#Vault7 Happened. There’s No Going Back. Now What?

Massive data breaches are becoming more frequent. Personal customer data is often exposed to hackers, leaving companies and individuals to deal with the aftermath. What is the real cost of a breach and how can we prevent, detect and respond to breaches? What are some of the things to do post-breach to prevent future cyber attacks?

Join security, risk and privacy experts for an interactive Q&A discussion on:
- True cost of a breach
- Preventing breaches with solutions, processes and employee training
- How to detect attacks and breaches faster
- Appropriate response to a breach
- Post-breach attacks: Phishing, cyber fraud, account takeovers, cyber crime
- Recommendations for improved security in 2018

Speakers:
- Sean Martin, Editor-in-Chief, ITSPmagazine
- Robert M. Lee, CEO, Dragos
- Dr. Bret Fund, CEO of SecureSet
- Bernard Harguindeguy, Founder & CEO, Elastic Beam

This is a CPE credit session in partnership with ITSPmagazine and (ISC)². This panel will be streamed LIVE from San Francisco during RSAC week.

The General Data Protection Regulation (GDPR) is a European Union law, but it's going to impact businesses beyond the EU. Basically, any business that collects and processes personal data of EU individuals will need to achieve GDPR compliance by deadline day, May 25th, 2018.

What are the privacy & security requirements for being GDPR compliant? -
- Why we should think beyond GDPR when it comes to improving data security?
- Are you compliant / ready when GDPR goes into effect next month?
- What are some last-minute items to complete before the GDPR deadline?

Join top experts for this interactive Q&A roundtable, streamed LIVE during RSAC week, as they discuss the implication of GDPR on managing digital identity, customer data, privacy and cyber security.

Speakers:
- Dr. Christopher Pierson, CEO, Binary Sun Cyber Risk Advisors
- Jeff Carpenter, CISSP, CCSP, Crossmatch
- Alex Horan, Director of Product Management, Onapsis
- Elena Elkina, Partner, Aleada Consulting

This is a CPE credit session in partnership with ITSPmagazine and (ISC)².

Artificial intelligence and machine learning can power cyber attacks and disrupt the operations of organizations on a global level. ML can also help organizations detect and analyze threats faster, as well as respond to attacks and security incidents. What are the latest advancements in AL & ML? How can we incorporate ML to improve our security posture and better protect our data?

Join security experts, researchers and practitioners for an interactive Q&A roundtable discussion. Viewers will learn more about:
- The latest AI/ML trends and applications in cyber security
- ML tasks for better security
- Threats, detection & response
- Hype vs. reality
- Recommendations for CISOs

Speakers:
- Diana Kelley, Cybersecurity Field CTO, Microsoft
- Mary Writz, Director of Product Management, ArcSight, Micro Focus
- Chris Morales, Head of Security Analytics, Vectra Networks
- Barbara Kay, Sr. Director of Security, ExtraHop

This is a CPE credit session in partnership with ITSPmagazine and (ISC)². This panel will be streamed LIVE from San Francisco during RSAC week.

This is a CPE credit session in partnership with ITSPmagazine and (ISC)². Tune in for an in-depth look into how enterprises are ensuring a safe migration to the cloud, protecting our data and processes in the cloud, as well as staying up to date on the latest cyber threats.

Join top cloud and security experts for this interactive Q&A discussion on:
- The top cloud trends in 2018
- Top threats to security
- How to better safeguard our data in the cloud

Speakers:
- Sian John, Chief Security Advisor, Microsoft
- Mark Weatherford, Chief Cybersecurity Strategist, vArmour
- Dan Hubbard, Chief Security Architect, Lacework
- Lisa Green, Director People Relations, Independent Security Evaluators

The session is brought to you in partnership with ITSPmagazine and will be streamed LIVE from San Francisco during RSAC week.

Thanks for your interest in our webcast where we will be discussing how to secure applications that rely on third-party and open source software.

Aside from the data they collect, create, and store, applications can oftentimes be an organization's greatest digital asset. Building custom applications to match the customer and market demands mapped to revenue objectives and available resources can be tremendously rewarding, but also a potentially-huge undertaking.

Ultimately, time to market is always a factor ... a requirement that almost always wins out over security. One way to tackle the time and effort to deliver more quickly is to leverage third party and open source components. But, do these elements save you in the long run - or do they introduce more risk in the form of potential vulnerabilities that are either not easily uncovered (at best) or not easily patched (if patchable at all)?

To answer these questions and more, we've pulled together a group of experts that deal with these challenges on a daily basis. During their conversation, webinar attendees will learn:

- What the value of open source software (OSS) is
- What are some common cases where open source software is utilized in today's applications
- What are the security risks and pitfalls when using OSS
- A view into a few case studies for companies that have fallen victim to the risks of using OSS
- How have companies identified and mitigated the risks associates with the OSS component, Struts
- How to tune the secure software development lifecycle (SSDLC) to account for the use of open source software

Remember, when you register for this expert webcast you will also receive a download link for a new white paper titled "Application Security in an Open Source World."

Your Moderator:
Sean Martin, Editor-in-Chief, ITSPmagazine

Expert Panelists:
Kunal Anand, Co-Founder and CTO, Prevoty
Rob McCurdy, CIO, MSU
Nate Smolenski, CVP, New York Life
Andy Wickersham, AppSec Leader, Fortune 100 Co.

The recent Equifax data breach, which may have jeopardized the personal information of 143 million U.S. consumers, will likely haunt us for years to come.

Join this interactive panel with experts from the cyber security, identity and privacy space to learn more about:
- What we know occurred or is likely to have occurred
- Data Breach Timeline - too slow or too fast
- External communications - how has the breach been handled and communicated
- Internal Actions - security remediation, work with law enforcement, root cause, incident response
- External forces - lawsuits, media scrutiny, and customer communications

Speakers:
- Dr. Christopher Pierson, CSO, Viewpost
- Sarah Squire, Founder and Principal Consultant, Engage Identity
- Dr. Ravi Rajamiyer, VP of Engineering, Cavirin
- Debra J. Farber Executive Privacy & Security Consultant, Cranium USA & Host of "The Privacy Pact," ITSPmagazine

Is your company based in the US and also operating in the EU? There are things you MUST learn about the Global Data Protection Regulation (GDPR). This law, which goes into effect May 25, 2018, will have an impact on your business. This expert webinar will help you prepare for what's ahead.

Here are some topics we will be exploring:
- Why small and medium are required to meet GDPR just like big companies.
- What can small- and medium-sized companies do to reduce their exposure?
- Why is this a good thing for companies to adhere to in the long run?
- What can mid-market companies do to streamline the process?
- What is the role of outsourced services in this? What are they?
- What areas of waste might exist that can be eliminated?

Moderator:
Sean Martin, ITSPmagazine

Panelists:
Eoin Keary, CEO, Edgescan
Phil Lee, CIPP/E, Partner, Fieldfisher
Chris Hurst, Virtual CISO, British Telecom

Is your company based in the US and also operating in the EU? There are things you MUST learn about the Global Data Protection Regulation (GDPR). This law, which goes into effect May 25, 2018, will have an impact on your business. This expert webinar will help you prepare for what's ahead.

Here are some topics we will be exploring:
- GDPR program ownership - Is a DPO necessary?
- What a risk-based regulation means to the business.
- How to manage risk and reduce exposure.
- Policy definition and control implementation requirements.
- When something goes wrong, who do you bow down to? The EU or the US?

Moderator:
Sean Martin, Editor in Chief, ITSPmagazine

Panelists:
Kurt Hagerman, Chief Information Security Officer, Armor
Mark Webber, US Managing Partner & Registered Foreign Legal Consultant, Fieldfisher
Demetrios Lazarikos (Laz), InfoSec Thought Leader, BlueLava

Is your company based in the US and also operating in the EU? There are things you MUST learn about the Global Data Protection Regulation (GDPR). This law, which goes into effect May 25, 2018, will have an impact on your business. This expert webinar will help you prepare for what's ahead.

The requirements that GDPR places on organizations are wide-ranging and will impact everything from the people in the organization, to the processes and policies guiding the organization, straight through to the technology running the business. But before you can even begin to address the GDPR you need to be able to control your data. The first step in this process is knowing precisely what data you have and putting processes and tools in place to help you expose the data you don’t know you have.

The experts on this panel will discuss and explore the following points:
- What is the Global Data Protection Regulation?
- Who does it impact and why?
- What do organizations need to be aware of as they approach their compliance program?
- What are some of the common misconceptions organizations have?
- What things are often forgotten when organizations put together their compliance program?

Moderator
Sean Martin, ITSPmagazine

Panelists
Rob Clyde, Vice Chair of the Board of Directors, ISACA
Fred Kost, SVP Marketing, HyTrust
Cody Wamsley, Data Privacy & Cybersecurity Attorney, McDonald Hopkins

Today, security on the Internet is dependent on the trust between participants on the network. This is challenging because trust involves more than humans in this case and there are over 8.7 Billion devices already online today. And, trust is about to become more involved because, according to a Cisco study, 99% of the things in the world today will be connected to the Internet in the near future which means we will need a new model for trust and digital identity to manage this massive scale of trust we will need.

In this ITSPmagazine webinar, a panel of subject matter experts will explore the challenges and solutions to building trust on the Internet of things, looking at what identity means in the world of mobile devices and other Internet-connected things. Remember, it's not just the user that has an identity...

Some of the topics planned for the discussion include:
- What are some of the devices we see being used in business?
- Why do devices need identities?
- What does device-to-user authentication look like?
- What does device-to-device authentication look like?
- What role do applications play in the IoT world?
- How can all of these identities and activities be managed and policies enforced at scale?

--------

Moderator
- Sean Martin, CISSP, Editor-in-Chief at ITSPmagazine

Expert Panelists
- David Billeter, CISO at CA Technologies
- Mandeep Khera, Information Security Thought Leader and Executive
- Naresh Persaud, Sr. Director Security, Product Marketing, CA Technologies

- Broadcast LIVE from Las Vegas during Black Hat 2017 -
Disruptors and visionaries across the globe are pushing the boundaries of science and technology, economics and industry, healthcare, policy, communications, and governance. From these advances emerge new career paths, educational disciplines, and opportunities for creation and discovery.

But things don't always work the way we expect them to, and the consequences of disruption are impossible to predict. What is sacrificed for the sake of efficiency or convenience? Who gets to make that call? Whose fault is it when pre-teens get radicalized online, or health records get misused for unauthorized research? And whose job is it to prevent that from happening? Is prevention even possible?

Individuals, enterprises, and society writ large have the right and responsibility to proactively shape and secure the future, but our ability to do so is at risk. As technology continues to proliferate without being well understood, people who fall victim to its failure or misuse feel more and more disempowered to prevent future damage. This is The Tech Effect: the complacency driven by the complexity of the technology ecosystem, and a rejection of responsibility for individual and collective safety, security, and ethics.

It’s time to take charge of our digital future.

Join us for this lively conversation.

Moderator:
- Ariel Robinson, Editor & Host, The Tech Effect, ITSPmagazine

Panelists:
- Jay Beale, CTO & COO, InGuardians
- Jessy Irwin, Security Empress at Jessysaurusrex
- Mzbat

- Broadcast LIVE from Las Vegas during Black Hat 2017 -
As a society, we continue to focus on the capabilities that new technological products and services bring to bear, leaving the security - or rather, the safety - conversation for a later date and time… if at all.

Why is this? Perhaps it’s because we don’t care. Or, perhaps it’s because we don’t understand how things work. Or, maybe it’s because we don’t know all the technical mumbo jumbo. Or, it could just be that we expect “someone else” to take care of it for us. For example, every car has a seat belt, right? We don’t have to ask for the car dealer to add seat belts for us and there really aren’t different types of seat belts available in the commercial car arena. Cars just come with seat belts - period. We expect them to be there - even if some people choose to not wear them.

Regardless of the reason(s) behind the lack of conversation surrounding cybersecurity, we should all be able to agree on one simple fact: we use these new gadgets and services completely unfettered - with little to no regard to the risks we face for our privacy and even our safety.

Attend this session to gain the initial knowledge necessary by:
- Learning to ask is this thing secure?
- Understanding how or why it is or isn’t safe to use.
- Identifying your role in your own cyber safety and that of those around you.

It’s time to open our eyes and become aware of our surroundings. Join us to become aware.

Moderator:
- Debra Farber, Host of The Privacy Pact, ITSPmagazine

Panelists:
- Chris Roberts, Chief Security Architect, Acalvio Technologies
- Dr. Christopher Pierson, CSO and General Counsel, Viewpost
- Arun Vishwanath, Associate Professor at SUNY Buffalo & Black Hat Presenter

- Broadcast LIVE from Las Vegas during Black Hat 2017 -
Innovation is moving so fast. Each day there's a new device or technological service to hit the market designed to make our lives easier, more convenient, and perhaps even healthier. They listen to us, watch us, learn about us. They help us make decisions. They “guess” our next move - our pending desire. They make decisions - even take action on our behalf. As a society we snatch up these new devices as quickly as they hit the shelves and use them with open arms, unknowingly putting our privacy and safety at risk.

How many devices are there? What are they used for? In this session, we’ll focus on the side effects associated with devices used to run our countries, our cities, our homes, our lives - even our physical being.

Ultimately, it’s about the lack of cybersecurity - because there is a lack of cybersecurity, there’s no conversation about it, and therefore there is no understanding (awareness) of what’s at risk for using these devices. It’s not necessarily a bad thing - but the fact we are making uninformed decisions as a society means we could be putting ourselves and our loved ones at risk without even knowing it.

This panel is part 1 of 2 parts - it’s all about the lack of security and the side effects it has on us as individuals and as a society. What are we trading in exchange for using these devices to make our lives “better”? Bottom line... are you (we) surrendering to the technology?

PANELISTS
- Ted Harrington, Executive Partner at Independent Security Evaluators
- Gary Hayslip, Vice President & CISO, Webroot
- Mike Ahmadi, Director of Critical Systems Security, Synopsys Software Integrity Group

MODERATOR
- Chenxi Wang, Host of The New Factor on ITSPmagazine

- Broadcast LIVE from Las Vegas during Black Hat 2017 -

Small and medium businesses face countless threats, most of which have a human at their origin. These criminals, driven by financial gain, are essentially business owners – not unlike yourself – who are looking to spend as little money and as few resources as necessary to generate as much revenue as possible. Therefore, most cybercriminals target businesses that have a false sense of security.

Why would a cybercriminal spend a fortune going after a Fortune 1,000 when they can spend a few bucks to crack a small business? Exactly!

During this live webinar, we’ll explore the types of threats that small and medium businesses face and the business risk associated with these threats. It’s easier to get hacked than you think and it’s only a matter of time before it happens. Will your business be prepared? Are you doing everything you can to protect yourself beforehand?

Knowing that perfection is not possible, our panel of experts will look at 4 key steps that small and medium businesses should take to reach a reasonable level of cybersecurity:

- How to conduct an analysis to determine risk and the need to focus on cybersecurity within your business
- How to assess the cost of a breach, a loss of information and the impact that a cybersecurity event can have on your customers and partners
- How to create a plan to protect your systems, information, revenue and customers’ data
- Best practices for guiding your implementation, from segmentation to employee access control policies to information protection controls

Join us for an extremely informative session geared towards small and medium business owners and their IT staff.

Moderator:
Sean Martin, CISSP, Editor-in-Chief, ITSPmagazine

Panelists:
Rusty Sailors, President / CTO at LP3 and Chairman, Protecting Tomorrow
Russell Mosley, Director, Infrastructure & Security, Dynaxys
Tom Caldwell, Senior Director of Engineering at Webroot

Point of sale (PoS) systems run a significant portion of a retail business and can be found in many other businesses outside of pure retail shops as well. Oftentimes, these systems are running outdated, unpatched operating systems and applications, leaving them wide open for a breach. What’s worse, is that these systems are often used by employees that, many times, have no other computer through which they can access their personal email and social media accounts; further opening them up to both phishing scams and insider abuse.

In this expert webinar, we will take a deep dive into the mounds of post-breach forensics programs to uncover the commonalities, nuances, and trends that all point to these systems as being one of the top threat vectors within an organization. The findings from multiple viewpoints will lead the attendees through a discussion that prepares them for a breach (protection), how best to respond in during an incident, and how best to manage the forensics aspects after a breach.

Some of the topics we will explore include:
-Retail industry challenges with PoS systems
-Challenges outside the pure retail space
-Flaws in the architecture of the systems and the networks they connect to
-Flaws and other misconfigurations that leave these system open for attack
-Recommendations based on real-world experience pre- and post-breach
-Review of items often missed during a breach investigation

Expert Panelists:
> William Dixon, Vice President Cyber Resilience, Stroz Friedberg, an Aon Company
> Nir Valtman, Head of Application Security at NCR Corporation
> Andreas Kaltsounis, Managing Director, Stroz Friedberg, an Aon Company

Moderator:
> Sean Martin, CISSP, Editor-in-Chief, ITSPmagazine

We live in a world enabled by and surrounded by technology - and each day there's a new device to hit the market designed to make our lives easier, more convenient, and perhaps even healthier. As a society - both as individuals and as organizations serving us - we snatch up these new devices as quickly as they hit the shelves and use them with open arms, unknowingly putting privacy and safety at risk.

FEATURED EXPERTS
> Ted Harrington, Executive Partner at Independent Security Evaluators
> Debra J Farber, Security & Privacy Executive | Founder of Orinoco.io & WISP
> Chris Roberts, Chief Security Architect at Acalvio Technologies

YOUR MODERATOR
> Sean Martin, CISSP, Founder and Editor-in-Chief, ITSPmagazine

This expert panel will look at a variety of these connected things - from connected cars to automated homes to the IoT-enabled medical devices we will have implanted in our bodies.

Join us for this expert, engaging conversation where we’ll explore:
- What personal data must we share with these devices to get the most out of them?
- What price are we willing to pay for an easier, smarter, connected life? Are we willing to sell our soul for a digital future? Because, willingly or not, we are.

- Do we actually know that we are doing that? Do we know what are we giving up in return for this streamlined world we live in? Are we able to make an informed, conscious decision? Will we ever be?

Be sure to join us for this exciting and engaging conversation!

There's a new threat running rampant that is tricking a lot of people into click malicious links in their emails - the emails appear to be from friends and colleagues connected to Google Docs.

in this webinar, we'll discuss the current situation with a few experts to get their views on what's happening and what the impact is to society. Some of the topics we will likely discuss include:

- Overview of what happened (or is still happening)
- How to spot it before getting compromised
- How does this impact consumers?
- How does it impact businesses?
- How does it introduce risk to the business given the prevalence of shadow-IT?
- How do users know if they’ve been compromised (after the fact detection)?
- What can user do to recover from a compromise?
- Anything users SHOULDN’T do?

BONUS
In addition to the Google Docs case, the panelists have agreed to briefly review the recent WannaCry case as well.

Moderator:
Sean Martin, ITSPmagazine

Panelists:
Eyal Benishti, CEO, IRONSCALES
Perry Carpenter, Chief Evangelist and Strategy Officer, KnowBe4
Jordan Wright, Senior R&D Engineer, Duo Security

E-commerce, partner portals, customer service portals, and other cloud-enabled business services: Websites are the new front door to many businesses, and we expect to gain access whenever we want, from anywhere in the world, and from any device.

But what happens to the business when the website doesn’t perform as expected? And how do you protect your website(s) from nefarious traffic looking to harm your business by bringing it down, scraping content, changing content? Do you know whether your traffic is a human user - or is it a bot? Does the language (or a lack of communication whatsoever) between the business and the IT personnel leave you wondering what the potential issues might be?

During this expert panel discussion, we will explore the business impact of an underperforming or compromised website. You will:
- Learn more about what good website performance look likes
- Gain a deeper understanding of traffic on websites
- Understand how your website's performance affects other departments within the business
- Hear practical recommendations for business leaders on how to protect your website from compromise

FEATURED EXPERTS
Tin Zaw, Director Security Solutions, Verizon Digital Media Services
Laz, InfoSec Strategist and Professor
Edward Roberts, Director of Product Marketing, Distil Networks

YOUR MODERATOR
Sean Martin, CISSP, Founder and Editor-in-Chief, ITSPmagazine

Most crime has become virtual and there is a lot out there you could worry about. If you want to protect yourself it hard to know where to start. This webinar will help you know where to focus by revealing the top 5 cyber crimes currently hitting consumers. We’ll discuss why they are so popular, how they work, what you can do to protect yourself from them. And the good news is that the steps to protect yourself from the top 5 threats are going to keep you safe from all the other threats as well.

Join Kevin Haley, Director, Symantec Security Response, and Sean Martin, Editor-in-Chief, ITSPmagazine as they have a 1:1 conversation, exploring this topic touching our society in every way imaginable.

Some of the key take-aways will be:

- What you can and can’t do to protect yourself when a company you do business with is breached.
- How to spot phishing in 2017, its harder than it use to be.
- Can you do something other than panic about ransomware.
- Learn what the next big threat will be.