Panel Session: Can Data Loss Prevention Get SaaSy?

Most people associate DDoS with large scale volumetric attacks. This is far from reality. Many organisations subjected to DDoS attacks are therefore unlikely to identify them or mitigate them because they simply don’t know what defences work against the huge range of attack vectors out in the wild.

DDoS is much more than experiencing degraded performance; and the operational response is as important as the technology in place to attempt to prevent the attack. Unfortunately most vulnerability management program focus on scanning and penetration testing and simulating genuine DDoS attacks is seldom on the agenda. Resilience against Denial of Service should be as prominent in IT Networks as safety is in the automotive or airline industry.

Have you ever tested your system defences and response capability?

Cybersecurity affects us all. Malicious actors are constantly scanning vulnerable systems of companies across all sectors, and healthcare organizations are a particularly attractive target. They are often responsible for the safety and security of confidential patient records, which is valuable information for malicious hackers. While the use of innovative technology in healthcare is on the rise, the industry faces tremendous risks from cyber threats due to this growing attack surface and the prevalence of dated medical hardware and software across the supply chain. This session will discuss the IoT threats facing the healthcare sector, as well as strategies for managing and mitigating threats. 

Join this webinar to learn about:
- Why the healthcare industry is a highly-targeted industry for cyber attacks
- What Internet of Things (IoT) technology is and how it’s being leveraged for crime
- Why legacy medical hardware and software exacerbates IoT-based risks
- How to manage and mitigate IoT risk in the healthcare sector

The Internet of Things is expected to grow to 30 billion devices within the next two years. This means more security and privacy risks that organizations will need to address. Learn how businesses are dealing with their IoT risk, the best practices cybersecurity professionals are recommending, and get the answer to your most pressing IoT security questions.

Join this interactive panel to learn more about:
- How the rise of IoT is impacting your organization's security
- Cybersecurity threats and most common IoT vulnerabilities
- Assessing your organization's IoT risk
- Best practices for minimizing your cyber risk
- Words of wisdom: Steps to better security and what you can do today

With: Michael Goldgof, Senior Director, Product Marketing, Barracuda
Kalani Enos Founder & CEO KEnos Technologies LLC
Nathan Wenzler, Senior Director of Cybersecurity, Moss Adams

Internet of Things (IoT) products proliferate the market today. They manifest in different forms – from a pacemaker inside a human body, to an oil and gas rig monitoring device in the remotest locations on the planet. IoT products are usually made up of small hardware devices (gateways and nodes) deployed in the field, supported by much larger software stack in the form of mobile and cloud-hosted applications that complete the product ecosystem picture.

In our presentation, we discuss threats against industrial and consumer IoT products. We demonstrate how it is possible to use cheap, publicly available hardware and open source software tools to break into Zigbee-style Wireless Sensor Networks to compromise the confidentiality and integrity of IIoT platforms (think, turning life-saving vaccines into lethal chemicals!). On the consumer IoT front, we show - with simple Android applications, how we are able to exploit vulnerabilities in Bluetooth and BLE flows. We conclude with an analysis of why such vulnerabilities occur, and how we can reform existing SDLC practices to make them relevant for next-generation technologies.

This keynote is designed to address the seemingly overwhelming collection of security concerns with which today’s leaders contend:

- Do you struggle with designing and implementing a security program that effectively achieves the goals outlined in your security mission?
- Are you interested in better understanding how hackers think, how they operate, and how to defend accordingly?
- Do you struggle to know where to invest resources in order to best deliver security to your organization?
- Are you concerned about your organization suffering a security incident under your watch?
- Are you seeking more certainty that by investing resources into a given security approach, that investment will deliver the outcomes you seek?
- Do you have the appetite and capacity for change?

If any of this describes you, this is the keynote for you! An engaging blend of research-based issue analysis combined with storytelling, this keynote seeks to empower today’s security leaders, teaching attendees how to:

- Implement a 3-phase action plan, based on years of practical experience in security research and security consulting, designed to help equip leaders to deal with modern attackers.
- Define and implement a threat model.
- Differentiate between assessment methods.
- Understand level of attacker intensity.
- Challenge conventional wisdom

As IoT devices continue to evolve in different ways, connecting (even more) the physical with the cyber world, the adversaries continue to evolve methods for compromising them for different purposes.

Based on their nature and the tasks they need to perform, the common general characteristics of IoT devices are:

- They are very minimalistic,
- They have limited resources,
- Most of them are battery-based
- They interact with other devices
- They are connected to the cloud for different reasons
- They have special RF protocols

IoT use cases (as listed below) have a lot of security challenges that haven’t been addresses properly because of the devices’ constrains, the limited budget the contractors have (cause the solutions have to be “cost-effective”) and the priority is always functionality, thus sacrificing security, therefore exposing our society to massive risks.

- Smart City
- Smart Manufacturing
- Autonomous Vehicles
- Critical Infrastructures

This is why we need to work on detecting threats in a structured way, taking into account that once attackers access to the IoT network, they won’t have much limitations moving around that network and even jumping to other networks, including IT network. When adversaries compromise IT networks, they are affecting business but when they compromise IoT devices, they can compromise our lives.

In this webinar I’m going to propose a methodology that can be applied to enhance IoT network security by mitigating IoT cyber risks using MITRE ATT&CK Framework..

Welcome to the world of IoT (Internet of Things) as more and more devices get connected online. With weak or almost no security these devices can easily become a victim, be turned into a BOT which can then be controlled and used to participate in a DDOS (Distributed Denial of Service) attack like the one that has targeted Dyn bringing popular websites like Netflix, Twitter, Amazon, AirBnb, CNN and the New York Times to their knees and offline. This session walks you through the reality check on the risks and threats that IoT devices introduce to the business and what you can do to reduce the risks.

- What are the biggest risks from IoT devices?
- What are the biggest threats from IoT devices?
- Best Practices in reducing the risks
- Future of IoT Security

Risk agnostic approaches to adopting emerging technologies are eating business for breakfast, IoT too is garnering its fair share! Unlike most other technologies, IoT adds a new dimension of less understood cyber-physical risks.

This sessions seeks to scratch the surface on strategies for assessing business technology risks in adopting IoT.

As the world becomes increasingly connected, we have become more vulnerable to IoT threats and attacks. Having a comprehensive and strong security strategy in place is vital to organisational success.

Join this exclusive panel of industry experts as they discuss:
- IoT Security Maturity Model
- Trends in cyber-attacks and breaches affecting the IoT
- How to proactively prevent breaches and attacks
- New in IoT Security
- Security Strategy recommendations for CISOs

Panelist confirmed:
- Deral Heiland, IoT Research Lead, Rapid7
- Sandy Carielli, Director of Security Technologies, Entrust Datacard

This session will explain how the world’s leading mobile operators are using the GSMA’s IoT security guidelines and assessment process to deliver trusted and robust IoT products and services to their partners and customers.

The presentation will explain the commercial benefits and long-term value that was realised by following industry best practices, and how IoT companies can overcome security challenges themselves to implement new processes and address IoT security concerns.

Bug bounty hunter and cool nerd, Jasmine Jackson will kick off our newest webinar series #SheSpeaksTech with a short talk on " Thrill of the Hunt: My Leap into Bug Bounties.

Join this webinar series for a quick starter talk with women in cybersecurity. Each webinar will explore a new tech topic by a newbie speaker. She will deliver the first 20 minutes of her 1 hour talk and open to feedback on topic, delivery and tips. Check out (https://womenscyberjutsu.org/page/SHESPEAKSTECH) for more on SheSpeakTech or to register for your 30 minutes to shine.

Tomorrow's businesses need a simpler and more scalable way to increase the resiliency of global application infrastructure, without slowing innovation, today.

Join this interactive 1-2-1 discussion where EMEA Chief Technology Officer, Paul Farrington (CISSP, MBCS) will share how leading businesses are;

- Improving the level of security awareness and addressing the skills deficit
- Enabling developers to fix flaws and prevent new ones
- Prioritising and triaging the most exploitable flaws
- Automating application security
- Providing software development leaders with really useful security metrics
- Incentivising secure development as part of their culture

This session will show you how architects and developers are making smarter choices in designing secure software. You will also learn how to report success, and investment justification, to the board whilst setting realistic expectations throughout the software development lifecycle and not just at the destination.