Omaha, NE (Central Region)
Wednesday, April 21, 2021
Virtual
Keynote Speaker
“"The Biggest Breaches and What They Mean for the Future of Cybersecurity"”
Dr. Neil Daswani
Director Stanford University Advanced Security
Former SVP / CISO Symantec CBU & LifeLock, Executive-In-Residence Trinity Ventures, CTO Dasient, Eng Mgr Twitter, Senior Engineer Google
This talk covers the key lessons learned and root causes from the biggest mega-breaches over the past several years, and analyzes their correlation to the over $45 billion invested in cybersecurity thus far. Based on hard data of over 4,000 cybersecurity companies that have been funded thus far, and what they have focused on to-date, some hypotheses on where future investment is required will be presented. Whether you’re interested in how your current company is positioned for the future of cybersecurity, considering a job change, or even potentially starting a cybersecurity company yourself, this talk will arm you with the information that you need about the security landscape, both on the business and technology fronts. Future trends in cybersecurity will also be discussed. Dr. Daswani’s -C0-Director Stanford University Advanced Security; Former SVP & CISO Symantec CBU, CISO LifeLock, EIR Trinity, CTO Dasient Dr. Daswani’s latest book, "Big Breaches: Cybersecurity Lessons for Everyone" is available for pre-order at https://tinyurl.com/bigbreachesCISO/Industry Leader Panel
CISO Panel: “The Race to Secure Your Supply Chain”
Laureen Smith
Executive - Cybersecurity Advisory LJ Marketing & Communications
Helen Mohrmann
Chief Information Security Officer University of Texas
John L. Sullivan
Global Chief Security and Resiliency Officer Boston Scientific
Jason Lewkowicz
Global Chief Information Security Officer Cognizant
About the Event
FutureCon Events brings high-level Cyber Security Training discovering cutting-edge security approaches, managing risk in the ever-changing threat of the cybersecurity workforce.
Join us as we talk with a panel of C-level executives who have effectively mitigated the risk of Cyber Attacks.
Educating C-suite executives and CISOs (chief information security officers) on the global cybercrime epidemic, and how to build Cyber Resilient organizations.
“Cybersecurity is no longer just an IT problem”
Gain the latest knowledge you need to enable applications while keeping your computing environment secure from advanced Cyber Threats. Demo the newest technology, and interact with the world’s security leaders and gain other pressing topics of interest to the information security community.
The FutureCon community will keep you updated on the future of the Cyberworld and allow you to interact with your peers and the world’s security leaders.
For sponsorship opportunities email sales@futureconevents.com
Agenda
Times are subject to change
Live
Opening Introductions
Presentation
Why SOC’s Fail: The Maturity Model Required for Cyber Resiliency
Billions of dollars are spent annually to set up SOCs across every industry and yet, according to Risk Based Security, 3,932 breaches were publicly reported in 2020 alone. Why are SOCs failing? Listen as Exabeam’s Steve Moore and Luke Voigt talk about why SOCs always fail when built under the current operating model. And what to do to make SOCs more cyber resilient using a simple maturity model based on outcomes and use cases.
Key Learnings:
- Why an outcome-based approach is the only way for SOCs to offer effective coverage and protection for your organization
- How the most successful SOCs use a comprehensive, strategic and end-to-end focused approach to address 95% of all operational issues at scale
- Why it is critical for Security Operations (SecOps) to become more use case-driven and full lifecycle workflow orientated
- Lastly, learn about a new simple framework and maturity model that will help your organization approach SOCs the right way
Sponsored by
Presentation
5 Critical Pillars for the SOC of the Future
This year has seen nearly everything change to some degree—including within the Security Operations Center (SOC). Not only are we seeing a fast-evolving and surging threat landscape with which we must keep up, but we’re also contending with the business’s shifting priorities, budgets, and headcounts—all of which impact how the SOC can operate. To ensure we can continue to stave off threats in this new world, we must make sure the foundational elements of our SOC are in place:
- Threat intelligence
- Threat research
- Detection engineering
- Investigation
- Incident handling
This session will cover considerations for CISOs and infosec leaders within each of these five critical pillars. We’ll explore how organizations can make the most of limited resources and close skills gaps by carefully balancing their internal team’s competencies with outside expertise. Learn the steps you can take to establish a modern, efficient, and ultimately successful SOC of the future.
Sponsored by
Live Keynote
"The Biggest Breaches and What They Mean for the Future of Cybersecurity"
This talk covers the key lessons learned and root causes from the biggest mega-breaches over the past several years, and analyzes their correlation to the over $45 billion invested in cybersecurity thus far. Based on hard data of over 4,000 cybersecurity companies that have been funded thus far, and what they have focused on to-date, some hypotheses on where future investment is required will be presented. Whether you’re interested in how your current company is positioned for the future of cybersecurity, considering a job change, or even potentially starting a cybersecurity company yourself, this talk will arm you with the information that you need about the security landscape, both on the business and technology fronts. Future trends in cybersecurity will also be discussed.
Live Presentation
Conquering Cyber Risk in 3rd Party Communications
The Enterprise Content Firewall
To do their jobs, employees must share IP, PII, PHI, and all means of sensitive content with customers, suppliers, partners and a broad ecosystem of trusted 3rd parties. However, they put the organization at risk when they communicate across untrusted devices, networks, applications and identities. How can you prevent beaches and compliance violations from everyday 3rd party communications when you can’t even see what’s going on? This session explores the need for a next-generation “content firewall” that rises above packets and traffic to inspect content and communication, and thereby ensure confidentiality, compliance and control of risky 3rd party business processes.
Sponsored by
Live Panel Discussion
CISO Panel: “The Race to Secure Your Supply Chain”
Join this panel of industry experts for tips on how to implement a third-party risk management program and reduce your exposure to a supply chain breach.
Sponsored by
Presentation
Building Intentional Security in a Time of Complexity
The information security industry has hit an inflection point of complexity at the same time as ransomware is rising to become a $20 billion industry for cybercriminals. Why is information security so hard? Why hasn’t it been solved yet? And what is a good approach to building an intentional security strategy in the midst of all this chaos? This session explores what exactly makes infosec so complicated, and how companies can start to solve those challenges through a positive and thoughtful security approach.
Sponsored by
Presentation
Past, Present, Future: Zero Trust Architecture
In this webinar you will learn:
- How to maximize existing security controls, security capabilities, and investments
- Pragmatic application of zero-trust principles to traditional and SaaS environments
- What’s new in tactics and strategies for protecting hybrid environments
Data breaches grab headlines. Good security is steady. As organizations expand their perimeter beyond the firewall through software-as-a-service (SaaS) and hybrid applications, it becomes more important than ever to have a strategy covering user access regardless of location. But alongside developments in new tools, data privacy laws have also developed and add to compliance requirements for managing these data and tool. Meanwhile, modernization efforts are introducing new risks as well. While many industries have adopted zero-trust strategies to address these challenges of the expanded perimeter, many admins remain wary of this trend and question if it is a fit for environments which often have a hefty legacy technology footprint.
However, many of these “new” strategies remain firmly rooted in tried-and-true best practices admins have followed for decades. The principles of logical segmentation, least-permissive access, economy of mechanism, adaptive policy controls, and strong authentication are simply evolving to accommodate new use cases rather than being replaced. Join this session with Duo Security Advisory CISO Wolfgang Goerlich for a grounded discussion of the unique needs and concerns for modern IT teams based on real-world examples, and how concepts like device trust and context-aware access can improve security design without leaving crucial inherited or legacy systems out in the cold.
Sponsored by
Presentation
Securing Apps in SDN & Hybrid-Cloud Environments
Sponsored by
Presentation
Securing the Cloud Control Plane - How to Make Security Predictable in the Cloud
More than ever, organizations are grappling with how to secure cloud-native applications. Protecting these applications — a combination of containers, virtual machines, APIs and serverless functions — from development to runtime requires reworking the approach many organizations take toward security. In a new survey from Enterprise Strategy Group (ESG), 88% of respondents said their cybersecurity program needs to evolve to secure their cloud-native applications and use of public cloud infrastructure, with many citing challenges around maintaining visibility and consistency across disparate environments.
Join CrowdStrike’s session to learn how to make security more predictable in the cloud. Spencer Parker and Sowmya Karmali will highlight best practices that DevOps and SecOps teams can employ to secure your applications in the cloud.
Attendees will:
- Learn about cloud-native security challenges and how to prevent inconsistency, uncover misconfigurations and improve visibility
- Understand the cloud-native threat landscape and the need for an integrated defense-in-depth strategy
- See recommendations on how to enable a centralized approach to securing heterogeneous cloud-native applications deployed across distributed clouds
Sponsored by
Presentation
The Malware Lab: Rethinking Enterprise File Analysis
Cyberthreats represent one of the most significant risks to modern businesses. Malware is pervasive; embedded in videos, hidden in software updates, and uploaded by unsuspecting customers. Yet the tools to investigate these threats are often manual and burdensome to maintain. Organizations recognize these challenges, but simply don’t know how to get started.
This session is a great opportunity to hear about a growing trend from one of ReversingLabs experts, Chip Epps. Chip will discuss centralizing the challenging tasks of investigating files and providing actionable intelligence to the entire organization. Some other areas of focus include:
- Streamlining file analysis and making security more responsive and proactive
- Why centralizing malware research into an enterprise “Malware Lab” is both efficient and effective
- How to benefit all lines of business and reduce cyber risks
Sponsored by
Presentation
Faking It: Stopping Impersonation Attacks with Cyber AI
Today, 94% of cyber-threats still originate in the inbox. ‘Impersonation attacks’ are on the rise, as artificial intelligence is increasingly being used to automatically generate spear-phishing emails, or ‘digital fakes’, that expertly mimic the writing style of trusted contacts and colleagues.
Humans can no longer distinguish real from fake on their own – businesses are increasingly turning to AI to distinguish friend from foe and fight back with autonomous response.
In an era when thousands of documents can be encrypted in minutes, ‘immune system’ technology takes action in seconds – stopping cyber-threats before damage is done.
Find out how in this session.
Sponsored by
Presentation
Seeing the forest through the trees - A risked based approach to maturing your VMP
Sponsored by
Live Closing Remarks
Closing Remarks
CISO Bourbon Happy Hour
Invite Only