eSummit

Archived: Endpoint Security – Sealing your ever-expanding attack perimeter

On-Demand Event

Earn up to 6.5 CPE credits by attending this virtual event.

For attackers, an endpoint actually represents a beginning point for an attack that can quickly spread and grow out of control. Desktops, laptops, printers, smartphones, servers, medical and industrial devices… the list of endpoints goes on and on. Before long, it can be easy to lose visibility into all the hidden nooks and crannies of your increasingly complex attack surface. Shadow IT, rogue devices and poor established BYOD policies only add to this problem, and it’s up to your security team to restore order before someone uses an endpoint to download a weaponized app, upload precious intellectual property or visit a malvertising website. This eSummit on September 13-14 will explore from head to toe the ins and outs of endpoint security, covering such topics as: 

  • CyberRisk Alliance’s exclusive endpoint security research
  • How to sniff out shadow IT and anomalous endpoint activity on premises and in the cloud
  • Device management best practices and user policies in a complex multi-device environment
  • Innovations and advancements in unified endpoint management, self-healing endpoints, EDR and more

Featured Speakers:

Agenda

Day 1

11:00 AM
Opening keynote: TrEndpoints: The Latest Developments in the Endpoint Security Market
Sarah Pavlak: Industry Principal, Security, Frost & Sullivan

There’s no end to the innovations coming out of the endpoint security market. And as this corner of the cybersecurity industry continues to shift and evolve in new directions, it’s important for the user community to understand the various pros and cons of all the available options. This session will analyze the latest trends and advancements related to EDR, EPPs, unified endpoint management, self-healing endpoints, mobile threat defense, XDR and more.

11:30 AM
Cloud security and endpoint security are your first and last lines of defense
Nirav Shah, Product Marketing Manager, Cisco Systems
Brian McMahon, Technical Marketing Engineer, Cisco Systems

To defend against ransomware, you need a first and last line of defense to protect your environment. Ransomware is a result of a multi-stage compromise where the attacker's tactics, techniques, and procedures can be found early in the attack when spotted with cloud security. Additionally, with strong endpoint security, your organization can thwart the ability of the attacker to complete their compromise through strong protection, detection, and response. Join Cisco to see how Cisco Umbrella and Cisco Secure Endpoint provide a strong first and last line of defense.

12:00 PM
FortiEDR, the first and last line of defense
Brook Chelmo Director of Product Marketing, Fortinet

It is estimated that 45% of people are now working at home and are online for over 40 hours a week. That number does not include employees who work outside the office like sales reps. This shift has led to 15x growth in ransomware as bad actors look to exploit companies struggling to create secure networks to accommodate the Work-From-Anywhere movement. This means the endpoint must have the ability to defend and heal itself against today’s advanced attacks.

Join Brook Chelmo, Director of Product Marketing Endpoint, as he provides a comprehensive overview of the threat landscape in a Work-From-Anywhere context

12:30 PM
Research Session: Challenges of Endpoint and Device Security
VP of Content Strategy Bill Brenner, CyberRisk Alliance
VP of Research Dana Jackson, CyberRisk Alliance

Security practitioners participated in an August 2022 study about their challenges, strategies and successes with endpoint/device security. In this session, CRA VP of Content Strategy Bill Brenner and CRA VP of Research Dana Jackson discuss the key takeaways.

1:15 PM
Break

1:30 PM
Getting a good harvest from your EDR (low-hanging fruit)
Harlan Carvey, Senior Incident Responder, Huntress Labs

For those tasked with protecting their organization from today’s threats, cybersecurity seems to be a very complex issue, particularly given the attacks we see in the media that refer to “sophisticated” threat actors. In reality, if we look beyond the fear-mongering and buzzwords, we can get a “good harvest from the low-hanging fruit.”

In this session, Harlan will discuss:
• Low-hanging fruit with EDR
• The fundamentals of basic IT hygiene
• Asset inventory—hardware and software, reduce services, reduce attack surface

Without these basics covered and understood, other areas of focus, such as control efficacy, are pointless.

2:00 PM
Zero trust and principles of least privilege
Joseph Carson Chief Security Scientist & Advisory CISO, Delinea

Regulatory bodies, government agencies, and CIOs are mandating Zero Trust as a cyber security framework. What does Zero Trust mean for your security strategy? This session will describe where Zero Trust started, how it has evolved over the years, what it really means for your organization today and what you can do to realize the benefits.

2:30 PM
Closing keynote: Asset & attack surface management solutions: A pivotal pair of endpoint protectors
Jose María Labernia Salvador: Head of IT Security and Internal Control, at EMEA IT Services Division, Holcim

This session will examine how organizations can optimally leverage asset management and attack surface management solutions to protect their endpoints and identify potentially vulnerable devices lurking in their IT ecosystems. How do these two breeds of solutions interplay with and enhance each other? Which stakeholders must ultimately be responsible for asset management and visibility within your company? What best practices should you adopt and which common user mistakes should you aim to avoid? Watch to find out.

Day 2

11:00 AM
Opening Keynote: Endpoint security for remote workforces: Advice from a remote CISO
Michael Miora: Founder & CEO, Infosec Labs

We're in a new age of remote and hybrid workforces. And with this newfound flexibility and convenience for employees comes challenges related to keeping endpoint devices secure across a more distributed, decentralized ecosystem while at the same time not invading workers' privacy or impeding their work. Of course, experienced virtual CISOs already know a little something about this. Outsourced security professionals for hire typically work for multiple companies at once, often connecting remotely to push endpoint updates and security patches or perform device troubleshooting. This session will examine endpoint security policies and strategies for remote workforces from a vCISO's perspective, as companies grapple with concepts such as BYOD vs. corporate devices, remote access management, and how to balance employees' needs with a company's security directives.

11:30 AM
Delivering Better Security Outcomes for Real-world Organizations
Matt Hickey Senior Director, Sales Engineering, Sophos

In late March, the White House issued a warning that U.S. intelligence has been detecting increased activity by cyberattackers intended to compromise western infrastructure. Now more than ever, cybercrime keeps evolving and escalating — and just any old endpoint protection solution won’t cut it anymore.
Sophos offers the world’s best protection against malware, ransomware, exploits, and viruses. Our endpoint protection has been named a “Leader” in the Gartner Magic Quadrant for twelve years running. And over 625 customers have rated our solution with 5 stars.
Sometimes seeing is believing, so explore Sophos Endpoint to learn how its superior protection stops threats faster and how the combination of accelerated threat detection and response helps lower the total cost of ownership (TCO).
If you’re responsible for keeping your organization and data safe from attacks, check out this webcast and consider switching to Sophos Endpoint for the best protection on the market today.

12:00 PM
Thought leadership panel: How identity threat detection & response (ITDR) complements traditional EDR
Eric Anderson: Director, Enterprise Security, Adobe
Narendra Patlolla: Digital Security Executive, Gallagher
Bernard Diwakar: Director, Enterprise Security Chief Architect, Intuit

The concept of identity-based security is most often associated with IAM solutions that authenticate someone’s identity before granting him or her privileged access. But identity-centric tools can also be used in the detection and response process after an attack has taken place. Indeed, identity threat detection and response, or ITDR, is a budding cybersecurity solution category that can be used to supplement traditional EDR products. This panel presentation, featuring multiple member organizations affiliated with the Identity Defined Security Alliance, will reveal more on how ITDR can help companies stop threats such as credential theft and unauthorized privileged elevation.

12:45 PM
Break

1:00 PM
Ransomware 3.0: we thought it was bad and then it got even worse
Roger A. Grimes, Data-Driven Defense Evangelist, KnowBe4

We thought it was bad enough when traditional ransomware started to steal data in its second generation of evolution, now dubbed "double extortion". The third stage of ransomware is beginning to happen now and will make us wish for the good, old days of Ransomware 2.0.

Attend this presentation to learn how ransomware is evolving to inflict maximum damage and more importantly how to protect yourself and your organization.

Roger A. Grimes, Data-Driven Defense Evangelist at KnowBe4, was among the first to warn the world about Ransomware 2.0 - the almost accidental attacks that became a storm.

1:30 PM
Solving the identity security crisis: A guide to today’s top threats 
Kim Berry, Security Architect, Okta  

As the security industry battles the ever changing threat landscape, communication and knowledge sharing among cyber professionals is the best defense. In this session, attendees will learn about today’s biggest identity-focused threats plaguing organizations across industries, real-life examples of recent attacks, and mitigation tips to combat them. 

2:00 PM
Closing keynote: Industry-unique endpoints: Protecting sector-specific devices
Christian Beckner: VP, Retail Technology and Cybersecurity, National Retail Federation

Some endpoints – like basic computers, phones and servers – are universal in nature. Others, however, are specific to the industry in which you operate. Hospitals feature connected medical devices, banks have ATMs, and retailers must safeguard their point-of-sale systems. Security professionals who bounce around from sector to sector will have to familiarize themselves with the unique endpoint attributes that each industry has to offer – and the particular threats they face – so that these endpoints don’t turn into shadow IT or infected rogue devices. This session will look at these challenges from the perspective of the retail sector. But this session is hardly just for retailers – the issues presented here will be relevant to any industry that must contend with its own array of sector-specific endpoints.



Sponsors

DelineaDuo SecurityFortinetHuntress LabsKnowBe4OktaSophos
Registration is closed for this event, but there are related events that you may find interesting: