The Red Rock Resort, Las Vegas NV
April 23-25th 2017

This event is co-located with

The Red Rock Resort, Las Vegas NV
April 23-25th, 2017

Security Risk Compliance

Breakout Presentations

Overcoming the Challenges of Bringing IT Security to a Global Company

SPEAKERS

Mark Ramsey
CISO, ASSA ABLOY–Americas

Details

Overcoming the Challenges of Bringing IT Security to a Global Company

In navigating the challenges of implementing security at a global company, CISO Mark Ramsey worked hand-in-hand with his CIO in executing programs that forge a strong bridge between IT, HR, IT security and business. Mark Ramsey will share examples of ASSA ABLOY’s programs, whose global scope requires them to consider the intricacies of information and products-based security, but also the human element of such far-reaching security initiatives. In this compelling presentation, Mark will provide insight into the strategic thinking of the CIO/CISO and both the technical and non-technical challenges they overcame to launch successful global programs.

Key Takeaways:

  • Learn the common security concerns shared by most Global Manufacturing Companies.
  • Learn the Challenges in rolling out Key Security Initiatives to a decentralized Global Manufacturing Company.
  • Learn how the CIO and CISO have to work together to get buy-in for any Global Security Initiatives.
  • Learn the challenges in managing risks to a global company where acquisitions are an important growth mechanism.
Quantifying IT Risk

SPEAKERS

Willis Marti
CISO, Texas A&M University

Details

Quantifying IT Risk

Methodologies for determining IT Risk are often presented as qualitative -- high, medium, low -- or expressed in dollars. Needed are repeatable quantitative measures. Here we explore objective metrics that are relevant to the business

 
Key Takeaways: 
  • Impact of resource types 
  • Impact of quantity
  • Comparing alternatives and historic trends
  • High value, low likelihood events.

 

CYBERSECURITY INCIDENT MANAGEMENT LIKE A FIRE CHIEF

SPEAKERS

Jeffrey Potter
SVP, Chief Technology Officer, Davenport & Company LLC

Details

CYBERSECURITY INCIDENT MANAGEMENT LIKE A FIRE CHIEF

Firefighters and other emergency service workers use the Incident Command System (a foundation of NIMS) to manage their incidents. Get familiar with the proven framework as an industry veteran in both IT and the fire service walks you through the framework.

Key Takeaways:

  • Be introduced to the Incident Command system
  • Understand the concept of “span of control” of resources
  • Be able to manage a simple incident
  • See a large incident buildout in action, demonstrated by the speaker
Global Traffic Analysis

SPEAKERS

Dr. Kenneth Geers
Senior Research Scientist, Comodo

Details

Global Traffic Analysis

Despite myriad information security practices including encryption, traffic analysis can be used to circumvent innumerable security schemes, simply by leveraging metadata and hard-to-conceal network flow data related to the source, destination, size, frequency, and direction of communications, from which eavesdroppers can often deduce a comprehensive intelligence analysis.

 

Key Takeaways: 

  • What is Traffic Analysis?
  • History and practice
  • Strategies and tactics
  • Case study: digital dataset
  • Counter-traffic analysis
Achieving Cybersecurity at IoT and Cloud Scale

SPEAKERS

Jason Graun
Manager, Systems Engineering – Rockies Commercial, Fortinet

Details

Achieving Cybersecurity at IoT and Cloud Scale

With the growth of IoT and Cloud, the attack surface that enterprises must protect is expanding dramatically. Unique regulatory requirements by industry vertical are also placing extra pressure on Security Officers and their teams. How can CIOs/CISOs effectively respond? First and foremost, taking an architectural approach, one that includes network segmentation, will create the best chance of solving Enterprise security holistically and for the long term. Key capabilities must include visibility of all security elements and the communications these systems and devices generate and, even more importantly, automation of operations and response. With the current cybersecurity skills gap that many enterprises experience today, the ability to quickly and effectively audit, recommend and automatically fix the entire network security architecture is critical.

 
Key Takeaways:
  • Technology evolution and innovation is exponentially expanding the attack surface.
  • To keep up, businesses must take an architectural approach to network security that includes visibility and automation.
  • With limited resources, the ability to quickly and effectively audit, recommend and repair network security is crucial.
Eliminate Malware Vulnerability: LIVE Ransomware Hack featuring Threat Detection & Response

SPEAKERS

Johan Bloomhart
Virtual CTO / Sales Engineer, Northwest, WatchGuard Technologies, Inc.

Details

Eliminate Malware Vulnerability: LIVE Ransomware Hack featuring Threat Detection & Response

A reported 30 percent of malware is considered new or zero-day. What is the best defense to eliminate vulnerability? Attend this session to witness a live ransomware attack and see the compelling difference layered security adds to your defense strategy.
Key Takeaways:
  • Best practices for optimal defense -trending vulnerabilities and hacker exploits
  • Correlation and end-point protection
  • Sandbox analysis and actionable visibility