| Date and Time | Title | ||
|---|---|---|---|
| Oct 8, 2020 8:30am - 9:00am (Eastern) | Exhibit Floor Open |  | |
| Oct 8, 2020 9:00am - 10:00am (Eastern) | [Opening Keynote] The Resilient Enterprise: Securing the Virtual Workforce Throughout the course of 2020, organizations have seen a transformational shift in the way that businesses operate. As we adapt to new realities, digital transformation has been accelerated in many areas, including how we protect our information assets. From entirely new threats to exacerbating existing threats, Information Security teams are at the forefront of enabling businesses to operate efficiently and securely in the new virtual-first world. We’ll deep dive into considerations that your organization should be making in technology, process, and policy as you work to secure your virtual workforce. | | |
| Oct 8, 2020 9:45am - 10:00am (Eastern) | Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge. | | |
| Oct 8, 2020 10:00am - 10:45am (Eastern) | Cybercrime: What Is the State of Support for Consumer and SMB Victims? How can you support your end users if they are a victim of cybercrime in their personal lives? What kind of resources are available to help SMBs report cybercrime, recover, and reinforce their security? Cybercrime Support Network is the leading public-private partnership serving the victims and coordinating federal, state, and local resources. Join Kristin Judge and James Ellis of Cybercrime Support Network as we explore the current state of cybercrime reporting and recovery, work being done on common language for cybercrime among law enforcement, and a national pilot to build a reporting and information sharing program to capture threats facing consumers and SMBs. | | |
| Oct 8, 2020 10:00am - 10:45am (Eastern) | A Hitchhiker’s Guide to the 2020 National Industry Cloud Exposure Report (NICER) Rapid7 has built upon four years of work measuring the internet for National Exposure Index (NEI) and Industry Cyber Exposure (ICER) reports to create the most comprehensive, modern atlas of internet-facing services to date. This session will provide an overview of the findings, including a comparison of the internet pre- and post-pandemic, along with a guide for how to digest the 150-page deep dive into 24 critical internet protocols and services. | | |
| Oct 8, 2020 10:00am - 10:55am (Eastern) | Practical Considerations When Verifying Your Vendors’ Cybersecurity Controls As businesses grow, it becomes increasingly cheaper, more convenient, and more efficient to rely on third parties to take on certain business functions. However, the security of your organization’s assets is only as strong as the weakest link in your vendor chain. | | |
| Oct 8, 2020 10:00am - 10:50am (Eastern) | [Panel] Data Threats in the Cloud We all know that COVID-19 has forced us into the cloud. We had to, to keep the economy and business going. The cloud can be a wonderful tool for organizations to thrive in, but there are many threats and pitfalls that should be addressed. Do you know what services your staff bought? Did anyone review the terms and conditions? How are you handling identity in the cloud? Is a Zero Trust mindset working in the cloud? Our panelists will dive into the threats to be prepared for and some you might not be aware of! | | |
| Oct 8, 2020 10:30am - 10:45am (Eastern) | Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge. | | |
| Oct 8, 2020 10:45am - 11:30am (Eastern) | Approaches to Justifying Cybersecurity Projects and Spend Feel like you’re not getting enough funding for your security projects or program? Learn to stack the deck in your favor by following four basic rules. Lots of examples will be presented! | | |
| Oct 8, 2020 10:45am - 11:40am (Eastern) | [Panel] Remote Workforce: Lessons Learned Companies had no real choice as we all moved to the “new normal” and a fledgling at home workforce due to the coronavirus outbreak. If you stop and think about it, it was quite the feat—a massive cloud migration the likes of which had never been seen before. Now that things are somewhat settled into a pattern, what are you discovering that should have been done differently? Realizing that a lot of the same things need to be done? How is the network perimeter now? How many devices are suddenly on your networks? IoT devices from the remote workers piggybacking on the home connections? What are the legal challenges now (think reasonable security)? Join us for a panel discussion of security experts. | | |
| Oct 8, 2020 10:45am - 11:30am (Eastern) | Being Our Own Worst Enemy: Sloppy IT Causing Security Incidents IT and the IT Security Team have put in countless controls and tools to protect the enterprise, but are their daily operations and practices causing security incidents? Are the ones with the most privilege the most successful targets in the environment? This topic will shift the focus on the care given to staying safe by the ones who are keeping the environment safe. Don’t be the one who causes the next security incident! | | |
| Oct 8, 2020 10:45am - 11:30am (Eastern) | Navigating Maze: Can You Recover from Ransomware? One-fifth of companies have been hit with ransomware, and yet most companies still rely on hoping they won’t be hit rather than addressing shortcomings and following best practices. The industry has said for years that “it is not if, but when you will be breached,” so let’s set some goals and follow some simple steps to at least make ourselves a less desirable target than the companies that are “giving in.” If we agree that protection is not a guarantee, then we must also accept that recovery is CRITICAL and that the work starts now. Presentation Level: GENERAL (InfoSec best practices, trends, solutions, etc.) | | |
| Oct 8, 2020 11:15am - 11:30am (Eastern) | Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge. | | |
| Oct 8, 2020 11:30am - 12:25pm (Eastern) | The Changing Landscape of Cybercrime and Its Impact The onset of COVID-19 has changed the way we all live, work, and interact. It has been the single most impactful contributing factor to the constantly evolving cybersecurity landscape and the cybercrime threats being faced by private citizens and corporations both large and small in recent history. This impact has been on a global scale as cybercriminals increase the rate, diversity, and complexity of their attacks in the wake of this unprecedented pandemic. Join me for this presentation as I share what I hope will be some valuable insight into what we are seeing and how we must react. | | |
| Oct 8, 2020 11:30am - 12:30pm (Eastern) | Developing an Effective Security Awareness Program Security Awareness is well known for being the “best bang for the buck” out of all the risk mitigation techniques, but is it really? For Security Awareness to be effective, it must change the behaviors of employees and ideally lead to a mature security culture in your organization. Many programs that do not use adult education techniques and neuroscience fail to achieve behavior change—and can even make things worse. Once employees start to have a negative impression about information security, feel helpless, or begin to consider remediation as punitive, great damage has been done to the security culture and this can be difficult to reverse. This fun presentation will help you to gain an understanding about effective Security Awareness program creation and implementation, as well as to build buy-in for a mature security culture. | | |
| Oct 8, 2020 11:30am - 12:30pm (Eastern) | [Panel] No Perimeter: Security in the Cloud Worldwide events have accelerated cloud adoption trends. Organizational reliance on the cloud is at an all-time high. This panel will explore cloud security risks, controls, and best practices to help ensure a secure cloud computing environment. | | |
| Oct 8, 2020 11:30am - 12:10pm (Eastern) | Detect Everything: Bringing Google-Scale Threat Detection to Your SOC Skillful threat detection and investigation starts with a diverse hub of security telemetry to draw from. The Chronicle platform allows security teams to cost effectively store and analyze petabytes of security data in one place, and perform investigations in seconds. Join this session to learn all about what’s new in Chronicle and see it in action with a live demo. | | |
| Oct 8, 2020 12:15pm - 12:30pm (Eastern) | Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge. | | |
| Oct 8, 2020 12:30pm - 1:15pm (Eastern) | The Paradigm Shift: HIPAA, PCI-DSS, Home, and Work Much of the security training that we have put in place has assumed that the large majority of employees would be working at their desk in an office building. In the space of several weeks, that completely changed. The bulk of healthcare workforces now work from home. This has changed the security paradigm, as many healthcare providers based their security around the office. This requires healthcare providers to change security awareness training to refocus on what can be done given the new environment. This session will cover what your organization needs to address in awareness training for work-from-home staff in healthcare, specifically covering HIPAA, printing, home networks, split tunneling, Payment Card Industry – Data Security Standards (PCI-DSS), phishing, and scams. | | |
| Oct 8, 2020 12:30pm - 1:20pm (Eastern) | Cybersecurity in Canada: The Evolution of Legal Trends & How to Respond As cybersecurity and privacy laws evolve, there is a growing need to stay abreast of the changing regulations and compliance obligations. This session will provide an overview of recent legal developments in Canada and best practices for addressing these regulatory changes within your organization. We will explore:
| | |
| Oct 8, 2020 12:30pm - 1:15pm (Eastern) | Security For, From, and With Machine Learning and Artificial Intelligence Technologies As companies look to increase their operational efficiencies and competitive advantage, many are turning to machine learning (ML) and artificial intelligence (AI) to make better decisions faster. With this shift comes new challenges for businesses and security professionals to ensure these technologies remain effective, safe, unbiased, and ethical. Additionally, as AI and ML become more accessible to the masses, there is a growing risk that these technologies could be leveraged to launch sophisticated attacks. In this presentation, we will explore emerging threats related to AI and ML, as well as how security leaders can utilize these emerging technologies to better defend their organizations and respond to sophisticated attacks. Presentation Level: MANAGERIAL (security and business leaders) | | |
| Oct 8, 2020 12:30pm - 1:15pm (Eastern) | How an XDR Approach Helps Speed Response & Improve MITRE ATT&CK Coverage XDR is an emerging industry approach that extends EDR’s insight to a broad range of sources (endpoint, servers, network, email and more). Learn how the XDR approach takes advantage of detailed activity telemetry (not just alerts) from its sources, enabling more meaningful correlation and enabling rapid detection of subtle chains of malicious activity. Higher-fidelity correlated detections mean that alert volumes decrease, enabling faster response. See how network and email telemetry help XDR expand your coverage of MITRE’s ATT&CK frameworks, without resorting to painstaking manual correlation across security toolsets. | | |
| Oct 8, 2020 1:00pm - 1:15pm (Eastern) | Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge. | | |
| Oct 8, 2020 1:15pm - 2:00pm (Eastern) | When Cyber Attacks Get Physical Advancements in technology, especially over the past decade, have resulted a significant increase in the number of connected devices worldwide. While there are plenty of conversations on cybersecurity of connected devices, they are mainly around data protection and privacy issues. The fact of the matter is, a percentage of these cyberattacks can cause physical harm to humans. Although this issue is important, it does not often get the attention it deserves.
This presentation focuses on a few cyberattack scenarios on connected devices which may pose safety risks for the user/operator, including: medical devices, connected cars and car wash systems. | | |
| Oct 8, 2020 1:15pm - 2:05pm (Eastern) | [Panel] Threat Landscape in Flux: Emerging Threats The attack surface is shifting, threat actors are adapting, and security teams must also pivot. This panel will take a dive into various attack vectors, security gaps, and emerging threats organizations are now facing. | | |
| Oct 8, 2020 1:15pm - 2:05pm (Eastern) | Hey, Information Security: Be Part of the Digital Transformation or Be Left Behind! “Digital transformation” (Dx) as a buzzword may be approaching the end of its life, but the fundamental concept—continuously improving the use of technology and data to provide value to customers—is real and critical to the survival of businesses. If information security teams don’t evolve to deliver the same Dx value and benefits to our organizations, then we risk losing our “customers” to intentional circumvention or preference for shadow IT providers. Make sure your information security team provides the core Dx attributes to your organization to cultivate value, loyalty, and trust.
Join this session to learn how you can: Presentation level: MANAGERIAL (security and business leaders) | | |
| Oct 8, 2020 1:15pm - 2:10pm (Eastern) | The DoD’s Cybersecurity Maturity Model Certification (CMMC) Is Coming – Are You Ready?
| | |
| Oct 8, 2020 1:45pm - 2:00pm (Eastern) | Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge. | | |
| Oct 8, 2020 2:15pm - 3:05pm (Eastern) | [Closing Keynote] The New National Cyber Power Index: Which Nations are Truly the Most Powerful in Cyber? Think you know which countries are the most powerful in the cyber realm? You may have some surprises coming. Julia Voo and her fellow researchers just published a first of its kind ranking called the National Cyber Power Index (NCPI). The research ranks cyber super-powers on a “whole of country approach.” The NCPI measures government strategies, capabilities for defense and offense, resource allocation, the private sector, workforce, and innovation. And its assessment is both a measurement of proven power and potential. Julia will unpack key findings, including areas where the U.S. and Canada are ranked lower than countries like Russia and China. Following this presentation and fireside chat, you may view cyber power in a brand new light. | |
 | |||
Agenda
|
|