Anatomy of a Data Breach: And What to Do if it Happens to You

Anatomy of a Data Breach:

And What to Do if it Happens to You

June 20, 2024

11:00am - 5:00pm ET | Doors Open at 10:30am ET

As the saying goes, it's not a matter of “if” an organization will suffer a cyberattack: It's a matter of “when.”

That adage amid today’s active and increasingly aggressive threat landscape may seem overwhelming and disheartening, but knowing and addressing the most common attack vectors, vulnerabilities, and mistakes that threat actors exploit most in real-world attacks can make all the difference in mitigating a potentially disastrous ransomware attack or data breach. How do you ensure your organization is in the know about how most data breaches unfold, and is schooled on the best practices for responding to a security incident?

Learn the most common causes and effects of a data breach and the keys to conducting an effective incident response in a new virtual event: Anatomy of a Data Breach: And What to Do if it Happens to You. This free, one-day online Dark Reading conference in June 2024 offers a look at some of the main vulnerabilities that lead to enterprise data breaches, as well as the latest tools and best practices for incident response.

Topics Include:

Pinpoint and remediate weaknesses in your IT and Cloud Infrastructures

Best practices for defending against data breaches

Strategies for using DevSecOps for internal apps

Guidance on how to avoid cloud misconfigurations and security missteps

A look at the role of emerging tools like AI and Automation, eXtendedDetection and Response (XDR) orchestration

Agenda

Keynote

11:00am - 11:45am ET

Missteps and Oversights That Leave Your Enterprise at Risk of a Cyberattack

Sponsored by: Wiz

Speaker(s): Brad Arkin, Chief Trust Officer, Salesforce

Moderated by: Fahmida Y Rashid, Managing Editor, Dark Reading

Many breaches occur when an attacker exploits a defender’s oversight or mistaken configuration, or an unknown vulnerability in an IT or cloud infrastructure. In this keynote presentation, a top cybersecurity expert will shine light on some of the most common mistakes and flaws that can lead to an attack, and how to pinpoint and remediate these weaknesses in your IT and cloud infrastructures.

Fireside Chat

11:45am - 12:00pm ET

Presented by: Jeff Morgan, Solutions Engineer, Wiz

Keynote

12:15pm - 1:00pm ET

Up Close: Real-World Data Breaches

Sponsored by: Palo Alto Networks

Speaker(s): Alex Pinto, Senior Manager of the Data Breach Investigation Report team, Verizon Threat Research Advisory Center

Moderated by: Kelly Jackson Higgins, Editor-in-Chief, Dark Reading

In this keynote address, a top security researcher will detail and analyze trends and takeaways from real-world data breaches investigated over the past year, pinpointing the most popular attack vectors and exploited vulnerabilities. The keynote also will cover best practices for defending against these attacks.

Fireside Chat

1:00pm - 1:15pm ET

Presented by: Kyle Wilhoit, Director, Threat Research, Palo Alto Networks Unit 42

Spotlight Webinar

1:30pm - 2:00pm ET

Everything You Need to Know About the XZ Utils Vulnerability

Sponsored by: Wiz

Speaker(s): Amitai Cohen, Threat Researcher | Danielle Aminov, Threat Researcher, Wiz | Merav Bar, Threat Researcher, Wiz

Spotlight Webinar

1:30pm - 2:00pm ET

Unabashed. Unashamed. Unpredictable. The Changing Face of Ransomware.

Sponsored by: Palo Alto Networks

Speaker(s): Sam Rubin, VP, Global Head of Operations, Unit 42 | Chris Scott, Managing Partner, Unit 42 | David Faraone, Consulting Sr. Director, Unit 42 | LeeAnne Pelzer, Consulting Director, Unit 42

Panel Session

2:15pm - 3:00-pm ET

Finding and Fixing Software Vulnerabilities That Endanger Your Data

Sponsored by: Mend.io | Security Innovation

Speaker(s): Ed Adams, CEO, Security Innovation | Nir Stern, EVP Product, Mend.io | Andrew Braunberg, Principle Analyst, Security Operations, Omdia | Eva Farinella, Senior Director, Threat Exposure Management, GSK (formerly GlaxoSmithKline)

Moderated by: Tara Seals, Managing Editor, News, Dark Reading

Software vulnerabilities are at the heart of a data breach. Those bugs can be in your third-party software or your own internal applications. When software vendors regularly issue updates and patches, how do you know which ones to prioritize? How do you ensure your own development team is writing secure code? In this panel discussion, experts will discuss how to identify, assess, and prioritize the risk of an attacker exploiting the latest vulns in your systems. They will offer strategies for using DevSecOps for your internal apps as well as building a sound patching policy for your third-party software.

Panel Session

3:15pm - 4:00pm ET

How Attackers Target the Cloud

Sponsored by: CardinalOps | Cisco

Speaker(s): Jan Shelly Brown, Partner, McKinsey | Kish Galappatti, Senior Sales Engineer, CardinalOps | Tim Miller, Technical Marketing Engineer, Outshift by Cisco | Laurie Iacono, Associate Managing Director of Cyber Risk, Kroll

Moderated by: Jai Vijayan, Contributing Writer, Dark Reading

The acceleration to the cloud that began during the pandemic resulted in some misconfiguration mistakes in cloud services and accounts — as well as misunderstandings on just what security controls cloud customers were responsible for versus what their cloud provider handled. In this panel discussion, cloud security experts will outline how attackers can take advantage of those mistakes, as well as vulnerabilities in the cloud services themselves. They will provide guidance on how to avoid cloud misconfigurations and security missteps, as well as best practices for securing cloud-based accounts, identities, and stored data.

Panel Session

4:15pm - 5:00pm ET

Cyber Incident Response Guide: A How-To

Sponsored by: Delinea | Snowflake

Speaker(s): Joseph Carson, Chief Security Scientist & Advisory, CISO, Delinea | Haider Dost, Head of Global Threat Detection, Snowflake | Ed Skoudis, President, SANS Technology Institute | Sanjay "Jay" Rekhi, Group Leader Security Components and Mechanisms Group, NIST

Moderated by: Becky Bracken, Editor, Dark Reading

Just because attackers are going to attack doesn’t mean defenders can’t fight back with a solid defense. There are powerful steps you can take to help ensure a security event doesn’t escalate, including proactive probing and detection of even the most well-hidden threats, and by employing mitigation methods. In this panel discussion, experts in incident response will offer a look at how best to respond to a security incident, including a look at the role of emerging tools such as AI and automation, eXtendedDetection and Response (XDR), orchestration, and state-of-the art IR practices.

Demo

All Day

Rubrik Security Director Cloud

Sponsored by: Rubrik

Presented by: Joshua Stenhouse, Field CTO Cyber Resilience, Rubrik

When Your Data is Secure, Your Business Becomes Unstoppable

The Rubrik Zero Trust Data Security™ platform, Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked.

See how Rubrik Security Cloud:

-Keeps data resilient against cyber threats.
-Monitors backup data for suspicious changes
-Automatically brings applications back online

Demo

All Day

Defense Accelerated: How NetWitness is Revolutionizing Threat Detection, Investigation and Response

Sponsored by: NetWitness

Presented by: Arthur Fontaine, Director of Product and Solutions Marketing, NetWitness | Todd Mestemacher, Advisory Systems Engineer, NetWitness

In today’s complex and ever-changing cybersecurity landscape, you need a centralized platform to help analysts detect, investigate and respond to known and unknown threats fast to mitigate the financial and reputational damage that cyberattacks can cause.

NetWitness is a pioneering cybersecurity software developer whose products are used by the world’s most security-conscious and sophisticated organizations. The NetWitness Platform delivers industrial-strength SIEM, NDR, and EDR capabilities that operate across on-premises, cloud, or hybrid infrastructures, providing a unified set of detection, investigation, and response tools. Threat analysts around the world rely on NetWitness for its robust threat intelligence, deep analytics, guided case management, and built-in response actions.

Learn more about how we’re revolutionizing threat detection, investigation and response by watching this short demo.

Demo

All Day

Cyber Risk Management with LogicGate Risk Cloud

Sponsored by: LogicGate

Presented by: Sean McGovern, Senior Solutions Engineer, LogicGate

With cyber threats and data breaches on the rise, organizations need to have an effective cyber risk management program in place to stay ahead of threats and keep the business safe. LogicGate Risk Cloud’s Cyber Risk Management Solution allows you to do just that. You can connect cyber risks to business impact while automatically identifying, assessing, treating, and reporting on cyber risks, all in one centralized platform. Check it out in action!

Demo

All Day

CISO Insights: Challenges We’re Seeing That You Should Be Aware of

Sponsored by: CyberMaxx

Presented by: Aaron Shaha, CISO, CyberMaxx

This session covers insights into what security professionals need to be focused on and aware of for 2024. It’s a very fluid time for cybersecurity – let’s discuss what’s happening, what’s coming and how you stay prepared. During this session, Aaron Shaha dives into the top challenges he’s seeing and how to be prepared. He will also dive into CyberMaxx’s Ransomware Research and outline the threat actors that you may need to stay ahead of.

Themes include:

– Trends the CISO is experiencing

– Geopolitical situation, AI and more

– Key Ransomware and threat actor activities