Data Connectors is proud to host the Cybersecurity Strategies Conference.
CHECK-IN AND OPENING INTRODUCTIONS8:15 am - 8:45 am
Session One8:45 am - 9:15 am
State-of-the-Art Security Event Analysis ( AI / ML / Expert Systems / Probabilities )
In this talk, we’ll discuss how new approaches and technology advances allow Security Operations teams of all sizes to finally have the capacity of Fortune 100 Companies. Your small team can analyze billions of incoming security events daily using state-of-the-art techniques such as AI, ML, Expert Systems, and probabilistic math. We’ll also discuss the pros and cons of each of these approaches.
Raj is currently part of the Respond team focused on helping organizations with automation of Security Operations. Prior to Respond, Raj held Field, Product management and Development roles at Fortify Software, WorkSoft, Rational Software, and Pure Software focusing on SDLC and security.
For a copy of this presentation, please contact Jane Dunne – Jane@respond-software.com
Session Two9:15 am - 9:45 am
The Bots are Coming!
Actually, they are here. They now represent over 50 percent of internet traffic. But not all bots are bad. There are many good bots, such as chat bots and search engine bots, that we rely on in our day-to-day digital lives. You do need to know the difference and take control of your bot traffic—they cannot be ignored and you cannot just block them all. In this presentation, we will look at the growth of bots, good bots versus bad bots, what to look for in a bot mitigation solution and a few use cases.
Sandy Caiado is a Solutions Engineer at Oracle Dyn, an Oracle Cloud Infrastructure global business unit. She is part of the sales team and her focus is working with customers, partners and prospects in connecting and protecting their web assets with our secure edge services (DNS and Web Application Security). She has over 18 years of work experience in helping clients solve their business challenges. Before joining Dyn, she worked as a Solutions Engineer at Progress Software. Sandy graduated from Merrimack College and lives in NH with her family.
For a copy of this presentation, please contact Nathalie Peterson – firstname.lastname@example.org
Break9:45 am - 10:15 am
Break / Vendor Booth Time
Session Three10:15 am - 11:00 am
Outcomes Based Approach through Cyber Security Leadership
What if by looking at the result first, programmers realized they need to bake security into their DevOps lifecycle? How would your risk profile change if project managers were able to build the NIST framework into their projects from the start? What if you could start with privacy regulations instead of retrofitting? To answer these questions everyone at your organization needs to take responsibility for security and become a cyber security leader. Helping build security leadership in your organization can distribute the weight of GRC programs, build awareness and lower risk. In this session we will discuss practical tools and methods you can use to enable managers, developers, and program owners to take an outcomes based approach to security. By starting first with the desired result then looking at how security gaps can be filled you can encourage your organization to find what solutions they need to take a pragmatic approach to breach defense, privacy, and application development. Join me in an interactive session where we will uncover the end goal vision needed to enable cyber security leadership at your organization.
Simon Puleo CEH (Certified Ethical Hacker) is a trainer by day and a security researcher at night. In his role as a Global Enablement Manager at Micro Focus he educates employees, partners and customers on taking a holistic approach to security, managing risk, and developing leadership skills. Simon is actively engaged in researching the cyber-threat landscape and sharing his perspectives in seminars and articles.
For a copy of this presentation, please contact Vicky Brooks – email@example.com
Session Four11:00 am - 11:30 am
The Evolution of Zero Trust: Next Gen Access
Zero Trust security throws away the idea that we should have a “trusted” internal network and an “untrusted” external network. The adoption of mobile and cloud means that we can no longer have a network perimeter-centric view of security; instead, we need to securely enable access for the various users (employees, partners, contractors, etc.) regardless of their location, device or network. There is no silver bullet when it comes to achieving a Zero Trust security architecture, but identity and access management is the core technology that organizations should start with on their Zero Trust journeys.
In this session, we’ll explore the shifts in the security landscape that led to the creation of Zero Trust, what the Zero Trust Extended Ecosystem (ZTX) framework looks like today, and how organizations can utilize Okta as the foundation for a successful Zero Trust program now, and in the future.
Harjeev Dhingra is a Sr. Solutions Architect on the Sales Engineering team at Okta. He has around 18 years of vast experience in Identity and Access management domain. Starting his career in Network/Enterprise Monitoring tools like Unicenter TNG and Tivoli Enterprise Console, he quickly moved into implementing & architecting Security Solutions from eTrust suite to more sophisticated Privilege Identity and Governance products of recent times both on-premise and in cloud.
At Okta, he focuses on both IT & API Security products ranging from SSO, Adaptive MFA, LCM (Provisioning/Deprovisioning), UD (Universal Directory), OAuth-as-a-Service to more recent offerings on Advanced Server Access from ScaleFT acquisition.
Harjeev holds CISSP certification, and was previously an Enterprise Solution Architect at CA Technologies.
Lunch11:30 am - 12:00 pm
Break / Vendor Booth Time / Lunch
Keynote Session12:00 pm - 12:45 pm
Cyber Prevention and Prosecution
A case study in the FBI’s efforts to assist companies following a cyber attack and to prevent further harm while collecting digital evidence needed for successful prosecution.
Justin M. Vallese is a Supervisory Special Agent with FBI Los Angeles who manages a computer intrusion squad comprised of Special Agents, Intelligence Analysts and Computer Scientists. This squad is responsible for conducting counterterrorism, counterintelligence and criminal computer intrusion investigations which impact the greater Los Angeles area. SSA Vallese is also responsible for outreach and liaison with private sector partners, as well as interfacing with the FBI’s Cyber Division. SSA Vallese has investigated and managed a variety of the most significant computer intrusion matters including an international hacker-for-hire conspiracy, celebrity hacking and stalking cases, a Chinese-government backed intrusion conspiracy which led to the arrest and US prosecution of Su Bin, the Sony Pictures intrusion, the WannaCry ransomware outbreak and a number of financial institution intrusions. Prior to his work in the cyber arena, SSA Vallese was assigned to work Financial Crimes, Internet Fraud, and Intellectual Property Rights investigations at the FBI Los Angeles.
Break12:45 pm - 1:00 pm
Break / Vendor Booth Time
Session Six1:00 pm - 1:30 pm
Changes in the Phishing Threat Landscape & Security Controls
New kinds of social engineering and direct-to-browser attack vectors are evading existing multi-level security controls. Next-gen antivirus and similar technologies are making it harder for bad actors to deliver malware successfully, so they have become more sophisticated in delivering phishing and social engineering attacks.
This presentation will highlight:
• How the phishing threat landscape has changed
• Techniques, tactics, and procedures for the new generation of evasive phishing threats
• What is required for modern phishing threat detection
Grant Suzuki has over 20 years of experience in the cyber security industry in technical roles. In his current role as Sr. Director of Technical Services at SlashNext, Grant is using his deep expertise to help customers improve their future security posture.
For a copy of this presentation, please contact Lisa O’Reilly – firstname.lastname@example.org
Session Seven1:30 pm - 2:00 pm
How They Bypass Office 365 Security
The move to SaaS has changed the phishing landscape: your Office 365 inbox is the #1 threat vector and your Office 365 credentials are their #1 target. In this talk, we will demonstrate the techniques attackers use to bypass Microsoft’s defenses. Learn how they use Microsoft’s own services to fool filters and utilize built-in tools to launch them internally–bypassing your email security gateway.
During this session, we’ll demonstrate how to protect Office 365 from:
- Email-based phishing, spoofing, and malware
- Account takeover, insider threats, compromised Microsoft credentials
- Loss of sensitive data from OneDrive, SharePoint and Office 365
Break2:00 pm - 2:15 pm
Break / Vendor Booth Time
Session Eight2:15 pm - 2:45 pm
2019 Internet Security Threat Report (ISTR): The New Threat Landscape
Join Symantec for a discussion on the key findings from Symantec’s Annual Internet Security Threat Report (ISTR). The report provides an overview of the threat landscape, including insights into global threat activity, cyber-crime trends and attack motivations.
The report analyzes data from the Symantec Global Intelligence Network, the largest civilian threat intelligence network in the world, recording events from 123 million attack sensors worldwide, blocking 142 million threats daily while monitoring threat activity in over 157 countries.
This presentation will highlight key findings from the report including:
- Formjacking was the breakthrough threat of 2018, as cryptojacking and ransomware show signs of decline. However, ransomware infections within enterprises jumped by 12 percent.
- Living off the land and supply chain attacks are now a staple of the new threat landscape.
- Cloud users facing challenges on multiple fronts through data leaks from cloud storage and low-level chip vulnerabilities with more than 70 million records stolen or leaked.
- Targeted attack groups show increasing interest in operational & industrial control systems with the potential for sabotage.
For a copy of this presentation, please contact Jillian Ackerly – email@example.com
Break2:45 pm - 3:00 pm
Break / Vendor Booth Time
Session Nine3:00 pm - 3:30 pm
Why Cybersecurity is Inside Out
In this presentation, I will outline why I believe that the current cybersecurity landscape is broken and offer practical advice to help security pros prioritize their time to avoid becoming the next headline.
I will talk about whether a more data-centric approach to security would help organizations reduce the risk of data breaches and non-compliance, and offer some advice as to current cybersecurity trends and practices to look out for in 2019.
Aidan has worked in the IT industry for over 22 years in various capacities. As the CEO of Lepide, provider of award-winning Data Security Platform, Lepide Auditor, Aidan is able to apply his wealth of cybersecurity expertise to help grow and expand the business. Aidan also participates in numerous cybersecurity talks and hosts the popular YouTube show, CISO Talks.
For a copy of this presentation, please contact Philip Robinson – firstname.lastname@example.org
Session Ten3:30 pm - 4:00 pm
5 Ways to Bypass PAM
Let’s learn about how unmanaged credentials over the past 10+ years could still be accessible to insider and outsider threats and how to clean up a commonly ignored or even forgotten issue.
Jimmy Mills is a Senior Solutions Architect for SSH.COM and has worked with several large enterprises assisting and overseeing SSH Key Management remediation projects. He has 20+ years experience coming from Unix Engineering and Access Management roles before joining the thought leadership team at SSH.
Session Eleven4:00 pm - 4:20 pm
Protecting Your Digital Supply Chain
The Zero Trust Imperative of Third-Party Risk
It’s been estimated that more than 60% of the most severe breaches in recent years were a result of compromised third party suppliers, customers, and partners. The overwhelming need to share critical business information across the extended enterprise combined with a complete lack of control over third party security creates a fragmented and exponentially expanding threat surface that permeates the digital supply chain of every industry. In 2019, there is no such thing as a trusted third party. How do you protect your business, when you don’t know who you can trust?
CISO PANEL4:20 pm - 5:00 pm
Secrets of Superstar CISO Success
CISOs aren’t born, they’re made. And tested. Constantly. With obligations like protecting employees and digital assets from data breaches, and demonstrating compliance with a daunting number of internal policies and industry regulations, CISOs have a lot on their plate. So, what’s the secret to CISO success? Similarly, what differentiates a strategic CISO from a tactical CISO?
This panel, “Secrets of Superstar CISO Success,” will seek to answer these questions with perspectives on:
- How to prepare today for the threats of tomorrow
- Charting a security strategy that protects and supports the business
- How to earn a seat at the executive table
- What you know now that you wish you knew then
We hope you’ll join us for this informative and enlightening panel.
Cliff VazquezDirector Cybersecurity ServicesCapgemini North America
Frank GillmanChief Information Security OfficerLewis Brisbois
Jake MargolisChief Information Security OfficerMetropolitan Water District of Southern California
Webb DeneysSVP & Chief Information Security OfficerStearns Lending
8:15 am - 5:00 pm5711 West Century Blvd.Los Angeles, CA 90045310-410-4000