Phoenix Cybersecurity Conference

September 19, 2019

Data Connectors is proud to host the Cybersecurity Strategies Conference.

State of the Art Security Event Analysis

In this talk, we’ll discuss how new approaches and technology advances allow Security Operations teams of all sizes to finally have the capacity of Fortune 100 Companies. Your small team can analyze billions of incoming security events daily using state-of-the-art techniques such as AI, ML, Expert Systems, and probabilistic math. We’ll also discuss the pros and cons of each of these approaches.

Speaker’s Bio:

Raj is currently part of the Respond team focused on helping organizations with automation of Security Operations. Prior to Respond, Raj held Field, Product management and Development roles at Fortify Software, WorkSoft, Rational Software, and Pure Software focusing on SDLC and security.

Protection From Today’s Biggest Threats

In this session, we will cover some of today’s biggest threats, including Emotet and CryptoJacking. You’ll also learn how they attack, and what you can do to protect yourself. Many organizations already have the means to protect themselves, but are they using them properly? Are you doing the right things across your company?

Speaker’s Bio:

Kris is seasoned engineer in the IT industry, having previously spent time at MSPs and Cloud Service Providers before joining the Sophos team. He understands the complex challenges companies face to maintain security and compliance in an ever-evolving threat landscape, and he continually strives to help companies stay ahead of the bad guys. Currently Kris serves as a Sr. Sales Engineer on the Arizona/Nevada team, affectionately known as Area51.

Break / Vendor Booth Time

Zero Trust in Practice: Identity Drives an Adaptive Workforce

Zero Trust is quickly becoming the dominant security model for the cloud, shifting the perimeter from the network to the people and devices that make up a modern workforce. As a model with many moving parts, the immediate question is where to start?

This session will focus on:

• The full Zero Trust reference architecture and steps to get there
• Why Identity is the foundational layer to build contextual access controls from

Download the Presentation

Speaker’s Bio:

Dalton began his career as an IT Sys Admin for 5 years. He then joined an Information Security Consulting company in Orange County, CA for a few years. Dalton has worked for the last three years with Okta, two years deploying Okta as a Technical Consultant to some of our largest customers in SoCal and the Pacific NW and then last year as an Enterprise Sales Engineer.

Serving in Silence: The Latest in Attacker Techniques and Defensive Mitigations

Are you interested in the techniques used by real-world attackers to covertly gain access to target networks? Do you find it challenging or near impossible to filter out the noise in the cybersecurity industry to identify the defensive controls or configurations that actually work? This presentation will discuss the latest in real-world offensive techniques, and corresponding defensive mitigations based on the results from attacking hundreds of different environments with a variety of products and countless configurations. Learn about the latest in initial access techniques, cloud infrastructure attacks, and covert C2 comms.

Kaden’s Bio

Kaden Pieksma is the Director of Operations at Silent Break Security where he has worked for 3+ years. His current responsibilities include physical penetration tests, social engineering, sales, and management. Coming from a background in business management and sales, Kaden merges business strategy with his passion for information technology and security.

Break / Vendor Booth Time / Lunch

Mike Lettman is a recognized technology leader with over 30 years of experience in government information, security and technology. As the State Chief Information Security Officer (CISO), he provides strategic direction for information security to over 130 public agencies. With a focus on statewide enterprise and standardization efforts, Mike leads the Security, Privacy and Risk team for the Arizona Strategic Enterprise Technology (ASET) Office. With alignment to the State’s Strategic IT Plan, he ensures and enhances the State of Arizona’s security and safety.

Currently Mike is also the acting Chief Information Officer (CIO). Mike has stepped in to continue the incredible transformation and change that was started three years ago.

Mike’s responsibilities include identifying, developing, implementing and maintaining processes across the State to reduce IT risks. He is responsible for incident response, establishing appropriate standards and controls, and directing the establishment and implementation of policies and procedures. Mike is also instrumental in building relationships with a variety of partners including the MS-ISAC, Department of Homeland Security, and the FBI.

Prior to his work for the State of Arizona, Mike served as the Chief Information Security Officer (CISO) for the State of Wisconsin and previously as the Chief Technical Officer for the State of Wisconsin’s Department of Justice. In addition, he was the State of Wisconsin’s advocate for security awareness representing a variety of industry committees including Wisconsin’s Cyber Terrorism task force.

Mike holds a Bachelor of Science in Management and Computer Science from the University of Wisconsin and remains an active member of the Arizona Fusion Center and the co-chair of the Multi State Information Sharing and Analysis Center (MS-ISAC) SCADA work group.

Break / Vendor Booth Time

Stay ahead of the data privacy regulation landslide with good security practices

Data privacy is the new “black”… But unlike GDPR in the European Union, US citizens’ data is trending to be governed by various individual state legislation, which is going to become a real challenge for any company that may have/collect personal identifiable information (PII)… and by the way, the definition of PII is growing. This session will cover how you can get ahead of it now through foundational security controls.

Speaker’s Bio:

Katie McCullough provides direct leadership over Information Security, Governance, Risk and Compliance (GRC). She is responsible for overseeing and driving strategic IT security planning and compliance efforts so the company can deliver custom IT solutions to customers.

As the CISO, Katie is accountable for ensuring OneNeck services are built and managed according to the foundational security principles of Confidentiality, Integrity and Availability (CIA). To achieve the CIA triad, she works closely with the OneNeck teams accountable for adhering and improving professional IT services based on key industry best practice frameworks such as ISO, ITIL and the National Institute of Standards and Technology (NIST) Cybersecurity Framework. In addition, she oversees the employees who work to minimize, identify and address information security risks. Under Katie’s guidance, these teams maintain a compliance and certification portfolio that is relevant to customers including: EU–U.S. Privacy Shield Framework, General Data Protection Regulation (GDPR), SSAE 18 examinations, PCI Data Security Standard validation, and HIPAA and HITECH examinations.

Prior to joining OneNeck in September 2011, Katie spent 13 years in various technical and management roles within a prominent managed IT security services provider in the Midwest.
Katie holds a Bachelor of Science in Computer Science from Southern Illinois University at Carbondale.

Deception Technology, Luxury Item or Lifeline?

A common deception technology misconception is that it is a luxury item meant only for companies with mature security operations or large budgets. This session will provide insight into how deception has evolved, its fit within the security stack, and why organizations both large and small are turning to deception for accurate detection, building predictive defenses, and accelerated incident response. Join in to hear about real-world deployments and top use cases. Attendees will leave with insight into the value and benefits that defenders have realized from adding deception into their security operations programs and why it is often a lifeline for defense against today’s advanced attackers.

Break / Vendor Booth Time

PROTECT WHAT MATTERS: Creating A Defensible Audit Position In A Collaborative Economy

Three new challenges to information confidentiality and integrity. First, third-party providers are the newest “weak link” in our infrastructure; second, attacks are increasingly focused on damaging data integrity; and third, perimeter-based defenses are no longer a sufficient strategy to protect trade secrets.

Employees expect the flexibility to collaborate and share sensitive information externally, with suppliers, vendors, and customers, but you have regulatory and fiscal obligations to protect it, anywhere and always.

Key Takeaways:

New approaches for securing data across the organization
Lessons learned from a data-centric model
Considerations (and risks) when making the shift

Speaker’s Bio:

John Morton is a Senior Solutions Engineer who brings to the table many years of helping customers solve cybersecurity problems of all types. Having been on both sides of the fence, now as a solutions provider and previously as a practitioner with the US Navy & Federal government, John is a veteran in merging day-to-day cybersecurity efforts – always protecting the enterprise and a keen knack for actively hunting for the threat.

Cybercrime Tactics and Techniques Report

A significant uptick in threats aimed at businesses were reported in Q1 2019 from the same time last year. Companies need to take control against these increases in cyberthreats by remediating at scale, quickly mitigating attack impacts through isolation, and proactively hunting for threats before they execute.

Key takeaways:

• Significant increases in overall threats, Emotet, ransomware, and its impact on your enterprise
• How Mac, mobile malware, and especially adware are on the rise
• User concern about the safety of their personal information, and how organizations are failing to protect their data
• What it takes to create a resilient enterprise

Download the Presentation

Break / Vendor Booth Time

High-Margin, Low-Maintenance: Reselling Native Office 365 Email Security

Harvesting Microsoft Office 365 credentials is now the most profitable activity for cybercriminals. That’s why, in Q2, Microsoft was the most impersonated brand, with 27% more attacks than #2 PayPay. While credential phishing is a serious enough threat, it’s just the beginning. Hackers are increasingly using compromised legitimate Office 365 accounts to launch even more damaging spear phishing attacks.

Discover how to grow your business—and margins—by reselling Vade Secure’s email security add-on for Office 365. We’ll walk you through the solution’s native O365 integration, including its unique advantages over gateway products. We’ll show you how we leverage patented AI and machine learning to block unknown phishing, spear phishing and malware attacks. Lastly, we’ll introduce our new auto remediate feature and how you can offer ancillary threat remediation services to clients to further grow your business.

Speaker’s Bio:

Trey King is a Solutions Architect with Vade Secure and has more than ten years in various aspects of security (systems, networking, software development, and email). He loves code, surfing, understanding things on a granular level, and thinks he is funnier than he really is.