Search MassTLC
Sign In


Forgot your password?

Create Your Free Profile

MassTLC Calendar

10/6/2016
Career Fair

10/12/2016
Membership Overview Call

GET EMAIL UPDATES

Get email updates on upcoming events and
new content!

Email:

CONNECT WITH MASSTLC

 
 



Comprehensive Security - A 360 Degree View of your Security Program
Tell a Friend About This EventTell a Friend
 

8/31/2016
When: August 31, 2016
12:00PM - 5:30PM
Where: Microsoft NERD
1 Memorial Drive
1st Floor
Cambridge, Massachusetts  02142
United States
Contact: Sara Fraim
(781) 993-9000 ext 208

« Go to Upcoming Event List  

 

The average CISO could have up to 30 or 40 security vendors that they work with at one time to help secure any number of potential pathways in. And yet, even with that, it will not fully prevent you from being breached. Why? Because the bad guys are smart and motivated. 

So what can you do? Get prepared, understand what you need to do, and practice. 

Join us for a day of preparation and readiness as we walk through a simulated breach providing best practices at every escalation point throughout. Following the simulation we will take a deeper dive as our leaders talk about security from the inside looking out and the outside looking in. 

What you will take away:

  • The cost of a breach on your bottom line
  • What steps to take at each level of escalation and who needs to be involved
  • How you balance your legal obligations with your overall marketing and brand efforts
  • What you need to know about securing 3rd parties in a connected world

 

Please check back regularly as we continue to add and update sessions.

 



Keynote
Dave Mahon, VP & Chief Security Officer, CenturyLink


Agenda at a Glance

12:00 pm - 12:30pm   Registration & Networking

12:30 pm - 1:15 pm    Welcome & Keynote Address

 1:15 pm - 1: 25 pm    Break

 1:25 pm - 3:00 pm     Simulated Breach

 3:00 pm - 3:15 pm     Break

 3:15 pm - 4:15 pm     Breakouts
                                      - Harnessing the 3rd Party Ecosystem - how do you secure what you don’t control?
                                      - Building Your Incident Response Plan
                                     
 4:20 pm - 5:20 pm        
User Entity Behavior Analytics - understanding your insider threats
                                      - 
Security Operations Analytics and Reporting - the next generation of metrics
                                      Application Security - How do you secure what you don’t control?
                                     

             5:30pm - 8:00pm       Networking & Career Fair

 

Session Descriptions

Simulated Breach
Speakers:
Debby Briggs, Chief Security Officer, NetScout
Sam Curry, ​Chief Technology and Security Officer, Arbor Networks
Chris Hart, Associate, Foley Hoag
Special Agents from the FBI Boston

In this unique session, we will walk through a mock incident and discuss legal and technical challenges when responding to a cyber security incident at multiple escalation points. Discussion will include important topics such as:

     - Incident response plans
     - Legal disclosures
     - Communications 
     - Cyber insurance
     - Working with law enforcement

 

Harnessing the 3rd Party Ecosystem - How do you secure what you don’t control?
Facilitator: 
Edna Conway, Chief Security Officer, Global Value Chain, Cisco
Speakers:
Stephen Boyer, CTO and Co-Founder, Bitsight
Jigar Kadakia, Chief Information Security and Privacy Officer, Partners Healthcare
Dr. Todd Wittbold, Senior Principal Security Engineer, MITRE

The migration towards a more connected world has created a greater opportunity to build partner ecosystems. While a huge benefit to companies, protecting against third party risk can seem like a colossal feat. However with the right steps taken and mechanisms in place, creating a comprehensive end-to-end third party risk management process is attainable and critical.
 

Panel members will walk through their processes, including:
    - Identifying your assets and their worth
    - Developing consistency and compliance within regulated industries
    - Current industry models
    - Best practices for monitoring vendors and measuring and reporting risks

Building your incident response plan
Speakers:
Gant Redmon, VP Business Development and General Counsel, Resilient and IBM Company
Paul Sheedy, Asst Vice President, Enterprise Network Security Services Operations, Federal Reserve Boston

It is almost a surety that if your organization has a digital footprint, it will be under attack at some point. Having a comprehensive plan in place will enable you to mitigate risk and costs when an almost inevitable breach does occur.

Our panel members will walk through:
    - What to include in your IRP
    - How often your IRP should be reviewed and updated
    - How your IRP is most effectively be executed

User and entity behavior analytics - understanding your insider threats
Facilitator:
Karl Ackerman, Principal Product Manager, Sophos
Speakers:
David Raissipour, SVP of Product & Engineering, Carbonite
Chris Poulin, Research Strategist, X-Force, IBM

Most organizations not emphasizing a security program as core to their operations focus primarily on external threats. However, by not focusing on the insider threats they are opening themselves up for a huge potential breach. Insiders can include a rogue employee, contractor, or hacker disguising themselves as a valid user. Our experts will help you understand how using and measuring user behaviors can deter insider threats.

Security Operations Analytics and Reporting - the next generation of metrics
Facilitator:
Paul Roberts, Founder and Editor-in-Chief, The Security Ledger and Security of Things Forum
Speakers:
Harold Moss, Sr. Director Web Security/Enterprise Strategy, Akamai
Kevin O'Brien, CEO and Co-founder, Greathorn

With a recognized shortage in skilled security staff, coupled with an explosion in telemetry data, the infosec role is increasingly finding that they are being tasked to combine operational data collection with automation, autonomics, and analysis capabilities. Organizations sophisticated enough have begun to think more like a data scientist and apply machine learning to the massive amount of data that security tools collect, enabling a more efficient and effective response to potential threats.

Application Security - moving beyond the current framework
Facilitator:
Josh Bregman, Vice President, Conjur 
Speakers:

Marc French, CISO, Endurance
William Heinbockel, Lead Cyber Security Engineer, MITRE
Michael Tobin, VP, Technology Services and CISO, Mobiquity

As security experts get more advanced in the products and processes they use to deter application infiltrations, so do those that are infiltrating. How do security teams work to stay ahead when new applications are being developed and adopted at such a rapid pace. How does your team keep up? What tools do they need to have in place and how do they continue to monitor the constant deluge of apps being used within your organization.


 

Platinum Sponsor



Gold Sponsor

Image result for bitsight logo   

 

 

 

                                                                                                             THANK YOU TO OUR GLOBAL SPONSORS                                                       

 
   
 
    


 



   
           



           

             





  
           


  

 

 

                                 




           

 

                    




                 

                      


        






 
 

About
Board of Directors
Team
In the News
Careers
Contact Us
Membership
Member Directory
Tech Company
IT Department
Affiliate
Join Now
Renew Now
Events
Annual Meeting
Boston TechJam
Innovation unConference
Leadership Awards
MassTLC Events
Community Events
Communities
Big Data
Cloud
CXO Series
Internet of Things
Healthcare & Life Sciences
Mobile
Robotics
Sales & Marketing
Security
Software Dev
Workforce Dev
Ed Foundation
Internships
K-12 Initiatives

Resources
Affiliate Directory
Blog

Content Library
Job Board
MassTLC TV
More Opportunities
Policy
Sponsor
Get Involved