Presented by Red Canary
Learn how you can prioritize the collection of ATT&CK data sources, use this information to inform technology selection, and ultimately build a strong foundation for your detection engineering program.
Presented by Arcserve
Data is expected to grow to 200 ZB by the end of 2025. More data to manage, more data to protect. IDC recommends a 3-2-1-1 best practice as a mid-market data protection strategy. The addition of the new “1” is a copy of the data on immutable storage. Backup data is a key tool in business continuity & disaster recovery planning. Securing this backup data and maintaining multiple copies of it allow for a resilient recovery plan. Your cyber security plan is incomplete without a reliable recovery plan. In the event of any disaster, natural or man-made, like a ransomware attack, getting your IT systems and workloads back on their feet as fast as possible is essential. Join us as we share best practices to help keep your data protected and secure with multiple layers of defenses. We will share our perspective on how organizations can simplify the approach of incorporating guidance from NIST’s Cybersecurity Framework into their own environments.
Presented by Steve Kleis, Principle Sales Engineer
Over the past 20 years, I’ve been fortunate to know many business owners and be part of their IT management strategy. As a trusted advisor I worked to understand their business needs and design solutions that were fast and reliable. I have extensive experience with data backup, disaster recovery (DRaaS), business continuity, cloud storage, ransomware, and Network Attached Storage (NAS).
Currently, I am a sales engineer for Arcserve/Storagecraft supporting the North Central territory. As a member of a sales team, we work to help our customers protect what’s priceless, their data.
Presented by Darktrace
In the face of skyrocketing cyber risk, detecting and responding to attacks is no longer enough. Organizations must take proactive steps to prevent threats before they happen and to recover if compromised. In this session, we’ll unveil an ambitious new approach to security, with core engines powering AI technologies to prevent, detect, respond, and ultimately heal from attacks. Together, these engines combine to strengthen organizations’ security posture in a virtuous AI feedback ‘loop,’ which provides powerful end-to-end, bespoke, and self-learning solutions unique to each organization.
Presented by Bitdefender
2021 was “the year of ransomware.” But so were 2017, 2018, 2019, and 2020 – and so far, 2022 is not very different. Ransomware is no longer a problem discussed only in the cybersecurity and tech communities – it is now a regular topic in mainstream media headlines and executive board meetings.
So why is ransomware such a menace, and why can we not seem to get rid of it? One of the reasons is that we seem to miss the continued evolution of ransomware. We keep preparing for the last war. Ransomware in 2022 is very different than ransomware in 2017, yet we still treat it the same way.
Roy Correa, Enterprise Field Engineer will help you to learn more about:
- Ransomware evolution and what we need to un-learn to effectively combat it
- The most common myths, misunderstandings, and misconceptions about ransomware and the threat actors behind it
- The most effective tips to become more cyber resilient and prevent security incidents from turning into catastrophic breaches
Presented by Check Point
As businesses rely more on email and collaboration tools to run their operations, cyber-criminals are finding new ways to compromise remote workforces. Join this session for a discussion of Social Engineering, how it works, and the different threat vectors that affect business users and their tools today. We’ll cover what a business should have in place to protect users and provide a quick focus on Harmony and how it can help address these concerns.
Presented by 42Crunch
APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. Traditional security and management approaches are failing every day as the scale and reach of API attacks increase. The time is now right for enterprises to consider a new end-to-end continuous approach to protecting their APIs. In this talk, you will learn how Global 2500 enterprises are embracing a positive security model combining shift-left and shield-right methodologies to protect their APIs throughout the API lifecycle.
Presented by Cribl
Digital transformations, cloud migrations, and persistent security threats turned observability from a niche concern to an essential capability in today’s organizations. We’re still in the early days of observability maturity, but early stumbles point to where observability must go in the future. This talk discusses where observability is today and the three critical areas necessary for observability to deliver on its promises throughout the enterprise.
Presented by Zerto
Ransomware attacks continue to rise in volume, severity, and costs to businesses attacked while cyber criminals continue inventing new and unexpected methods to spread malware and encrypt critical data. As attacks continue to specialize, no organization is immune to ransomware. So how do you avoid being forced to pay a ransom, disruptions to services and supply chains, and damage to your brand in the news? Join recovery and data protection experts from Zerto to discuss best practices for when – not if – ransomware strikes. Be prepared to minimize downtime, data loss, and mitigate the risks of ransomware. In this session, you’ll learn:
Presented by Sonatype
As nimble organizations deliver new innovations, adversaries are also upping their game; something we’ve seen in recent high-profile and devastating cyber-attacks. Bad actors have the intent and ability to exploit security vulnerabilities in the software supply chain – and in some cases plant vulnerabilities themselves. They have increased scale through automation and improved breach success through precision targeting. If we don’t fight back by doing the same – automating security directly in the DevOps pipeline – then we’ll always be at the hackers’ mercy. This session will provide new research on the above and details on how to get started.
Presented by Dr. Lisa McKee Ph.D., CISA, CDPSE, CRISC • Director of Governance, Risk, Compliance, and Privacy, Hudl
At the foundation of Zero Trust Privacy, should be data – and for good reason! Organizations that have visibility into their data and the activities around it are better equipped to implement a successful privacy program using the principles of zero trust. Many believe identity is the core principle of zero trust, but how does one implement effective access controls without knowing the data they are granting permissions to? Zero Trust Privacy supports privacy compliance while enabling the implementation of proper access controls to detect suspicious behavior, even when other security controls have been compromised.
The key points covered in this presentation will be as follows:
- Understand what Zero Trust Privacy is and why data should be the foundation of any security and privacy program.
- Identify methods for coordination and collaboration between privacy and security within a Zero Trust strategy.
- Execute techniques for implementing and overcoming challenges of integrating Zero Trust Privacy.
- Initiate discussions with organizational stakeholders on steps for creating a Zero Trust Privacy strategy for their organization.
Lisa McKee Ph.D., CISA, CDPSE, CRISC, has 20 years of industry experience in Cybersecurity, Privacy, Information Technology, Vendor Management, Software Development, IT Audit, Compliance, PCI, and GRC. McKee assists companies in conducting security and privacy assessments, program implementation, and managing compliance. She is a highly regarded privacy expert and a regularly featured speaker at conferences and events locally, nationally, and globally for IAPP, ISACA, IIA, ISC2, NEbraskaCERT, and RSAC. McKee is a member of the Accredited Standards Committee X9 providing input on industry standards. She is a member of several professional association boards and an adjunct instructor for security and privacy courses. She is passionate about privacy and security.