Data Connectors is proud to host the Cybersecurity Strategies Conference.
CHECK-IN AND OPENING INTRODUCTIONS8:30 am - 9:00 am
Session One9:00 am - 9:30 am
What is Robotic Decision Automation and Why Should I care?
Writing SIEM Rules and monitoring detection consoles is out. Not only do we not like it, it hasn’t proved to be particularly effective. The Respond Analyst is a new kind of analyst that increases capacity and improves the capability of any security team, regardless of size – without adding to the burden of an already overworked team. Powered by Robotic Decision Automation (RDA), the Respond Analyst is ideal for organizations that are collecting meaningful security data, but struggle with having the manpower and resources to properly analyze and triage security incidents.
Join us during this presentation to learn:
- Why traditional human-centric monitoring based on rules and queries has failed and leads to analyst fatigue.
- How the Respond Analyst uses RDA to eliminate concerns of ‘unattended alerts’ and missed clues by analyzing more security data – without filters or tuning.
- How the Respond Analyst integrates with your existing technologies and workflows to speed response, modernize, and automate security operations.
Mike has over 25 years of experience in communications, networking, and security. He has sold, architected, and deployed SIEM solutions across the United States and around the world for companies like McAfee, NitroSecurity, and LogMatrix. Having spent many years helping security operations programs of all sizes design and implement security monitoring and log management solutions, Mike is expert in developing correlation rule sets and operationalizing processes and procedures to maximize efficiency. This expertise set the foundation for his belief in the value that automation can bring to cybersecurity. He shares that conviction each day as he helps Respond Software’s customers drive increased efficiency and explore how intelligent decision automation can transform their security programs. Mike’s academic background is in Computer Science, and he’s a veteran of the United States Air Force.
Session Two9:30 am - 10:00 am
Right of Cyber Boom
Every time a cyberattacker tricks a user into clicking on a malicious link or downloading a malicious file, all the blame falls on the user’s shoulders. The experts insist the solution is more education and training to increase user’s awareness levels. This is like saying that if a canary dies in a coalmine, we need to make canaries healthier. With 90%+ of successful attacks supposedly the result of user action, we need to reconsider how we look at these attacks. Using counterterrorism and safety science strategies, we break attacks down into 3 phases: Left of Boom, Boom, and Right of Boom. We then focus on Right of Boom, and go into strategies to mitigate potential loss initiated by the user actions.
The reality is that no matter how well prepared your users are, there will always be some action that initiates loss. Consider that even if users are 100% aware, there will always be a malicious user, where awareness helps their attacks. This presentation addresses the inevitable and lays out a multi-tiered strategy to proactively mitigate loss.
Ira Winkler is recognized as one of the world’s experts in Internet security, information warfare, information-related crime investigation, and industrial espionage.
Mr. Winkler began his career at the National Security Agency (NSA), where he performed cryptanalysis and was responsible for systems design and implementing security for intelligence collection and analysis systems.
Ira Winkler is the author of multiple cybersecurity books.
Break10:00 am - 10:30 am
Break / Vendor Booth Time
Session Three10:30 am - 11:00 am
The Human Deception Problem: Understanding and Defending Against Social Engineering Attacks
The most successful method of cyber-attacks continues to be phishing. These attacks cost organizations millions of dollars each year and things are just getting worse. As these attacks intensify and become more refined, technology is failing to keep up and your users will continue to fall prey. To effectively defend yourself against this, you have to understand how the attacks work, including the psychological triggers and tricks the attackers are using. This session will explore the different levers that social engineers and scam artists pull to make your users more likely to do their bidding.
Join Erich Kron CISSP, Security Awareness Advocate at KnowBe4, as he provides fun and engaging examples of mental manipulation in everyday life: from the tactics used by common criminals, to sophisticated social engineering and online scams. Additionally, he’ll look at how you can ethically use the very same levers when educating your users.
- The Perception vs. Reality Dilemma
- Understanding the OODA (Observe, Orient, Decide, Act) Loop
- How social engineers and scam artists achieve their goals by subverting critical thinking steps
- How you can defend your organization and create your human firewall
Erich Kron, Security Awareness Advocate at KnowBe4, is a veteran information security professional with over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the US Army’s 2nd Regional Cyber Center-Western Hemisphere and holds CISSP, CISSP-ISSAP, MCITP and ITIL v3 certifications, among others. Erich has worked with information security professionals around the world to provide the tools, training and educational opportunities to succeed in Information Security.
Lunch11:30 am - 12:00 pm
Break / Vendor Booth Time / Lunch
Keynote Session12:00 pm - 12:45 pm
How the DHS Can Help Protect Your Organization from Cybercrimes
Resilience is the ability to remain viable and sustainable during times of stress. Identification of organizational resilience are expressed in protection and sustainment requirements. The Department of Homeland Security will describe their cybersecurity resources used to support organizations in identifying, defining, and measuring resiliency capabilities.
Break12:45 pm - 1:15 pm
Break / Vendor Booth Time
Session Six1:15 pm - 1:45 pm
Hacking Like a Disney Villain
An educational, fun presentation that teaches about modern hacking methods through short, classic Disney scenes.
Growing up in a small town in the outskirts of Savannah, Matt Hancock dreamed of adventure, travel, and glory. After earning his degree in Marketing, he served 9 years in the United States Air Force. His military service took him around the world. Before coming to Check Point, he flew with the only multi-country flying unit in the world for NATO. Check Point recently sent him to his 25th country, to it’s headquarters in Israel. He has found a new home in cyber security and is passionate about securing Americans from the sophisticated threats we see today.
Session Seven1:45 pm - 2:15 pm
Data Security in a Cloud First World: Secrets, Stories, and Suggestions
Moving to cloud means a lot of changes, and taking a proactive and informed approach to protecting our organizations critical asset – its data – is a key part of cloud security. This presentation will include key insights and tips on addressing the challenge of keeping your data secure in a cloud first world while complying with privacy laws, enabling B2B connections, and maintaining a high quality user experience.
Tim Davis brings over 15 years of experience in IT infrastructure and security to his current role as the VP of Worldwide Solutions Engineering at Bitglass. Proir to Bitglass, Mr. Davis led solution engineering teams at Layer 3 Communications and Brocade Communications, but his interest in information security goes back to the first time he (accidentally) took down a Windows server using NMAP. Outside of information security, Tim enjoys reading, watching good science fiction, and board breaking (literally).
Break2:15 pm - 2:30 pm
Break / Vendor Booth Time
Session Eight2:30 pm - 3:00 pm
Managing Risk in a Digital World
Digital transformation is not only changing how companies think about business. It is changing how we think about risk. We need to *act* on risk, not worry about it. We need to start and end with the basics. In this session we review several key areas of digital risk management to target as you are challenged to be a key contributor in your company’s digital journey.
Alex’s has held various customer facing technical support, professional services and pre-sales roles over his 20-year information security career. Since 2012 he has helped RSA customers and partners deploy RSA SecurID solutions in both a professional services and pre-sales capacity. Most recently while at RSA he engages customers to explore broader strategies for managing digital risk and integrate solutions across organizational departments, bringing stakeholders together for holistic visibility and rapid incident response.
CISO PANEL3:00 pm - 4:00 pm
Scott WilsonChief Security & Privacy OfficerVentiv Technology
Mark Gelhardt, Sr.VP, Technology GovernanceUS Bank
Tamika BassChief Information Security OfficerGeorgia Department of Public Health
Jose MarroquinVP Security Services, Chief Information Security OfficerEncompass Digital Media, Inc.
Walt CarterChief Digital Officer & CIOHomestar Financial Corporation
8:30 am - 4:30 pm210 Peachtree St NWAtlanta, GA 30303(404) 659-1400