Agenda | November 18, 2022 | 9:30 AM - 5:00 PM EST
Welcome & Opening Remarks
Ismael Valenzuela, Senior Instructor, SANS Institute
Sharing Security Signals: Improving Access Control by Working Together
In this talk, we’ll revisit a fundamental component of workforce access: the session. Sessions dictate just how long a user maintains their privileges – making it a core part of access control. Unfortunately, security vendors often can't communicate their information effectively or dynamically to decisions regarding the session. There is network context that doesn’t affect identity decisions or device signals that don’t affect workload decisions. Join us to learn a method for sharing relevant security signals across different access and detection points in real time. Moreover, you’ll learn how sharing signals will improve security resiliency via use case demonstration.
Nancy Cam-Winget, Fellow, Cisco Secure
Data Sensitivity Impacts on Zero Trust Implementation
Not all zero trust is created equal. In this talk, Andy will discuss how organizations are implementing a zero trust framework, and how the importance of data classification applies to implementing the proper level of control in a modern environment.
Andrew Olpin, Cyber Solutions Architect, Lookout
How to secure a modern remote workforce, VPN vs. ZTNA
As businesses large and small look to evolve their digital and remote access strategies, the technology supporting cybersecurity has to evolve, too. That’s why organizations worldwide are shifting towards adopting Zero Trust Network Access (ZTNA), giving them the ability to increase security while enabling flexible remote work with modern remote access technologies.
You probably have questions, starting with “How does ZTNA compare to VPN?”
Join us as our cyber experts take a deep dive into ZTNA to address:
Andrew Mundell, Principal Security Engineer, Sophos
Chris McCormack, Director, Product Marketing Sophos
Rob Andrews, Director of Product Management, Sophos
Understanding the One True Zero Trust Architecture
Essential to any business and is revolutionizing how they connect users and devices, protect data, and access tools and applications. However, understanding zero trust and its true architecture can get confusing since security vendors are falsely claiming to deliver zero trust architecture to be able to retrofit their point products or legacy architectures. In this session we’ll walk through:
Ankit Gupta, Senior Product Marketing Manager, Zscaler
The Journey to SSE/Zero Trust 2.0
Due to the growth of “Cloud” over the past ten years, organizations have moved from the data center to “centers of data”. As applications are now distributed, the networks and security solutions have become more complex and brittle. Adding fuel to this fire of complexity, network and security solutions must now address the demands of the hybrid workforce. In this talk, John and Jaye will discuss how you can use Security Service Edge in a simple way to solve some of the complex network security problems no matter how large your organization.
John Spiegel, Director of Strategy, Axis Security
Why Microservices Authorization Is Critical To Achieving Zero Trust
The proliferation of cloud-native technologies creates a significantly more complex attack surface for enterprises to defend, making a zero-trust security strategy more crucial than ever. In building defense in depth, there is great value in applying policy-as-code authorization to microservices applications, which enables continuous authorization checks based on contextual data across a multitude of application components. In this session, you’ll gain valuable insights into:
Sandy Kapoor, Senior Director of Engineering, Styra
The Zero Trust Advantage for Medium-Sized Companies
In this session we will cover how medium-sized companies can leverage Zero Trust principles to successfully meet the digital transformation and remote work challenges. On one hand, the shift to hybrid work models is requiring secure employee connectivity from all possible locations: office, home, and on the road. On the other hand is the shift of applications to the cloud, requiring consistent security across physical, public cloud and SaaS environments. The right Zero Trust approach can help medium-sized companies to simply and securely transition to the future.
Amit Bareket, Co-Founder and CEO, Perimeter81
Who Watches the Watchers? Why Zero Trust Requires Uncompromising Network Visibility
On the road to Zero Trust you've taken steps like segmenting your network, implementing multi-factor authentication, and instrumenting least access privileges. Zero Trust, however, is not a destination, but a continuous practice and one that "requires continuous verification of the operational picture via real-time information from multiple sources to determine access and other system responses" according to NIST cybersecurity guidance. Attend this webinar to learn about the crucial role network monitoring plays in establishing this operational picture and how you can best leverage it to ensure ongoing compliance with your Zero Trust goals.
John Gamble, Sr. Director of Product Marketing, Corelight
Hybrid Mesh Security: Your secret weapon on the path to Zero Trust
Every environment is unique. Most use both on-premises and cloud-based architectures to distribute edge and data center networking and to provide security. The processes and tools used to implement zero trust principles must accommodate hybrid networks and span architectures to protect data, access, and infrastructure simultaneously. This is the concept behind hybrid mesh security.
In this session, learn what hybrid mesh security is and see examples of how this new security architecture helps implement zero trust for users, devices, workloads, and network environments.
Mike Spanbauer, Field CTO, Security, Juniper Networks
Zero-trust Should Extend to Security Vendors, Right?
We all get it, we need a zero-trust strategy. But why do security vendors, and their tools, require us to trust them? What happens if they are breached? This session will cover common ways your data could be exposed by a 'trusted' vendor during your zero-trust journey.
Samuel Hill, Director of Product Marketing, Cyolo
Align Your Cloud Security Plan with the Cyber Security Exec Order
The timeline to modernize cybersecurity for both the public and private sectors is accelerating because of the growing number of global security breaches. Over 98% of organizations have experienced at least one cloud data breach in the past 18 months, costing an average of $4.2M. The Cybersecurity Executive Order is a critical indicator that the US takes this seriously and understands how important it is to be proactive in securing the cloud. The way applications are developed and deployed (in the cloud and on containers), means looking at cloud security, Zero Trust architectures, and regulatory compliance in order to meet the mandates, keep moving ahead of the hackers and reduce risk.
Join Sysdig’s Branden Wood, federal ambassador and Technical Engineer, Ryan O’Daniel, as they discuss:
Branden Wood, Senior Director, Federal Ambassador, Sysdig
Ismael Valenzuela, Senior Instructor, SANS Institute