Des Moines Cybersecurity Conference

78% of organizations store their critical data in SaaS applications, relying on SaaS platforms to
conduct business. Consequently, SaaS now represents one of the largest attack surfaces that
businesses must safeguard.

Why has SaaS become the new battleground in cybersecurity and how are attacks happening?

• What the modern SaaS attack surface and kill chain look like
• What Threat Actors are going after SaaS?
• Why are the attackers winning?
• What are the common TTPs in SaaS attacks?
• Effective controls to reduce the likelihood of Threat Actor success

A brief review of essential security controls with additional context and conversation around how they apply to cloud and other emerging technologies.

Specialized threats targeting OT environments have been around since at least 2010, with the reports of Stuxnet. Recognizing the criticality of these devices, Threat Actors have continued evolving, continuing to target OT devices, many of which are inherently insecure-by-design. Research, such as Vedere Labs’ OT:ICEFALL research project and Project Basecamp by Digital Bond from 10 years ago showed how significant the scope of vulnerable devices are that are pervasive in critical infrastructure systems. Today’s SOC needs to not only see those devices and the risks they pose while also ensuring accurate detection of the threats uniquely targeting those OT environments they’re deployed in. This session will explore this unique threat landscape and the capabilities required to combat the threats and automatically mitigate the risks specially targeting Operational Technology environments.

Confront the threat; contain the breach. According to the 2024 Data Protection Trends Report, 82% of organizations can’t recover quickly enough from a cyber-attack to achieve full productivity. In today’s age, it is critical to be resilient in a world of cyberthreats and be confident in your detection, response, and recovery plan. Ultimately this can help you reduce the impact of cyberattacks on your organization and back up whether data is in the cloud, on prem or both. By extending Zero Trust to data backup and recovery, you will be building an effective strategy for securing your IT infrastructure against ransomware and cybersecurity threats.

In the age of digital transformation, data breaches are the modern-day boogeyman, lurking in the shadows of poorly secured databases. This presentation will take you on a thrilling journey through some of the most notorious data breaches in recent history—each a cautionary tale of what can go wrong when security is an afterthought. From ransomware rampages that crippled healthcare systems to massive leaks of sensitive information from unsecured MySQL databases, we’ll explore how these attacks unfolded and the costly consequences that followed.

But fear not! We’ll also provide you with the ultimate toolkit to exorcise these demons from your systems. Learn practical, battle-tested strategies to secure your MySQL Server, including tips on encryption, access control, and timely patching. By the end of this session, you’ll be equipped with the knowledge to defend your organization’s data from even the most cunning cybercriminals. Don’t let your company’s data be the next ghost story—join us and turn these scary tales into lessons for a secure future!

As AI technologies rapidly transform the cybersecurity landscape, CISOs are grappling with both the promises and pitfalls of adoption. Our recent survey revealed an impressive 83% of respondents have a positive outlook on their team’s AI progress, yet they face significant hurdles.

Data privacy concerns, talent shortages, and misaligned priorities top the list of challenges. However, CISOs remain optimistic, with 74% believing AI’s benefits of faster decision-making outweigh the risks. Remarkably, over half see AI as a solution to the talent crunch, enabling new hires to focus on strategic work.

This presentation will dive into the key findings from our research, equipping CISOs with the insights needed to successfully navigate the AI revolution. Discover how to address the barriers to adoption, leverage AI’s transformative potential, and empower your security teams to thrive in the age of intelligent cybersecurity. We will also share how leading security teams are leveraging AI in Tines for workflow automation and orchestration. Join us as we explore the future of AI-powered protection and the path to maximizing its impact within your organization.

With the myriad options for addressing the many links in the kill chain, how do you determine which is best suited to protect your business? If you focus heavily on stopping initial infection, a single bypass of your perimeter can be deadly. A strong back up and restore strategy is valid… but should be plan b. If you miss the middle of the kill chain, you can’t stop a ransomware attack from spreading across your network and locking down critical applications and infrastructure. A multi-layer defense strategy that strategically addresses areas of the chain where you are most vulnerable is going to- prevent widespread damage, data loss, and downtime.

Join this session to discuss:

• Methods for addressing your unique attack surface
• The importance of the notoriously under-addressed lateral movement phase that is critical to the success of an attack
• Increasing internal visibility as it relates to threat intel and ransomware attacks
• Understanding modern attack trends – and what this means for your security strategy