Data Connectors is proud to host the Cybersecurity Strategies Conference.
Check-in and opening introductions8:15 am - 8:45 am
Session One8:45 am - 9:15 am
7 Security Mindsets to Adopt Today
It can be easy to get caught up in thinking if you just had that new shiny device, your network security burden would be lighter. The reality is that no one device can solve your problem, and these days it takes a completely new perspective to tackle security in the real world. In this presentation, we’ll discuss 7 security mindsets – some new, some old – and how they can help you make smarter, more practical decisions about protecting your network.
Break9:45 am - 10:15 am
Break / Vendor Booth Time
Session Three10:15 am - 10:45 am
Why attackers love email and what you can do about it
Do you have a minute? 1 minute 40 seconds to be exact? That’s the median time-to-first-click in most phishing expeditions. While we celebrate all that humans can accomplish with the help of technology, we must also be cognizant of the dangers affiliated with humans and technology. How can you as a leader educate your people? How can you encourage them to take a minute to THINK before clicking?
In this session, you’ll learn:
- How your email can be used as an entry point for multiple types of attack
- The damaging impact attacks have on organizations
- Why your employees could be the weakest link in your email security
- How to enhance your email security and thus your overall cyber resilience
Session Four10:45 am - 11:15 am
Reducing Cyber Exposure for the Modern Attack Surface
The attack surface for today’s IT landscape is a far cry from the past. Once focused on protecting traditional data centers, cybersecurity professionals are increasingly guarding a complex litany of modern assets like cloud instances, web-based applications, mobile devices, application containers and more. Failure to appropriately manage the unique characteristics of these technologies as a whole can jeopardize the entire risk management program. Join us for a discussion on how companies can reduce their risk and close their overall cyber exposure gap resulting from today’s challenging attack surfaces.
Break11:15 am - 11:45 am
Break / Vendor Booth Time / Lunch
Session Five11:45 am - 12:30 pm
A new approach to email security for Office 365
For hackers, Office 365 is the new black!
Because a simple set of Office 365 credentials can give you access to sensitive documents, applications and confidential business information, Office 365 is now the go-to place for cybercriminals looking to make a fast and high profit.
Each day these hackers implement new and always more creative phishing and spear-phishing attacks, that easily bypass the traditional email security solutions.
Discover what their techniques are, and learn what you can do to prevent cybercriminals from breaking into your organization with just a single email.
Break12:30 pm - 12:45 pm
Break / Vendor Booth Time
Session Six12:45 pm - 1:30 pm
Automating Security Integrations at Scale
Organizations are deploying a plethora of security solutions in their networks and yet cybercrime continues to extract its toll. The challenge is not that companies don’t have enough security solutions, but rather that the tools are siloed and do not work together in an automated fashion to respond to incidents quickly. During this session we will discuss streamlining threat intelligence operations and cover topics such as: how security automation at scale drives productivity in any organization, managing increasing global regulations on breach response, the shortage of skilled security resources, keeping operations agile, enhancing visibility across your network, how to put security into your infrastructures without being obtrusive, harmoniously integrating your operational processes with those of your enterprise, and how and where to test security.
Geoff is an Architect, Systems Analyst, and Threat Intelligence Consultant. He has been involved in the design and integration of next generation computing and communications systems for more than two decades and is currently a Distinguished Engineer and Senior Manager of SMEs for Infoblox Inc. There he is responsible for design, development, and securing of systems for large scale network intelligence infrastructures for fortune 500 companies.
Geoff draws on a diverse background that began with a Masters degree in physics, a post graduate career in research computing at the University of Sydney, digital film production including visual effects for such films as ‘The Matrix’, and the Technology Director for News Corporation’s News Interactive where he managed the design and development of five of Australia’s top ten websites.
Geoff was then convinced to become the Senior Engineer for the InteropNet Network (eNet and iLabs) where he was responsible for the design and delivery of the world’s largest state-of-the-art temporary network. He has since spent more than 15 years as World Wide Principal Architect, Professional Services Consultant, Sales Engineer, SME Manager, and part time Product Superintendent for Infoblox.
Session Seven1:30 pm - 2:00 pm
Instilling a security first mindset that permeates across everything that you do within your organization is vitally important in today’s world. Delve into some fundamental techniques that can be employed to make security the norm rather than the exception.
Break2:00 pm - 2:15 pm
Break / Vendor Booth Time
Session Eight2:15 pm - 2:45 pm
The Anatomy of a Phish
The reality is that one of the most common forms of cybercrime is when you respond and fill out information to phishing emails. Phishing in all its various forms is here to stay, and we as users need to wise up to attackers’ ploys at getting our private information.
Join us as we dissect a Phish and delve into the world of phishing as we create our own Phish.
Session Nine2:45 pm - 3:15 pm
Turning down the noise: The fundamentals of protecting your business
“Turn down that noise!” I suspect that at some point in your life you’ve uttered those words or perhaps had them spoken to you. In my case it was my parents telling me to turn down my music when I was a teenager. What I never understood was why they viewed my music as noise. To me, it was a symphony of sounds that I connected to in a variety of ways. I realized, as I got older, that noise was really just another term for “I don’t understand that or it is confusing and I don’t connect with it.”
Sometimes it’s just about volume. Sometimes it’s about the lyrics and sound.
One area where there is a lot of noise is cybersecurity. The industry buzz words keep getting louder and louder…Artificial Intelligence, machine learning, and automation amongst other emerging technologies. The threats are continually echoed via the media…Ransomware, Zero-Day, Business Email Compromise, Data Leakage. What does it all really mean to your business? Advanced technology is great, but what are you covering the basics well enough?
Alain will focus on turning off the noise and tuning into the fundamental processes and technologies that will help protect and support your small to medium size business.
Alain Espinosa, Director of Security Operations, MSS, Online Business Systems. Alain brings more than 21 years of cybersecurity and IT experience spanning various companies and industries, ranging from non-profit organizations to global enterprises including Siemens and Google. Alain has also been featured on NBC News regarding ID theft, juice jacking, ATM skimming, and other personal security concerns. He has written for multiple publications and has presented as a keynote speaker at a number of conferences throughout the country. Currently, Alain serves on the board of directors for the InfraGard National Members Alliance, a partnership between the FBI and members of the private sector, where he helps lead efforts to protect the 16 critical infrastructures of the nation. Currently, he is the Chairman of the InfraGard Technology Committee which recommends and implements technology for the organization and partners with the FBI on technology roadmap.
Break3:15 pm - 3:30 pm
Break / Vendor Booth Time
Session Ten3:30 pm - 4:00 pm
Enabling effective security in a DevOps world
The cloud-native stack, with containers and orchestrators, both simplifies and complicates security. On the one hand, the infrastructure itself enables a lot of new security techniques, given that containers are much more isolated in nature and it’s practical to kill containers that aren’t doing what they’re supposed to do since that no longer means killing the whole app. But at the same time, the landscape changes the attack surface, introducing new points of entry such as the orchestrator. This presentation will cover how security changes in a cloud-native world, what’s needed to operationalize security for this infrastructure, and how DevOps and Security teams can work more closely together in this world.
With a passion for building disruptive products, Ali is Co-founder and CTO for StackRox, where he oversees the company’s technology strategy and roadmap. Prior to StackRox, Ali was the Founder & CTO of Cyphort and led the company’s product strategy, research, and technical initiatives, including the Threat Research Lab. Previously, Ali advised numerous Fortune 100 companies, including Google, Microsoft, PwC, and Visa. Ali has also worked with government intelligence agencies and defense contractors.
Session Eleven4:00 pm - 4:45 pm
Managing Up: Creating a Compelling Executive Justification for Improving Detection and Response
Threats are up, resources are down, and executive expectations are somewhere between unreasonable and impossible. Organizational leadership typically understands the least about IT security, yet when it doesn’t work, their jobs may be on the line (as well as your own). The question is: How do you position IT security spend most effectively to avoid the hefty negative impact of a security breaches once they inevitably occur?
The speaker will present ideas on conducting a conversation focused on risk management of foreseeable events, with examples of outcomes to avoid the negative consequences. He will share ideas you can use to improve your own detection and response capabilities, plus describe the benefits of managed detection and response and cost avoidance options. You’ll come away with the business case for these improvements that is quite compelling.
Michael has 30 years of experience in information security, as a practitioner, consultant, executive and entrepreneur. As former Chief Information Security Officer for the City of Seattle, Michael managed information security policy, strategy, and operations for 30 government agencies. Prior, Michael was the Managing Consultant for VeriSign Global Security Consulting and in that role provided expertise for hundreds of organizations, from Fortune 100 to small private colleges, and in nearly every sector.
Michael is former Vice-Chair for the DHS State, Local, Tribal and Territorial Government Coordinating Council. His awards include Member of the Year with the Association of City and County Information Systems (ACCIS), and Collaboration Award from the Center for Digital Government. Michael recently served as a Policy Advisor for the State of Washington Office of the CIO.
Session Twelve4:45 pm - 5:15 pm
AV, EDR, NGAV…What’s Next in Endpoint Protection?
Antivirus has been around since the 1980s. How did it evolve in the past decade? What about hot machine learning-powered Next Generation Antivirus products promoted by well-funded startups? Or should we assume compromise and focus on the Endpoint Detection and Response (EDR) instead? What are the pros and cons of these approaches and where is endpoint security going next?
This interactive presentation will discuss the reasons behind the vulnerable state of endpoint security and include a demo of the infamous Rubber Ducky that remains practically unstoppable by today’s endpoint protection products.
You will leave the presentation with the following knowledge:
- Understand the current state of endpoint security and latest attacks
- Explore available endpoint protection tools, including Endpoint Detection and Response (EDR)
- Learn about benefits and shortcomings of modern endpoint protection tools and approaches
- See an advanced file-less attack in action
- Learn the latest best practices and solutions that promise to reduce threat surface and minimize breaches
Download the Presentation
Rene Kolga, CISSP, has over 20 years of industry experience, including expertise in endpoint protection, insider threat, encryption and vulnerability management. Rene runs Product teams at multiple Silicon Valley startups as well as Fortune 500 companies, including Symantec, Citrix, Altiris, ThinAir and Nyotron. Earlier in his career, Rene managed Customer Success and QA teams. Rene earned his Computer Science degree from Tallinn University of Technology. He also received an MBA from University of Utah. Rene frequently speaks on security topics at industry conferences like BlackHat, Gartner and (ISC)2 as well as provides commentary for publications like Forbes, CNN, US News and others.8:00 am - 5:00 pm4099 Valley View LaneDallas, TX 75244972-385-9000