Registration

Thu. Sep 30

Registration for qualified senior cybersecurity professionals. Subject to approval.

  • Featured Speakers

    Collapse This Item

Event Schedule

Times for this Event are in Pacific Time (PDT/PST)

The Summit will be open from 8AM to 6PM.

  • Welcome / Introductions
  • Is Active Directory and Multi-Cloud Leaving you Exposed? 8:30 am

    Presented by Attivo Networks

    Come learn why Active Directory has become a primary target for attackers and how multi-cloud adoption is dramatically expanding your attack surface. We will discuss advanced attacks that are exploiting these weaknesses and outline steps you should take to reduce your risk of being compromised.

    Click to Expand

    Panel Participants:

    Dave Rez
    Dave Rez

    Dave Rez

    Identity Security Specialist at Attivo Networks

    Collapse This Item

  • Securing the Modern API Ecosystem 8:50 am

    Presented by Noname Security

    APIs are central to digital transformation. Public cloud adoption, modern application architectures, and cloud-native designs capitalize on APIs as a foundational building block. Meanwhile, Gartner predicts that APIs will become the most frequently targeted attack vector by 2022. Attendees of this presentation will learn modern API strategies for security and risk management, including how to perform:

    • API discovery and inventory management
    • continuous vulnerability identification and testing
    • runtime prevention and detection

    Importantly, we will focus on orchestration across business, technology, and security teams to empower API-centric business and technology strategies with a shared, complete picture of API risks from code to production.

    Click to Expand

    Panel Participants:

    Karl Mattson
    Karl Mattson

    Karl Mattson

    CISO at Noname Security

    Collapse This Item

  • Trends in Third-Party Risk 9:30 am

    Presented by Onetrust

    As the world changes, third-party risk management requirements change too. So, what can you expect in 2021? How can you prepare for what’s ahead? We’ve helped implement thousands of third-party risk management programs, and in doing so, we’ve seen how organizations’ needs have evolved. There are proactive measures you can take to stay ahead of the curve. But in order to execute against and adapt to these third-party risk trends, you need to first know what the future holds.

    In this session, we’ll answer the following questions: 

    -What are the latest trends for third-risk management?

     -How your organization adapts to current and future trends?

     -What can you do to future-proof your third-party risk management program?

     -Where can you go to keep up-to-date with new third-party risk trends as they emerge?

    Click to Expand

    Panel Participants:

    Justin Harrison
    Justin Harrison

    Justin Harrison

    Third-Party Risk Consultant at OneTrust

    Collapse This Item

  • Zero Trust Security for Everywhere Workplace 9:50 am

    Presented by Ivanti

    As we see pandemic restrictions starting to subside around the globe, the impact of the “Remote” Tech Tsunami that accompanied the pandemic has started to become a reality. From advanced vulnerabilities impacting Edge Technologies, to the Everywhere Workplace, companies are faced with greater security challenges and vulnerability threats now more than ever before.

    Join Ivanti’s Global CTO, Mike Riemer, as he covers security and control challenges faced by businesses in today’s “new” world as well as how the recent acquisitions of Pulse Secure and Mobile Iron provide Ivanti customers with the most comprehensive Cloud to Edge, Zero Trust Access solution, available in today’s market.

    Click to Expand

    Panel Participants:

    Michael Riemer
    Michael Riemer

    Michael Riemer

    Global Vice President, Office of the CTO at Ivanti

    Collapse This Item

  • Expert Panel Discussion: Protecting Users 10:10 am

    Protecting Users - Identity, Endpoints and Access Management

    The 2000’s view of “perimeter” in terms of security conjures up an analogy about castles and moats… but today, the question is, where is the moat? As we turbo-charged Work From Home this year, and BYOD is just a way of life – have your Identity and Access Management practices kept-up?

    Click to Expand

    Panel Participants:

    Karl Mattson
    Karl Mattson

    Karl Mattson

    CISO at Noname Security

    E.J. Hilbert
    E.J. Hilbert

    E.J. Hilbert

    Former FBI Cyber Agent, CISO & Founder at KCECyber

    Brian Reed
    Brian Reed

    Brian Reed

    Cybersecurity Strategy at Proofpoint

    Collapse This Item

  • Do’s and Don'ts for Business Email Compromise (BEC) and Email Account Compromise (EAC) 10:55 am

    Presented by Proofpoint

    Email fraud leads to two main threats- one is Business Email Compromise (BEC) where attackers pretend to be you; the other one is Email Account Compromise (EAC) where attackers actually become you. BEC/EAC scams have cost the victimized businesses over $26 billion since 2016. What they have in common is that they both target people. They both rely on social engineering and are designed to solicit fraudulent wire transfers or payment. Unlike malware attacks, BEC and EAC don’t typically include detectable malicious payload. These types of threats can be hard to recognize because to the target these business requests sent by the impostors seem very routine and reasonable.

    Join our session and learn about:

    • What is BEC and EAC? And how do they work?
    • What are the common attack tactics regarding this new form of email threats?
    • Best practices to defend against BEC and EAC
    Click to Expand

    Panel Participants:

    Ash Valeski
    Ash Valeski

    Ash Valeski

    Email Security Product Evangelist

    Collapse This Item

  • Risk Mitigation Strategies for TCP/IP Vulnerabilities in OT 11:15 am

    Presented by Forescout

    Join this session to dive into the industry’s most comprehensive study of TCP/IP vulnerabilities. We will cover 14 vulnerabilities affecting the popular closed source TCP/IP stack NicheStack. These vulnerabilities can cause Denial of Service or Remote Code Execution, allowing attackers to take targeted OT and ICS devices offline or take control of them. 

    Join this discussion to learn about: 

    • Recently discovered vulnerabilities and how they impact the NicheStack TCP/IP stack 
    • Organizations and devices with the highest potential to be affected 
    • How to assess and mitigate risk and protect enterprise networks
    Click to Expand

    Panel Participants:

    Liran Chen
    Liran Chen

    Liran Chen

    VP, Systems Engineering- Americas at Forescout Technologies

    Collapse This Item

  • Keynote Speaker: Cybersecurity Leadership Lessons, from Hawaii to Afghanistan 11:35 am

    If it’s not Illegal, immoral, or unethical – it’s on the table.  John Felker led some of our nation’s largest and most important groups within consequential missions related to security, defense and protection. Pulling from his experiences at CISA, NCCIC, the US Coast Guard Cyber Command, and more, he will share with the Conference audience his most prescient takeaways from a lifetime of service, with a specific focus on cybersecurity. 

    Today, cybersecurity leaders are uniquely positioned to lead their peers and the organizations they serve as we are among the most sought-after, read-in, and connected executives in our respective firms.  Patching together a depth of technical knowledge, Mr. Felker will focus on further developing information gathering practices, leadership style, and effective decision making in team-based environments that will embody your character as a leader and at the same time encourage the loyalty and compliance of staff at all levels. 

    Look for best practices on delegation, setting metrics, training, accountability, and building effective teams in this unique presentation from a monumental executive leader. 

    Click to Expand

    Panel Participants:

    John Felker
    John Felker

    John Felker

    President at Morse Alpha Associates
    Formerly: Asst Director, CISA
    Director, NCCIC; Dept. Director, USCG Cyber Command

    Collapse This Item

  • Lunch Break Sponsored by Kenna Security 12:30 pm

    Responsible Exposure: The Attacker-Defender Divide

    Panel Participants:

    Ed Bellis
    Ed Bellis

    Ed Bellis

    CTO and Co-Founder at Kenna Security

    Collapse This Item

  • Office, Home or Hybrid - Manage and Secure Endpoints Anywhere, Anytime 12:50 pm

    Presented by baramundi

    Cyberattacks have quadrupled since the beginning of the pandemic. Lots of endpoints are currently on their own when it comes to being managed and protected. What will happen when these machines come back to the office, or are they coming back at all? This presentation will address the different scenarios that companies may encounter and how to resolve them by automating their endpoint management.

    Click to Expand

    Panel Participants:

    Axel Peters
    Axel Peters

    Axel Peters

    Endpoint Security Executive at baramundi

    Collapse This Item

  • Don’t Phreak Out: Bring VOIP, P2P, and Server-initiated Access into the Zero Trust Era 1:10 pm

    Presented by Axis Security

    It all started with phreaking the phone network and a few clever hackers. Today business runs on IP networks and VOIP is an important application used by employees, contractors, and partners. Hackers today focus on attacking these private IP networks and they target vulnerable VPNs to gain access. Consequently, organizations are turning to zero trust network access (ZTNA) to protect their networks and applications against these attacks. For the longest time only VPNs were used to enable remote access for VOIP, P2P, or server-initiated flows. That changes now. Learn how you can add VOIP, P2P, and server-initiated flows into a zero trust network access model.

    Click to Expand

    Panel Participants:

    Gil Azrielant
    Gil Azrielant

    Gil Azrielant

    Co-Founder and CTO at Axis Security

    Collapse This Item

  • Faking It: Stopping Impersonation Attacks with Cyber AI 1:20 pm

    Presented by Darktrace

    Today, 94% of cyber-threats still originate in the inbox. ‘Impersonation attacks’ are on the rise, as artificial intelligence is increasingly being used to automatically generate spear-phishing emails, or ‘digital fakes’, that expertly mimic the writing style of trusted contacts and colleagues. 

    Humans can no longer distinguish real from fake on their own – businesses are increasingly turning to AI to distinguish friend from foe and fight back with autonomous response. 

    In an era when thousands of documents can be encrypted in minutes, ‘immune system’ technology takes action in seconds – stopping cyber-threats before damage is done. 

    Click to Expand

    Panel Participants:

    Mariana Pereira
    Mariana Pereira

    Mariana Pereira

    Director of Email Security Products at Darktrace

    Collapse This Item

  • Expert Panel Discussion: Ransomware 1:40 pm

    100 Ransomware Attacks Since Colonial Pipeline: What Have We Learned?

    Whether you chose to pay the ransomware or not, industry experts tell you to treat your entire network as contaminated. Rebuilding images, devices, re-formatting storage, and all the rest is part of this process. In this panel, our experts will talk about what to do first – and what to avoid, and where the traps may lie.

    Click to Expand

    Panel Participants:

    Liran Chen
    Liran Chen

    Liran Chen

    VP, Systems Engineering- Americas at Forescout Technologies

    Chad Haskell
    Chad Haskell

    Chad Haskell

    Senior Solutions Architect at Barracuda Networks, Inc.

    Ahsan Siddiqui
    Ahsan Siddiqui

    Ahsan Siddiqui

    Director of Product Management at Arcserve

    Collapse This Item

  • Ransomware Resilience 2:20 pm

    Presented by Zerto

    Ransomware attacks continue to bring an elevated threat of data loss and business disruptions. Legacy backup solutions do not meet the recovery needs or SLAs your organization needs. 

    Join this live session and hear how your company can:  

    • Instantly resume operations post-attack 
    • Reduce your data loss from days to seconds/minutes 
    • Test and isolate data to ensure a safe recovery
    Click to Expand

    Panel Participants:

    Ken Smallwood
    Ken Smallwood

    Ken Smallwood

    Solutions Engineer at Zerto

    Collapse This Item

  • Introduction to Risk-Based Vulnerability Management 2:40 pm

    Presented by Kenna Security

    Organizations have millions of vulnerabilities. And our research has shown that those same organizations, large or small, on average, can only fix one in 10 of those vulnerabilities.

    But as a security executive you still need to keep your organization secure, so how do you do that when you can’t possibly fix all of your vulnerabilities? The answer is to focus on your highest-risk vulnerabilities first.

    Join Kenna Security’s CTO and Co-Founder Ed Bellis as he:

    • Reviews what years of research into vulnerability management data uncovered about the scope of the challenge
    • Details the findings on how risk-based is the way to get ahead in vulnerability management
    • Lays out several factors that drive better remediation performance
    • Provides steps for setting up a successful risk-based vulnerability management program
    Click to Expand

    Panel Participants:

    Ed Bellis
    Ed Bellis

    Ed Bellis

    CTO and Co-Founder at Kenna Security

    Collapse This Item

  • Automatic Vulnerability Discovery: False Promise for the DevSecOps World? 3:15 pm

    Presented by Fluid Attacks

    DevSecOps suggests that all security activities should be as automated as possible. Regarding automatic vulnerability discovery: How much can we expect? How many vulnerabilities are discovered automatically? How many are still undetected (escapes or false negatives)? Are automatic tools enough? In this talk, we will answer and teach you how to answer these and other related questions in a quantitative way.

    Click to Expand

    Panel Participants:

    Daniel Salazar
    Daniel Salazar

    Daniel Salazar

    Lead DevSecOps Engineer at Fluid Attacks

    Collapse This Item

  • What CISOs Get Wrong About Connected Device Product Security (And Why You Should Care) 3:35 pm

    Presented by Finite State

    With billions of connected devices powering up every year, crowded markets have created unique challenges and opportunities for device manufacturers. In this environment, competitive differentiation is key. As attackers move away from application layer attacks, connected devices are now the ultimate low-hanging fruit to offer unauthorized access to critical IT and OT networks. 

    Breaches in product security will have unprecedented impacts on device manufacturers and owners. According to Gartner, cyber-physical attacks resulting in fatal casualties will cost over $50B by 2023. Even the White House is taking note, with a new Cybersecurity EO that will add new requirements for secure software. 

    In this presentation by Finite State, we’ll take a close look at how product security breaches occur, and how the financial impact of these breaches have tangible permanent effects on industry competitors. Learn proactive approaches to product security that are being adopted by some of the world’s largest device manufacturers, as well as how to ensure that your product security strategies generate value for your customers and shareholders.

    Click to Expand

    Panel Participants:

    Jeanette Sherman
    Jeanette Sherman

    Jeanette Sherman

    Sr. Director Product Development at Finite State

    Collapse This Item

  • Expert Panel Discussion: AI/ML 4:00 pm

    AI/ML and Other Leading-Edge Innovations in Cybersecurity

    We get it, Artificial Intelligence (AI) with particular focus on Machine Learning (ML) is one way to overcome advanced threats with particular attention to scale. That said, those terms are thrown at our executives to delight, amaze and confuse them. How do we really discern between them as tools in our kit versus ‘Weapons of Mass Distraction’?

    Click to Expand

    Panel Participants:

    Dr. Srinivas Mukkamala
    Dr. Srinivas Mukkamala

    Dr. Srinivas Mukkamala

    SVP of Security Products at Ivanti

    Collapse This Item

  • CISO RoundTable 4:30 pm

    Submit your bio for consideration to participate on our CISO RoundTable

    to [email protected] or fill out our Call for Speakers form here.

    Click to Expand

    Panel Participants:

    Nemi George
    Nemi George

    Nemi George

    VP, Information Security Officer & IT Service Operations at Pacific Dental Services

    Jeffrey Johnson
    Jeffrey Johnson

    Jeffrey Johnson

    CISO and Sr. Director at Siemens Healthcare

    E.J. Hilbert
    E.J. Hilbert

    E.J. Hilbert

    Former FBI Cyber Agent, CISO & Founder at KCECyber

    Richard Greenberg
    Richard Greenberg

    Richard Greenberg

    CEO Security Advisors LLC

    Collapse This Item

  • Closing Session + Prize Drawing
Register