IT Summit - Fall
Monday-Tuesday, October 22-23, 2018

SynerComm's 16th Annual IT Conference, at Potawatomi Hotel & Casino

Click on a track to filter the results below


Back to Top

Title
SynerComm Practice Areas Findings and Opportunities for Improvement
Abstract

In this session SynerComm practice leaders that are working with customers on digital transformation initiatives and maturing their Information Security Programs will discuss the top challenges we see customers facing as well as identify opportunities for improvement that are working in the field. Each day will focus on different aspects of the challenges and opportunities.

  • What's New at SynerComm - Mark Sollazo
  • Preparation for Digital Transformation - Lisa Niles
  • Information Security Program Challenges and Opportunities - Bill Curtis
  • Security Posture Validation Challenges and Opportunities - Brian Judd
  • Filling in the missing pieces - Marc Spindt
Speaker
Mark Sollazo, Lisa Niles, Bill Curtis, Brian Judd, Marc Spindt Details
Presented by

Back to Top

Title
Delivering the full promise of the cloud with a self-driving wide area network
Abstract
Silver Peak enables partners to help enterprises break free from the limitations of traditional networks with a self-driving wide area network that learns and adapts to meet the requirements of the business.
Speaker
Michael O'Brien Details
Presented by

Back to Top

Title
Next Generation End Point Protection... What's the Real Story
Abstract
Organizations know that the traditional perimeter has broken down and that the endpoint is the new perimeter. What they seek are replacements to traditional endpoint tech that allow them to reliably defend against old school and modern attacks while giving them more visibility. Simplicity and automation are of keen interest since there aren't enough skilled security personnel to go around. This session will dissect EPP and EDR terminology and map them into typical organizational requirements. I'll discuss how SentinelOne's capabilities are meeting these requirements.
Speaker
Grant Moerschel Details
Presented by

Back to Top

Title
Getting Off the Threat & Vulnerability Management Treadmill
Abstract

Organizations "know" what they need to do. They scan, find piles of vulnerabilities, then rush to patch. But low and behold, the patching doesn't seem to improve their security posture, and with patch tickets accumulating at an alarming rate, they fall further and further behind. Why? What's wrong?

Unfortunately, Security and IT teams often find themselves in this unenviable position. The good news is that there's a movement afoot that can rescue them. In this session you will learn how a risk-based approach to vulnerability management can reduce vulnerability fatigue while improving workflow efficiency and personnel productivity in a truly measurable way.

Speaker
John Dasher Details
Presented by

Back to Top

Title
Adopting Cloud - Enterprise Wide Security Model Planning
Abstract

If you're tired of living by the following motto: "Poor planning on your part does not necessitate an immediate emergency on mine", then you may want to attend this session before you choose a cloud service provider.

This session is intended to highlight vital questions that all your IT teams need to have answered in order to maintain a high level of security, that meets your governance and compliance needs as well as those of your regulators and auditors.

Speaker
John Schmidt Details
Presented by

Back to Top

Title
CIS Top 20 Overview with Self-Assessment Worksheet
Abstract
In this session we will utilize a CIS Top 20 worksheet to perform a self-assessment gap analysis of your security posture that will provide insight into best practice roadmap.
Speaker
Lisa Niles Details
Presented by

Back to Top

Title
A Journey to the AWS Cloud - Key Use-cases & Lessons Learned from the Trenches
Abstract
Sure, you use the cloud. Most organizations do. Are you dabbling or purposefully moving toward more fully leveraging the benefits of cloud? Join us to walk through some of the most common cloud use cases and their related architectures.
Speaker
Aaron Howell Details
Presented by

Back to Top

Title
Segmentation - What/how/why
Abstract
  • Zero-trust access
  • By data classification, business, group, location?
  • Right size the controls- Phase in using a risk-based approach (high value, high risk) systems first
Speaker
John Schmidt Details
Presented by

Back to Top

Title
DA 101: Protecting your Domain Admin Account
Abstract
In today's modern Active Directory environment there are a lot of mistakes a Domain Admin can make. The consequences of these mistakes can result in the total compromise of your network. Knowing a couple of basic tips and tricks from our Penetration Testers can mean the difference between catching a malicious actor at Patient Zero and losing control of your entire network.
Speaker
Justin Gardner Details
Presented by

Back to Top

Title
Vision/Strategy: Pick a framework and stick with it.
Abstract
Why are aircraft maintenance frameworks so well defined, carefully developed, and consistently utilized? Obviously to maximize the chance of successful flights. Well-defined and carefully developed IT security frameworks also exist, yet so few utilize them. Let's discuss a few together, and you CAN utilize a framework that is right for your organization.
Speaker
Jeff Lemmermann Details
Presented by

Back to Top

Title
Leveling Up Your SIEM
Abstract
Now that you have a SIEM installed, how do you make the best use of it? Often times, the default alerts and thresholds from the vendor are insufficient for truly monitoring an environment. In this session, we will talk about ways you can develop advanced alerting that will increase the odds of triggering on actionable security events.
Speaker
Kyle LeDuc Details
Presented by

Back to Top

Title
A Series of Avoidable Events
Abstract
In this session the SynerComm Center of Excellence "Investigative Team" will describe the series of unfortunate events leading to and lessons learned from real-world security incidents and provide cultural, people, process and tool strategies and best practices recommendations that could have provided a better outcome.
Speaker
SynerComm Center of Excellence Investigative Team Details
Presented by

Back to Top

Title
Industry 4.0 and SmartOffice of the Future
Abstract

Foxconn! Foxconn! Foxconn!

We've been hearing all about them, here's your chance to hear directly from them.

Dr. Bill Mitchell, VP Business Operations, Foxconn, and Todd McLees, Strategic Consultant to Foxconn, will discuss its massive development throughout Wisconsin, and the impact and opportunities for the state and the Midwest, inclusive of innovation, tech talent, supply chain, and Industry 4.0 initiatives - the current trend of automation and data exchange in manufacturing technologies, including cyber-physical systems, Internet of things, cloud computing, AI and cognitive computing.

Speaker
Dr. Bill Mitchell, Todd McLees Details
Presented by

Back to Top

Title
SynerComm Practice Areas Findings and Opportunities for Improvement - Part I
Abstract

In this session SynerComm practice leaders that are working with customers on digital transformation initiatives and maturing their Information Security Programs will discuss the top challenges we see customers facing as well as identify opportunities for improvement that are working in the field. Each day will focus on different aspects of the challenges and opportunities.

  • What's New at SynerComm - Mark Sollazo
Speaker
Mark Sollazo Details
Presented by

Back to Top

Title
Emerging Tech Trends: AI and TechLash and 5G... Oh my!
Abstract

Karl Gouverneur, Vice President Digital Workplace and Corporate Solutions at Northwestern Mutual has been exploring emerging tech trends for over a dozen years. Before looking at the future, this keynote will look back a few years and examine the hot trends from "back in the day". Which ones seemed crazy back then but are commonplace today? Which ones fizzled before launch? Then look forward and examine three current day issues:

  • Bias in Artificial Intelligence: Will AIs adopt the biases of their creators?
  • TechLash: Is it time to go back to dumb phones and get off the grid?
  • 5G: What new capabilities will result from network speeds 30 times greater than 4G LTE?
Speaker
Karl Gouverneur Details
Presented by

Back to Top

Title
SynerComm Practice Areas Findings and Opportunities for Improvement - Part II
Abstract

In this session SynerComm practice leaders that are working with customers on digital transformation initiatives and maturing their Information Security Programs will discuss the top challenges we see customers facing as well as identify opportunities for improvement that are working in the field. Each day will focus on different aspects of the challenges and opportunities.

  • Preparation for Digital Transformation - Lisa Niles
  • Information Security Program Challenges and Opportunities - Bill Curtis
  • Security Posture Validation Challenges and Opportunities - Brian Judd
  • Filling in the missing pieces - Marc Spindt
Speaker
Lisa Niles, Bill Curtis, Brian Judd, Marc Spindt Details
Presented by

Back to Top

Title
Securing Applications & Workloads for Public Cloud & Hybrid Deployments for AWS, Azure and GCP
Abstract
A review of the most common security challenges when using public cloud and hybrid infrastructures and how to overcome them. A well-defined yet loosely coupled architecture is mandatory for public cloud deployments in order to meet the unique needs for scalability, elasticity and automation. Common technical use cases will be explored with customer examples as solutions.
Speaker
Tom McKenzie Details
Presented by

Back to Top

Title
Visibility and Control of Cloud Applications
Abstract
As more companies are moving to the cloud the challenges become greater to determine where users are going and what they are doing in cloud applications. We will explore some of the challenges facing companies and organizations today and how a Cloud Access Security Broker (CASB) can solve these problems. In this presentation, we will explore Shadow IT visibility, flexible deployment options and how to use them effectively to provide full user activity and control with greater accuracy.
Speaker
Darren Mehl Details
Presented by

Back to Top

Title
Deception Technology, Luxury Item or Life Line?
Abstract
Is deception technology only for mature security operations or is it an effective cyber security solution to help companies mature their capabilities? Organizations continue to build their security stacks, yet advanced threats and insiders continue to breach networks and extract valuable data. Learn how deploying decoys throughout your environment can build the bridge strengthening all the levels in your security stack. Join us for this session where you'll hear about real-world deployment experiences, the value customers are realizing, and what Red Teams are saying about deception-based threat detection.
Speaker
Gregg Kalman Details
Presented by

Back to Top

Title
The DNA of trust & of avoidance. Our greatest threats to security!
Abstract
In this session, you'll learn how human avoidance of looking foolish is one of the greatest threats to cybersecurity & how even a perfect technology doesn't suffice, if it's not engaged meaningfully with our Users. Eddie will attempted to produce a paradigm shift in your thinking, so that our Users become our greatest allies in the fight to prevent cybercrime?
Speaker
Eddie Doyle Details
Presented by

Back to Top

Title
Dark Web 101: What Every Security Professional Should Know
Abstract

The Dark Web combined with Bitcoin is the perfect storm of capitalism where hackers are attempting to penetrate your organization in hopes of monetizing their efforts. One of the most difficult challenges for cybersecurity teams is to have visibility into what types of information has been exfiltrated from their specific organization and what to do should they find themselves targeted.

Speaker
Troy Dixler Details
Presented by

Back to Top

Title
The 1/10/60 Minute Challenge: A Framework for Stopping Breaches Faster with EDR
Abstract
Breakout time, the average one hour and 58 minutes that it takes an intruder to jump from an initial compromised host to move laterally through your network, is emerging as a critical window to stop a breach. However, it's not the only crucial metric you need to know. When an attack is in progress, you have on average of one minute to detect it, 10 minutes to understand it and one hour to contain it. Is your organization ready to meet the 1/10/60 minute challenge? This presentation delves into the incident response process and offers practical advice on overcoming the obstacles that stand in the way of a fast and effective response.
Speaker
Scott Tashler Details
Presented by

Back to Top

Title
5 Steps to Network Automation
Abstract
This presentation will cover the concept of Site Reliability Engineering (SRE) as it applies to Network Engineering. A brief overview of what SRE is will be followed by a deep dive on Network Reliable Engineering (NRE) and how to start moving your current network organization towards a healthy NRE practice.
Speaker
Derick Winkworth Details
Presented by

Back to Top

Title
TCVM: A New Approach to Targeting Risk with Context-Aware Vulnerability Management
Abstract
Threat–centric vulnerability management (TCVM) takes a fundamentally new approach to significantly reduce the risk of attack on an organization. TCVM uses the context of a network, assets and business as well as current threat intelligence to accurately determine risk and focus remediation where it matters most. Vulnerability management is about more than scanning, severity levels and patching. To have a real impact on lowering your risk of cyberattack, you need to centralize and analyze data from your entire attack surface. This type of approach means using more data sources in vulnerability discovery, more context in prioritization, more options in remediation and more accountability in oversight.
Speaker
David Anteliz Details
Presented by

Back to Top

Title
Today's Malware Stealth Techniques and How to Prevent Them
Abstract
With over 500 million endpoints deployed globally, Bitdefender has a unique ability to gain insight into today’s active threat landscape. Ransomware is decreasing in prevalence, while cryptojacking is on the rise. In this session we’ll take a look at the sophistications used by these threats to penetrate corporate networks and the challenges organization have to keep abreast of these techniques. Most importantly, we’ll share details around new tools and methods that facilitate and automate your detection and response needs.
Speaker
Dan Wolff Details
Presented by

Back to Top

Title
Post Ransomware Crisis: Tips, Tricks, and Lessons Learned to Protect Your Organization
Abstract
Today, Ransomware attacks are more destructive than ever before. No organization, large or small is safe from a potential attack. This purpose of this session is to discuss recent ransomware breaches, the impact of those breaches, and steps you can take to better protect your organization from falling victim. In addition, you'll discover how ForeScout's security platform provides visibility into what's on your network in order to and assist in identifying the potential risk that exists in your environment today.
Speaker
Christopher Kudulis Details
Presented by

Back to Top

Title
Vision/Strategy: Pick a framework and stick with it.
Abstract
Why are aircraft maintenance frameworks so well defined, carefully developed, and consistently utilized? Obviously to maximize the chance of successful flights. Well-defined and carefully developed IT security frameworks also exist, yet so few utilize them. Let's discuss a few together, and you CAN utilize a framework that is right for your organization.
Speaker
Jeff Lemmermann Details
Presented by

Back to Top

Title
Adopting Cloud - Enterprise Wide Security Model Planning
Abstract

If you're tired of living by the following motto: "Poor planning on your part does not necessitate an immediate emergency on mine", then you may want to attend this session before you choose a cloud service provider.

This session is intended to highlight vital questions that all your IT teams need to have answered in order to maintain a high level of security, that meets your governance and compliance needs as well as those of your regulators and auditors.

Speaker
John Schmidt Details
Presented by

Back to Top

Title
Tweaking and Tuning your Infrastructure: Use what you have, better.
Abstract
You have network and security infrastructure and operations deployed, but when is the last time you took advantage of review by a second set of "eyes." In this session we will walk through validation options you should consider to help ensure you are maximizing the value of the investments you have already made.
Speaker
James Murphy Details
Presented by

Back to Top

Title
CIS Top 20 Overview with Self-Assessment Worksheet
Abstract
In this session we will utilize a CIS Top 20 worksheet to perform a self-assessment gap analysis of your security posture that will provide insight into best practice roadmap.
Speaker
Lisa Niles Details
Presented by

Back to Top

Title
Gauging your information security program: Top N effectiveness measures
Abstract
This session will explore what needs to be validated to assess, measure, and improve the effectiveness and efficiency of your Information Security program.
Speaker
Bill Curtis Details
Presented by

Back to Top

Title
A Journey to the AWS Cloud - Key Use-cases & Lessons Learned from the Trenches
Abstract
Sure, you use the cloud. Most organizations do. Are you dabbling or purposefully moving toward more fully leveraging the benefits of cloud? Join us to walk through some of the most common cloud use cases and their related architectures.
Speaker
Aaron Howell Details
Presented by

Back to Top

Title
If You Can't Measure It, You Can't Manage It
Abstract
We all go through assessments, and are presented with findings. We want to address them, but then why are so many of the same findings still present in the next assessment? In this session, we will explore the most common enemies of execution, and discuss methods to defeat them.
Speaker
Ron Gustafson Details
Presented by

Back to Top

Title
Plugging the Leaks: Resurrecting DLP
Abstract
In today's IT environment, the traditional security perimeters, where DLP "lives," are rapidly disappearing. Critical data is at rest, and in motion, and more places than traditional DLP solutions can possibly control. Join us to learn about new DLP techniques and solutions that work in perimeter-less environments.
Speaker
John Schmidt Details
Presented by

Back to Top

Title
Eureka, I Secured IT! - Information Security Fools Gold
Abstract
You've passed your last IT audit, installed a new log management utility, and remediated all of the findings from the latest pen test. You've achieved the gold standard in IT security; or have you? Vendors are selling all kinds of technical solutions, but the promises that come with these solutions are fool's gold. It takes effort and a solid foundation to strike security gold.
Speaker
Jeff Lemmermann Details
Presented by

Back to Top

Title
Risk Assessment: Identify and Prioritize Information Systems Risks
Abstract
Is your InfoSec Program making you more secure? Are you investing in the right areas? What are the right areas? It is difficult to manage what you do not understand and even more difficult to secure what you are not managing. This talk will explore SynerComm's methodology for completing a risk assessment. From defining scope to validating controls and assessing risk, SynerComm will walk your organization through the assessment of risk.
Speaker
Bill Curtis Details
Presented by

Back to Top

Title
Operation: Treat your IT like cattle, not like pets.
Abstract
All too often, after implementing that new tool, or putting in that new team, we believe we are successful, and worse, done. In truth, that is just the beginning. Teams and tools need to work efficiently and effectively, and that requires ongoing investment in administration and maintenance. Carriers and Service Providers do it pretty well. Join us to learn how more and more enterprises are starting to operate like Service Providers.
Speaker
Marc Spindt Details
Presented by

Back to Top

Title
Segmentation: What/why/how
Abstract
  • Zero-trust access
  • By data classification, business, group, location?
  • Right size the controls- Phase in using a risk-based approach (high value, high risk) systems first
Speaker
John Schmidt Details
Presented by

Back to Top

Title
SOARing to New Heights: Now you SIEM, now you don't.
Abstract
Security Operations, Analytics and Reporting (SOAR) is a relatively new Gartner Technology Class. In short, there is an ever growing set of security tools available, but each is often distinct and disintegrated from the others, resulting in inefficient and ineffective security. In this session, we will review how to spot this condition and techniques to address it.
Speaker
Marc Spindt Details
Presented by

Back to Top

Title
Adversary Simulation: Combining the Best of Audit and Penetration Testing
Abstract
In this session on we will define adversary simulation, its benefits, and why you should be doing them. Using SynerComm Playbooks, you can gain a better understanding of security risks against known adversary behavior, for planning security improvements, and verifying defenses work as expected.
Speaker
Brian Judd Details
Presented by

Back to Top

Title
Identity Management: Critical Security Control OSI Layer 8
Abstract
Effective Identity and Access Management processes are integral to driving business value reducing risk, sustaining compliance, improving the end user experience and responding to the changing IT landscape. Identity Management & Access Control is a critical step in the process of securing company resources, while allowing users enough access to get the job done.
Speaker
Lisa Niles Details
Presented by

Back to Top

Title
Securing your SDLC: It's time to catch up
Abstract
If you build your own applications, you almost certainly have a reasonably well-defined software development life cycle to manage application releases. Performance, functionality and stability have been the focus, but is security well-integrated into your SDLC? How do you know? If your organization leverages developers, this is a must-attend session.
Speaker
William Kiley Details
Presented by
Real Time Analytics