Nashville 2020

Today, 94% of cyber-threats still originate in the inbox. ‘Impersonation attacks’ are on the rise, as artificial intelligence is increasingly being used to automatically generate spear-phishing emails, or ‘digital fakes’, that expertly mimic the writing style of trusted contacts and colleagues. Humans can no longer distinguish real from fake on their own – businesses are increasingly turning to AI to distinguish friend from foe and fight back with autonomous response. In an era when thousands of documents can be encrypted in minutes, ‘immune system’ technology takes action in seconds – stopping cyber-threats before damage is done. Find out how in this session.

With the sudden shift of the global workforce from in-office to remote, IT teams quickly transformed their operations to accommodate the new realities of business — including large-scale adoption of work-from-home technologies, heightened activity on customer-facing networks, and greater use of online services. While these examples of agility allowed business to continue, they also greatly increased the risk of misconfigurations and cyberthreats. Now, it’s looking like they could be here to say for a while. On top of that, bad actors have wasted no time trying to exploit new vulnerabilities. In the past several weeks, we’ve seen ransomware attacks affect several major organizations. These attacks come on the tail of a surge of attacks across the board brought on during the pandemic, as hackers scanned and took advantage of new workloads, and vulnerable VPN connections and misconfigurations left the gates to the network open.
When attacks like these make headlines, panicked board members have one question for CISOs: how can we be sure that won’t happen to us? We will share top strategies for CISOs to lead board-level conversations about risk management amidst the stark new realities

We all know that the operating paradigm in which business is conducted changes on almost a daily basis, yet the way we defend the sensitive data within our business has remained static for nearly 3 decades. Perimeter security is not sufficient, and that’s why we have embraced the concept of Securing the Breach by protecting the data at rest, in transit and in motion utilizing a three step approach of strong centralized key management, encrypting the data and controlling access thru identity access management.

This presentation will address our three step approach to data protection and how it can enable organizations to meet compliance mandates, mitigate risk and secure their infrastructure from on premise to the cloud.

Gain insight on how to prepare for the breach and protect what truly matters—your data.

When threat actors exploit weaknesses in an organization’s IT infrastructure, the consequences can be devastating to productivity, reputation, and financially. Without treating cybersecurity as an ongoing process, hackers can find, weaponize, deploy, and attack your infrastructure faster than your team can patch the vulnerability leaving your infrastructure unprotected. Your systems may be secure today, but next week, a cybersecurity criminal may discover and exploit a critical vulnerability in your environment. Join us as we discuss how continuous vulnerability management can be executed effectively.

Security teams today are being overwhelmed by the massive amounts of data collected by their various protection tools and in most cases, these security teams do not have the budget to hire external Security Operations Center (SOC) analysts. As such, companies are looking to implement an automated response system by using SOAR (Security Orchestration, Automation and Response) tools in an effort to relieve some of the burden on their already understaffed security teams and increase efficiency.

In a recent survey of more than 1,400 IT security professionals, 79% reported that their organization has existing automation tools and platforms in place (29%) or are planning to implement them within the next six months to three years (50%). However, this is not a simple solution for many companies as the successful implementation of automation requires a well-trained and educated team. In fact, 56% of organizations from this same survey indicated that they don’t currently have the in-house expertise required to effectively use these tools. This presents a problem as the shortage of gap between workforce demands and skilled cyber security professionals in the field is larger than ever and steadily increasing. According to another report, it is projected that by 2021, 3.5 million cyber security jobs will be unfilled; that’s a 350% increase in open positions from 2013 to 2021.

This panel will provide an understanding on SOAR tools, the importance on training your security team to understand and leverage these tools to more rapidly detect and respond to threats, and ways to attract and retain talent.

Modern tools such as SNIPR and Modlishka make it easier for hackers to launch large-scale automated attacks, bringing credential re-use and two-factor-authentication attacks to record highs. How did we get here, and will mainstream adoption of passwordless security have an impact?
We will explore how the rise of virtual desktop infrastructure has affected workstation login and review how the evolution of authentication has impacted organizations’ identity and access management systems.
In this session, you’ll learn:
• Why is Credential Reuse at All-time Highs?
• How has Authentication Evolved?
• Why this is the Passwordless Decade

The coronavirus pandemic has left the world looking very different at the end of the quarter than it did at the beginning.

For starters, millions of workers are out of the office and working from their homes. This change in scenery, combined with safe social distancing efforts that help prevent the spread of COVID-19, has created a crisis for many, but an opportunity for some.

This special COVID-19 themed Cybercrime Tactics and Techniques report looks at the most prominently spread malware families taking advantage of this crisis, as well as other, related efforts we have observed by cybercriminals. 

A rapidly growing number of security tools have arisen to help organizations better secure their environments and actively protect important data, from SIEM to EDR to SOAR and more. In response, many organizations are purchasing more tools than they can effectively manage as they struggle to stay protected against the latest security threats. This growing set of tools actually increases organizational risk levels and decreases security teams’ ability to respond effectively to threats. In this session we will explore how your organization can assess this and simple measurements you can take to prevent from going forward.

According to a recent survey, last year 69% of organizations suffered a data breach caused by an Insider Threat, even with a data loss prevention (DLP) solution in place. While malicious users are a legitimate threat to an organization’s security, another study found that 64% of incidents were a result of human error made by an employee. In fact, 78% of Chief Security Officers confessed that even they have clicked on suspicious links.

These statistics demonstrate that having a DLP solution in place with a centralized IT Security team is not sufficient in protecting company assets. Organizations must also address the human element and provide effective ongoing training and education to all employees within the organization.

This panel will discuss the importance of understanding and detecting the various types of Insider Threats that put your organization at risk, as well as provide insight on how to prepare a prevention and defense strategy against an insider breach.