CYBER THURSDAY | BOSTON – May 23, 2024

SPEAKERS

JUSTIN ARMSTRONG – Founder, Armstrong Risk Management

MAKING IT REAL — HOW TO GAIN ALLIES IN THIS CYBER WAR.

Would you like to be able to gain long-term allies among executives, developers, sales, and other parts of your organization?

In this session, you will learn several practical points so that you can be more effective when you

  • Communicate risk
  • Ask for resources
  • Herd Cats! (Work with Developers and Engineers)

This session is crammed with real-life examples and the lessons derived from them. Justin will draw on his experience in developing security programs from the ground up, as well as lessons learned from the nearly 100 ransomware incidents at Hospitals where he was engaged.

ERIC ANDERSON – Cybersecurity Architect, Atlantic Data Security

SHIFT LEFT SECURITY IN DEVSECOPS

You’ve likely heard about Shift Left Security in DevSecOps, but have you honestly considered what it means? Who benefits from it? Who’s responsible for it? Is it even a good idea?

Stereotypical developers and security personnel don’t usually coexist well. While one group is primarily responsible for delivering functional apps and content on time, the other is responsible for protecting the organization – and its intellectual property – from all sorts of evil. While the lives of developers would be simplified by fewer security-related hurdles and road blocks, the lives of the security teams would be simpler if they could just lock everything down completely. Neither is a workable solution, and thus the constant back and forth struggle.

Let’s explore this tumultuous situation, and discuss how broadening perspectives, sharing responsibilities, and fostering cooperation could actually simplify things and improve outcomes for everyone involved.

MICHAEL LELAND – Chief Cybersecurity Evangelist, SentinelOne

THE IMPORTANCE OF IDENTITY THREAT PROTECTION

Sophisticated and opportunistic adversaries rely heavily on identity compromise multiple times across the attack lifecycle. Protecting credentials and the identity infrastructure that hosts them (AD/EntraID) has become a critical component of a comprehensive security strategy. IAM, PAM, and EDR are no longer sufficient but must be combined with effective Identity Threat Detection & Response to prevent attackers from discovering and exploiting key weaknesses across every enterprise.

STACEY FORTIN – Director of Cyber Security, Sensata Technologies

INCIDENT RESPONSE AND MANAGEMENT

Incident Response is a broad topic, but knowing what to share with senior management or the board of directors is a skill to hone through experience. Helping the board understand the impact of an incident takes finesse and effective communication. Contrary, helping them understand that not every incident is reportable or impactful is equally as important. With appropriate defenses, team expertise, and logic, cyber incident response can be managed in a timely manner.

STEPHEN GATCHELL – Director of Data Advisory, BigID

COMBINING AI AND PROCESS TO DRIVE SECURITY REMEDIATION AUTOMATION

In the rapidly evolving landscape of cybersecurity, the need for efficient and effective security remediation strategies has never been more critical. Through the use of machine learning algorithms, natural language processing, and data analytics, the approach automates the identification of vulnerable sensitive data and how to remediate the data at the group, individual or document level. We further explore the challenges associated with implementing such a system, including ownership identification, integration with existing processes, and how to prioritize actions to deliver the greatest risk reduction.

WILLIAM SMELTZER – CISO, Focus Technology Solutions

WHY CYBERSECURITY ISN’T A IT PROBLEM

William will discuss why approaching cybersecurity from an IT perspective is ineffective and costly.

ILYA DREYTSER – VP, Solutions Engineering, Quokka

MOBILE THREAT LANDSCAPE, GOING BEYOND THE MDM

At the end of 2023, the Office of the Inspector General released a study of mobile security at ICE. The analysis showed that ICE employees and contractors had many risky and malicious apps on their mobile devices, even though those devices were enrolled in a top-notch MDM (Mobile Device Management) system and were using Mobile Threat Defense tools as well. OIG recommended that ICE use the CISA MAV (Mobile App Vetting) service which can identify these unknown risks.

MDM systems have been around for over a decade, and are prevalent in the enterprise, yet they were never intended to be security tools – rather they are meant to control the device. BYOD is also prevalent in many small, medium, and even large enterprise settings as well, exposing those users and their employers to even greater risk.

In this talk, we will cover the common and uncommon risks unique to the mobile landscape, and how to identify and avoid them at scale. The talk will provide real-world examples of zero-days discovered by Quokka (previously Kryptowire) researchers – the folks who first identified that TikTok was sending data to China 7 years ago.