Data Breaches: Defending Against and Responding To: Chicago (Rosemont/O’Hare), Illinois
Strategies to help your organization prepare for, defend against and respond to breaches.
December 8, 2022
9:00am-5:00pm
7 CPE / 0.7 CEU / CISSP / 7 PDU Credits Awarded
Conference location: Donald E. Stephens Convention Center Rosemont (O’Hare) Illinois
Overview
It is not a matter of if, but when your organization will be breached. Against these threats, enterprises try to build higher and more secure walls around their data and networks. This seems to be a never-ending arms race, as even the most sophisticated systems may, before long, present weaknesses that malicious technology can overcome.
What You Will Learn
In this one day conference attendees will learn:
- Security Operations and Incident Response
- How to Stop Zero Day Threats
- Third Party Assessment Prioritization: “Vendor Tiering and Due Diligence Levels”
- The Role of Identity-Powered Security to Combat and Respond to Breaches
- Cyber Risk Predictions & How to Use Them
- The Timeline of a Data Breach
- CyberThreats – How CISOs are Responding to Current & Emerging Security Risks (Panel Discussion)
Conference Program
8:00am – 9:00am: Registration and Continental Breakfast
9:00am – 9:50am: Timeline of a Data Breach
Richard Rushing, CISO, Motorola Mobility
Rushing
9:50am – 10:20am: Refreshment Break
10:20am – 11:10am: It Takes a Village to Stop Zero Day Threats – Network Performance and Security – A Unified Front Against Hackers
Michael Bacon, Director of Enterprise Solutions Marketing, Accedian
How do you stop insider threats, ransomware, supply chain attacks and other modern-day threats from wreaking havoc on today’s networks?
CIOs and CISOs alike are finding it more and more difficult to keep up with the sophistication and increasing frequency of zero-day threats, while also building a highly collaborative and effective IT team.
As businesses today focus more and more on security, there is a need to think outside the box in order to properly mitigate risks and drive network performance goals, while also improving company profitability by driving needed efficiencies and collaboration between the network operations and security teams.
Organizations are struggling to manage the multitude of tools with siloed teams – consolidating data to tell the full story across the network remains a huge challenge, and most incidents today transcend the network into the cloud and are often caused by a security event. With all the separate tools, separate dashboards and separate teams, hackers often use these separations to hide in plain sight, costing enterprises time, money, and reputation.
Come explore converged network operations and security strategies.
Michael Bacon
11:10am – 12:00pm: A Look Through the Crystal Ball into 2023: Predictions and How to Use Them to Drive a Risk-Based Approach to Security
Doug Howard, CEO, Pondurance
It’s that time of year again: Predictions time. Cybersecurity companies large and small are making their predictions about what might happen in 2023—both bad and good—in the realm of cyber risk, cyber insurance influences, regulatory changes as well as geopolitical influences. These predictions can actually be helpful drivers when it comes to re-evaluating your organization’s security maturity. How prepared are you for what is probably going to happen in the year ahead? Have you taken a ‘spray and pray’ or ‘whack a mole’ approach to risk and feel you’re always in a reactive position, or are you taking a risk-based approach to ensuring your most important risks are systematically addressed?
In this session, Doug Howard will share predictions for 2023 that will be helpful to anticipating and adequately planning for threats in the year ahead, and to taking a fresh look at whether your organization’s security program ultimately hinders or supports your business goals.
Howard
12:00pm – 12:50pm: Who Is After Us and Why? A Practical Guide and Approach to Battling Evil
Fayyaz Rajpari, Sr. Director, Product Management, Gigamon
Doing Security Operations and Incident Response can be hard if you are not experienced or trained. How can you defend against adversaries that continue to bring pain to you and your organization? It’s time to flip the script and gain unprecedented visibility into your environment and bring pain to the adversary. In this talk we will go through the process of detecting, investigating, and responding to threats using a team with examples of incident response approaches used. Guiding you through the process, procedures, and scenarios in Incident Response that enable success should be a priority.
Rajpari
12:50pm – 1:30pm: Luncheon and Exhibit Break
1:30pm – 2:20pm: The Role of Identity-Powered Security to Combat and Respond to Breaches
Nick d’Amato, Senior Solutions Engineer, Okta
Identity is the foundation of any modern security program. As organizations continue their Zero Trust journey, adopting an identity-centric approach empowers them to mitigate risk, respond to security events and prevent breaches.
Join this session to learn more about:
- Identity as a foundational component to any security program
- The role identity plays in preventing breaches
- How identity is key in a response plan for a breach
- Industry best practices when planning an identity project
d’Amato
2:20pm – 3:00pm: The “Real” Dark Web and How the Underground Economy Works
Byron Rashed, Vice President, Centripetal
The Dark Web is where the underground economy marketplace is the main source of selling and trading published leaked. The volume of the breached data available on the Dark Web exceeds 1.5 billion records, which is close to 50% of the number of Internet users on the planet.
The proactive analysis of the leaked data may create unique value for modern security community in terms of additional mechanisms for risk scoring and customers safety improvements. More and more businesses and organizations in various vertical markets started to use leaked data analysis in their security operations, protecting their enterprise, partners, employees and customers from potential network infiltration and data exfiltration, or more significant targeted threats.
This session will show actual examples of Dark Web forums and marketplaces from actual breaches and how threat actors leverage this data to monetize, blackmail, trade, and parse data to buyers, and verified sources (IP addresses and domains) containing context may help in investigations and bad actor attribution if a breach occurs. Threat intelligence and incident response units may also extract valuable information about attack patterns and additional meaningful indicators to help safeguard potential attacks.
Rashed
3:00pm – 3:30pm Refreshment Break
3:30pm – 4:10pm: Value of Investment – Balancing Data Corruption, Disaster Recovery, and Cost
Annur Sumar, Chief Technology Officer, Cloud Unity
Sumar
4:10pm – 5:00pm: CyberThreats – How CISOs are Responding to Current & Emerging Security Risks (Panel Discussion)
In this session attendees will learn from a distinguished panel of CISOs sharing their thoughts on:
- Mitigating Business Email Compromise
- Responding to Ransomware
- Reducing Risk to the Business in 2023
Moderator: Dan Horwich, President & Executive Director, CAMP Conferences
Panelists will include:
- Chris Lane, Data Protection Officer, Thor Industries
- Michael Neuman, Chief Information Security Officer, Backstop Solutions Group
- Fred Kwong, Ph.D., Vice President, Chief Information Security, DeVry University
Horwich Neuman Lane Kwong
Conference Price: $299.00 per person
Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs. CISSP is a registered certification mark of (ISC)², Inc.
Exhibits
As is always the case at CAMP IT Conferences events, the talks will not include product presentations. During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.
CONFERENCE SPONSORS
