Date and Time | Title | |
---|---|---|
Feb 18, 2021 8:00am - 9:00am (Eastern) | Exhibitor Hall Open Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Virtual booths feature demos, resources downloads, and staff ready to answer your questions. Look for participating Dash For Prizes and CyberHunt sponsors to be entered to win prizes. | |
Feb 18, 2021 8:15am - 8:56am (Eastern) | ISSA New England Chapter Meeting and Presentation Join this fireside chat with the ISSA New England Chapter as they have a candid conversation with two industry veterans and two aspiring InfoSec professionals. Learn what the next generation of workers is looking for, perceptions, and topics of training, as well as what our seasoned professionals are doing to cultivate and develop their teams. | ![]() |
Feb 18, 2021 8:15am - 8:55am (Eastern) | AI-Powered Incident Response The SentinelOne platform unifies Prevention (EPP), Detection & Response (ActiveEDR), Fast Recovery, Incident Response Threat Hunting, and Security Suite features into a single-agent solution for modern Windows, Mac Linux and Kubernetes. In this overview we touch upon these high-level capabilities:
| ![]() |
Feb 18, 2021 8:15am - 8:45am (Eastern) | Managing Insider Risk without Compromising Speed of Business As companies double down on time to innovation, time to market, and time to revenue, they are inherently introducing more risk from the inside. The more cloud-based, collaborative, and fast an organization becomes, the greater the Insider Risks posed to its people, technology, and data. The upside is that cloud collaboration tools make employees more productive. The downside is that these same tools make it easier to exfiltrate data. Adding to the complexities of working from home and off the corporate network, more employees are routinely using unauthorized devices, tools, and cloud-based applications to share files and ideas with colleagues. Join us to discuss the growing Insider Risk problem and how the right data protection methods can set security teams up for success, without slowing down company productivity. | ![]() |
Feb 18, 2021 8:15am - 8:42am (Eastern) | Achieving the Security Data Lake The promise of the Security Data Lake is to provide a centralized, massively scalable repository for ALL data relevant for the Security Operations team, enabling many core functions required by the modern enterprise -- monitoring and alerting, threat hunting, advanced persistent threat protection, DDoS mitigation and many others. But the quest to achieve it has been a rocky one, as infrastructure complexity has prevented most teams from achieving the vision. This session will explain the benefits of achieving a true security data lake, explain the previous barriers that companies have faced, and describe a new approach which is allowing companies to achieve the vision, and finally put the Security Data Lake at the heart of their overall Security Architecture.
| ![]() |
Feb 18, 2021 9:00am - 9:59am (Eastern) | [Opening Keynote] Fireside Chat with Pentesters Arrested for Doing Their Job When an Iowa Sheriff arrested Coalfire pentesters Gary DeMercurio and Justin Wynn on the job, it sent shockwaves through the cybersecurity community. The two InfoSec professionals faced felony charges, jail time, and the possibility of a criminal record for doing what they were hired to do. And information security professionals faced a possible chilling effect around a common strategy for testing defenses. Now, Gary and Justin will tell their story on the SecureWorld New England virtual stage during a candid fireside chat. They will take us through what happened to them and share what they learned in the process. For more background, read our original news story here. | ![]() |
Feb 18, 2021 9:45am - 10:00am (Eastern) | Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge. | ![]() |
Feb 18, 2021 10:00am - 11:00am (Eastern) | Incredible Email Hacks You'd Never Expect Email is still the #1 attack vector the bad guys use. A whopping 91% of cyberattacks start with a phishing email, but email hacking is much more than phishing and launching malware! Join us as we explore 10 ways hackers use social engineering to trick your end-users into revealing sensitive data or enabling malicious code to run. You will learn: • How silent malware launches, remote password hash capture, and how rogue rules work If all you were worried about were phishing attempts, think again! | ![]() |
Feb 18, 2021 10:00am - 10:46am (Eastern) | Using the CIS Controls to Measure and Support Your Security Program In this session, you will learn what the CIS Controls are, why people use them, and how they can be used to grade the maturity of your security program. This will help you shape your security budget for the next few years. Presentation Level: MANAGERIAL (security and business leaders) | ![]() |
Feb 18, 2021 10:00am - 10:46am (Eastern) | Big-Game Ransomware Attack Simulation and SolarWinds Response The SolarWinds supply chain compromise opened a hard-to-detect backdoor for one of the world’s most advanced threat actors to steal data and establish persistence. This is the stealthiest attack we’ve ever seen. Let’s ensure you’re protected. Join us to see exactly how a big-game ransomware attack works and how to defend against it. Ransomware gangs dwell in networks for months, stealing data and leaving backdoors before they start dropping ransom notes. We’ll teach you how big-game ransomware gangs operate and showcase common tactics, techniques, and procedures (TTPs) that will help you prepare for an attack. | ![]() |
Feb 18, 2021 10:30am - 10:45am (Eastern) | Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge. | ![]() |
Feb 18, 2021 10:45am - 11:25am (Eastern) | Connected Devices Need Connected Teams IoT security is a growing concern as the number of connected devices increases. California, Oregon, and the EU now regulate the security of IoT devices. Leveraging compliance to create IT/Security partnership with Engineering, Application, and R&D teams is an opportunity to create successes for your business. Presentation level: MANAGERIAL (security and business leaders) | ![]() |
Feb 18, 2021 10:45am - 11:27am (Eastern) | The Cybersecurity Hangover: Why We're Still Recovering from the Attack on SolarWinds The attack on SolarWinds and ensuing trojaning of the Orion Network Management product had a potential effect on every organization on the planet. IT teams scrambled to determine if Orion was installed on their infrastructure, whether they’d upgraded to the trojaned version at any point, and if the attackers had targeted them for second stage compromise. Even today, BitSight is observing signs that organizations still haven’t reconciled their security posture, and we’re working with organizations to identify their exposure. Join us to learn where organizations could have better prepared for a supply chain attack and the practices you need to put in place to be able to respond to incidents ranging from a global supply chain attack to nuisanceware. | ![]() |
Feb 18, 2021 10:45am - 11:25am (Eastern) | Get Beyond Compliance and Achieve Real Data Security To keep pace with the database activity explosion that has accompanied recent rapid technology innovations, organizations must rethink their strategy for securing their data assets. A strategy designed to meet compliance requirements is not enough. Organizations need to develop new approaches that augment traditional agent-based monitoring to achieve real data security today and in the future. We’ll provide insight into how you can automate data collection and monitoring so you may apply more resources to identifying non-compliant behavior and orchestrating rapid responses, regardless of where your data is or the size of your data estate. | ![]() |
Feb 18, 2021 10:45am - 11:23am (Eastern) | A Critical Look at the Security Posture of the Fortune 500 The global pandemic has brought many changes to the IT landscape of corporations across the globe. To see how this has impacted the “best of the best,” Rapid7 Labs has reprised its seminal industry cyber exposure research from 2018 to see how the security posture of Fortune 500 organizations has evolved (or devolved), and to present solid advice to CISOs and practitioners looking to improve their cybersecurity practices. | ![]() |
Feb 18, 2021 11:15am - 11:30am (Eastern) | Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge. | ![]() |
Feb 18, 2021 11:30am - 12:07pm (Eastern) | The Implementation Journey of Zero Trust and SASE: Realizing the Benefits Most organizations have a hybrid implementation of cloud and on-prem services. With the rapid adoption of business digitalization and expanding remote work force, how do we consolidate controls and enhance the security of the systems? In this hybrid mode, enterprises need speed, visibility, security, and reliability without compromise. Enter the secure access service edge, better known as SASE. It’s inevitable that SASE implementations and Zero Trust implementations will provide a more comprehensive security capability to truly support digital transformation. How can your organization best position itself for the transition? In this session, James Christianson will discuss: | ![]() |
Feb 18, 2021 11:30am - 12:10pm (Eastern) | A Modern Approach to Information Protection Data Loss Prevention (DLP) solutions alone can no longer address today’s data privacy requirements. Customer PII data is the most often lost or stolen data, and more than half of these breaches involve malicious attacks. Challenges like increasing threat activity, difficulty protecting a remote workforce, and accelerating migration of data to cloud platforms make it harder to secure data and comply with privacy regulations—especially when analysts need multiple tools to investigate data leakages. So how can you better protect your company in 2021? | ![]() |
Feb 18, 2021 11:30am - 12:10pm (Eastern) | Aligning with the Business: Where Are We Going Wrong? Many in our profession now operate under a “business enablement” mindset. We recognize the fact that we must align security efforts with the needs of the business or we will continue towards becoming irrelevant. But what does “aligning with the business” really mean? Candy Alexander, CISO of NeuEon and ISSA International President, believes we may be misunderstanding this concept and applying it incorrectly within our organization. Attend this session for an honest and possibly controversial take on aligning security with the business. | ![]() |
Feb 18, 2021 12:00pm - 12:15pm (Eastern) | Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge. | ![]() |
Feb 18, 2021 12:15pm - 1:05pm (Eastern) | Cyber Incidents, Forensics, and Insurance: Are All Three up to Snuff? 2020 was the year of ransomware and the pandemic, and many organizations realized their IR wasn’t up to snuff, and others did not listen to external professionals helping and were re-compromised. Have you really tested your Incident Response processes? How about having a detailed post-mortem after an event? Have you looked at your cyber insurance policy to see who you are supposed to be using for assistance? This session will review going through an actual incident and what was good and what was missing in the recovery, alerting (oops, the customers are involved), and finding the root cause, and whether cyber insurance was worth it. | ![]() |
Feb 18, 2021 12:15pm - 1:00pm (Eastern) | The Medical Internet of Things: How to Manage What Historically Has Been Unmanaged The medical device landscape is rapidly changing. Clinicians and Health Delivery Organizations are increasingly demanding that medical devices be connected. Why do we want to connect these devices? How do we do it securely? What challenges does this present? Dave Presuhn will discuss how to ensure your medical devices survive in the jungle that we call a network. | ![]() |
Feb 18, 2021 12:15pm - 1:10pm (Eastern) | The Three Most Crucial Words in Digital Transformation Nothing has been more disruptive to the landscape of the financial services industry than digital transformation, defined as “the process of using digital technologies to create new—or modify existing—business processes, culture, and customer experiences to meet changing business and market requirements.” In this session, we’ll demonstrate how all digital transformation efforts rely, ultimately, on machines, whether those are virtual and serverless systems, containers and applications, or IoT and end-user devices. We’ll also show how a whole new security category has arisen—what Gartner calls Machine Identity Management—to instantly and dynamically protect the tens of thousands of machine identities driving digital transformation. Lastly, we’ll show how Visibility, Intelligence, and Automation are the building blocks you need to design and implement a Machine Identity Management program that bridges current practices and the emerging technologies of the future. | ![]() |
Feb 18, 2021 12:15pm - 1:14pm (Eastern) | [Panel] Ransomware, BEC Attacks, and Insider Threats - What's Next? Even a pandemic didn’t slow the roll of hackers and other nefarious groups. Ransomware and BEC attacks are at an all-time high, and insider threats (malicious and unknowing) are on the rise, as well. It seems if a dollar is to be had, someone is trying to take it. So, how do we arm our clients, partners, and coworkers with the tools they need to identify these next-level threats? | ![]() |
Feb 18, 2021 1:00pm - 1:15pm (Eastern) | Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge. | ![]() |
Feb 18, 2021 1:15pm - 2:15pm (Eastern) | [Panel] Workforce 2.0: The New Normal Our panelists will discuss the continued challenges with managing the remote workforce securely. Whether people go back to an office again is up in the air, but InfoSec and Operations must have processes and technology in place to keep the business running with an acceptable risk. Bring your questions for our panel. | ![]() |
Feb 18, 2021 1:15pm - 2:05pm (Eastern) | [Panel] Let's Talk About Clouds It’s been a year now since many companies were forced to adopt cloud services or perish. For many, this was a huge shift and a leap of faith. This discussion will cover lessons learned, positives we have uncovered, and some of the new alphabet soup relating to cloud—CASB, SaaS, IaaS, etc. | ![]() |
Feb 18, 2021 1:15pm - 2:15pm (Eastern) | Teaching Others to Hike in the Cybersecurity Wilds Every hike takes you to new places, but the basics of hiking are the same: good shoes, a map, and a trailhead. Building a strong cybersecurity awareness program is no different. Let us take you on our journey of how we built a cybersecurity oriented culture, and how you know it’s working. | ![]() |
Feb 18, 2021 1:15pm - 2:00pm (Eastern) | Cybersecurity and Monitoring for the Year 2021 We all must acknowledge that we are in a pandemic of cyberattacks, in a world of an ever-increasing attack surface, with no one single technological vaccine. In this session by Gigamon, we will discuss practical, real-world approaches to providing continuous visibility in your complex attack surface, allowing you to combat the threat landscape and therefore increase your confidence in your security posture. | ![]() |
Feb 18, 2021 1:15pm - 2:02pm (Eastern) | The Challenge of Detecting Threats in the Cloud Detecting threats in the cloud presents several challenges: dealing with new technologies and facing new threat scenarios, exacerbated by the COVID-19 accelerated cloud adoption. Gartner indicates that organizations have been expanding their adoption of cloud security-oriented tools, such as Cloud Security Posture Management (CSPM) and Cloud Access Security Broker (CASB), as they try to keep cloud-related threats under control. However, not all organizations have an interest in adopting all these added technologies, and even when they do, the challenge of integrating them into their security monitoring infrastructure remains. Join this discussion to learn:
| ![]() |
Feb 18, 2021 2:00pm - 2:15pm (Eastern) | Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge. | ![]() |
Feb 18, 2021 2:15pm - 2:55pm (Eastern) | Healthcare Digital Disruption—the Unexpected COVID-19 Outcome | ![]() |
Feb 18, 2021 2:15pm - 3:10pm (Eastern) | [Closing Keynote] Digital Extortion Drama: Deconstructing the Ransomware Response Lifecycle This session is part drama and part virtual tabletop exercise. Cyber attorney Shawn Tuma will make the lifecycle of a successful ransomware attack come alive. From initial discovery and ransom negotiation, to IR team activation, to data recovery and restoration, all the way through the process to lingering litigation. Attend this session to more fully understand the impact a ransomware attack can create for any organization, including yours. | ![]() |