Event Schedule

Times for this Event are in Pacific Time (PDT/PST)

The Summit will be open from 8AM to 6PM.

  • Welcome
  • How to Confront Supply Chain Attacks and Ransomware 10:05 am

    Presented by Cymulate

    Cybersecurity professionals operate in a dynamic environment driven by two accelerating forces;threat developments and the rapid adoption of new technologies and digital business initiatives. 

    And yet most companies still rely on discrete snapshots of their security performance. 

    CISO’s and security teams must be ready to confront new threat vectors including human powered ransomware and supply chain attacks with an agile, continuous approach to security validation and constant improvement. 

    Join this session to discover how to: 

    • Pinpoint and address security deficiencies related to supply chain attacks and ransomware. 
    • Validate EDR detection of lateral movement, command and control and privilege escalation techniques. 
    • Increase the operational efficiency of security teams with automated security testing.
    Click to Expand

    Panel Participants:

    Mike DeNapoli
    Mike DeNapoli

    Mike DeNapoli

    Lead of Solution Architecture

    Collapse This Item

  • The Ultimate Vendor Risk Assessment Checklist 10:25 am

    Presented by OneTrust

    Vendor risk assessments are essential to truly understand the security, privacy, and compliance programs of the third parties you work with. As a result, nearly every organization endures an endless back-and-forth with third parties. Lengthy questionnaires, broken processes, time-consuming reviews;these challenges are common, and as such, there are concrete steps your organization can take to save time and reduce assessment-related headaches. 

    In this webinar, we’ll outline the ultimate checklist for better vendor risk assessments, including: 

    • Actionable takeaways to quickly improve your assessment operations
    • Long-term changes you can make to set yourself up for success
    • Real advice and lessons learned from leading assessment experts
    Click to Expand

    Panel Participants:

    Jason Sabourin
    Jason Sabourin

    Jason Sabourin

    Product Manager at OneTrust

    Collapse This Item

  • Expert Panel Discussion: Risk Management 10:45 am

    Risk Management: Analytics, Intelligence & Response

    Managing risk has always been a part of the CISO responsibility set; however, the ways in which it is managed has no clear definition. With new ransomware threats, supply chain attacks, and third-party risk in the mix – perhaps a new way to budget risk is required.  Is there an effective way to have a “risk balance sheet” – a way in which the CISO could communicate risk to the rest of the C-suite in a consistent language they would understand?

    Click to Expand

    Panel Participants:

    Jason Sabourin
    Jason Sabourin

    Jason Sabourin

    Product Manager at OneTrust

    Alex Kirk
    Alex Kirk

    Alex Kirk

    Global Principal - Suricata

    Mark Sangster
    Mark Sangster

    Mark Sangster

    Cybersecurity Expert & Author “No Safe Harbor”

    Collapse This Item

  • Morning Coffee Break
  • Out of the Shadows: ​ Real-time Asset Visibility and Security for Every Connected Device 11:35 am

    Presented by Ordr

    For many years now, enterprises have seen an explosive rise in connected devices, from traditional IT devices like servers, workstations and PCs to new and more vulnerable IoT, IoMT, and OT like building systems, medical equipment and manufacturing machines.  This myriad of devices from different manufacturers, operating systems and protocols expand the attack surface. IoT, IoMT, and OT bring their own challenges as they are typically not designed with security in mind. The bad news? Security teams are still responsible for all of them. It’s time for a modern approach. In this session, Ordr’s Chief Strategy Officer Danelle Au outlines why connected device security should be on your security initiatives in 2021, and presents a framework that starts with real-time asset inventory and ends with scalable security. Learn best practices and implementation considerations for device discovery, profiling and segmentation as you start your connected device security journey.

    Click to Expand

    Panel Participants:

    Danelle Au
    Danelle Au

    Danelle Au

    Chief Strategy Officer

    Collapse This Item

  • Moving Beyond Password to Delight & Secure Users 11:55 am

    Presented by Okta

    Passwords have been a constant throughout the internet era. As we’ve moved from desktops to smartphones, from on-premises infrastructure to cloud services, we’ve all relied on passwords to access and safeguard our data and resources across the applications we use on a daily basis.

    But in this new digital age where data breaches are rampant, passwords are no longer good enough. Not only are they insecure, they are expensive and offer a poor user experience. Fortunately, there’s a better way to protect your applications and stop account takeover incidents.

    In this session, we’ll discuss the benefits of passwordless authentication and explain how eliminating the password can help improve user experience, admin visibility and control, and scalability. We’ll also walk through key considerations and first steps as you embark on your passwordless journey.

    Click to Expand

    Panel Participants:

    Michael Patterson
    Michael Patterson

    Michael Patterson

    Solutions Engineer at Okta

    Collapse This Item

  • Lunch Break
  • Lunch Sponsor / Briefing - Small businesses deserve big protection 12:15 pm

    Presented by Cisco

    Small businesses are facing many of the same cybersecurity challenges as larger businesses. 66% of small businesses experienced a cyberattack in 2019, and 63% experienced a data breach. But securing your business doesn’t have to be complicated. Cybersecurity tools should be easy for a team of any size to deploy, use, and manage — letting you focus on more important things (like running your business!) Join Rohit Sawhney from Cisco to learn more about small business cybersecurity and how cloud-delivered security provides powerful protection against today’s biggest cyberthreats.

    Click to Expand

    Panel Participants:

    Rohit Sawhney
    Rohit Sawhney

    Rohit Sawhney

    Product Leader, Cloud Security

    Collapse This Item

  • Keynote: Evolving Nature of CyberCrime in the Pacific Northwest 12:40 pm

    Presented by Tim Hunt

    US Secret Service Special Agent Timothy Hunt joins us for this special ‘Keynote Fireside Chat,” where he will summarize the key threats particularly facing organizations in the Greater Pacific Northwest.  From his years of experience, and work with firms from his post in the Seattle Field Office, he will detail the specifics of Business Email Compromise (BEC), Ransomware, and E-Commerce Skimming fraud cases that have impacted public and private companies of all sizes, as well as local municipalities. 

    Special Agent Hunt will share best practices on how senior cybersecurity leaders can best protect their organizations.  His chat will cover education, business process understanding, and third-party risk management. It will also discuss specific scams targeted at firms based on industry sector and business practices. Leveraging the services available from the USSS Cyber Fraud Task Force, as well as cooperating law enforcement agencies, cybersecurity executives can access services free of charge that will keep them ahead of attackers.

    Click to Expand

    Panel Participants:

    Timothy Hunt
    Timothy Hunt

    Timothy Hunt

    Special Agent US Secret Service

    Collapse This Item

  • Rethinking your data protection strategy in the age of ransomware. 1:25 pm

    Presented by Zerto

    With the proliferation of data-driven digital business growing at an exponential pace, so is the pace of cyber security threats and attacks, such as ransomware. Cyberattacks can cost a company $1.4 Million on average in recovery when you add in the cost of lost productivity, reputation damage, and service disruption. Are you at risk? Can your backup keep pace with the speed of recovery that’s needed today? Attend this session to find out why traditional backup won’t save you from ransomware attack and how continuous data protection helps you to prepare, respond and recover from an attack.

    Click to Expand

    Panel Participants:

    Andy Fernandez
    Andy Fernandez

    Andy Fernandez

    Senior Technology Evangelist at Zerto

    Collapse This Item

  • Are You Ready for Intelligent SOC? 1:45 pm

    Presented by Netenrich

    Invoked by experts, Intelligent SOC solves today’s problems (and tomorrow’s issues) better and faster by going beyond the SIEM—and even beyond AI—to combine threat intelligence (TI), attack surface management (ASM), and pay-as-you-grow SOC-as-a-Service. Hear how this expansive approach transforms your security investments and operations into better ROI and safer outcomes—in hours or days versus weeks, months, or years.

    Click to Expand

    Panel Participants:

    Brandon Hoffman
    Brandon Hoffman

    Brandon Hoffman

    Head of Security Strategy & CISO

    Collapse This Item

  • Afternoon Coffee Break
  • Expert Panel Discussion: IoT 2:20 pm

    IoT - Security at the Edge

    The Internet of Things (IoT) poses entirely new challenges. With 35 billion IoT devices expected to be in operation by next year – weak passwords, insecure network services and a lack of secure update mechanisms concern every organization.

    Click to Expand

    Panel Participants:

    Jeff Horne
    Jeff Horne

    Jeff Horne

    CSO

    David Masson
    David Masson

    David Masson

    Director of Enterprise Security at Darktrace

    Deral Heiland
    Deral Heiland

    Deral Heiland

    Principal Security Researcher IoT

    Steve Poeppe
    Steve Poeppe

    Steve Poeppe

    Vice President, Solution Architect

    Collapse This Item

  • Latest network-layer DDoS trends and the rise of ransom-driven attacks 2:50 pm

    Presented by Cloudflare

    Unprecedented changes in how people live and work around the world since the COVID-19 pandemic led to changing patterns of Internet usage. And as our reliance on the Internet surged, so did the frequency, sophistication, and distribution of cyberattacks. 

    In this talk, Cloudflare’s Head of Solution Engineering will discuss the latest DDoS attack trends observed over Cloudflare’s network. Join this talk to understand:

    • Key trends and shifts in the DDoS landscape
    • Ransom-based attacks: what are they and how to respond?
    • Steps organizations can take to better protect their networks
    Click to Expand

    Panel Participants:

    Trey Guinn
    Trey Guinn

    Trey Guinn

    Head of Solution Engineering

    Collapse This Item

  • Brief Overview of Network Detection and Response 3:10 pm

    Presented by Gigamon

    Every organization has concerns about data and network security, but what steps and solutions should you use to protect yourself? 

    In this session, you’ll hear about: 

    • Critical components of network detection and response (NDR) technologies 
    • Why visibility is a cornerstone to any NDR technology 
    • How to get visibility into all devices and traffic types
    Click to Expand

    Panel Participants:

    Greg Maples
    Greg Maples

    Greg Maples

    Consulting Security Architect

    Collapse This Item

  • Afternoon Break
  • CISO Panel 3:40 pm

    Panel Participants:

    Robert Thomas
    Robert Thomas

    Robert Thomas

    CISO - 180AConsulting.com

    Hadas Cassorla
    Hadas Cassorla

    Hadas Cassorla

    CISO - M1 Finance

    Dave Estlick
    Dave Estlick

    Dave Estlick

    CISO - Chipotle Mexican Grill

    Bryan Hurd
    Bryan Hurd

    Bryan Hurd

    VP/CISO - Aon Cyber Solutions

    Dennis Tomlin
    Dennis Tomlin

    Dennis Tomlin

    Chief Information Security Officer - Multnomah County

    Jon Washburn
    Jon Washburn

    Jon Washburn

    Chief Information Security Officer - Stoel Rives

    Kevin Morrison
    Kevin Morrison

    Kevin Morrison

    Managing Director & CISO at Alaska Airlines

    Collapse This Item

  • Day One Closing Session
  • Day Two
  • Welcome / Introductions
  • Disrupting Lateral Movement by Securing Active Directory 10:00 am

    Presented by Attivo Networks

    Organizations continue to build their security stacks, yet advanced threats and insiders continue to breach networks and extract valuable data. A common tactic among most of these Ransomware and Advanced Threat Actors today involves leveraging Active Directory.  AD contains all of the information that an attacker needs to successfully move laterally and accomplish their mission. 

     In this session, Tom Atkins will explore a new method for securing Active Directory that can (for the first time) actually prevent an attacker from progressing laterally through your enterprise network.  Some key highlights include:

    • How Threat Actors use AD to accomplish their goals
    • Why Monitoring Active Directory is not enough
    • What simple tools you can deploy to dramatically improve your security posture by better securing AD
    Click to Expand

    Panel Participants:

    Tom Atkins
    Tom Atkins

    Tom Atkins

    Regional VP at Attivo

    Collapse This Item

  • Zero Trust Security for Everywhere Workplace 10:20 am

    Presented by Ivanti

    As we see pandemic restrictions starting to subside around the globe, the impact of the “Remote” Tech Tsunami that accompanied the pandemic has started to become a reality. From advanced vulnerabilities impacting Edge Technologies, to the Everywhere Workplace, companies are faced with greater security challenges and vulnerability threats now more than ever before. 

    Join Ivanti’s Global CTO, Mike Riemer, as he covers security and control challenges faced by businesses in today’s “new” world as well as how the recent acquisitions of Pulse Secure and Mobile Iron provide Ivanti customers with the most comprehensive Cloud to Edge, Zero Trust Access solution, available in today’s market.

    Click to Expand

    Panel Participants:

    Michael Riemer
    Michael Riemer

    Michael Riemer

    Global Vice President, Office of the CTO at Ivanti

    Collapse This Item

  • Expert Panel Discussion: Cloud Security 2021: What’s New, What Changes 10:45 am

    Cloud Security 2021: What’s New, What Changes

    Although it seems like a decade – just a few years ago, industry analysts were still advising the CISO community to keep the “crown jewel” data in private data centers.  Requirements for the security OF the cloud, and the security IN the cloud have accelerated quickly and today – amid the pandemic – that transition is near-complete.

    This is a broad topic – so our panel today will focus on the nuances of security IN the cloud, and some of the cutting-edge practices that innovative organizations are doing today to get ahead of threat actors who target online storage, protocols, email, file shares, and other data and network access that can be accidentally be exposed.

    Click to Expand

    Panel Participants:

    Mike DeNapoli
    Mike DeNapoli

    Mike DeNapoli

    Lead of Solution Architecture

    Daniel Petrillo
    Daniel Petrillo

    Daniel Petrillo

    Director of Security Strategy

    Carlo Beronio
    Carlo Beronio

    Carlo Beronio

    Director Systems Engineering West/Central at Attivo Networks

    Romen Kuloor
    Romen Kuloor

    Romen Kuloor

    Vice President of Security Solutions and Products

    Collapse This Item

  • Morning Coffee Break
  • The Last Line of Defense: The Importance of having a robust and comprehensive Data Protection strategy 11:30 am

    Presented by Pure Storage

    Data protection is experiencing a resurgence. Historically it’s been seen as an innovation backwater and as “insurance”, but with the growth of Ransomware and cybercrime, and increasing risk, organizations are having to modernize their data protection architectures and strategies to ensure that data can be recovered quickly to ensure that an Organization can survive an attack. Join this session to learn about the latest innovations in the data protection space and how they can be deployed to provide a comprehensive last line of defense. 

    Click to Expand

    Panel Participants:

    David Huskisson
    David Huskisson

    David Huskisson

    Rapid Restore Solutions Director at Pure Storage

    Collapse This Item

  • Application Security Beyond Effective Bot Mitigation 11:50 am

    Presented by Shape Security

    The past twelve months have been punctuated by soaring data breaches, new attack patterns and phishing scams catalyzed by COVID-19 with Credential Stuffing and other brute force attacks resulting in hard losses surpassing billions of dollars. Now, more so than ever in this digital-first world, must organizations seek cross-functional, convergent platforms with strong digital fraud solutions to combat the relentless sources of cybercrime that continue to abuse our online platforms.

     Join Shape to explore how truly effective digital transformation journeys must transcend traditional bot mitigation and understand why defending our web and mobile applications without harming user experience or hampering revenue growth and brand reputation will become organizing principles for 2021 and beyond.

    Click to Expand

    Panel Participants:

    Gary Newe
    Gary Newe

    Gary Newe

    VP of Solutions Engineering - Shape Security Solutions

    Collapse This Item

  • Microsoft Teams Vulnerabilities 12:15 pm

    Presented by Avanan

    Microsoft Teams has quickly become the go-to application for remote work, accelerating dramatically in usage over the last year. Millions of users turned to Microsoft Teams to help keep businesses going in 2020—and hackers have noticed. As Teams is still relatively new, much is unknown about how it operates and how hackers will approach it.

    While the increased usage has been well-documented, what’s not been documented is whether the app is vulnerable to hacking. We will talk about discoveries that have already been made, potential risks that we see in the future, and how to best secure this relatively new communication vector.

    This session will walk attendees through:

    • The many inherent vulnerabilities in the platform
    • The popular attack types
    • How hackers act differently within Teams than they do on email
    Click to Expand

    Panel Participants:

    Jeff Raymond
    Jeff Raymond

    Jeff Raymond

    Senior Solutions Engineer

    Collapse This Item

  • Lunch Break
  • Keynote: Ronald Watters, Department of Homeland Security. Cybersecurity Advisor DHS-CISA 1:00 pm

     

    Don’t miss this CISA Briefing on responding to the cyber threats we’re facing in 2021, including the SolarWinds supply chain compromise and ongoing breaches that threaten the U.S. 

    Click to Expand

    Panel Participants:

    Ronald Watters
    Ronald Watters

    Ronald Watters

    Cybersecurity Advisor-Region X Cybersecurity and Infrastructure Security Agency (CISA)

    Collapse This Item

  • The Dark Web: Exposing the Business of Cybercrime 1:45 pm

    Presented by Armor Defense

    The Dark Web is growing at an exponential rate, with hackers doubling down on cybercrime-as-a-service—allowing non-traditional and unskilled hackers to wreak havoc in ways previously unheard of. Criminals don’t have to be skilled to get your data;they just need to know where and who to go to for help.

    This session aims to expose the inner workings and business of the cyber underground, focusing on the following:

    • Cryptocurrency – The impact digital currency has had on the rate of growth of cybercrime
    • Cybercrime-as-a-service – The expansion of services offered by skilled hackers and for low cost
    • Money laundering and money mules – Ways criminals are skirting around laws and regulations to get paid
    • Mitigating risk – How businesses can protect themselves from all levels of cybercriminals with an emphasis on the importance of investing in proactive threat-hunting
    Click to Expand

    Panel Participants:

    Joone Nijjar
    Joone Nijjar

    Joone Nijjar

    Product Manager

    Collapse This Item

  • Get beyond compliance and achieve real data security 2:10 pm

    Presented by Imperva

    To keep pace with the database activity explosion that has accompanied recent rapid technology innovations, organizations must rethink their strategy for securing their data assets. A strategy designed to meet compliance requirements is not enough. Organizations need to develop new approaches that augment traditional agent-based monitoring to achieve real data security today and in the future.We’ll provide insight into how you can automate data collection and monitoring so you may apply more resources to identifying non-compliant behavior and orchestrating rapid responses, regardless of where your data is or the size of your data estate.

    Click to Expand

    Panel Participants:

    Terry Ray
    Terry Ray

    Terry Ray

    SVP Strategy and Imperva Fellow

    Collapse This Item

  • Hacking Exposed: Learning from the Adversaries 2:35 pm

    Presented by Blackberry

    Fileless attacks and fileless malware have grown in sophistication, especially in their ability to obfuscate and hide from both traditional and next-generation anti-virus. Join us to discover the techniques being used by APT32/OceanLotus to attack their victims and learn how to replicate them to better test your defenses. In this very short demonstration, you will learn techniques to make a weaponized document that is designed to not just bypass AV but also human threat hunters through a sophisticated method of obfuscation and the use of built-in trusted tools. The document is capable of allowing the attacker to gain remote access to the victim system and exfiltrate sensitive data. You will get to see, firsthand, the attack compromise both a Windows PC as well as a MacOS.

    Click to Expand

    Panel Participants:

    Brian Robison
    Brian Robison

    Brian Robison

    Chief Evangelist

    Collapse This Item

  • Afternoon Coffee Break
  • Featured Keynote: Functional Testing: A New Era of Pentesting 3:05 pm

    Presented by John Helmus, Pentester and Educator of Offensive Security

    As the cloud begins to take over the technology era, so does the ever-growing threat landscape of companies’ infrastructure. Today, copious amounts of businesses are relying on cloud providers to help build infrastructure quickly and efficiently – doing so allows companies to scale rapidly and maintain relevance into today’s competitive markets.

    However, as Billy Mays would say, “BUT WAIT, THERE’S MORE!”.

    Cloud security comes at a cost that does not always present itself. That cost comes in the form of security and how adequate security can be applied to cloud infrastructure.

    This talk is going to discuss how security professionals can not use the same security guidelines for the cloud as they use for physical and on-prem systems. New technology and new tactics and strategies, such as a new way of effectively pentesting. In this talk, attendees can expect to learn new ways of thinking about security and pentesting when it comes to targeting cloud providers – while also providing efficient adversarial assessments that assess the cloud.

    Click to Expand

    Panel Participants:

    Jonathan Helmus
    Jonathan Helmus

    Jonathan Helmus

    Pentester and Educator of Offensive Security

    Collapse This Item

  • Expert Panel Discussion: DevSecOps - Testing, Tuning, Containers 3:30 pm

    DevSecOps - Testing, Tuning, Containers

    In this panel, experts around penetration testing, defense-in-depth, and containers will explore the nuances associated with the cybersecurity landscape that impact development teams. From the early stage components of identity and access management, to ongoing releases and discovery of flaws introduced by third-party and open source components, this is an area where security-minded organizations need to pay attention.

    Click to Expand

    Panel Participants:

    Jonathan Helmus
    Jonathan Helmus

    Jonathan Helmus

    Pentester and Educator of Offensive Security

    Ray Espinoza
    Ray Espinoza

    Ray Espinoza

    Head of Security, CISO

    Maury Cupitt
    Maury Cupitt

    Maury Cupitt

    VP of Engineering at Sonatype

    Dave Russell
    Dave Russell

    Dave Russell

    Vice President, Enterprise Strategy

    Collapse This Item

  • Summit Final closing Session