a pace unmatched by most defenses — companies of all sizes are in the cross hairs. They need more tailored guidance to make higher impact investments to mitigate cyber extortion. So while there’s no shortage of useful cybersecurity frameworks to guide information security and risk management programs — actually implementing them requires expertise and effective risk-based prioritization that most organizations don’t have. Too often, this dynamic leads to confusion, rather than impact. At the same time, the US federal response has been tepid to date with vague commitments around information sharing and marginal improvements in malware signature sharing and vulnerability disclosures, all of which primarily help sophisticated organizations. We need to level up our game. The federal government can provide more meaningful support to the private sector by leveraging its unique analytical capabilities to give organizations tailored control and monitoring guidance, based on higher fidelity threat modeling. This will assist organizations in making higher-impact investments that drive outcomes, and incentivize vendors to benchmark their offerings against federal recommendations to drive more outcome-based evaluations.
Panel Participants:
-
The Need for Building a Universal State Digital Citizen Identity 10:00 am
Click to Expand
The pandemic accelerated the already growing demand for digital citizen experiences. State and local agencies quickly pivoted from providing citizen services inline to making them available online. When many government officials enabled digital permit applications and access to unemployment insurance – they had to build entire application stacks from the ground up – including login services and identity verification. This led to poor citizen experience, unanticipated costs, long deployment timelines, and increased security risks.
Today – we’ll look at why State’s digital transformation strategy should include a statewide citizen identity. We will discuss the importance of having a managed identity service to make access management simple & secure for government leaders so they can continue to innovate to provide the right services to their citizens.
Panel Participants:
-
Expert Panel Discussion: Defense-in-Depth 10:20 am
Defense-in-Depth: New Strategies for 2021
Click to ExpandLayering Defense in Depth (DiD) with intentional redundancies increases the security of a system as a whole and addresses many different attack vectors. From individual laptops, to VPN to the WAN, the old paradigm of “castles and moats” is soooo 1999. How are organizations defending against inventive hackers penetrating their systems in 2020?
Panel Participants:
-
Your Ransomware Hostage Rescue Guide 11:25 am
Click to Expand
Ransomware attacks are on the rise and are estimated to cost global organizations $20 billion. As ransomware attacks become more targeted and more damaging, your organization faces increased risk that can leave your networks down for days or even weeks. So, how can your organization avoid getting held hostage?
Join Erich Kron CISSP, Security Awareness Advocate at KnowBe4, as he looks at concerning features of new ransomware strains, provides actionable info that you need to prevent infections, and gives you tips on what to do when you are hit with ransomware.
In this webcast we will cover:
- What new scary ransomware strains are in the wild
- Am I infected?
- I’m infected, now what?
- Proven methods of protecting your organization
- How to create your human firewall
Don’t get held hostage by ransomware and become a statistic!
Panel Participants:
-
Introduction to Risk-Based Vulnerability Management 11:45 am
Click to Expand
Organizations have millions of vulnerabilities. And our research has shown that those same organizations, large or small, on average, can only fix one in 10 of those vulnerabilities.
But as a security executive you still need to keep your organization secure, so how do you do that when you can’t possibly fix all of your vulnerabilities? The answer is to focus on your highest-risk vulnerabilities first.
Join Kenna Security’s CTO and Co-Founder Ed Bellis as he:
- Reviews what years of research into vulnerability management data uncovered about the scope of the challenge
- Details the findings on how risk-based is the way to get ahead in vulnerability management
- Lays out several factors that drive better remediation performance
- Provides steps for setting up a successful risk-based vulnerability management program
Panel Participants:
- Lunch Break
-
Feature Keynote: Cyber AI Best Practices Learned from startups to the DoD 12:35 pm
[Fireside Chat] Cyber AI Best Practices Learned from startups to the DoD
Click to ExpandWhat can you learn about data science to aid cybersecurity with a $1 billion federal budget? In this fireside chat with Justin Fanelli, he’ll dive into some of the lessons learned as a leader within the Naval Information Warfare Systems Command (formerly SpaWar).
In 2020, corporate spend on AI exceeded $50 Billion; over 20% of that was aimed at cyber. That said, one major study cites that only 10% of companies have seen a significant return on their AI investment. Therefore, we must improve our AI and Cyber AI yield.
Our keynote interview will focus on what has been learned, and what actions can be taken within the pre-procurement, procurement, and implementation processes for ways to increase the likelihood of improved outcomes or, as is sometimes said within the military, increase the amount of steel on target.
Panel Participants:
-
USSS GIOC Romance Scam Symposium 1:45 pm
USSS Workshop - Opening Remarks by Stephen Dougherty
Click to ExpandThe U.S. Secret Service Global Investigative Operations Center (GIOC) has seen a distinct rise in fraudulent and criminal activity from romance scams and other trust-related social engineering schemes.
Over the past four years, the number of reported romance scam incidents has tripled. In 2016, there were approximately 10,000 reported romance scam incidents, in comparison, 2020 saw over 30,000 reported romance scam and related incidents. The financial loss is commensurate as well, $304 Million in loss was reported in 2020, and over the previous 5 years, nearly $1 Billion in loss has been reported.
The financial impact is apparent, but romance scams and related socially-engineered trust schemes have deep cutting psychological and emotional impacts on the associated victims including their friends and families. Aside from direct financial loss, romance scam victims often become unwitting cogs in more complex cyber-enabled fraud schemes such as Business Email Compromise. Romance scam victims have even become involved in human trafficking events and drug related crimes.
The U.S. Secret Service has adopted a multi-layered approach to combating romance scams and related schemes. An important pillar in this approach is education and awareness. To increase awareness for these schemes, USSS/CID is proposing a joint symposium with other federal law enforcement agencies and private side partners. The symposium would be approximately 120 minutes to 150 minutes with several different presentations from different perspectives. The goal of the symposium is to increase awareness and shed light on the impact that romance scams cause.
Symposium Agenda Opening Remarks :USSS Stephen Dougherty, Financial Fraud Investigator, USSS USSS: Real Talk: Romance Scams, impact stories, perspectives, and prevention Stephen Dougherty, Financial Fraud Investigator, USSS FBI IC3: US Cybercrime Reporting (a.k.a. Follow the Money) Donna Gregory, Unit Chief, FBI Cyber Division IC3 Cybersecurity & The Private Sector: Lessons Learned from Romance Victims Ronnie Tokazowski, Senior Threat Researcher Financial Industry: Schemes and Scams: An Overview of Romance Scams Ken Elder, VP – Enterprise AML Officer, Lincoln Financial Group AARP: Stop Sending Nudes! Amy Nofziger, Director Fraud Victim Support Romance Scam Panel: FBI, Secret Service & Private Sector Leaders Discuss Trends Stephen Dougherty, Ronnie Tokazowski, Ken Elder, Amy Nofziger, and Rachel Yurkovich Closing Remarks Stephen Dougherty, Financial Fraud Investigator, USSS Panel Participants:
-
USSS: Real Talk: Romance Scams, impact stories, perspectives, and prevention 2:00 pm
Presented by: Stephen Dougherty, Financial Fraud Investigator, USSS
Click to ExpandThe U.S. Secret Service along with the FBI is hosting an afternoon Romance scam symposium focusing on real stories, different perspectives including a financial sector representative and AARP, education, and a town hall style Q&A panel session.
Subject matter experts will shed light on the ever growing threat and harm that romance and confidence scams cause. Speakers will give real life examples of how romance scam victims get roped into transnational organized crime by laundering money, being human trafficked, and even drug smuggling. Participants will get a briefing on statistics to get a true picture of the threat and will hear from several industry experts on the schemes they are seeing and how to prevent others from falling victim.
Panel Participants:
-
FBI IC3: US Cybercrime Reporting (a.k.a. Follow the Money) 2:15 pm
Presented by: Donna Gregory, Unit Chief, FBI Cyber Division IC3
Click to ExpandSince 2000, the FBI’s Internet Crime Complaint Center (IC3) has received complaints crossing the spectrum of cyber crime matters, to include online fraud in its many forms including Intellectual Property Rights (IPR) matters, Computer Intrusions (hacking), Economic Espionage (Theft of Trade Secrets), Online Extortion, International Money Laundering, Identity Theft, and a growing list of Internet facilitated crimes.
In this discussion, Donna Gregory, Unit Chief for the FBI Cyber Division, IC3 will explain more about their mission to provide the public with a reliable and convenient reporting mechanism to submit information to the FBI concerning suspected Internet-facilitated criminal activity and to develop effective alliances with law enforcement and industry partners.
She will then present some of the data from these analyses, including romance scam statistics, and how these crimes interoperate with other cybercrime activities. Moreover, she will highlight the FBI efforts to tackle both the freezing of fraudulently wired funds and its participation in the Department of Justice’s Elder Fraud Initiative.
Panel Participants:
-
Cybersecurity & The Private Sector: Lessons Learned from Romance Victims 2:35 pm
Presented by: Ronnie Tokazowski, Senior Threat Researcher
Click to ExpandIn this presentation, Ronnie Tokazowski (Sr. Threat Researcher at Agari) will give a deep dive into how romance scams work from both the actor and victim perspective. In addition, Ronnie will provide tips and uncomfortable tales from the trenches based on real events and victims.
Panel Participants:
-
Financial Industry: Schemes and Scams: An Overview of Romance Scams 3:20 pm
Presented by: Kenneth Elder, VP - Enterprise AML Officer, Lincoln Financial Group
Click to ExpandTransnational romance scams are a particularly egregious form of financial exploitation. Based on his work within LFG, and extensive research, Mr. Elder will further explain techniques fraudsters use to obtain a target’s personal information and their efforts to use that information for illicit purposes. A seasoned professional of the financial services industry, his presentation will talk more about the current schemes, federal and state efforts to combat these issues, and steps individuals can take to protect themselves.
Supported by case studies and analysis, Ken exposes the scams used to access and deplete financial accounts, and why they are on the rise, both in terms of their variety and the depths to which the scammers will go to further their personal financial gain.
Panel Participants:
-
AARP: Stop Sending Nudes! 3:40 pm
Presented by: Amy Nofziger, Director Fraud Victim Support
Click to ExpandIn 2020, reported losses to romance scams reached a record $304 million and most people don’t think it will ever happen to them or someone they know. But with millions of victims a year, it’s likely happening to someone in your life.
Each year thousands of romance scam victims and their families reach out to AARP’s Fraud Watch Network Helpline for information and support. Learn about trends from callers to the Helpline, persuasion tactics used to lure in victims, use blackmail and extortion strategies and common methods of contact and what to expect from the romance scams of tomorrow.
Panel Participants:
-
Romance Scam Panel: FBI, Secret Service & Private Sector Leaders Discuss Trends 4:00 pm
Presented by: Stephen Dougherty, Ronnie Tokazowski, Ken Elder, Amy Nofziger, and Rachel Yurkovich
Panel Participants:
-
Closing Remarks 4:40 pm
Presented by: USSS GIOC Team, Stephen Dougherty, Financial Fraud Investigator, USSS
Panel Participants:
- Summit Final Closing Session
-
Partners
Gold Partners
![ActZero]()
![Attivo Networks]()
![Auth0]()
![Cisco]()
![Cloudflare - Alternate]()
![Proofpoint - Alternate]()
Silver Partners
![Code42 Software]()
![Darktrace]()
![Kenna Security]()
![KnowBe4]()
![Okta - Alternate]()
![Zerto]()
Bronze Partners
![Automox - Alternate]()
Exhibiting Partners
Affiliate Partners
![PMI]()
