Chicago 2021

Ask five IT/security leaders to define “SASE” and you’ll get five different answers. Simply put, SASE – Secure Access Service Edge – delivers security from the cloud by combining the right mix of capabilities and technologies for your organization’s unique needs. In this session with Dave Grady from Verizon – a global leader in networking and cybersecurity – you’ll learn about:

• SASE Technology: From SDN and ZTNA to everything in-between.
• Orchestration: How to make your security resources work better together.
• Visibility: How SASE brings network and security ops teams closer.
• Strategy: How SASE fits into an overall security strategy.

Security practitioners understand the need to implement new controls that help their organizations defend against the rising number of attacks and Fifth Generation threats like the SolarWinds Orion supply chain hack. But slowed economic growth and the push to secure systems from sophisticated new threats challenge many companies.

These global market conditions underscore the importance of employing a consolidation strategy with a unified security architecture at its center that protects cloud, networks, endpoints, and mobile devices.

Join Grant Asplund, Chief Security Evangelist for Check Point Software Technologies, as he shares the building blocks for putting in place a consolidation strategy that:

• Increases security efficiency with a unified security architecture
• Improves your organization’s overall threat prevention profile
• Eliminates complexity caused by managing disparate systems
• Reduces total cost of ownership

With the Passwordless Decade well underway, more and more organizations are asking the question: Why is now the right time to move beyond passwords?

George Avetisov, CEO of HYPR, will discuss the rise of organizations moving to the cloud, how the perimeter fades and the attack surface gets larger. Modern tools such as SNIPR and Modlishka make it easier for hackers to launch large-scale automated attacks, bringing credential re-use and two-factor-authentication attacks to record highs. 

How did we get here, and will mainstream adoption of passwordless security have an impact? We will explore how the rise of virtual desktop infrastructure and a remote workforce has affected workstation login and review how the evolution of authentication has impacted organizations’ identity and access management systems.

In this session, you’ll learn:

In 2020, there was an unprecedented growth in ransomware attacks and this trend shows no signs of slowing down. Rather, these attacks are evolving and becoming more harmful as cyber criminals become more organized and effective. It is predicted that in 2021, businesses will fall victim to a ransomware attack every 11 seconds with an estimated cost of over $20 billion – 57 times more than in 2015, making ransomware the fastest growing type of cybercrime.

As a result, companies are transitioning from the traditional “trust but verify” method and implementing a Zero Trust model, requiring all users to be authenticated and continually authorized in order to be granted access and maintain access to company data and applications. By leveraging various technologies & techniques such as multifactor authentication, IAM, least privilege access, and microsegmentation, the Zero Trust model reduces the risk of a ransomware attack and minimizes the potential damage from a breach.

This panel will highlight where enterprises are most vulnerable to becoming a victim of ransomware and how utilizing a Zero Trust model minimizes this risk. Industry experts will discuss best practices to avoid a ransomware attack including adapting the Zero Trust model, what to do if your company is being held for ransom, ways to mitigate the damage caused by an attack, and how to recover afterwards.

The SolarWinds SUNBURST attack was a rude awakening for many security teams, and it won’t be the last time Security leaders face tough questions about how an adversary evaded defenses and stayed hidden. With threats persisting inside the network for months, security teams need a new plan. In this session, CISO Jeff Costlow discusses strategies, including revising existing mental models and incident response processes, to build resilience in the fight against advanced threats.

Users can be induced to click on malicious content through fear, curiosity or trust. The malware they invite onto their devices routinely evades detection by even the most sophisticated security products, making breaches inevitable. It is time for a different approach to endpoint security, applying the sound engineering principles of least privilege and strong isolation enabled by modern CPUs – protection that doesn’t rely on detection.

Over the past few years, the number of organizations that have adopted cloud-based systems has grown exponentially, largely due to the COVID-19 pandemic. In turn, cloud security has become a critical issue for IT security executives and their teams. McAffee reported an increase of 630% in attacks by external actors targeting cloud services between January and April of 2020. This uptick in cloud security breaches is projected to persist even after the pandemic as many companies continue to utilize the cloud and leverage its benefits.

While migrating to the cloud offers numerous advantages, it also poses certain threats and challenges. In a recent report by Oracle & KPMG, over 90% of IT Professionals felt their organization had a cloud security readiness gap. A significant concern for many who are adapting to a cloud-based workforce is misconfigurations and gaps in cloud security programs. Additionally, cloud-based infrastructure requires adopting new security policies and processes. Many companies believe their existing security teams lack the necessary skillsets and knowledge that the cloud environment requires, especially as organizations turn to multi-cloud, hybrid cloud, and distributed cloud models.

This panel will highlight the areas where cloud systems can leave enterprises vulnerable, ways to minimize common misconfiguration errors, and other best practices to mitigate threats when migrating to the cloud. Our lineup of Industry Experts will provide their expertise on developing a robust cloud security strategy that addresses these issues and insight on how to stay secure in the future of cloud security.

Many of today’s organizations have as many staff resources integrating security tools and data sources as they do actually running their security programs. This is a tragic duplication of effort and not the most productive use of precious talent that often fails to create the expected value and ROI. Join us to hear how IBM, and some key alliance partners are pushing the industry towards open, standards-based interoperability, and see some tangible examples of what those gains in efficiency and efficacy look like today.

Cyberattacks have quadrupled since the beginning of the pandemic. Lots of endpoints are currently on their own when it comes to being managed and protected. What will happen when these machines come back to the office, or are they coming back at all? This presentation will address the different scenarios that companies may encounter and how to resolve them by automating their endpoint management.

The Forrester Wave™: Zero Trust eXtended Ecosystem report in October 2019 called IoT and OT device security, “one of the hardest problems to solve within the enterprise.” Join this webinar to learn how Forescout allows organizations to mitigate risk and embrace Zero Trust architecture for all managed, unmanaged, virtual or physical IP-connected systems across your extended enterprise.

This webinar will discuss how to:

• Eliminate risk by identifying, understanding and controlling access to all devices, users, apps and workloads
• Map data flows to design segmentation policies and simulate them for non-disruptive deployment
• Maximize ROI and extend Zero Trust architecture across campus, cloud, data center and IT/OT environments using your existing technologies

It is shocking that, year over year, stealing credentials is still the top tactic used by attackers to breach organizations. Why is this still happening? Hint: It isn’t only because of weak passwords. Organizations have invested heavily into privileged access management technologies, but these solutions have struggled to address the problem for five key reasons. In this discussion, we will address the gaps in current access management approaches but, more importantly, show you how to quickly close the gaps and significantly reduce security risks without disrupting your current investments or systems.

Join Remediant in this discussion to:

• learn the four reasons why privileged access management implementations fail;
• identify areas in your IAM program where you can reduce admin access risk; and
• capitalize on existing investments, while improving your risk posture.

Secured Access Service Edge, or SASE, is no longer a buzzword tossed around by cybersecurity pundits but is a robust, cloud-based service model to enable secure anywhere, anytime access from any device.

In the Are you SASE Ready? 5 Steps for Building Your SASE Roadmap webcast, you will learn how to build a roadmap to move to SASE and the benefits such a move will offer.

The session will cover how SASE will provide your organization with a path to reducing network and security cost and complexity while increasing security and connectivity to give your users a better experience, regardless of location.

In this session, Paul Martini, CEO, CTO & Co-founder at iboss, will discuss:

An understanding of the main drivers that lead organizations to migrate to SASE cloud;
5 steps to help you understand how to future-proof your network security investments;
What to consider when choosing a SASE platform.

Insider Threat has become increasingly problematic to businesses as the frequency and cost of these threats have risen over the last several years. In a global study conducted by Ponemon Institute in September of 2019, there was a 31% increase in overall cost of Insider Threat and a 47% increase in the total number of Insider Incidents from 2018.

Today, Insider Threat poses an even greater risk to businesses in the wake of the COVID-19 pandemic. Forrester Research, Inc. reported that in 2020, a quarter of all security breaches were caused by an insider and estimates that in 2021, Insider Threats will account for 33% of security breaches.

This panel will discuss the various factors that contribute to this increase in Insider breaches, how remote work has impacted the malicious & non-malicious Insider Threats facing businesses, and the implications this has on enterprises today. Our lineup of Industry Experts will offer their insight & provide best-practices on how businesses and their IT Security Teams should address these risks and adapt in order to defend against Insider Threats.

Prior to defending an organization against a determined attacker, their techniques must be understood. This presentation provides an adversarial viewpoint to inform network defense leaders how the attackers see their organizations and are able to be successful with their objectives, even when well defended. The presenter will draw upon over 17 years of personal experience as a Red Team operator and leader to illustrate how your organizations are viewed, through the eyes of an adversary.