2017 Solutions Theater Sessions
(ISC)² Solutions Theater is the opportunity to stay right on the show floor and conveniently participate in presentations featuring thought leadership in innovative infosecurity solutions and approaches to issues all practitioners face. All attendees are welcome to learn about the latest security products and services featured in these 30 minute presentations. The Solutions Theater is located at booth 400, seats about 100 people and the schedule of presentations can be found in the mobile app and the pocket guide.
Floor 3 -Expo Hall Booth 400 (Lone Star Ballroom D+E)
Monday, September 25th
Time: 9:45am - 10:15am Speaker: Joe Rivest, Senior Director of Enterprise Sales and Marketing DevelopmentSecurity Metrics
Session Title: 5 Ways to Dominate a PCI Audit: Best Practices to Make Your Audit Go Smoothly and Quickly
Abstract:
PCI DSS audits are critical in helping businesses determine their path to data security and PCI compliance. However, between reviewing all the different requirements, being told what you're doing wrong, learning what needs to be fixed, and meeting audit and remediation deadlines, the auditing process can be difficult and exhausting. There is hope, with proper preparation, your PCI DSS audit can go smoothly. This presentation gives 5 time saving tips to help you get the most out of your PCI audits. Some of these tips include: • Problems you can avoid by consulting with your auditor• Best practices to identify and reduce your PCI scope• How to best manage your PCI compliance implementationYou can use these tips to not only pass a PCI audit but also establish a better relationship with your auditor, who can help you become PCI compliant more efficiently.
Time: 10:30am - 11:00am Speaker: Barry Shteiman, Director of Research & Innovation, Exabeam
Session Title: Automating Incident Response - Getting the SOC Back in Focus on What Matters
SOC (Security Operations Center) teams are constantly overwhelmed. Companies are struggling to staff their SOC team in an effort to deal with security event overflow. This results in improper classification, missed incidents and inconsistency. Response and remediation processes are lacking as a result of hard-to-hire SOC positions. Many teams resort to hiring new and inexperienced analysts. The unfortunate outcome of these fresh hires is a lag time between incident and detection, and investigation to complete containment. Analysts are only able discover and respond to incidences they are familiar with, and response quality may vary depending on their knowledge and skill. Exabeam believes that automating response for common incident triage and response helps the SOC automate the common tasks, while focusing on what really matters.
Time: 2:00pm - 2:30pm Speaker: Franklyn Jones, VP, Cyphort
Session Title: The Seven Secret Sins of SIEMs
OK, maybe you can’t say this title three times fast, but you don’t want to miss this session. We’ve just completed comprehensive research on what it’s really like to own and use a SIEM. Three in-depth research projects, including focus groups across the US. Nearly 1,000 security organizations involved. All SIEM users from companies with 1,000+ employees – and they weren’t shy about sharing their opinions. Ouch! The analysis is now complete, and we’re ready to share the Seven Secret Sins of SIEMs. Maybe you can relate these sins – or maybe not. Either way, we won’t just leave you hanging with the burden of seven sins. We’ll also share a solution strategy that will restore you and your security team to a state of heavenly bliss. Join us and discover the solution to the SIEM problem – the Anti-SIEM from Cyphort.
Time: 2:45pm – 3:15pm
Speaker: Lev Lesokhin, EVP Strategy and Analytics, CAST
Session Title: Measuring the Cybersecurity of Software
Recent security breaches such as the ones at SWIFT, Target, and Anthem are entering the realm of nine-digit defects, where damages can exceed $100 million. Today, security of business applications a top boardroom issue. Advances in software analysis technology enable IT to detect weaknesses in the source code that can be exploited to gain unauthorized entry. Both the Software Engineering Institute and CAST have recently found that weaknesses causing reliability problems can in many cases be exploited for unauthorized entry, indicating that poor quality code is also insecure code. The Consortium for IT Software Quality (CISQ) is chartered by its industry sponsors to create automatable measures of software size and quality. CISQ measures include standards recently approved by the Object Management Group for Automated Function Points, Reliability, Security. Performance Efficiency, and Maintainability. The four quality measures are based on definitions of these attributes in ISO 25010 and provide source code level measures that supplement the largely behavioral measures in ISO 25023. In particular, the Security measure is based on measuring 22 of the top Common Weakness Enumerations (i.e., CWE/SANS Institute Top 25 most dangerous software errors, OWASP Top 10) that can be detected through static analysis. These weaknesses include well-known culprits such as SQL injection, buffer overflows, and cross-site scripting. This measure provides an accurate estimate of the likelihood that an attacker can find an exploitable weakness in an application. The continuing flow of breaches exploiting SQL injection, a weakness known since the late 1990s, suggests that IT needs a major undertaking similar to the Y2K endeavor to rid source code of the most easily exploited weaknesses. Executives both in and outside IT need to assess the cybersecurity risk of their systems using measures such the CISQ standards and enforce remedial actions based on them.
Tuesday, September 26th
Time: 10:15am – 10:45am
Speaker: Jordan Wright, Senior R&D Engineer, Duo Security
Session Title: Everything You Want To Know About Stopping Phishing Attacks
Phishing is easy, effective, and on the rise. In 2016 alone, the record for the number of unique phishing sites seen in a quarter was broken. Twice. Phishing is a perfect example of a problem that requires a defense-in-depth solution- there is no silver bullet. This talk is a rapid-fire deep dive into practical mitigations you can put in place to stop phishing emails before they reach the inbox, after they reach the inbox, and after an employee clicks the link. We will start with the basics and quickly move to advanced strategies you can take to mitigate attacks at every layer of your defenses. In addition to covering the defenses, this talk will also discuss the top phishing attacks seen in the wild, how they work, and will even give a demonstration of analyzing a live phishing kit. The goal of this talk is to equip you with practical tools and strategies you can use to stop phishing for your organization.
Time: 11:15am – 11:45am
Speaker: Levi Gundert, VP of Intelligence and Strategy, Recorded Future
Session Title: It’s Risky; How Threat Intelligence Delivers the INFOSEC Resources You Need
Threat Intelligence’s greatest value for business is in creating risk scores and associated projected loss amounts for specific threats. Today, can you make a statement to senior executives and/or the Board of Directors such as the following? “There is a 5% probability that our business will incur a loss of $1,408.90 in 2017 due to ransomware.” “Based on our best estimates, there is a 10% probability that our business will incur a loss of over $48,000 in 2017 caused by damage to availability of information via distributed denial of service.” Properly communicating risk from cyber threats enables decision makers to properly assign resources and security controls that may have been previously ignored.
Speaker: Didier Lesteven, COO, Wallix
Session Title: It’s The Fast Route to Compliance: An Easy Guide to Navigate the Regulatory Landscape by Managing Privileged Users
Digitalization has touched on almost every part of the business, affecting companies’ employees, stakeholders, and operations across all sectors of activity. The major cybersecurity issues resulting from digitalization and new approaches to technology have led to the development of numerous national and international mandatory regulations, which keep evolving and increasing as does our relationship to technology. This growth in regulatory changes often overwhelms organizations who need to deploy their efforts and demonstrate adaptability to simultaneously comply with the different regulations there are subject to (HIPAA, PCI-DSS, SOX, NIST SP800-171, etc.). This session is specifically designed to offer an easy guide for organizations to navigate the complex regulatory landscape which they are in by managing privileged users and sensitive access to strategic resources. It discusses the pains and challenges posed by some of the most renowned regulations and proposes a compliance matrix to accompany businesses on their route to audit and compliance. As it resonates with their own challenges, this session helps companies prioritize their needs to quickly respond to the regulations they are subject to.
Time: 3:30pm – 4:00pm
Speaker: Eric Meadows, Cloud Security Sales Manager, Check Point
Session Title: Safe Journey to the Cloud
Companies are looking to modernize existing business applications to improve agility, performance, and sometimes recognize cost savings by moving workloads to the cloud. Experience shows that security is often neglected or viewed as an inhibitor as customers struggle with loss of control, consistency and compliance. In this presentation Eric Meadows, a Cloud Security Champion from Check Point, will provide insight into cloud adoption, provide four simple steps every company should be taking to secure “any” cloud and share the four shared characteristics he sees in successful cloud deployments with customers.
Wednesday, September 27th
Speaker: Rene Kolga, Head of Product, ThinAir
Session Title: Insider Threat: How Does Your Security Stack Measure Up?
Abstract: Security technologists, practitioners and the media love to talk about the latest malware, and zero-day attacks that hackers and nation states direct against their targets. The reality is that a significant portion of security incidents and data breaches come from within an organization’s security perimeter. The insider threat is the unglamorous side of security, and one that most vendors and industry professionals tend to ignore. Which tools in your security stack truly address the insider threat problem? What percentage of your security budget is dedicated to this issue? This presentation will explore the rise of the insider threat, and the five essential components of an effective approach to identifying and investigating breaches that result from the malicious or innocent actions of internal actors.
View All Sessions!