7:30-8:30am | Networking Breakfast
8:30-9:15am | Opening Address: The State of the Enterprise Security Department (Tim Wilson & Sara Peters, Dark Reading)
Thanks to a plethora of major – and very public – data breaches, security has become one of the most critical issues in IT. What are the chief threats that security departments face, and what are they doing about them? What are today's top priorities for security professionals? This session will include data from two recent surveys of IT and security executives.
9:15-9:30am | Lightning Talk 1
9:30-10:15am | Securing Your Enterprise Infrastructure (Drew Vanover, Blue Coat)
As enterprises add new networking capabilities, SDN, and virtualized server environments, the risks they face are changing as well. In this informative session, a top expert on infrastructure security will discuss the latest threats to networks and servers and how your organization can mitigate them.
10:15-10:30am | Coffee Break
10:30-11:15am | Protecting Your Data In the Cloud (Rich Mogull, Securosis)
Cloud computing services and technology offer a level of efficiency and cost savings that most enterprises simply can’t pass up. But does the growing use of cloud technology create a growing threat to enterprise data? How can IT organizations track and secure data as it travels through the cloud? In this session, a cloud security expert will discuss the key danger points in cloud computing and the latest technologies and practices for cloud security.
11:15am-12:00pm | Endpoints and End Users – Strengthening Your Weakest Links (Michele Fincher, Social-Engineer)
Most major data breaches start with the compromise of a single endpoint – a PC, a mobile device, a user who unwittingly gives up credentials. What can your organization to protect its endpoints? How can you create and enforce end user policies that protect your corporate data? In this session, a top expert discusses how endpoints and end users are most frequently compromised – and how to keep your end users from falling victim.
12:00-1:15pm | Networking Lunch
1:15-2:00pm | The Real Risks of Mobile Technology In the Enterprise (Andrew Blaich, Lookout)
Everyone is saying that the introduction of mobile devices and bring-your-own-device (BYOD) policies is a security risk to the enterprise. But exactly where do those risks come from? In this session, a top expert will debunk some of the myths about mobile security while raising up some threats and vulnerabilities you may not know about.
2:00-2:15pm | Coffee Break
2:15-3:00pm | Insider Threats and Preventing Data Leaks (Randy Trzeciak, CERT)
Major data leaks such as Edward Snowden’s release of NSA data and the dump of military data on WikiLeaks are only the tip of the insider threat iceberg. Every day, enterprises face the threat of losing valuable insider information – not only through malicious leaks but through unintentional, accidental violations of security rules that lead to exposure of critical information. How can organizations spot the signs of a data leak and stop it before it goes too far? How can IT help prevent accidental leaks of sensitive data? A top expert offers some essential advice on stopping data loss from within.
3:00-3:15pm | Lightning Talk: Cyber Kill Chain in Practice by Watchguard (Marc Laliberte, Watchguard)
Have you ever wondered how you easily a computer can become infected by malware or completely taken over by a cybercriminal? In this live hack, an information security professional will use a Cross-Site Scripting (CSS) attack to gain remote access to a vulnerable client. This session will finish with practical examples showing how your network perimeter can stop this type of attack at different stages of the Cyber Kill Chain model.
3:15-4:00pm | Finding and Fixing Application Security Vulnerabilities (Chris Eng, Veracode)
Customer databases, enterprise applications, Big Data – the keys to your enterprise’s kingdom lie in its applications. But application security is often overlooked, both by software manufacturers and by internal development teams. What steps can your organization take to find and repair application vulnerabilities – before your attackers discover them? A top applications security expert discusses key practices for scanning and securing applications, as well as offering some insight on how to improve security in your software development organization.
4:00-4:45pm | Monitoring and Measuring Enterprise Security Posture (Rafal Los, Optiv)
Over the years, most enterprises have acquired a plethora of tools to detect and/or block security threats. But how can organizations monitor these tools to detect potential threats and measure the security posture of the enterprise? In this session, a top expert on security monitoring will offer some advice on how to monitor and report on an enterprise's security posture, and how to use the data from multiple security systems to track down sophisticated threats.
4:45-6:00pm | Cocktail Reception