Topic: Information Security

  Presented by Liran Chen, Vice President, Sales Engineering & Technical Services • Forescout

Specialized threats targeting OT environments have been around since at least 2010, with the reports of Stuxnet. Recognizing the criticality of these devices, Threat Actors have continued evolving, continuing to target OT devices, many of which are inherently insecure-by-design. Research, such as Vedere Labs’ OT:ICEFALL research project and Project Basecamp by Digital Bond from 10 years ago showed how significant the scope of vulnerable devices are that are pervasive in critical infrastructure systems. Today’s SOC needs to not only see those devices and the risks they pose while also ensuring accurate detection of the threats uniquely targeting those OT environments they’re deployed in. This session will explore this unique threat landscape and the capabilities required to combat the threats and automatically mitigate the risks specially targeting Operational Technology environments.

  Presented by Steve Riley, Field CTO • Netskope

We live in a world where everything is hybrid and the blend between personal, corporate, private, and public is ever-changing and presents us with a host of new challenges. This has increased and complicated the attack surface and the pressure to converge tools and do “more with less” is at peak levels. We must meet this watershed moment with the right team, plans, and technology.

Join this interactive session to learn:

• How to build an effective plan for change without adding to the chaos
• What consolidation approaches save money without sacrificing security
• Use cases that deliver immediate value and efficiency while improving user experience

  Presented by Tanner Harrison, Systems Engineer • Fortinet

Today’s ever-changing threat landscape challenges traditional security models. The emergence of the Zero Trust model represents a transformative approach, reshaping how organizations protect their assets. This presentation aims to demystify Zero Trust, offering a comprehensive understanding that goes beyond buzzwords. We will explore the foundational concepts of Zero Trust, emphasizing the “never trust, always verify” philosophy. By the end of this session, attendees will be equipped with the knowledge to begin their Zero Trust journey, enhancing their security posture, and protecting critical data and systems from modern threats. Whether you are a security professional, IT manager, or organizational leader, this discussion will empower you to take decisive action toward a more secure future.

  Presented by Dave Tuckman, Information Security Consultant • FRSecure

FRSecure (an Information Security company located in Edina, MN) took the results of +/- 400 Validated Information Security Assessments and 55 Incident Response Engagements conducted in 2022 and created an anonymized report from the data called: The State of Information Security. Full details and access to the report are available here: https://frsecure.com/2023-annual-infosec-report/

In this presentation, FRSecure Information Security Consultant Dave Tuckman will highlight key findings in the report, and what we can learn from it.

Understand how you can mitigate risk going forward to protect your business and clients in an ever-changing threat landscape. Dave will provide additional perspective on how you can leverage this information for a better understanding of your third-party (supply, vendor, contractor) relationships.

Topics include:

• FRSecure’s Annual State of InfoSec Report, informed by over 400 validated security assessments
• Where organizations are getting it right vs. falling behind
• How you can use this report to inform your own business’s security decisions
• How you can use this report to inform your business’s Third-Party Risk Management

  Presented by Matt Rose, Manager, Technical Sales Consulting • Entrust

Digital transformation accelerates at a fast pace, and organizations struggle to secure their digital identities. PKI as a Service (PKIaaS) is a game changer for security. It isn’t just about keys; it’s a blend of agility, scalability, and trust. PKIaaS will provide:

• Quick Deployment: PKIaaS deploys and expands in minutes to secure your business use cases.
• Cloud-Native Scalability: Growth at nearly limitless capabilities
• Security First: Entrust manages the PKI infrastructure for you

We will also review our integration and the ease in which PKIaaS plays with MDM vendors, Microsoft Active Directory and certificate automation and how to seamlessly leverage PKI with your existing enterprise IT platform.

• Microsoft Intune: Securely enroll devices, manages their lifecycle, and handle certificates.
• Other MDM vendors: PKIaaS collaborates seamlessly with various MDM partners, enhancing your Zero Trust strategy.
• Microsoft Active Directory support
• ACMEv2 and SCEP (Simple Certificate Enrollment Protocol)

As we continue to navigate security within organizations, PKIaaS will provide the assurance that you need.