Got DA?

Penetration Tests and/or Red Team Engagements are usually aimed at getting the highest level of privileges in an organization’s Active Directory domain aka Domain Admin. However, what most teams miss or simply ignore is the fact that there are things that can be done even when you have obtained Domain Admin privilege. This talk’s primary […]

Read more

Catching and Cleaning Phish (for O365)

Attackers keep getting cleverer with their phishing attacks and if you’re a high value target or a large enterprise you’re probably also getting many targeted attempts every day. This session will cover the best practices for O365 for detecting, removing and investigating phishing attempts against an O365 tenant.

Read more

Enabling Zero Trust with Artificial Intelligence

The Zero Trust security model assumes a hostile network with relentless external and internal threats. Authenticating and authorizing every device, user and network flow requires real-time algorithmic processing of telemetry from as many sources of data as possible. Applying mature machine learning data science to the Zero Trust problem provides a wholistic solution to multiple […]

Read more

Risk Transformation: Plan-Build-Run in a World Without Time

Life is rough for a security leader! The security product landscape is increasingly complicated but seems to always lag behind malicious actor capabilities. Organizations need proven security programs that demonstrate visible ROI, but once-vaunted security concepts have been sacrificed upon the altars of speed and mobility. Organizational leadership-level involvement has never been greater, offering access […]

Read more

Revitalizing the Scotiabank SOC with Big Data Security Analytics and Automation

Behavioral analytics helps IT professionals predict and understand consumer trends, but it can also assist CISOs in understanding potential threats—and unearthing them before they wreak major havoc. Additionally, automation helps to respond rapidly, thus reducing your mean time to resolve (MTTR) and improve SOC efficiency. Join this session to discuss: Using behavior analytics as a […]

Read more

Identity – the Foundation of your Zero Trust Architecture

The evolution to a mobile and cloud-first approach to IT has made the old perimeter-centric view of security obsolete. We are opening our systems, information, and businesses to access from anywhere at any time. In this new reality we need to securely enable, manage, and govern access for all users, from employees to partners, customers, […]

Read more

Beyond the Ones and Zeros: Aligning Effective Infosec and People Leadership Principles

It was the best of times, it was the worst of times… that pretty much sums up infosec today. We can’t figure out how to align to our businesses effectively, we love our silos, and constantly hire the wrong people. This presentation will address common issues in information security and people leadership areas, giving you […]

Read more

The Race Against the Adversary: How to Win in the Era of the 18 Minute Breach

This exclusive session delves into the details of some of CrowdStrike’s most eye opening breach investigations of the past year and highlights the need for speed in modern security operations centers. See new research on “breakout time” and learn how you can use the 1-10-60 Rule to benchmark your organization and see if you have […]

Read more

AI, Intelligently. A Current Look into AI in Cyber Security.

Algorithms are being used to choose who lives and who dies. Computers are being programmed to make ethical decisions that impact every facet of our lives. Based on the ethics of cyber-criminals, Check Point has made another gigantic leap forward by teaching our gateways to use algorithms to detect the DNA of Malware in an […]

Read more

Data Governance for Risk Reduction and Value Creation

In this session, we will explore how organizations can adopt a single data governance framework to discover and protect sensitive data while mitigating cyber risks, reducing storage costs and addressing increasing privacy regulations.

Read more

Your Tools are Protecting the Network but What is Protecting the Tools?

With the increased focus on cybersecurity over the past several years, organizations are proactively adopting security practices and deploying security solutions to harden their networks. This is in the hopes of not being the next victim of a security breach. The emphasis on securing the network perimeter has driven organizations to deploy multiple inline security […]

Read more

Expand your cybersecurity program with complete visibility!

As enterprises face pressure amid growing internal and external compliance requirements, these organizations are looking for ways to expand visibility throughout their environments. Mark Holub offers insights on how companies can gain visibility throughout their environments to improve asset management, software inventory, vulnerability assessment, configuration compliance and more. Using real-world examples and forward-looking principles, Mark […]

Read more

Modern MDR and Machine-Accelerated Human Response

The cybersecurity market is teeming with new tools and technologies, each promising to detect and respond to threats better than the rest. But if your business is like most, you’re probably struggling with a shortage of security-focused manpower and expertise to manage those tools with skill, speed, and precision. The reality is that effective security […]

Read more

Phishing Defense: The Art of Human Intuitive Repulsion

As human beings we often sense when things aren’t quite right. The same is true as it applies to cybersecurity. This session examines why human intuition is a key part of any organization’s phishing defense. Learn about the types of phishing attacks seen in the wild, how attackers evolve their tactics to avoid perimeter controls, […]

Read more

Chaos, order and the road forward – perspectives on evolving cybersecurity

Never before has the creation and preservation of value depended so much on effective cyber security, nor has the means to “getting security right” been so complex. Many aspects of traditional security management are urgently being reconsidered as security teams seek to stay aligned with the characteristics of the modern enterprise and ahead of the […]

Read more

The Value of Threat Intelligence

This presentation is a non-technical look at the benefits of threat intelligence and the challenges that organizations face when attempting to utilize and operationalize threat intelligence within their infrastructure. Existing resources (human and infrastructure), security tools, the difference between threat data sources and cybersecurity program maturity are just a few of the areas we will […]

Read more

Key elements to prioritizing security vulnerabilities and risks

Join Scalar, a CDW Company for a discussion on the key elements to prioritizing your security vulnerabilities and risks. Taking a holistic approach to risk management, we will help you understand how to follow best practices and manage your risk effectively and efficiently. Darren and Benjamin will go through some of the key elements that […]

Read more

Code Signing: What You Don’t Secure Can Hurt You

When you sign a piece of code, you make a statement that it comes from your trusted brand and that you stand behind it. But what happens when that trust is broken? Recent attacks underscore the importance of managing reputational risk. As attackers become increasingly skilled in the art of signing and spreading malware, technologists […]

Read more

ARUBA + ZSCALER = Better Together Network Transformation

Risk is a balance between security and usability, when security is too restrictive users naturally find ways around it. As organizations seek to improve the user experience and while maintaining the required level of security, questions of risk arise. How do we deploy Cloud solutions with direct to Internet connectivity and still maintain visibility over […]

Read more

Threats and Trends of 2019

Amidst the ever-evolving threat landscape, 2018 was a particularly nasty year that saw an increased threat of cryptojacking to the ever-expanding reach of emotet and all of its variants. In 2019 these threats – and others – have expanded their reach and shifted away from SMBs towards enterprise businesses. Join me for a dive into […]

Read more

Embracing a Risk Adaptive Approach to Data Protection

It is no surprise that many organizations are undergoing a digital transformation in response to a rapidly evolving security landscape. The migration to cloud, the rise in a mobile workforce, rapid proliferation of data and increasing need to collaborate across cloud applications present an added layer of complexity for organizations building out a security strategy. […]

Read more

Advanced security automation made simple

Security is often misunderstood and addressed in the last stages of a build. Operationally, it’s ignored until there is an emergency. In this talk, we review a few advanced security processes and discuss how to easily automate them using common tools in the Cloud. This approach will help you and your team increase the security […]

Read more

Tony Stark and Cybersecurity

With 23 MCU movies, I have learned some valuable lessons surrounding cybersecurity. Why didn’t Jarvis run on a segmented network (Avengers: Age of Ultron)? Why didn’t Edith have 2-FactorAuthentication (Spider-Man: Far from Home)? Let’s explore how, if Shield had implemented cybersecurity frameworks such as Mitre ATT@CK, they could have saved New York with much less […]

Read more

Introduction to Advanced Persistent Threats

This presentation is a non-technical, introductory-level presentation of current APT threats (from a North American perspective). The focus of this presentation will be the geo-political environment that motivates APT activity from one nation-state to another. We will cover a selection of nation-state activities, focusing on the most prevalent and prolific. We will additionally cover a small selection of […]

Read more

Behavior Analytics and Model Driven Security

Imagine using a risk score to determine whether to grant a user access to an application, a system, a device. Wouldn’t it be a huge time-saver if you could auto-approve low risk access requests instead of manually granting such requests? On the flip side, wouldn’t it be great to automatically ensure that privileged access requests […]

Read more

The Human Firewall is on Fire – What Do You Do When the Smoke Clears?

Many enterprises are focused on prevention and are too busy with day-to-day firefights to look beyond the flames and think about how to recover. Beyond preventing attacks, organizations need to focus on detection and response. It’s no longer a matter of if you’re going to be attacked, but when. Join this session to: Learn the […]

Read more

Reinventing PC & Printer Security

It’s no longer a matter of “if”, but “when”. As the world becomes more mobile and connected, cyberattacks continue to rapidly grow in frequency and sophistication, placing your company’s data and personal information at risk. Are you protected? While organizations are aware of the growing threat, most are overly focused on security software and data […]

Read more

Cybersecurity Evolution/Cost Reduction Paradox

The shift from legacy data collection and storage models to cloud has resulted in new paradigms in data management. Add to this more sophisticated and motivated adversaries, along with innovation in the manner in which they attack, and it yields a perfect storm of a complex attack surface, combined with multi-phased and multi-vector attacks. Today’s […]

Read more

Minority Report: A Predictive “Pre-crime” Approach Requires a Human Focus

In Philip K. Dick’s 1956 “The Minority Report,” murder ceased to occur due to the work of the “Pre-Crime Division,” which anticipated and prevented violent killings before they happened. Today, we are only beginning to see the impact of predictive analytics upon cybersecurity—especially for insider threat detection and prevention. Based on user interaction with data, […]

Read more

Achieving Secure Digital Transformation: Turning the Dream into Reality

As we’ve talked with more and more of our clients about their digital transformations, it has become clear that security is a key facilitator for successful transformation. For example, if an organization churns out a series of new cloud-hosted mobile applications that permit users to more effectively interact with the company, the initiative can backfire […]

Read more

Orchestrate. Automate. Accelerate.

As today’s digitally connected ecosystem continues to evolve, adapt and innovate, there has been a consistent, underlying theme across the landscape – teams are struggling to balance their increasing workloads with the limited resources at their disposal. As a result, it is becoming more difficult for Security, IT and DevOps teams to accomplish their goals, […]

Read more

Standing Up to Cryptojacking – Best Practices for Fighting Back

Cryptojacking has recently erupted onto the cybercrime scene, thanks to the surge in value in 2017 of cryptocurrencies such as Bitcoin, Monero, and Ethereum. Crooks are aggressively targeting laptops, desktops, servers, and even mobile devices. From a single device to entire networks, they infect as many devices as they can to mine for cryptocurrency on, […]

Read more

Internet of Things: Is Winter Coming?

The concept of the Internet of Things (IoT) truly represents a radical shift in how companies will operate, governments will govern, and individuals will live their lives. Microcomputetechnologies and autonomous systems will permeate our day-to-day activities. They will introduce opportunities for simplification, optimization and accuracy, and they will threaten to distribute cyber threats into the deepest […]

Read more

Streamlining Compliance Programs for Operational Security

Enterprises today face pressure to improve security posture while also satisfying growing compliance requirements. These organizations are looking for ways to both unify their controls to measure and achieve multiple compliance requirements, and ways to assess them on a continuous basis for effective reporting and risk-based decisions. Mark will offer insights on how companies can focus their efforts, […]

Read more

The Real Deal About AI

Artificial Intelligence(AI) is impacting our world in previously unimaginable ways. But how does it really work? If you are looking for the real deal about this industry buzzword, this is the talk for you. We will cover the history of this incredibly innovative technology, what it is and what it is not, the steps required […]

Read more

Security Powered by Big Data

As the extraction of value from data becomes more critical to a company’s success, organizations are trying to stay ahead of the data deluge. Unfortunately, data technologies often have security bolted on, not baked into the DNA, leaving far too many doors open to compromise. This session will cover the challenges of big data and […]

Read more

Developing and Implementing an Effective Endpoint Security Strategy

Endpoint security is one of the most important aspects of a defence in depth strategy. It is critical to businesses because code execution on servers and workstations is one of the key ways to obtain an initial foothold within a corporate environment. The ability to prevent, detect, and respond to incidents within your environment in […]

Read more

Encryption is More than a Button

There is no one Golden Rule when it comes to email encryption. Every enterprise is unique. It’s vital to ensure email encryption is tailored for and tightly integrated to your Cybersecurity strategy. Join Echoworx VP of Operations, Alex Loo, to understand: Key components of an email encryption strategy. Benefits of leveraging encryption in the cloud. […]

Read more

Breach Readiness, Mandatory Reporting and You!

For a long time now, it has been widely known that a proactive cybersecurity plan is not good enough, you must have a reactive plan as well. It is not good enough to simply mitigate a cyber breach, you need to be ready to react to one as well. However, in the very near future […]

Read more

Case Studies in Defending Your Digital Enterprise

As more and more organizations undertake digital transformation they become increasingly dependent on their online presence. This exposes their business to cyber-attacks that target the growing number of vulnerabilities in web services software stacks, which require the organizations to evolve their current cyber defense approach and stretch their resources. Navigating digital transformation securely can feel […]

Read more

On the Eve of Quantum Computing: The Definitive Need for Crypto Agility

On the eve of quantum computing, the definitive need for crypto-agility is greater than ever. The ability to locate, manage, and securely update digital certificates on a network or on a device seems like a simple task, yet with the advent of new Enterprise use cases and flourishing IoT device introductions, management at massive scale […]

Read more

From Profit to Destruction: Analyzing Today’s Threat Landscape

The security threat landscape is constantly in flux as attackers evolve their skills and tactics. Cisco’s Talos team specializes in early-warning intelligence and threat analysis necessary to help secure networks in today’s volatile threat landscape. In this talk, Earl will analyze how the threat landscape has evolved over the last year or so by looking […]

Read more

Everything or Nothing: Active Defense in the Corporate World?

How can a good offense be a great defense? The concept of Hack-Back is extremely controversial and at first glance seems unsuited to the corporate world. However, in this session we will look at strategies and technologies you can use to actively defend your organization. Learn how create an active defense by using the attacker’s […]

Read more

Crowd Sourced Security – Applying the Wisdom of the Crowd to Cyber Defences

Taking advantage of user provided intelligence improves your organization’s ability to recognize, report and respond to active phishing threats and keeps you ‘Left of Breach’ on the cyber kill chain. Through development of anti-phishing program best practices, the use of active threat intelligence and trend analysis, this presentation will show you how to improve your […]

Read more

The Future of Privacy

CIPPIC, the Samuelson-Glushko Canadian Internet Policy & Public Interest Clinic, is Canada’s only public interest technology law clinic. CIPPIC is unique in Canada, bringing together a team of expert legal professionals and students to advocate for the public interest in policy debates arising from the intersection of law and technology. Defense of privacy rights and […]

Read more

Threat hunting demystified – Strengthening risk management through proactive investigation and response

Despite billions spent on security technology each year, it seems little progress has been made to reclaim the advantage from attackers.  Modest reconnaissance by a malicious actor often results in a better understanding of an environment than the defenders who own and operate it.  At the heart of the problem lies one simple truth: know […]

Read more

Privileged Access Security for Hybrid Cloud: Secure Amazon, Azure and Google Environments

Organizations are increasingly moving workloads to hosted Infrastructure-as-a-Service (IaaS) environments. In many cases, they are extending their data centers across one or more IaaS providers, creating hybrid cloud environments. This session will explore best practices for extending data centers to hosted environments, and review how to secure privileged access to hosted infrastructure and virtual machines […]

Read more

How to Ramp Up Security Operations to Stop Advanced Threats

As attacks have become more sophisticated and continue to evolve, static technologies can’t keep up. Siloed solutions fragment your defenses. It takes power and precision to stop attacks. Join this session where we will explore; Do you have an intelligent, orchestrated and automated approach to prevent, detect and respond to threats? How did GFL Environmental […]

Read more

Insider Threat Analytics & Anomalous Behaviors

Employee suspicious access, behavior abuse, and exfiltration of confidential data could all be a result of Insider Threat. We need a new innovative way of thinking about security as rule, pattern and signature-based solutions are evaded easily. Learn how user & entity behavior analytics (UEBA) and Identity Analytics (IdA) leveraging the context of open choice […]

Read more

Security consideration for Microservices using Container Technology

Continuous Deployment and Cloud applications offer new opportunities in cyber security in allowing flexibility and rapid reaction to the ever-changing demands to protect cyber assets. However, new technologies also offer new possibilities and require new approaches in evaluating and improving the security posture for software applications as well as the infrastructure. This talk will explore […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!
Fields marked with an * are required