Boston

It’s important to recognize that cybersecurity is rooted in more than zero trust, and compliance mandates. The core to all cybersecurity is protecting TRUST. Unfortunately, the TRUST component has been pushed aside to chase trends and compliance. It’s time we earn back TRUST before we become lost in a new cyber-revolution.

Security automation helps organizations keep pace with alerts, emerging threats, and complex tech stacks and processes. This means that more companies than ever are seeking hands-on operational expertise in the utilization and optimization of these tools. Recognized for developing innovative cybersecurity services, Unit 221B is quickly becoming a leader in this space. From blazing fast implementation times to their focus on long-term value and unparalleled customizations, Unit 221B’s clients are realizing incredible results thanks to this winning partnership.

– Why Unit 221B chooses to turn the traditional managed services model on its head
– Why Unit 221B selects Swimlane to help address its customers’ most challenging security problems
– How Swimlane’s low-code SOAR helps MSSPs and MDRs maximize profitability and growth
– The tangible benefits organizations who deploy this winning partnership can expect

Despite having distinct differences, data privacy and compliance are deeply intertwined with cyber security. As focus on data privacy and compliance increases, business leaders can expect to see vast changes related to how consumer data is managed, shared, and secured. Policy & laws on data privacy and compliance continue to expand and become increasingly stringent, so it is important for companies and their respective business leaders to consider these areas as they develop & evaluate their cyber security strategies. For instance, last year the SEC proposed amendments to its rules on cyber security, risk management, strategy, governance, and incident disclosure by public companies.

At a more granular level, there are various initiatives to protect specific consumer data and ensure enterprises are compliant in doing so – particularly health data and children’s personal information. The American Data Privacy and Protection Act (ADPPA) if passed could greatly impact health data beyond the scope of HIPAA by establishing a national framework to protect & preserve the privacy of consumer data collected by entities not covered by HIPAA. In an American Medical Association survey, about 75% of surveyed patients expressed concern and confusion related to the privacy of their health data and how it is handled. The ADPPA could help clear up some of this confusion by establishing clear expectations. Another critical area is the collection of personal information of children. The Children’s Online Privacy Protection Act (COPPA) helps put parents in control of how their children’s data is handled and ensures that all entities in possession of this data sustain its confidentiality, security, and integrity.

Maintaining strong data privacy and compliance practices is imperative in preventing sensitive personal data from becoming compromised. This information is extremely valuable to cyber criminals, who seek to utilize compromised data to steal others’ identities or resell such PII.

This panel will look at the latest data privacy policies and implications for what this means for business leaders in the future. Our lineup of experts will lend their insights and offer best practices relating to privacy, compliance, and identity protection.

For far too long, the role of the security analyst, charged with investigating, validating and responding to attacks amidst the noise of alerts from multiple tools, has been a frustratingly fragmented and inefficient one. The hours spent on manual triage, threat hunting and research across many tools and data sources, not only extends the time taken per incident, but also distracts valuable resources away from higher risk attacks. Data shows that despite deploying more great tools and getting more alerts, we are not getting much better at this, if at all, over the past several years. The industry needs to focus on the analyst experience. How can these tools and data sources be better connected? How can AI and machine learning best be employed to unburden teams of the error prone repetitive tasks while providing rapid and valuable insights into the specifics of an attack, and even provide focused recommended actions? This can and does, dramatically improve the overall analyst experience and efficacy, helping to prevent burn out while simultaneously sharpening response capabilities.  Join us to discuss what we have learned and how we and other members of a growing, open community are building and delivering in this space.

Cyber attackers are constantly evolving their tactics and techniques, making it crucial for organizations to adopt a proactive and adaptive approach to cybersecurity. In this presentation, we’ll draw from Secureworks’ recent incident response engagements and provide real-life stories to illustrate the need for a more comprehensive cybersecurity strategy. We’ll discuss the limitations of relying solely on endpoint detection and response (EDR), and provide practical strategies for moving beyond the endpoints to protect against threats originating from anywhere in the IT stack. Join us to learn how to improve your cybersecurity posture, implement effective security measures, and foster a culture of trust with your security partners.

“Pay Up, or Else”. The number of organizations who have been faced with this scenario has been steadily increasing over the past several years as ransomware attacks continue to rise — both in numbers and the size of payouts.

The clear and present danger of a ransomware attack looms large among cyber executives and business leaders as the number of vulnerabilities increases daily. According to a 2022 CRA Business Intelligence survey, nearly one in four respondents reported that their organization experienced one or more ransomware attacks in the past 12 months, and almost one out of three of these organizations said the attacker succeeded in gaining access to their systems, encrypting files, and demanding a ransom

According to this survey, many believe that the worst is yet to come and that they are at a significantly higher risk of a cyberattack than ever before – it’s not a matter of “if,” but “when.”

Preparing for the inevitable and defending against the threat of a ransomware attack requires constant evaluation and assessment, and then making the necessary adjustments.

On this panel, our lineup of industry experts will discuss the key security measures enterprises must take, going beyond backup and recovery and anti-malware/anti-virus solutions to include endpoint security, vulnerability management, Active Directory monitoring, credential protection, DNS security tools, SIEM, DLP and encryption, and cloud security software.

We’ll explore today’s sophisticated and multi-layered threat cyber attacks and how machine learning and artificial intelligence play a role in prevention.  In addition this discussion will explore threat modeling and the MITRE ATT&CK framework and how these activities/tools support active threat hunting exercises.

Generative AI is proving to increase productivity and augment humans in new ways. To seize these opportunities, organizations must be aware of and manage its risks. That includes understanding how generative AI has changed the threat landscape and the security concerns that come with it. In this session, learn about the different AI approaches within the cyber security domain, discuss the benefits and limitations, and how to mitigate some of the risks. Also, learn how applying Self-Learning AI across your organization’s digital environment will help your security team prevent, detect, respond, and heal from incidents, including those augmented by generative AI.

Most organization are transitioning to cloud first model, while cloud platforms offer advantages like flexibility, agility, and scalability, they also introduce complexity in securing these environments.  In this journey, many organizations face challenges like lack of network visibility, insufficient security coverage, shortage of skilled staff and alert fatigue.  Security teams need solutions that can address the dynamic nature of the cloud, are easy to deploy and manage, and can seamlessly integrate into their existing infrastructure and provide comprehensive visibility to manage and protect their cloud workloads.  

In this session we will cover:

• The challenges of cloud security.
• Strategy for securing your cloud deployments.
• How Fortinet simplifies cloud risk with products and solutions that empower impactful security choices, proactively manage risk, and maximize security investments for greater transformation and benefits.

Use of the cloud is continuously growing, not surprisingly so due to its perceived lower costs, greater agility, and ability to increase computing power with increased demand & continuously deploy new applications and software features.

Despite the appeal of cloud, there are many security risks and vulnerabilities and managing these risks has proven to be a big challenge as cyber criminals shift their tactics to cloud data and systems in responses to this increased use of the cloud. According to a CRA Business Intelligence’s September 2022 Cloud Security Survey, misconfigurations, lack of oversight, and little visibility across the organization are among their chief concerns regarding cloud deployments.

If organizations are going to successfully adopt/transition to the cloud, they must ensure security is part of their program. An effective cloud security program includes various process and technology capabilities to effectively keep up with the current threat landscape and vulnerabilities.

• Burnout amongst cyber security practitioners is ever present and rising, often plunging those in cyber security into a never-ending spiral of burnout.  From those presenting in the board room to analysts on the frontlines, burnout manifests itself in a myriad of ways caused by the constantly evolving threat landscape, the evolving threat actors, and even the tools used to combat the threat.  This session on Breaking the Spiral of Burnout, will provide examples of what is causing it, provide examples to use with leadership to address the risk of burnout, and show how the proper tooling can help to alleviate the stress seen by analysts.  From the boardroom to war room, give the confidence to say “we are not compromised!”

SIEMs have evolved over the past few decades due to the evolving threat landscape, increasingly complex architectures, and ever-increasing data volume and velocity. In this session, we will cover the history of SIEMs and introduce a new strategy leveraging the concept of detection-as-code to optimize detections and threat hunting.

Taking a detection-as-code approach will show how to use a language most already know — Python and SQL. Leveraging the detection-as-code approach, we will also show how to write detections, test them, and introduce software development lifecycle best practices that can be used for version control, collaboration, and integration with your CI/CD pipeline.