Houston

Understanding this critical shift, Swimlane has teamed up with Dataminr Pulse, one of the market’s most proven AI products, to explore what AI and Automation can do together.  Join Kevin Thompson, Dataminr Solutions Engineer, and Mark VanKempen, Swimlane’s Senior Director of Sales Engineering as they provide an in-depth exploration of how the combined strengths of Swimlane Turbine and Dataminr Pulse can transform your organization’s approach to cybersecurity, including:

For far too long, the role of the security analyst, charged with investigating, validating and responding to attacks amidst the noise of alerts from multiple tools, has been a frustratingly fragmented and inefficient one. The hours spent on manual triage, threat hunting and research across many tools and data sources, not only extends the time taken per incident, but also distracts valuable resources away from higher risk attacks. Data shows that despite deploying more great tools and getting more alerts, we are not getting much better at this, if at all, over the past several years. The industry needs to focus on the analyst experience. How can these tools and data sources be better connected? How can AI and machine learning best be employed to unburden teams of the error prone repetitive tasks while providing rapid and valuable insights into the specifics of an attack, and even provide focused recommended actions? This can and does, dramatically improve the overall analyst experience and efficacy, helping to prevent burn out while simultaneously sharpening response capabilities. Join us to discuss what we have learned and how we and other members of a growing, open community are building and delivering in this space.

It costs ten times more to fix security vulnerabilities later in the software development life cycle.” We’ve all heard the statistic – but if it’s true, why do AppSec costs keep soaring, even as organizations “shift left”?
In this talk, Oligo Security Director of Solution Engineering Mic McCully (formerly Field CTO at Snyk) and Head of Product Marketing Jeanette Sherman (formerly Product Marketing Lead at Whitesource/Mend) will take on the biggest myth in application security. You’ll learn why “shift left” AppSec approaches usually fail to result in cost savings, and practical approaches for controlling AppSec spend while keeping application risks low.

Despite having distinct differences, data privacy and compliance are deeply intertwined with cyber security. As focus on data privacy and compliance increases, business leaders can expect to see vast changes related to how consumer data is managed, shared, and secured. Policy & laws on data privacy and compliance continue to expand and become increasingly stringent, so it is important for companies and their respective business leaders to consider these areas as they develop & evaluate their cyber security strategies. For instance, last year the SEC proposed amendments to its rules on cyber security, risk management, strategy, governance, and incident disclosure by public companies.

At a more granular level, there are various initiatives to protect specific consumer data and ensure enterprises are compliant in doing so – particularly health data and children’s personal information. The American Data Privacy and Protection Act (ADPPA) if passed could greatly impact health data beyond the scope of HIPAA by establishing a national framework to protect & preserve the privacy of consumer data collected by entities not covered by HIPAA. In an American Medical Association survey, about 75% of surveyed patients expressed concern and confusion related to the privacy of their health data and how it is handled. The ADPPA could help clear up some of this confusion by establishing clear expectations. Another critical area is the collection of personal information of children. The Children’s Online Privacy Protection Act (COPPA) helps put parents in control of how their children’s data is handled and ensures that all entities in possession of this data sustain its confidentiality, security, and integrity.

Maintaining strong data privacy and compliance practices is imperative in preventing sensitive personal data from becoming compromised. This information is extremely valuable to cyber criminals, who seek to utilize compromised data to steal others’ identities or resell such PII.

This panel will look at the latest data privacy policies and implications for what this means for business leaders in the future. Our lineup of experts will lend their insights and offer best practices relating to privacy, compliance, and identity protection.

Organizations process and store huge volumes of sensitive information. Inadequate controls in IAM processes and technology can lead to breach, involuntary exposure of data, and non-compliance issues.

Join us as we demonstrate a proven Zero-Trust driven assessment, architecture and executable roadmap process that answers the most common questions about CyberSolve implementations: How do we determine what we COULD do vs. what we SHOULD do? What’s this going to cost us? How do we maintain our IAM once it is implemented? What is different when addressing Workforce IAM vs Customer IAM (CIAM)?

Today, more than any other time in history, we are digitally connected. And, with a continuous rise in mobile related attacks, and an ever-increasing use of mobile devices to perform business tasks, protecting your organization from Mobile threats is more critical than ever. And, despite our best efforts, threats and breaches continue to increase.

Join Grant Asplund for this insightful presentation to learn about the latest mobile and user protection including Check Point’s Harmony suite for securing users and access.  Today’s mobile security needs to prevent the download of malicious files to mobile devices, not just from the web and email but also collaboration tools like Teams and Slack and others. Learn out how you can achieve 99.7% efficacy against zero-day threats across your entire enterprise leveraging ThreatCloud, an industry leading threat intelligence solution.

The cost of data breaches continues to grow—topping $4.5 million on average. But what if breaches could become harmless?

There is a paradigm shift in security: Traditional approaches to cybersecurity, focusing on network and device security, have proven insufficient due to evolving threats and third-party access. We’ll explore how enterprises can shift to a data-centric security model to mitigate the impact of inevitable cybersecurity breaches.

“Pay Up, or Else”. The number of organizations who have been faced with this scenario has been steadily increasing over the past several years as ransomware attacks continue to rise — both in numbers and the size of payouts.

The clear and present danger of a ransomware attack looms large among cyber executives and business leaders as the number of vulnerabilities increases daily. According to a 2022 CRA Business Intelligence survey, nearly one in four respondents reported that their organization experienced one or more ransomware attacks in the past 12 months, and almost one out of three of these organizations said the attacker succeeded in gaining access to their systems, encrypting files, and demanding a ransom

According to this survey, many believe that the worst is yet to come and that they are at a significantly higher risk of a cyberattack than ever before – it’s not a matter of “if,” but “when.”

Preparing for the inevitable and defending against the threat of a ransomware attack requires constant evaluation and assessment, and then making the necessary adjustments.

On this panel, our lineup of industry experts will discuss the key security measures enterprises must take, going beyond backup and recovery and anti-malware/anti-virus solutions to include endpoint security, vulnerability management, Active Directory monitoring, credential protection, DNS security tools, SIEM, DLP and encryption, and cloud security software.

During the past 10 years I’ve participated in many security incidents, received confidential readouts of other company incidents, collaborated with top well-known incident response firms as well as government agencies. It’s with these experiences and learnings I’ve applied an overlay of Zero Trust to the problem. Having also delivered Zero Trust strategies at two globally-recognized enterprises we can speak to the reality of the problem and solution.

In 2022 I presented how my Enterprise Security teams delivered Zero Trust at Adobe and Cisco. So, let’s talk about why we prioritized the initiative; a forward thinking strategy that really defended against the attacks we were seeing. During this session we’ll discuss some high-profile security incidents from the past year, reviewing the themes, kill chain, and how or where a Zero Trust strategy might help prevent the attack, slow them down, or reduce risk.

As an example, many high profile hacks all started similarly. Related to an employee or contractor credential theft (or purchase) and an MFA fatigue or bypass. These are NOT highly sophisticated attacks and there are strategies that can save your bacon.

This session will emphasize the crucial role of AI-enhanced threat hunting in modern cybersecurity. It explores how cutting-edge technology and AI actively seek out elusive threats, thereby bolstering defenses against both external and internal attacks. The session will highlight the advantages of AI-driven tools in enhancing detection speed and accuracy, offering rapid insights. Wisseman will also discuss strategies to eliminate blind spots to threat actors and provide tailored visibility into actual indicators of compromise, differentiating from traditional threat intelligence solutions.

As organizations face the growing threat of ransomware and data exfiltration, many are reevaluating their preparedness for a large-scale data loss event. The problem is that legacy backup systems, which were designed to protect against hardware failure or natural disasters, are now being targeted by cybercriminals as their first point of attack. In this session, we will discuss why traditional backup systems and cyber recovery solutions are fundamentally different capabilities. We will also explore the steps that organizations can take to prepare for and recover from a cyber-attack, including implementing a modern cyber recovery tool like Rubrik.

Use of the cloud is continuously growing, not surprisingly so due to its perceived lower costs, greater agility, and ability to increase computing power with increased demand & continuously deploy new applications and software features.

Despite the appeal of cloud, there are many security risks and vulnerabilities and managing these risks has proven to be a big challenge as cyber criminals shift their tactics to cloud data and systems in responses to this increased use of the cloud. According to a CRA Business Intelligence’s September 2022 Cloud Security Survey, misconfigurations, lack of oversight, and little visibility across the organization are among their chief concerns regarding cloud deployments.

If organizations are going to successfully adopt/transition to the cloud, they must ensure security is part of their program. An effective cloud security program includes various process and technology capabilities to effectively keep up with the current threat landscape and vulnerabilities.