Virtual Cybersecurity Summit
The Northern California Virtual Cybersecurity Summit is a new way to connect with like-minded executives, innovative solutions providers, experts and luminaries. With a shared interest in security innovation in the region, summit attendees have a lot to talk about in the live, immersive virtual experience.
Submit a Question & Enter to Win
Tue. May 25
Times for this Event are in Pacific Time (PDT/PST)
The Summit will be open from 8AM to 6PM.
- Welcome / Introductions
Moving Beyond Passwords to Delight & Secure Users 8:50 am
Passwords have been a constant throughout the internet era. As we’ve moved from desktops to smartphones, from on-premises infrastructure to cloud services, we’ve all relied on passwords to access and safeguard our data and resources across the applications we use on a daily basis.
But in this new digital age where data breaches are rampant, passwords are no longer good enough. Not only are they insecure, they are expensive and offer a poor user experience. Fortunately, there’s a better way to protect your applications and stop account takeover incidents.
In this session, we’ll discuss the benefits of passwordless authentication and explain how eliminating the password can help improve user experience, admin visibility and control, and scalability. We’ll also walk through key considerations and first steps as you embark on your passwordless journey.
Small businesses deserve big protection 9:10 am
Small businesses are facing many of the same cybersecurity challenges as larger businesses. 66% of small businesses experienced a cyberattack in 2019, and 63% experienced a data breach. But securing your business doesn’t have to be complicated. Cybersecurity tools should be easy for a team of any size to deploy, use, and manage — letting you focus on more important things (like running your business!) Join Kate MacLean from Cisco to learn more about small business cybersecurity and how cloud-delivered security provides powerful protection against today’s biggest cyberthreats.
Tackling User Behavior Head-On 9:50 am
Today’s popular attacks like phishing, credential compromise, and business email compromise have one thing in common: they need people to work. InfoSec professionals add technology on top of technology, but still the problems persist. How do you take people from the weakest link to active defenders of your organization? Based on our experiences with tens of millions of users, we’ll share with you best practices, strategies, and benchmarks to be successful.
Join our presentation to learn about:
- Best practices for running an effective security awareness program
- Strategies for driving behavior change and improving security culture
- Benchmarks for making real impacts to your risk posture
Disrupting Lateral Movement by Securing Active Directory 10:10 am
A common tactic among advanced threat actors and ransomware attacks today involves leveraging Active Directory to move laterally and accomplish their mission. Active Directory data can give attackers credentials, privileges, access, and persistence. Protecting it must be a high priority for any organization.
Active Directory security requires time, resources, expertise, and visibility. Typical best practices focus on limiting privileged accounts, conducting audits, and hardening systems, but these no longer suffice to address advanced attacks.
Join this session to explore new options that automate defending AD from compromise to prevent lateral movement.
Expert Panel: Homeland Security, Secret Service & CISA Joint Panel on Ransomware 10:30 am
Homeland Security, Secret Service & CISA Joint Panel on Ransomware
EXCLUSIVE to the NorCal Virtual Cybersecurity Summit! In this unique panel-style discussion, representatives from the US Secret Service Cyber Crime Task Force, Homeland Security Investigations (HSI), and the CISA Cyber Crime Division will sit down and discuss their views on the recent ransomware attacks, what is known about the state-sponsored hackers behind it, and what Community Members in the audience can do to prevent similar attacks.
The Agency panelists will also take questions from the audience, and give practical advice and specifics on how their agencies can help members’ organizations.
Panel Participants:Stephen Nix
Assistant to the Special Agent in ChargeMohamed Bah
Special Agent, Homeland Security InvestigationsDon Benack
Deputy Associate Director, Vulnerability Management
THE LAST LINE OF DEFENSE: DATA PROTECTION 11:20 am
With the growth of Ransomware and cybercrime, Data protection is experiencing a resurgence. Organizations are quickly having to modernize their data protection architecture and strategies to meet not only these demands but also the demand that digital transformation is placing upon them; current approaches are designed around a backup centric approach, whereas a new approach centered around restore and getting organizations back up and running as quickly as possible are critical. Join this session to learn about the latest innovations in the data protection space and how they can be implemented to provide a restore centric approach and provide a true last line of defense.
Rethinking Data Protection in the Age of Ransomware 11:40 am
With the proliferation of data-driven digital business growing at an exponential pace, so is the pace of cyber security threats and attacks, such as ransomware. Cyberattacks can cost a company $1.4 Million on average in recovery when you add in the cost of lost productivity, reputation damage, and service disruption. Are you at risk? Can your backup keep pace with the speed of recovery that’s needed today? Attend this session to find out why traditional backup won’t save you from ransomware attack and how continuous data protection helps you to prepare, respond and recover from an attack.
- Lunch Break
Keynote: The Entire Cybersecurity Industry: What happened in 2020? 12:25 pm
The Entire Cybersecurity Industry: What happened in 2020?
In this presentation jam-packed with data from Stiennon’s research into the entire IT security industry you will see how the industry fits into sixteen categories, and where in the world all the startups come from. There are 2,615 vendors in the space and Stiennon tracks each one throughout it’s life from founding, to funding, to IPO or acquisition, and in a few very rare cases, its demise. Get the big picture from the security industry’s historian.
There will be a Q&A Session following this presentation.
Latest Network-Layer DDoS Trends & the Rise of Ransom-Driven Attacks 1:05 pm
Unprecedented changes in how people live and work around the world since the COVID-19 pandemic led to changing patterns of Internet usage. And as our reliance on the Internet surged, so did the frequency, sophistication, and distribution of cyberattacks.
In this talk, Cloudflare’s Head of Solution Engineering will discuss the latest DDoS attack trends observed over Cloudflare’s network. Join this talk to understand:
- Key trends and shifts in the DDoS landscape
- Ransom-based attacks: what are they and how to respond?
- Steps organizations can take to better protect their networks
A Brief Overview of Network Detection & Response 1:25 pm
Every organization has concerns about data and network security, but what steps and solutions should you use to protect yourself?
In this session, you’ll hear about:
- Critical components of network detection and response (NDR) technologies
- Why visibility is a cornerstone to any NDR technology
- How to get visibility into all devices and traffic types
Expert Panel Discussion: OT/ICS 2:00 pm
Cybersecurity Concerns for Operational Technology (OT) and Industrial Control Systems (ICS)
Since the Stuxnet worm was first discovered back in 2010, attacks related to SCADA systems have been of concern. While manufacturing and utility organizations tend to talk about them more, there are wide implications across the cybersecurity landscape that touch on ICS and OT systems of all kinds.
In this panel, our experts will talk about why these types of attacks represent a primary concern, and what state-of-the-art looks like in terms of building protections.
Panel Participants:Keith Walsh
Principal Solutions ArchitectPaul Davis
Vice President of Customer SupportMark Sangster
Cybersecurity Expert & Author “No Safe Harbor”James Morrison
CISO at Ntirety
Extortionware: Your Privacy Problems Made Public 2:25 pm
Over the last decade, ransomware has increasingly become the most popular option for hackers to monetize the access they’ve obtained to corporate computer systems around the world. Over the last few years, we’ve observed ransomware software and techniques adapt and evolve to include the theft and exposure of private information, creating extortionware as a new breed of malicious software. This talk will provide an overview of these techniques and discuss the potential privacy and security impacts you may face as a result.
2021 State of Malware 2:45 pm
If 2020 taught us anything, it’s that cybercrime stops for nothing. What’s more—it adapts. Broadside attacks are out, precision is in, and ingenuity lies behind several new malware types and attack methods.
From ruthless COVID scams to ransomware attacks on hospitals, there were no targets, and no opportunities for exploitation, that were beyond the pale. We’ve gathered the intelligence you need to learn from 2020 and be prepared for anything 2021 throws at you.
- Top threats for businesses and consumers
- Emerging cybercrime trends and tactics
- Analyses by industry, region, and platform
Expert Panel Discussion: Defense in Depth 3:25 pm
Defense in Depth: New Strategies for 2021
Layering Defense in Depth (DiD) with intentional redundancies increases the security of a system as a whole and addresses many different attack vectors. From individual laptops, to VPN to the WAN, the old paradigm of “castles and moats” is soooo 1999. How are organizations defending against inventive hackers penetrating their systems in 2020?
Panel Participants:Douglas Cheung
Principle StrategistMike Behrmann
Director of SecurityZakk Karrazzi
Chief Security Strategist at AttivoChris Bilodeau
Cloud Security Team LeadTJ Adamowicz
Cyber Resilience Solution Strategist
Faking It: Stopping Impersonation Attacks with Cyber AI 3:50 pm
Today, 94% of cyber-threats still originate in the inbox. ‘Impersonation attacks’ are on the rise, as artificial intelligence is increasingly being used to automatically generate spear-phishing emails, or ‘digital fakes’, that expertly mimic the writing style of trusted contacts and colleagues.
Humans can no longer distinguish real from fake on their own – businesses are increasingly turning to AI to distinguish friend from foe and fight back with autonomous response.
In an era when thousands of documents can be encrypted in minutes, ‘immune system’ technology takes action in seconds – stopping cyber-threats before damage is done.
Find out how in this session.
Introduction to Risk-Based Vulnerability Management 4:10 pm
Organizations have millions of vulnerabilities. And our research has shown that those same organizations, large or small, on average, can only fix one in 10 of those vulnerabilities.
But as a security executive you still need to keep your organization secure, so how do you do that when you can’t possibly fix all of your vulnerabilities? The answer is to focus on your highest-risk vulnerabilities first.
Join Kenna Security’s CTO and Co-Founder Ed Bellis as he:
- Reviews what years of research into vulnerability management data uncovered about the scope of the challenge
- Details the findings on how risk-based is the way to get ahead in vulnerability management
- Lays out several factors that drive better remediation performance
- Provides steps for setting up a successful risk-based vulnerability management program
CISO Panel 4:30 pm
Submit your bio for consideration to participate on our CISO Panel
to [email protected] or fill out our Call for Speakers form here.
Panel Participants:Phil Cox
VP, Security & Compliance - Coupa SoftwareJason Loomis
CISO at MINDBODY IncJay Gonzales
Chief Security Officer, Samsung Semiconductor, Inc.Bryan Hurd
VP/CISO at Aon Cyber SolutionsLee Whiteley
Director of Compliance and Security Operations at 6Connex
- Summit Final closing Session