CSX North America Presentations and Descriptions 

 
 

As the program is developed, we will continue to add information to this page – check back frequently for updates!

Beginner Beginner
Intermediate Intermediate
Advanced Advanced

Track 1—Cybersecurity Leadership & Development

The Cybersecurity Leadership & Development track will equip attendees with both theoretical and real-world knowledge from industry leaders and security professionals regarding management best practices and effective career development techniques in the field of Security. Attendees will also learn leadership strategies on how to be more successful in the workplace.

111–Analyst View: Cybersecurity Jobs, Skills, Pay Review & Forecast Intermediate

Monday, 15 October | 10:00AM – 11:00AM

  Download Presentation

David Foote
Chief Analyst
Foote Partners, LLC

Disruptive technologies aimed at transforming new business models are exploding everywhere---but at a dangerous cost in dramatically higher cyberthreat levels. Add Blockchain, AI, IoT, and a vast array of other digital innovations to this scenario and it’s easy to see why global annual cybercrime costs are expected to reach $6 trillion by 2021 with an expected shortfall of 3.5 million cybersecurity professionals by that year. With cybersecurity job openings growing 3.5 times faster than the overall IT job market, no employer can hope to defend themselves against this cyber threat tsunami without the people to secure these new technologies. This session provides expert hard data-backed analysis of the cybersecurity talent gap and solid recommendations on what you should be thinking about in managing a security function and in your own security related career planning. Key questions will be answered:

  • Forecast: What info/cybersecurity jobs and skills will be most in demand over the next several years?
  • What’s trending right now in hot info/cybersec jobs, skills, and certifications?
  • What are the *real* info/cybersec market level salaries and skills/certifications pay premiums in 3,200 North American employers? (data from Foote Partners' 2018 IT Professional Salary Survey and 2018 IT Skills and Certifications Pay Index)
  • What should employers and tech professionals right do now to prepare for cybersecurity job evolution?
  • Viable solution: Tech People Architecture

After completing this session, you will be able to:

  • Understand the most sought after cybersecurity jobs, skills, knowledge, and experience requirements in the transition to this new world of disruptive digital technologies.
  • Compare your pay against current info/cybersecurity salaries and certifications cash premiums at 3,200 US & Canadian employers in 83 cities (data from Foote Partners’ 2018 IT Professional Salary Survey and 2018 IT Skills & Certifications Pay Index)
  • Understand infosec-to-cybersec job transition paths from 40+ industries. Also contingent versus FTE staffing options, including cross-training staff for new cybersecurity roles to build capabilities for disruptive tech.
  • Learn first-hand analyst forecast for cybersecurity jobs/skills and workforce evolution specific to Blockchain, IoT, AI/machine language, and a variety of other disruptive digital technologies.

121–Transforming Techie to Security Leader Intermediate

Monday, 15 October | 11:15AM – 12:15PM

  Download Presentation

Todd Fitzgerald, CISM,CISA,CGEIT,CRISC
Managing Director
CISO Spotlight, LLC

The session will explore the differences between operating as a technical staff vs the functions and challenges a manager faces. This will discuss the competencies required and will help those trying to decide upon this career choice. Different alternatives for the technical resource will be explained, as well as the ISACA competencies and NICE framework. The instructor has survived management roles across multiple organizations, after starting out as a techie computer programmer and then DBA.

After completing this session, you will be able to:

  • Understand security leader/CISO role and how it is different from the technical skills acquired.
  • Review different competencies needed to succeed as a manager.
  • Explore own "happiness drivers" to help make the decision.
  • Make a decision that is best for the individual.

131–Board Director Concerns About Cyber & Technology Risk Advanced Managerial

Monday, 15 October | 1:30PM – 2:30PM

  Download Presentation

Rob ClydeRob Clyde, CISM, NACD Board Leadership Fellow
Chair of ISACA’s board of directors and Executive Chair of Board of Directors, White Cloud Security, Board Director, Titus

The C-suite and boards of directors are increasingly concerned about cyber-attacks and risk. If asked, how should you present and discuss such issues with the board? Also, boards and executives are anxious to understand the business opportunity and impact and risk relative to new technologies. This session will explore ways to discuss new technologies with the board, including the Internet of Things, artificial intelligence and machine learning, augmented reality, and quantum computing. In addition, cyber-attacks continue to escalate with data breaches and RansomWare attacks being discussed at the board level. This session will explore likely questions your board will ask you as well as give advice on how guidelines for how to discuss them.

After completing this session, you will be able to:

  • Better understand business impact of new technologies and cyber risks
  • Understand board perspective relative to cyber and new technologies
  • Be prepared for likely questions the board will ask

1110–Cybersecurity Nexus Cyber Hunt, Session 1 Intermediate

Monday, 15 October | 2:45PM – 5:15PM

2017 Top-Rated SpeakerFrank Downs
Director and SME, Cybersecurity Practice
ISACA

 

 

Dustin Brewer
Manager, Cybersecurity Technical Content
ISACA

*Each session is limited to 50 attendees, this is a first come, first serve ticketed event. Please select the session at the time of registration.

The Cybersecurity Nexus Cyber Hunt is a live competition which pits participants against each other in a race against themselves and the clock to respond to a multipronged attack while concurrently conducting a penetration test against diverse asset sets. Participants will need to leverage capabilities from all cybersecurity domains, Identify, Protect, Detect, Respond, and Recover, in an attempt to outwit and outsmart other competitors and achieve the highest score!

Challenge subsets include the following skills:

  • Network scanning;
  • Vulnerability identification;
  • System hardening;
  • System exploitation;
  • Exploitation response; and
  • Much, much more!

After completing this session, you will be able to:

  • Better understand asset identification and location via scanning techniques;
  • Understand how to identify vulnerabilities on a system of responsibility;
  • Better harden systems of responsibility;
  • Understand elements of conducting a penetration test; and
  • Understand elements of responding to an incident or attack.

*Please note: To fully participate in this session, all attendees are required to bring a laptop with an Internet accessible browser.


211–CISO for Hire: How to Lose Your Job in 10 Months Advanced Managerial

Tuesday, 16 October | 10:00AM – 11:00AM

  Download Presentation

Simone Petrella
Chief Cyberstrategy Officer
CyberVista

It may seem like CEOs and their security leaders end up as the scapegoats of breaches and botched responses, but the reality is a CISOs job is hard to do well. CISOs can make their job easier by avoiding these common mistakes.

  1. Talk to the C-Suite in technical terms and jargon: Senior executives care about how risks can impact the business so tailor the way you talk about cybersecurity to your audience.
  2. Only tell the good news stories: Talk about the areas that need improvement in a professional and solutions-oriented way to get more support from the executive team.
  3. Assume 3rd party providers will effectively handle your security: Third parties introduce risk, so make sure your supply chain has the same security requirements as your organization.
  4. Think every aspect of security is equally important: If you’re not able to identify and prioritize your organization’s business risk, you won’t be able to implement an effective strategy or related controls.
  5. Expect technology to solve all of your problems: It’s critical that you invest in the right people with the right skills to sift through, analyze, and make that data actionable.
  6. Come from a place of “No”: Don’t just say “no” to things that seem risky. Communicate often with counterparts to understand the goals they’re trying to achieve.

A CISO’s job isn’t going to get easier anytime soon, but if you only take away one thing, it’s this: success on all these fronts is contingent on strong communication.

After completing this session, you will be able to:

  • More effectively engage business stakeholders across their organization and get them on board to make the security strategy effective.
  • Understand how to communicate cybersecurity as a business enabler and will learn communication strategies to help convey that message.
  • Walk away with the tools to better prioritize their own security strategies.
  • Understand the importance of allies and how your projects suit the needs of other executive team members.

221–The Journey to Become a CISO and Why They Don't Run with Scissors Intermediate

Tuesday, 16 October | 11:15AM – 12:15PM

Tammy Moskites, CISM
Managing Director & Sr. Security Executive
Accenture

 

 

Panelists:

Tim Callahan, CISSP, CPM, CTM
Senior Vice President, CSO
Aflac

 

 

John Graham Sr., CISSP, HISP
Chief Information Security Officer
Jabil

This interactive CISO Panel will share the journey to their current role. Many backgrounds with similar sets of challenges will discuss how they got there & how they get the job done. Remember it's not a race, walk and keep your scissors pointed down!

After completing this session, you will be able to:

  • Understand the journey it takes to become a CISO and the many roads they can take to align with their backgrounds and the challenges they experienced along the way.
  • Know what competencies and skillsets they must master to be successful at the executive levels through interaction with a panel of experienced CISO's
  • Walkaway with new techniques and ideas from some of the most leading CISO's that they can take away and use moving ahead in their own careers.

231–Cybersecurity Capability and Resilience

Tuesday, 16 October | 2:45PM – 3:45PM

  Download Presentation

Doug Grindstaff
New Market & Business Developer
CMMI Institute

87% of C-suite professionals and board members lack confidence in their organization’s cybersecurity initiatives, yet it’s the #1 corporate governance challenge. Cyberthreats never stop evolving, so your cybersecurity program shouldn’t either. Learn how the CMMI Cybermaturity Platform, an ISACA Cyber Solution, prioritizes weaknesses in your cybersecurity capabilities with a continually updated, evidence-based approach, so you can efficiently and effectively improve—and wisely invest.

After completing this session, you will be able to:

  • Identify the process steps for describing the security capability gaps that matter most.
  • Create a board presentation that builds board confidence.
  • Describe the difference between a compliance-based approach versus a risk-based capability approach.

241–Cyber Risk Management: Protecting Your Business While Fueling Performance Beginner

Tuesday, 16 October | 4:15PM – 5:15PM

  Download Presentation

Jacob Gregg
Senior Manager
Deloitte

 

 

Elvia Novak
Director
Deloitte

During this session, we will discuss how an effective and efficient cyber risk management program can be used to protect your brand and also fuel change and innovation. During the session, we will specifically look at:

  • Technology trends and risks: Innovations that are driving technology usage and some attendant risks
  • The present: Cost-effective methods of implementing cyber risk security measures
  • Setting up for success: Practical ways to incorporate cyber risk into your strategic risk planning processes
  • The future: Insight into how investment and ongoing management of your cyber risk program can support your organization’s future prosperity.

After completing this session, you will be able to:

  • Understand innovations that are driving technology usage and some attendant risks
  • Explain cost-effective methods of implementing cyber risk security measures
  • Plan and implement practical ways to incorporate cyber risk into your strategic risk planning processes
  • Provide insights into how investment and ongoing management of your cyber risk program can support your organization’s future prosperity

3110–Cybersecurity Nexus Cyber Hunt, Session 2 Intermediate

Wednesday, 17 October | 8:30AM – 10:45AM

2017 Top-Rated SpeakerFrank Downs
Director and SME, Cybersecurity Practice
ISACA

 

 

Dustin Brewer
Manager, Cybersecurity Technical Content
ISACA

*Each session is limited to 50 attendees, this is a first come, first serve ticketed event. Please select the session at the time of registration.

The Cybersecurity Nexus Cyber Hunt is a live competition which pits participants against each other in a race against themselves and the clock to respond to a multipronged attack while concurrently conducting a penetration test against diverse asset sets. Participants will need to leverage capabilities from all cybersecurity domains, Identify, Protect, Detect, Respond, and Recover, in an attempt to outwit and outsmart other competitors and achieve the highest score!

Challenge subsets include the following skills:

  • Network scanning;
  • Vulnerability identification;
  • System hardening;
  • System exploitation;
  • Exploitation response; and
  • Much, much more!

After completing this session, you will be able to:

  • Better understand asset identification and location via scanning techniques;
  • Understand how to identify vulnerabilities on a system of responsibility;
  • Better harden systems of responsibility;
  • Understand elements of conducting a penetration test; and
  • Understand elements of responding to an incident or attack.

*Please note: To fully participate in this session, all attendees are required to bring a laptop with an Internet accessible browser.


Return to Event Page >>
 

Track 2—Emerging Security Tools & Techniques

This track will provide attendees with concise information on emerging blockchain technology, cognitive technology, and emerging technology and the risks, implications and constraints associated with the adoption of these tools and various best practices to increase security related to them. More and more companies are turning to various emerging tools and techniques to save time and money. This track will equip the attendees with the strategies and common use cases for ensuring data remains secure.

112–The Truth About Machine Learning, AI and Cybersecurity, Part 1 Intermediate

Monday, 15 October | 10:00AM – 11:00AM

  Download Presentation

2017 Top-Rated SpeakerKeatron Evans
Managing Partner and Cyber Security Lead
KM Cyber Security LLC.

Almost every major vendor in the IT markets and Cybersecurity markets use the terms Machine Learning, AI and Deep Learning as main focal points in their new marketing propaganda. What does it all mean and what impact will advances in the AI field have on Cybersecurity in general? What should we be excited about, and looking forward to? And most importantly, what AI can we start to take advantage of today to enhance our cyber capabilities. Join me in one of my most exciting presentations yet, and take a vendor-neutral deep dive with me to see what all the hype is about.

After completing this session, you will be able to:

  • Learn the difference between AI, Machine Learning, and Deep Learning.
  • See examples of real-world applied AI that has affected positive change in Cybersecurity.
  • Learn about the problems that AI will and do help solve in Cybersecurity.
  • Learn about the problems AI can't currently help solve in Cybersecurity.

122–The Truth About Machine Learning, AI and Cybersecurity, Part 2 Intermediate

Monday, 15 October | 11:15AM – 12:15PM

  Download Presentation

2017 Top-Rated SpeakerKeatron Evans
Managing Partner and Cyber Security Lead
KM Cyber Security LLC.

Almost every major vendor in the IT markets and Cybersecurity markets use the terms Machine Learning, AI and Deep Learning as main focal points in their new marketing propaganda. What does it all mean and what impact will advances in the AI field have on Cybersecurity in general? What should we be excited about, and looking forward to? And most importantly, what AI can we start to take advantage of today to enhance our cyber capabilities. Join me in one of my most exciting presentations yet, and take a vendor-neutral deep dive with me to see what all the hype is about.

After completing this session, you will be able to:

  • Learn the difference between AI, Machine Learning, and Deep Learning.
  • See examples of real-world applied AI that has affected positive change in Cybersecurity.
  • Learn about the problems that AI will and do help solve in Cybersecurity.
  • Learn about the problems AI can't currently help solve in Cybersecurity.

132–Blockchain Strategic Initiatives Intermediate

Monday, 15 October | 1:30PM – 2:30PM

  Download Presentation

Sonia Mundra
President
Chenega Analytic Business Solutions, LLC (CABS)

All information management professionals should consider the use of blockchain as a new and exciting arrow in their quiver when it comes to IT risk management. Blockchain can essentially be described as a distributed, or decentralized, database. Both physical (tangible) and intangible assets can be digitized, and the digital footprint of the asset can be stored as a blockchain. Recording of changes provides a clear audit trail for executive leadership. Blockchain databases are considered by technology pundits to be nearly hackproof, and certainly more secure than traditional centralized databases; allowing only owners of digital assets to alter and make changes to the asset. The implications of a more efficient and more secure method of storage and way of transacting lends itself to the following use cases, which will be discussed in detail and through real-world examples: increased efficiency IT and financial auditing; blockchain’s use in credentialing and validation of personally identifiable information (PII); blockchain’s role in voting and elections; and the use of smart contracts to make and validate transactions.

After completing this session, you will be able to:

  • Understand what is blockchain.
  • Know how it can be used to create a more secure and more efficient way of storing information.
  • Understand the various use cases associated with blockchain.
  • Outline ways to implement blockchain to minimize the risk to an organization.

142–Cloud Security Fundamentals Beginner

Monday, 15 October | 2:45PM – 3:45PM

  Download Presentation

Marc Baker, MS, GSEC, GCED, GISP, GCIH, GMON, CRISC, GCPM, GCFE, GNFA, GCPM
Online Subject Matter Expert
SANS Online Training

Cloud Security Fundamentals will introduce attendees to fundamental cloud computing security concepts including access control and management, governance, logging, and encryption methods. It will also cover several security-related compliance and risk management strategies that will need to be addressed with a cloud deployment.

After completing this session, you will be able to:

  • Identify the importance and security benefits of the cloud.
  • Discuss the shared responsibility model of cloud computing.
  • Explain cloud related compliance and assurance programs.
  • Discuss security best practices of the cloud.

152–Strategies for Governing and Managing the Use of Robotic Process Automation Intermediate

Monday, 15 October | 4:15PM – 5:15PM

  Download Presentation

David Malcom
Managing Director, Internal Audit
Accenture

 

 

Jason Maslan
Managing Director
Protiviti

More and more enterprises are undergoing business transformations to digitize their business operations and automate routine business processes. One method companies are employing to accomplish this is through Robotic Process Automation. In years past, organizations looking to improve efficiencies in their workforce would outsource certain tasks to regions where labor is more cost efficient. Now, robotics provide a more efficient and less expensive alternative to offshoring or outsourcing. With the introduction of these capabilities, security and risk management leaders must ensure appropriate governance, security, and monitoring controls are implemented to prevent fraud and ensure the integrity of the robots. Risks related to implementation, access, change management, data integrity, and accountability must be appropriately managed to ensure success of the RPA program. This session will provide practical examples as to how organizations are leveraging RPA, the pitfalls associated with failed implementations, and strategies that security and risk management leaders should implement to appropriately govern and secure their organizations' RPA capabilities.

After completing this session, you will be able to:

  • Understand what Robotic Process Automation is and why companies are utilizing RPA.
  • Describe practical examples of how organizations are using RPA today to improve process efficiency and effectiveness.
  • Assess risks associated with RPA along with the rapid and widespread implications if something goes wrong.
  • Design governance and control requirements to effectively manage risks associated with RPA.

212–Why Awareness Efforts Fail Advanced Managerial

Tuesday, 16 October | 10:00AM – 11:00AM

  Download Presentation

Tracy Celaya
Principal Consultant
Go Consulting International, LLC

 

 

Ira Winkler
President
Secure Mentem

While the goals of security awareness programs are noble, the problem is that they make security related behaviors seem like a best practice, not a requirement. Poor security behaviors can and have resulted in catastrophic losses for organizations. In response, companies attempt to improve awareness. We contend that user behaviors should be specifically defined in business processes. For example, the approval process for expense reports tends to be very well defined. Why should the process for the release of W-2 data be poorly defined? The fraudulent release of the information results in massive data breaches. Most awareness programs appear to be a string of gimmicks. They attempt to deliver information in creative ways so they information is memorable. Security awareness efforts want to get people to stop and think. The problem is that people should not have to think about how to behave regarding computers and information, when every other business process specifies the behaviors. A user should not have to consider whether or not they should send valuable information to an email. We define the nature of the problem, and then move on to specify how to identify business processes that need to embed specific user behaviors. We then tell what behaviors to specify and embed those behaviors into procedures and guidelines. We then discuss how to educate the users about their behavioral requirements. Strong behaviors must be a "Must", not a "Should".

After completing this session, you will be able to:

  • Understand how security related behaviors create vulnerable business practices.
  • Identify business processes that require strong user security behaviors.
  • Specify the user behaviors that should be embedded into the business processes.
  • Create awareness programs that make people aware of their required behaviors.

222–Blockchain Technology - Beyond the Hype Intermediate

Tuesday, 16 October | 11:15AM – 12:15PM

  Download Presentation

Tuan Phan
Partner
Caplock Security, LLC

Blockchain technology was the core technology behind the meteoric run-up of Bitcoin from the low $2,000 at the start of the summer to the low $19,000 before Christmas 2017. The use of distributed computing via a peer-to-peer technology combined with cryptography enables two untrusted parties to conduct transactions without requiring a trusted intermediary. Blockchain technology has the potential to disrupt multiple industries in all recordkeeping processes, including the way transactions are initiated, processed, authorized, recorded and reported. Changes in business models and business processes may impact back-office activities such as asset management, procurement, inventory, financial reporting and tax preparation. For organizations to take advantage of the technology, organizational leaders need a deeper understanding of the benefits and costs of the blockchain technology, how it can transform their business processes, and what to avoid as one enables the technology for an enterprise. They need to understand the different types of blockchains, the pros and cons, and key attributes such as decentralization, immutability, transparency, smart contracts, and consensus mechanisms. They need to be able to articulate the requirements to senior management and prepare support staff for the skillsets required to support this complex emerging technology and to nurture the enterprise’s blockchain endeavors to fruition.

After completing this session, you will be able to:

  • Comprehend the different types of blockchain, their high-level design characteristics and constraints, costs and benefits, and their generalized usages across various industries.
  • Learn the fundamental characteristics and design elements behind the blockchain technology, how the technology provides immutability to transactions, facilitates consensus, and provide resiliency for businesses.
  • Understand the implications of adopting blockchain technology within an enterprise including regulatory landscape, availability of expertise, security and development risks, and the evolving technology framework.
  • How to best position your organization to adopt the disruptive blockchain technology while reducing risks and missteps made by other early adopters.

232–Threat Hunting Primer: Moving from a Reactive to a Proactive Mindset Intermediate

Tuesday, 16 October | 2:45PM – 3:45PM

  Download Presentation

Roger O'Farril
Information Security Team Lead
Federal Reserve Bank of Chicago

This presentation covers why security operations need to move from a reactive to a proactive mindset. We present an overview of the threat hunting concept and how it is different from traditional approaches such as incident response and forensics. The discussion starts by presenting how Incident response and Forensics are falling short detecting new and emerging threats as they are purely reactive. The solution is to move to a proactive mindset and leverage threat hunting. The concept is defined and the three components are explained: people, process, and technology. We provide examples on the value that each one brings to the table. We discuss what are the threat hunting process, the characteristics that make a great threat hunter, and a sample of what tools are needed to hunt. From there it moves on to explain how to put the pieces together to make threat hunting a reality in your company. It identifies steps to start the conversation and what to do next. It closes by recapping the material and leaves a call to action to go back to your workplace and start the threat hunting discussion.

After completing this session, you will be able to:

  • Understand the concept of threat hunting and how it is different from forensics and IR.
  • Recognize what is needed for effective threat hunting.
  • Know what you can do now to start the hunting discussion.
  • Understand some of the tools and processes that can help the hunt process

242–The Future of Identity Access ManagementIntermediate

Tuesday, 16 October | 4:15PM – 5:15PM

  Download Presentation

Darren Guccione
CEO and Co-Founder
Keeper Security, Inc

In this session, we will discuss IAM: existing threats, current solutions & future solutions. History: IAM is about defining & managing the roles & access privileges of individual network users & the circumstances in which users are granted or denied these privileges. Primary objective is to have one identity per individual. IAM tools & systems evolved as a way to help orgs track user activities, & make sure people have access to only the information & services they need. As threats evolved, tools evolved. These include password management tools, provisioning software, security-policy enforcement applications, reporting & monitoring apps, identity repository apps, SSO, 2FA, Security keys, etc. Threats: Identity theft, Compromised biometrics, Loss of time, PII, Confidential trade secrets, and revenue. Real world examples: India - world’s largest biometric identification system hacked. Edward Snowden- lack of IAM led to his discoveries. We will then review pros & cons of existing tools.

After completing this session, you will be able to:

  • Understand the history of IAM and of how we got to today's solutions.
  • Recognize the threats that exist for both consumers, businesses, and customers.
  • Know the current solutions available for IAM.
  • Recognize emerging solutions and specific tools for IAM.

312–Prepare Against Ransomware Intermediate

Wednesday, 17 October | 8:30AM – 9:30AM

  Download Presentation

Claudio Cilli, CISA, CISM, CGEIT, CRISC
University of Rome

Recent poll on ransomware show about 50% of companies suffered a ransomware attack with significant consequences. This presentation aims to explain why ransomware family (not only cryptolocker) is so effective in inducing users to their self-destruction. Many examples of real situations are shown and the social engineering role. In fact these software are designed to circumvent human capabilities and defense mechanisms leveraging to the most vulnerable parts of human nature. After a deep explanation of vulnerabilities exploited by ransomware the core of the presentation is focused in giving techniques aimed to reduce threats, which are both technical (e.g. use of cryptography, security analysis tools, etc.) and awareness-based. The final part is a collection of practical tips and techniques, including how to effectively protect our PC and safely browse the web reducing personal data exposition to the minimum.

After completing this session, you will be able to:

  • Know how ransomware works and why is so effective
  • Recognize the social engineering flow which induces user to activate ransomware
  • Understand vulnerabilities and reduce the threats
  • Comprehend the role of user awareness and training

322–The Future of Cybersecurity Defence: Cognitive Security Advanced Managerial

Wednesday, 17 October | 9:45AM – 10:45AM

Ron Williams
Sr. Technical Staff Member/Chief Architect, Infrastructure Security
IBM

Today, businesses and data security leaders are looking for ways to better anticipate and even predict threats before they happen. Companies have a huge amount of data to process and very little time to do it, and new forms of targeted attacks have evolved. These new threats require new thinking, and that’s where the latest cognitive capabilities can help.

After completing this session, you will be able to:

  • See how to better anticipate and even predict threats before they happen
  • Learn how new threats require new thinking
  • Learn more about the latest cognitive capabilities
  • Discuss cognitive security as the next level of security


Return to Event Page >>
 

Track 3—Security Risk & Compliance

There are security risks associated with the web and other information technologies. Enterprises are exposed to them due to misconfiguration of systems resulting in vulnerabilities which increase their risk factor. This track will focus on computing security concepts including access control and management, governance, and risk-management strategies and best practices including the requirements to compliance with multiple security-related regulations.

113–Insuring Your Cyber Assets Advanced Managerial

Monday, 15 October | 10:00AM – 11:00AM

  Download Presentation

Morgan Moore
Cyber Liability Underwriter
RLI Corp

 

 

2018 Top-Rated SpeakerSean Scranton, CISA, CISM, CRISC
Cyber Liability National Practice Leader
RLI Corp

The current cyber insurance environment is a swamp, with its confusing forms, high deductibles, and hidden exclusions. Many risk managers know they need cyber insurance, but don’t understand the coverages. This session will demystify the current cyber insurance landscape, with its perplexing forms and coverages, and provide you with the right questions to ask. We will propose methods to engage Security and Risk Management to help ensure appropriate risks and controls are implemented, resulting in the suitable allocation of risk mitigation, retention and transfer.

After completing this session, you will be able to:

  • Understand the current cyber insurance market landscape.
  • Identify common coverages and exclusions.
  • Ask for value-added services as part of coverage.
  • Engage ERM and Security to determine appropriate coverages.

123–Encryption: Policy to Practice, Lower Risk, Increase Compliance! Intermediate

Monday, 15 October | 11:15AM – 12:15PM

  Download Presentation

2017 Top-Rated SpeakerUday Ali Pabrai
CEO
Ecfirst

Firewall systems are the first line of defense. Encryption is the last line of defense. In between the two lines of defense, businesses deploy a multitude of security controls to prevent unauthorized access and tenacious attacks. The risk from breaches is today a seven to eight figure risk to the enterprise. Compliance security audits are rising fast, and again are a seven-figure risk to today's business. How prepared is your organization to reduce the risk associated with breaches and non-compliance with security mandates? Encryption is one of several dozens of possible security controls. Serious thought must be expended in understanding options to ensure encryption capabilities are appropriately implemented, consistently across the enterprise. Understand how to simplify the use of encryption in your organization and do so consistently. Review the process for implementation of encryption solutions across critical areas of the business infrastructure. If there is one security control that organizations must raise the priority for across several aspects of the infrastructure, it is encryption. Encryption protocols, encryption key strengths, encryption choices across mobile devices, e-media, e-mail and more may all seem confusing and overwhelming. Understand how to simplify the use of encryption in your organization and do so consistently. Step through key requirements that must be defined in an enterprise encryption standard.

After completing this session, you will be able to:

  • Examine encryption mandates defined in HIPAA Security, HITECH Act, PCI DSS, State regulations and more.
  • Review specific areas that encryption can have a significant impact in lowering enterprise risk, while improving compliance posture.
  • Step through core elements of an encryption policy to address both at rest and in motion requirements.
  • Understand how to simplify the use of encryption in your organization and do so consistently.

133–The Ocean is Full of Phish Intermediate

  Download Presentation

Monday, 15 October | 1:30PM – 2:30PM

Todd Fitzgerald
Managing Director/CISO
CISO Spotlight, LLC

Session will discuss costs of phishing, how to develop a phishing security awareness program, selecting a phishing product, questions to ask, and a case study of rolling out phishing.

After completing this session, you will be able to:

  • Build an information security Phishing awareness program
  • Understand the costs and ROI model of phishing
  • Review an actual case study of phishing in a global organization.
  • Select a phishing product by asking the right questions

143–Leveraging Privacy to Improve Cybersecurity Posture Beginner

Monday, 15 October | 2:45PM – 3:45PM

  Download Presentation

Oren Elimelech, CISM, CRISC, CISA
CISO
CyberTeam360

Privacy is integrated to PPT and as such has a big impact to every cybersecurity aspect in the organization. Understand how privacy can help organizations improve their Cybersecurity posture by leveraging process, tools & provide better risk management.

After completing this session, you will be able to:

  • Understand how to leverage privacy by design to security by design.
  • Build a cybersecurity roadmap integrating both privacy & security.
  • Know various tools available to help cybersecurity & privacy : SIEM, PAM, IAM & others.
  • Drive a cybersecurity roadmap that support and bring real value to compliance, audit (int. & ext) and risk management processes.

153–Rise of the Machines Protecting the New Identities Intermediate

Monday, 15 October | 4:15PM – 5:15PM

  Download Presentation

Tammy Moskites, CISM
Managing Director & Sr. Security Executive
Accenture

There are two kinds of actors on every network—people and machines—and both need to be secured. People rely on user names and passwords, but machines don’t. They use keys and certificates for machine-to-machine communication and authentication. We spend billions of dollars each year securing user names and passwords, but almost nothing on protecting keys and certificates. Cyber criminals, on the other hand, use unprotected keys and certificates to eavesdrop on private communications, make phishing sites or malicious code look valid, and hide nefarious activity in encrypted traffic—getting malware in and sensitive data out. Learn the different types of machines identities, where they proliferate in your network, new risks, and steps you can take immediately to get these risks under control.

After completing this session, you will be able to:

  • Know that Identities are more than just User ID's and Passwords and the importance of Machine Identities.
  • Recognize different types of machines identities, where they proliferate in your network.
  • Discuss the risks of digital/machine identities bring to your environment.
  • Understand the importance of managing Machine Identities and steps you can take immediately to get these risks under control.

213–Tackling Risk and Compliance in a Global Context Intermediate

Tuesday, 16 October | 10:00AM – 11:00AM

  Download Presentation

Moderator:

Greg Witte, CISM
Senior Security Engineer
G2 Inc

 

 

Panelists:

Brennan P. BaybeckBrennan P. Baybeck, CISA, CISM, CRISC, CISSP
Vice Chair of ISACA’s board of directors and Vice President of Global IT Risk Management
Oracle Corporation (USA)

 

 

Doug Grindstaff
New Market & Business Developer
CMMI Institute

 

 

Aaron Pritz, CISA
Advisor
Reveal Risk

While cybersecurity risk management affects every organization, it becomes particularly challenging in a dispersed, global context. While GDPR has garnered many of today’s headlines, the fact is that each region has specific security and privacy considerations that must be addressed. Even for domestic companies, dozens of states have dedicated management, monitoring, and reporting rules, not to mention sector-specific needs. Security governance becomes increasingly important and thorny when compliance and security cross international boundaries. This session provides some lessons learned from several organizations’ experience in this global context, and some ideas to apply within your own enterprise.

After completing this session, you will be able to:

  • Gain an improved understanding of governance and risk management topics that most affect organizations with an international footprint.
  • Describe specific strategies for documenting and reporting both common (centrally-managed) security practices, and those that need to occur locally for adherence to contractual/legal/regulatory requirements.
  • Understand how to apply industry frameworks (such as the NIST Cybersecurity Framework and COBIT) to help organize and communicate across boundaries about conformance needs and achievement.
  • Identify online sources of information to help understand compliance requirements and recommended methods to gain a risk advantage while fulfilling legal and contractual obligations.

223–It's Not About the Data, It's About The People Who Protect the Data Intermediate

Tuesday, 16 October | 11:15AM – 12:15PM

Deidre Diamond
CEO and Founder
CyberSN.com

 

 

Charlene Watson, CISSP, CEH, ECSA
Network Architect

As of May 2018, 36 states, D.C. and Puerto Rico have reviewed and legislated over 265 bills and/or regulations related to cybersecurity. This year, the Executive Order for Strengthening the Cybersecurity of Federal Networks and Infrastructure is finally up and running requiring intense scrutiny of all executive departments and agencies. GDPR has created a storm of oversights and initiatives Cyber Security and Risk Management experts now have to deal with or risk exposure to legalities. Cyber Risk Management Audits are now the norm, the culture, the necessity. It’s no longer optional. But how can we as IT/Cyber/Risk Management/Audit professionals help Senior leadership implement these challenges? Buy the latest software? Write more policies? Do more with less money? Less People? We argue that it starts with the people you already have who are managing and protecting your enterprise data. In short, “It’s not about the data. It’s about the people PROTECTING the data” which will help you and your enterprise meet these new federal and global Security Compliance Regulations.

After completing this session, you will be able to:

  • Use the NIST SP 800-181 (NICE) Cybersecurity Workforce to help create a practical cybersecurity development plan for your Risk Management and IT Management Personnel based on common language, projects, and tasks performed with in your organization.
  • Go through a step by step scenario for Cybersecurity Succession Planning and, using this planning, map this directly to COBIT 5 requirements for NIST SP 800-181 and 171. (Map the Position to the Process to the COBIT 5 Control).
  • Learn how to Combine daily processes of business operations derived from a subject-matter common language, in which all teammates know their role and the roles of others on the team and use this to create a template to build your Risk Response Paradigm using NIST SP 800-181 (NICE) KSAs/KUs which align to COBIT 5 Processes.
  • Be able to show senior leadership, through hard data, that investing in the people you already have, and building the processes around the positions they occupy, will lead to a better return of investment then spending more money on more cybersecurity “toys.”

233–My Privacy, Your Risk, Their ROI Advanced Technical

Tuesday, 16 October | 2:45PM – 3:45PM

  Download Presentation

Ron Williams
Sr. Technical Staff Member/Chief Architect, Infrastructure Security
IBM

 

 

Michael Robkin
 

What if your risk model is wrong? We will present cybersecurity risk analysis scenarios that incorporate the Black Hats', the defenders’, and the victims’ perspectives. We will demonstrate how commonly used risk calculations produce errors if the Black Hat ecosystem, or the moral hazards caused by legal and regulatory factors are not taken into account.

After completing this session, you will be able to:

  • Learn from cybersecurity risk analysis scenarios.
  • Discover how commonly used risk calculations produce errors if the ecosystem.
  • Understand about legal and regulatory factors.

243–Gambling with PII? Beat the House with Risk Assessment Intermediate

Tuesday, 16 October | 4:15PM – 5:15PM

  Download Presentation

Christopher Oswald, CISA, CRISC
Assistant Director, IT Audit
Princeton University

In 2016, a team of IT Audit and Human Resources Information Systems specialists at Princeton University partnered to develop a deep understanding of the life cycle of PII that is used on a daily basis by Human Resources to identify and enable additional risk reduction opportunities. This is the story of that journey. Attendees of this session will be provided with a deep look at the process that was undertaken to build and execute our first PII Risk Assessment by breaking the project down into its component parts: History and Context - what drove management's request to develop this level of insight and understanding into the lifecycle of high risk data; The Project - a deep dive into the methodology that was developed and executed to gain actionable, risk based insight from almost 80 people and how the project team synthesized, assessed and reported on risk reduction opportunities; and Lessons Learned, Outcomes and Next Steps - what we learned along the way, how we actioned our insight, applied them to future projects, risk reduction themes and how the methodology is being used and refined with other large departments. Attendees will also hear first-hand the cognitive bias towards technology tools that the team struggled with when we developed our methodology, the demand that has developed for the service offering, as well as be provided with the entire toolkit to tailor, enhance and perform this project at their own organizations.

After completing this session, you will be able to:

  • Demonstrate the value of partnering with department leaders to understand the full life-cycle: collection, use, storage and transmission of PII to enable the application of specific and actionable risk reduction opportunities.
  • Enable attendees to perform a PII risk assessment in their organization by providing a well-developed methodology, approach and tool set that compliments and enables other information security initiatives.
  • Evangelize and demonstrate the value of identifying potential cognitive biases to solving highly complex information security and risk management challenges.
  • Share real results and lessons learned from multiple PII risk assessment projects that have resulted in real risk reduction through business process modification and enhanced system controls.

313–SSH Keys—Lowest Cost, Highest Risk Tool Intermediate

Wednesday, 17 October | 8:30AM – 9:30AM

  Download Presentation

Michael Thelander
Director of Product Marketing
Venafi

Generating SSH keys is free, but poor SSH key practices expose businesses to costly risk. It takes just one SSH key for a cybercriminal to access an organization’s network and pivot to gain further access to the most sensitive systems and data. SSH keys are often used for routine administrative tasks by system administrators but are also used for secure machine-to-machine automation of critical business functions. However, the SSH keys themselves are often left unprotected. Most organizations leave it up to their system administrators to get and manage their own SSH keys, resulting in an ad hoc process using inconsistent security practices. Many keys are left unused and unmonitored, and some walk out the door with prior employees—whether maliciously or innocently. With no expiration and a lack of lifecycle management, enterprises can wind up with literally millions of SSH keys and a broad attack surface. Think of how much security you place around passwords and how often you rotate them. Now compare that to your SSH keys—the credentials that provide the most privileged access. Hear the common mistakes that almost all enterprises make around security, policy, and auditing practices when managing SSH keys, supported by current survey results. Discover the SSH key risks that are not addressed by IAM/PAM solutions and why they are probably some of the biggest risks in your environment. Then learn how to take SSH keys from an operational liability to a security asset.

After completing this session, you will be able to:

  • Understand how cybercriminals are exploiting SSH keys to gain unauthorized privileged access.
  • Learn how SSH keys provide the ideal mechanism for cyber criminals to pivot through your environment, and how to control it.
  • See why PAM solutions don’t protect against SSH key risks.
  • Recognize the common pitfalls in SSH key management, made by nearly every organization, and develop a plan to incorporate best practices into SSH key management

323–Obscurity in Cloud Security Intermediate

Wednesday, 17 October | 9:45AM – 10:45AM

  Download Presentation

Talal Ahmed, CISM
Director Cyber Security
MTY Solutions

This session will provide real world examples of how organizations are implementing security and utilizing defense in depth strategy. I will also highlight the importance of security control assessment and how risks can be identified and mitigated before any weakness can be exploited. The presentation will focus on NIST Risk Management Framework and how controls and process identified in NIST can help any organization implement a process to help secure their application and also build a process or least privilege and separation of duties.

After completing this session, you will be able to:

  • Understand the risks associated with migrating to the cloud and learn about the importance of internal security assessment.
  • Identify the risks associated with incorrectly configuring their applications in the cloud.
  • Recognize the false sense of security organizations have by migrating to the cloud and fail to understand the concept of shared security model.
  • Understand know about the security/compliance tools available on AWS to the organizations to help secure their organization.


Return to Event Page >>
 

Track 4—Cyber Threat Intelligence & Technologies

This track will focus on the threats associated with operating on the web. Threats and attacks are increasing rapidly. Enterprises erroneously believe their network infrastructures are safe. This track will also focus on methods used to attack corporate networks and how to prevent them.

114–Code Blue Clear: How One Hospital Survived the Largest Ransomware Attack in History Beginner

Monday, 15 October | 10:00AM – 11:00AM

  Download Presentation

Reg Harnish, CISM, CISA
CEO
GreyCastle Security

Headaches. Angina. Heart attacks. No, this isn't just another day in your Emergency Department, it's the newest threat to patient safety, cybercrime. From crippling ransomware attacks that leave computers and EMRs inaccessible, healthcare has been devastated by wave after wave of criminal activity. For the first time in history, cybersecurity has become life or death. But just like in healthcare, there's hope. The very same issues that make our hospitals and clinics vulnerable may also be our greatest strengths if you know how to manage them correctly. This session will take you through a minute-by-minute replay of the largest ransomware attack on a US hospital to date. Ransomware attacks are inevitable and being resilient is all that matters. This sophisticated ransomware variant known as “SamSam” compromised over 6,000 assets and shut down the entire system. In this new era of cybercrime, you can’t afford to give into the ransom payment demand. Every second counts and so does patient safety.

After completing this session, you will be able to:

  • Understand the latest variants of ransomware attacks and their attack vectors.
  • Take Proactive cybersecurity measures to reduce the risk of a ransomware attack from compromising your system.
  • Know the guidelines for creating, testing and implementing your incident response plan and establishing a qualified response team without paying any ransom demands.
  • Take back newly gained knowledge on how to prevent a situation like this to happen to their institution.

124–Crowd Sourced Security Advanced Managerial

Monday, 15 October | 11:15AM – 12:15PM

  Download Presentation

John 'Lex' Robinson
Anti-Phishing / Cyber Security Strategist
Cofense

This presentation will discuss how to take advantage of user provided intelligence to improve your organization’s ability to recognize, report and respond to active phishing threats. We will present and discuss best practices in the development of an organization’s capability to resist phishing attacks and get ‘Left of Breach’. During this session, we will overview a base capability model, the phishing kill chain and how they relate to anti-phishing program execution, as well as, available data on industry level phishing resiliency trends. Attendees will leave this presentation with the knowledge and tools to design and implement an Anti-Phishing Program that takes advantage of their human resources in support of organizational cyber-security and effectively reduces the risk of breach via the phishing attack vector.

After completing this session, you will be able to:

  • Understand the value of Crowd Sourced Phishing Intelligence.
  • Develop active, forward facing intelligence.
  • Develop Organizational Anti-Phishing Capabilities.
  • Implement Anti-Phishing Program Best Practices and Approach.

134–Asymmetric Attacks Mandate Credible Cybersecurity Program Intermediate

Monday, 15 October | 1:30PM – 2:30PM

  Download Presentation

2017 Top-Rated SpeakerUday Ali Pabrai
CEO
Ecfirst

Attack surfaces have only increased in the past few years. The next few years will continue to see more, not less, attack surfaces. From assets at multiple cloud service providers, to a multitude of mobile devices and platforms, organizations must secure sensitive information across a diverse computing ecosystem. To counter asymmetric attacks that are a constant on all businesses, small or large, across all verticals, organizations must develop a cyber defense that is consistent and disciplined across all potential attack surfaces. It is the responsibility of senior leadership in organizations to ensure a credible cybersecurity program is established. The cybersecurity program should be based on a mature, robust cybersecurity framework, such as:

  • NIST Cybersecurity Framework
  • HITRUST CSF

Both frameworks will require the organization to commit resources and establish cybersecurity as a business priority. For the cybersecurity program to be successful, the individual with ultimate responsibility for an organization’s cybersecurity program, such as a Chief Information Security Officer (CISO), must report directly to a senior “C” level executive, such as the CEO, CFO, or COO.

After completing this session, you will be able to:

  • Walk thru five core areas of a cybersecurity program.
  • Review elements of a credible cybersecurity plan.
  • Identify key cybersecurity policies.
  • Examine seven critical steps for establishing a comprehensive cybersecurity program.

144–Hacking Closed Networks Advanced Technical

Monday, 15 October | 2:45PM – 3:45PM

  Download Presentation

2017 Top-Rated SpeakerIra Winkler
President
Secure Mentem

Naval officials quickly condemned speculation that the USS McCain was hacked, saying the network was closed. While the network was closed, it doesn't mean that it can't be compromised. This false sense of security can be crippling. Stuxnet was one example showing how an adversary can compromise a closed network. Snowden and Manning demonstrated that insiders can cause the most damage to closed networks. It has been widely reported that Russia and China compromised power grids around the world. This presentation discusses the many ways to compromise closed networks, which can include compromising systems in development, before delivery; during delivery; compromising updates that are later installed on the system; insider compromises; compromises of maintenance equipment' compromise of USB drives; physical modification of the network to attach an external connection; and the fact that many closed networks are not closed. Case studies, including many performed by the presenter, will be used to demonstrate the attacks. The session will close by defining additional countermeasures that can better protect closed networks. Frankly, the most effective countermeasure is actually acknowledging that closed networks can be compromised.

After completing this session, you will be able to:

  • Understand that closed networks might not be closed, and even if they are, they are not immune from attack.
  • Identify potential attack vectors of closed networks.
  • Understand the real risk posed by attack vectors targeting closed networks.
  • Determine how to better secure both closed and open networks.

154–Flatlines for Show, Exploits ‘Oh No!’ Intermediate

Monday, 15 October | 4:15PM – 5:15PM

  Download Presentation

Ted Harrington
Executive Partner
Independent Security Evaluators (ISE)

Companies are locked in a battle against attackers who possess superior financial, manpower, and time resources, yet all too often, the defense paradigm focuses on red herrings: things that on the surface appear to defend, but which are not relevant to the core issues. Extracting key guidance from security research recently published by the presenter, including the patient monitor “flat-lining” exploit made famous by CBS News On Assignment, this session challenges conventional wisdom and applies an attacker’s perspective to elucidate why successful security programs address the lesser obvious, deeper issues. By attending this session, you will become empowered with actionable insights for how to utilize your resources more effectively, and better understand where and why to apply them.

After completing this session, you will be able to:

  • Understand the intersection of technical exploits and social engineering.
  • Identify how exploits on medical devices can manipulate physician behavior.
  • Recognize how attackers can leverage care workflows to deliver a payload.
  • Discuss how to improve resiliency, reinforce safeguards, and avoid a medical error that results from technical exploits.

214–The Five "P"s of Breach Response Intermediate

Tuesday, 16 October | 10:00AM – 11:00AM

  Download Presentation

2017 Top-Rated SpeakerBen Smith, CRISC
Field Chief Technology Officer (Field CTO - US)
RSA

Many organizations, especially those early on their security maturity journey, tend to consider breach response purely as a technical matter - how do we find the fire, and put out the fire, with the right tools in the smallest amount of time? But responding to a breach, of any size, isn't merely a technical exercise. Far fewer organizations recognize that this fire-fighting exercise is not limited to the IT and Security Operations (SOC) functions, but also must include the Legal, Marketing, HR, Risk Management, PR, and other internal- and external-facing functions. This presentation is based on real-world lessons learned relating to tasks to be completed *before* the breach occurs. And because we all live in the real world, with limited time and even more constrained budgets, this presentation is not a recitation of the "right" technology to put into place, but rather a review of several thought-provoking (and less obvious) areas, each of which starts with the letter "P": effective breach response is all about Practicing, reading the Punch correctly, retaining your People, recognizing the unique attack vector represented by your Partners, and hunting threats Proactively rather than waiting to be alerted.

After completing this session, you will be able to:

  • Understand that effective breach response begins *before* the breach occurs.
  • Appreciate the key importance of leveraging business context of affected assets in the midst of a breach response.
  • Recognize how to incent and retain technical personnel in what is traditionally a high-burnout profession.
  • Understand the unique attack vector represented by third parties.

224–Adaptive Operations is the New Black in Today's Security Landscape Intermediate

Tuesday, 16 October | 11:15AM – 12:15PM

  Download Presentation

Girish Bhat
Director of Security Product Marketing
Splunk

Security architectures typically have involved many layers of tools and products as part of a defense-in-depth strategy. Unfortunately, they have not been designed to work together, leaving gaps in how security teams bridge multiple domains. In today's nefarious threat landscape these gaps are magnified and in many cases, pose a hurdle for optimal use of these investments and response capabilities. What is needed is a consistent framework that can provide a common interface for end-to-end visibility, automated retrieval and collaboration in a heterogeneous multi-vendor environment enabling security teams to quickly adapt to attackers' tactics using a range of actions including automated response. Such an approach would enable participants to extract new insights from existing security architectures and improve investigations with more context from key security and IT domains. This presentation will focus how an adaptive operations approach that spans across the entire security and IT ecosystem can create a robust and agile defense against today's advanced and increasing complex threats. We will also address how this approach can build confidence in security teams to automate response while optimizing their investments in defense-in-depth tools.

After completing this session, you will be able to:

  • Extend their existing security investments using analytics and machine learning to create next-gen cyber defense.
  • Identify areas of improvements they can make at their organizations using the adaptive operations framework.
  • Understand the application of analytics-driven security use cases and how it can reduce analyst fatigue.
  • Recognize how organizations are benefiting from this approach and how it applies to their own organizations.

234–Understanding Deep & Dark Web Intermediate

Tuesday, 16 October | 2:45PM – 3:45PM

  Download Presentation

Claudio Cilli, CISA, CISM, CGEIT, CRISC
University of Rome

This is a practical and comprehensive presentation on what is hidden in internet but still under our eyes. The dark web is a mysterious world who attracts everyone. This presentation will allow attendees to have a full immersion in this deep sea and to see what is under their eyes although not seen. Tools and techniques are explained with real examples, allowing attendees to discover this fascinating world, through an interactive session. Surfing, and worse, interacting in the dark web exposes the company to a large amount of risks, even legal. The presentation will show how to prevent users from accessing dark web without affecting normal. operations, with techniques, tools and practical examples.

After completing this session, you will be able to:

  • Recognize what is behind the normal web navigation
  • Understand the TOR network operation, anonymity and hidden services
  • Have a knowledge of deep & dark web, difference and content
  • Prevent internet misuse and avoid employee surfing dark web using company assets

244–Practical Application of Risk Assessments for Your Cybersecurity Program Intermediate

Tuesday, 16 October | 4:15PM – 5:15PM

  Download Presentation

2017 Top-Rated SpeakerMark Thomas, CGEIT, CRISC
President
Escoute

How does an enterprise make informed decisions with respect to cybersecurity? Risk based decision making is a primary factor in delivering value for the enterprise, but what exactly does this mean? Evaluating and assessing risk can be a daunting task, especially with the multitude of decisions that need to be made on a regular basis. This presentation walks through real life scenarios that are regularly encountered in the IT risk management realm and applies industry models to navigate through them.

After completing this session, you will be able to:

  • Understand how to use techniques from various industry guides such as ISO3100, NIST and COBIT to effectively manage a risk management process
  • Learn how to create risk scenarios as a basis for an assessment, and link these to their effects on business goals
  • Analyze and assess risks, and determine appropriate responses
  • Create an enterprise risk register that can be flexible, and tied to various other business risk processes

314–Threat Intelligence Sharing: Trusted Circle & ISACs Intermediate

Wednesday, 17 October | 8:30AM – 9:30AM

  Download Presentation

Manoj Patel, GRCP
Senior Advisor, CyberSecurity & Risk Global Practice EMEA
ServiceNow

Why share threat intelligence? The bad guys share tools, tactics and procedures. When an attack is successful, the bad guys use the same attack on similar targets. Threat intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject's response to that menace or hazard.

  • Get situational awareness for threats being investigated.
  • Understand if you are the first/last, or only one seeing this?
  • Is this an industry specific attack?
  • Have others seen other related observables I haven’t yet?
  • Current Global ISACs (Information Sharing & Analysis Centers)
  • Identify & assess the impact of a cyber attack

At the end, it's about: Immunity by Community. Sharing is Caring!

After completing this session, you will be able to:

  • Learn about what are Threat Intel, Sighting Search, ISACs and Trusted Security Circles
  • Understand Importance of Threat Sharing How to use Threat intelligence to identify, remediate and/or assess the impact of a cyber attack
  • How to drive Drive Immunity by community
  • Find current resources for Threat Sharing.

324–Taking Down the Cyber Criminal-Post Breach Incident Analysis & Investigation Intermediate

Wednesday, 17 October | 9:45AM – 10:45AM

  Download Presentation

Jarrett Kolthoff
President/CEO
SpearTip, LLC

As cyber attacks become more and more prevalent, so has the determination to take them down. The first part is understanding cybersecurity indicators and motives for espionage activity. Attendees will learn about host based and network incident response tools and digital forensic tools including techniques and tactics for their effective use. This hands-on approach with show how to forensically analyze network storage, hard drives and memory. The attendees will become familiar with post-breach report construction and examine the proper drafting and use of such reports for submission to legal counsel, the courts and to organizational leaders.

After completing this session, you will be able to:

  • Further understanding of cyber-espionage activities and motives from both an external and rogue insider's perspective.
  • Manipulate host-based and network incident response tools and digital forensic tools to investigate cyber criminal activity.
  • Coordinate analysis of network storage, hard drives and memory to construct an effective post-breach report.
  • Become familiar with proper drafting and submission of post-breach reports to legal counsel, courts and organizational leaders. Also, effective oral testimony and use of demonstrative evidence in court will be included.


Return to Event Page >>
 

Track 5—Security Governance

This track will provide attendees with tools and techniques to effective security program to risk and comply with security regulations. It will cover components of the NIST Cybersecurity Framework and the European Privacy regulations. It will also cover concepts and processes that will help an enterprise create and maintain an effective and sustainable security program.

115–Implement a Security Program and Gain Executive and IT Support in a Skeptical Culture Intermediate

Monday, 15 October | 10:00AM – 11:00AM

  Download Presentation

Dane Truhett, CISM
AT&T Global Solutions

Security may be viewed as a technical problem within the organization. However, it must be an integral part of the business. It is our responsibility to communicate need in an effective manner. We need to be able to answer the why, demonstrate how we execute and convert the technical solutions into actionable business objectives. I will provide visuals and communicate how the audience can communicate effectively to senior management. Senior Management wants to know what the value is? We need to clearly communicate the strategy and why the company needs an encompassing program. Yes; we can reduce risk with technical solutions, but it is much more than that. It is about the data. The data is what we are protecting. I will align how we do this within the framework. I will also demonstrate how to use Business Continuity and Disaster Recovery programs, to effectively communicate the need for integration of a Security Program into the organization. Determining critical business assets utilizing a business impact analysis aligns comfortably with the BC and DR programs. During this session, attendees will also be presented information related to cost and cost if we do nothing. Senior management has a fiduciary duty to the company’s finances. They need us to communicate clearly the financials of protection. I will also present ways we can utilize training / awareness to further reduce risk. Education is another tool we can use to gain senior executive support.

After completing this session, you will be able to:

  • Provide effective communication for Executive buy in and support: Why is this a strategic and operational imperative for our company? What is a security program? What are the specifics of our company’s program?
  • Understand how to address issues/questions such as: What is the monetary impact to us? How are we going to maintain productivity while at the same time reducing risk?
  • Communicate how Business Continuity, Disaster Recovery and Security Program relate/integrate: What is the relationship of these programs and how do we leverage them for reducing risk?
  • Create visual representation and training awareness tools: How do we communicate this to the masses? How can we simplify the complexity to provide greater understanding as to the need for what we are doing and how they can help?

125–ISO 27001 & the GDPR: Identifying Overlap and Streamlining Efforts Advanced Technical

Monday, 15 October | 11:15AM – 12:15PM

Alex Bermudez, CIPP/E, CIPM
Privacy Solutions Consultant
OneTrust

Together, security and privacy teams share a common goal: Protect the organization from reputational damage, lawsuits, and regulatory trouble. On one hand, ISO 27001 focuses on the assessment of risks and protection of the organization. On the other, the GDPR aims to assess and protect the rights and freedoms of individuals. With a joint goal in mind, it is crucial that security and privacy teams work together to develop a common language that produces greater productivity and takes advantage of collective efforts. In this session, we will present findings from research conducted in cooperation with the International Association of Privacy Professionals (IAPP), sharing how ISO 27001 and the GDPR overlap, as well as how security and privacy teams can work together to become more effective.

After completing this session, you will be able to:

  • Map the most common security operations standard, ISO 27001 to the world’s most influential piece of privacy legislation, the GDPR.
  • Identify how much work toward GDPR compliance that security teams have likely already done.
  • Outline six main areas of common ground that should help every organization align their security and privacy operations.
  • Develop a framework to reduce the risk of a damaging incident while increasing productivity and customer trust.

135–Developing a GDPR-Ready Incident & Breach 72-Hour Action Plan Advanced Managerial

Monday, 15 October | 1:30PM – 2:30PM

Alex Bermudez, CIPP/E, CIPM
Privacy Solutions Consultant
OneTrust

Under the GDPR, controllers are now required to notify their supervisory authority when a personal data breach occurs, unless it is unlikely to result in risks to the rights and freedoms of individuals. The notification needs to be done without undue delay, no later than 72 hours after the controller has become aware of the breach (with some exceptions). It is crucial for privacy practitioners to understand the details of this tight timeline as well as the risk-based trigger, and what they entail. In this session, we’ll review the personal data breach rules under the GDPR and provide tips to help you map out a 72-hour personal data breach action plan.

After completing this session, you will be able to:

  • Understand the implications of the GDPR for controllers and processors.
  • Map out a GDPR-ready 72-hour personal data breach action plan.
  • Outline the details of this tight timeline as well as the risk-based trigger, and what they entail.
  • Implement efficient and effective data handling practices in the face of the new GDPR requirements.

145–Auditing Identity and Access Management Within the NIST Cybersecurity Framework Intermediate

Monday, 15 October | 2:45PM – 3:45PM

  Download Presentation

Donald Gallien, CISA, CISM
Vice President, Portfolio General Auditor
American Express

 

 

Kelly Wright, CISA
Vice President - Technology Audit Leader
American Express

Identity and Access Management is a key component of the NIST Cybersecurity Framework. For many information security professionals, Identity Access Management (IAM) feels unachievable - a concept that promises to provide “the right individuals access to the right resources at the right times”, but not always delivering on the promise. IAM tools provide full lifecycle identity and access management capabilities including: automated provisioning and revocation of access to resources, linkage to user certification processes, password management, policy enforcement, compliance reporting, and analytics. Organizations may find IAM systems complex to implement. But when IAM is implemented, the identity and access management paradigm changes completely. Thus, the audit of access management must change to remain relevant. Processes that were once disjointed and manual will now be integrated and automated. This should overhaul the design and execution of the identity and access management audit. Instead of performing a series of disconnected substantive audit procedures over access approvals, user access certification, employee terminations, and password policies, auditors should test the IAM application controls, configurations, workflows, integration of HR systems, integration of directory services, and data analytics.

After completing this session, you will be able to:

  • Comprehensively test NIST Cybersecurity Identity and Access Management (IAM) requirements through audits of IAM systems and processes.
  • Understand, identify, and design tests key IAM system and process controls.
  • Identify and retire legacy audit tests that are no longer relevant in an IAM system environment.
  • Know key data analytics to implement and monitor ongoing effectiveness of IAM programs.

155–Transforming into a Lean Enterprise IT Security Intermediate

Monday, 15 October | 4:15PM – 5:15PM

  Download Presentation

Zechariah Akinpelu, CISM
Manager, Information Security Operation
First Bank Nigeria

Lean is the application of principles whose objective is to eliminate waste while improving process flow to achieve speed and agility at lower cost. There are five principles which are value, the value stream, flow, pull and perfection. All these principles are aimed at improving process by eliminating all forms waste. This principle impacts many internal and external customers of the IT value-stream and its application can cut back the waste of outgrown information technology (IT). The benefits of lean Enterprise IT Security include: delivery of a more efficient and higher IT and security products (outcomes), promotes enterprise security CMMI - pushing for a more efficient approach. Lean principle aligns with various security standard such as NIST Cybersecurity framework, ISO 27001 information security management systems and COBIT 5 which provides a comprehensive way of ensuring reasonable and appropriate control for information resources. The COBIT 5 guiding principles are: (i) meeting stakeholders needs (ii) covering the enterprise end to end (iii) applying a single intended framework (iv) enabling a holistic approach and (v) separating governance from management. The blended principles are not just technology and architecture focus but its focus is on operational excellence which is achievable through continuous improvement of small changes in Enterprise IT Security thereby making the business have trust in IT because of its alignment with business objectives.

After completing this session, you will be able to:

  • Recognize the principle of lean management as it applies to Enterprise IT Security.
  • Understand how to map Lean Management with various standards to eliminate waste in IT Security processes thereby reducing cost and optimizing profit.
  • Identify how to deliver a more efficient and trusted Enterprise IT Security by using lean principles to align information security with business strategy.
  • Demonstrate practically the application of LeanIT and COBIT 5.

215–Get Control of SSL/TLS Cert Security Intermediate

Tuesday, 16 October | 10:00AM – 11:00AM

  Download Presentation

George Parsons
Sr Director Architects
Venafi

This session will enables attendees to design a 4-level, 18-month journey to enterprise-wide SSL/TLS certificate security, at each level including: 1) The timeline and requirements; 2) The technical and business benefits, and 3) Anecdotes of real-life implementations.
The presentation starts with where most enterprises are today with their SSL/TLS certificate systems, reviewing the challenges and limitations faced by the current state of most enterprise SSL/TLS certificate system, and discusses advancing 4 levels:
Level 1: Control (3 months) Achievement: A solid security foundation based on known and trusted certificates.
Level 2: Critical Systems (3 months) Achievement: Expanded visibility, control, and automation to all certificates on business-critical infrastructure.
Level 3: Enterprise Protection (6 months) Achievement: Extended protection and remediation across all certificates.
Level 4: Global Threat Response (6 months) Achievement: Rapid threat and incident response capabilities protect certificates.

Session attendees will then be placed into groups, each of which will be given a list of challenges for a sample organization, project parameters, and customer environment and asked to create a plan to address the challenges. We will circulate and provide guidance and conclude with a summary of best practices.

After completing this session, you will be able to:

  • Assess the maturity of their SSL/TLS certificate management in their organizations
  • Determine the current security and operational challenges around SSL/TLS certificate management that are being experienced by their organizations.
  • Create a customized, 4-level, 18-month roadmap for improved SSL/TLS management based on their challenges and current network environment.
  • Set realistic implementation expectations, including an outline of the technical and business benefits that will be realized at each stage.

225–Getting Your Hands Dirty with the NIST Cybersecurity Framework Intermediate

Tuesday, 16 October | 11:15AM – 12:15PM

  Download Presentation

Kelly Hood
Cybersecurity Engineer
G2 Inc

 

 

Dylan Thomas
Cybersecurity Engineer
G2 Inc

Many organizations try to implement security before fully understanding why they need it, where they need it, or how much of it they need. This session will use practical exercises to illustrate how the NIST Framework for Improving Critical Infrastructure Cybersecurity can be used to evaluate an organization’s current cybersecurity program, identify risks to their business, set organizational security goals, and prioritize the steps that need to be taken to reach those goals. In this session, speakers will present an overview of the NIST Cybersecurity Framework components and implementation steps before facilitating a scenario-based discussion including practical exercises to illustrate how organizations have actually implemented the Framework. This session will walk through multiple table top activities including the creation of both a current and target state profile. During these activities, speakers will discuss their lessons learned based upon their experience implementing the Framework throughout multiple critical infrastructure sectors. By the end of the session, participants will understand the questions they should be asking, types of policies they should review, the data they should be recording, and how to effectively analyze the information to create a prioritized, risk-based, plan of action tailored to their organization using the NIST Cybersecurity Framework.

After completing this session, you will be able to:

  • Describe the NIST Cybersecurity Framework components (Tiers, Core, and Profiles) as well as how to apply them.
  • Demonstrate the implementation steps of the NIST Cybersecurity Framework by developing current and target state cybersecurity profiles. Identify gaps in an organization's security program by comparing the current and target profiles.
  • Utilize the NIST Cybersecurity Framework to reduce security risks by evaluating threats, setting security goals, and applying risk management activities to have the greatest impact on business priorities.
  • Identify the benefits of the NIST Cybersecurity Framework and recognize how organizations of various sizes and industry sectors are utilizing the Framework to decrease their cybersecurity risks.

235–Embedding Cybersecurity into the Software Development LifecycleAdvanced Managerial

Tuesday, 16 October | 2:45PM – 3:45PM

  Download Presentation

Anna Murray
CEO
emedia, LLC

Cybersecurity considerations are frequently an afterthought to software development projects. This results in a “patch and pray” approach post-launch. By then, security may not achievable given baked-in features and functions that can’t be “un-baked.” How do you avoid this outcome? In this session, attendees will be provided case studies and concrete strategies for integrating cybersecurity into the software development lifecycle. This presentation will provide methods for measuring level of risk and applying appropriate controls based on audience, features, brand considerations, business sector and data entry/storage requirements. It will cover the common timeline of software development, from discovery through post-launch, identifying key cybersecurity milestones. Through multiple case studies and “war stories,” the session will expose common pitfalls and gotchas. We will also highlight the “shining examples” of doing it right as well as implementing cybersecurity standards in Waterfall and Agile environments, and across platforms such as desktop, tablet, and mobile phone. Attendees will leave this session with the information necessary to develop policies and procedures for cybersecurity in the software development lifecycle.

After completing this session, you will be able to:

  • Formulate a per-project software development cybersecurity plan of action based on software product goals, business needs and level of risk.
  • Develop cybersecurity policies and procedures within his or her organization for software development projects.
  • Understand communication strategies for all teams within a software development effort, including business stakeholders, developers, project management staff, QA personnel, and external vendors.
  • Recognize all key cybersecurity touchpoints in the software development lifecycle.

245–Communicating Risk Through Automated Metrics Intermediate

Tuesday, 16 October | 4:15PM – 5:15PM

  Download Presentation

James Tarala
Principal Consultant
Enclave Security

As a result of high profile data breaches executives and boards of directors are increasingly interested in their organization’s risk posture. Unfortunately many security teams are providing more uncertainty than quantitative metrics that can be used for informed decision making. Security teams must be able to provide actionable data to help these leaders better understand their risk posture. But resources are limited, and security teams must be able to prioritize defense over constant reporting. Therefore any metrics that are reported must be gathered in an automated way that does not require constant staff interventions. To help solve this problem the Center for Internet Security, has developed metrics to practically measure an organization’s risk posture. These metrics are actionable and can be automated through the use of technical security sensors. In this presentation attendees will discover techniques for implementing automated tools for gathering metrics and methods for synthesizing these metrics into actionable metrics that executive leaders can understand. Many organizations, including the US Department of State and US Department of Homeland Security, have begun presenting models for organizations to follow when creating specific information assurance metrics programs. Using the Critical Security Controls as a foundation, this presentation will show participants specific steps to take and metrics to use to begin or enhance their assurance dashboards.

After completing this session, you will be able to:

  • Intelligently choose a cyber security standard to use as a foundation for defense.
  • Evaluate their organization based on specific, community defined, cyber security controls.
  • Know the tools that can be used to facilitate audits and communicating risk to business leaders.
  • Have a specific set of community defined metrics that can be used to measure their organization's risk posture.

315–Cyber Analytics: Visualizing Vulnerabilities Intermediate

Wednesday, 17 October | 8:30AM – 9:30AM

  Download Presentation

Glenn Keaveny
Director
Grant Thornton

This session will review a case study where an assessment team was engaged by a large state client. The state agency was established to consolidate state infrastructure resources, oversee the state’s essential technology projects and establish IT security standards. In response to legislative objectives, the Agency required an assessment of 32 State agencies to determine cyber risk posture. The agency needed an “apples-to-apples” methodology. The assessment team utilized analytics tools and techniques to accomplish the following:

  1. Identify and assess security risks using an uniform criteria based on industry best practices;
  2. Identify IT security risks including severity;
  3. Provide recommendations for remediation activities; and
  4. Develop an estimated schedule and cost of the remediation plan for each agency.

After completing this session, you will be able to:

  • Develop and better understanding of their security and compliance posture.
  • Budget for security and compliance tools.
  • Develop a roadmap to effectively mature an organization's cybersecurity and compliance program.
  • Use analytics tools and techniques to effectively manage resources in an effective and cost efficient manner.

325–DevSecOps-Bringing the Security-The Missing Link in Delivering on the Promise of Business Velocity and Quality to DevOps Advanced Managerial

Wednesday, 17 October | 9:45AM – 10:45AM

  Download Presentation

Rob ClydeRob Clyde, CISM, NACD Board Leadership Fellow
Chair of ISACA’s board of directors and Executive Chair of Board of Directors, White Cloud Security, Board Director, Titus

There is one constant in all our lives – change! Change is accelerating driven by disruptive technologies which are fueling innovative business models across every vertical from Banking to public services. To succeed with Innovation at speed, IT organizations must accelerate their release velocity - and do it with greater quality, security, and availability! Enter DevOps! For most organizations, the transition to DevOps starts small, in a single team or a new project with cobbled together open source solutions, with security often an afterthought. To scale effectively, deploying daily or hourly or even more frequently, requires organizations treat security as a first-class citizen – engaged in all aspects of the development and deployment lifecycle. Robert will share market trends, tips and techniques to incorporate security into the complete DevOps lifecycle – delivering DevSecOps. Robert will identify traps and roadblocks teams often experience, discuss approaches and actions to help you facilitate a smooth, and swift, transformation.

After completing this session, you will be able to:

  • Explain the core DevOps and DevSecOps principles
  • Identify the key components of DevSecOps in the SDLC
  • Analyze the SDLC and select the appropriate security techniques to incorporate
  • Develop techniques to transition skills to product teams


Return to Event Page >>
 

Track 6—Industry Trends & Insights

116–Continuous Assurance Using Data Threat Modeling

Monday, 15 October | 10:00AM – 11:00AM

  Download Presentation

Fouad Khalil
Vice President Compliance
SecurityScorecard

Enterprises are challenged to move the process of accounting for data in a structured, systematic way higher on the list of priorities. One option to accomplish this challenge is by applying application threat modeling principles to data (data threat modeling). Application threat modeling provides value by allowing application security specialists to systematically evaluate an application from an attacker’s point of view. By doing this, an analyst can methodically analyze an application to identify and map threats that the application is likely to encounter in post-deployment conditions.

After completing this session, you will be able to:

  • Learn how to adapt threat modeling to data in transit and data at rest as a strategy to put forth a more holistic, comprehensive and continuous model for understanding data risk and for analyzing potential risk in the supply chain.
  • Learn how to transition from data threat modeling to threat discovery, inventory and evaluation.
  • Learn how to extend the risk evaluation to data life cycle management.
  • Understand how all these techniques support the continuous assurance best practices.

126–We’re Not in Kansas Anymore: The Truth About Your Prime Vendors

Monday, 15 October | 11:15AM – 12:15PM

  Download Presentation

Moderator:

Michael Orrick
Executive Vice President
SAI Global, Commercial Americas

 

 

Panelists:

Todd Laughman
Vice President of US Sales
ZeroFOX

 

 

Kevin Sasser
Director of Strategic Initiatives
Argos Risk

New technologies and dynamic changes in the threat landscape are driving a more integrated, holistic approach to managing vendor risk. Hear from a panel of industry leading experts in vendor risk management, disaster recovery, vendor scoring, business credit risk analysis and brand reputation who will discuss the evolving management of VRM.

After completing this session, you will be able to:

  • Understand why it’s important to get an integrated, holistic approach to managing your vendors.
  • Amplify your approach to VRM.
  • New technologies to improve the evaluation of your vendor providers.

136–A Path to Achieving Network Security ZEN

Monday, 15 October | 1:30PM – 2:30PM

  Download Presentation

Den Jones
Director of Enterprise Security
Adobe Systems

 

 

Carlos Martinez
Sr. Enterprise Security Engineer
Adobe Systems

Finding a balance between a pleasant user experience and stringent security requirements can be a challenge. If you do not find the right balance, users may revolt! The need to use a certain username and password for some services while saving additional credentials for other services can contribute to a headache for both security pros and users. Users encounter access and authentication controls many times during their day – so, is it even possible to balance greater security while still providing a good overall user experience? Adobe believes this is possible. Project “ZEN” is a framework developed by Adobe to help achieve this balance.

Project ZEN is an initiative based upon principles found in zero-trust frameworks. Since there is no “off-the-shelf” solution to fully deliver on these principles today, ZEN consists of pioneering technology and policies to make the path to a zero-trust network more efficient and attainable. The ZEN initiative plans to accomplish the following:

  • Remove the need for VPN and replace usernames/passwords with certificate-based authentication and multiple options for second factor authentication (2FA). 2FA will only be required as needed based on data security policies.
  • Leverage existing network controls combined with machine learning to control network access.
  • Help prevent lateral movement within the network during an incident or breach scenario.
  • Better automate management of access to internal applications to streamline the overall user experience while also tightening security controls.
  • Deploy device management technology across user devices.
  • Deploy a “trust score engine” that will better automate access rules based upon real-time data.

After completing this session, you will be able to:

  • Learn about the principles behind Adobe ZEN
  • Understand the Adobe experience so you can start your own journey by leveraging existing security technology investments and targeted automation technologies
  • Explore common issues you might encounter along the journey, with guidance on overcoming those issues.

146–Thought GDPR Readiness Was Tough? Brace Yourself for the California Consumer Privacy Act

  Download Presentation

Monday, 15 October | 2:45PM – 3:45PM

Dan Frank
Principal
Deloitte & Touche LLP

 

 

Glenn Wilson
Senior Manager
Deloitte & Touche LLP

The state of California has a longstanding history of prioritizing consumer rights. California laws and acts such as “Shine the Light”, “Invasion of Privacy”, “Online Privacy Protection”, “Electronic Communications Privacy” and “Anti-Phishing”, among others, have helped California historically “set the bar” in the United States when it comes to respecting consumers’ privacy and protecting their personal information.

California has continued its trendsetting on privacy and data protection with the newly passed California Consumer Privacy Act (CaCPA) which, like the European Union’s General Data Protection Regulation (GDPR), introduces onerous requirements previously unseen in the United States.

This session will cover the essentials of CaCPA readiness, including: requirements, controls, impacts, similarities and differences between CaCPA and the GDPR, challenges and leading practices, CaCPA enabling technologies, and how to get started on your journey to CaCPA readiness.

After completing this session, you will be able to:

  • Understand CaCPA requirements; necessary controls; and financial, brand, compliance, and operational impacts of non-compliance
  • Comprehend the similarities and differences between CaCPA and GDPR and how your readiness for GDPR may help expedite readiness for CaCPA
  • Recognize CaCPA challenges and leading practices from a people, process, and technology perspective
  • Grasp the technologies that can help enable CaCPA readiness, reduce the likelihood of human error, and help make CaCPA-related processes more efficient and cost effective
  • Know the steps necessary to begin the journey toward CaCPA readiness, including key scoping and planning-related considerations

156–Uncovering Facts and Trends in Global Cyber Security Risk

  Download Presentation

Monday, 15 October | 4:15PM – 5:15PM

Marshall Kuypers, PhD
Head of Cyber Risk
Qadium

In this talk, Qadium will provide an in-depth look at historical trends and the current state of global cyber security exposures across the Fortune 500 with anonymized data collected from our global-scale, near-realtime Internet intelligence platform. We will highlight how these exposures come about, how they persist, and expose how identical types have resulted in large, well-publicized breaches. This session will demonstrate the relationships between foundational cyber security gaps that introduce network risk to all organizations.

After completing this session, you will be able to:

  • Understand how massive technological changes have made it easy for adversaries to scan the entire global Internet, and therefore turned companies from targets of choice to targets of opportunity when exposures are detected.
  • See how common network edge exposures have persisted across major organizations.
  • Understand the overlooked complexities involved in securing your organization’s network edge during mergers, acquisitions, and divestitures

216–How to Tackle the GDPR: A Typical Privacy & Security Roadmap

Tuesday, 16 October | 10:00AM – 11:00AM

Alex Bermudez, CIPP/E, CIPM
Privacy Solutions Consultant
OneTrust

With a new era of privacy regulations upon us, security and compliance professionals need to make GDPR a top priority. It is essential to build a roadmap with both privacy and security in mind. In this session, we’ll discuss the importance of privacy management within the context of your existing security and compliance ecosystem–how it fits into the larger puzzle, why it has been precariously overlooked in the past, and how it can be seamlessly integrated as a function among the information security, information technology, risk management, audit and compliance, as well as legal areas in your organization. We’ll address the importance of demonstrating on-going compliance with privacy regulations like GDPR, and how privacy management software can support security and GRC teams.

After completing this session, you will be able to:

  • Understand the requirements and importance of GDPR for privacy and security teams
  • Learn how privacy management tools fit into an overall security ecosystem
  • How to demonstrate ongoing compliance with GDPR and other regulations

226–Turning Corporate Compliance into a Competitive Advantage

Tuesday, 16 October | 11:15AM – 12:15AM

Milton Rosberg
Vice President of Global Sales, Marketing and Business Development
Vanguard

Organization are assigning large budgets for Compliance, time to take advantage of the expense and leverage the spending Turning Corporate Compliance into a competitive Advantage. Organization are assigning large budgets for Compliance, time to take advantage of the expense and leverage the spending.

After completing this session, you will be able to:

  • Help to find additional Funding within the organization
  • Tips on building Corporate Consensus
  • Speaker will supply template for Compliance Reviews for Sr. Management

236–Harmonizing Insights from your Cybersecurity Ecosystem

Tuesday, 16 October | 2:45PM – 3:45PM

  Download Presentation

Phil Shomura
Senior Product Manager
ACL Services

Most organizations have an ecosystem of cybersecurity point solutions to protect their attack surface. And while these vital investments are needed to establish a strong cybersecurity posture, they come with their own set of challenges. Most notably, the fact that these disparate systems produce a dizzying amount of data lakes and insights. Even if some systems have incumbent analytics, or BI and machine learning (ML) capabilities to help you uncover issues, there’s no way to be certain that the issues identified will be remediated.

The future of cybersecurity is a centralized platform which provides oversight of risks and vulnerabilities, plus governance that issues are being remediated. And technology is available today to work in concert with your incumbent tools and bring harmony to all your solutions while maximizing their effectiveness.

After completing this session, you will be able to:

  • Identify key integration points within an organization
  • Apply data analytics to key control areas for continuous monitoring
  • Develop a standardized workflow and streamline reporting

246–Cyber Crisis Management Tabletop Simulation for Senior Management / Board of Directors Beginner

  Download Presentation

Tuesday, 16 October | 4:15PM – 5:15PM

Oren Elimelech, CISM, CRISC, CISA
CISO
CyberTeam360

Each cross-organizational event should focus on non-professional aspects, which require cooperation between the group members (risk management, information security, board debriefings, compliance audits, etc.) while each event should focus on internal process to boost the pressure and create deliberate friction (forensics tasks, press debrief, legal review, etc.)The presenter devoulges an event every ten minutes, leaving the teams enough time to respond to each of the events. The main goal is to spot gaps with the current posture and to understand what actions are needed to be taken to increase the knowledge base and emphasize what should be done in case of a cyber-attack.

After completing this session, you will be able to:

  • Understand where team coordination is most difficult? What can we do to improve it?
  • Are there any steps currently performed by other members that can be done to reduce friction?
  • Increase the knowledge base and emphasize what should be done in case of a cyber-attack.
  • Raise awareness

316–Cyber Event Recovery: What Are Your Plans? Intermediate

Wednesday, 17 October | 8:30AM – 9:30AM

  Download Presentation
  Download Handout

William Crowe
IT Security Manager
Citizens Property Insurance Corp

Effective planning is a critical component of an organization’s preparedness for cyber event recovery. Recovery planning enables participants to understand system dependencies; critical personnel identities such as crisis management and incident management roles; arrangements for alternate communication channels, services, and facilities; and many other elements of business continuity. Organization should create and maintain a complete inventory of assets as reflected in a configuration management database for large organizations or at a minimum a list of the assets that enable it to achieve its mission. Assets should be categorized to the level of data they support.

After completing this session, you will be able to:

  • Describe what a Cyber recovery event is and the importance of having effective plans, processes and procedures to recover from such an event.
  • Define the levels of asset classification and complete a provided sample categorization questionnaire.
  • List the components of a recovery plan document and discuss why it should be technology neutral.
  • In an open discussion forum using a provided scenario, describe what the business could have done to prevent a ransom ware attack.

326–The Life Cycle of a Woman in Tech

Wednesday, 17 October | 9:45AM – 10:45AM

Moderator:

Anna Murray
CEO
emedia, LLC

 

 

Panelist:

Tracy Celaya
Principal Consultant
Go Consulting International, LLC

 

 

Simone Petrella
Chief Cyberstrategy Officer
CyberVista

 

 

Deidre Diamond
CEO and Founder
CyberSN.com

 

 

Charlene Watson, CISSP, CEH, ECSA
Network Architect

 

 


A career in cybersecurity and tech can take many different forms. It can also change over the course of your career. Listen to 5 women talk about their careers and how their ideas about their careers, work life balance, and opportunities have changed over the life cycle of their time in tech.


Return to Event Page >>
 

Workshops

WS1—Cybersecurity Fundamentals

Saturday, 13 October – Sunday, 14 October | 9:00AM – 5:00PM

John Tannahill, CISM, CGEIT, CRISC, CSXP
Management Consultant
J.Tannahill & Associates

Why become a cybersecurity professional? The protection of information is a critical function for all enterprises. Cybersecurity is a growing and rapidly changing field, and it is crucial that the central concepts that frame and define this increasingly pervasive field are understood by professionals who are involved and concerned with the security implications of Information Technologies (IT). The CSX Fundamentals workshop is designed for this purpose, as well as to provide insight into the importance of cybersecurity, and the integral role of cybersecurity professionals. This workshop will also prepare learners for the CSX Fundamentals Exam.


WS2—COBIT 5 for NIST

Saturday, 13 October – Sunday, 14 October | 9:00AM – 5:00PM

2017 Top-Rated SpeakerMark Thomas, CGEIT, CRISC
President
Escoute

The course is designed for individuals who have a basic understanding of both COBIT 5 and security concepts, and who are involved in improving the cybersecurity program for their enterprises. This course is focused on the Cybersecurity Framework (CSF), its goals, the implementation steps, and the ability to apply this information. In addition to learning the core concepts and implementation essentials, this class is full of practical examples, tricks, tips and advice.


WS3—Hands-on Technical Cybersecurity Training

Saturday, 13 October – Sunday, 14 October | 9:00AM – 5:00PM

2017 Top-Rated SpeakerKeatron Evans
Managing Partner and Cyber Security Lead
KM Cyber Security LLC.

Have you downloaded Kali or other security tools and suites but never quite figured out how to do really useful things with it? Were you once technical and now want to get your technical chops back? Are you new to technical cybersecurity? Does it seem like magic when you see forensics, hacks, or penetration testing done? Never hacked a box, performed packet forensics, or memory forensics? Never actually seen an attack happen in real time? Then come take this training. We will spend one day walking you through completing a successful penetration of a server, then spend day 2 doing incident response and forensics on the server and network you spent day one exploiting. The only pre-requisite skill needed is basic familiarity with the Windows operating system. You will learn the Linux techniques you need during the training. You will leave with the tools and techniques to continue learning and more importantly demonstrate to others what the attacks look like, and how to investigate them.

*Please note: To be able to participate in the lab and Capture the Flag portion of the class, attendees are required to bring a laptop with an Internet accessible browser.


WS4—CSXP Lab Bonanza Intermediate

Saturday, 13 October – Sunday, 14 October | 9:00AM – 5:00PM

2017 Top-Rated SpeakerFrank Downs
Director and SME, Cyber Security Practice
ISACA

 

 

Dustin Brewer
Manager, Cybersecurity Technical Content
ISACA

The CSX Practitioner Lab Bonanza offers attendees the opportunity to experience all of the labs presented in the one week Bootcamp in two intensive, action-packed days!

ISACA staff instructors and program developers will guide you through these technically advanced, hands-on labs where you will be dissecting typical problem spots, and learning through detailed insight to ensure your comprehension and application upon return to the office so you are better equipped to overcome threats and create competitive advantages for your career and your organization.

By attending this workshop you will find that by being immersed into the CSXP process you will be able to develop a more robust background to meet current a future cybersecurity challenges and be better prepared to sit for the rigorous demands of the CSXP certification program.

*Please note, while this course is intended to help provide insights into the rigors of the CSXP Exam, students will still need to prepare for the exam independently following the conclusion of this workshop. Students will have access to these labs for 6 months following this workshop to help facilitate this ongoing exam preparation.

*Please note: To fully participate in this workshop, all attendees are required to bring a laptop with an Internet accessible browser.


WS5—CSX Packet Analysis Course Beginner

Sunday, 14 October | 9:00AM – 5:00PM

Kevin Keh
Cybersecurity Platform Engineer, Junior
ISACA

 

 

Matt Weber
Cybersecurity Associate
ISACA

Leverage packets to characterize networks, devices, and people!

The Cybersecurity Nexus (CSX) Packet Analysis Course (CPAC) provides students an understanding of packet and protocol analysis. Students will work with real network traffic captures in real environments and will analyze different communication types and their components. Upon completion, students will be able to passively analyze packet captures and create network topologies and device characterizations – valuable traits in the cybersecurity field.

*Please note: To fully participate in this workshop, all attendees are required to bring a laptop with an Internet accessible browser.


WS6—Develop An Effective Security Roadmap + Program

Sunday, 14 October | 9:00AM – 5:00PM

Todd Fitzgerald
Managing Director
CISO Spotlight, LLC

For the technical or managerial individual desiring to lead an information security program, providing the steps and information necessary. The session will build a program from the Board of Directors interaction through training the end user.

The session will provide guidance for the technical individual desiring to become a CISO in the future. Coverage includes building an information security program from the security strategy development through implementation of technical security controls and the process challenges. The session will cover interactions with the C-suite, policy development, reporting structures, managerial/operational/technical control selection, security awareness, challenges, frameworks, privacy regulations, law and ethical considerations, security incidents, and interacting with senior and middle management to move the security program forward. This program fills the gap in taking a technical individual and providing insight into what leadership of the security program entails. The individual may be planning a CISO career path in the near term or future, and this will provide the skills necessary.


Return to Event Page >>
 

Keynotes

Opening Keynote Speaker

Cybersecurity in the Age of Connectivity: A Practical Guide to Protecting What’s Most Important

Monday, 15 October | 8:30AM – 9:30AM

Laura GalanteLaura Galante
Leading Cybersecurity Analyst | Senior Fellow, Atlantic Council and Founder, Galante Strategies

Cyber spying. Russian hacking. DNC leaks, fake news, and manipulation. To LAURA GALANTE, cybersecurity—and cyber literacy—are indispensable tools for any government or corporation. From The New York Times and CNN to the TED2017 main stage, Galante makes sense of a subject notorious for spin—and links the need for digital literacy to a defense of both corporate security and democracy itself.

Laura Galante analyzes how the modern state uses cyberspace, or information space, to further its interests. She describes a domain where militaries, intelligence services, criminal groups, and individuals interact and jockey for power—with far fewer restraints than in the physical world. She is both a leading voice and trusted authority for organizations and media seeking plain-spoken, lucid explanations of this phenomenon, including CNN, Bloomberg, NPR, BBC, Fox News, The New York Times, The Financial Times, The Wall Street Journal, as well as the TED2017 main stage. In spring 2017, she founded Galante Strategies to assist governments, corporations, and private citizens in recognizing, and responding to, cyber and information threats.

Galante previously served as Director of Global Intelligence at FireEye, where her teams investigated network activity, profiled advanced threats, and communicated the political, military, and financial implications of cyber operations. A founding member of Mandiant Intelligence, her work has involved leading strategic analysis, developing intelligence capabilities and offerings, and directing intelligence publications, including: APT28: A Window into Russia’s State Cyber Espionage; Red Line Drawn: China Recalculates its Use of Cyber Espionage; and Hacking the Street? FIN4 Likely Playing the Market.

In November 2016, Galante spoke at the UN Security Council’s meeting on cybersecurity and international peace and security. Prior to her work at FireEye and Mandiant, she led a contractor team analyzing cyber capability development and military doctrine at the U.S. Department of Defense, and supported the 2010 U.S.-Russia bilateral information security talks. She holds a J.D. from the Catholic University of America and B.A. in Foreign Affairs and Italian from the University of Virginia.


Leadership Brief

Culture of Cybersecurity

Monday, 15 October | 8:30AM – 9:30AM

Rob ClydeRob Clyde, CISM, NACD Board Leadership Fellow
Chair of ISACA’s board of directors and Executive Chair of Board of Directors, White Cloud Security, Board Director, Titus

ISACA and CMMI Institute reveal new global research today on how enterprises can build a culture of cybersecurity throughout their organizations. Ninety-five percent of companies report a gap between the security culture they want and the one they have. Take a first look at the results and learn how to build a stronger cybersecurity culture to increase the profitability and viability of your organization.


Tuesday Keynote Speaker

Cybercrime’s Industrial Evolution

Tuesday, 16 October | 1:30PM – 2:30PM

Kevin PoulsenKevin Poulsen
Award-winning journalist and a contributing editor at WIRED magazine and The Daily Beast

A one-time hacker, Poulsen was prosecuted in 1991 for using his illicit access to telephone company systems to cheat at radio station phone-in contests. He began writing in 1997, and later served as editor of SecurityFocus before joining Wired in 2005. In 2006 Poulsen conducted a computer-assisted investigation into the presence of sex offenders on social networking sites, which spawned federal legislation. In 2010, Poulsen broke the news that an Army intelligence analyst named Bradley (now Chelsea) Manning had been quietly arrested for leaking hundreds of thousands of classified documents to WikiLeaks. More recently, Poulsen worked with the late Aaron Swartz to design and develop SecureDrop, an open-source software platform for secure communication between journalists and sources, now used at over a dozen news organizations including the Washington Post and the Associated Press. He is the author of Kingpin: How One Hacker Took Over the Billion Dollar Cyber Crime Underground.

In the last five years Russian hackers have stolen billions from banks in the US and elsewhere, using everything from sophisticated malware to complex social engineer schemes. North Korean hackers grabbed $81 million from a Bangladesh Bank and another $5 million from a BitCoin exchange in Seoul. Nation states have weaponized hacking to steal secrets, sabotage equipment and influence national elections.

It wasn’t always like this. Decades ago a hacker was more likely to be an overly curious teenager or a broke college student than an international criminal mastermind with an eight-figure bank account. Kevin Poulsen, an ex-hacker turned award-winning journalist, will take you through the stunning revolution that transformed hacking from a computer geek’s pastime into a vast underground industry entangled with organized crime and national intelligence services around the world.


Closing Keynote Speaker

NextTech: The Future of Technology, Security, and Threats

Wednesday, 17 October | 11:00AM – 12:15PM

P.W. SingerP.W. Singer, PH.D.
Strategist and Senior Fellow at the New America Foundation

Peter Warren Singer is Strategist and Senior Fellow at the New America Foundation, the author of multiple award-winning books, and a contributing editor at Popular Science. He has been named by the Smithsonian Institution-National Portrait Gallery as one of the 100 "leading innovators in the nation," by Defense News as one of the 100 most influential people in defense issues, by Onalytica social media data analysis as one of the ten most influential voices in the world on cybersecurity and 25th most influential in the field of robotics, and by Foreign Policy to their Top 100 Global Thinkers List, of the people whose ideas most influenced the world that year.

Described in The Wall Street Journal as "the premier futurist in the national security environment," Dr. Singer is considered one of the world's leading experts on changes in 21st century warfare, with more books on the military professional reading lists than any other author, living or dead. He has consulted for the US Military, Defense Intelligence Agency, and FBI, as well as advised a range of entertainment programs, including for Warner Brothers, Dreamworks, Universal, HBO, Discovery, History Channel, and the video game series Call of Duty, the best-selling entertainment project in history. He served as coordinator of the Obama-08 campaign's defense policy task force and was named by the President to the US Military's Transformation Advisory Group. He has provided commentary on security issues for nearly every major TV and radio outlet, including ABC, Al Jazeera, BBC, CBS, CNN, FOX, NPR, and the NBC Today Show. In addition to his work on conflict issues, Singer served as a member of the State Department's Advisory Committee on International Communications and Information Policy and as an advisor to IDS. In the entertainment sector, he has received awards/support from the Tribeca Film Institute, Sloan Filmmakers Fund, Film Independent, and FAST Track at the L.A. Film Festival.

Robots, Artificial Intelligence, Cyberwar, 3D printing, bio-enhancements, and a new geopolitical competition; the 21st century is being shaped by a range of exciting, and scary, new trends and technologies. A best-selling author described by the Wall Street Journal as "one of Washington's pre-eminent futurists," and a consultant for groups that range from the CIA and the Chairman of the Joint Chiefs to Hollywood and the Call of Duty video game series, Singer uses an exciting speaking style to explore for an audience the key trends emerging today that will shape the world of technology and security tomorrow.


Leadership Brief

Digital Transformation

Wednesday, 17 October | 11:00AM – 12:15PM

Brennan P. BaybeckBrennan P. Baybeck, CISA, CISM, CRISC, CISSP
Vice Chair of ISACA’s board of directors and Vice President of Global IT Risk Management for Oracle Corporation (USA)

ISACA research, released in September 2018, reveals how leadership and enterprises are doing with their ongoing journeys to reimagine business practices by securely and effectively deploying new technologies such as artificial intelligence (AI). Digital transformation is just as much about leadership as it is about the technology itself; learn how we need to continue to reimagine what these changes mean for us in our roles.


Building a Culture of Cybersecurity

Tuesday, 16 October | 8:30AM – 9:30AM

Moderator:

Brennan P. BaybeckBrennan P. Baybeck, CISA, CISM, CRISC, CISSP
Vice Chair of ISACA’s board of directors and Vice President of Global IT Risk Management
Oracle Corporation (USA)

 

 

Panelists:

Tim Callahan, CISSP, CPM, CTM
Senior Vice President, CSO
Aflac

 

 

Donald Gallien, CISA, CISM
Vice President, Portfolio General Auditor
American Express

 

 

Heather Wilde
Chief Technology Officer
ROCeteer
Chief Technology Officer and Co-Founder
Travel With Interesting People – TWIP

 

Candace Worley
Vice President and Chief Technical Strategist
McAfee

Based on new research from ISACA and CMMI Institute, this much-needed discussion will examine how—or whether—organizations are incorporating a culture of cybersecurity at every level. What are the most important steps to building a cybersecurity culture? How can you embed cybersecurity awareness at every level? Organizations with strong, robust cyber cultures are risk-aware and focus on building and supporting the capabilities of the people, processes and technologies of their cyber programs, both from the bottom up and from the board of directors down. Get the latest data and guidance on this topic from renowned business and cybersecurity leaders.


Return to Event Page >>
 

Spotlight Sessions

SS1–See What a Hacker Sees. Translate Cybersecurity Findings into Compliance Risks.

Monday, 15 October | 5:30PM – 6:00PM

  Download Presentation

Fouad Khalil
Vice President Compliance
SecurityScorecard

This session will focus on cybersecurity threats that organizations across all industries face every day. Cyber-risks lead to compliance risks, and organizations must be able to address these risks to meet regulatory and compliance requirements.

State legislations, federal mandates, and globally-impacting regulations require us to remain diligent in the fight against cyber-crime and to protect our critical assets and information.

There are varying approaches to ensure we address these compliance risks. During this session we will cover high cyber-risks can impact multiple regulations and standards, and we will identify best practice remediation steps and control implementations to make our environments more secure.

After completing this session, you will be able to:

  • Identify top priority cyber-risks and how they result in compliance risks.
  • Map compliance risks to key controls across multiple frameworks.
  • Walk through best practice compliance risk remediation steps.

SS2–Goodbye Yellow Bricked Road: The Convergence of Cybersecurity and Business Continuity

Monday, 15 October | 5:30PM – 6:00PM

  Download Presentation

Christopher Duffy, CBCP, CISSP
Vice President of Professional Services
SAI Global

In today’s environment a major cyber attack or breach is at the top of the list. So why do business continuity and cyber security continue to be managed in separate silos? Recovery in isolation leads to failure. Attend this session to hear how the merger of these two groups creates successful recovery strategies, and how to affect this change in your organization.

After completing this session, you will be able to:

  • How to build a cybersecurity recovery plan that makes sense for your organization
  • What steps to take to align your Business Continuity and Cyber Security Response
  • Why it’s important to integrate a crisis communication plan

SS3–Making Sense of the Data from your Cybersecurity Tools

Monday, 15 October | 5:30PM – 6:00PM

  Download Presentation

Phil Shomura
Senior Product Manager
ACL Services

The biggest challenge with having an arsenal of cybersecurity tools at your disposal is determining how to sift through and decipher the insights from all that data. ACL's technology can easily tap into any of your systems to aggregate, harmonize, contextualize and analyze your data. The platform uses automation to search disparate data sets and illuminate vulnerabilities and risks, then orchestrates the workflow for incident management and remediation.

After completing this session, you will be able to:

  • Identify key integration points within an organization
  • Apply data analytics to key control areas for continuous monitoring
  • Develop a standardized workflow and streamline reporting
  • Understand how to connect disparate systems and analyze data across systems

SS4–Quantitative Methods for Assessing Cyber Risk

  Download Presentation

Monday, 15 October | 6:15PM – 6:45PM

Marshall Kuypers, PhD
Head of Cyber Risk
Qadium

Organizations have sophisticated models for assessing many types of risk that face their organization, including property damage, injury compensation, and the risk of product failure. In cyber however, organizations often resort to 'red, yellow, green' assessments instead of using data driven methods. This talk will present a case study from a large organization showing how historical incident data can be used to quantify cyber risk and return on security investment for different safeguards.

After completing this session, you will be able to:

  • Understand the data-driven methods that can be applied to assessing cyber risk.
  • Understand how safeguards against attacks can be compared and prioritized using quantitative methods.
  • Use monetary impacts to help justify budgets and communicate risk.

SS7–Bringing Digital Disruption in Internal Audit to Life

  Download Presentation

Tuesday, 16 October | 5:30PM – 6:00PM

Ben Horton
Senior Manager
Deloitte & Touche LLP

Increasingly, internal audit functions are harnessing automation and cognitive technologies to enhance efficiency and effectiveness. In addition, as businesses progress their use of automation, new and unexpected risks must be addressed. Join us to learn more about the benefits and risks of automation and explore several use cases for it’s adoption within an internal audit function.

After completing this session, you will be able to:

  • Describe several ways in which disruptive technologies such as analytics, robotic process automation, and cognitive intelligence can be deployed in internal audit
  • Identify potential applications of automation throughout the internal audit life cycle
  • Apply a methodology for identifying automation use cases and considerations for a target operating model
  • Begin to document considerations for auditing automation technologies within your organization – identifying both current and future risks

SS8–Adobe’s Open Source CCF Enables Quick Adoption of New Compliance Standards

Tuesday, 16 October | 5:30PM – 6:00PM

  Download Presentation

Prasant Vadlamudi
Director of Tech GRC
Adobe

 

 

Prabhath Karanth
Manager - Tech GRC
Adobe

Over the past several years, we have developed and open sourced Adobe Common Controls Framework by Adobe (CCF), enabling our cloud products, services, platforms and operations to achieve compliance with various security certifications, standards, and regulations such as SOC2, ISO, PCI, HIPAA, and others. CCF is a cornerstone of our company-wide security compliance strategy. It also provides the flexibility to quickly adapt to and tackle new compliance and certification requirements as needed for our business and solutions. The power of CCF has most recently helped us achieve the FedRAMP Tailored authorization and will continue to help Adobe adapt to constantly changing requirements. This talk will focus on how we achieved the above using our open source framework.

Adobe Creative Cloud for enterprise, Adobe Document Cloud PDF Services, and Adobe Sign have received Agency Authorization to Operate (ATO) under the FedRAMP Tailored Baseline program for Cloud Service Providers (CSPs) with Low-Impact Software-as-a-Service (LI-SaaS) Systems. Adobe is the first vendor in the new Federal Risk and Authorization Management Program (FedRAMP) Tailored program with the General Services Administration (GSA). The FedRAMP Tailored program makes it easier for government agencies to quickly adopt new cloud services that improve digital experiences, such as building more engaging and mobile friendly websites, signing forms electronically, and applying security to information across their networks. FedRAMP Tailored policy and requirements provide a more efficient path for solution providers to achieve a FedRAMP Agency Authorization to Operate (ATO). It was developed as an alternative to full FedRAMP authorization to enable government agencies to get qualifying solutions that do not handle sensitive information into their environments more quickly. Adobe has been partnering with key Federal government agencies since the launch of FedRAMP Tailored to help achieve authorization for several of our cloud solutions.

After completing this session, you will be able to:

  • Understand how Adobe’s open source CCF framework provides the flexibility to quickly adapt to new or changing compliance standards
  • Learn how we rapidly integrated FedRAMP Tailored into our compliance portfolio
  • Learn about the future of open source CCF


Return to Event Page >>
 

Events

SheLeadsTech Networking Breakfast

Monday, 15 October | 7:30AM – 8:15AM

Join us at the SheLeadsTech Networking Breakfast. This is a great opportunity to meet other attendees at the conference. Space is limited and badges will be required for admittance.


Return to Event Page >>