Topic: Information Security

Seminar Topics

Controlling Application & Systems Access with Microsegmentation

  Presented by IVOXY Consulting

Being able to control access to systems & applications based on identity has been an ideal for many, many years. It’s only been recently that we’ve gotten the ability to control access to/from any system and/or any application. Microsegmentation technology can be deployed without downtime & without service interruption (well, if you do it right!). Anyone who has been through a pen test knows that our on-prem & cloud datacenters are largely wide-open: There’s nothing to stop malware from a PC or infected server from spreading.

Join IVOXY Consulting to learn how microsegmentation works & how your datacenter can benefit from one of the hottest trends in information security today.

Building a Security Program with the CIS Control

  Presented by CompuNet

Developing an effective security program is a complex undertaking. Let’s jumpstart the process! We’ll discuss leveraging the Center for Information Security’s Critical Security Control framework to identify and prioritize security controls based on efficacy and business impact. After a brief overview of the CIS CSC, we’ll discuss the ongoing measurement and reporting necessary to organize a diverse set of tools into a well-managed information security program. We’ll also demonstrate and share freely available tools to help organizations perform internal assessments and leverage benchmark configuration guides.

The Current Malware Threat Landscape & Enterprise Grade Remediation

  Presented by Malwarebytes

Malware has become one of the biggest threat challenges faced by security and IT teams. Malwarebytes Labs conducts extensive proprietary research and analysis. The findings are periodically published to help security teams better understand the nature and evolution of these threats.

This presentation will cover key findings from our newly released annual report. It will highlight malware category trends and discuss new and emerging threats to be on the watch for. There will also be a discussion of industry best practices and technologies that can help your business to prevent, detect, and remediate these threats.

Attendees will leave with insight into the current malware threat landscape, as well as an understanding of steps they can take to mitigate breaches.

If You Don’t Protect the Key, Don’t Encrypt the Data

  Presented by nCipher Security

For over 2000 years, governments, armies, businesses and lovers have been encrypting messages. For the same amount of time, the keys used to perform the encryption have been the weakest link in the chain. After 2000 years, technology has advanced such that the keys can be protected but many companies don’t understand how important it really is. Mr. Beutlich will explain in an entertaining (and sometimes graphic) fashion why protecting the encryption key is more important than the encryption itself.

Mitigating Cybercrime in your Enterprise

  Presented by Fortinet

The attack surface that enterprises much protect is expanding dramatically. How do you maintain visibility and security of your traffic from IoT to the cloud. We’ll explore the threat vectors that cyber criminals use to penetrate your defenses and the security tools you can use to defend against those attacks.

Check Point Software

  Presented by Check Point Software

The growth of and use of public clouds has been unprecedented, with no signs of abating. Today, the use of public clouds for enterprise datacenters is mainstream. And for good reason; the advantages are significant and the gained agility undisputable. However, the number of services and options being offered by the public cloud providers today can be daunting. The breadth and depth of services and choice is increasing daily.

With these choices come consequences; it is a ‘one strike and you’re out’ environment. Just one misconfiguration can potentially put your entire organization at risk…or worse. It is this combination of seemingly endless choice along with the ease of access and use that creates the potential for catastrophe. Moreover, just imagine trying to find out if any of your S3 buckets are exposed or misconfigured when you have thousands of them. It’s like finding a needle in a stack of needles.

While most everyone will agree the public cloud environments being offered today are extremely comprehensive and very powerful, in unskilled hands, one fat-finger can have dire consequences. And, as you expand your use and implement ephemeral cloud-native services such as Amazon Lambda functions and other cloud-native platform components (RSDA, Redshift, ELF, ALB, ECS) new challenges will arise when conducting threat-detection and attribution.

In this session you will learn why Gartner says, “Through 2022, at least 95% of cloud security failures will be the customer’s fault.”

Adapting to Fight Back: How Cyber AI Neutralizes Never-Before-Seen Threats

  Presented by Darktrace

In a world that is increasingly digital, cyber-attack has become the most significant risk confronting today’s businesses, smart cities, and critical infrastructure. Online crime cost the world more than half a trillion dollars last year, while recent attacks have managed to influence the U.S. presidential election and disrupt the Ukrainian power supply. This troubling state of affairs is the product of several fundamental weaknesses with the traditional approach to cyber defense, which relies on predefining what threats look like at a time when criminals launch never-before-seen attacks daily. Moreover, these attacks increasingly strike at machine-speed, preventing security professionals from responding before their damage is done.

Fileless Attacks: A Look into Several Techniques Used by APT32

  Presented by BlackBerry Cylance & Structured Communications

Fileless attacks have grown in popularity resulting in the decline of more traditional executable malware. While fileless attacks are not executable files, the vast majority actually come from a file; weaponized documents. Come see this session to get a deep understanding of several techniques being used today by APT32/OceanLotus to attack their victims. You will learn how to replicate their techniques to better test your defenses.

Master the Edge: How to Achieve Context-Aware, Secure Access in a Mobile Era

  Presented by Aruba, a HPE Company & Structured Communication

Are you juggling disparate security platforms and struggling to make sense of the data? Do you need to share information and insights across teams but lack a cohesive way to do that? If so, attend this session. Learn how to deploy an open, multi-vendor Enterprise security framework that gives security and IT teams an integrated way to gain visibility, control and advanced threat defense. See how security prioritization and machine learning helps organizations leverage existing third-party solutions to better protect investments and implement proactive risk controls.

How to Solve the Toughest Challenges in Cloud Security

  Presented by Sophos & Pine Cove Consulting

In an ever-changing, auto-scaling environment, continuous visibility of your public cloud infrastructure is vital. Join Pine Cove Consulting and Sophos Security as we discuss how you can use the power of AI and automation to simplify compliance, governance and security monitoring in the cloud.

Visibility is the foundation on which all public cloud security policies and activities are built. We will discuss how to monitor multiple cloud provider environments including Amazon Web Services (AWS) accounts, Microsoft Azure subscriptions, Google Cloud Platform (GCP) projects, Kubernetes clusters, and development code repositories. With superior visibility, layered with compliance and DevSecOps policies controls and alerts, teams can take control and build on their cloud security strategy with confidence.

Join us to learn how building a complete picture of architecture, including a full inventory and real-time network topology visualization including hosts, networks, user accounts, storage services, containers, and serverless functions, can help you improve your cloud security challenges.