Registration

Thu. Mar 03

Registration for qualified senior cybersecurity professionals. Subject to approval.

I agree to Data Connectors Terms and Conditions *

Price: FREE

ENTER VIP CODE HERE


Event Schedule

Times for this Event are in Eastern Time (EDT/EST).

The Summit will be open from 8:30 AM to 5 PM.

  • Welcome / Introductions
  • IAM + WFH - Authentication vs Authorization 8:30 am
    Add to Calendar20220303 8:30 am20220303 8:50 amAmerica/New_YorkIAM + WFH - Authentication vs Authorization

    The “perimeter” concept for organizational security… The castles and moats analogy no longer applies… As we all went to Work From Home quickly – we tested the boundaries of identity and authentication. 

    Join this session to discuss the concepts and trends shaping identity and authentication, from IAM to passwordless, and PAM to zero-trust.

    .

    The “perimeter” concept for organizational security… The castles and moats analogy no longer applies… As we all went to Work From Home quickly – we tested the boundaries of identity and authentication. 

    Join this session to discuss the concepts and trends shaping identity and authentication, from IAM to passwordless, and PAM to zero-trust.

    Click to Expand

    Collapse This Item

  • The State of Secure Identity 8:50 am
    Add to Calendar20220303 8:50 am20220303 9:10 amAmerica/New_YorkThe State of Secure Identity

    Digital identities control access to an ever-growing number of applications, services, and critical systems. This makes identity an interesting attack vector for threat actors, and highlights the importance of authentication and authorization in preserving trust and security. The 2021 Auth0 State of Secure Identity report highlights the latest trends in identity security, including what types of attacks Auth0 has observed, the characteristics of these attacks, what industries are most affected, and the adoption rates for identity protection technologies. 

    During this session, we’ll provide greater insight into which industries are: 

    – Most highly targeted by credential stuffing attacks 

    – Most highly targeted by SQL injection attacks 

    – Leading the way in MFA adoption to improve overall security posture 

    We’ll also shed light on: fake account creation, MFA bypass attacks, and what defensive measures are being adopted to combat these identity security threats.

    Presented by Auth0

    Digital identities control access to an ever-growing number of applications, services, and critical systems. This makes identity an interesting attack vector for threat actors, and highlights the importance of authentication and authorization in preserving trust and security. The 2021 Auth0 State of Secure Identity report highlights the latest trends in identity security, including what types of attacks Auth0 has observed, the characteristics of these attacks, what industries are most affected, and the adoption rates for identity protection technologies. 

    During this session, we’ll provide greater insight into which industries are: 

    – Most highly targeted by credential stuffing attacks 

    – Most highly targeted by SQL injection attacks 

    – Leading the way in MFA adoption to improve overall security posture 

    We’ll also shed light on: fake account creation, MFA bypass attacks, and what defensive measures are being adopted to combat these identity security threats.

    Click to Expand

    Collapse This Item

  • Cyber Exec RoundTable: Is Cyber-Insurance Worth It? Yes or No? 9:15 am
    Add to Calendar20220303 9:15 am20220303 9:45 amAmerica/New_YorkCyber Exec RoundTable: Is Cyber-Insurance Worth It? Yes or No?

    As ransomware and other cyber-attacks have been on the rise over the past few years, Cyber-Insurance premiums are up… some say by 200-300%.  Hospitals, healthcare providers, and related organizations have faced a growing number of attacks. This is expected to continue in 2022. In this roundtable discussion, panelists will discuss the particular issues they face and new challenges they anticipate on the horizon. 

    .

    As ransomware and other cyber-attacks have been on the rise over the past few years, Cyber-Insurance premiums are up… some say by 200-300%.  Hospitals, healthcare providers, and related organizations have faced a growing number of attacks. This is expected to continue in 2022. In this roundtable discussion, panelists will discuss the particular issues they face and new challenges they anticipate on the horizon. 

    Click to Expand

    Panel Participants:

    Brian Bobo
    Brian Bobo

    Brian Bobo

    CIO and CISO - Greenway Health

    Daniel Walsh
    Daniel Walsh

    Daniel Walsh

    CISO - VillageMD

    Collapse This Item

  • Managing Risk: Seek Forward Accountability and Assume a Stormy Seas 9:55 am
    Add to Calendar20220303 9:55 am20220303 10:15 amAmerica/New_YorkManaging Risk: Seek Forward Accountability and Assume a Stormy Seas

    While managing risk has always been a part of the CISO office, most resources turn to stopping new ransomware threats, managing supply chain attacks and mitigating third-party vulnerabilities. How can CISOs truly move to managing risk? And by extension, how can they clearly communicate risk, and measure the efficacy of mitigation activities? 

    Join this session to learn how to facilitate the risk conversation with non-technical leaders, determine priorities, and counterbalance cybersecurity considerations against business requirements. This session will also address risk quantification, accounting, budgeting and resourcing, and building more resilience rather than taller walls.

    .

    While managing risk has always been a part of the CISO office, most resources turn to stopping new ransomware threats, managing supply chain attacks and mitigating third-party vulnerabilities. How can CISOs truly move to managing risk? And by extension, how can they clearly communicate risk, and measure the efficacy of mitigation activities? 

    Join this session to learn how to facilitate the risk conversation with non-technical leaders, determine priorities, and counterbalance cybersecurity considerations against business requirements. This session will also address risk quantification, accounting, budgeting and resourcing, and building more resilience rather than taller walls.

    Click to Expand

    Collapse This Item

  • Low Hanging Fruit: Improve Ad Hygiene For the Easy Win 10:15 am
    Add to Calendar20220303 10:15 am20220303 10:35 amAmerica/New_YorkLow Hanging Fruit: Improve Ad Hygiene For the Easy Win

    We read about successful cyber and ransomware attacks every day. Most organizations do not realize that these attacks all have ONE thing in common and that there are simple, rapid, and inexpensive/free actions they can take which will dramatically improve their defense. This presentation will discuss key challenges with improving AD security and offer real solutions.

    Presented by Attivo Networks

    We read about successful cyber and ransomware attacks every day. Most organizations do not realize that these attacks all have ONE thing in common and that there are simple, rapid, and inexpensive/free actions they can take which will dramatically improve their defense. This presentation will discuss key challenges with improving AD security and offer real solutions.

    Click to Expand

    Collapse This Item

  • Cyber Exec RoundTable: Compliance and Security in Healthcare: Lessons Learned 10:35 am
    Add to Calendar20220303 10:35 am20220303 10:55 amAmerica/New_YorkCyber Exec RoundTable: Compliance and Security in Healthcare: Lessons Learned

    In this panel, CISOs from various healthcare concerns relate their experiences from years of working on thorny cyber issues.  In regulated industries like ours, compliance is important and takes a great deal of effort. But will compliance get you all the way to good security?  Within those regulations, what are the lessons learned in terms of SaMD, Tele-Health, HIPPA compliance, etc.

    .

    In this panel, CISOs from various healthcare concerns relate their experiences from years of working on thorny cyber issues.  In regulated industries like ours, compliance is important and takes a great deal of effort. But will compliance get you all the way to good security?  Within those regulations, what are the lessons learned in terms of SaMD, Tele-Health, HIPPA compliance, etc.

    Click to Expand

    Panel Participants:

    Dr. Chandana Unnithan
    Dr. Chandana Unnithan

    Dr. Chandana Unnithan

    Chief Security and Informatics Officer (CSIO) - Lifeguard Digital Health

    Jeffrey Johnson
    Jeffrey Johnson

    Jeffrey Johnson

    CISO and Sr. Director at Siemens Healthcare

    Kenneth Dickinson
    Kenneth Dickinson

    Kenneth Dickinson

    CISO at AnMed Health

    Hassan Asghar
    Hassan Asghar

    Hassan Asghar

    CISO at Hinge Health

    Collapse This Item

  • Leveling Up To Prevent Cyber Extortion: A Blueprint for Outcome-Based Cybersecurity Investments and More Effective Public-Private Partnership Model. 11:20 am
    Add to Calendar20220303 11:20 am20220303 11:40 amAmerica/New_YorkLeveling Up To Prevent Cyber Extortion: A Blueprint for Outcome-Based Cybersecurity Investments and More Effective Public-Private Partnership Model.

    In today’s evolving threat landscape — which features malicious actors frequently innovating at a pace unmatched by most defenses — companies of all sizes are in the cross hairs. They need more tailored guidance to make higher impact investments to mitigate cyber extortion. So while there’s no shortage of useful cybersecurity frameworks to guide information security and risk management programs — actually implementing them requires expertise and effective risk-based prioritization that most organizations don’t have. Too often, this dynamic leads to confusion, rather than impact. At the same time, the US federal response has been tepid to date with vague commitments around information sharing and marginal improvements in malware signature sharing and vulnerability disclosures, all of which primarily help sophisticated organizations. We need to level up our game. The federal government can provide more meaningful support to the private sector by leveraging its unique analytical capabilities to give organizations tailored control and monitoring guidance, based on higher fidelity threat modeling. This will assist organizations in making higher-impact investments that drive outcomes, and incentivize vendors to benchmark their offerings against federal recommendations to drive more outcome-based evaluations.

    Presented by ActZero

    In today’s evolving threat landscape — which features malicious actors frequently innovating at a pace unmatched by most defenses — companies of all sizes are in the cross hairs. They need more tailored guidance to make higher impact investments to mitigate cyber extortion. So while there’s no shortage of useful cybersecurity frameworks to guide information security and risk management programs — actually implementing them requires expertise and effective risk-based prioritization that most organizations don’t have. Too often, this dynamic leads to confusion, rather than impact. At the same time, the US federal response has been tepid to date with vague commitments around information sharing and marginal improvements in malware signature sharing and vulnerability disclosures, all of which primarily help sophisticated organizations. We need to level up our game. The federal government can provide more meaningful support to the private sector by leveraging its unique analytical capabilities to give organizations tailored control and monitoring guidance, based on higher fidelity threat modeling. This will assist organizations in making higher-impact investments that drive outcomes, and incentivize vendors to benchmark their offerings against federal recommendations to drive more outcome-based evaluations.

    Click to Expand

    Collapse This Item

  • AI & ML in Cybersecurity: Can We ‘Science the Heck’ Out of Trouble? 11:40 am
    Add to Calendar20220303 11:40 am20220303 12:00 pmAmerica/New_YorkAI & ML in Cybersecurity: Can We ‘Science the Heck’ Out of Trouble?

    We get it, Artificial Intelligence (AI) with particular focus on Machine Learning (ML) is one way to overcome advanced threats with particular attention to scale. That said, those terms are thrown at our executives to delight, amaze and confuse them. How do we really discern between them as tools in our kit versus ‘Weapons of Mass Distraction’? 

    .

    We get it, Artificial Intelligence (AI) with particular focus on Machine Learning (ML) is one way to overcome advanced threats with particular attention to scale. That said, those terms are thrown at our executives to delight, amaze and confuse them. How do we really discern between them as tools in our kit versus ‘Weapons of Mass Distraction’? 

    Click to Expand

    Collapse This Item

  • Lunch Break
  • Keynote Presentation 12:30 pm
    Add to Calendar20220303 12:30 pm20220303 1:15 pmAmerica/New_YorkKeynote Presentation

    .

    Collapse This Item

  • Cloud Clarity in 2022: Strategy, Execution & Alignment 1:15 pm
    Add to Calendar20220303 1:15 pm20220303 1:35 pmAmerica/New_YorkCloud Clarity in 2022: Strategy, Execution & Alignment

    Securely optimizing the cloud for better business outcomes is the product of clear communication of terms and expectations, alignment with business processes and functions, and partnerships among multiple internal and external stakeholders. “Activity” does not equal “progress.”  In this session, attendees will hear about creating definitional clarity, building adaptability, and creating cross-functional, business-wide alignment. 

    .

    Securely optimizing the cloud for better business outcomes is the product of clear communication of terms and expectations, alignment with business processes and functions, and partnerships among multiple internal and external stakeholders. “Activity” does not equal “progress.”  In this session, attendees will hear about creating definitional clarity, building adaptability, and creating cross-functional, business-wide alignment. 

    Click to Expand

    Collapse This Item

  • Don’t Phreak Out: Bring VOIP, P2P, and Server-initiated Access into the Zero Trust Era 1:35 pm
    Add to Calendar20220303 1:35 pm20220303 1:55 pmAmerica/New_YorkDon’t Phreak Out: Bring VOIP, P2P, and Server-initiated Access into the Zero Trust Era

    It all started with phreaking the phone network and a few clever hackers. Today business runs on IP networks and VOIP is an important application used by employees, contractors, and partners. Hackers today focus on attacking these private IP networks and they target vulnerable VPNs to gain access. Consequently, organizations are turning to zero trust network access (ZTNA) to protect their networks and applications against these attacks. For the longest time only VPNs were used to enable remote access for VOIP, P2P, or server-initiated flows. That changes now. Learn how you can add VOIP, P2P, and server-initiated flows into a zero trust network access model.

    Presented by Axis Security

    It all started with phreaking the phone network and a few clever hackers. Today business runs on IP networks and VOIP is an important application used by employees, contractors, and partners. Hackers today focus on attacking these private IP networks and they target vulnerable VPNs to gain access. Consequently, organizations are turning to zero trust network access (ZTNA) to protect their networks and applications against these attacks. For the longest time only VPNs were used to enable remote access for VOIP, P2P, or server-initiated flows. That changes now. Learn how you can add VOIP, P2P, and server-initiated flows into a zero trust network access model.

    Click to Expand

    Collapse This Item

  • Fighting Ransomware with Autonomous Response 2:10 pm
    Add to Calendar20220303 2:10 pm20220303 2:30 pmAmerica/New_YorkFighting Ransomware with Autonomous Response

    New strains of ransomware are leaving organizations vulnerable – too often, security teams lack the ability to respond proportionately to an attack, leading to cyber disruption across the organization.

    Join Darktrace as we unpack some of today’s most advanced ransomware threats. Learn how Self-Learning AI understands the organization to reveal every stage of a ransomware attack – and takes targeted, autonomous action to stop the threat in its tracks.  

    This presentation will discuss: 

    • Recent ransomware threat trends, including double extortion and RDP attacks 
    • How Autonomous Response takes action to contain an emerging attack, even when security teams are out of office   
    • Real-world examples of ransomware detected by Darktrace AI – including a zero-day and an attack initiated on Christmas Day

    Presented by Darktrace

    New strains of ransomware are leaving organizations vulnerable – too often, security teams lack the ability to respond proportionately to an attack, leading to cyber disruption across the organization.

    Join Darktrace as we unpack some of today’s most advanced ransomware threats. Learn how Self-Learning AI understands the organization to reveal every stage of a ransomware attack – and takes targeted, autonomous action to stop the threat in its tracks.  

    This presentation will discuss: 

    • Recent ransomware threat trends, including double extortion and RDP attacks 
    • How Autonomous Response takes action to contain an emerging attack, even when security teams are out of office   
    • Real-world examples of ransomware detected by Darktrace AI – including a zero-day and an attack initiated on Christmas Day
    Click to Expand

    Collapse This Item

  • A Realistic Take on Zero Trust 2:30 pm
    Add to Calendar20220303 2:30 pm20220303 2:50 pmAmerica/New_YorkA Realistic Take on Zero Trust

    Learn about how you can take a pragmatic approach to securing your multiple cloud apps and services. We will discuss the journey to the cloud and how security tools all work together to build a unified cloud security strategy that is effective and scalable for modern enterprises.

    Presented by Lookout

    Learn about how you can take a pragmatic approach to securing your multiple cloud apps and services. We will discuss the journey to the cloud and how security tools all work together to build a unified cloud security strategy that is effective and scalable for modern enterprises.

    Click to Expand

    Collapse This Item

  • Cyber Exec RoundTable: Protecting Patient Data: Cybersecurity Challenges in Healthcare & Life Sciences 2:50 pm
    Add to Calendar20220303 2:50 pm20220303 3:20 pmAmerica/New_YorkCyber Exec RoundTable: Protecting Patient Data: Cybersecurity Challenges in Healthcare & Life Sciences

    Cyber-attacks that target personal data are aiming for the ‘treasure trove’ of PII that healthcare, pharmaceutical and life sciences organizations have in their servers.  In this panel, executives will talk about what they are doing to protect data at rest and in motion, what they see as the key challenges, and best practices they’d share with peer cyber leaders in the audience.

    .

    Cyber-attacks that target personal data are aiming for the ‘treasure trove’ of PII that healthcare, pharmaceutical and life sciences organizations have in their servers.  In this panel, executives will talk about what they are doing to protect data at rest and in motion, what they see as the key challenges, and best practices they’d share with peer cyber leaders in the audience.

    Click to Expand

    Panel Participants:

    William Scandrett
    William Scandrett

    William Scandrett

    CISO - Allina Health

    Daniel Walsh
    Daniel Walsh

    Daniel Walsh

    CISO - VillageMD

    Adam Mansour
    Adam Mansour

    Adam Mansour

    vCISO at ActZero

    Collapse This Item

  • The Cybersecurity Skills Shortage 3:30 pm
    Add to Calendar20220303 3:30 pm20220303 3:50 pmAmerica/New_YorkThe Cybersecurity Skills Shortage

    There are currently 310,000 unfilled cybersecurity jobs in the United States, and millions around the world. However, there is no shortage of cybersecurity hopefuls – millions of students, career changers, and people from all walks of life hoping to break into cybersecurity. 

    This session will explore the issues around cybersecurity jobs.  Breaking into the field, the relative need for certifications, formal education, on-the-job training and more.  The discussion will explore the supply and demand disconnect that has been created – resulting in both a ton of great candidates looking for roles, and a cybersecurity skills shortage.

    .

    There are currently 310,000 unfilled cybersecurity jobs in the United States, and millions around the world. However, there is no shortage of cybersecurity hopefuls – millions of students, career changers, and people from all walks of life hoping to break into cybersecurity. 

    This session will explore the issues around cybersecurity jobs.  Breaking into the field, the relative need for certifications, formal education, on-the-job training and more.  The discussion will explore the supply and demand disconnect that has been created – resulting in both a ton of great candidates looking for roles, and a cybersecurity skills shortage.

    Click to Expand

    Collapse This Item

  • Supply Chain & Third Party Risk Management 3:55 pm
    Add to Calendar20220303 3:55 pm20220303 4:15 pmAmerica/New_YorkSupply Chain & Third Party Risk Management

    A supply chain encompasses the entire network of all the individuals, organizations, resources, activities and technology involved in the creation and sale of a product.  The ultimate goal of an effective supply chain is lower costs of doing business thus resulting in higher profits and improved customer satisfaction.  The process of bringing in a third party involves identifying, assessing and controlling all the various risks that can develop over the entire lifecycle of such relationships.  

    Join this session to drive into how sophisticated attackers can live quietly inside even organizations with significant expertise and mature security processes. 

    .

    A supply chain encompasses the entire network of all the individuals, organizations, resources, activities and technology involved in the creation and sale of a product.  The ultimate goal of an effective supply chain is lower costs of doing business thus resulting in higher profits and improved customer satisfaction.  The process of bringing in a third party involves identifying, assessing and controlling all the various risks that can develop over the entire lifecycle of such relationships.  

    Join this session to drive into how sophisticated attackers can live quietly inside even organizations with significant expertise and mature security processes. 

    Click to Expand

    Collapse This Item

  • Cyber Exec RoundTable: Protecting the Internet of Things in Healthcare 4:15 pm
    Add to Calendar20220303 4:15 pm20220303 4:45 pmAmerica/New_YorkCyber Exec RoundTable: Protecting the Internet of Things in Healthcare

    IoT attacks related to healthcare providers read like the plot of a spy novel. With thousands of devices connected, asset inventory is increasingly difficult. Issues around fast authentication in life-threatening situations, network segmentation, and sentient devices keep CISOs up at night.  In this panel, executives discuss their approaches, what they have learned, and share best practices. 

    .

    IoT attacks related to healthcare providers read like the plot of a spy novel. With thousands of devices connected, asset inventory is increasingly difficult. Issues around fast authentication in life-threatening situations, network segmentation, and sentient devices keep CISOs up at night.  In this panel, executives discuss their approaches, what they have learned, and share best practices. 

    Click to Expand

    Panel Participants:

    Christopher Frenz
    Christopher Frenz

    Christopher Frenz

    AVP of IT Security

    Chris Lockery
    Chris Lockery

    Chris Lockery

    VP Infrastructure and CISO at Help at Home

    Collapse This Item

  • Summit Closing Session
Partners Register