Topic: Information Security

Seminar Topics

The Current Malware Threat Landscape & Enterprise Grade Remediation

  Presented by Malwarebytes

Malware has become one of the biggest threat challenges faced by security and IT teams. Malwarebytes Labs conducts extensive proprietary research and analysis. The findings are periodically published to help security teams better understand the nature and evolution of these threats.

This presentation will cover key findings from our newly released annual report. It will highlight malware category trends and discuss new and emerging threats to be on the watch for. There will also be a discussion of industry best practices and technologies that can help your business to prevent, detect, and remediate these threats.

Attendees will leave with insight into the current malware threat landscape, as well as an understanding of steps they can take to mitigate breaches.

If You Don’t Protect the Key, Don’t Encrypt the Data

  Presented by nCipher Security

For over 2000 years, governments, armies, businesses and lovers have been encrypting messages. For the same amount of time, the keys used to perform the encryption have been the weakest link in the chain. After 2000 years, technology has advanced such that the keys can be protected but many companies don’t understand how important it really is. Mr. Beutlich will explain in an entertaining (and sometimes graphic) fashion why protecting the encryption key is more important than the encryption itself.

Mitigating Cybercrime in your Enterprise

  Presented by Fortinet

The attack surface that enterprises much protect is expanding dramatically. How do you maintain visibility and security of your traffic from IoT to the cloud. We’ll explore the threat vectors that cyber criminals use to penetrate your defenses and the security tools you can use to defend against those attacks.

Check Point Software

  Presented by Check Point Software

The growth of and use of public clouds has been unprecedented, with no signs of abating. Today, the use of public clouds for enterprise datacenters is mainstream. And for good reason; the advantages are significant and the gained agility undisputable. However, the number of services and options being offered by the public cloud providers today can be daunting. The breadth and depth of services and choice is increasing daily.

With these choices come consequences; it is a ‘one strike and you’re out’ environment. Just one misconfiguration can potentially put your entire organization at risk…or worse. It is this combination of seemingly endless choice along with the ease of access and use that creates the potential for catastrophe. Moreover, just imagine trying to find out if any of your S3 buckets are exposed or misconfigured when you have thousands of them. It’s like finding a needle in a stack of needles.

While most everyone will agree the public cloud environments being offered today are extremely comprehensive and very powerful, in unskilled hands, one fat-finger can have dire consequences. And, as you expand your use and implement ephemeral cloud-native services such as Amazon Lambda functions and other cloud-native platform components (RSDA, Redshift, ELF, ALB, ECS) new challenges will arise when conducting threat-detection and attribution.

In this session you will learn why Gartner says, “Through 2022, at least 95% of cloud security failures will be the customer’s fault.”

Adapting to Fight Back: How Cyber AI Neutralizes Never-Before-Seen Threats

  Presented by Darktrace

In a world that is increasingly digital, cyber-attack has become the most significant risk confronting today’s businesses, smart cities, and critical infrastructure. Online crime cost the world more than half a trillion dollars last year, while recent attacks have managed to influence the U.S. presidential election and disrupt the Ukrainian power supply. This troubling state of affairs is the product of several fundamental weaknesses with the traditional approach to cyber defense, which relies on predefining what threats look like at a time when criminals launch never-before-seen attacks daily. Moreover, these attacks increasingly strike at machine-speed, preventing security professionals from responding before their damage is done.

Fileless Attacks: A Look into Several Techniques Used by APT32

  Presented by BlackBerry Cylance & Structured Communications

Fileless attacks have grown in popularity resulting in the decline of more traditional executable malware. While fileless attacks are not executable files, the vast majority actually come from a file; weaponized documents. Come see this session to get a deep understanding of several techniques being used today by APT32/OceanLotus to attack their victims. You will learn how to replicate their techniques to better test your defenses.

Master the Edge: How to Achieve Context-Aware, Secure Access in a Mobile Era

  Presented by Aruba, a HPE Company & Structured Communication

Are you juggling disparate security platforms and struggling to make sense of the data? Do you need to share information and insights across teams but lack a cohesive way to do that? If so, attend this session. Learn how to deploy an open, multi-vendor Enterprise security framework that gives security and IT teams an integrated way to gain visibility, control and advanced threat defense. See how security prioritization and machine learning helps organizations leverage existing third-party solutions to better protect investments and implement proactive risk controls.

Architecting the New SD-WAN Edge for the Cloud-first Enterprise

  Presented by Silver Peak

Adoption of cloud services has driven enterprises to re-think WAN architecture. Architectures based on traditional, manually-programmed routers can’t keep pace. A business-driven SD-WAN can provide secure direct connections from the branch to SaaS/IaaS across the internet, significantly increasing application performance resulting in a superior end-user QoEx (Quality of Experience). By integrating SD-WAN, WAN optimization, routing and security in a single unified platform, enterprises can simplify branch WAN edge architecture, accelerating time to value and dramatically reducing operational costs. From a centralized SD-WAN orchestrator, application priorities and QoS and security policies may be configured and assigned to automate traffic handling across the WAN. A single mouse click distributes SD-WAN configuration parameters to all sites, improving operational efficiency and minimizing the potential for human errors that can negatively impact application availability and enterprise security. This session will describe why SD-WAN adoption continues at a breakneck pace because of the user productivity, agility and cost savings benefits that a business-driven SD-WAN delivers.

Active Directory Security: Early Stage Attack Activities to Watch For

  Presented by STEALTHbits Technologies

Attackers have demonstrated a consistent and ongoing ability to obtain access to workstations inside the network boundary through phishing and other web and email attacks. From here, attackers set their sights on gaining control of Active Directory as a means to an end; compromising Active Directory is an easy way to gain access to all critical corporate data and resources. Darin will discuss two early stage attack activities: LDAP reconnaissance and Password Spraying – that allow attackers to move laterally inside your AD environment. Detection strategies and mitigation steps will also be explained.