Embed Size (px)
Citation preview
Attendee Packet
ISSA Hawaii’s 23rd
Annual Discover Security
Conference 2016
Theme: From Intrusion Detection to Recovery, How Will Executives be Measured in the Future?
Execs: “We’re Not Responsible for Cybersecurity”
Tom DiChristopher April 1, 2016 CNBC
More than 90 percent of corporate executives said they cannot read a cybersecurity report and are not prepared to handle a major attack, according to a new survey. More distressing is that 40 percent of executives said they don't feel responsible for the
repercussions of hackings, said Dave Damato, chief security officer at Tanium, which commissioned the survey with the Nasdaq.
"I think the most shocking statistic was really the fact that the individuals at the top of
an organization — executives like CEOs and CIOs, and even board members — didn't feel personally responsible for cybersecurity or protecting the customer data," Damato
told CNBC's "Squawk Box" on Friday.
"As a result they're handing this off to their techies, and they're really just placing their
heads in the sand right now," he said.
The findings come at a time when companies around the world are losing $445 billion due to cybercrime last year, according to an estimate by the Center for Strategic and
International Studies. The frequency and severity of cyber penetrations, as well as the sophistication of hackers, has increased dramatically, said Lou Modano, chief information security officer
at Nasdaq.
"What has not kept pace with that is the education level, the understanding of the
impact of cyber across all industries," he told "Squawk Box." While the topic is complex, executives need to be educated about cybersecurity and become fluent in the issue, Damato said. Further, the corporate world lacks a standard
measure for cybersecurity, which means companies cannot be assessed by a common metric, and executives have no rubric to determine their performance, he added.
Other findings from the study showed that 98 percent of the most vulnerable executives
have little confidence their firms constantly monitor devises and users on their systems.
The survey was conducted by Goldsmiths and included responses from 1,530 nonexecutive directors and C-level executives in the United States, United Kingdom, Germany, Japan and Nordic countries.
Reprinted from http://www.cnbc.com/2016/04/01/many-executives-say-
theyre-not-responsible-for-cybersecurity-survey.html
When: October 12 - 13, 2016
(Registration begins at 7:15 am)
Where: Pōmaika‘i Ballrooms at Dole Cannery
735 Iwilei Rd, Honolulu, HI 96817 http://pomaikaiballrooms.com
TIG
REGISTRATION FEE:
ISSA MEMBER: $50.00 NON-ISSA MEMBER: $100.00
Gold Sponsors
Reception/Bar Sponsor
Material Sponsors
General Sponsors
JPNI
October 12 Vendor Speaker Topic
0715 - 0815 Breakfast and Registration
0815 - 0830 ISSA Jock Purnell Welcome and Announcements
0830 - 0900 Trend Micro Phil DuRall Linking Security Intelligence with Security Controls
0900 - 0930 Optiv JD Sherry Who’s On First? Don’t Be Confused about IR in the Cloud
0930 - 1000 Cisco Jamie Sanbower Context Sharing & Automated Threat Response
1000 - 1030 Vendor Recognition, Break, and Exhibition
1030 - 1100 Check Point Michael Manrod Malware Isn’t Magic
1100 - 1130 Kaspersky Lab Julian Garcia Multi-Layer Endpoint Protection: Addressing the Dynamics
of Today's Security Gaps protecting your organization
from malware, spyware and hackers
1130 - 1200 AppSense TBA TBA
1200 - 1330 Lunch and Exhibition
1330 - 1400 Tevora Christina Whiting Driving Security Through a Risk Aware Culture
1400 - 1430 Hawaiian Telcom /
SystemMetrics
TBA TBA
1430 - 1500 Carbon Black Rick McElroy Designing Your Next Gen End Point Strategy
1500 - 1530 Break and Exhibition
1530 - 1600 Fortinet Anthony
Giandomenico
The First Step Towards Change is Awareness. The
Second Step is Acting on It!
1600 - 1630 Netskope Jervis Hui Cloud Access Security Brokers: What’s With All the Hype?
1630 - 1700 Palo Alto Networks Scott Simkin Don’t React to Ransomware – Prevent It!
1700 - 1800 Announcements and Exhibition
October 13 Vendor Speaker Topic
0715 - 0815 Breakfast and Registration
0815 - 0830 ISSA Jock Purnell Welcome and Announcements
0830 - 0900 FireEye TBA TBA
0900 - 0930 Secure Technology
Hawaii
Duane Takamine Advanced Tactics to Survive a Ransomware Attack
0930 - 1000 Cylance TBA Real World Malware Threat Update 2017
1000 - 1030 Break and Exhibition
1030 - 1100 Direct Defense Jim Broome The Evolution of Social Engineering
1100 - 1130 Forcepoint TBA TBA
1130 - 1200 Infoblox Jamison Utter Unlocking Cybercrime: Why Motive Matters
1200 - 1330 Lunch and Exhibition
1330 - 1400 Sophos Derek Snyder Synchronized Security: Join the Security Revolution
1400 - 1430 ForeScout Kaveh Mehrjoo The Internet of Things Isn't Coming, It's Here
1430 - 1500 Dell SonicWALL TBA TBA
1500 - 1530 Vendor Recognition, Break, and Exhibition
1530 - 1600 Dell Wyse Ken Kelleher Advanced Security Benefits of Desktop Virtualization
1600 - 1630 Intel Security TBA TBA
1630 - 1700 Digital Guardian Stephen Bird TBA
1700 Announcements and Adjournment
1730 - 2000 Evening Reception
ISSA Discover Security Conference 2016 Speakers
LISTED IN ALPHABETICAL ORDER BY VENDOR NAME
AppSense Speaker:
Topic: …
Bio:
Carbon Black Speaker: Rick McElroy
Topic: Designing Your Next Gen End Point Strategy Today’s security battle is being waged at the endpoint. Attackers are more sophisticated than ever and your data is the target. Traditional prevention strategies have proved to be
inadequate against modern threats, and a shift in strategy is needed to keep up. As your organization sets out to upgrade outdated endpoint security to a Next-Generation Endpoint Security (NGES) solution, you are faced with an overwhelming number of vendors
and approaches. So how does one build a next-gen endpoint security strategy? In today’s session, Carbon Black Security Strategist, Rick McElroy, will cut through the noise and offer a clear description of:
The state of the threat landscape and today’s NGES requirements
The pros, cons and tradeoffs of varying approaches to NGES
Best practices on NGES deployments
A requirements checklist for choosing the right NGES solution
Bio: Rick McElroy, security strategist for Carbon Black, has more than 15 years of information security experience educating and advising organizations on reducing their risk posture and tackling tough security challenges. He has held security positions with the U.S.
Department of Defense, and in several industries, including retail, insurance, entertainment, cloud-computing, and higher education. McElroy’s experience ranges from performing penetration testing to building and leading security programs.
He is a Certified Information Systems Security Professional (CISSP), a Certified Information Security Manager (CSIM), and Certified in Risk and Information Systems Control (CRISC). As a United States Marine, McElroy’s work included physical security and counter-terrorism
services. A fierce advocate for privacy and security who believes education and innovation are the keys to improving the security landscape, McElroy is program chair for the Securing Our
eCity Foundation’s annual CyberFest, a San Diego event dedicated to educating public and private sector security and IT professionals and business executives on the realities of security.
Check Point Speaker: Michael Manrod
Topic: Malware Isn’t Magic
The emerging threat landscape is more dynamic than ever. Threat actors and the attack vectors they leverage are constantly evolving - leaving security professionals engulfed in the ongoing struggle to keep up. Adding to this challenge are the operational obstacles that
security organizations face during remediation of security incidents - often times disparate point solutions fall short with integration and interoperability. Security leaders struggle to understand if the large number of different security controls, actually provide effective overall prevention.
In this talk we will look at real-world use cases that outline how organizations can improve their security posture with a unified security architecture and effective operational processes that reduce point product sprawl, promote a methodology of immediate prevention, and
bolster your organization's ability to combat advanced threats. Bio: As a Subject Matter Expert for Threat Prevention at Check Point Software Technologies, Mike is responsible for helping companies and government entities protect themselves
against advanced threats and evasive malware to prevent intrusion and protect information assets. After helping multiple organizations develop defense-in-depth strategies, Mike is passionate
about multi-faceted approaches that improve prevention, detection and ease of administration. Specific credentials earned include a Master’s of Science in Information Systems Engineering, Six Sigma Black Belt and CISSP among others.
Cisco Speaker: Jamie Sanbower
Topic: Context Sharing & Automated Threat Response Most organizations are equipped with 30+ security tools in their security defenses. When
those tools act independently, they are only as good as the traffic or data that exists inside them. It takes a village to raise a child and it takes an integrated architecture with Context Sharing to really get the power of the each individual tool. This session will show how intelligence can be shared using open protocols and how, when integrated, they can
automatically perform threat response. Bio: Jamie Sanbower, CCIE No. 13637(Routing and Switching, Security, Wireless), is a Technical Solutions Architect focusing on security for the Public Sector market. Jamie has
been with Cisco since 2010 and is currently a technical leader and member of numerous technical advisory groups. With over 14 years of technical experience in the networking and security industry, Jamie has developed, designed, implemented and operated enterprise network and security solutions for a wide variety of large clients. Prior to Cisco, Jamie was
the director of the cyber security practice at Force 3. His other certifications include: CISSP, C|EH, MCSE and many more.
Cylance Speaker:
Topic: Real World Malware Threat Update 2017 …
Bio:
Dell SonicWALL Speaker: Topic:
… Bio:
Dell Wyse
Speaker: Ken Kelleher
Topic: Advanced Security Benefits of Desktop Virtualization
Organizations around the world deploy desktop virtualization to establish a secure, manageable and cost effective IT environment. Dell cloud client-computing offers the most advanced and extensive suite of desktop virtualization solutions on the planet, allowing our
customers to benefit from moving their content and apps into the secure data center, while recognizing gains in employee productivity an IT manageability. Compliment this highly secure environment for maximum protection with Dell’s Data Protection & Encryption “Threat Defense” to prevent 99% of malware before it can run, to reduce the costs of remediating
infected systems & ongoing threat monitoring and forensics. Bio: Ken Kelleher is a Dell Cloud Client Computing West Region Channel Sales Manager based in Brentwood, CA. His professional background includes the following:
Sept 2015 - Channel Sales Manager for Dell Cloud Client Computing West Region
Aug 2013 - North Central Channel Sales Manager for Dell Cloud Client Computing
Oct 2012 - Dell Wyse Public Sector Channel Sales Manager for North America
April 2011 - Dell Channel Team Public Sector Sales Specialist for the Western US
April 2007 - Higher Education Sales Manager in Northern CA
Oct 2003 - Dell UK Higher Education Sales Team
Ken has international business experience having worked with many companies worldwide on various IT projects in all verticals, currently focused on Desktop Virtualization. He has over 25 years of experience in IT industry sales & business development, now supporting
Dell Partners & their customers in North America.
Digital Guardian Speaker: Stephen Bird Topic:
… Bio: Stephen Bird is North America Channel Technical Manager for Digital Guardian and has
been in IT for over 20 years. He started out protecting Investment Banks in Tokyo and the Asia Pacific, looking after their infrastructure and security. He continued work in EMEA, APAC and the Americas identifying security issues and risk in Fortune 1000 companies to build solutions to respond to problems. For the past 4 years, Stephen has been working in
innovative security start-ups and with security partners to address emerging security problems.
Direct Defense Speaker: Jim Broome Topic: The Evolution of Social Engineering
… Bio:
FireEye
Speaker: Topic:
… Bio:
Forcepoint Speaker:
Topic: …
Bio:
ForeScout Speaker: Kaveh Mehrjoo
Topic: The Internet of Things Isn't Coming, It's Here The Internet of Things (IoT) is rapidly expanding the attack surface on corporate networks.
Every “agentless” IoT device presents serious risk to the network, as it can serve as a potential attack or reconnaissance point. How common are IoT devices on enterprise networks? How many unknown IoT devices exist? What are IT staffs doing to secure them?
IT professionals responsible for enterprise networks were surveyed regarding their view about the prevalence and security of the IoT.
Bio: Kaveh Mehrjoo attended Virginia Tech, where he earned both his BS and MS in Electrical Engineering. His Master’s thesis was on routing protocol for mobile ad hoc networks. Kaveh worked for Sprint before moving to San Francisco in 2007 to join AirWave, a start up that was acquired by Aruba Networks. He was with AirWave and Aruba for more than
seven years. Last year, he joined ForeScout as a Systems Engineer, helping customers solve challenging network security problems. He loves white boarding solutions such as how to make a customer's network safer by gaining visibility into IoT devices. Outside of work, Kaveh enjoys cooking and hiking with his wife, 2-year old daughter, and German Shepherd.
Fortinet
Speaker: Anthony Giandomenico Topic: The First Step Towards Change is Awareness. The Second Step is Acting on It!
Successful attacks continue on many organizations today despite the continued investments in the latest technologies. A big part of the problem is these organizations do not have a good understanding of their network infrastructure, systems and external threats in other words they lack cyber situational awareness. This presentation will discuss key steps
needed to achieve this awareness arming your security teams with the right information to anticipate and properly respond to potential attacks. Bio: Anthony Giandomenico is an Experienced Information Security Executive, Evangelist,
Entrepreneur and Mentor with over 20 years of experience. In his current position at Fortinet, he is focused on delivering knowledge, tools and methodologies to properly demonstrate advanced threat concept and defense strategy using a practical approach to security. Anthony works closely with FortiGuard Labs and Fortinet System Engineering to respond to
advanced threats as they break – and proactively plan beforehand. Also consults with clients and executive leaders on solution strategies in a number of industry segments, including Financial, Healthcare, Retail and State Government. He has presented, trained and mentored on various security concepts and strategies at many conferences, trade shows and
media outlets including a weekly appearance on KHON2-TV morning news “Tech Buzz” segment and Technology News Bytes on OC16, providing monthly security advice. Mr. Giandomenico founded and managed Secure DNA Inc. a global security consulting
company focused on protecting critical infrastructures such as financial institutions, hospitals, and government agencies. As a consultant, Anthony provided expertise in many areas including security program development, defensive strategies, incident response and forensics procedures, security assessments, penetration testing, and security operations.
Hawaiian Telcom / SystemMetrics
Speaker: Topic:
… Bio:
Infoblox Speaker: Jamison Utter Topic: Unlocking Cybercrime: Why Motive Matters
During this presentation we will dive into why the criminal underworld exists and thrives. We will examine the process for funding and building malware campaigns, drawing on unique research and insider perspective. And with new insights into motivation, we will explore ways to apply that to improve our security thinking and practices.
Bio: Jamison is a principal security consultant with vision from the field. He has 20 years in the trenches of internet startups, dot coms, and financials along with his background in physical security. His research into the online criminal underworld lends a unique perspective
on security in the enterprise and the mind (and culture) of hackers. He currently resides outside of Denver with his wife and dog and enjoys the outdoors, playing guitar, and full contact armored fighting.
Kaspersky Lab
Speaker: Julian Garcia
Topic: Multi-Layer Endpoint Protection: Addressing the Dynamics of Today's Security Gaps
protecting your organization from malware, spyware and hackers An enterprise, multi-layer endpoint security technology that covers today’s security gaps and addresses the constant shape-shifting vectors with adaptive security technology and threat
intelligence. Kaspersky Lab’s technology delivers prediction, prevention, detection, and response with low resource endpoint demand, a single console with role-based access, protecting major operating systems, storage and email, and virtualized platforms like Citrix, Microsoft, KVM and VMWare.
Bio: Julian Garcia is a Pre-Sales Engineer at Kaspersky Lab contributing to the security solutions needed to protect your data – His background is in firewalls, routing and switching, and originally from the East Coast with experience in ISPs, Retail, Publishing, Health and
Finance organizations meet their network and security objectives. Today, he lives outside of Portland, Oregon and enjoys football, hiking, traveling, and always a good security conversation.
Netskope Speaker: Jervis Hui Topic: Cloud Access Security Brokers: What’s With All the Hype?
Cloud app security is the top priority for many enterprises and Gartner believes that in only a few years, more than 85% of enterprises will have deployed a Cloud Access Security Broker (CASB) to help them address their needs. Whether securing data in the Office 365 suite,
ensuring compliance in ServiceNow, or getting control over shadow IT, information security leaders are exploring how CASBs can make an impact in their organizations. Join Jervis Hui, Evangelist at Netskope, the leading CASB for a lively session on the top five CASB use cases that have the highest-impact on cloud-consuming enterprises.
Attendees will learn:
Industry-specific data that's foundational to any cloud security business case
The five highest-impact CASB use cases from our customers, demonstrated from the
perspective of users and security professionals
How those use cases translate to "must-have" requirements for any CASB evaluation Bio: Jervis currently works on the PM team at Netskope focused on go-to-market efforts,
product launches, and sales enablement. Before that, he worked at Citrix, supporting its enterprise mobility and security products.
Optiv Speaker: JD Sherry
Topic: Who’s On First? Don’t Be Confused about IR in the Cloud With the adoption of any new technology comes a seedy underbelly and the cloud is no
exception. While this historic technology transformation does wonders for increased connectivity, adaptability and cost-savings, it equally can increase risk from malware and data breaches. In the wake of many high-profile incidents that have impacted the lives of millions, the public has turned an ever sharp eye to the need for robust security practices for
the prevention, remediation and response of incidents. Brand integrity and business continuity is on the line. With remediation, the cloud brings forward many challenges from a practical and legal perspective that need addressing. This session will look at tools, tips and tactics for effective incident response in the cloud.
Bio: JD Sherry is well-versed in enterprise security and data center architecture and has successfully implemented large-scale public, private and hybrid clouds emphasizing security
architecture best practices. Over the last decade, Sherry has established himself as a trusted senior advisor for the protection of the payment card industry (PCI), the Health Insurance Portability and Accountability Act (HIPAA) and personally identifiable information (PII) data.
As vice president of cloud security in the Office of the CISO at Optiv, Sherry focuses on security and compliance aspects that enable clients to be successful in planning, building and running their cloud ecosystems, spanning across private, public and most commonly hybrid cloud computing environments. Sherry also offers strategic consulting at the C-level and
board level. Previously, Sherry spent the last decade in senior leadership roles, most recently serving as CEO of cloud cyber security upstart Cavirin, transforming them into a risk and compliance
player. Under his leadership, Cavirin was ranked among the top 20 hottest cyber security companies in 2015, according to Cybersecurity Ventures. Additionally, Sherry served as global vice president for Trend Micro where he focused on cyber security program efforts, managing vendor relationships and collaborating on business development activities
pertaining to the advancement of cyber security best practices. Prior to Trend Micro, Sherry served as vice president of technology for seven years at publicly traded NIC/EGOV, where he was chartered to lead corporate technology initiatives
and formulate EGOV.com’s centralized security and technology vision. While at NIC/EGOV.com, he managed technology platforms that processed more than $18 billion in payments on behalf of citizens, businesses and governments. Sherry also held various leadership positions at Honeywell FM&T, which manufactures and assembles 85 percent of
the non-nuclear components in nuclear weapons. Sherry interfaces regularly with the media to provide expert insight on the state of cyber security and how individuals and organizations can adequately protect themselves from loss.
He previously held a Top Secret clearance, and has an MBA IT degree from Jones University and a bachelor’s degree from the University of Nebraska.
Palo Alto Networks Speaker: Scott Simkin
Topic: Don’t React to Ransomware – Prevent It! The way to stop a ransomware infection is to prevent it from ever happening in the first place. With the right security architecture in place, your organization can avoid having to pay
attackers to free your data or losing access to it altogether. Attend this session to learn three critical steps to preventing a ransomware outbreak in your organization. Key takeaways include:
Common ransomware attack vectors and how they get into the network, endpoint, or through SaaS applications
How to disrupt the attack lifecycle by reducing the attack surface, preventing known threats, and blocking unknown threats
Architectural requirements for providing the visibility, intelligence and enforcement to prevent sophisticated threats, like ransomware
Bio: Scott is Sr. Threat Intelligence Manager at Palo Alto Networks, where he leads efforts to
analyze new attacks, profile adversaries, and expose new campaigns with the Unit 42 threat research team. Mr. Simkin’s role includes all threat research, threat intelligence services, and information sharing efforts at Palo Alto Networks. He has a broad experience across cyber security, including network security, analytics, and bringing innovate new threat intelligence
products to market. Prior to joining Palo Alto Networks, Scott spent five years at Cisco Systems, including leading their threat research program.
Secure Technology Hawaii Speaker: Duane Takamine
Topic: Advanced Tactics to Survive a Ransomware Attack …
Bio:
Sophos Speaker: Derek Snyder Topic: Synchronized Security: Join the Security Revolution
… Bio:
Tevora
Speaker: Christina Whiting Topic: Driving Security Through a Risk Aware Culture
Security is not just about what tool can be implemented to solve a problem or meet compliance. Rather security is a culmination of process and culture to evaluate risk. Risk intelligence allows organizations to build and maintain security programs that are effective, while prioritizing emerging topics to align resources to adjust controls to meet the agile
landscape we see morphing on a daily basis. In this session, attendees will learn best practices in evaluating the efficiency and effectiveness of their security programs, the external factors that significantly impact security
controls and how they are designed, and how to bring it all together by incorporate risk in daily business decisions.
Bio: As Tevora’s Managing Director of Enterprise Risk and Governance and the ERM Practice Lead at Tevora, Christina’s primary role is to assist our clients in aligning their security strategies with their business goals. With over 15 years of experience in the security and risk space, she helps organizations design, establish, and mature their GRC programs
and capitalize on efficiency. Christina also mentors junior consultants, manages client relationships, assists with pre-sales and post sales activities, and oversees all projects from inception to the closeout presentation to ensure that every project exceeds our client expectations. With a diverse background in Education, Finance, Healthcare, Entertainment,
Manufacturing, and Hospitality, Christina brings vast knowledge in both business and security to our clients. Her experience in security assessments, security strategy, risk management, compliance, governance, security remediation, policy development, disaster recovery, logging and monitoring, data loss prevention and vendor management adds value to both our
practice and to our client’s engagements. Christina holds a Bachelor’s degree in Electronic Engineering and Information Technology, a Master’s degree in Management Information Systems and is a PhD candidate in Information
Security and Assurance, graduating all magna cum laude. Christina has presented on security and risk topics at regional conferences on the east and west coast and is currently an Information Security Instructor at University of California Irvine.
Christina holds the following certifications: PCI QSA, PA-DSS QSA, Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), ISO 27001 Lead Auditor, Cobit, HITRUST Security Assessor (HSA), and a certification from the National Security Agency (NSA) Committee on National Security Systems (CNASS) in
Information Security Management (ISO 17799).
Trend Micro Speaker: Phil DuRall
Topic: Linking Security Intelligence with Security Controls In the battle between locking down corporate data, while allowing user productivity tools,
security controls become necessary to manage network-wide security. What about security intelligence? In a multi-vendor environment, how is information being shared and distributed so that you can take action?
In this session we will discuss the stages of a threat intelligence lifecycle, strategies to achieve a connected threat defense model and security controls to help enterprise organizations reduce security events.
Bio: Phil DuRall has over 20 years of experience in the high-tech industry, with the last 12 focused on computer, network and cyber security. Mr. DuRall has been a technical advisor to a variety of Fortune 50 enterprise corporations in the Western United States supporting them
on technologies that span across optimized security for virtual and cloud environments to breach detection and containment.
