Watch our sessions on-demand now! Just click on the links below to access the recordings.
Watch On-Demand
Watch On-Demand
Watch On-Demand
Watch On-Demand
Opening Keynote:
Chad Wilson, CISO at Stanford Children's Health
Ryan Kalember, EVP of Cybersecurity Strategy at Proofpoint
With email continuing its multiyear reign as the #1 threat vector, business email compromise (BEC) losses at all-time highs, and insider threats in the news on a daily basis, it’s never been more critical for security professionals to understand and mitigate the risks that people pose to their organizations. As discussions around the coronavirus (COVID-19) and the 2020 presidential elections continue, cyber criminals are using these topics for malicious campaigns. These attacks are targeted at people, require social engineering to succeed, and, increasingly, are operated by human adversaries. So what can you do to better protect you and your organization this year?
Join us as we examine closely some of the biggest challenges that CISOs face, and why a people-centric approach to security is your biggest opportunity to stop attackers, communicate risk to the business, and build a strong new front line of defense. In this opening keynote, we’ll share:
- The latest trends in phishing, business email compromise, and cloud attack techniques
- How to identify your Very Attacked People (VAPs), and how they are targeted
- Why cybersecurity transformation around people and culture is critical
- How to better protect your VAPs and defend the data and systems they have access to
Track A Session 1:
Jake Gordon, IT Director at a global investment corporation
Rich Wegner, Sr. Cybersecurity Engineer at a large financial institute
Scot Lymer, Security Analyst II at Shelter Insurance
Moderator: Sara Pan, Sr. Content Strategist at Proofpoint
Business Email Compromise (BEC) and Email Account Compromise (EAC) scams have cost the victimized businesses over $26 billion since 2016. What BEC and EAC have in common is that they target people, rely on social engineering, and are designed to solicit fraudulent wire transfers or payment. Unlike malware attack, BEC and EAC don’t typically include detectable malicious payload. These types of threats can be hard to recognize because to the target these business requests sent by the impostors seem very routine and reasonable.
Join our guest panel as these security experts discuss their experiences with the changing landscapes of BEC and EAC, the use cases of their email security approach, and how success was measured. In this webinar, we'll explore:
- The full scope of the problem: where the attacks are coming from and how people are being targeted
- The challenges faced when addressing BEC and EAC and how to overcome them
- Lessons learned and how companies can better defend against BEC and EAC
Christopher Frenz, AVP of Information Security & Infrastructure at Interfaith Medical Center
Eric Schwake, Zero Trust Strategist at Proofpoint
Gone are the old days of every employee having to work in the office from 9 to 5. More and more companies are navigating cloud migration and embracing the mobile workforce expansion. However, many still struggle with maintaining their security posture and enabling a Zero-Trust approach to replace their legacy VPN solution. It’s never been more important than now to evaluate how a Zero-Trust framework applies to your environment and what you can do to protect your organization’s most valuable assets: your people and your data.
Join our webinar as we take a deep dive into why this new paradigm of network security is crucial and how it can provide the flexibility for your enterprise to grow. In this session, we’ll share:
- What a Zero-Trust approach is and what it isn’t
- How Zero-Trust reinforces people-centric security
- Strategies on how to move to an always-on, Zero-Trust architecture
Track A Session 2:
Matthew Alexander, Information Security Manager at Alabama Farmers
Itir Clarke, Sr. CASB Strategiest at Proofpoint
Gartner predicts that through 2020, 95% of cloud security breaches will be the users' fault. Attacks on cloud accounts such as credential stuffing, phishing and OAuth app spoofing are wide spread. Cloud account takeover leads to wire fraud and data theft. Misuse of new collaboration platforms can also result in data loss. More now than ever, security teams need preventative measures to secure access to systems and data - but not at the cost of user experience. Cloud security requires a fine balance of trust against risk. So how is this achieved?
Join us as we explore what a people-centric visibility to cloud security looks like, and how professionals can combine threat detection, Data Loss Prevention and adaptive access controls to achieve that fine balance. In this session, we will discuss:
- How to detect, investigate and remediate account takeover
- Cloud DLP Do’s and Don’ts
- Checklist to secure third-party apps
- How to prioritize access controls with a risk-based approach
Dawn Cappelli, VP of Global Security & CISO at Rockwell Automation
Josh Epstein, CMO at ObserveIT
Insider Threats are a vector for risk and cost in any organization. According to recent research from Ponemon Institute, the average cost of Insider Threats has skyrocketed 31% in just two years to $11.45 million. By strengthening security programs, companies can reduce the impact and cost of Insider Threats, resulting in lower costs and faster investigation turnarounds.
Join us for this session as we uncover how to better detect, investigate, and respond to Insider Threats. We will examine:
- Why Insider Threats cost so much—including the key cost centers
- What makes managing insider threats so complex
- How faster containment can lower costs
- The importance of taking a proactive approach to investigations
- The key roles of prevention, education, deterrence and user training
Closing Keynote:
Shelly Epps, Security Program Lead at Duke University
Alexandra Panaretos, Americas Lead for Secure Culture Activation at Enst & Young LLP
Moderator: Paul Down, Sr. Director of Sales-EMEA, at Proofpoint
The threat landscape is constantly evolving, and people continue to be the number one target for attackers. Having a comprehensive, data-driven security awareness program in place is more important than ever to reduce your people-centric security risk and build a strong last line of defense.
Join us as we hold a live panel on how today’s enterprises are employing new strategies and measuring success with their security awareness programs. We’ll answer questions like – why is there more variance with user reporting rates than click rates? What percentage of users can you expect to use a VPN or password manager? With this webinar you'll get a better understanding of:
- Today’s security awareness landscape and pressing topics for user
- Best practices companies are employing today
- KPIs companies are measuring for success
- Key benchmarks you can use to understand program maturity
