Wednesday, September 17, 2014 | ||||
8:00 am - 3:45 pm | Registration Open | |||
8:00 am - 9:00 am | Continental Breakfast & Networking | |||
9:00 am - 9:15 am | Opening Remarks Joan Goodchild, Editor, CSO | |||
9:15 am - 10:00 am | Adapting to Ever-Changing Attack Patterns David Billeter, Vice President, Global Security, Privacy and Regulatory Compliance, Staples Over recent years, and especially over the last year, attack patterns have changed. Bad actors are finding new and different ways to infiltrate and steal corporate assets. All of this means that your security policies, procedures and infrastructure need to adapt. Join us to understand some of today’s best practices and strategies in adaptive security. | |||
10:00 am - 10:30 am | The Path to Real-time, Automated Security Architecture Derek Brodeur, Professional Services Engineer, ForeScout Technologies Tom Dolan, Regional VP of Sales, ForeScout Technologies Joan Goodchild, Editor, CSO As endpoint computing devices become more mobile and more diverse, traditional security architectures no longer provide sufficient visibility, control, and protection. That¹s why forward leaning enterprises are transitioning to a new architecture that provides visibility to all risks on a network, including mobile and BYOD devices -- and helps multiple security systems from different vendors work together in more collaborative and automated ways. Join us for this discussion as we delve into the characteristics of this new architecture and how it can make a practical difference in your organization¹s IT security. | |||
10:30 am - 11:00 am | Networking Break | |||
11:00 am - 11:30 am | Creating an Effective Insider Threat Program: An Executive Interview Shawn Daley, CSO, MIT Lincoln Laboratory Michael Woodson, Cyber & Network Security Director, Santander Bank N.A. Joan Goodchild, Editor, CSO Why do you need an insider threat program as part of your cybersecurity strategy? How do you convince senior leadership of that, and what are the truly essential components of an effective program? Join us as we discuss how your organization can effectively prevent, detect, and respond to insider threats. | |||
11:30 am - 12:00 pm | Anatomy of a Successful Phishing Attack Quinn Shamblin, Executive Director & Information Security Officer, Boston University We all know that the largest weakness in any cyber security program is people. One of the most effective ways to get around security is to simply ask a person with access to let you in. Phishing messages have been the opening attack of most of the largest, most publicized and most expensive breaches in our recent history. Join us for this session as we discuss the anatomy of a successful phishing attack and one organization’s incident response management, tactical actions and longer-term strategic plans to try to counter the effectiveness of phishing. We will also discuss how the organization executed the enterprise-wide roll-out of a modern, easy- to-use multi-factor authentication solution for a client base of tens of thousands in only a few months, including a review of key success factors and lessons learned. | |||
12:00 pm - 1:15 pm | Networking Lunch with Hosted Discussion Tables Join a discussion table to share strategies and connect with your peers to hear how they're resolving the same issues with which you grapple every day.
| |||
1:15 pm - 2:00 pm | Cyber Security Confab Sessions John McCarty, Regional Vice-President, East, Seculert Dan Schiappa, SVP and General Manager, Sophos End User Security Group, Sophos Jeff Wells, Director, Business Development, Lancope You won’t want to miss these short format, rapid-fire presentations from thought leaders who will demonstrate how forward-thinking organizations are preparing for the future. Cyber Security Incident Response: Understanding the Norm in Your Environment Presented by Lancope Organizations of all sizes face a significant threat from information security breaches. It's not a question of if – but when, and how – internet criminals will get into your network. Join us for this short but informative talk on the power of knowing what is normal in your environment — and how doing so allows you to find and focus on the critical threats you face. Lancope is pleased to offer a complimentary white paper entitled "Cyber Security Incident Response: Are we as prepared as we think?" Please click here to view. Why Breach Detection Is Your New Must-Have, Cyber Security Tool Layers Are for Cakes: Rethinking Security as a Unified System Sophos is pleased to offer a complimentary white paper entitled "5 Stages of a Web Malware Attack" Please click here to view. | |||
2:00 pm - 2:45 pm | Proactively Dealing with the Threat of Data Breach Nick Akerman, Partner, Dorsey & Whitney LLP Nicholas Bruno, CISO, Continuum Managed IT Services Quinn Shamblin, Executive Director & Information Security Officer, Boston University Joan Goodchild, Editor, CSO The legal requirements for breach notification have gone from historically reactive, starting with the 2003 California Security Breach Notification law, to largely proactive in newer forms of legislation, including recent Massachusetts regulations which require organizations to have a data compliance program in place. What are the advantages and challenges to this new way of staying prepared? Join us to hear panelists' perspectives on strategies for proactively positioning one's organization for dealing with a data breach. | |||
2:45 pm - 3:45 pm | What to Do -- and Not to Do -- When Attacked: A Moderated Workshop Nick Akerman, Partner, Dorsey & Whitney LLP Joan Goodchild, Editor, CSO Today’s enterprises have more powerful security resources than a decade ago. Some have been tempted to turn those resources against their attackers in retaliation for the damage they caused. Others are reluctant to work with law enforcement on investigations for fear of exposing a negative incident to the public. In this session, we’ll learn more about what every business should do -- and not do -- when responding to cyber attacks. | |||
3:45 pm | Recap, Takeaways and Closing Remarks Joan Goodchild, Editor, CSO |