Name: Stop Watching and Start Blocking: Affordable Machine-Learning Enabled Defense
Start: 2019-10-08T21:00:00Z
End: 2019-10-08T21:57:36.000Z
Location: BrightTALK
Rating: 0

Join BrightTALK and partners as we celebrate the 17th Anniversary of NCSAM in October 2020 with a series of #BeCyberSmart panels, webinar presentations and video tutorials.

In this talk, attendees will learn several hacks to protect themselves, in a cyber-attack. Cyberattacks continue to evolve, with new threats every day. So, it is vital that we all should familiarize ourselves with cyberattacks and how to the protection strategies. In this talk, I will cover the fundamental strategies to protect yourself against cybercrime. Also, I will cover the career opportunities in Cyber Security for all age groups and how can we add diversity in cyber security. 

Join us as we discuss:
Strategies to protect yourself from cybercrime before, during, and after a cyber attack 
Career opportunities in Cyber Security 
Diversity in Cyber Security.

Cyber Attack Protection Strategies

On the eve of Halloween, I’m interviewing Juanita Koilpillai to understand if SDP (software defined perimeter) is all it promises to be or just more marketing hype. Juanita is the CEO of Waverley Labs and brings a unique perspective – she’s actually implementing SDP for several federal agencies.
In a recent survey by Deloitte, more than a third of organizations are planning to adopt zero trust. Many anticipate the benefits, but adoption is difficult. Can SDP enable adoption of zero trust? How are buyers tricked into thinking Zero trust is a product? What benefits will you experience after implementing SDP as part of an inclusive zero trust strategy?
Join this BrightTALK Session to hear how SDP is implemented and how marketing can trick you into missing the real treat that SDP has to offer.

SDP- Trick or Treat?

Now, more than ever, people are working remotely. What does that mean for your laptop security on and off the network?

Learn not only how to protect against vulnerabilities but what they mean for your business.
We’ll be with you every step of the way in learning how to:
Protect each asset as an island
Give precedence to vulnerabilities based on risk
Monitor your assets effectively  

This panel is part of National Cyber Security Awareness Month (NCSAM) 2020.

Speakers: 
Mike Weber, Vice President, Coalfire (Moderator)
Josh Harr, Senior Advisory Services Consultant, Rapid7
Ulf Mattsson, Chief Security Strategis, Protegrity
Brandon Hoffman, CISO, Netenrich

How to Improve Remote Worker Security

Already a popular platform, WhatsApp, the Facebook-owned smartphone instant messaging service, posted the biggest gains due to COVID-19 according to Tech Crunch. Learn why this ubiquitous messaging app could be a security risk and what you need to know to secure WhatsApp.
In this session, you’ll discover:
+ How metadata and message data storage expose you to critical risk
+ Why the legal agreement should give you pause
+ Why WhatsApp is an effective platform for spreading disinformation
+ How the phones and humans using them increase your vulnerability
+ How to increase secure use of the app and mitigate your risk
+ Why WhatsApp leveraged by sophisticated threat actors

Speaker: Cosimo Mortola is a senior intelligence analyst at GroupSense. Cosimo previously tracked threat actors at MassMutual, and Russian disinformation and associated threat activity at FireEye. Cosimo is fluent in Russian, French, and Italian.

Securing WhatsApp - What You Need to Know Today

As Covid 19 continues to increase all over the world, an increase in cybercrime is highly enhanced. The vulnerability related work from home and the capability for increased financial benefit, cybercriminals are building their activities and develop more advanced operations. In this talk, I will cover several scenarios of Cyber attack impact due to Covid 19.

Cybercrime Trends and Threats in COVID-19

One on one interview with Allison Nixon of Unit 221B. Ms. Nixon researched the July 2020 Twitter Hack that resulted in the takeover of Vice President Biden's, President Obama's, and Bill Gates' (among others) Twitter accounts.

How The Twitter Hack Heralds a New Era of Account Takeover

No one ever expects it to happen to them. But with ransomware and cybercrime on the rise, it’s more likely than ever to discover that ransomware has locked down your system and cybercriminals are holding your data hostage. Kurtis Minder, an expert ransomware negotiator, advises executive teams when their worst cybersecurity nightmares come to life. Join us for an interview with Kurtis as we discuss:

+ What most people don’t realize about ransomware and the cybercriminals that run these exploits
+ Immediate do’s and don’t if your systems are being held captive
+ How to limit potential damage like data loss, overpaying threat actors, tarnished brand reputation, and compliance violations
+ Team Event: who to involve and when

Ransomware Negotiation Do’s and Don’ts with an Expert Negotiator

COVID-19 impacted us all in different ways. In certain ways it made us stronger and more resilient but in some cases it highlighted our weaknesses. In my world of cybersecurity, I see cybercriminals prospering and cyber security professionals are struggling to stay abreast. I want to share my experiences and advice on how to keep your cyber security team strong so it can rise to an occasion in times of crisis.

Staying Together Apart – Cyber Security Culture in Times of COVID-19

In this talk, my focus is on the application of data security in our data today's life. Attendees get to learn the security perspective of data and how they can pursue a career in security while continuing their passion for data security. 

Additionally, we will discuss the different perspectives of data security solutions such as Cloud data security, Web Browser Security, eMail Security, Payments Security, Enterprise Data Protection, Hardware security module, Key management, etc.

Application of Data Security in Daily Life

Infrastructure today is distributed and mobile, yet security architecture and technologies have not evolved and remain static and disjointed. 

This session will walk through best practices of securing Hybrid Infrastructure (Distributed & Mobile Environments), along with practical use-cases to secure multi-platform/multi-owner applications that span Cloud, SaaS, IoT/OT, Data Centers, Third-Parties and Remote Users.   

In order to understand the security and connectivity challenges with hybrid infrastructure, we will review the challenges with current security tools and approaches and provide insight into a newer, more refined model that can secure infrastructure that is becoming even more distributed, more mobile, and more diversified.

Work-From-Anywhere is Easy, But How Do You Secure-From-Anywhere?

If the overnight expansion of the remote workforce has taught us one lesson, it is that improving data protection for cloud apps has become the primary challenge facing today’s security practitioners. 

In fact, one might easily conclude that - based on the massive strategic benefits appreciated by increased cloud adoption and remote access - in the very near future many organizations may seek to offload responsibility for just about every manner of security, save user and data-centric protection. So what does this mean for security architects, management and operational staff as we move quickly toward that “cloud everything” future? 

Clearly, organizations will require stronger methods for protecting cloud data, along with user and device access when traditional network, hardware and app stack defenses have become largely outmoded. Further, as more users log into the cloud to collaborate via both managed and unmanaged devices, extended cloud security capabilities will need to account for key considerations including:

  -   How to protect against inappropriate data access and handling while enabling open shares across the huge range of sensitive company data?

  -   How to account for user and device security posture to thwart emerging threats that seek to exploit compromised accounts and endpoints?

  -   How to ensure proper enforcement and remediation when issues do arise, including the ability to encrypt or wipe information as it moves off the cloud?

In this best practices webinar, join us to discuss the hugely important challenge of addressing the confluence of cloud, user, data, and device security in the name of enabling the real-time collaboration required by today’s remote workforce. Along with the involved challenges and use cases, we’ll outline dedicated CASB solutions use cases and best practices that address this specific set of real-world challenges.

Reinventing Data Security for the Remote Workforce in A “Cloud First” World

Connected devices are everywhere. More than 83 million U.S. households have at least one smart device, according to a study by the Consumer Technology Association. In fact, U.S. households own an average of 11 Internet-connected devices, according to a study from Deloitte, including seven with screens to view content (e.g. smartphones, tablets, laptops, TVs). 

With so many devices on the home network, how is security keeping up? What is needed to make device security easier and faster?

Find out why attackers are targeting internet-connected devices, some common attack vectors, and what to do to reduce the risk of breach at the endpoint.

Join this panel of security experts to learn more about the security risks connected devices pose to your home and office, and what can be done about it:
- Connected devices - the gateway for attackers
- The likelihood that you or your company will be breached via connected devices 
- Steps to mitigate the risk of breach
- What is needed to close the gap in device security
- Best practices for protecting your smart home from online threats

This panel is part of National Cyber Security Awareness Month (NCSAM) 2020. 

We welcome and encourage audience participation and questions.

Speakers:
Chris Hazelton, Director of Security Solutions, Lookout (Moderator)
Brandon Hoffman, CISO, Netenrich
Rick Moy, Vice President of Marketing, Tempered Networks
Jack Mannino, CEO, nVisium

Securing Your Connected Devices at Home & at Work

Internet of Things (IoT) as a technology has transformed global economies through the proliferation of connected devices across multiple protocols and standards. The benefits have been highly published however, these devices can bring an enormous level of risk to businesses, security and privacy concerns for the end users. In this webinar, I discuss different IOT application landscape and identify security threats in IOT architecture.  The possible countermeasures by implementing rigorous security standards to protect data at rest and in motion drive efficiencies.

Risks and Countermeasures of IOT Devices

The proliferation of connected devices at home and in the workplace has opened the door to attackers, who often find poorly protected IoT devices as easy targets and entry points. 

This panel of security experts and industry leaders will explore the security risks that connected devices pose for individuals and organizations in the U.S. and what can be done to secure devices, deter attackers and overall minimize the risk of breach.
- How connected devices have changed the game from a cybersecurity perspective?
- Why connected devices are easy targets for attackers
- Other cyber threats to be aware of when it comes to connected devices
- What you can do to secure your devices at home and at work
- Understanding the risk of breach
- Best practices & how to #BeCyberSmart 

This panel is part of National Cyber Security Awareness Month (NCSAM) 2020.

We welcome and encourage audience participation and questions.

Speakers:
Terence Jackson, Chief Information Security Officer, Thycotic (Moderator)
Rick Holland, CISO, Vice President of Strategy, Digital Shadows
Mark Lynd, Head of Digital Business - CISSP, ISSAP & ISSMP, NETSYNC
Dirk Schrader, Global VP of Product Marketing & Business Development, NNT

Protecting Connected Devices from Cyber Threats

In this session, we will discuss a range of new emerging technologies for privacy and confidentiality in machine learning and data analytics. We will discuss how to put these technologies to work for databases and other data sources.

When we think about developing AI responsibly, there’s many different activities that we need to think about.

This session also discusses international standards and emerging privacy-enhanced computation techniques, secure multiparty computation, zero trust, cloud and trusted execution environments. We will discuss the “why, what, and how” of techniques for privacy preserving computing.

We will review how different industries are taking opportunity of these privacy preserving techniques. A retail company used secure multi-party computation to be able to respect user privacy and specific regulations and allow the retailer to gain insights while protecting the organization’s IP. Secure data-sharing is used by a healthcare organization to protect the privacy of individuals and they also store and search on encrypted medical data in cloud.

We will also review the benefits of secure data-sharing for financial institutions including a large bank that wanted to broaden access to its data lake without compromising data privacy but preserving the data’s analytical quality for machine learning purposes.

Protecting Data Privacy in Analytics and Machine Learning

Women are increasingly finding a career in healthcare IT. According to a recent article in Healthcare Finance News, women make up 66% of all entry-level healthcare employees and 30% of C-suite positions in healthcare IT.*

Our panelists are challenging the ecosystem—transforming the information technology space in healthcare, driving improved patient care, and leading with a purpose.  

Join us for an open and honest hour-long conversation with influential women in healthcare information and technology who are leading the way to a more diverse and enriched community. Gain a better understanding of the challenges and opportunities that these female executives have experienced as they have navigated their careers. Learn from them how they are leading their organizations to digitally transform and serve their patients in more effective ways. Discover how they see the healthcare ecosystem evolving to achieve more diversity and balance in the workforce. 

Webinar host pureIntegration is an IT consulting services firm, led by a team of 53% women and minorities.

*Reference: https://www.healthcarefinancenews.com/news/women-healthcare-hold-most-manager-positions-lack-minority-representation-persists

How She Got There—Women in Health IT

By popular demand, the CISO Insights series is back in October for National Cyber Security Awareness Month with a new episode on securing connected devices.

Join this interactive Q&A discussion with CISOs to learn more about:
- Why connected devices are a popular target for attackers
- Steps for easy cyber hygiene at home and at work
- Building a security culture together 
- CISO recommendations & best practices

Speakers:
- Dan Lohrmann, CSO & Chief Strategist, Security Mentor, Inc.
- Earl Duby, CISO, Lear Corporation
- Keith Hollender, former CISO; Partner, Global Cybersecurity Practice Lead at MorganFranklin Consulting
- Adam Ford, CISO of Illinois

This panel is part of National Cyber Security Awareness Month (NCSAM) 2020.

We welcome and encourage audience participation and questions.

CISO Insights: How to Practice Cyber Hygiene & #BeCyberSmart

Attracting, developing, and retaining women in cyber top talent fields (continuation on the March WiCyS Conference Keynote).

Dr. Dawn Beyer is a Lockheed Martin Senior Fellow. She has over 30 years of experience covering information security, information assurance, security engineering, cybersecurity, systems engineering, military intelligence and operations, risk assessments, strategy, and policy development and execution. She provides consultation to research and development, proposal, program, and operations and maintenance teams. She also provides guidance, direction, leadership, training, and mentoring to Engineers.

 Dr. Beyer provides leadership with visibility into cyber strategy, workforce talent, technology, capabilities, risks, policy, and opportunities. At Lockheed Martin, Dr. Beyer is the Cyber Fellows Action Team Chair.  She also engages in industry exchanges and Co-chairs the National Defense Industrial Association Cybersecurity Division and is a member of the INCOSE Systems Security Engineering Working Group. She is also a board member with the Women in CyberSecurity (WiCyS) Board of Governors.

Dr. Beyer is a retired Air Force Intelligence Officer with 24 years of service and has performed additional responsibilities as an Information Systems Security Manager, Computer Systems Security Officer, Communications Security Manager, Operations Security Manager, and Emissions Security Manager.
 
Dr. Beyer earned her Ph.D., M.S., and B.S. in Information Systems. She maintains the following certifications: Project Management Institute’s Program Management Professional (PMP)®, (ISC)2’s Certified Information Systems Security Professional (CISSP)® and Certified Secure Software Lifecycle Professional (CSSLP)®, and ISACA’s Certified Information Security Manager (CISM)®.

Women in Cyber | Top Talent Initiatives

The chief problem with cybersecurity is that most of our tools and workforce is geared to waiting for adverse events, detecting those events (sometimes months after the fact), investigating the breach that has already occurred, and then cleaning up. This slow and reactive process ensures breaches happen and security staff us overwhelmed under the noise.

This talk will focus on automation and machine learning techniques that can proactively identify threats seen in the wild based on the latest academic research. This techniques allow organizations to identify suspect infrastructure before it is used to attack them. The key to making this work is infusing machine learning with knowledge of how actual attacks work and the threat landscape. Machine learning without intelligence is merely gussied up mensa math exercises.

It isn't enough to know what the attacker will use to attack, however. Armed with this knowledge, organizations now need to safely automatically block these attacks before they occur so breaches never happen to begin with. The goal of automation must be to stop attacks before they are launched, not merely speeding up incident response. Several case studies will be discussed showing how this all can work together in the real world.

Takeaways:
- How to use machine learning and why it is essential to use strong intelligence to create models
- Techniques to use automation to block attacks before they are launched against a victim organization
- Cost-effective and safe ways to whitelist and blacklist infrastructure to insure against false positives

Stop Watching and Start Blocking: Affordable Machine-Learning Enabled Defense

Presented by

About this talk

More from this channel