Speakers:  Admiral Michael Rogers (US Navy, Ret.), former Director of the NSA and General David H. Petraeus (US Army, Ret.), former Director of the CIA

Moderator: Dave DeWalt (Founder & CEO, NightDragon Security; Founder & Chairman, Momentum Cyber; Managing Director, Allegis Cyber). 

The COVID-19 pandemic will have a dramatic and lasting impact within societies, between nation states, and across the global economy. In the realm of cybersecurity, it is likely to change the threat landscape, tactics and risk considerations of nation state actors, and the underlying economics driving the industry. Join us to hear a unique duo of leaders at the highest level of security and government discuss the current state and future challenges for cybersecurity in a post-pandemic world.

Passwords are nothing new, but they are something that many organizations and individuals are still getting wrong. This is in part due to weak policies and human password selection, but is also due to the explosion of new techniques leveraged by hackers to recover passwords. Analysis shows that the leading causes of organizational perimeter compromises are weak passwords along with failure to implement comprehensive multi-factor authentication. In this talk we will cover the modern and innovative technology that hackers are using to crack passwords, the policies observed through real world penetration testing results collected and the human element when users select their passwords. We will demonstrate record-breaking password cracking research and the demise of 9 character passwords.

Speaker Bio: Joshua Platz, Principal Consultant, Advisory Services - Threat

MITRE ATT&CK for Enterprise is a great framework and has been widely adopted by the security industry over the past few years. This can be seen on both the vendor side and on the client-side. Many organizations are aligning to ATT&CK and some enterprises would like to, but just don’t know where to start. This presentation is designed to help the average security team prioritize efforts based on alert information they are already receiving from Defender ATP.  We will demonstrate how to import the alerts into an Azure workspace and create workbooks. 

Speaker Bio: Dan Kiraly, Sr. Research Scientist

Dan Kiraly has been with Optiv for over seven years. Currently he serves as a Sr Research Scientist in Optiv’s R&D group. The R&D team provides objective analysis of cyber security products enabling our clients to make informed decisions for technology selection.

The traditional workspace is a thing of the past. The adoption of mobile and cloud technologies has enabled employees to work from anywhere, anytime, as long as there's an internet connection. People – and their identities – are now the single control point across users, devices, and networks. This session will outline how organizations can use identity as the foundation of a Zero Trust strategy to ensure only the right people have access to critical resources.

Speaker Bio: Brock Dooling, Associate Partner Alliances Engineer, Okta

Brock is a technical lead that supports the national growth and scale of Okta’s strategic partners that recommend, deploy and manage Okta as a Service. He is also responsible for managing all technical partner activities across specific Okta’s partners and works closely with the Okta Channel Managers to develop a comprehensive technical business plan for the partnerships, including identifying, incubating, and bringing to market service/solution offerings based on Okta. Additionally, Brock is responsible for enabling partners on Okta and supporting the growth of certified resources worldwide.  Content creation and pushing information to the partners in the field for mass consumption is a key priority in his role. Brock has 10 years of technical experience ranging from networking to advisory pen testing and has been a part of many large deployments in this space.  Prior to Okta, Brock worked at Optiv for 4 years supporting the sales team as professional services solutions architect where he also supported Okta among other access management vendors

To best defend against attacks, organizations need to understand how attackers operate. Optiv’s Attack & Penetration team solely focuses on assessing the security of our clients across different industries by using the same techniques of real hackers. This talk will focus on what techniques, tools and processes Optiv has used in these assessments. We’ll also include common issues we’ve come across during these assessments, to help clients better understand the tactics and methodologies that are actually being used by hackers, insider threats and nation states, and how to best defend against them.  

Speaker Bio: Hao Nguyen, Practice Director, Threat Management and Matthew Eidelberg, Principal Consultant, Attack & Pen

Hao Nguyen is currently a Director in Optiv’s Threat Management practice. Hao’s role is to provide post-sales support and consulting to Optiv’s clients, as well as provide support and mentoring to other Optiv team members.

Speaker Bio: Todd Weber, Chief Technology Officer and Woodrow Brown, Director, R&D, Optiv

Todd Weber is currently the Chief Technology Officer for Optiv Security. Todd joined Accuvant in 2005 and held the positions of Senior Security Consultant, Sales Engineer, Solutions Director, Vice President of Managed Security Services and Vice President of Partner Research and Strategy. Todd has worked with some of the largest companies in the world developing and deploying Information Security strategies and architectures. The Office of the CTO spearheads Optiv’s efforts on technology and integration testing security technology solutions to help clients make better informed decisions in selecting the correct technology suite. Todd works with Technology manufacturers, Clients, Venture Capital, Private Equity firms and leading research institutions to help develop Optiv’s overall strategy with Technology Partners and on incubating new and innovative Cyber Security solutions. Prior to Optiv, Mr. Weber held core networking and security positions with ACS and Halliburton. Mr. Weber has over 20 years in the IT Engineering, Cyber Security and Operations Experience and has over 15 years of experience in the IT Security field.  Mr. Weber holds a B. S. from Virginia Tech. 

Woodrow Brown has over a decade of leadership, service delivery and research experience. As director of partner research and strategy at Optiv, Brown's team provides objective analysis of cybersecurity products, enabling our clients to make informed decisions for technology selection. Cutting through industry spin, Brown delivers research that provides an accessible understanding of how security technologies function.

Gartner predicts over 25 billion Internet of Things (IoT), or connected devices, by 2021.  While IoT opens the door for innovative new approaches and services, it also presents new cybersecurity risks. From our analysis of 1.2 million IoT devices over the past two years, Palo Alto Networks discovered many vulnerabilities including 98% of IoT traffic is unencrypted, 83% of medical imaging systems are using out of support OS.  IoT security in critical infrastructure not only means data security, but also impacts operation and safety. In this talk, we will cover the current state of IoT security, top IoT threats, why IoT security should be at the top of mind for all enterprises, and best practices that you can adopt to secure your IoT devices leveraging AI and Cloud. 

Speaker Bio: Dr. May Wang, Co-founder, Chief Technology Officer (CTO), and board member of Zingbox, Palo Alto Networks