Proofpoint


Cybersecurity eSummit

People-Centric Security

Protect your people & prevent the next big breach

Sessions

Watch our sessions on-demand now! Just click on the links below to access the recordings.

Watch On-Demand
Watch On-Demand
Watch On-Demand
Watch On-Demand




Opening Keynote:

Defend the New Front Lines with a People-Centric Cybersecurity Strategy

Chad Wilson, CISO at Stanford Children's Health

Ryan Kalember, EVP of Cybersecurity Strategy at Proofpoint


With email continuing its multiyear reign as the #1 threat vector, business email compromise (BEC) losses at all-time highs, and insider threats in the news on a daily basis, it’s never been more critical for security professionals to understand and mitigate the risks that people pose to their organizations. As discussions around the coronavirus (COVID-19) and the 2020 presidential elections continue, cyber criminals are using these topics for malicious campaigns. These attacks are targeted at people, require social engineering to succeed, and, increasingly, are operated by human adversaries. So what can you do to better protect you and your organization this year?


Join us as we examine closely some of the biggest challenges that CISOs face, and why a people-centric approach to security is your biggest opportunity to stop attackers, communicate risk to the business, and build a strong new front line of defense. In this opening keynote, we’ll share:
    • The latest trends in phishing, business email compromise, and cloud attack techniques
    • How to identify your Very Attacked People (VAPs), and how they are targeted
    • Why cybersecurity transformation around people and culture is critical
    • How to better protect your VAPs and defend the data and systems they have access to

Track A Session 1:

Panel: Email Fraud - the Ins & Outs of Business Email and Account Compromise

Jake Gordon, IT Director at a global investment corporation 

Rich Wegner, Sr. Cybersecurity Engineer at a large financial institute

Scot Lymer, Security Analyst II at Shelter Insurance

Moderator: Sara Pan, Sr. Content Strategist at Proofpoint

Business Email Compromise (BEC) and Email Account Compromise (EAC) scams have cost the victimized businesses over $26 billion since 2016. What BEC and EAC have in common is that they target people, rely on social engineering, and are designed to solicit fraudulent wire transfers or payment. Unlike malware attack, BEC and EAC don’t typically include detectable malicious payload. These types of threats can be hard to recognize because to the target these business requests sent by the impostors seem very routine and reasonable. 

Join our guest panel as these security experts discuss their experiences with the changing landscapes of BEC and EAC, the use cases of their email security approach, and how success was measured. In this webinar, we'll explore:

  • The full scope of the problem: where the attacks are coming from and how people are being targeted
  • The challenges faced when addressing BEC and EAC and how to overcome them
  • Lessons learned and how companies can better defend against BEC and EAC

Christopher Frenz, AVP of Information Security & Infrastructure at Interfaith Medical Center

Eric Schwake, Zero Trust Strategist at Proofpoint

Gone are the old days of every employee having to work in the office from 9 to 5. More and more companies are navigating cloud migration and embracing the mobile workforce expansion. However, many still struggle with maintaining their security posture and enabling a Zero-Trust approach to replace their legacy VPN solution. It’s never been more important than now to evaluate how a Zero-Trust framework applies to your environment and what you can do to protect your organization’s most valuable assets: your people and your data.

Join our webinar as we take a deep dive into why this new paradigm of network security is crucial and how it can provide the flexibility for your enterprise to grow. In this session, we’ll share:

  • What a Zero-Trust approach is and what it isn’t
  • How Zero-Trust reinforces people-centric security
  • Strategies on how to move to an always-on, Zero-Trust architecture

Track A Session 2:

Cloudy with A Chance of Threats: Strategies to Defend Cloud Users and Data

Matthew Alexander, Information Security Manager at Alabama Farmers 

Itir Clarke, Sr. CASB Strategiest at Proofpoint

Gartner predicts that through 2020, 95% of cloud security breaches will be the users' fault. Attacks on cloud accounts such as credential stuffing, phishing and OAuth app spoofing are wide spread. Cloud account takeover leads to wire fraud and data theft. Misuse of new collaboration platforms can also result in data loss. More now than ever, security teams need preventative measures to secure access to systems and data - but not at the cost of user experience. Cloud security requires a fine balance of trust against risk. So how is this achieved?

Join us as we explore what a people-centric visibility to cloud security looks like, and how professionals can combine threat detection, Data Loss Prevention and adaptive access controls to achieve that fine balance. In this session, we will discuss:

  • How to detect, investigate and remediate account takeover
  • Cloud DLP Do’s and Don’ts
  • Checklist to secure third-party apps
  • How to prioritize access controls with a risk-based approach


Dawn Cappelli, VP of Global Security & CISO at Rockwell Automation

Josh Epstein, CMO at ObserveIT

Insider Threats are a vector for risk and cost in any organization. According to recent research from Ponemon Institute, the average cost of Insider Threats has skyrocketed 31% in just two years to $11.45 million. By strengthening security programs, companies can reduce the impact and cost of Insider Threats, resulting in lower costs and faster investigation turnarounds.

Join us for this session as we uncover how to better detect, investigate, and respond to Insider Threats. We will examine:

  • Why Insider Threats cost so much—including the key cost centers
  • What makes managing insider threats so complex
  • How faster containment can lower costs
  • The importance of taking a proactive approach to investigations
  • The key roles of prevention, education, deterrence and user training

Closing Keynote:

PANEL: Benchmarks & KPIs You Need to Know for Security Awareness Training

Shelly Epps, Security Program Lead at Duke University

Alexandra Panaretos, Americas Lead for Secure Culture Activation at Enst & Young LLP

Moderator: Paul Down, Sr. Director of Sales-EMEA, at Proofpoint


The threat landscape is constantly evolving, and people continue to be the number one target for attackers. Having a comprehensive, data-driven security awareness program in place is more important than ever to reduce your people-centric security risk and build a strong last line of defense.


Join us as we hold a live panel on how today’s enterprises are employing new strategies and measuring success with their security awareness programs. We’ll answer questions like – why is there more variance with user reporting rates than click rates? What percentage of users can you expect to use a VPN or password manager? With this webinar you'll get a better understanding of:

    • Today’s security awareness landscape and pressing topics for user
    • Best practices companies are employing today
    • KPIs companies are measuring for success
    • Key benchmarks you can use to understand program maturity

Sessions

Watch our sessions on-demand now! Just click on the links below to access the recordings.

Watch On-Demand
Watch On-Demand
Watch On-Demand
Watch On-Demand




Opening Keynote:

Defend the New Front Lines with a People-Centric Cybersecurity Strategy

Chad Wilson, CISO at Stanford Children's Health

Ryan Kalember, EVP of Cybersecurity Strategy at Proofpoint


With email continuing its multiyear reign as the #1 threat vector, business email compromise (BEC) losses at all-time highs, and insider threats in the news on a daily basis, it’s never been more critical for security professionals to understand and mitigate the risks that people pose to their organizations. As discussions around the coronavirus (COVID-19) and the 2020 presidential elections continue, cyber criminals are using these topics for malicious campaigns. These attacks are targeted at people, require social engineering to succeed, and, increasingly, are operated by human adversaries. So what can you do to better protect you and your organization this year?


Join us as we examine closely some of the biggest challenges that CISOs face, and why a people-centric approach to security is your biggest opportunity to stop attackers, communicate risk to the business, and build a strong new front line of defense. In this opening keynote, we’ll share:
    • The latest trends in phishing, business email compromise, and cloud attack techniques
    • How to identify your Very Attacked People (VAPs), and how they are targeted
    • Why cybersecurity transformation around people and culture is critical
    • How to better protect your VAPs and defend the data and systems they have access to

Track A Session 1:

Panel: Email Fraud - the Ins & Outs of Business Email and Account Compromise

Jake Gordon, IT Director at a global investment corporation 

Rich Wegner, Sr. Cybersecurity Engineer at a large financial institute

Scot Lymer, Security Analyst II at Shelter Insurance

Moderator: Sara Pan, Sr. Content Strategist at Proofpoint

Business Email Compromise (BEC) and Email Account Compromise (EAC) scams have cost the victimized businesses over $26 billion since 2016. What BEC and EAC have in common is that they target people, rely on social engineering, and are designed to solicit fraudulent wire transfers or payment. Unlike malware attack, BEC and EAC don’t typically include detectable malicious payload. These types of threats can be hard to recognize because to the target these business requests sent by the impostors seem very routine and reasonable. 

Join our guest panel as these security experts discuss their experiences with the changing landscapes of BEC and EAC, the use cases of their email security approach, and how success was measured. In this webinar, we'll explore:

  • The full scope of the problem: where the attacks are coming from and how people are being targeted
  • The challenges faced when addressing BEC and EAC and how to overcome them
  • Lessons learned and how companies can better defend against BEC and EAC

Christopher Frenz, AVP of Information Security & Infrastructure at Interfaith Medical Center

Eric Schwake, Zero Trust Strategist at Proofpoint

Gone are the old days of every employee having to work in the office from 9 to 5. More and more companies are navigating cloud migration and embracing the mobile workforce expansion. However, many still struggle with maintaining their security posture and enabling a Zero-Trust approach to replace their legacy VPN solution. It’s never been more important than now to evaluate how a Zero-Trust framework applies to your environment and what you can do to protect your organization’s most valuable assets: your people and your data.

Join our webinar as we take a deep dive into why this new paradigm of network security is crucial and how it can provide the flexibility for your enterprise to grow. In this session, we’ll share:

  • What a Zero-Trust approach is and what it isn’t
  • How Zero-Trust reinforces people-centric security
  • Strategies on how to move to an always-on, Zero-Trust architecture

Track A Session 2:

Cloudy with A Chance of Threats: Strategies to Defend Cloud Users and Data

Matthew Alexander, Information Security Manager at Alabama Farmers 

Itir Clarke, Sr. CASB Strategiest at Proofpoint

Gartner predicts that through 2020, 95% of cloud security breaches will be the users' fault. Attacks on cloud accounts such as credential stuffing, phishing and OAuth app spoofing are wide spread. Cloud account takeover leads to wire fraud and data theft. Misuse of new collaboration platforms can also result in data loss. More now than ever, security teams need preventative measures to secure access to systems and data - but not at the cost of user experience. Cloud security requires a fine balance of trust against risk. So how is this achieved?

Join us as we explore what a people-centric visibility to cloud security looks like, and how professionals can combine threat detection, Data Loss Prevention and adaptive access controls to achieve that fine balance. In this session, we will discuss:

  • How to detect, investigate and remediate account takeover
  • Cloud DLP Do’s and Don’ts
  • Checklist to secure third-party apps
  • How to prioritize access controls with a risk-based approach


Dawn Cappelli, VP of Global Security & CISO at Rockwell Automation

Josh Epstein, CMO at ObserveIT

Insider Threats are a vector for risk and cost in any organization. According to recent research from Ponemon Institute, the average cost of Insider Threats has skyrocketed 31% in just two years to $11.45 million. By strengthening security programs, companies can reduce the impact and cost of Insider Threats, resulting in lower costs and faster investigation turnarounds.

Join us for this session as we uncover how to better detect, investigate, and respond to Insider Threats. We will examine:

  • Why Insider Threats cost so much—including the key cost centers
  • What makes managing insider threats so complex
  • How faster containment can lower costs
  • The importance of taking a proactive approach to investigations
  • The key roles of prevention, education, deterrence and user training

Closing Keynote:

PANEL: Benchmarks & KPIs You Need to Know for Security Awareness Training

Shelly Epps, Security Program Lead at Duke University

Alexandra Panaretos, Americas Lead for Secure Culture Activation at Enst & Young LLP

Moderator: Paul Down, Sr. Director of Sales-EMEA, at Proofpoint


The threat landscape is constantly evolving, and people continue to be the number one target for attackers. Having a comprehensive, data-driven security awareness program in place is more important than ever to reduce your people-centric security risk and build a strong last line of defense.


Join us as we hold a live panel on how today’s enterprises are employing new strategies and measuring success with their security awareness programs. We’ll answer questions like – why is there more variance with user reporting rates than click rates? What percentage of users can you expect to use a VPN or password manager? With this webinar you'll get a better understanding of:

    • Today’s security awareness landscape and pressing topics for user
    • Best practices companies are employing today
    • KPIs companies are measuring for success
    • Key benchmarks you can use to understand program maturity

Keynote Speakers

Chad Wilson, CISO at Stanford Children's Health

A former Officer of Marines, Chad has 25 years of leadership and vision in information technology and cybersecurity. He has direct knowledge and experience leading healthcare information technology, IT management best practices, risk management, information/cyber security and assurance, infrastructure protection, and auditing compliance that enhances and enables care delivery in a recognized international leading pediatric provider organization.

Ryan Kalember, EVP of Cybersecurity Strategy at Proofpoint

With almost 20 years of professional experience in the information security industry, Ryan has provided cybersecurity counsel to global government delegations including Jordan, North Macedonia, Peru, and Spain. He also works with the National Governors Association and is a board member of the National Cyber Security Alliance and the Cybersecurity Technical Advisory Board.

Shelly Epps, Security & Outreach Program Lead at Duke University

Shelly is the program lead for security outreach and education at Duke University for the past 7 years. A part of her normal duties include administering the school's simulated phishing program. Shelly hold a SANS security awareness professional (SSAP) credential and certification in Healthcare Information Security and Privacy Professional (HCISPP) from ISC(2).

Alexandra Panaretos, Americas Lead for Secure Culture Activation at Ernst & Young

Alex has over 10 years of experience developing and implementing cybersecurity awareness and education strategies in government, military family services, the Department of Defense, the medical and health industries, global industry, and local and national broadcasting affiliates. She also specializes in personal and physical security training and program development, the psychology of social engineering, behavior analytics, and operations security program development.

Paul Down, Sr. Director of Sales EMEA at Proofpoint

Paul has over 25 years of experience in Technology and Sales for well-known industry vendors such as IBM, Compuware, and VMWare. For the last 15 years, Paul has held executive positions in EMEA in the IT Security space, with experiences focusing on employee behavior analytics, criminal cyber investigations, and Insider Threat detection and prevention.

Session Speakers

Jake Gordon, IT Director at a global investment corporation

Jake Gordon is an IT Director and is the Global Manager for Messaging and Collaboration Services team within his company's Technology Infrastructure team. His team is responsible for some of the most critical systems, including but not limited to, Exchange, Proofpoint, Sharepoint, O365 and Compliance Archiving.

Scot Lymer, Security Analyst II at Shelter Insurance

Scot is an experienced Information Security Analyst with a demonstrated history of working in the insurance industry. He has a strong background in ISO 27001, Computer Forensics, Domain Name System (DNS), Security Architecture, and Ethical Hacking. Scot has a Bachelor's degree in Broadcast Journalism from Central Missouri State University.

Christopher Frenz, CISO at Interfaith Medical Center

Chris is a healthcare information security and privacy expert who specializes in a holistic approach to organizational security. He has extensive experience in both the governance and technological aspects of information security. Chris is also the author of two computer books and over 75 technical articles.

Dawn Cappelli, VP of Global Security & CISO at Rockwell Automation

Dawn specializes in information security, risk management, and insider threat risk mitigation. Her team at Rockwell Automation is responsible for protecting the ecosystem of customers, suppliers, distributors, and partners from the global threat landscape. Before this, Dawn was the director and founder of the CERT Insider Threat Center at Carnegie Mellon’s Software Engineering Institute (SEI).

Rich Wegner, Sr. Cybersecurity Engineer at a large financial institute

Rich is a seasoned IT engineer with more than 22 years of email administration experience, and 14 years of experience with email security. He has been working with Proofpoint services for more than 6 years. One of Rich's primary focuses in the past 3 years have been the implementation of Email Authentication – SPF, DKIM and DMARC.

Matthew Alexander, Information Security Manager at Alabama Farmers Cooperative, Inc.

Matt is an experienced Information Security Manager with a demonstrated history of working in the agricultural industry. He's skilled in Network Administration, Strategic Planning, Networking, Computer Hardware, and Leadership. Matt holds a Master of Science (M.S.) in Information Systems Management from Auburn University.

Josh Epstein, CMO at ObserveIT

Josh has 20+ years of experience in technology marketing and strategy roles. Previously he has held a range of marketing, strategy and business development roles at start-ups including Kaminario, Reddo Mobility as well as global technology companies including EMC, CA Technologies, Acme Packet and Oracle.

Itir Clarke, Sr. CASB Strategist at Proofpoint

Itir has over 19 years of information technology experience in Product Marketing and Management roles. She manages Proofpoint's Cloud App Security solutions. Before coming to Proofpoint, Itir worked with server products at Cisco, and also worked at Brocade prior to Cisco.

Eric Schwake, Zero Trust Strategist at Proofpoint

Eric is a manages Proofpoint's Advanced Emerging Security solutions. Before Proofpoint, Eric worked with the security products at Cisco and was at Symantec before that. He has over 14 years of information security experience with a range of positions from Technical Support to Sales to Product Marketing. Eric holds a CISSP certification.


Section 4: Charter

"Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

Section 5: Frequently Asked Questions

"Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

Section 6: Additional Content

"Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

Section 7: Additional Content

"Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

Section 8: Additional Content

"Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

© All Rights Reserved. Privacy Policy