Agenda | Friday, June 17th | 10:00 AM - 4:15 PM EDT
Schedule | Description |
---|---|
10:00 - 10:15 AM EDT | Welcome & Opening RemarksJake Williams, SANS Instructor & Subject Matter Expert |
10:15 - 10:50 AM EDT | Leveraging AI to Enhance Your Email SecurityDid you know that 90% of incidents that end in a data breach start with a phishing email?That’s why it is imperative to have strong defenses to withstand today’s sophisticated email threats, such as phishing. Phishing messages can be kept away from employees by leveraging advances in AI technology to perform specialized tasks or operations. AI-powered automated email security gives your business an edge against cybercrime, providing a host of benefits like faster detection of phishing-related cyberattacks, better incident response capability, and improved cyber resilience. In this session, you’ll learn:
Manoj Srivastav, GM Security Products, Kaseya | Cofounder, Graphus |
10:50 - 11:25 AM EDT | Insider Intelligence vs. Employee Surveillance - Why The Difference is HumanThere’s one consistent and prevalent security gap in every enterprise. Whether your organization provides healthcare, processes financial transactions, or moves freight from one place to another, the common denominator remains the same: the human element. Insider Risk Management Surveillance-based technologies have not only employed invasive content inspection, keystroke logging, and video capture capabilities but also often collect more data than necessary for their stated purpose. This has created unnecessary employee privacy issues, as well as significant costs associated with excess data storage and processing. This is why global organizations are turning to Insider Risk Management Intelligence-based platforms. To embrace employees as a source of intelligence rather than a subject of surveillance. Join us to get a greater understanding of Insider Risk Management Power of the 7 — Privacy, Scalability, Behavioral Analytics, Reporting, Time to Value, Ecosystem Integration, and Total Cost of Ownership — and details numerous examples of how intelligence drives partnership, trust, engagement, and resilience across data, machines, applications, and people. Armaan Mahbod, Director - i3 Insider Investigations & Research Team, DTEX Systems |
11:25 - 12:00 PM EDT | The Big Business of Ransomware as a ServiceIn 2021 the average ransomware demand in cases handled by Unit 42 climbed 144% over 2020. At the same time, there was an 85% increase in the number of victims who had their names and other details posted publicly on dark web “leak sites'' that ransomware groups use to coerce their targets into paying. Unit 42 Security Consulting responds to hundreds of ransomware cases annually. Along the way, they have learned the art and science of dealing with ransomware attack groups. During this session, Unit 42 security consultants will provide insights about the cases they worked on in 2021 through a review of the case data, ransoms requested and paid, and analysis of ransomware gang data leak sites. Jeremy Brown, Director, Unit 42 by Palo Alto Networks |
12:00 - 12:15 PM EDT | Break |
12:15 - 12:50 PM EDT | Phish or Fraud: See How XDR Can Stop Inside and Outside ThreatsInsider threats and phishing campaigns can both lead to the exfiltration of your data. And yes, executive stakeholders are only interested in stopping the hemorrhaging without concern for the source. But what if you could stop the bleeding, and identify whether it came from an insider or a phish? XDR solutions can help you stop the leak and solve the mystery of origination. Having a strong endpoint solution is just the start. You also need cloud security for your users. Add in an advanced email protection offering and you have the trifecta. Join Cisco as we discuss and demonstrate the power of an integrated XDR solution through the integrated solutions of endpoint, cloud, and email security. We will showcase how each of those solutions contributes to stopping and identifying the source. Adam Tomeo, Product Marketing Manager, Cisco Secure |
12:50 - 1:25 PM EDT | Insider Threats: There’s More in the Ocean Than Just PhishAs the work-from-anywhere environment has evolved and employee turnover has increased, the potential for security breaches from within the organization has risen. Many security teams lack the visibility into the data activity required to detect and defend against insider threats. Join this webinar to learn how to:
Ryan Whelan, Technical Product Manager, Devo |
1:25 - 2:00 PM EDT | The Great Exfiltration: Employees Leave and Take the KeysAccording to the 2022 Ponemon Institute Cost of Insider Threats: Global Report, insider threat incidents have risen 44% over the past two years, with costs per incident up more than a third to $15.38 million. Among the reasons for this increase is the rise of the "Great Resignation" per SecurityBouldevard.com. A common thread, and often the most damaging aspect, of insider threat incidents is the exfiltration of company data. Detecting exfiltration activity is elusive since it resembles legitimate business activity and in recent years is even more challenging given the increase of cloud-first networks and users working from home. A variety of analytical methods and observational vantage points must be employed to provide the best detection posture against data exfiltration, from scenario-based rules and behavioral baselining to user and entity scoring. In this session, the LogRhythm Labs team will demonstrate techniques for detection of exfiltration in a variety of network topologies (work-from-home, cloud-only, on-premises) using the LogRhythm product line. Dan Kaiser, Principal Threat Research Engineer, LogRhythm |
2:00 - 2:15 PM EDT | Break |
2:15 - 2:50 PM EDT | Malware 2021 to Present Day - Building a Preventative Cyber ProgramMalware has been around for years however, there has been a massive increase in malware activity since 2020. Two key contributing factors are 1) global shift to WFH/remote work. 2) significantly wider attack surface. Additionally, we’ve experienced supply chain attacks forcing organizations to re-evaluate their partners, suppliers, and even their own SDLC. Furthermore, increased malware has contributed to ransomware attacks that now employ double and triple extortion techniques. This presentation will review the recent evolution of malware and how your organization can build a unified and complete cyber program focused on preventing current and future attacks. Grant Asplund, Chief Cyber Security Evangelist, Check Point Software Technologies |
2:50 - 3:25 PM EDT | The “Oh Wow” Moments with Zero Trust Network Access AnywhereAs OT continues to connect to IT systems and unmanaged assets are connected everywhere, your initially designed OT segregated networks have suddenly become flatter than you realized. Do you have vintage OS, vulnerable exposed ports, or users remote accessing into critical systems over unsafe protocols? How do you detect ransomware early? How do you respond to modern targeted Ransomware attacks purpose built for IT/OT converged infrastructure? In this session, you’ll learn:
Ritesh Agrawal, CEO and Co-Founder, Airgap Networks, Inc. |
3:25 - 4:00 PM EDT | Deep Dive on Phishing TrendsJoin us on to uncover the latest phishing attack discoveries, trends, and predictions revealed in the ThreatLabz 2021 Phishing Report. Experts from Zscaler ThreatLabz will analyze a year’s worth of phishing data from the world’s largest security cloud to teach you how to identify and defend against the leading tactics and techniques used by scammers today. Join us to learn about:
Deepen Desai, Chief Information Security Officer & VP Security Research, Zscaler |
4:00 - 4:15 PM EDT | Wrap-UpJake Williams, SANS Instructor & Subject Matter Expert |