Event Schedule

Times for this Event are in Pacific Standard Time (PST)

  • Welcome
  • Using Security Testing to Know What’s Working 8:30 am

    Presented by Cymulate

    The security team needs to stop being invisible. When we’re not on the forefront on business mind-share, security becomes a cost-center that only appears if something goes wrong. Using security testing to show what is going right – quarter by quarter – demonstrates the direct and real impact of the security team on the safety and strength of the business itself. This session will dive into topics regarding how continuous security validation can demonstrate ROI on investment, how to show that those investments have a real impact on the reputation and revenue of the business, and how any new spend can be justified in terms of continued benefit to the bottom line.

    Click to Expand

    Speaker:

    Mike DeNapoli
    Mike DeNapoli

    Mike DeNapoli

    Lead of Solution Architecture

    Collapse This Item

  • Identifying Risky Vendors: 7 Warning Signs You Shouldn’t Ignore 9:00 am

    Presented by OneTrust Vendorpedia

    For individuals managing third-party risk, there is one primary question that needs answering: Are your vendors safe to do business with? Answering that question is not so straightforward. Third-party risk comes loaded with complexities and compromises. However, there are “red flags” you can look for when evaluating the security, privacy, and compliance programs of your vendors. ​

    TAKE AWAYS​:

    •       How to spot “red flags” from risky vendors​
    •       What leading third-party risk professionals look for when evaluating vendors​
    •       How to evaluate vendors using assessment communities and shared due diligence data​
    Click to Expand

    Speaker:

    Randy Ferree
    Randy Ferree

    Randy Ferree

    CSO

    Collapse This Item

  • Morning Coffee Break
  • IoT Security Is Bad. It’s Time For a Different Approach 9:40 am

    Presented by Ordr

    For many years now, enterprises have seen an explosive rise in unmanaged, IoT and IoMT devices. These devices are hard to discover, often run obsolete operating systems, and can be in service for years. They cannot be protected by typical agent-based security technologies. It’s time for a modern approach. In this session, Ordr CISO Jeff Horne discusses a modern framework for connected device security. This includes real-time, continuous asset inventory, monitoring of device behavior and risks, and automated Zero Trust policies to allow device access while limiting exposure.

    Click to Expand

    Speaker:

    Jeff Horne
    Jeff Horne

    Jeff Horne

    CSO

    Collapse This Item

  • Automate or Die Trying: The New Cybersecurity Reality 10:00 am

    Presented by Armor Defense

    As the nature of threats continue to evolve as well as the volume of threats increase, a new reality is setting upon cybersecurity teams – automation. Paired with human error and the insurmountable amount of data to manage, it is inevitable that a potential threat will slip through the cracks for businesses who rely too heavily on manual process. 

    Implementing automation could be vital in order to reliably protect your organization and ensure resilience through robust and repeatable processes. 

    Join our session to learn: 

    • Key security considerations when implementing automation programs
    • Advice for how companies can begin finding success with AI and machine learning
    Click to Expand

    Speaker:

    Ryan Smith
    Ryan Smith

    Ryan Smith

    Vice President of Product

    Collapse This Item

  • Morning Break
  • Expert Panel Discussion #1: Risk Management 10:45 am

    Risk Management: Analytics, Intelligence & Response

    Managing risk has always been a part of the CISO responsibility set; however, the ways in which it is managed has no clear definition. With new ransomware threats, supply chain attacks, and third-party risk in the mix – perhaps a new way to budget risk is required. Is there an effective way to have a “risk balance sheet” – a way in which the CISO could communicate risk to the rest of the C-suite in a consistent language they would understand?

    Click to Expand

    Collapse This Item

  • Securely Connecting the Right People to the Right Technologies 11:15 am

    Presented by Okta

    As global enterprises adapt to the new reality of cloud-first infrastructure, the rise of different types of accounts and identities has asymmetrically complicated things. Cloud, mobile, social, and personal networks have types of identities, platforms, services, and technologies not traditionally addressed by enterprise IAM. Where an employee may have once had one email password, now IT manages dozens of credentials for SaaS platforms on multiple devices.

    Knowing one security slip-up can be the end of business, identity access management solutions give IT the ability to manage access control and identity with the same speed and confidence for 10 employees as for 10,000. This frees them from time-consuming manual tasks – like password resets – and allows them to focus on more challenging, fulfilling projects to drive company growth.

    Join us for this short presentation to learn how optimizing your IAM provides a seamless way to manage user identities and access while protecting against credential-focused attacks.

    Click to Expand

    Speaker:

    Shyam Rajaram
    Shyam Rajaram

    Shyam Rajaram

    Enterprise Sales Engineer

    Collapse This Item

  • Cyber Resilience: Rethinking Your Data Protection Strategy in the Age of Ransomware 11:40 am

    Presented by Zerto

    Ransomware threats increased by 300% last year, and the industry is expecting it to get worse. Ransomware victims’ greatest pains are downtime and data loss. Current DR and Backup solutions aren’t equipped to help you manage it at the speed of business. Join us for this discussion on how to transform your data protection approach to ensure you can protect your data and resume operations almost instantly when facing a ransomware attack. See you there!

    Click to Expand

    Speaker:

    Andy Fernandez
    Andy Fernandez

    Andy Fernandez

    Senior Technology Evangelist

    Collapse This Item

  • Lunch Break
  • Lunch Briefing: Small Businesses Deserve Big Protection 12:00 pm

    Presented by Cisco

    Small businesses are facing many of the same cybersecurity challenges as larger businesses. 66% of small businesses experienced a cyberattack in 2019, and 63% experienced a data breach. But securing your business doesn’t have to be complicated. Cybersecurity tools should be easy for a team of any size to deploy, use, and manage — letting you focus on more important things (like running your business!)

    Join Rohit Sawhney from Cisco to learn more about small business cybersecurity and how cloud-delivered security provides powerful protection against today’s biggest cyberthreats.

    Click to Expand

    Speaker:

    Rohit Sawhney
    Rohit Sawhney

    Rohit Sawhney

    Product Leader, Cloud Security

    Collapse This Item

  • Keynote - The Evolving Nature of CyberCrime in the Pacific Northwest 12:25 pm

    Presented by the US Secret Service

    US Secret Service Special Agent Timothy Hunt joins us for this special ‘Keynote Fireside Chat,” where he will summarize the key threats particularly facing organizations in the Greater Pacific Northwest. From his years of experience, and work with firms from his post in the Seattle Field Office, he will detail the specifics of Business Email Compromise (BEC), Ransomware, and E-Commerce Skimming fraud cases that have impacted public and private companies of all sizes, as well as local municipalities.

    Special Agent Hunt will share best practices on how senior cybersecurity leaders can best protect their organizations. His chat will cover education, business process understanding, and third-party risk management. It will also discuss specific scams targeted at firms based on industry sector and business practices. Leveraging the services available from the USSS Cyber Fraud Task Force, as well as cooperating law enforcement agencies, cybersecurity executives can access services free of charge that will keep them ahead of attackers.

    Click to Expand

    Speaker:

    Timothy Hunt
    Timothy Hunt

    Timothy Hunt

    Special Agent US Secret Service

    Collapse This Item

  • Application Security Beyond Effective Bot Mitigation 1:10 pm

    Presented by Shape Security

    The past twelve months have been punctuated by soaring data breaches, new attack patterns and phishing scams catalyzed by COVID-19 with Credential Stuffing and other brute force attacks resulting in hard losses surpassing billions of dollars. Now, more so than ever in this digital-first world, must organizations seek cross-functional, convergent platforms with strong digital fraud solutions to combat the relentless sources of cybercrime that continue to abuse our online platforms.

    Join Shape to explore how truly effective digital transformation journeys must transcend traditional bot mitigation and understand why defending our web and mobile applications without harming user experience or hampering revenue growth and brand reputation will become organizing principles for 2021 and beyond.

    Click to Expand

    Speaker:

    Gary Newe
    Gary Newe

    Gary Newe

    VP of Solutions Engineering - Shape Security Solutions

    Collapse This Item

  • The Cloud Requires an Evolution Beyond the Secure Email Gateway 1:30 pm

    Presented by Avanan

    Cloud email requires a new approach to security. If your corporate email relies on Microsoft or Google, you may have deployed (or are considering) a Secure Email Gateway (SEG). Originally designed as a perimeter solution for on-premise email, you should ask these questions:

    • Why do you disable the native security in our platform?
    • How can my configuration allow attackers to bypass the gateway?
    • How do we block insider email attacks?
    • How can we quarantine a compromised account?
    • How can we prevent Business Email Compromise (BEC) or impersonation email attacks?

    Our cloud security expert Jeff will explain where an SEG approach falls short protecting cloud-hosted email. Touch upon fundamental architectural weaknesses of a proxy design, and arm attendees to help them make smart decisions to protect their users.

    Click to Expand

    Speaker:

    Jeff Raymond
    Jeff Raymond

    Jeff Raymond

    Senior Solutions Engineer

    Collapse This Item

  • Afternoon Coffee Break
  • Expert Panel Discussion #2 - IoT 2:10 pm

    The Internet of Things (IoT) poses entirely new challenges. With 35 billion IoT devices expected to be in operation by next year – weak passwords, insecure network services and a lack of secure update mechanisms concern every organization.

    Click to Expand

    Collapse This Item

  • The Intelligent SOC: Are You Ready? 2:30 pm

    Presented by Netenrich

    The Security Operations Center (SOC) is under attack like never before, from both inside and out. Endless threats and alerts, analyst fatigue, too few resources, and a chronic lack of executive support top today’s list of challenges. Intelligent SOC from Netenrich right-sizes investments to transform the inefficiencies, skills gaps, and budget constraints that undermine the traditional SOC. Invoked by experts, Intelligent SOC solves today’s problems (and tomorrow’s issues) better and faster by going beyond the SIEM—and even beyond AI—to combine threat intelligence (TI), attack surface management (ASM), and pay-as-you-grow SOC-as-a-Service. Join us to hear how this expansive approach transforms your security investments and operations into better ROI and safer outcomes—in hours or days versus weeks, months, or years.

    Click to Expand

    Speaker:

    Brandon Hoffman
    Brandon Hoffman

    Brandon Hoffman

    Head of Security Strategy & CISO

    Collapse This Item

  • Why Zero Trust Architecture Will Be the New Normal in 2021 2:50 pm

    Presented by Cloudflare

    The COVID-19 pandemic brought changes no IT team was ready for: employees were sent home, customer interaction models changed, and cloud transformation efforts abruptly accelerated. Cloudflare recently commissioned Forrester Consulting to explore the impact of 2020 disruptions on security strategy and operations among companies of all sizes. To do so, they surveyed 317 global security decision makers from around the world.

    Join Brian Parks, for an in-depth discussion of the survey results, followed by practical guidance for next year’s planning.

    Key Takeaways:

    • How 2020’s disruptions created challenges and opportunities for security teams of all sizes
    • Specific challenges North American companies faced in securing the change
    • Why executive buy-in for Zero Trust security initiatives is higher than ever
    • What peer security leaders are prioritizing for Zero Trust initiatives in 2021
    • How to drive successful Zero Trust pilot projects with Cloudflare for Teams
    Click to Expand

    Speaker:

    Brian Parks
    Brian Parks

    Brian Parks

    Go-To-Market Leader

    Collapse This Item

  • Afternoon Break
  • The Roadmap to Becoming A Cybersecurity Author 3:25 pm

    Presented by John Helmus

    Are you a security-minded professional who wants to write a book, but you do not know where to start? Have a manuscript collecting dust and just don’t know what publishers you can submit your work to? Perhaps you really want to write a book and just need want to know a little more about the process of writing a book – rather than learning as you go with the grueling flow of writing a book. Maybe you even have an excellent topic to write about but are worried that it is redundant because someone already wrote about it.  These common points are some of the largest reasons why many aspiring cybersecurity authors never fully lift on with writing a book. Writing a book is a journey that you will often learn as you go; however, that doesn’t mean that getting started can be overwhelming. 

    In this talk, Jon Helmus (Hacker and Author) will share insights on the steps that aspiring cybersecurity authors need to take to get their ideas from their minds to paper! Attendees will learn the “why,” “what,” and “how” to get started and write a cybersecurity book. Jon will also share his own stories from writing his book “AWS Penetration Testing” and what he learned from his own experiences. 

    Click to Expand

    Speaker:

    Jonathan Helmus
    Jonathan Helmus

    Jonathan Helmus

    Pentester and Educator of Offensive Security

    Collapse This Item

  • Challenges of Cloud: How It Makes an Already Difficult Situation Even Harder 3:50 pm

    Presented by Imperva

    Cloud adoption is accelerating dramatically and extending many new benefits to organizations, but at the same time introducing many new challenges. This is especially true at the database security level, as the Cloud introduces a long list of new concerns: New database types (Yugabyte ?), more dynamic environments, no agents allowed, multicloud/hybrid and many others. This session will focus on better understanding these challenges and highlight strategies for incorporating Cloud into your data security model while introducing new capabilities and efficiencies.

    Click to Expand

    Speaker:

    Marc Gamache
    Marc Gamache

    Marc Gamache

    Solution Engineer

    Collapse This Item

  • Visibility in the Cloud Must Be Part of Your Security Strategy 4:10 pm

    Presented by Gigamon

    As we move to the cloud we often overlook the issue around planning for security. We size for compute and resilience but what about security and compliance? Lets talk about a few of the issues around moving to the cloud from a security point of view and a few ideas on resolving the issues this new architecture presents

    Click to Expand

    Speaker:

    James Mandelbaum
    James Mandelbaum

    James Mandelbaum

    Senior Security Engineer

    Collapse This Item

  • CISO Panel 4:35 pm

    The CISO Panel today is made up of some of the leading security executives in the greater Pacific Northwest area. The session will be moderated by Data Connectors CSO, Michael Hiskey. Each Executive will start by giving a brief introduction, and then our moderator will lead them through several discussion points, based on input from our audience, and the concepts the CISOs were most excited to talk about with the attendees today.

    We’ll also open up for questions – in this live session, CISOs and CIOs will share the experience, challenges, solutions, and best practices that have learned over their careers. Please take the time to submit thoughtful questions for the panel, as we will reserve time for those as well.

    Click to Expand

    CISO Panelists:

    Robert Thomas
    Robert Thomas

    Robert Thomas

    CISO - 180AConsulting.com

    Ian Fitzgerald
    Ian Fitzgerald

    Ian Fitzgerald

    Chief Information Officer - Truckee Donner Public Utility District

    Hadas Cassorla
    Hadas Cassorla

    Hadas Cassorla

    Principal and CISO - Scale Security Group

    Collapse This Item

  • Summit Final Closing Session