12:30PM - 6:00PM

12:30PM - 7:30PM

1:00PM - 1:30PM

Room: Serenity

Presented By

Mark Sollazo - President, CEO & Co-founder

1:30PM - 2:15PM

Room: Serenity

Abstract

In this keynote session Steve Jaeger, Quad CIO will share some thought-provoking use cases and opportunities that they discovered to change business as usual, leveraging disruptive thinking and technologies (AI) to positively impact the bottom line and customer perceptions.

Presented By

Steve Jaeger - Chief Information Officer

More Details

2:20PM - 3:00PM

Room: Inspire

Abstract

The future of security revolves around security automation and machine learning. While this sounds nice at face value, building a strategy around identity and access management requires a plan. Idaptive will discuss a proven IAM Framework to provide Zero Trust Security. Continuous authentication is the gold standard of IAM however it only works when there is balance between security and user productivity. During this session we’ll dive into how risk based decisions are use to create rock solid MFA and SSO solutions along with a demo of real life solutions in practice.

Presented By

Brian Krause - Director of Worldwide Channels

More Details

2:20PM - 3:00PM

Room: Prosperity

Abstract

This session looks to challenge your current way of thinking about Visibility Projects. You may often hear the words "I really need to see what is on my network" but have you ever asked why network visibility is important? Digging past the surface of your current visibility project may lead to more value than you realize for you and your organization.

Presented By

Shane Coleman - Director of Systems Engineering

More Details

2:20PM - 3:00PM

Room: Serenity

Abstract

Alright, let's address the elephant in the room. Frameworks aren't known for being page turners - even when they're shortened into seven characters like the NIST CSF. But there are some things you do because they're "good" for you - like going to the doctor, eating well and exercising. The NIST CSF is like that. While we can't turn the NIST CSF into the latest best seller (sorry!), we can give you a quick tour and show you exactly how you can positively affect your NIST CSF ratings - both now ... and over the long term.

Next, we will explore how to successfully naviagate the confusing managed security services landscape and the emergence of MDRs and the due diligence questions you need to ask to align expectations and measure value.

Presented By

Bruce Potter - Chief Information Security Officer

More Details

3:00PM - 3:15PM

3:15PM - 5:30PM

Room: Harmony

Abstract

SynerComm moderated session where we will openly discuss today’s IT challenges and share lessons learned while exploring viable strategies with your peers and industry visionaries. *Reserved for company executives and an optional team member.

Presented By

Mark Sollazo; Kirk Hanratty - President, CEO & Co-founder; Vice President, CTO & Co-founder

More Details

3:15PM - 3:55PM

Room: Inspire

Abstract

Compliance doesn't equal security and security doesn't equal compliance.

Presented By

Bill Curtis, Jeff Lemmermann, Paul Hendler - CISSP, CISA, CCSP, QSA, Managing Consultant; CPA, CISA, CITP, C|EH, Information Assurance Consultant; CISSP, CISA, QSA, Sr. Information Assurance Consultant

More Details

3:15PM - 3:55PM

Room: Prosperity

Abstract

We've always said that security is everyone's job, but never has that been more true. This talk will focus on the critical lessons learned from over 10 years of penetration testing. Brian has led, participated in, and reviewed the reports from hundreds of penetration tests. Perhaps not too surprising, the discovered flaws and vulnerabilities are not unique to industry or even company size. Join us for a review of the weaknesses that should keep you up at night. There will be plenty of opportunity to discuss these concerns and others with Brian and your fellow attendees.

Presented By

Brian Judd - Vice President - Information Assurance

More Details

3:15PM - 3:55PM

Room: Serenity

Abstract

This presentation will take a business-meets-technical approach to cloud hosting. The focus areas of this presentation are:

• When does it make sense to migrate applications to the cloud?
• What do we need to do to prepare?
• How does an organization go about a cloud deployment?

For some organizations, the time to migrate applications to the cloud was 2012. For others it might be 2019 or beyond. Knowing the costs, capabilities, and limitations of cloud platforms along with readying your teams with proper support and training is the key to success.

Presented By

Aaron Howell; William Kiley - Information Solutions Consultant; Managing Consultant - DevSecOps

More Details

4:00PM - 4:40PM

Room: Inspire

Abstract

This presentation will look at what moving corporate email systems to the Microsoft cloud means in terms of security against attacks to steal data and deny services. Three primary areas of focus will make up the presentation:

• What Microsoft Secure Score is and what it isn't
• The role Microsoft Azure plays in all Office 365 corporate deployments
• How to assess and set proper controls in the Azure and Office 365 environment

Moving from an on premise to a cloud-based environment only changes who owns the physical equipment that houses your information. It doesn't change the fundamentals of protecting that information. Attendees will hear about the latest attack tactics against Azure and Office 365, why they are working, and what defense strategies can stop these attacks.

During the session, we will discuss the Microsoft Secure Score analysis, ways to leverage what it tells us, and why additional steps are essential to protecting the system. We will review how Microsoft Azure interacts with the Office 365 implementation and look at assessing and improving the important settings to defend the confidentiality, integrity, and accessibility the system and its data.

Presented By

Jeff Lemmermann - CPA, CISA, CITP, C|EH, Information Assurance Consultant

More Details

4:00PM - 4:40PM

Room: Prosperity

Abstract

In this presentation, the speaker introduces a series of talks surrounding the concept of a secure software development life cycle (S-SDLC). Software teams are not strangers to frameworks. They offer powerful libraries, opinionated design patterns, and robust communities that can improve the quality and efficiency of your teams product(s). What if that concept could be applied to the practices surrounding software security?

Join us to explore the concept of a security framework for software development using BSIMM.

Presented By

William Kiley - Managing Consultant - DevSecOps

More Details

4:00PM - 4:40PM

Room: Serenity

Abstract

In this session you will learn inventory characteristics, data worth, and controls maturity against the CIS Top 20. If you're not thinking this way and not considering these things you better get going.

Presented By

Bill Curtis - CISSP, CISA, CCSP, QSA, Managing Consultant

More Details

4:45PM - 5:25PM

Room: Inspire

Abstract

In this presentation, we will cover pitfalls in application deployments with enterprise cloud providers. How can we prepare, protect, clean-up, and mitigate properly to get the best possible experience with our provider(s)?

Presented By

Aaron Howell - Information Solutions Consultant

More Details

4:45PM - 5:25PM

Room: Prosperity

Abstract

In this presentation, the speaker builds on Chapter 1 of the series which outlined the components of a modern software development life cycle (SDLC). This time, the speaker focuses on one area: automated security testing. What can it do for my business? What are some of options and examples? What does it require to set up and maintain, and is it worth it?

Presented By

William Kiley - Managing Consultant - DevSecOps

More Details

4:45PM - 5:25PM

Room: Serenity

Abstract

Join us to discuss just what "digital debt" is, what it means in the world of digital transformation, and how your organization can manage the debt, rather than being managed by it.

Presented By

Marc Spindt - Vice President - Services

More Details

5:30PM - 7:30PM

7:45AM - 2:30PM

7:45AM - 3:30PM

8:30AM - 9:00AM

Room: Serenity

Presented By

Mark Sollazo - President, CEO & Co-founder

9:00AM - 9:45AM

Room: Serenity

Abstract

2019 will be a banner year for data breaches—we are on pace to have the most records disclosed, ever. In this session, Justin will share lessons from the legal side of the data breach world, including what happens when an entity has insufficient security controls, a disorganized incident response process, fails to preserve evidence, receives inquiries from regulators, and fields angry data breach victim calls. From all of this, Justin will offer insights into how not to become the next data breach victim, how to navigate a data breach when it inevitably occurs, how to mitigate risk with cyberliability insurance, and the legal considerations that permeate incident response.

Presented By

Justin Webb - Data Privacy & Cybersecurity Attorney / Chief Information Security Officer

More Details

9:45AM - 10:15AM

Room: Serenity

Abstract

SynerComm and our business partners will provide an update on the state of industry to prepare you for the day. We will present what you issues and opportunities you need to be aware of and why we think so.

Presented By

10:15AM - 10:30AM

10:30AM - 11:10AM

Room: Harmony

Abstract

Mist Systems has brought AI to wireless networking. We have combined data scientists and cloud architects with decades of wireless domain expertise to build the first truly innovative WLAN platform in over a decade. At the core of our solution is the Mist cloud, purpose-built on a microservices architecture for rapid deployment of new services without impacting existing services. Mist is now part of Juniper and is extending its AI platform to the network at large.

Companies of all sizes can take advantage of Mist's AI-driven solution that delivers the following:

• Wi-Fi and access networking that is predictable, reliable and measurable
• Wired and Wireless operations that are simple and cost effective
• Location services that deliver amazing new wireless experiences

Presented By

Tom Wilburn - VP Worldwide Sales

More Details

10:30AM - 11:10AM

Room: Prosperity

Abstract

Endpoint security is one of the most critical components of a cybersecurity strategy. The 2018 SANS Endpoint Security Survey Report found that more than 80 percent of known breaches involved an endpoint. Nearly every one of these endpoints had some form of endpoint protection installed, which failed to live up to the challenge of today's adversary. Unfortunately, for those responsible for protecting their organizations' endpoints, it has never been more challenging to select the best solution for the job.

In this presentation, Scott Taschler of CrowdStrike provides an overview of the 5 critical elements of endpoint protection required to effectively protect an organization against today's modern threats.

Presented By

Scott Taschler - Director of Product Marketing

More Details

10:30AM - 11:10AM

Room: Serenity

Abstract

Malware authors have not been resting on their laurels: new evasion techniques and file-less malware are beginning to cause real impact on enterprise networks. Traditional detection tools are being bypassed, and the exponential growth of traffic both inside and outside your walls make your security team’s job to find the needle in the haystack a hard game to win. Network detection and response (NDR) tools combine both AI and machine learning with behavioral analytics to connect the dots for your security staff. NDR empowers your threat hunters with real threat intelligence and actionable insights to events in real- or near real-time. This talk will explain how we got to this stage, and where NDR may fit inside your castle walls.

Presented By

Richard Henderson - Head of Global Threat Intelligence

More Details

11:15AM - 11:55AM

Room: Harmony

Abstract

We've always said that security is everyone's job, but never has that been more true. This talk will focus on the critical lessons learned from over 10 years of penetration testing. Brian has led, participated in, and reviewed the reports from hundreds of penetration tests. Perhaps not too surprising, the discovered flaws and vulnerabilities are not unique to industry or even company size. Join us for a review of the weaknesses that should keep you up at night. There will be plenty of opportunity to discuss these concerns and others with Brian and your fellow attendees.

Presented By

Brian Judd - Vice President - Information Assurance

More Details

11:15AM - 11:55AM

Room: Prosperity

Abstract

In this session you will learn inventory characteristics, data worth, and controls maturity against the CIS Top 20. If you're not thinking this way and not considering these things you better get going.

Presented By

Bill Curtis - CISSP, CISA, CCSP, QSA, Managing Consultant

More Details

11:15AM - 11:55AM

Room: Serenity

Abstract

This presentation will take a business-meets-technical approach to cloud hosting. The focus areas of this presentation are:

• When does it make sense to migrate applications to the cloud?
• What do we need to do to prepare?
• How does an organization go about a cloud deployment?

For some organizations, the time to migrate applications to the cloud was 2012. For others it might be 2019 or beyond. Knowing the costs, capabilities, and limitations of cloud platforms along with readying your teams with proper support and training is the key to success.

Presented By

Aaron Howell; William Kiley - Information Solutions Consultant; Managing Consultant - DevSecOps

More Details

12:00PM - 1:30PM

Room: Woodland Dreams Ballroom

1:30PM - 2:15PM

Room: Harmony

Abstract

While technological innovations bring us new options for better security, we must constantly evaluate how they affect our privacy. For example, with cheaper, better cameras, we can have surveillance, but we lose some privacy. When traveling by plane, we let security x-ray our bags for assurance of security. We make the same considerations for securing our organizations. Today, the number one threat vector is email security, where hackers are targeting employee communications. We need better ways of monitoring communications, but no one wants anyone going through their emails, documents, slack, etc. With the age of AI - we have new opportunities where machines can analyze the communications in an automated fashion, and flag issues for security, without violating privacy. In this talk, learn how new techniques using deep learning and natural language understanding (NLU) deliver better security without sacrificing privacy.

Presented By

Melinda Marks - VP of Marketing

More Details

1:30PM - 2:15PM

Room: Prosperity

Abstract

Cloud and mobile usage has skyrocketed in many enterprises, introducing many new risks to corporate data. Cloud access security brokers (CASBs) have quickly become go-to solutions for securing apps like Office 365, Salesforce, and AWS.

However, the wide ranging capabilities of a CASB can make it difficult to identify which use cases are most relevant to your organization's needs and how these platforms solve critical challenges. In this session we will identify the five most common CASB use cases.

Presented By

Jon Peppler - VP Worldwide Channels

More Details

1:30PM - 2:15PM

Room: Serenity

Abstract

Traditional security perimeters have shifted and organizations must be able to extend dynamic, on-demand application access to users without compromising security or user experience. By enabling secure “verified” user and device access to only authorized applications, Pulse Software Defined Perimeter helps customers reduce their exposure to advanced threats, while simplifying connectivity and improving experience.

Presented By

Ashur Kanoon - Senior Director of Product Development

More Details

2:20PM - 3:05PM

Room: Harmony

Abstract

Compliance doesn't equal security and security doesn't equal compliance.

Presented By

Bill Curtis, Jeff Lemmermann, Paul Hendler - CISSP, CISA, CCSP, QSA, Managing Consultant; CPA, CISA, CITP, C|EH, Information Assurance Consultant; CISSP, CISA, QSA, Sr. Information Assurance Consultant

More Details

2:20PM - 3:05PM

Room: Inspire

Abstract

In this presentation, the speaker introduces a series of talks surrounding the concept of a secure software development life cycle (S-SDLC). Software teams are not strangers to frameworks. They offer powerful libraries, opinionated design patterns, and robust communities that can improve the quality and efficiency of your teams product(s). What if that concept could be applied to the practices surrounding software security?

Join us to explore the concept of a security framework for software development using BSIMM.

Presented By

William Kiley - Managing Consultant - DevSecOps

More Details

2:20PM - 3:05PM

Room: Serenity

Abstract

In this presentation, we will cover pitfalls in application deployments with enterprise cloud providers. How can we prepare, protect, clean-up, and mitigate properly to get the best possible experience with our provider(s)?

Presented By

Aaron Howell - Information Solutions Consultant

More Details

3:05PM - 3:20PM

3:20PM - 4:05PM

Room: Harmony

Abstract

Join us to discuss just what "digital debt" is, what it means in the world of digital transformation, and how your organization can manage the debt, rather than being managed by it.

Presented By

Marc Spindt - Vice President - Services

More Details

3:20PM - 4:05PM

Room: Inspire

Abstract

In this presentation, the speaker builds on Chapter 1 of the series which outlined the components of a modern software development life cycle (SDLC). This time, the speaker focuses on one area: automated security testing. What can it do for my business? What are some of options and examples? What does it require to set up and maintain, and is it worth it?

Presented By

William Kiley - Managing Consultant - DevSecOps

More Details

3:20PM - 4:05PM

Room: Prosperity

Abstract

This presentation will look at what moving corporate email systems to the Microsoft cloud means in terms of security against attacks to steal data and deny services. Three primary areas of focus will make up the presentation:

• What Microsoft Secure Score is and what it isn't
• The role Microsoft Azure plays in all Office 365 corporate deployments
• How to assess and set proper controls in the Azure and Office 365 environment

Moving from an on premise to a cloud-based environment only changes who owns the physical equipment that houses your information. It doesn't change the fundamentals of protecting that information. Attendees will hear about the latest attack tactics against Azure and Office 365, why they are working, and what defense strategies can stop these attacks.

During the session, we will discuss the Microsoft Secure Score analysis, ways to leverage what it tells us, and why additional steps are essential to protecting the system. We will review how Microsoft Azure interacts with the Office 365 implementation and look at assessing and improving the important settings to defend the confidentiality, integrity, and accessibility the system and its data.

Presented By

Jeff Lemmermann - CPA, CISA, CITP, C|EH, Information Assurance Consultant

More Details

4:10PM - 5:00PM

Room: Serenity

Presented By

Mark Sollazo