Conference
Dallas 2021
Cybersecurity Conference
When it comes to staying on top of your organization’s security needs, it is vital to make connections and learn from experts. Attend the Dallas Cybersecurity Conference with thought leaders and luminaries face-to-face and gather insights on the latest trends and threats in cybersecurity. These conferences gather IT professionals from the local community and feature extensive training sessions, live Q&A panels, access to solution providers, and networking opportunities.
This two-day event, taking place in the heart of DFW at the Irving Convention Center, is an opportunity for cybersecurity professionals to connect, as well as hear from some of the industry’s most influential leaders. You’ll gain knowledge on the latest breakthroughs in cyber, along with insights from the region’s top CISOs at the CISO RoundTable.
Take a look at all Data Connectors has to offer here!
Date
Wed. Oct 06 — Thu. Oct 07
Location
The Irving Convention Center - Dallas
500 West Las Colinas Boulevard
Irving, TX 75039
1-972-252-7476
-
Featured Speakers
Patrick Benoit
![Patrick Benoit]()
CISO RoundTable
Anand Singh![Anand Singh]()
CISO RoundTable
Dave Belanger![Dave Belanger]()
CISO RoundTable
Chuck Springer![Chuck Springer]()
CISO RoundTable
Cecil Pineda![Cecil Pineda]()
CISO RoundTable
Jameeka Green Aaron![Jameeka Green Aaron]()
CISO RoundTable
Pamela Clegg![Pamela Clegg]()
Keynote: Ransomware Investigations and Actionable Intelligence from DarkSide and REvil
Gavin Grounds![Gavin Grounds]()
Guest Keynote: Grounds’ Rules for Cyber Risk Quantification (CRQ)
Event Schedule
Times for this Event are in Central Time (CDT/CST)
The Conference will be open from 12PM to 6PM Wednesday, October 6th and 8AM to 4PM Thursday, October 7th.
- DAY ONE
- Welcome / Introductions
-
Expert Panel Discussion: Ransomware Prevention/Preparation, or the Closest You Can Come to It (Pre-Attack Practices) 12:10 pm
Click to Expand
Unless you’ve been under a rock, you’ve seen some big ransomware headlines. Moreover, ransomware-as-a-service changes the way many cyber leaders think about this topic, and changes some of the economics related to it. In this panel, our experts will talk about best practices, tactics and tricks for prevention and preparation. [NOTE: Post-Attack concepts will be discussed separately in a panel this afternoon] Sensitive data is put at risk, huge sums of money are in the balance, and organizations must struggle between expediency and the bottom line.
Panel Participants:
-
Disrupting Lateral Movement by Securing Active Directory 12:45 pm
Click to Expand
Organizations continue to build their security stacks, yet advanced threats and insiders continue to breach networks and extract valuable data. A common tactic among most of these Ransomware and Advanced Threat Actors today involves leveraging Active Directory. AD contains all of the information that an attacker needs to successfully move laterally and accomplish their mission.
In this session, Nick Houck will explore a new method for securing Active Directory that can (for the first time) actually prevent an attacker from progressing laterally through your enterprise network.
Some key highlights include:
- How Threat Actors use AD to accomplish their goals
- Why Monitoring Active Directory is not enough
- What simple tools you can deploy to dramatically improve your security posture by better securing AD
Panel Participants:
-
The State of Secure Identity 2021 1:10 pm
Click to Expand
Digital identities control access to an ever-growing number of applications, services, and critical systems. This makes identity an interesting attack vector for threat actors and highlights the importance of authentication and authorization in preserving trust and security. The 2021 Auth0 State of Secure Identity report highlights the latest trends in identity security, including what types of attacks Auth0 has observed, the characteristics of these attacks, what industries are most affected, and the adoption rates for identity protection technologies.
During this session, we’ll provide greater insight into which industries are:
– Most highly targeted by credential stuffing attacks
– Most highly targeted by SQL injection attacks
– Leading the way in MFA adoption to improve overall security posture
We’ll also shed light on: fake account creation, MFA bypass attacks, and what defensive measures are being adopted to combat these identity security threats.
Panel Participants:
-
Expert Panel Discussion: Empowering Users to Be the Best Human Firewall in Your Organization 1:45 pm
Click to Expand
Your business users, those oft-confused carbon-based life forms normally roaming the halls of your office building, are now at home on their (probably very secure) private networks. Maybe with corporate devices, maybe not. This makes it more important than ever to arm them with tools, training and the sense to look for suspicious activity.
Our panelists today will talk more about this issue, and what you can do to make your users the best last line of defense.
Panel Participants:
-
Ransomware Decoded: Understanding & Preventing Modern Ransomware Attacks 2:20 pm
Click to Expand
Learn how to become fearless in the face of modern ransomware attacks. Next-gen ransomware has evolved to better evade standard defenses and targeted attacks stand a high chance of success against underprepared environments, making a behavior-based approach to prevention, detection, and response required for success.
Join our session to understand how to deploy fearless ransomware protection to detect the preliminary stages of a ransomware attack, fully analyze the scope and scale of the operation, and prevent the execution of the malicious ransomware payload to mitigate future cyber risk.
WHY SHOULD I ATTEND?
– Learn about the latest ransomware trends
– Dissect discoveries from Cybereason’s Nocturnus team
– Become empowered to defend against ransomware
Panel Participants:
-
Remote Work – The Wild West of Endpoint Management 2:45 pm
Click to Expand
The pandemic forced many of us to switch to working remotely overnight. At the time this was and continues to be an ongoing challenge for IT Departments that need to manage and maintain their remote endpoints. Now that companies are trending towards long-term remote work options, IT Infrastructure has to continue to adapt to the new and demanding ways of working from home. During this session we will cover what remote work has to do with the Wild West and what you need to be aware of to tame these challenges.
Panel Participants:
-
Understanding the Fundamental Transition from On-Premises to Private Access Cloud 3:30 pm
Click to Expand
Discussing the transition to the cloud from traditional premise environments. How the sudden shift in workforce requirements have increased the need for security and remote access, and how the distributed model has evolved security architectures.
Panel Participants:
-
Tips for Making the Zero Trust Enterprise a Reality 3:55 pm
Click to Expand
It has never been more important to understand how zero-trust network access can better secure your remote and hybrid working environment. People are the new enterprise perimeter and protecting them and the data they access is mission critical.
Panel Participants:
-
CISO RoundTable 4:20 pm
Click to Expand
Submit your bio for consideration to participate on our CISO RoundTable
to [email protected] or fill out our Call for Speakers form here.
Panel Participants:
- Community Garden Party & Networking Reception
- DAY TWO
- Breakfast Briefing
- Welcome / Introductions
-
CISO Author Interview - Well Aware: Master the Nine Cybersecurity Habits to Protect Your Future 9:30 am
Click to Expand
The Greater DFW Area is blessed with a great many learned CISOs, and we’re pleased to have George Finney, CISO from Southern Methodist University (SMU) as part of the agenda for the Dallas Cybersecurity Summit.
Today, we’ll dig into his latest book, “Well Aware: Master the Nine Cybersecurity Habits to Protect Your Future.” Well Aware offers a timely take on the leadership issues that businesses face when it comes to the threat of hacking. This book examines security challenges using lessons learned from psychology, neuroscience, history, and economics.
Spanning those habits – literacy, skepticism, vigilance, secrecy, culture, diligence, community, mirroring, and deception – are stories that assert that cybersecurity is not a technology problem; it’s a people problem.
In this “fireside chat” style Q&A, George will be interviewed by our moderator Michael. He will share some of the lessons from the book, experiences on learnings from his 20+ year CISO career and talk about his inspirations.
Panel Participants:
-
Securing the Modern API Ecosystem 9:50 am
Click to Expand
APIs are central to digital transformation. Public cloud adoption, modern application architectures, and cloud-native designs capitalize on APIs as a foundational building block. Meanwhile, Gartner predicts that APIs will become the most frequently targeted attack vector by 2022.Attendees of this presentation will learn modern API strategies for security and risk management, including how to perform:
- API discovery and inventory management
- continuous vulnerability identification and testing
- runtime prevention and detection
Importantly, we will focus on orchestration across business, technology, and security teams to empower API-centric business and technology strategies with a shared, complete picture of API risks from code to production.
Panel Participants:
-
Expert Panel Discussion: DevSecOps: Application Security in Hybrid, Multi-Cloud Environments 10:35 am
Click to Expand
89% of CISOs say microservices API, containers, and Kubernetes have created application security blind spots. As the application landscape continues to grow, and the increased use of cloud-native architectures challenges traditional approaches, cybersecurity leaders are often looking for new ways to understand potential vulnerabilities. With faster iterations from Agile Development pushing the DevSecOps Teams to move as quickly as possible, there is ample room for gaps to appear.
In this panel, our experts will discuss some of the various approaches to address these issues. The discussion will cover challenges faced by teams of all sizes, and processes, tools and methods that are in use to address.
Panel Participants:
-
Self Learning AI: Redefining Enterprise Security 11:05 am
Click to Expand
In this new era of cyber-threat, characterized by both slow and stealthy attacks and rapid, automated campaigns, static and siloed security tools are failing – and the challenge has gone beyond one that is human-scalable. Organizations need to urgently rethink their strategy to ensure their systems, critical data and people are protected, wherever they are. Today’s Autonomous, Self-Learning defenses are capable of identifying and neutralizing security incidents in seconds, not hours – before the damage is done
In this session, learn how self-learning AI:
- Detects, investigates and responds to threats – even while you are OOTO
- Protects your entire workforce and digital environment – wherever they are, whatever the data
- Defends against zero-days and other advanced attacks – without disrupting the organization
Panel Participants:
-
Remote Workforce: Authorization Intercept, Recording & Tracking 11:30 am
Click to Expand
Learn what benefits organizations gain from the latest security controls around remote access including session recording, authorization intercept on demand and modeling of remote user behavior. How ZTNA and SASE are making this possible without major investments in products, manpower, infrastructure or change and why the remote worker also enjoys faster access performance to their applications and services.
Panel Participants:
- Demo Sessions / Lunch Break
-
Demo Session: Neurons for Zero Trust Access 12:20 pm
Click to Expand
As we see pandemic restrictions starting to subside around the globe, the impact of the “Remote” Tech Tsunami that accompanied the pandemic has started to become a reality. From advanced vulnerabilities impacting Edge Technologies, to the Everywhere Workplace, companies are faced with greater security challenges and vulnerability threats now more than ever before.
Join Ivanti’s Global Systems Engineer, Khal Taha, as he covers security and control challenges faced by businesses in today’s “new” world as well as how the recent acquisitions of Pulse Secure and Mobile Iron provide Ivanti customers with the most comprehensive Cloud to Edge, Zero Trust Access solution, available in today’s market.
-
Keynote: Ransomware Investigations and Actionable Intelligence from DarkSide and REvil 12:45 pm
Click to Expand
Ransomware is now a threat equal to terrorism. Cryptocurrencies have proven to be a lucrative modus operandi for criminal groups and state-actors looking to launder funds and evade sanctions. Cryptocurrency intelligence products, such as CipherTrace Inspector, can remove the financial incentives from ransomware perpetrators without risking brute force attacks. In May 2021, US-based Colonial Pipeline paid 75 BTC ($4.3M USD at the time) after a ransomware attack from DarkSide severely hindered the refinery’s operations. In March 2020, a DOJ Verified complaint illustrated how North Korea launched sophisticated attacks on cryptocurrency exchanges to finance their WMD program by laundering hundreds of millions of dollars’ worth of the stolen cryptocurrency through several banks and cryptocurrency exchanges. An uptick in Iranian and DPRK state-sponsored ransomware also led to OFAC issuing an advisory in October 2020 to alert companies that engage with victims of ransomware attacks of the potential sanctions risks for facilitating ransomware payments.
Learn how investigators were able to utilize blockchain analysis tools to follow the illicit flow of funds and see exactly how bad actors moved stolen crypto to virtual asset service providers and, eventually, banks.
Objectives:
- Examine how blockchain analytics enabled investigators to follow the flow of funds in recent ransomware cases like DarkSide (Colonial Pipeline)
- Explore the role banks play in converting crypto to fiat
- Understand how ransomware is used to evade sanctions
- Look at the risks financial institutions face by processing ransomware payments for customers
- Learn which methods North Korean hackers have used to steal, obfuscate, and launder their crypto
Panel Participants:
-
The Automation Journey: Where's the Wall 1:40 pm
Click to Expand
Gartner says 69% of Boards of Directors accelerated their digital business initiatives following COVID-19 disruption. This has made organizations shorten the time to integrate technologies, reduce the effort it takes to update them, and reduce development costs. We will discuss the automation journey and where we are seeing where most organizations hit the ‘automation’ wall.
Panel Participants:
-
Automatic Vulnerability Discovery: False Promise for the DevSecOps world? 2:20 pm
Click to Expand
DevSecOps suggests that all security activities should be as automated as possible. Regarding automatic vulnerability discovery: How much can we expect? How many vulnerabilities are discovered automatically? How many are still undetected (escapes or false negatives)? Are automatic tools enough? In this talk, we will answer and teach you how to answer these and other related questions in a quantitative way.
Panel Participants:
-
The Art & Science of Cloud Security 2:45 pm
Click to Expand
Come learn about the beauty of the cloud while applying the right “science” to securing your multiple cloud services. We will discuss the journey to the cloud and how security tools all work together to build a unified cloud security strategy work of art.
Panel Participants:
-
Guest Keynote: Grounds’ Rules for Cyber Risk Quantification (CRQ) 3:10 pm
A Realist’s Guide on Why CRQ is a Prerequisite and How to Do It Right.
Click to ExpandIn almost all areas of business and corporate management, we speak in terms of facts, figures and real fiscal currencies. So why do cybersecurity leaders opt for gradients (low, medium, high, critical) and colors (Green, Amber, Red… “traffic light” chart)?
This keynote will analyze the key reasons why qualitative risk methods and relative ratings are woefully inadequate and do not meet basic business needs; and delve into their weakness as it pertains to the inputs and conclusions.
Adding business context and factoring in criticality, potential revenue impact, and likelihood to occur are a start; however, vulnerabilities rated (relatively) based on their technical characteristics and overall exploitability will not build an accurate risk picture. Gavin will then expand on specific techniques on how to quickly adopt a meaningful quantitative risk management (QRM) methodology and framework that is not exclusively built around minimizing Annualized Loss Expectancy (ALE).
Specific working examples will highlight why ALE-based risk quantification is only a part of the equation. Further, the talk will expand on how using QRM can go beyond risk reduction to deliver measurable and quantifiable analysis to support business enablement and rationalize cybersecurity controls and investment levels.
In essence, his session will help business leaders to understand how to factor cyber risk and technology services risk into business risk in a meaningful, quantifiable fashion.
Panel Participants:
- Conference Final Closing Session
-
Partners
Gold Partners
![Attivo Networks]()
![Auth0]()
![Ivanti]()
![Kenna Security]()
![Noname Security]()
Silver Partners
![baramundi - Alternate]()
![Bitglass]()
![CarbonHelix]()
![Cybereason]()
![Darktrace]()
![Fluid Attacks]()
![Lookout]()
![Menlo Security]()
![Swimlane - Alternate]()
Bronze Partners
![Armorblox]()
![Cobalt]()
![ExtraHop]()
![Neosec]()
![Spyderbat]()
Exhibiting Partners
Affiliate Partners
![AFCEA ArkLaTex]()
![ISSA North Texas]()
