Agenda | Friday, June 17th | 10:00 AM - 4:15 PM EDT
10:00 - 10:15 AM EDT
Welcome & Opening Remarks
Jake Williams, SANS Instructor & Subject Matter Expert
10:15 - 10:50 AM EDT
Leveraging AI to Enhance Your Email Security
Did you know that 90% of incidents that end in a data breach start with a phishing email?That’s why it is imperative to have strong defenses to withstand today’s sophisticated email threats, such as phishing. Phishing messages can be kept away from employees by leveraging advances in AI technology to perform specialized tasks or operations. AI-powered automated email security gives your business an edge against cybercrime, providing a host of benefits like faster detection of phishing-related cyberattacks, better incident response capability, and improved cyber resilience.
In this session, you’ll learn:
Manoj Srivastav, GM Security Products, Kaseya | Cofounder, Graphus
10:50 - 11:25 AM EDT
Insider Intelligence vs. Employee Surveillance - Why The Difference is Human
There’s one consistent and prevalent security gap in every enterprise. Whether your organization provides healthcare, processes financial transactions, or moves freight from one place to another, the common denominator remains the same: the human element.
Insider Risk Management Surveillance-based technologies have not only employed invasive content inspection, keystroke logging, and video capture capabilities but also often collect more data than necessary for their stated purpose. This has created unnecessary employee privacy issues, as well as significant costs associated with excess data storage and processing. This is why global organizations are turning to Insider Risk Management Intelligence-based platforms. To embrace employees as a source of intelligence rather than a subject of surveillance.
Join us to get a greater understanding of Insider Risk Management Power of the 7 — Privacy, Scalability, Behavioral Analytics, Reporting, Time to Value, Ecosystem Integration, and Total Cost of Ownership — and details numerous examples of how intelligence drives partnership, trust, engagement, and resilience across data, machines, applications, and people.
Armaan Mahbod, Director - i3 Insider Investigations & Research Team, DTEX Systems
11:25 - 12:00 PM EDT
The Big Business of Ransomware as a Service
In 2021 the average ransomware demand in cases handled by Unit 42 climbed 144% over 2020. At the same time, there was an 85% increase in the number of victims who had their names and other details posted publicly on dark web “leak sites'' that ransomware groups use to coerce their targets into paying. Unit 42 Security Consulting responds to hundreds of ransomware cases annually. Along the way, they have learned the art and science of dealing with ransomware attack groups. During this session, Unit 42 security consultants will provide insights about the cases they worked on in 2021 through a review of the case data, ransoms requested and paid, and analysis of ransomware gang data leak sites.
Jeremy Brown, Director, Unit 42 by Palo Alto Networks
12:00 - 12:15 PM EDT
12:15 - 12:50 PM EDT
Phish or Fraud: See How XDR Can Stop Inside and Outside Threats
Insider threats and phishing campaigns can both lead to the exfiltration of your data. And yes, executive stakeholders are only interested in stopping the hemorrhaging without concern for the source. But what if you could stop the bleeding, and identify whether it came from an insider or a phish? XDR solutions can help you stop the leak and solve the mystery of origination. Having a strong endpoint solution is just the start. You also need cloud security for your users. Add in an advanced email protection offering and you have the trifecta. Join Cisco as we discuss and demonstrate the power of an integrated XDR solution through the integrated solutions of endpoint, cloud, and email security. We will showcase how each of those solutions contributes to stopping and identifying the source.
Adam Tomeo, Product Marketing Manager, Cisco Secure
12:50 - 1:25 PM EDT
Insider Threats: There’s More in the Ocean Than Just Phish
As the work-from-anywhere environment has evolved and employee turnover has increased, the potential for security breaches from within the organization has risen. Many security teams lack the visibility into the data activity required to detect and defend against insider threats.
Join this webinar to learn how to:
Ryan Whelan, Technical Product Manager, Devo
1:25 - 2:00 PM EDT
The Great Exfiltration: Employees Leave and Take the Keys
According to the 2022 Ponemon Institute Cost of Insider Threats: Global Report, insider threat incidents have risen 44% over the past two years, with costs per incident up more than a third to $15.38 million. Among the reasons for this increase is the rise of the "Great Resignation" per SecurityBouldevard.com.
A common thread, and often the most damaging aspect, of insider threat incidents is the exfiltration of company data. Detecting exfiltration activity is elusive since it resembles legitimate business activity and in recent years is even more challenging given the increase of cloud-first networks and users working from home. A variety of analytical methods and observational vantage points must be employed to provide the best detection posture against data exfiltration, from scenario-based rules and behavioral baselining to user and entity scoring. In this session, the LogRhythm Labs team will demonstrate techniques for detection of exfiltration in a variety of network topologies (work-from-home, cloud-only, on-premises) using the LogRhythm product line.
Dan Kaiser, Principal Threat Research Engineer, LogRhythm
2:00 - 2:15 PM EDT
2:15 - 2:50 PM EDT
Malware 2021 to Present Day - Building a Preventative Cyber Program
Malware has been around for years however, there has been a massive increase in malware activity since 2020. Two key contributing factors are 1) global shift to WFH/remote work. 2) significantly wider attack surface. Additionally, we’ve experienced supply chain attacks forcing organizations to re-evaluate their partners, suppliers, and even their own SDLC. Furthermore, increased malware has contributed to ransomware attacks that now employ double and triple extortion techniques.
This presentation will review the recent evolution of malware and how your organization can build a unified and complete cyber program focused on preventing current and future attacks.
Grant Asplund, Chief Cyber Security Evangelist, Check Point Software Technologies
2:50 - 3:25 PM EDT
The “Oh Wow” Moments with Zero Trust Network Access Anywhere
As OT continues to connect to IT systems and unmanaged assets are connected everywhere, your initially designed OT segregated networks have suddenly become flatter than you realized. Do you have vintage OS, vulnerable exposed ports, or users remote accessing into critical systems over unsafe protocols? How do you detect ransomware early? How do you respond to modern targeted Ransomware attacks purpose built for IT/OT converged infrastructure?
In this session, you’ll learn:
Ritesh Agrawal, CEO and Co-Founder, Airgap Networks, Inc.
3:25 - 4:00 PM EDT
Deep Dive on Phishing Trends
Join us on to uncover the latest phishing attack discoveries, trends, and predictions revealed in the ThreatLabz 2021 Phishing Report. Experts from Zscaler ThreatLabz will analyze a year’s worth of phishing data from the world’s largest security cloud to teach you how to identify and defend against the leading tactics and techniques used by scammers today.
Join us to learn about:
Deepen Desai, Chief Information Security Officer & VP Security Research, Zscaler
4:00 - 4:15 PM EDT
Wrap-UpJake Williams, SANS Instructor & Subject Matter Expert