GPSec Cyber Security Forum

GuidePoint Security Virtual Event

GPSec Security Forum - Northeast

Featured Speaker: Maria Gibson, Director of Research and Innovation, Exabeam

Relive all of the excitement and knowledge from the GPSec Security Forum in the Northeast hosted on February 17th, 2021. All sessions from this full day, virtual event have been recorded and are available for you to watch. Fill out the form to access the event on-demand.

By clicking 'Watch On Demand' you will be brought to our event site. To access the recordings of all sessions, please follow these steps:

- Copy the passcode (below)

- Passcode: GPSECNE2021

- Paste the one time passcode in the form field on the pop up window on the event site

- To access recordings, please click on Main Stage in the main menu and you will be presented with a drop down featuring all sessions

If you have difficulty, please email [email protected].

“We are problem solvers and work with our customers to tackle complex cybersecurity issues and challenges.”

— Michael Volk, Founder and Managing Partner, GuidePoint Security

Current Agenda

8:00 - 8:20 - Registration

8:20 - 8:30 - Event Kick Off & Welcome, Chris York, Northeast Regional Partner, GuidePoint Security

8:30 - 9:00 - Keynote Presentation, Nir Zuk, Founder, Palo Alto Networks

9:00 - 10:00 - CISO Panel Hosted by Gary Brickhouse, CISO, GuidePoint Security

10:00 - 10:30 - Vendor Fair

10:30 - 11:15 - Breakout Sessions 1

- Three Ways You Can Power Your Workforce with Zero Trust - Christopher Hines, Zscaler

How do I enable zero-trust network access for employees in a seamless and simple way? Your workforce looks different than it did a few years ago, as users are no longer confined to working in the office. But one thing that hasn’t changed is your employees’ expectation to receive quick, secure access to private applications at a moment’s notice. In the past, enabling an increasingly mobile and diverse workforce was a challenge. Now IT can take charge and power it all with a zero-trust network access (ZTNA) strategy. Join Chris Hines, Director Product & Solution Marketing at Zscaler in a discussion on how ZTNA can empower IT and make you a strategic enabler for the business in three major areas. Join the conversation to learn how you can: Give users a seamless access experience without VPN; Identify and minimize your attack surface; Drive business value; and stand out to your executives.

- Cyber Threat Analysis: Automation & Commoditization in the Underground Economy - Roman Sannikov, Recorded Future

Automation has become an essential part of nearly every industry. Nowhere is this more true than in cybersecurity, where the scale of available data makes the automation of data collection, processing, and correlation a requisite for keeping pace with the threat landscape. Unfortunately, the benefits of automation are also equally available to criminal enterprises. This session will cover the types of tools and services currently used by threat actors to automate various tasks, as well as a brief overview of notable recent developments, the top vendors of these tools on the criminal underground, and suggested mitigations for defenders to implement.

- Building the Foundation for a Scalable Vulnerability Management Program - Nathan Burke, Axonius

All but the smallest organizations have a common challenge when building an effective vulnerability management program: understanding how to prioritize what matters most. Join this session with Nathan Burke of Axonius to learn how organizations can create a strong foundation for a scalable vulnerability management program in size steps: - Knowing what assets you have - The first step in any program relies on our ability to understand all assets in the environment. (Show me everything) - Understanding security solution coverage - Once we know all the assets, we can look at what is and isn’t covered by tools like VA scanners. (Show me assets that may have vulnerabilities we don’t know about) - Prioritizing critical vulnerabilities - Once we have a grasp on all assets, we need to understand what critical vulnerabilities need to be addressed right away. (Show me what matters most) - Continuously monitoring - After addressing critical vulnerabilities, we need a process to identify vulnerabilities as they come up. (Show me changes as they arise) - Orchestrating action - With a solid process to identify, prioritize, and monitor for new vulnerabilities, we’ll want to understand what can be automated, and how to orchestrate action. (Show me how to automate) - Measuring progress - Understanding what metrics matter to quantify progress. (Show me how we’re maturing)

- Tabletop Exercise - Living Through an Incident - Mark Lance & Tony Cook, GuidePoint Security

Join us for an interactive pseudo tabletop-type discussion as we walk through the progression of multiple incidents and responses, including ransomware, supply chain, and 3rd party breaches. We will regale you with associated considerations, pain points, and recommendations based on multiple real world events.

11:15 - 12:00 - Breakout Sessions 2

- Reducing Insider Risk in the Workplace - Brian Reed, Proofpoint

According to Verizon, 30% of data breaches are insider driven. The cost of these insider breaches has risen by 31% in two years to $11.45 million. Whether negligent, malicious, or criminal, insider threats present a major financial and reputational risk to organizations. Insiders can be anyone from a trusted employee, to a third-party contractor, to a supply chain vendor. Yet, most organizations still rely on defending outside attacks to a “perimeter” that no longer exists – especially in our new work reality. Modern security programs complement traditional “outside-in” security solutions with a people-centric approach to insider threats. Only an approach that blends people, process and technology can successfully prevent data loss. Join Brian Reed, Product Evangelist at Proofpoint Insider Threat Management as he discusses the benefits of an insider threat management program to reduce insider risk in the workplace. In this webinar, you will learn: The new realities of how a distributed workforce and third-party workers access systems and data; The unique risks of insider threats and how to protect against data loss; How to take a people-centric approach to strengthen resilience and reduce insider risk.

- The Okta Story: From Both Sides of the Table - Gurinder Bhatti, Okta

Okta makes access simple and secure. We are a trusted partner to organizations around the world, and give our customers the confidence to reach their full potential, and we'll show you how. Join Gurinder Bhatti, a successful Okta customer-turned-employee, as he guides you through Okta's story from the customer and employee perspective. Our vision? Enable a world where everyone can safely use any technology. We promise to not only protect the identities of our customers’ workforce and users, but to ask, “what more can we make possible?

- How to Capitalize on Composition Analysis to Alleviate Your Open-Source Risks - Sean Casey, Checkmarx

When source code was developed solely in house, organizations were able to manage their risk more effectively. Now that open source components and 3rd-party libraries are being implanted into nearly every application, what does this mean for enterprise security standards, strategy, and processes? Can organizations successfully manage the increase in security, license, and organizational risk they now face? For example, packages no longer being maintained, legacy projects with vast amounts of dependencies, evolving open source exploitability, and new hacking techniques greatly expand the enterprise risk landscape. So, what’s the best approach enterprises can take to adequately manage their risk? In this session, attendees will hear actionable recommendations from Sean Casey, Engineering Manager and Subject Matter Expert, Checkmarx on how organizations can effectively implement an approach to: • Integrate and automate open source analysis. • Identify open source with confidence. • Minimize open source security and license risks. • Prioritize exploitable vulnerabilities. • Accelerate informed remediation.

- Autonomous SOC - Time vs Cost Reality - Bruce Hembree, Palo Alto Networks

Please Join Cortex's Field CTO as we discuss the Autonomous SOC, and look at the real world time and cost savings for organizations that are missing the most important ingredients to a successful security posture - people and budget. We will show metrics on cost and time savings and give insights on how Palo Alto is able to secure the environments that impact hundreds of millions of people around the world.

12:00 - 12:30 - Fireside Chat with Joseph Menn, Author, Reuters Projects Reporter & Bryan Orme, Principal & Partner, GuidePoint Security

12:00 - 1:00 - Lunch sponsored by Thales & Vendor Fair

1:00 - 2:00 - Tiger Cage featuring Abnormal Security, Cribl & Orca Security hosted by Carl Morris, GuidePoint Security; Panelists include Eric Brohm, Global VP & CISO, Wyndham Hotels, Chris Fahey, Directory Security Operations, Biogen, Neil Buckley, Information Security Manager, DeMoulas Super Markets and Tim Rohrbaugh, CISO, JetBlue Airways

2:00 - 2:45 - Breakout Sessions 3

- AppSec in the Real World - David Lindner, Contrast Security

Join this breakout discussion led by David Lindner, CISO at Contrast Security and Guidepoint Security to get a true picture of starting, implementing, and growing an application security program in today's fast-paced environments. We'll talk through best practices, triumphs, pitfalls, and lessons learned from the real-world application security practices and programs

- Mitigate Organizational Risk with Integrated Cyber Resilience - Thom Bailey, Mimecast

Threats have changed over the years and so have the targets. It’s not just your perimeter that is at risk, it’s your customers, your supply chain, your employees, and your business reputation that could be easily tarnished with just one breach. In this session, we’ll discuss how and why you should consider an integrated approach to IT security. One solution will not solve all the threats, a layered approach is better but deep integration with the sharing of threat data at speed is a modern necessity. • Learn the benefits of a consolidated cyber resilience platform to layer your security, enhance visibility, and more effectively reduce time to respond/remediate (MTTR) • Leverage an open API platform that uses shared Threat Intelligence to integrate with prevention, detection, and response technologies • Identify phishing emails with Machine Learning - and use real-life de-weaponized phishing attacks to both train and educate end-users • Understand and manage business risk with a Risk Score comprised of aggregated data to gauge the organization’s security posture.

- The Evolution of Vulnerability Management - Nathan Wenzler, Tenable

A proactive, risk-driven VM approach delivers comprehensive, continuous visibility and informs technical and business decisions. Join Tenable’s Nathan Wenzler and Guidepoint’s Chris Peltz (a respected Tenable Guardian) as they discuss real world VM challenges and how to manage and measure your cyber risk.

- Tabletop Exercise - Things to Do Before You Buy SOAR - Patrick Keenan, GuidePoint Security

SOC analysts struggle to keep up with the constant stream of security alerts generated from SIEM, IDS, AV/EDR, etc. In an effort to address alert fatigue, organizations have turned to Security Orchestration Automation & Response (SOAR) to automate many of the common tasks associated with alert triage and investigation. SOAR has great potential to solve many SOC problems but will not be successful without proper planning and collaboration. This talk will detail some of the things you can do before you implement SOAR to ensure that your team is able to maximize its benefits.

2:45 - 3:30 - Breakout Sessions 4

- The New Approach to Alerting - Joseph O'Donnell, Splunk

This session will illuminate how you can actually accomplish more by doing less. What a concept eh? So, as you likely know from experience, the sheer volume of alerts that SOCs must triage, investigate, and remediate each day is staggering. If this is your experience, you’re certainly not alone: A recent survey revealed that 41% of organizations experience more than 10,000 alerts per day. That figure is astounding, and the problems it creates are compounded by the fact that a significant number of those alerts are false positives. Another recent survey showed that more than 40% of organizations surveyed said that more than half of their security alerts are false positives. This reality in which SOCs experience an overwhelming volume of alerts--many of which are false positives--has concrete, negative effects on SOCs. First, many alerts go uninvestigated--there are simply not enough hours in the day for your analysts to review all of the alerts they receive, so they focus on a small subset, maybe the ones deemed ‘critical’ or ‘high’. This leaves open the possibility that one of the many abandoned alerts actually reflects a real compromise in your environment that will go overlooked. In addition, real threats are buried within so many false positives and often require manual stitching together of lots of low fidelity information, your mean time to detect and respond to threats is very slow. And lastly, your SOC analysts bear the brunt of this alert volume and false-positive problem. They are the ones who receive an insurmountable queue of alerts to look into every day. They are the ones that spend hours and hours working through false positives; not remediating real threats. This results in talented analysts burning out because they don’t feel like they’re actually doing security--they feel like they’re just tuning tools and searches to make their own jobs incrementally more efficient.

- Building a Strong Foundation: Identity at the Core of Zero-Trust - Paul Trulove, Sailpoint

The disruption caused by COVID-19, along with the continued digital transformation in the enterprise, is raising the visibility of identity and access management to new levels. In fact, today’s digital business is wholly dependent on identity to make sure the right people and things have the right access at the right time. In this session, Paul Trulove, Chief Identity Officer at SailPoint, will discuss how identity is quickly becoming the new foundation for a zero-trust strategy. As the amount of access continues to increase exponentially, so does the challenge with governing it. Learn how putting identity first can result in a stronger, more secure zero-trust rollout in your enterprise.

- Security Ratings: What do they mean & do they matter? - Alexander Heid, SecurityScorecard

Discover the ways in which security ratings are becoming a must-have rather than a nice-to-have for all organizations around the world. SecurityScorecard's Chief Research & Development Officer, Alexander Heid will explore key use cases including cyber insurance, procurement, compliance mapping and reputational management.

- Frictionless Zero Trust - Ajit Sancheti, CrowdStrike

To achieve Zero Trust typically requires building a stack of solutions, integrating them, and increasing security spend. This talk will provide a framework and specific steps that show how to leverage identity centric security for Frictionless Zero Trust for IT, Security, and end-users resulting in reduced risk, reduced cost, and a better user experience. We will show new technology that can help enterprises meet the unique needs around compliance and user experience, without compromising security.

3:30 - 4:00 - Coffee Break & Roasting Demonstration with Atomic Coffee Roasting sponsored by BitSight

3:30 - 4:30 - Vendor Fair

4:30 - 5:30 - Virtual Cocktail Hour & Distilling Demonstration with Philadelphia Distilling sponsored by Sumo Logic & Armis

Join Exabeam, Carahsoft, and GuidePoint Security for a complimentary webinar and learn about:

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.
Ultrices gravida dictum fusce ut placerat orci nulla pellentesque dignissim. Pulvinar elementum integer enim neque volutpat ac tincidunt vitae.
Nec feugiat in fermentum posuere urna. Est lorem ipsum dolor sit amet consectetur adipiscing. Penatibus et magnis dis parturient.

Security Event
Featured Webinar
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. A lacus vestibulum sed arcu non odio.

Insert text or images here. Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed amet, consectetur adipiscing elit, sed

Featured Guest Speakers

Nir Zuk, Founder & CTO, Palo Alto Networks

Nir Zuk brings a wealth of network security expertise and industry experience to Palo Alto Networks. Prior to co-founding Palo Alto Networks, Nir was CTO at NetScreen Technologies, which was acquired by Juniper Networks in 2004. Prior to NetScreen, Nir was co-founder and CTO at OneSecure, a pioneer in intrusion prevention and detection appliances. Nir was also a principal engineer at Check Point Software Technologies, and was one of the developers of stateful inspection technology.

Joseph Menn, Author & Tech Projects Reporter, Reuters

A security journalist for more than two decades, Joseph Menn is the author of the bestseller "Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World," first published in 2019. It revealed that then-presidential candidate Beto O'Rourke had belonged to the oldest surviving and most influential group of U.S. hackers and explained the origins of hacktivism and ethical security work. The New York Times Book Review called it "a hugely important piece of the puzzle for anyone who wants to understand the forces shaping the internet age.” It was named one of the 10 best nonfiction works of the year by Hudson Booksellers, one of the five cybersecurity books everyone should read by the Wall Street Journal, and inducted into the Cybersecurity Canon project’s Hall of Fame.

Menn is an investigative technology reporter for Reuters, having previously worked at the Financial Times and the Los Angeles Times, where he began writing about cybersecurity in 1999. Menn also wrote the 2010 bestseller "Fatal System Error: The Hunt for the New Crime Lords Who Are Bringing Down the Internet," a real-life thriller that brought the modern face of cybercrime to a mainstream audience. Fatal System Error revealed collaboration between major governments and organized crime, and was placed on the official reading list of the US Strategic Command, while the New Yorker magazine compared it to the novels of Stieg Larsson. Before that, he wrote the definitive inside account “All the Rave: The Rise and Fall of Shawn Fanning’s Napster,” named one of the best three books of the year by Investigative Reporters & Editors Inc.

Menn speaks regularly at security conferences including Def Con, Black Hat and RSA and tweets as @josephmenn.

Maria Gibson, Director of Research and Innovation, Exabeam

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. A lacus vestibulum sed arcu non odio. Platea dictumst quisque sagittis purus sit amet volutpat consequat. Ultrices neque ornare aenean euismod elementum. Interdum velit laoreet id donec ultrices. Excepteur sint occaecat cupidatat non proident.

Maria Gibson, Director of Research and Innovation, Exabeam

Thank you to our Keynote Partner!

Thank you to our Breakout Session Partners!