Spring Cyber Solutions Fest 2024: Insider Threat & Identity Access Management Track

Is it really over when you are hacked? Or is it only over when our adversary has secured their impact and actions on objective? Perimeters are bound to be broken, but our game-over" scenarios should still be defended. We need to not only protect our inside, but carefully define what exactly are we defending? What has the highest impact on our organization, and from there on carefully architect our defenses to ensure we can always survive, even if we get hacked. 

We have learned that the perimeter has changed. We have a blend of inside and outside, often caused by a range of Software as a Service, Cloud Services, remote workers and more. So how do we stay secure? Come attend this forum to learn tactics, techniques and procedures we can employ to help us stay strong and secure.  

Forum Highlights: 

  • Discover how industry leading technologies and techniques can assist you with internal security policies in the workplace 
  • Learn from industry leaders as they dive into cutting-edge use case studies and specific examples, while highlighting how the tactics, techniques & procedures can provide the right information to help deter an insider threat 
  • Interact with SANS chair Chris Dale, speakers and peers in the interactive Slack workspace by posting questions and discussing the forum topic 

STOP, there's more!

  • Check out our other featured tracks to gain more valuable content + earn additional CPE credits --> LEARN MORE
  • Get connected with our event chairs, guest speakers, and fellow attendees for our 2024 events --> GET CONNECTED


Thank You to Our Sponsors

Full_Logo_Lockup_full_color_dark.pngCyborg Security LogoNEW-duoLogo-web.pngOkta_New_Logo_Black.pngrapid7.pngUnknown.pngSonrai_logo_stacked_purple-black.png

Agenda | April 18, 2024 | 10:00AM-1:45 PM EDT


Session Description

10:00 AM

Kickoff & Welcome

Chris Dale, Event Chair, SANS Instructor

10:20 AM

Session One | The (IAM) Call is Coming From Inside the House

Most have a dark and malicious image in their head when they hear ‘insider threat’, but there can easily be a different kind of insider threat in your cloud.

Some cloud permissions are more sensitive by nature than others. They can create opportunities for access into your environment, gaining credentials, evading detection, or impacting your data. What happens when you lose control over who has these sensitive permissions?

Join us as we walk through several accidental or mistaken insider threat scenarios that may not seem dangerous, but could be. We’ll end with guidance on what you can do to better control access and cloud permissions. Example powerful permissions:

- Microsoft.Automanage/configurationProfileAssignments/Delete

- Securitycenter.muteconfigs.create

- CreateFunctionUrlConfig + UpdateFunctionUrlConfig

- CreatePresignedNotebookUrl

Jeff Moncrief, Field CTO & VP of Sales Engineering, Sonrai Security

10:50 AM

Session Two | Innovate or Integrate: The IGA Dilemma

In this course "Innovate or Integrate: The IGA Dilemma," we delve into the common predicament faced by organizations when deciding between building internal identity governance processes or seeking external assistance to manage their identity landscape. Through insightful discussions and practical examples, we explore the key aspects of establishing a successful identity governance program, factors such as organizational size, and specific considerations that arise during the decision-making process. Whether you're new to IGA, seasoned pro, or CISO, this course equips you with the knowledge and insights necessary to navigate the complexities of the IGA dilemma and make informed choices for your organization's identity management strategy

Alexis Moyse, Co-founder and CEO, Clarity Security

11:20 AM

Session Three | Elevate your security with a unified approach to Identity and Privileged Access

Traditionally, organizations have maintained least privilege by using Identity Governance and Access (IGA) and PAM solutions separately to complement their Identity solution. However, this fragmented approach using siloed tools has struggled to keep pace with the scale of the cloud, often requires custom integrations, and results in a poor user experience.

This session will dive into why more and more organizations are intent on choosing a unified identity solution, where all users can get access to all applications, resources, and infrastructure in one place, with the controls necessary for admins to maintain least privilege.

Come learn why Okta Privileged Access is unlike traditional PAM solutions and can help you achieve better visibility, compliance, and security.

Elizabeth Baier, Sr Product Marketing Manager, Okta

11:50 AM


12:00 PM

Keynote Session | Navigating Your Cybersecurity Career Panel

As the digital landscape evolves at an unprecedented pace, challenges and opportunities lie ahead for cybersecurity professionals. How will emerging technologies and artificial intelligence shape our industry? Will Artificial Intelligence take over cybersecurity jobs in the future? Join us for an engaging keynote panel featuring distinguished guests Candace Williams and Marie Galloway, as we navigate through the dynamic landscape of cybersecurity careers in the age of innovation. Gain valuable insight and advice on navigating your cybersecurity career as we delve into these compelling questions and more, offering a roadmap for success in this ever-evolving field.

Naomi Buckwalter, Executive Director, Cybersecurity Gatebreakers Foundation

Candace Williams, Founder, Cyb(her) Ally

Mari Galloway, CEO, Cyberjutsu

1:00 PM

Session Four | Why It's Easy Being a Hacker: Tales From Chris Dale

Chris Dale, Event Chair, SANS Instructor

1:30 PM

Closing Remarks

Chris Dale, Event Chair, SANS Instructor