December 8 th 10 th 2014, Barton Creek Resort Austin, TX AGENDA Understanding and Managing the Information Risks in an Agile Connected Business

Similar documents
May 11 th 13th 2015, San Antonio, TX AGENDA Understanding and Managing the Information Risks in an Agile Connected Business

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Malware isn t The only Threat on Your Endpoints

Content Security: Protect Your Network with Five Must-Haves

Addressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model

Defending Against Data Beaches: Internal Controls for Cybersecurity

Critical Security Controls

REVOLUTIONIZING ADVANCED THREAT PROTECTION

How To Handle A Threat From A Corporate Computer System

Seven Things To Consider When Evaluating Privileged Account Security Solutions

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

Cyber security in healthcare

Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape

THE BLIND SPOT IN THREAT INTELLIGENCE THE BLIND SPOT IN THREAT INTELLIGENCE

The Hillstone and Trend Micro Joint Solution

Utilizing Security Ratings for Enterprise IT Risk Mitigation Date: June 2014 Author: Jon Oltsik, Senior Principal Analyst

WHITE PAPER Mapping Organizational Roles & Responsibilities for Social Media Risk. A Hootsuite & Nexgate White Paper

Welcome Back Roberto Casetta, Snr. Vice President International. The Story Behind The Crystal Pete Daw, Cities Urban Developer Siemens Plc

Cyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen. 14th Annual Risk Management Convention

Rethinking Information Security for Advanced Threats. CEB Information Risk Leadership Council

2012 North American Managed Security Service Providers Growth Leadership Award

Persistence Mechanisms as Indicators of Compromise

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

Requirements When Considering a Next- Generation Firewall

The Benefits of an Integrated Approach to Security in the Cloud

Defending Against Cyber Attacks with SessionLevel Network Security

Ahead of the threat with Security Intelligence

Developing Secure Software in the Age of Advanced Persistent Threats

Cisco Advanced Malware Protection for Endpoints

Rising to the Challenge

Cyber security Building confidence in your digital future

Enabling and Protecting the Open Enterprise

Address C-level Cybersecurity issues to enable and secure Digital transformation

End-user Security Analytics Strengthens Protection with ArcSight

4 Steps to Effective Mobile Application Security

Into the cybersecurity breach

Unified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice

Cybersecurity Enhancement Account. FY 2017 President s Budget

Stay ahead of insiderthreats with predictive,intelligent security

Solutions Brochure. Security that. Security Connected for Financial Services

Cybersecurity and internal audit. August 15, 2014

By John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION

Obtaining Enterprise Cybersituational

Addressing Cyber Risk Building robust cyber governance

The Protection Mission a constant endeavor

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

The Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst

Data- centric Security: A New Information Security Perimeter Date: March 2015 Author: Jon Oltsik, Senior Principal Analyst

Executive Summary 3. Snowden and Retail Breaches Influencing Security Strategies 3. Attackers are on the Inside Protect Your Privileges 3

Internal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015

Five keys to a more secure data environment

Zak Khan Director, Advanced Cyber Defence

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES

A BUSINESS CASE FOR BEHAVIORAL ANALYTICS. White Paper

Big 4 Information Security Forum

AppGuard. Defeats Malware

RETHINKING CYBER SECURITY

I D C A N A L Y S T C O N N E C T I O N

Big Data Analytics in Network Security: Computational Automation of Security Professionals

RETHINKING CYBER SECURITY

Cisco Advanced Malware Protection for Endpoints

Cybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015

CONNECTING ACCESS GOVERNANCE AND PRIVILEGED ACCESS MANAGEMENT

Healthcare Security: Improving Network Defenses While Serving Patients

Stop advanced targeted attacks, identify high risk users and control Insider Threats

CyberArk Privileged Threat Analytics. Solution Brief

External Supplier Control Requirements

Microsoft s cybersecurity commitment

Appendix. Key Areas of Concern. i. Inadequate coverage of cybersecurity risk assessment exercises

DETECTING THE ENEMY INSIDE THE NETWORK. How Tough Is It to Deal with APTs?

Services. Cybersecurity. Capgemini & Sogeti. Guiding enterprises and government through digital transformation while keeping them secure

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Addressing the blind spots in your security strategy. BT, Venafi & Blue Coat

Unified Security, ATP and more

Cisco Advanced Malware Protection

Increase insight. Reduce risk. Feel confident.

October 1 st Smart Phone Security Awareness

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

The Necessity Of Cloud- Delivered Integrated Security Platforms

PALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

Retail Security: Enabling Retail Business Innovation with Threat-Centric Security.

Advantages of Managed Security Services

Bio-inspired cyber security for your enterprise

Future Threat Landscape - How will technology evolve and what does it mean for cyber security?

Tuesday, August 19th Prevent, Detect, Respond: A Framework for Effective Cyber Defense Dr. Eric Cole, Fellow, SANS Institute

MONDAY MAY 4 TH DAY 1

CYBER AND IT SECURITY: CLOUD SECURITY FINAL SESSION. Architecture Framework Advisory Committee November 4, 2014

The Role of Security Monitoring & SIEM in Risk Management

Cybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015

Cloud Security Primer MALICIOUS NETWORK COMMUNICATIONS: WHAT ARE YOU OVERLOOKING?

Braindumps QA

IBM Smarter Cities Cybersecurity Update

Security Risk Management Strategy in a Mobile and Consumerised World

Best Practices for Information Security and IT Governance. A Management Perspective

Protecting against cyber threats and security breaches

Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record

Transcription:

December 8 th 10 th 2014, Barton Creek Resort Austin, TX AGENDA Understanding and Managing the Information Risks in an Agile Connected Business 4:30pm 6:00pm Roundtable Sessions Track 1: GRC and the Business Value of Security Moderator: Derek Brink, Aberdeen Track 2: The Changing Threat Landscape Moderator: Marc Othersen, Hess Track 3: Best Practices in Security Controls Moderator: Frank Roppelt, BNY Mellon 6:00pm 7:00pm COCKTAILS AND NETWORKING 7:00pm 10pm GALA DINNER AND KEYNOTE SPEECH Five 2015 Imperatives for Savvy CISOs Marc Othersen CISO Hess Corporation Dec 8 th - Day 1 This year saw a continued escalation in attacks from a wide range of threat sources, each possessing greater capabilities than seen before. Likewise, corporate governing bodies have increased their interest in and understanding of cybersecurity. Given this growing complexity and scrutiny, what should CISOs be thinking about in 2015? Join Marc Othersen as he explores his top five imperatives that CISOs must address this coming year and discusses the strategic elements needed to maintain positive momentum while addressing the everincreasing threats to corporate information, assets and operations.

Dec 9 th DAY 2 7:00am 8:00am BREAKFAST AND REGISTRATION 8:10am 8:50am OPENING KEYNOTE PANEL User Behaviours and Security Risk Introduced and moderated by: Derek Brink VP & Research Fellow, Aberdeen There are two sides of the coin with respect to user behaviours and security risks: In spite of all the technical security controls designed to prevent an occurrence, we all know that incidents still do occur and the root cause for many (if not most!) of these incidents are the actions of users. For this reason, changing user behaviours e.g., through investments in user awareness and training represents the critical last mile of reducing risks on the prevention side of the security risk equation. On the impact side of the security risk equation, we also know that it makes sense to be in a position to detect, respond and recover from security-related incidents more quickly when they do occur. For this purpose, leveraging visibility into user behaviours with big data and advanced analytics capabilities can help to detect and respond to insider threat (e.g., fraud, theft of IP, sabotage of IT infrastructure). In this session, panellists will share their views on: Approaches and results from investments in user awareness and training exercises (e.g., phish-train-phish ), and the corresponding reduction in risk Approaches to monitoring and recording the activities of authorized end-users and end-user systems, and how this can be used both retrospectively (e.g., audits and investigations) and proactively (e.g., identifying anomalous, potentially malicious behaviours) The appropriate balance and mix between the two, and why 9:00am 9:40am SESSION 1 Understanding the Implications of Geopolitical Events on the Security of Your Business Jim Motes, CISO, Rockwell Automation We operate in a world where corporations have global presence and thinking domestically is a luxury multi-national security officers can t afford. Security professionals have to combine foundational security knowledge with an examination of world events and the analytical application of open source intelligence. The successful security professional will have a process for tracking and associating related events. Just as important, security officers need to monitor analogous behaviors exhibited by governments to attempt predicting potential outcomes based on previous patterns. Monitoring government activities and getting a sense of the reasoning behind those activities requires us to use multiple sources for information. This program can t be successful if only one country s perspective is used. There is a growing need for security to become precognitive. Businesses are employing analytics to better use big data and there is every indication that for security has to follow the same footpath if we hope to become less reactive and improve our value to the business.

Key Takeaways: 1. Discussion of best tools to track and manage events 2. Analyzing the information How and what matters 3. Sources of information Good vs. bad sources 9:45am 10:25am SESSION 2 New Strategies for Addressing Emerging Threats and Targeted Attacks Grant Asplund- Director of Evangelism, Blue Coat Today s unknown malware, "one day wonder" websites and zero-day threats continue to evade even the best traditional security defenses. The last few highly publicized breaches in security have proven that no walls are high enough to keep out attackers. Threat actors vary enormously, and the fluidity of talent, techniques and technology behind an incident makes holistic prevention virtually untenable. To combat these threats, a modern approach to security is necessary: one that integrates real-time protection, dynamic analysis and post-breach investigation and remediation. Join this interesting discussion led by Grant Asplund to share new approaches that close the gap that exists between ongoing security operations and incident discovery, containment and resolution. 10:30am 11:10am SESSION 3 Cross-Industry Knowledge Transfer at the Intersection of Compliance and Security Dr. Dirk E. Mahling, CIO, Seattle City & Light Many industries, such as financial, utilities, and health care operate under compliance rules from government oversight organizations. The relationship between compliance rules centered on cybersecurity and a full-fledged security program are not well understood; sometimes they are even at odds with each other. Comparing notes from different industries coping with similar compliance/security issues may open innovative avenues. 11:15am 11:55am SESSION 4 Just In Time, Just Enough Access via Adaptive Privilege Management Richard Weeks- VP, Channel Sales & Business Development, Lieberman Software The reality is that you are dealing with: A porous perimeter APTs like pass-the-hash Ineffective firewalls, anti-malware, and anti-virus software Make the assumption that intruders are already within your environment because they will get in. What can you do to limit their access? We will discuss best practices to minimize persistent access by intruders. This session will explain how adaptive privileged security is used to: 1. Minimize lateral motion in the environment 2. Time-limit the value of credentials 3. Control scope of access for authorized users with real reasons for access

12:00pm 12:45pm SESSION 5 Growing Cyber Threats Demand Advanced Mitigation Strategies Jeff Synder VP Cyber Programs, Ratheon 12:50 pm 1:50pm Lunch & Networking 1:55pm 2:35pm SESSION 6 The New Security Model: Before, During, and After an Attack Jason Wright- Senior Field Product Manager, Cisco In the real world, it's no longer a matter of if an attacker will get in, but when. Security professionals need to evolve their strategy from a point-in-time approach to a continuous model that addresses the full attack continuum before, during and after an attack. BEFORE: You can't protect what you can't see. To defend against threats you need complete visibility of devices, operating systems, services, files, applications, users, vulnerabilities and more. This information is used to create access control policies and identify users. DURING: Advanced threats require advanced threat detection. Point in time detection methodologies must be sophisticated and updated with automated threat detection feeds for effective blocking of known threats. AFTER: But what about the unknown threats? Invariably some of these attacks will be successful. The future of network security relies on the ability to look back at the decisions made in the DURING phase and ask if the right decision was made. As new information becomes available, technologies need the ability to change their mind! 1. Explore the Cisco approach to cybersecurity that is visibility-driven, threat-focused and platform-based 2. Perform live policy and attack demos that illustrate solutions to real-world problems across multiple products 3. Illustrate tools that enable a before, during and after security solution in action 2:40pm 3:20pm SESSION 7 The Road to Automated Threat Hunting Marc Othersen CISO, Hess Corp As cyber threats continue to evolve in frequency, complexity, and impact, successfully hunting for threats with a technology environment is a critical capability of modern IT security programs. In this presentation, Marc Othersen will discuss the importance of threat hunting capabilities to detect advanced threats, outline a framework for a threat hunting capability, and will present a case study on how automation can give IT security programs a significant advantage versus manual hunting activities. Key takeaways: The basic building blocks for an effective threat hunting capability Techniques and requirements for automation Caveats for consideration when starting the automated threat hunting journey

3:25pm 4:05pm SESSION 8 Lessons From One Trillion Transactions Best Practices in Internet Security Dan Druker- CMO, Zscaler The world of IT security is undergoing tremendous change. The unstoppable momentum of the Internet and cloud computing, the ubiquity of mobile devices and the emergence of the Internet of things have together turned the IT security landscape upside down. Zscaler is one of the world s largest Internet security providers we protect more than 5,000 global enterprises, governments and military organizations with our award-winning Security as a Service platform helping them stay safe from cyber-threats, stop leakage of intellectual property, and ensuring compliance with corporate, legal and statutory requirements for Internet usage. In this session, Zscaler will share the latest Internet security and compliance findings from mining more than one trillion transactions. We ll cover best practices for dealing with Internet security and compliance in today s cloud and mobile-first world. In addition we will share and discuss: 1. The latest cyber-threat landscape what attacks are trending, who the bad guys are, what they are up to and how you can protect yourself. 2. How Google, Facebook and virtually all commercial cloud providers are forcing the use of SSL encryption on the Internet potentially making you blind to what s going on with more than 50% of your traffic and opening a new way for evil-doers to hide their malicious efforts. 3. The case for cloud-based Internet security just like the CRM market shifted from Siebel to Salesforce and the email market shifted from Microsoft Exchange to Gmail and Office 365, hardware appliance-based approaches to Internet security are rapidly giving way to cloud-based Security as a Service platforms. 4. Lessons learned from more than 5,000 leading global organizations, including Nestle, Coca-Cola, GE, United Airlines, Humana, British American Tobacco, Pitney Bowes, the United States Marines and NATO, that have adopted cloud-based Internet security. 4:10pm 4:50pm SESSION 9 Incident Response Communications The Good, The Bad and The Ugly Derek E. Brink-Vice President and Research Fellow, Aberdeen Group We strongly regret the unauthorized disclosure of your personal information We want to assure you that we take security and privacy very seriously. If your organization has experienced a security breach (even if it has done all the right things), you still have to communicate to your customers about an awkward and unpleasant topic. Platitudes such as we regret and we take this very seriously just don t cut it. There are certain things they want to know: What happened? Who is accountable? What steps are being taken to prevent it from happening again? How will they be made whole? This workshop, led by Aberdeen Group research fellow Derek Brink, will: Highlight some of his work in the area of how organizations communicate publicly about security incidents (be forewarned: most of it is very bad) Establish a framework for effective incident response communications Use the framework to grade a couple of public incidents for group discussion Participants will gain a new perspective on their organization s current state of preparation for potential crisis communications related to information security and most likely a new item on their to-do list for when then get back to the office.

4:55pm 5:35pm SESSION 10 Third Party Risk Management How are you Managing the Vulnerabilities of your Third Parties Leader: Frank Roppelt BMY Mellon The use of 3rd Party Service Providers is continuing to grow within your organizations and will remain an upward trend for the future as cost savings compel the business to outsource their operations and streamline their processes for maximum efficiency. The presentation will provide insight on common risks related to engaging 3rd party vendors, the process of risk assessing a vendor s services and controls, guidance on how to partner with Legal, Procurement, and Finance to ensure a vendors security services and possible risks are properly reviewed and communicated. Throughout the presentation we will discuss in detail how Security needs to enable the business to succeed and therefore must inject themselves into the many processes it takes to onboard a vendor. These include but are not limited to: Security Language in the RFP to potential vendors making sure their services meets the minimal security requirements of your organization. Contract Reviews with Legal to ensure that security terms and conditions are integrated into contracts for vendors who store, process, or transmit customer, employee, or sensitive company information. Additionally that security has the right and the authority to review and make changes to contracts as they see fit. Key takeaways: - How to partner with critical departments within our organization to ensure security is part of the vendor selection - Process of Integrating Security Language into 3rd Party contracts and having a seat at the table with Legal Counsel for contract reviews and sign-off - Art of performing a detailed security risk assessment of the vendor (going beyond the checkbox methodology) - Key to performing Onsite Visits and Audits of Datacenters, SOC s, and Sensitive Information Processing Areas, verifying appropriate controls are in place - Clearly reporting risk about 3rd party vendors that make sense to the business and driving closure of risks in a timely manner. 6:45pm 7:30pm COCKTAILS AND NETWORKING 7:30pm 10pm DINNER 7:00am 8:00am: BREAKFAST 8:10am 8:50am SESSION 11 Security Risks for Operational Technologies John Patterson, Merck December 10th DAY 3 Recent events including the Stuxnet attack and various government sponsored research projects have shown that operational technologies critical to the electrical power-grid, manufacturing systems and health care infrastructure are vulnerable to external cyber attacks and intrusions. What has complicated this challenge is that although modern infrastructure and operational technologies have been developed to take advantage of the communication capabilities of the internet, the cyber security counter measures vary significantly and appear in some cases to be inadequate in mitigating the risks introduced by the use of the internet. Furthermore, if the cyber security gap is not adequately addressed, a major incident could limit the ability to fully develop new technologies that depend on internet based operation and communication. Additionally, the US government has recently issued various

directives and is now considering legislation relating to security requirements particularly in high risk areas such as medical devices. This workshop will review the current state, evaluate existing and proposed legislation and offer practical use cases on how to identify and mitigate the cyber risks associated with operational technologies. 8:55am 9:35am Session 12 Balancing Security and Opportunity in the Mobile Era Mobile technology is enabling new ways businesses can engage with their employees and customers. With the proliferation of mobile devices and apps in the workplace, the concern for security has significantly heightened. In this session we ll discuss best practices you can use to implement a layered approach to protecting corporate data and employee privacy, while elevating productivity in this new model. 9:40am 10:25 am Roundtable Sessions: Track 1: GRC and the Business Value of Security Track 2: The Changing Threat Landscape Track 3: Best Practices in Security Controls 10:30am 11:10am SESSION 13 Do the Top N Security Controls Really Make Sense? Derek Brink, VP & Research Fellow, Aberdeen The Australian Defense Signals Directorate has its DSD Top 4 the SANS Institute has its First Five Quick Wins, as part of 20 Critical Security Controls the key question for this workshop is: Do these initiatives provide a welcome way to cut through the complexity of potential security controls that has been referred to as the fog of more, Or do they represent an impossible one size fits all approach to the balance of risk, cost, compliance and usability that every organization has to decide for itself? This workshop, led by Aberdeen Group research fellow Derek Brink, will: Present a simple framework to map security controls in two primary dimensions: physical, administrative, or technical ; and deter / prevent, or detect / respond / restore Show a heat map of how currently deployed security controls fit in this simple framework, based on a number of benchmark studies Describe the DSD Top 4 and the SANS CSC 20 in this simple framework Discuss the key question: are the Top N controls a welcome simplification, or an impossible one-size fits all approach 11:15am 11:55am SESSION 14 Meetings & Networking 12:00pm 1:00pm LUNCH AND NETWORKING 1:05pm 1:45pm SESSION 15 TBD 1:50pm 2:30pm SESSION 16 TBD

3:20pm 3:50pm ROUNDTABLE FEEDBACK AND WRAP-UP

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information