Top Cybersecurity Instructors and Best Offers of the Year Available Now - Learn More!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Password & Access Management Solutions Forum

  • Friday, April 23rd | 10:30 AM - 2:30 PM EDTFriday, April 23, 2021 at 10:30 AM EDT (2021-04-23 14:30:00 UTC)
  • Chris Dale, Chris Streeks, Teju Shyamsundar, Mike Greene, Simon Berman, Chris Roberts, Lonnie Benavides

Sponsors

  • Enzoic
  • Okta
  • Onelogin
  • Trusona
  • Yubico, Inc.

You can now attend the webcast using your mobile device!

  

Overview

You will earn 6 CPE credits for attending this virtual event.

Forum Format: Virtual - US Eastern

Event Overview

IT departments are under incredible pressure to maintain the business productivity for an expanded remote workforce. As the workforce continues to move into a hybrid office & home office environment, the risks of not maintaining security practices are also top of mind. Threat actors are also actively seeking opportunities to benefit from changes in the workforce.

One of the most important steps you can take to protect yourself is to use a unique, strong password for each of your accounts and apps. Unfortunately, its almost impossible to remember all of the different passwords. In addition, we know its time consuming to constantly track the answers to all your security questions, remember different passwords for each login, use multiple devices to gain access, among numerous other factors.

Join this SANS lead forum as we explore various password & access management topics through invited speakers while showcasing current capabilities available today. Presentations will focus on technical case-studies and thought leadership using specific examples relevant to the industry.

Agenda

10:30 - 10:50 AM EDT - Keynote

Chris Dale, @ChrisADale, Forum Chair, SANS Institute, @SANSInstitute

White

10:50 - 11:25 AM EDT - Moving Beyond Passwords to a Passwordless Future

Chris Streeks, @cStreeks, Senior Solutions Engineer, Yubico, @Yubico

Passwords are fundamentally broken and are among the weakest forms of authentication. But how do organizations move away from passwords?

In this presentation well highlight how not all 2FA/MFA is created equal, the many benefits of moving away from passwords, and provide an overview what passwordless authentication means in different scenarios and environments-and how organizations can move towards a passwordless future.

White

11:25 AM - 12:00 PM EDT - Devices in the Enterprise How to Balance Security and Productivity

Teju Shyamsundar, Senior Product Marketing Manager, Okta, @Okta

The influx of new devices types in the workplace has transformed how we work. Your employees need to stay productive on any device, from anywhere, at any time. But, this is easier said than done, as new devices could also mean increased vulnerabilities.

Today, IT and Security teams need to consider how to enable device visibility, enforce devices based access controls, secure access within applications, while still delivering seamless access experiences for employees.

Join in on this presentation to understand how to:

  • Reduce data breaches with device strategies
  • Enforce device-based security
  • Integrate user and device-based risk in access policies
  • Reduce dependencies on on-prem tools to manage your devices

White

12:00 - 12:10 PM EDT - Break

White

12:10 - 12:45 PM EDT - Is Your Password Unique?

Mike Greene, CEO, Enzoic, @EnzoicSecurity

The Password has undergone an interesting evolution traced back as far as the story of Alibaba and the Forty Thieves. We are all familiar with the passphrase Open Sesame which was used to open a magically sealed cave. A unique phrase tied to a specific door a key if you will.

The first computer password is believed to have been deployed in 1961 by MIT in order to manage access to their Compatible Time-Sharing System. Since this time, there have been issues with password security. Passwords were originally conceived to be unique keys to a unique resource. In the modern world, passwords have instead been embraced by users as their own individual unique identifier, resulting in password reuse and a host of new issues. In this webcast, we will review some of these issues and potential countermeasures.

White

12:45 - 1:20 PM EDT - The Problem with Passwords: How Researcher and Hacker Chris Roberts Approaches Next-Gen Authentication

Simon Berman, Chief Product Officer, Trusona, @Trusona_inc

Chris Roberts, @Sidragon1, Chief Security Strategist, Cynet, @Cynet360

We all know that passwords are an outdated technology that represent a huge risk for organizations especially with the rapid, global transition to a remote workforce. The real challenge is implementing an effective approach to replacing passwords that is both secure and easy for your employees to use.

Join us for a frank conversation with Chris Roberts on new approaches to deal with the problem of passwords, and how IT security professionals can make passwordless MFA a reality for their organizations.

White

1:20 - 1:55 PM EDT - Leveraging IAM for Effective and Efficient Threat Mitigation

Lonnie Benavides, Head of Infrastructure and Application Security, OneLogin, @OneLogin

Theres no question that the current cybersecurity landscape is constantly shifting and evolving as new threats and security solutions emerge. Increased cyber attacks and distributed workforces have created new challenges that require innovative solutions.

Faced with the challenge of managing identities and securing access to data and applications from a growing number of endpoints, what are the fundamental controls organizations need to maintain business continuity and secure their remote and hybrid workforce?

Hear from Lonnie Benavides Head of Infrastructure and Application Security, OneLogin for a discussion on practical information and advice regarding the utilization of identity and access management solutions to effectively mitigate modern cyber threats to your business.

White

1:55 - 2:00 PM EDT - Wrap-up

Speaker Bios

Chris Dale

Chris Dale is the founder and principal consultant at River Security, a specialist company operating out of Europe. Along with significant security expertise, Chris has a background in System Development, IT-Operations and Security Management. This broad experience in IT is advantageous when managing penetration tests, incidents and while teaching.

Along with significant security expertise, Chris has a background in System Development, IT-Operations and Security Management. This broad experience in IT is advantageous when managing penetration tests, incidents and while teaching. Chris is passionate about security -- both physical and in IT, and regularly presents and teaches at conferences and workshops. He has helped Fortune 500 understand their security challenges, contracted in government initiatives on securing democratic processes of the country, participated in expert groups in solving industry sector cyber related challenges country wide and helped build successful companies.


Chris Streeks

Chris Streeks is a senior solutions engineer at Yubico focused on enterprise and strategic accounts—including major financial institutions and Fortune 500 technology companies. In his role, Chris focuses on both implementation and education of standards-based authentication technologies and their alignment with Yubico's solutions. Prior to Yubico, Chris worked at Kaspersky Lab as a technical expert.


Teju Shyamsundar

Teju Shyamsundar is a Senior Product Marketing Mgr at Okta, leading our Adaptive Authentication products. Prior to Okta, she worked at Microsoft and implemented enterprise mobility technologies across a large set of enterprise customers in various industries. Teju now works on driving the value of Okta's adaptive MFA and adaptive SSO capabilities across customers and partners. Teju holds a BS degree in Computer & Information Technology from Purdue University.


Mike Greene

Mike is currently CEO of Enzoic, a cyber-security startup that screens logins for compromised credentials. Prior to Enzoic, Mike was the Chairman of the Board and CEO of ID Watchdog, a leading identity theft protection company that was sold to Equifax in 2017. Before IDWatchdog, Mike held senior management positions at Symantec, Webroot, Thompson Micromedix, Raindance and Baxter. Mike graduated with an MBA from the University of Colorado in 2000 and has a BA in Biology. He lives in beautiful Boulder, Colorado with his wife and 3 children.


Simon Berman

Simon is an accomplished Products executive with 25 years of experience across industries including cybersecurity, enterprise mobility, IoT, software quality, and network testing. He currently serves as the Chief Product Officer at Trusona, whose mission is to curb the funding of evil due to the failures of passwords.


Chris Roberts

Chris is currently a Chief Security Strategist for Cynet as well as serving as a vCISO or advisor for a number of entities and organizations around the globe. His most recent projects are focused within the deception, identity, cryptography, Artificial Intelligence, and services space. Over the years, he's founded or worked with a number of folks specializing in OSINT/SIGING/HUMINT research, intelligence gathering, cryptography, and deception technologies.

He’s considered one of the world’s foremost experts on counter threat intelligence and vulnerability research within the Information Security industry. He’s also getting a name for himself in the transportation arena, basically anything with wings, wheels, tracks, tyres, fins, props or paddles has been the target for research for the last 10-15 years…to interesting effect. Most notably he gained global attention in 2015 for demonstrating the linkage between various aviation systems, both on the ground and while in the air that allowed the exploitation of attacks against flight control system.

As one of the well-known hackers and researchers, Chris is routinely invited to speak at industry conferences. CNN, The Washington Post, WIRED, Business Insider, USA Today, Forbes, Newsweek, BBC News, Wall Street Journal, and numerous others have covered him in the media.


Lonnie Benavides

Lonnie Benavides is an accomplished cybersecurity leader with more than 20 years industry experience, and is currently the Head of Infrastructure and Application Security at OneLogin. Lonnie began his career as a communications encryption specialist in the U.S. Air Force and went on to conclude his military service as a Technical Lead of the first red team in the Air National Guard. As an advanced penetration tester, Lonnie supported companies such as Washington Mutual and JP Morgan Chase, and eventually went on to launch the Boeing red team. Lonnie was responsible for leading global cybersecurity services and operations at DocuSign and McKesson, fostering his expertise in enterprise cyberthreat detection and response. Lonnie is a recognized speaker within the Phoenix education community, numerous industry conferences, and has also contributed to publications and radio shows such as TechRepublic and NPR.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.