|8:00 - 10:30 AM||Registration & Interop Keynotes|
|10:30 - 11:00 AM||Opening Address: “The State of the Enterprise Security Department”|
The data breach at Target cost both the CIO and the CEO their jobs. And every day, the pressure increases on security departments to defend against a increasingly-wider range of cyber risks and threat actors. What are the chief threats that security departments face, and what are they doing about them? This session will include a first-person presentation from a CISO you’ve never seen before.
Speaker: Jonathan Feldman, CIO, City of Asheville
|11:00 - 11:30 AM||Speed Session: “Today’s Enterprise Threat Environment”|
Cyber attackers are in the news nearly every day, but which exploits are the ones your organization should be most concerned about? In this session, a top expert will offer a look at the latest attacks and trends, as well as the different types of attackers and their motivations. Attendees will get a deeper understanding of current exploits and attackers’ ways of thinking, as well as advice on how enterprise defenses can be adapted to mitigate these new approaches.
Speaker: Raimund Genes, Chief Technology Officer, Trend Micro
|11:30 - 11:45 AM||Lightning Talk|
|11:45 AM - 12:15 PM||Speed Session: “The Real Risks of Mobile Technology In the Enterprise”|
Everyone is saying that the introduction of mobile devices and bring-your-own-device (BYOD) policies is a security risk to the enterprise. But exactly where do those risks come from? In this session, a top expert will debunk some of the myths about mobile security while raising up some threats and vulnerabilities you may not know about.
Speaker: Eric Green, SVP, Business Development, Mobile Active Defense
|12:15 - 1:00 PM||Lunch Session: “CISO Hot Seat”|
One of the best ways to gain insight into the security problem is through the successes and failures of those who live it. In this luncheon program, the chief security officer at a major enterprise will discuss experiences in managing cyber security, best practices, pitfalls, and answer questions from attendees.
Speaker: James Christiansen, Vice President, Information Risk Management, Office of the CISO, Accuvant
|1:00 - 1:30 PM||Speed Session: “Users, Endpoints, and Passwords – What Really Works”|
It’s been happening since the first PCs were introduced in the enterprise – lost passwords, viruses, and other cyber exploits wreak havoc on your desktops and create a security risk to your corporate data. In addition, users have created new security problems by introducing new (often unauthorized) applications, surfing social networks, and engaging in other risky behaviors. In this session, an endpoint security expert will discuss what you can do to help protect your endpoints – and the users they serve.
Speaker: Phil Dunkelberger, Founder and CEO, Nok Nok Labs
|1:30 - 1:45 PM||Lightning Talk|
|1:45 - 2:15 PM||Speed Session: “Insider Threats and Preventing Data Leaks”|
Major data leaks such as Edward Snowden’s release of NSA data and the dump of military data on WikiLeaks are only the tip of the insider threat iceberg. Every day, enterprises face the threat of losing valuable insider information – not only through malicious leaks but through unintentional, accidental violations of security rules that lead to exposure of critical information. How can organizations spot the signs of a data leak and stop it before it goes too far? How can IT help prevent accidental leaks of sensitive data? A top expert offers some essential advice on stopping data loss from within.
Speaker: Jason Straight, Senior Vice President, Chief Privacy Officer, UnitedLex
|2:15 - 2:30 PM||Networking Coffee Break|
|2:30 - 3:00 PM||Speed Session: “Social Engineering – How Users Get Fooled (And How to Stop It)”|
As enterprises continue to improve their technical defenses, cyber criminals have found that the weakest link in the chain is the human end user. Through a variety of disguises and deceptions, attackers are frequently able to convince users to give up data and logon credentials without resistance. How can IT organizations mitigate phishing, watering holes, and other social engineering attacks? This session offers an overview of the key concepts behind social engineering defense.
Speaker: Joe Ferrara, President & CEO, Wombat Security Technologies
|3:00 - 3:30 PM||Speed Session: “Understanding Targeted Attacks”|
In the past, most cyber attack campaigns were primarily random, and they simply exploited the most vulnerable systems they could find. Today, however, there is an increasing number of sophisticated attacks that target specific companies, data, or even employees. These attacks are often extremely well disguised and may escape the security tools that most enterprises use to screen out more random attacks. What tools and defenses are there to prevent targeted attacks on your organization? In this session, you will hear about the latest types of targeted attacks and what your enterprise can do to stop them.
Speaker: Sean Mason, VP of Incident Response, Resolution1 Security
|3:30 - 3:45 PM||Lightning Talk|
|3:45 - 4:15 PM||Speed Session: “Eliminating Risk In Cloud Computing Environments”|
Cloud computing services and technology offer a level of efficiency and cost savings that most enterprises simply can’t pass up. But does the growing use of cloud technology create a growing threat to enterprise data? How can IT organizations track and secure data as it travels through the cloud? In this session, a cloud security expert will discuss the key danger points in cloud computing and the latest technologies and practices for cloud security.
Speaker: David Stott, Senior Director, Perspecsys
|4:15 - 4:45 PM||Speed Session: “Finding and Fixing Security Vulnerabilities In Your Electronic Supply Chain”|
As organizations such as Target have discovered, cyber attackers sometimes attack indirectly, through suppliers, contractors, and customers that have access to your systems. But how can you ensure that third parties are keeping their own systems secure – and are not providing an avenue of compromise for your data? In this session, our speaker discusses the methods you can use to vet your suppliers’ security and reduce attackers’ ability to use your partners’ vulnerabilities against you.
Speaker: Daniel Pfeifle, Vice President, Exostar
|4:45 - 5:00 PM||Networking Coffee Break|
|5:00 - 5:30 PM||Speed Session: “Enterprise Application Security: Threats, Risks, and How to Mitigate Them”|
Customer databases, enterprise applications, Big Data – the keys to your enterprise’s kingdom lie in its applications. But application security is often overlooked, both by software manufacturers and by internal development teams. What steps can your organization take to find and repair application vulnerabilities – before your attackers discover them? A top applications security expert discusses key practices for scanning and securing applications, as well as offering some insight on how to improve security in your software development organization.
|5:30 - 6:00 PM||“InfoSec Free-For-All: Wrap-up and General Q&A"|
At the end of the day, many of the experts who spoke in the earlier sessions will be available to answer questions and follow up on what the attendees have heard. This final session will lead into a cocktail hour, so that attendees can speak directly with experts and network with colleagues who may face many of the same problems.
|6:00 - 7:00 PM||Networking Cocktail Reception|
|That Night||Official Interop Party|