Exposing Adversarial Conversations
The latest snapshot of your network traffic logs may look innocent enough, but hidden within your common ports and protocols are the movements of a cybercriminal who has secretly breached your systems and is now trying to expand its foothold within your virtual walls in multi-cloud environments.
It’s this east-west infiltration that turns what could be just a relatively minor breach into a damaging data exfiltration incident or a full-scale ransomware attack. That’s why reducing attacker dwell time, curbing lateral movement and detecting advanced threats are essential components to any network security strategy, whether you operate largely on premises, in private clouds or multi-cloud architectures.
Gain key insights and strategies related to the defense against post-breach lateral movement:
- Research, statistical analysis and threat reports that underscore the threat that lateral movement represents
- Key metrics, strategies and solutions for detecting post-exploitation east-west movement, including behavioral analysis and identifying threat signatures
- A Guide To Detecting & Restricting Lateral Movement
Presented by: Chad Skipper, Global Security Technologist, VMware
Unlocking Potential: Increasing Women's Participation in IT Leading to Better Performing Teams
This session explores the importance of women’s participation in the field of Information Technology (IT) and its positive impact on team performance. The session aims to shed light on the challenges faced by women in the IT industry, identify strategies to increase their participation and discuss the resulting benefits for teams and organizations.
Presented by: Helen Knight, Transformation Consultant, Helen Knight Consulting
Stop Trying to Boil the Ocean; Making Better Risk Decisions to Prevent Future Cyber Attacks
Discussing traditional approaches to Risk Management and why they are less and less effective as technology gets more complex and attacks get harder to detect. Including:
- Gaining comprehensive visibility across the modern attack surface
- Anticipating threats, identifying exposures and prioritizing efforts to prevent attacks
- Communicating cyber risk up and down the organization to help make better risk decisions
Presented by: Seth Matheson, Distinguished Security Engineer, Tenable
In The Know: Coping with Recession Concerns on IT Spending
Concerns of a Recession looms whether there results in one or not. With a war raging across the ocean, a potential European energy crisis this winter, and inflation numbers in the US refusing to subside, the macroeconomic environment has caused enterprise IT leaders to rethink their strategies. Learn how your peers are changing their plans to deal with the recession.
Presented by: Bill Allen, GVP, General GM, Rimini Street
In this presentation, we discussed:
- Top Trend in Communications
- Better Together with Microsoft Teams
- AI – Getting Started with CX
Sean McMurray, National Account Executive – SLED/Health, RingCentral
Claude Giorgio, National Account Executive – Enterprise Business, RingCentral
Incident Response & Cyber Forensics: What You Don’t Know Can Hurt You
There are five general rules of evidence that apply to digital forensics and need to be followed in order for evidence to be useful. ignoring these rules makes evidence inadmissible, and your case could be thrown out.
In this presentation, we’ll deep dive into the five rules for collecting digital evidence:
Is Your Roadmap Business-Driven or Vendor Dictated?
Today, the primary CEO priority is growth, with technology as a key enabler. However, vendor policies pose major roadblocks to innovation, growth and competitive advantage by forcing you to spend limited budget, resources and time on projects that may not drive your business. Learn how you can take control of your IT roadmap by choosing a Business-Driven Roadmap designed around your business objectives and not the vendor’s. Leverage vendor software, but do it on your terms, on your timetable and with the flexibility, funding and freedom to focus on initiatives that support growth and competitive advantage.
Presented by: Mirza Baig, Director of Cybersecurity, Municipal Property Assessment Corporation
ZTaaS (Zero Trust as a Service): Making Your Transition to a Zero Trust Architecture (ZTA) Possible
Over the past decade, the Zero Trust Architecture (ZTA) has established itself as the new standard in computer security: while the basic concepts of the ZTA have remained unchanged, the architecture itself has evolved significantly over time with an authoritative architecture we can reference for our designs. Having supported many companies in their efforts to deploy their ZTA over the past 10 years, we must admitted that few of them have been able to set it up despite their real desire to adopt it: the complexity inherent to security infrastructures and the lack of a policy engine have led to very few implementations.
Along with the evolution of the ZTA, we have seen the adoption of cloud computing and its principles, allowing IT organizations to reduce or abandon infrastructure management and redirect their resources to relevant business services.
What happens when we use cloud computing to deliver ZTA as a service? An accessible approach to rapidly pivot your legacy security architecture to a complete, modern Zero Trust one.
Presented by: Bruno Germain, Solution Architect, Zscaler
Cloud Cost Governance and Optimization
Are you struggling to keep your cloud spending in check? Does it seem like your budget is constantly being exceeded, and you’re constantly chasing different teams to shut down unused and over-provisioned cloud services, almost like playing a game of whack-a-mole? With the current macroeconomic conditions, your senior leadership team is demanding cost control and reductions, but without compromising innovation and modernization. If this sounds like the daily challenge you face, we invite you to join our session. Let’s come together to discuss, share experiences, and learn from each other on how to effectively manage cloud costs. Discover practical strategies, best practices, and actionable insights that can help you regain control over your cloud spending while maintaining a focus on innovation and modernization. Don’t let skyrocketing costs hinder your success. Join us and unlock the secrets to better cost management in the cloud.
Presented by: Feng Liu, Head of Cloud Engineering, BDO Canada
Keys to Leading Data Governance and Analytics as a Digital Transformation Force Multiplier
Leaders often say, “Digital transformation is a journey,” but today’s competitive opportunities and risks require developing digital transformation as a core organizational competency. “You will always be transforming,” says Isaac Sacolick, author of two top digital transformation books, distinguished speaker, and writer of 900+ articles for CIO.com, InfoWorld, StarCIO, and other websites. Isaac advises IT and security leaders to seek force multipliers to accelerate their transformational efforts by targeting multiple business objectives. In this keynote, he will share force-multiplier examples in data governance, citizen data science, MLOps, FinOps, and AIOps, and how Digital Trailblazers lead to deliver transformational impacts.
The Era of Generative AI
Generative AI has quickly captured the hearts and minds of millions of users around the world since the introduction of technologies like ChatGPT late last year. While the potential benefits of transforming the workplace are compelling, this technology also introduces new risks that need to be managed and often the CISO is asked to provide the firm guidance on assessing the value, the risks, and policies for use. This session will focus on providing an overview on the following topics:
- Generative AI use cases
- Responsible AI
- New security risks
- Creating Generative AI Policies for Use
Presented by: Bill Wong, Principal Research Director – AI and Data Analytics Lead, Info-Tech Research Group
Cybersecurity from the Lens of the Internal Audit Function
The ongoing battle to effectively manage cyber threats and risks is only going to get fiercer and complex. As part of its efforts to fight the cybersecurity battle, a number of organizations are acknowledging the need to build and strengthen their third line of defense i.e. an independent review of cybersecurity measures and conduct by the internal audit function. The Internal audit function plays a critical role in identifying and evaluating prospects to bolster the enterprise security posture. Concurrently, the internal audit function has a responsibility to report to the audit committee and the board on whether controls to protect and defend against cybersecurity threats are designed and operating effectively.
Zain Haq, Director- Cybersecurity Audit, Manulife
Simon Sulyma, Senior Director, Information Risk, Manulife