Founded in 1999, ITPG Secure Compliance is dedicated to preventing information security breaches that put organizations at risk of noncompliance. Based in Vienna, VA, our subject matter experts are sought-after authorities on PCI DSS, HIPAA Security and Privacy Rule, FERPA and other industry security requirements. Our IT security consultants and virtual CISOs have decades of experience assessing security risks and vulnerabilities, recommending mitigation strategies and mapping remediation plans to strengthen enterprise security posture. We work with corporate, association, and state agency clients that span multiple industries and for multiple resellers. Visit our web site www.itpgsecure.com
Matt Mosley | Patrick Cable | Paul Williams | Jay Jacobs | Chris Novak
It's everyone's favorite time of year. What will we learn from this
year's breach reports? Join us as we review the latest data, look for
lessons and trends, and help you understand what it all means. Our
panel of experts will focus on how security professionals can learn
from the data, and hopefully avoid becoming a statistic for next
Cyber has yet to be fully integrated into the suite of business functions and monitored risks within most organizations. GRC is the mechanism to align cyber and the business, but it’s current state is not sufficient. Governance hierarchy is ineffective (CISOs reporting to the CIO or COO), Risk leveraging ambiguous risk measurements, and Compliance mistaken as security. Moving forward, Governance must be redefined, making CISOs business leaders, reporting to the Board. Risk should leverage traceable data to measure in a common business language. Compliance should be the baseline for security initiatives, not the end goal. When these initiatives can be achieved, GRC will transform cyber into a business enabler.
Jerry Caponera is the VP Cyber Risk Strategy at Nehemiah Security where he leads the effort to quantify cyber risk in financial terms. Prior to Nehemiah he founded PivotPoint Risk Analytics which focused on cyber risk quantification through value-at-risk modeling and simulations. Jerry has a broad background in cyber, having worked for incident response, malware analysis, and services companies. He has spoken at a number of conferences worldwide including ISS World MEA in Dubai, InfoSecurity Russia in Moscow, and TM World Forum in Nice, France. He holds an MBA from the University of Massachusetts, an MS in Computer Science from the University of Pennsylvania, and a BS in Electrical Engineering from the University of Buffalo.
One of the more interesting-sounding job skills today is that of the “threat hunter.” Let’s talk about the activity of “threat hunting,” and deconstruct it a little bit. The idea behind threat hunting is to proactively look for adversaries and for traces of their activity. So, is threat hunting all that it’s cracked up to be? Is looking for trouble really the best approach today? It’s very possible that the one key element of threat hunting is one fundamental assumption: That you’ve already been hacked, but you just don’t quite realize it yet. In this presentation, James will discuss the benefits and drawbacks of “active defense,” and where it fits in with other security activities.
Security operations face intensifying pressures along numerous fronts, including a constantly shifting threat landscape, an increasingly complex environment to defend, and an extreme shortage of skills. This panel of distinguished security experts will discuss the role that competitions – at the primary school, collegiate and professional levels – can play in attracting workers to the security arena, growing their skills, and developing methods to identify and defend against the greatest threats and risks of the day.
Lisa Jiggetts, the Founder & CEO of the Women's Society of Cyberjutsu, one of the fastest growing nonprofits dedicated to women in cybersecurity, will spearhead this panel of experts is cyber security and competitions.
Other panelists include Mika Devonshire, Director of Forensics and Cyber Risk Analytics at SSIC; Marcelle Lee, Threat Researcher at LookingGlass Cyber Solutions; and Dan Manson, Professor of Computer Information Systems at Cal Poly Pomona.
The prolific outburst of IoT devices in our lives has become a boon or a curse. Boon as they make it easy to interact with "Things" and Curse as they make it easy for hackers to invade our privacy and breach security.
Implementing Security in IoT devices is still after thought.This webinar looks at the challenges of securing IoT devices against threats and discusses about the options available to secure these devices.
GDPR is a huge topic, with issues ranging from "What does it mean to my business processes?" to "Do I have to care about it?" And that's besides the technical bits! Together, let's explore what it means for a sample company. We'll discuss data, geography, and business processes. You'll learn about some of the pitfalls, and some of the opportunities inherent in GDPR. And maybe we can make it work for you, instead of causing a headache. Want to find out? Just show up.
Joshua Marpet is an accomplished speaker, long time information and physical security practitioner, as well as a start up CEO and serial entrepreneur.
He has presented on topics ranging from Facial Recognition to National Security, to audiences from government agencies, law enforcement, Fortune 5 companies, and many others. His research encompasses Digital Forensics, business security maturity, and how not to start an information security business!
Joshua has been in the hot seat, at all levels of IT and Infosec. From the Federal Reserve, to law enforcement, to being an entrepreneur, Josh has been there. Let's talk.
We will be examining blockchain technology and its proliferation in our data security architectures. Our speakers will discuss their experiences with BC technology, how it’s working today, plans for taking advantage of it in the future, and possible technical issues that may affect its long term efficacy.
In this session, you will learn how an offense-informed defense approach will enable your security team to cut through the noise, be more effective at both identifying the most likely and riskiest attacks and thwarting them faster at less cost. We will discuss how to understand not only the attack vectors, the attackers’ tactics, techniques and procedures but also the residual effects so that, in an environment of almost immeasurable alerts and alarms, your team can focus on the indicators that are the most important.
Jeff Schmidt, VP and Chief Cyber Security Innovator at Columbus Collaboratory is an accomplished cybersecurity expert with a background in security and risk management. He founded JAS Global Advisors LLC, a security consulting firm in Chicago, and Authis, a provider of innovative risk-managed identity services for the financial sector. Jeff is a board member for Delta Risk LLC, A Chertoff Group Company, a global advisory firm focused on security and risk management. In 1998, he worked with the FBI to create the InfraGard Program, receiving commendations from the Attorney General and the Director of the FBI. He is an adjunct professor of systems security engineering at the Stevens Institute of Technology and a Zurich Cyber Risk Fellow, Cyber Statecraft Initiative, at The Atlantic Council. Jeff received a Bachelor of Science in computer information systems and an MBA from the Fisher College of Business at The Ohio State University.
This webinar will provide an overview of the future of passwords. Passwords have become very important, protecting a treasure trove of information. You will get an inside look at the techniques and tactics used conduct password attacks. We will discuss the various countermeasures available, new improvements made to the latest operating systems to prevent successful password attacks, and how the industry is trying to eliminate passwords. We will conclude by discussing ways we can potentially circumvent new countermeasures.
Hamza Sirag Hamza is currently an Information Security consultant. He has spent the majority of his time immersed in the world of cybersecurity. He has had the opportunity to lead complex penetration tests for a variety of federal and commercial clients. He is the founder of Beltway Hackers, a Northern VA based meetup group focused on offensive cybersecurity. https://www.meetup.com/Beltway-Hackers
Beating Hackers at Their Own Game: Security Awareness Strategies That Work
If 2017’s explosion of cybersecurity breaches taught us anything, it’s that our workforces, more than ever, are one of our most critical defenses. But with as much as 30% of employees unable to spot a phishing email, how do you keep hackers from hijacking your data? The seemingly obvious answer is security awareness training. Unfortunately, many security education programs today fail to sufficiently change employees’ security attitudes, skills and behaviors -- providing a false sense of protection and safety. Even worse, 48% of companies do not have an employee security education program.
If your New Year’s infosec resolutions include launching a security awareness initiative, or reviving an existing one, what better way to guarantee results than to learn from pros who have been in your shoes. Join our expert panel as they share:
● Their most effective security awareness strategies to improve your organization’s security posture
● Proven methods to get employees to take security seriously (before a breach occurs)
● Security awareness program pitfalls to avoid and biggest lessons learned
● Predictions on what will cyber attacks will look like in the next couple years and what you should do in your security awareness program today to prepare
At the end of 2017 there were more than a million new malware samples found for Windows per day. The old ways of protecting computers are not powerful enough anymore. Join to learn how one of the leading security experts in the world, Sami Laiho, explains how to protect your endpoints proactively. You’ll learn tips & tricks on how to implement hard disk encryption, Whitelisting and Principle of Least Privilege.
Sami Laiho is one of the world’s leading professionals in the Windows OS and Security. Sami has been working with and teaching OS troubleshooting, management, and security for more than 15 years. Sami’s session was evaluated as the best session in TechEd North America, Europe and Australia in 2014, and Nordic Infrastructure Conference in 2016 and 2017. At Ignite 2017 Sami was evaluated as the Best External Speaker! Sami is also an author at PluralSight and the newly appointed conference chair at the TechMentor conference.