DC Metro

Each year the Verizon Data Breach Investigations Report brings data driven insights to the information security community.  But with so much data sometimes it’s easy to miss the forest for the trees.  Come hear about the key findings hidden in plain sight in the DBIR this year and how you can use them to build a better, data-driven security program!

Fast-moving cyberattacks can strike at any time, and security teams are often unable to react quickly enough. Join to learn how Autonomous Response takes targeted action to stop in-progress attacks without disrupting your business. The discussion includes real-world threat finds. 
 
Explore today’s threats and challenges and learn how advances in AI have been leveraged to allow for very surgical actions to be taken autonomously – where humans can no longer react fast enough.

Cloud innovations continue to drive the rapid adoption of cloud services, which offer numerous advantages such as increased flexibility, better scalability, cost savings, higher productivity, and resiliency. However, challenges in migrating to the cloud and protecting the cloud environment cause concern for many organizations. According to research done by Cybersecurity Insiders in partnership with (ISC)², 72% of organizations said they feel either not at all confident (8%), slightly confident (12%), or moderately confident (52%) in their cloud security posture, expressing concerns over data loss & leakage, data privacy, compliance, and unauthorized access. Lack of qualified staff / knowledge and visibility of security platforms continue to be the biggest threats facing cloud security, with misconfigurations accounting for the majority of cloud data breaches.

This panel will highlight the benefits of migrating to the cloud and examine the pros & cons of the various cloud models. Our lineup of Subject Matter Experts will discuss the risks facing security teams as they adopt cloud services, offer recommendations to minimize these risks, and provide insight on best practices to secure the cloud.

Lying deep in every network is Active Directory. The legacy network operating system that nearly everyone uses! It holds the Keys to the Kingdom, connected to nearly every application, service, IAM, and device. AD is always changing, which makes it more complex and difficult to keep track of every day. It rarely is given the attention that it needs to withstand the onslaught from attackers, both inside and outside. Everyone knows it needs attention, but one wrong setting could cause it to stop, causing total disruption of the network. M&A can cause significant security holes if not analyzed thoroughly. Let Derek Melber, 17X Microsoft MVP show you how to secure AD, making it capable of withstanding the constant attacks.

The connections and dependencies between organizations and their employees, partners, suppliers and customers, creates significant opportunities for risk blind spots. Faced with supply chain disruptions and increasing cyber threats, businesses are re-assessing how they select, evaluate and monitor their third party relationships and the risk they introduce. According to a recent study by KPMG, third-party risk management is a strategic priority for 85 percent of businesses.

How you identify and manage the risks of working with third parties is critical because your compliance, revenue, and company reputation are dependent on all parties fulfilling their contractual, security and privacy obligations. Yet, traditional approaches are inadequate and gaining the right visibility to effectively manage risk is increasingly challenging.

Join Reciprocity experts as we share and discuss with you:

• Why third-party relationships introduce high risk to your organization    
• Key considerations to better identify, manage and mitigate third party risk
• How cybersecurity risk ratings can complement your risk mitigation efforts

You will leave this session with a clear understanding of steps you can take to better avoid, manage and mitigate third party risk to protect your operations, reputation and revenue.

 Keeping up with the advancement of an ever evolving threat landscape requires more technology, people, and processes than ever before, but the battlefield is growing faster than the resources available to meet the challenge.

Now more than ever, security has to be top of mind for IT and security teams. Cybercrime is up 600% due to the COVID-19 pandemic, and remote work has increased the average cost of a data breach by $137,000. IT teams need to make sure every piece of their tech stack helps support their security needs. And that starts with the browser, a key component of end user productivity. Hear from the Chrome team on how to improve your security posture with Chrome. 

While some things are difficult to predict, that is not the case with Ransomware, where attacks have been and continue to be accurately predicted to increase significantly in volume and severity. Last year we saw ransomware attacks on water treatment facilities, oil pipelines, and food distributors make national news. According to the FBI’s Internet Crime Complaint Center, from January to July of 2021 there was a 62% increase in ransomware complaints from year to year.

As new models of ransomware emerge and attacks become more frequent as they prove successful to bad actors, it’s imperative for business leaders to reexamine their approach to cyber security to more effectively combat threats and minimize damage in the event of a ransomware attack. For many companies today, that means foregoing the traditional “trust but verify” perimeter-based security and implementing Zero Trust framework built on the principle of “never trust, always verify”. Through its capability to isolate users and machines, Zero Trust can in the event of an attack limit it from spreading while still maintaining running operations, making it a popular security strategy. In fact, last year in his Executive Order on Improving the Nation’s Cybersecurity, the President of the U.S. recommended the Federal Government adopt Zero Trust architecture. The other vector worth considering is the trusted application vector. If the applications on your perimeter allow attackers in via trojan or remote code execution, then you will be compromised, trust or no trust.

This panel will look at how ransomware attacks and bad actors have evolved to become more successful. Should companies pay hackers to get their data back or will that backfire? Our lineup of Subject Matter Experts will contrast traditional perimeter-based security, Zero Trust and traditional AppSec and offer their insight on how adopting strategies and policies that can help companies stay resilient as ransomware threats continue to grow.

As we adapt to the new normal in wake of the COVID-19 pandemic, some businesses have returned to the office while many continue to work from home or are shifting to a hybrid workforce. Regardless of where your team is in today’s flexible work culture, it’s important to make sure your data is secure.

This panel will discuss the various factors that contribute to the increase in threats facing the remote and hybrid workforce and the solutions needed to stay secure. Our lineup of Industry Experts will offer their insight & explore best-practices on how businesses and their IT Security Teams should address risks such as ransomware, insider threat, phishing, unsecured devices and lack of training.