Earn up to 6.5 CPE credits by attending this virtual conference.
Recent market forces are driving cybersecurity leaders to give zero trust strategies a closer look. Cloud migrations are accelerating. Organizations are embracing remote or hybrid work environments. Employees continue to use their own devices for business. And supply chain partners, as the recent SolarWinds attack demonstrated, are becoming much more digitally entangled. These trends all have one thing in common – they expose organizations to more risk beyond traditional network perimeters.
Zero trust aims to help enterprises improve their overall security posture by providing protection within and beyond such boundaries — requiring authentication and continuous validation of all users and devices, inside and outside the firewall, before permitting access to applications and data.
Join SC Media’s Zero Trust eSummit on October 12-13, to learn more about this cybersecurity model and assess whether it’s right for your organization. Practitioners and experts will share their experiences and insights on how to:
- Minimize your attack surface
- Adapt to the distributed nature of users and data
- Improve visibility into assets you’re protecting
Advance your cybersecurity efforts and protect your assets on both sides of the firewall. Register now.
TUESDAY, OCTOBER 12
11:00 AM ET
KEYNOTE | Putting the ‘zero’ into zero trust
Paul Simmonds, CEO, Global Identity Foundation
Organizations must rethink how we get to true zero trust. Paul looks at why placing our trust in the wrong things has hindered our ability to deliver services that truly deliver business benefit; and why starting from a point of complete anonymity can deliver a more secure, more frictionless and more agile business environment.
11:40 AM ET
The three keys to securely accelerating zero trust
Chris Morosco, Sr. Director – Product Marketing, Zscaler
Zero trust is a hot topic in the world of cyber security. Unfortunately, it is also commonly misunderstood, as the meaning tends to vary from vendor to vendor. Join this session to understand the key items needed to implement a true zero trust architecture and the best way to deploy it to securely accelerate your digital transformation. You’ll discover:
- The true definition of zero trust
- The impact it has on IT, security and the business
- Hot to adopt a zero trust approach quickly and securely
12:20 PM ET
The past, present and future of strong authentication
Patrick McBride, Chief Marketing Officer, Beyond Identity
Authentication is a foundational element of every cybersecurity program. With more than 80% of data breaches and most ransomware incidents stemming from credential-based attacks (e.g., phishing, credential stuffing, RDP brute, etc.), it has become clear that passwords are a fatally flawed authentication method. Unfortunately, many common solutions are “band-aids” on top of passwords and are lacking from both a security and user experience perspective. Replacing passwords as an authentication factor is finally possible. While eliminating passwords is a critical step in stopping credential-based attacks, it is just a first step on the journey to advanced authentication and access control needed to achieve Zero Trust.
In this presentation, we will discuss:
- A brief history of authentication
- Changing requirements in the new work-from-home (or anywhere) business model and cloud-centric architectures
- Can we gain risk-reduction improvements by converging the traditionally disparate identity and security processes and technologies?
- A case for continuous user authentication
- What is device risk and why is the real-time assessment of endpoint security important
1:00 PM ET
Making sense of zero trust
Helen Patton, Advisory CISO, Duo Security at Cisco
While the concept of Zero Trust networking is nearly a decade old, the last few years have seen its popularity in industry discussions grow exponentially. Zero Trust strategies can benefit businesses of every size, but you may still be trying to find the truth among the buzz and answer “what IS Zero Trust, anyway?” If you ask ten vendors what Zero Trust strategy means, you’ll get ten different answers. The question should be “what does it mean to you”?
Join this session with Duo advisory CISO Helen Patton for a grounded discussion on the realities of Zero Trust for an existing security portfolio and actionable items that will help you move the needle on delivering a Zero Trust vision for your organization. In this webinar, you will learn:
- How to fit Zero Trust into your existing security strategy
- How you’re already using Zero Trust methods, even if you’re not
- What to do after getting through the basics
1:40 PM ET
Zero trust begins by conquering network complexity: How to connect the dots between your current perimeter-based security infrastructure to a zero trust future
Tim Woods, VP of Finances Alliances, FireMon
Moving from a traditional perimeter-based security architecture to zero trust can be daunting at first, and many organizations struggle with where to start. There are concrete steps that organizations may take with existing infrastructure that can help both harden security and fulfill core zero trust tenets. While building a pure zero trust architecture from the ground up overnight is often unrealistic, organizations can quickly improve their visibility, manage their policies and automate their policy workflow.
Join this presentation to learn how to bridge from today’s perimeter-based network infrastructure to zero trust through policy management. Policy management sits at the heart of zero trust and can provide:
- Complete visibility across your entire network, from multi-vendor datacenters to the cloud
- Automated policy management and enforcement helps to maintain compliance and security even as enforcement points increase
- Workflow policy automation ensures that your network can be as agile as your business
- Risk management that minimizes the attack surface and assess vulnerabilities in real time
2:20 PM ET
Zero trust access for the hybrid enterprise
Jawahar Sivasankaran, President and COO, Appgate
Jason Garbis, Chief Product Officer, Appgate
Today’s enterprise users demand access from anywhere, on any device, to any resource. This anywhere, anytime mode of operation strains legacy security solutions already failing to keep pace with the proliferation of multi-cloud, DevOps and microservices. Legacy network security is inherently insecure, overly complex, outdated tech. It stifles enterprise transformation and hinders productivity.
Zero Trust initiatives solve these problems. With unified, identity-centric policies you can remove complexity and reduce your attack surface by enforcing the principle of least privilege for users to service and segmenting services across the cloud. In this session you’ll learn how to empower users with simple, fast, secure connections to multi-cloud, containerized, on-prem, or legacy workloads – from anywhere.
3:00 PM ET
Securing the distributed workforce: How to establish trust in a zero trust world
Ryan Terry, Sr. Solutions Product Marketing Manager, Okta
It’s no longer news that we need to support and secure increasingly distributed organizations. As companies look for long-term solutions for their hybrid and fully remote workforces, one thing is clear – identity is the new perimeter for businesses today. An identify-first approach to security reduces today’s cybersecurity risks and provides the foundation for a zero trust security strategy. A modern identity solution can also help you tie the complexities of protecting people and assets together in a seamless way. Join this session to learn:
- How to enable and secure a hybrid workforce
- How identity can lay the foundation for any zero trust security initiative
- What zero trust projects your peers are thinking about now and into the next 12-18 months
3:40 PM ET
Zero trust: Getting least privilege right
Christopher Hills, Senior Security and Architecture Engineer, BeyondTrust
As the more traditional perimeter continues to blur, the more Zero Trust comes into focus. The seismic shift to remote working and shift to the cloud have also accelerated the demise of the traditional perimeter and is driving an increased focus on Zero Trust. NIST’s guidelines provide a clear playbook for organizations seeking guidance on how to adopt Zero Trust principles. This approach reduces the threat surface and also minimizes the threat windows during which attackers can inflict damage, helping to protect against everything from simple malware to advanced persistent threats.
Many organizations have begun to embrace Zero Trust frameworks and are building these into their security strategies. Understanding your barriers to Zero Trust will also help you forge the best path to optimally securing your environment, including upgrading from legacy applications and architectures to ones that support Zero Trust.
In the session we will explore:
- What Zero Trust is and how NIST defines it
- The goals of Zero Trust
- Roadblocks to Zero Trust
- How Privileged Access Management can help enables Zero Trust
WEDNESDAY, OCTOBER 13
11:00 AM ET
KEYNOTE | Hype or huge opportunity? An investor talks zero trust
Kathy Wang, CISO, Very Good Security
As companies all reemerge with a marketing message about how their offerings serve the needs of a zero trust model, it can sometimes be difficult to spot the real among the fakes. We’ll speak to Kathy Wang, CISO at Very Good Security, advisor to startups, and renowned expert on malware, about identifying innovation in the zero trust environment and what gaps have yet to be filled to make the concept a reality.
11:40 AM ET
Doing zero trust when you REALLY stop trusting anything
Ian Farquhar, Global Field CTO and Director – Security Architecture Team, Gigamon
The core tenet of zero trust is eponymous; nothing is trusted. The concept that nothing in the environment should be automatically granted trust is a core and guiding principle, yet many zero trust designs and documentation continue to excessively focus on traditional endpoint and EDR, monitored by logging delivered from those potentially compromised endpoints. This is not compliant with zero trust principles, places too much trust in network infrastructure, and sidelines endpoints which cannot run EDR, such as OT/IoT/ICS and even BYOD. In this session, we will review alternative approaches which do properly map to zero trust assumptions, as well as review case studies from NSA, DISA and USCYBERCOM where we have been involved in zero trust initiatives.
12:20 PM ET
Zero trust will fail if you keep making these common mistakes
Ali Naqvi, Senior Director of Solutions Architecture, Vulcan Cyber
The most disciplined zero trust initiative is only as strong as its weakest link. Unfortunately, the typical digital infrastructure is replete with weak links caused by infrastructure and application vulnerabilities and misconfigured cloud services. Garnet Research recently predicted that “through 2025, more than 99% of cloud breaches will have a root cause of customer misconfigurations or mistakes.”
Now that we know where to start with zero trust, we should be able to move quickly to address vulnerabilities and mistakes and mitigate risk. Right? Wrong. It’s never that easy. But if we understand where our weak links exist and if we effectively prioritize risk and mitigate self-induced vulnerabilities, we’ll have a shot at effective zero trust.
Do zero trust on a secure foundation to minimize your attack surface across new and distributed attack surfaces, and to improve visibility into the assets you’re tasked to protect. Attend this session to learn how to avoid the top mistakes that will compromise any zero trust initiative.
1:00 PM ET
The art and science of cloud security
Hank Schless, Senior Manager – Security Solutions, Lookout
Come learn about the beauty of the cloud while applying the right “science” to securing your multiple cloud services. We will discuss the journey to the cloud and how security tools all work together to build a unified cloud security strategy work of art.
1:40 PM ET
Zero trust for the cloud era
Paul Mezzera, Vice President of Strategy, Saviynt
What are some of the challenges that require a zero trust approach and how can modern enterprises best implement them? With the unprecedented changes currently being faced by IT and cybersecurity teams, it is imperative for companies to adopt an innovative security model that can account for a shifting workforce and cloud-based infrastructure. By adopting a zero trust identity that is integrated with identity governance and administration (IGA) and privileged access management (PAM), businesses can ensure improved productivity and efficiency while reducing their security risks.
2:20 PM ET
The future of cybersecurity and zero trust
Danny Jenkins, CEO & Co-founder, ThreatLocker
The zero trust framework is based on the principle of “never trust, always verify.” Join us to learn about zero trust, how to adopt it and the technologies you need to take control of your environment in the fight against ransomware.