Orange County, CA

You’ve heard that “data is the new oil”. More accurately, “data is your currency”. It gives you the ability to conduct business. Mismanage it and there can be serious consequences. Lose it and you lose your business.

With your “bills” spread across your environment, managing and protecting the “money” can be a monumental task. $100s, $50s, $20s, $10s, $5s, and lots of $1s are strewn about. Knowing where your most valuable bills are is foundational to any data security process. This session will explore the key steps in identifying the most important data in your organization. Using real-world examples, we will examine the impact of placing appropriate controls to protect your most important business asset: your data.

We’ve unleashed our dark allies from the nightmare dimension on an unholy crusade to demonstrate cyberattacks for your enlightenment. If you love seeing devices compromised as much as we do, join us for a real hacking demonstration, detailed security research findings, and threat mitigation techniques that will disappoint bad actors. Share your new knowledge around the water cooler, apply these preventative security strategies within your own organization, and become the cool person at the office party everyone wants to hang out with regardless of that cat sweater you insist on wearing.

We’ll share stories from the trenches involving cybercriminals, nation-state actors, and defenders. Our presentation will detail findings from over six years of xIoT threat research spanning millions of production devices in enterprises and government agencies around the world. We’ll identify various steps organizations can take to mitigate risk while embracing a Things-connected world. We’ll also demonstrate a hack against an xIoT, or Extended Internet of Things, device. For those who would say, “But they’re just security cameras monitoring the parking garage, wireless access points in the cafeteria, or PLCs controlling robotic welding arms; what harm can they cause?” – this will illuminate that harm.

xIoT encompasses four disparate but interrelated device groups that operate with purpose-built hardware and firmware, are typically network-connected, and disallow the installation of traditional endpoint security controls. The first group contains enterprise IoT devices such as VoIP phones, security cameras, wireless access points, network attached storage, and printers. The second group includes OT devices such as PLCs, building automation systems, and industrial control systems. The third group consists of IoMT assets such as infusion pumps, patient monitors, and wireless vital monitors. The fourth group contains IIoT devices like robotics, smart factory systems, and temperature sensors.

There are over 50 billion xIoT devices in operation worldwide. Most of these devices run well-known operating systems like Linux, Android, BSD, and various real-time operating systems like VxWorks. Additionally, many xIoT devices have open ports, protocols, storage, memory, and processing capabilities similar to your laptop. But there is a major difference. Even though most enterprises and government agencies have tens to hundreds of thousands of these devices in production, they go largely unmanaged and unmonitored. These xIoT devices typically operate with weak credentials, old, vulnerable firmware, extraneous services, and problematic certificates. This massive, vulnerable xIoT attack surface is being successfully exploited by bad actors engaging in cyber espionage, data exfiltration, sabotage, and extortion, impacting xIoT, IT, and cloud assets.

Nation-states and cybercriminals have shifted their focus to xIoT attacks. Why? Because they work. Military-grade xIoT hacking tools are in use, cybercrime for hire that’s predicated on compromised xIoT devices has been monetized, and organizations worldwide are already “pwned” without even knowing it. Bad actors are counting on you being passive by not mitigating xIoT security risks. They want you to fail so they can continue to evade detection and maintain persistence on your xIoT devices. Disappoint them! Take your xIoT devices back by understanding how to hack them, recognizing where they’re most vulnerable, and employing strategies to successfully protect them at scale.

Security teams are struggling to manage high volume, high velocity data and threats are lost in an endless list of alerts. We’ll demonstrate how effective use of data pipelines reduces volume, amplifies signal to noise ratio, saves countless hours and dollars, and may even save the planet.

Key Takeaways:

• Most organizations ingest data inefficiently, resulting in duplicate, redundant, or useless information and false positives.
• The cost of inefficient data is far greater than monetary. it impacts security, engineering, and even the environment.
• Using data pipelines and effective data processing saves time, money, and frustration. Better data means stronger signal to noise and more effective threat detection.

In today‘s threat landscape, digital transformation is crucial for organizations looking to stay ahead of threat actors. To achieve this, IT and Security teams must work together to ward off cyberattacks and ensure a positive employee experience. In this session, we’ll highlight the endpoint security strategies for your IT stack against known and unknown vulnerabilities.

A brief overview of cyber trends and first steps towards NIST compliance

Sometimes just having a SOC isn’t enough to address insider threat issues. Security operations teams are managing massive amounts of data across billions of events from on premises to the cloud. Looking for specific needles like insider threats in this complex haystack has special requirements that encompass both searching historic data and seeing evolving credential behavior changes as they happen.

Whether from downsizing or expanding the business, employees, vendors, contractors, and more are moving in and out of your environment. And often, it is during turbulent times that insider threats go unobserved as everything  changes so quickly. Insider threat initiatives require a new, more focused approach.

This presentation will explore:

• The common scenarios that indicate you need an insider threat team, how to build a mission statement, and tools

• Four attributes of a successful insider threat program
• How behavioral analytics baseline “normal” behavior of users and devices – showing risk faster

A look at cybersecurity trends from 2022, how Expel caught these attacks in the wild, and how these trends can inform your security strategy in 2023.

We know that 2022 was fraught with security threats. But wrapping your head around what they were, what’s trending, and what to do about it is essential for your security strategy going into 2023.

Expel’s annual threat report, Great eXpeltations, compiles data, trends, and recommendations from the incidents our security operations center (SOC) saw in 2022, based on our full customer base: from small and midsize companies to enterprise orgs, at every phase of the security journey, across every industry Expel serves.

Join Chris Hencinski, Solutions Architect, Expel, for a deep dive into the numbers and their real-world incident counterparts, including examples of pre-ransomware, business application compromise, credential harvester phishing, SaaS compromise, and an attack against cloud infrastructure.

Every business desires to be unhackable. Even air-gapped environments have data leakage, but there are proven steps that can significantly limit your exposure without causing undue irritation to your staff. In this session, we will review current security methods, discuss current flaws, and understand why a Zero Trust solution is the best solution.