Anatomy of a Data Breach:

And What to Do if it Happens to You

June 20, 2024
11:00am - 5:00pm ET | Doors Open at 10:30am ET

As the saying goes, it's not a matter of “if” an organization will suffer a cyberattack: It's a matter of “when.”

That adage amid today’s active and increasingly aggressive threat landscape may seem overwhelming and disheartening, but knowing and addressing the most common attack vectors, vulnerabilities, and mistakes that threat actors exploit most in real-world attacks can make all the difference in mitigating a potentially disastrous ransomware attack or data breach. How do you ensure your organization is in the know about how most data breaches unfold, and is schooled on the best practices for responding to a security incident?

Learn the most common causes and effects of a data breach and the keys to conducting an effective incident response in a new virtual event: Anatomy of a Data Breach: And What to Do if it Happens to You. This free, one-day online Dark Reading conference in June 2024 offers a look at some of the main vulnerabilities that lead to enterprise data breaches, as well as the latest tools and best practices for incident response.

Topics Include:
Pinpoint and remediate weaknesses in your IT and Cloud Infrastructures
Best practices for defending against data breaches
Strategies for using DevSecOps for internal apps
Guidance on how to avoid cloud misconfigurations and security missteps
A look at the role of emerging tools like AI and Automation, eXtendedDetection and Response (XDR) orchestration
Agenda
Keynote
11:00am - 11:45am ET

Missteps and Oversights That Leave Your Enterprise at Risk of a Cyberattack

Sponsored by: Wiz
Speaker(s): Brad Arkin, Chief Trust Officer, Salesforce
Moderated by: Fahmida Y Rashid, Managing Editor, Dark Reading

Many breaches occur when an attacker exploits a defender’s oversight or mistaken configuration, or an unknown vulnerability in an IT or cloud infrastructure. In this keynote presentation, a top cybersecurity expert will shine light on some of the most common mistakes and flaws that can lead to an attack, and how to pinpoint and remediate these weaknesses in your IT and cloud infrastructures.

Fireside Chat
11:45am - 12:00pm ET

Presented by: Jeff Morgan, Solutions Engineer, Wiz
Keynote
12:15pm - 1:00pm ET

Up Close: Real-World Data Breaches

Sponsored by: Palo Alto Networks
Speaker(s): Alex Pinto, Senior Manager of the Data Breach Investigation Report team, Verizon Threat Research Advisory Center
Moderated by: Kelly Jackson Higgins, Editor-in-Chief, Dark Reading

In this keynote address, a top security researcher will detail and analyze trends and takeaways from real-world data breaches investigated over the past year, pinpointing the most popular attack vectors and exploited vulnerabilities. The keynote also will cover best practices for defending against these attacks.

Fireside Chat
1:00pm - 1:15pm ET

Presented by: Kyle Wilhoit, Director, Threat Research, Palo Alto Networks Unit 42
Spotlight Webinar
1:30pm - 2:00pm ET

Everything You Need to Know About the XZ Utils Vulnerability

Sponsored by: Wiz
Speaker(s): Amitai Cohen, Threat Researcher | Danielle Aminov, Threat Researcher, Wiz | Merav Bar, Threat Researcher, Wiz
Spotlight Webinar
1:30pm - 2:00pm ET

Unabashed. Unashamed. Unpredictable. The Changing Face of Ransomware.

Sponsored by: Palo Alto Networks
Speaker(s): Sam Rubin, VP, Global Head of Operations, Unit 42 | Chris Scott, Managing Partner, Unit 42 | David Faraone, Consulting Sr. Director, Unit 42 | LeeAnne Pelzer, Consulting Director, Unit 42
Panel Session
2:15pm - 3:00-pm ET

Finding and Fixing Software Vulnerabilities That Endanger Your Data

Sponsored by: Mend.io | Security Innovation
Speaker(s): Ed Adams, CEO, Security Innovation | Nir Stern, EVP Product, Mend.io | Andrew Braunberg, Principle Analyst, Security Operations, Omdia | Eva Farinella, Senior Director, Threat Exposure Management, GSK (formerly GlaxoSmithKline)
Moderated by: Tara Seals, Managing Editor, News, Dark Reading

Software vulnerabilities are at the heart of a data breach. Those bugs can be in your third-party software or your own internal applications. When software vendors regularly issue updates and patches, how do you know which ones to prioritize? How do you ensure your own development team is writing secure code? In this panel discussion, experts will discuss how to identify, assess, and prioritize the risk of an attacker exploiting the latest vulns in your systems. They will offer strategies for using DevSecOps for your internal apps as well as building a sound patching policy for your third-party software.

Panel Session
3:15pm - 4:00pm ET

How Attackers Target the Cloud

Sponsored by: CardinalOps | Cisco
Speaker(s): Jan Shelly Brown, Partner, McKinsey | Kish Galappatti, Senior Sales Engineer, CardinalOps | Tim Miller, Technical Marketing Engineer, Outshift by Cisco | Laurie Iacono, Associate Managing Director of Cyber Risk, Kroll
Moderated by: Jai Vijayan, Contributing Writer, Dark Reading

The acceleration to the cloud that began during the pandemic resulted in some misconfiguration mistakes in cloud services and accounts — as well as misunderstandings on just what security controls cloud customers were responsible for versus what their cloud provider handled. In this panel discussion, cloud security experts will outline how attackers can take advantage of those mistakes, as well as vulnerabilities in the cloud services themselves. They will provide guidance on how to avoid cloud misconfigurations and security missteps, as well as best practices for securing cloud-based accounts, identities, and stored data.

Panel Session
4:15pm - 5:00pm ET

Cyber Incident Response Guide: A How-To

Sponsored by: Delinea | Snowflake
Speaker(s): Joseph Carson, Chief Security Scientist & Advisory, CISO, Delinea | Haider Dost, Head of Global Threat Detection, Snowflake | Ed Skoudis, President, SANS Technology Institute | Sanjay "Jay" Rekhi, Group Leader Security Components and Mechanisms Group, NIST
Moderated by: Becky Bracken, Editor, Dark Reading

Just because attackers are going to attack doesn’t mean defenders can’t fight back with a solid defense. There are powerful steps you can take to help ensure a security event doesn’t escalate, including proactive probing and detection of even the most well-hidden threats, and by employing mitigation methods. In this panel discussion, experts in incident response will offer a look at how best to respond to a security incident, including a look at the role of emerging tools such as AI and automation, eXtendedDetection and Response (XDR), orchestration, and state-of-the art IR practices.

Demo
All Day

Rubrik Security Director Cloud

Sponsored by: Rubrik
Presented by: Joshua Stenhouse, Field CTO Cyber Resilience, Rubrik

When Your Data is Secure, Your Business Becomes Unstoppable

The Rubrik Zero Trust Data Security™ platform, Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked.

See how Rubrik Security Cloud:

-Keeps data resilient against cyber threats.
-Monitors backup data for suspicious changes
-Automatically brings applications back online

Demo
All Day

Defense Accelerated: How NetWitness is Revolutionizing Threat Detection, Investigation and Response

Sponsored by: NetWitness
Presented by: Arthur Fontaine, Director of Product and Solutions Marketing, NetWitness | Todd Mestemacher, Advisory Systems Engineer, NetWitness

In today’s complex and ever-changing cybersecurity landscape, you need a centralized platform to help analysts detect, investigate and respond to known and unknown threats fast to mitigate the financial and reputational damage that cyberattacks can cause.

NetWitness is a pioneering cybersecurity software developer whose products are used by the world’s most security-conscious and sophisticated organizations. The NetWitness Platform delivers industrial-strength SIEM, NDR, and EDR capabilities that operate across on-premises, cloud, or hybrid infrastructures, providing a unified set of detection, investigation, and response tools. Threat analysts around the world rely on NetWitness for its robust threat intelligence, deep analytics, guided case management, and built-in response actions.

Learn more about how we’re revolutionizing threat detection, investigation and response by watching this short demo.

Demo
All Day

Cyber Risk Management with LogicGate Risk Cloud

Sponsored by: LogicGate
Presented by: Sean McGovern, Senior Solutions Engineer, LogicGate

With cyber threats and data breaches on the rise, organizations need to have an effective cyber risk management program in place to stay ahead of threats and keep the business safe. LogicGate Risk Cloud’s Cyber Risk Management Solution allows you to do just that. You can connect cyber risks to business impact while automatically identifying, assessing, treating, and reporting on cyber risks, all in one centralized platform. Check it out in action!

Demo
All Day

CISO Insights: Challenges We’re Seeing That You Should Be Aware of

Sponsored by: CyberMaxx
Presented by: Aaron Shaha, CISO, CyberMaxx

This session covers insights into what security professionals need to be focused on and aware of for 2024. It’s a very fluid time for cybersecurity – let’s discuss what’s happening, what’s coming and how you stay prepared. During this session, Aaron Shaha dives into the top challenges he’s seeing and how to be prepared. He will also dive into CyberMaxx’s Ransomware Research and outline the threat actors that you may need to stay ahead of.

Themes include:

– Trends the CISO is experiencing

– Geopolitical situation, AI and more

– Key Ransomware and threat actor activities

Anatomy of a Data Breach:

And What to Do if it Happens to You

June 20, 2024
11:00am - 5:00pm ET | Doors Open at 10:30am ET

Speakers
Todd Mestemacher
Advisory Systems Engineer, NetWitness
Arthur Fontaine
Director of Product and Solutions Marketing, NetWitness
Sanjay "Jay" Rekhi
Group Leader Security Components and Mechanisms Group, NIST
Manager, in the Computer Security Division performing underlying research that are applied to topics of National and Economic Interests. Before joining US Federal Govt, he was Principal Engineer at Cypress Semiconductor, Director of Infrastructure & Security at Target and VP of Information Security at Hudson Bay Companies.
Laurie Iacono
Associate Managing Director of Cyber Risk, Kroll
Laurie Iacono is an associate managing director in the Cyber Risk practice, Kroll. Laurie leverages more than seven years of cyber experience conducting threat intelligence analysis and managing the day-to-day operations of global cyber intelligence analysts.
Eva Farinella
Senior Director, Threat Exposure Management, GSK (formerly GlaxoSmithKline)
Eva Farinella has more than 25 years of experience in cybersecurity, leading cyber defense organizations and accelerating maturity through implementation of best practices security frameworks (NIST, CIS Benchmarks, MITRE).
Kyle Wilhoit
Director, Threat Research, Palo Alto Networks Unit 42
Kyle Wilhoit is an internationally recognized security researcher and threat research leader with more than a decade of experience helping research teams deliver original and organized threat intelligence and research.
Joshua Stenhouse
Field CTO Cyber Resilience, Rubrik
Joshua Stenhouse has 10 years of experience in designing, implementing, automating, and advising on data protection and DR solutions for virtualized environments.
Ed Skoudis
President, SANS Technology Institute
Edi Skoudis is the President of SANS Technology Institute and has taught upwards of 40,000 security professionals globally. His courses distill the essence of real-world, front-line case studies he accumulates because he is consistently one of the first authorities brought in to provide post-attack analysis on major breaches.
LeeAnne Pelzer
Consulting Director, Unit 42
David Faraone
Consulting Sr. Director, Unit 42
Chris Scott
Managing Partner, Unit 42
Sam Rubin
VP, Global Head of Operations, Unit 42
Merav Bar
Threat Researcher, Wiz
Danielle Aminov
Threat Researcher, Wiz
Aaron Shaha
CISO, CyberMaxx
Aaron Shaha, CISO at CyberMaxx is a Strategic Information Security Executive and subject matter expert with a record of pioneering cyber security trends by developing novel security tools and techniques that align with corporate objectives.
Haider Dost
Head of Global Threat Detection, Snowflake
Haider Dost is the Head of Global Threat Detection and Threat Intelligence at Snowflake. He has over ten years experience in Cybersecurity with a focus on Security Operations, Threat Detection, and Threat Intelligence. Prior to joining Snowflake, Haider led the Threat Detection program at Freddie Mac and managed the Global SOC at Capital One.
Joseph Carson
Chief Security Scientist & Advisory, CISO, Delinea
Joseph Carson has more than 25 years' experience in enterprise security; He has authored Privileged Account Management for Dummies and Cybersecurity for Dummies, is a cyber security professional and an ethical hacker.
Jan Shelly Brown
Partner, McKinsey
Jan Shelly helps financial institutions use technology to drive change and create lasting impact. A technologist at heart, her expertise lies at the intersection of digital, technology, and risk and security—she helps chief information officers and senior IT leaders define the business value of technology.
Jai Vijayan
Contributing Writer, Dark Reading
Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism covering information security and data privacy. Over the course of his career, Jai has also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics.
Nir Stern
EVP Product, Mend.io
Nir Stern is the EVP of Product at Mend.io. Nir is a seasoned executive with over two decades of expertise in cybersecurity, identity risk management and Fraud prevention. Before Joining Mend.io Nir had leading roles in companies like Au10tix, IBM Security Trusteer and Nice-Actimize.
Sean McGovern
Senior Solutions Engineer, LogicGate
Sean McGovern is a Senior Solutions Engineer with over 5 years of GRC technology and consulting experience. After graduating from Syracuse University, he began his career with Ernst & Young’s Risk Transformation group and later worked for Deloitte’s Cyber Risk and Strategy practice.
Ed Adams
CEO, Security Innovation
Mr. Adams is a software quality and security expert with 20+ years of industry experience. He has been CEO of Security Innovation since 2003. A Ponemon Institute Research Fellow, Adams was named a Privacy by Design Ambassador by the Information & Privacy Commissioner of Canada and has received multiple SC Magazine Reboot Leadership Awards.
Brad Arkin
Chief Trust Officer, Salesforce
Brad is Chief Trust Officer at Salesforce. He oversees the company’s security strategy, building trust with stakeholders, and protecting customer data in an AI-first world. Previously, he was Chief Security and Trust Officer at Cisco, and served as the security chief at Adobe for 12 years.
Kish Galappatti
Senior Sales Engineer, CardinalOps
Kish Galappatti, Senior Sales Engineer at CardinalOps is a data security professional with over 20 years experience implementing cybersecurity and data privacy solutions for enterprise clients. Kish has a background in the financial services industry where he built large scale distributed systems.
Jeff Morgan
Enterprise Solutions Engineer, Wiz
San Francisco native who's been working in tech for 15 years. Currently a Solutions Engineer at Wiz who has also been a DevOps Engineer for most of his career working at companies such as Yelp, AppDynamics, and Sonder.
Tim Miller
Technical Marketing Engineer, Outshift by Cisco
Tim is a Technical Marketing Engineer at Outshift by Cisco. He focuses on cloud native application security, presenting technical presentations and solutions to customers and at industry events. Previously, at Cisco, he provided technical pre-sales engineering on data center technologies.
Andrew Braunberg
Principal Analyst, SecOps, Omdia
Andrew supports Omdia's Cybersecurity Operations (SecOps) Intelligence Service research practice, guiding vendor, service provider, and enterprise clients. He provides thought-leading analysis on technologies, trends, and innovations in enterprise security operations centers (SOCs), and specifically on the proactive technologies.
Amitai Cohen
Threat Researcher, Wiz
Amitai leads the Attack Vector Intelligence team at Wiz, where he manages investigations of threats to cloud environments and works to advance research and detection methodology. Amitai is also a maintainer of the cloudvulndb.org open-source project, and co-hosts the "Crying out Cloud" podcast.
Becky Bracken
Editor, Dark Reading
Becky Bracken has built a decades-long journalism career with a focus on cybersecurity issues and serves as an editor for Dark Reading.
Tara Seals
Managing Editor, News, Dark Reading
Tara Seals has 25+ years of experience as a journalist, analyst and editor in the cybersecurity, communications and technology space. Prior to Dark Reading, Tara was Editor in Chief at Threatpost, and prior to that, the North American news lead for Infosecurity Magazine.
Fahmida Y Rashid headshot
Fahmida Y Rashid
Managing Editor, Dark Reading
Fahmida Y Rashid is Dark Reading’s managing editor, focusing on stories that provide security professionals with the information they need to do their jobs. She has spent over a decade analyzing news events and demystifying security technology for IT professionals and business managers.
Kelly Jackson Higgins
Editor-in-Chief, Dark Reading
Kelly Jackson Higgins is the Editor-in-Chief of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, Virginia Business magazine, and other major media properties.
Alex Pinto Headshot
Alex Pinto
Senior Manager of the Data Breach Investigation Report team, Verizon Threat Research Advisory Center
Alex Pinto is the senior manager of the Data Breach Investigations Report team in the Verizon Threat Research Advisory Center. His teams are responsible not only for the Verizon DBIR, but support security research and thought leadership in the organization.
Sponsors
Diamond
Platinum
Gold
© 2024 Informa USA, Inc., All Rights Reserved | Privacy Policy | Terms of Service