Interop Las Vegas logo

DARK READING’S CYBER SECURITY CRASH COURSE WEDNESDAY, APRIL 29, 2015

Dark Reading Header

Dark Reading Logo

EVERYTHING YOU NEED TO KNOW ABOUT TODAY’S IT SECURITY CHALLENGES


Sony. Target. Heartbleed. Edward Snowden. The list goes on. Every day, IT organizations are abuzz with news of hacks, breaches, and vulnerabilities that are coming to light in the media.

And every day, top executives worry that their organization might be next. It’s up to the IT professional to participate in these discussions and answer key questions about today’s threats.

Does your IT team really know everything it should about the current cyber security environment? Can you intelligently discuss the latest breaches, vulnerabilities, and emerging threats? Do you know about the most critical dangers in specific areas of IT, such as cloud environments and mobile systems? Most importantly, does your IT team know which tools and practices are available to mitigate these threats?

In this all-day Interop event, the Dark Reading team and a group of top cyber security experts will offer a crash course in what IT needs to know about data security and the dangers faced by their organizations.

We’ll give “speed reads” on each key area of security that address the essential elements organizations should know about cyber defense, as well as an overview of the latest exploits. Best of all, attendees will have an opportunity to ask the experts key questions in a supportive, collegial setting.

Please Note: Attendance to the Dark Reading Cyber Security Crash Course is limited to 60 attendees.

DARK READING CYBER SECURITY CRASH COURSE SPONSORS


Agenda


Wednesday, April 29

8:00 - 10:30 AMRegistration & Interop Keynotes
10:30 - 11:00 AMOpening Address: “The State of the Enterprise Security Department”

The data breach at Target cost both the CIO and the CEO their jobs. And every day, the pressure increases on security departments to defend against a increasingly-wider range of cyber risks and threat actors. What are the chief threats that security departments face, and what are they doing about them? This session will include a first-person presentation from a CISO you’ve never seen before.
Speaker: Jonathan Feldman, CIO, City of Asheville

11:00 - 11:30 AMSpeed Session: “Today’s Enterprise Threat Environment”

Cyber attackers are in the news nearly every day, but which exploits are the ones your organization should be most concerned about? In this session, a top expert will offer a look at the latest attacks and trends, as well as the different types of attackers and their motivations. Attendees will get a deeper understanding of current exploits and attackers’ ways of thinking, as well as advice on how enterprise defenses can be adapted to mitigate these new approaches.
Speaker: Raimund Genes, Chief Technology Officer, Trend Micro

11:30 - 11:45 AMLightning Talk
11:45 AM - 12:15 PMSpeed Session: “The Real Risks of Mobile Technology In the Enterprise”

Everyone is saying that the introduction of mobile devices and bring-your-own-device (BYOD) policies is a security risk to the enterprise. But exactly where do those risks come from? In this session, a top expert will debunk some of the myths about mobile security while raising up some threats and vulnerabilities you may not know about.
Speaker: Eric Green, SVP, Business Development, Mobile Active Defense

12:15 - 1:00 PMLunch Session: “CISO Hot Seat”

One of the best ways to gain insight into the security problem is through the successes and failures of those who live it. In this luncheon program, the chief security officer at a major enterprise will discuss experiences in managing cyber security, best practices, pitfalls, and answer questions from attendees.
Speaker: James Christiansen, Vice President, Information Risk Management, Office of the CISO, Accuvant

1:00 - 1:30 PMSpeed Session: “Users, Endpoints, and Passwords – What Really Works”

It’s been happening since the first PCs were introduced in the enterprise – lost passwords, viruses, and other cyber exploits wreak havoc on your desktops and create a security risk to your corporate data. In addition, users have created new security problems by introducing new (often unauthorized) applications, surfing social networks, and engaging in other risky behaviors. In this session, an endpoint security expert will discuss what you can do to help protect your endpoints – and the users they serve.
Speaker: Phil Dunkelberger, Founder and CEO, Nok Nok Labs

1:30 - 1:45 PMLightning Talk
1:45 - 2:15 PMSpeed Session: “Insider Threats and Preventing Data Leaks”

Major data leaks such as Edward Snowden’s release of NSA data and the dump of military data on WikiLeaks are only the tip of the insider threat iceberg. Every day, enterprises face the threat of losing valuable insider information – not only through malicious leaks but through unintentional, accidental violations of security rules that lead to exposure of critical information. How can organizations spot the signs of a data leak and stop it before it goes too far? How can IT help prevent accidental leaks of sensitive data? A top expert offers some essential advice on stopping data loss from within.
Speaker: Jason Straight, Senior Vice President, Chief Privacy Officer, UnitedLex

2:15 - 2:30 PMNetworking Coffee Break
2:30 - 3:00 PMSpeed Session: “Social Engineering – How Users Get Fooled (And How to Stop It)”

As enterprises continue to improve their technical defenses, cyber criminals have found that the weakest link in the chain is the human end user. Through a variety of disguises and deceptions, attackers are frequently able to convince users to give up data and logon credentials without resistance. How can IT organizations mitigate phishing, watering holes, and other social engineering attacks? This session offers an overview of the key concepts behind social engineering defense.
Speaker: Joe Ferrara, President & CEO, Wombat Security Technologies

3:00 - 3:30 PMSpeed Session: “Understanding Targeted Attacks”

In the past, most cyber attack campaigns were primarily random, and they simply exploited the most vulnerable systems they could find. Today, however, there is an increasing number of sophisticated attacks that target specific companies, data, or even employees. These attacks are often extremely well disguised and may escape the security tools that most enterprises use to screen out more random attacks. What tools and defenses are there to prevent targeted attacks on your organization? In this session, you will hear about the latest types of targeted attacks and what your enterprise can do to stop them.
Speaker: Sean Mason, VP of Incident Response, Resolution1 Security

3:30 - 3:45 PMLightning Talk
3:45 - 4:15 PMSpeed Session: “Eliminating Risk In Cloud Computing Environments”

Cloud computing services and technology offer a level of efficiency and cost savings that most enterprises simply can’t pass up. But does the growing use of cloud technology create a growing threat to enterprise data? How can IT organizations track and secure data as it travels through the cloud? In this session, a cloud security expert will discuss the key danger points in cloud computing and the latest technologies and practices for cloud security.
Speaker: David Stott, Senior Director, Perspecsys

4:15 - 4:45 PMSpeed Session: “Finding and Fixing Security Vulnerabilities In Your Electronic Supply Chain”

As organizations such as Target have discovered, cyber attackers sometimes attack indirectly, through suppliers, contractors, and customers that have access to your systems. But how can you ensure that third parties are keeping their own systems secure – and are not providing an avenue of compromise for your data? In this session, our speaker discusses the methods you can use to vet your suppliers’ security and reduce attackers’ ability to use your partners’ vulnerabilities against you.
Speaker: Daniel Pfeifle, Vice President, Exostar

4:45 - 5:00 PMNetworking Coffee Break
5:00 - 5:30 PMSpeed Session: “Enterprise Application Security: Threats, Risks, and How to Mitigate Them”

Customer databases, enterprise applications, Big Data – the keys to your enterprise’s kingdom lie in its applications. But application security is often overlooked, both by software manufacturers and by internal development teams. What steps can your organization take to find and repair application vulnerabilities – before your attackers discover them? A top applications security expert discusses key practices for scanning and securing applications, as well as offering some insight on how to improve security in your software development organization.

5:30 - 6:00 PM“InfoSec Free-For-All: Wrap-up and General Q&A"

At the end of the day, many of the experts who spoke in the earlier sessions will be available to answer questions and follow up on what the attendees have heard. This final session will lead into a cocktail hour, so that attendees can speak directly with experts and network with colleagues who may face many of the same problems.

6:00 - 7:00 PMNetworking Cocktail Reception
That NightOfficial Interop Party