Alexandria Hodgson

Senior Solutions Product Marketing Manager, Zero Trust 

Okta

Securing the Hybrid Workforce: How to Establish Trust in a Zero Trust World

It's no longer news that we need to support and secure increasingly distributed organizations. As companies look for long-term solutions for their hybrid and fully remote workforces, one thing is clear - identity is the new perimeter for businesses today. An identity-first approach to security reduces today's cybersecurity risks and provides the foundation for a Zero Trust security strategy. Tune in to hear how to implement a modern identity solution and mitigate insider risk.

About The Speaker

Alexandria Hodgson is a Senior Product Marketing Manager at Okta specializing in Zero Trust. Alexandria has spent the majority of her career in Cybersecurity, focusing on the ways in which organizations can better leverage their people, processes, and technologies to address the ever evolving thread landscape.

Beth Miller

Senior Insider Risk Advisor

Code42

Blind Spots with Beth

Do you ever look at your threat landscape and wonder where do I begin or what should I prioritize? Do you get conflicting messages from different business units on what matters or even worse are you completely in the dark? Join Beth Miller as she guides a conversation with a business stakeholder to understand what matters and when, to help better prioritize an organization's unique threat landscape.

About The Speaker

Beth empowers individuals to think creatively about risk. She is a proven integrator with over 18 years of Insider Risk experience across the Federal Government, Intelligence Community, and private sector. She specializes in behavioral analysis and digital signature management. Beth is passionate about building frameworks that proactively identify the business trade-offs required for Insider Risk programs to be successful. She has presented at numerous conferences, including The Financial Services Information Sharing and Analysis Center Caucus in New York, The Conference Board of Canada Security in Vancouver, British Columbia, and The Human Capital Analytics Conference in New York. Beth earned her Masters of Science in Financial Risk Management from New York University and Bachelor of Arts in International Affairs from Florida State University. She lives in Virginia with her husband, two dogs, and four children.

Brandon Leiker

Manager, Cyber Strategy

Optiv

Shifting Focus and Reducing Insider Risk Exposure with Zero Trust

The average cost of Insider Risk related events has increased more than 25% in 2 years, from $11.45M to $15.40M, according to The 2022 Ponemon Cost of Insider Threats Global Report. This isn’t because costs per incident are increasing sharply, but because the number of incidents is growing which is increasing the annualized cost. Some of the most common incident types included employee & contractor negligence, criminal or malicious insiders, and credential theft. Transition to focus on Negligence In our experience, we often see decision makers focusing on the malicious Insider. While important, this is only 26% of Insider Risk incidents, however negligence, being 56% of incidents deserves greater focus and can help greatly reduce overall incidents in an organization. Zero Trust to Enhance Insider Risk Capability To combat these Insider Risks, especially the outsized risk of negligence, organizations must build a robust, holistic Insider Risk program. When building this capability, organizations should consider industry-leading solutions and practices that can help with not only security, but also aid in alleviating compliance concerns. A zero trust architecture (ZTA) enables organizations to achieve both through the following principles: Govern, Protect, Detect, Respond and Recover. Conclusion Insider Risk events and data breaches can be extremely costly to an organization. Building a robust program and capability is critical to reducing risk and mitigating the effects of a breach. A ZTA allows organizations to put strong, industry-leading security at the core of their environment. Gone are the days when organizations can simply put a wall around their network and keep malicious actors out. ZTA relying on “never trust, always verify”, not only serves to reduce the likelihood of malicious behavior in access-granted areas of the environment, but it can also help prevent that malicious behavior from easily spreading throughout the environment.

About The Speaker

Security leader with nearly 20 years of information technology and information security experience across multiple verticals including: energy, financial services, medical, banking, and manufacturing. Brandon’s background includes solution architecture, implementation, and administration, security operations and strategy, as well as governance, risk, and compliance.

Brian Carpenter

Director of Business Development

CyberArk

Stop Data Leaks Caused by Users with Privileged Access?

Don’t miss CyberArk’s session “Stop Data Leaks Caused by Users with Privileged Access”. This session will show you how CyberArk and Code42 can help you automate and quickly address attacks to your most valuable credentials.

About The Speaker

Brian Carpenter – CyberArk Director of Business Development, 10+ years in Cyber Security at CyberArk and FireEye.

Bruce Hembree

Field Chief Technology Officer and Technical Director

Palo Alto Networks

The Positive and Negative Impact Zero Trust Had Inside The SOC Of Palo Alto Networks

Join us as we discuss the journey towards Zero Trust for Palo Alto Networks, the pitfalls, the realities, and the successes. We will discuss the hype and reality of Zero Trust and what it can mean in terms of impact in your SOC.

About The Speaker

Bruce Hembree is the Field CTO and Technical Director for Cortex - the machine learning and automation division that powers the SOC of Palo Alto Networks. Bruce bridges Palo Alto to the security community worldwide. Prior to Palo Alto Networks, Bruce ran operations at the Microsoft Digital Crimes Unit (DCU) - a small team of offensive-side security professionals brought into the eye of the public by inclusion in the Tom Clancy novel "Threat Vector" and the HBO special report "The Perfect Weapon." Bruce has worked extensively with the United States Department of Defense and global law enforcement agencies like the FBI, Secret Service, Scotland Yard, Interpol, and other entities doing offensive take-downs of global Internet threats, online organized crime, botnets such as Citadel, Zbot, Conficker, Rustock and Emotet, and disruption of child pornography distribution. Bruce is a veteran and spent two years deployed to active conflict zones in support of global anti-terrorism efforts.

Dr. Chase Cunningham

 CSO

Ericom Software

The Slow Gazelle

Are you predator or are you prey? Things haven't changed much in more than 2 decades of failure and much like the slow gazelle in the wild we are ripe for a takedown. Here we are in 2022 and we have "artificial intelligence" and a market that has more than 2400 vendors within it all "focused" on security, but we keep having breaches and failures. Why? Where are we going wrong and how does the space continue to ignore the fundamental issues that plague our networks? In this session Dr. Chase Cunningham will delve into the data and the reality of how this continues to happen and detail the approach we need to take to get past the fail cycle. Learn how to focus on the lions in the weeds and stay ahead of the herd in this session.

About The Speaker

Creator of the Zero Trust eXtended framework and a cybersecurity expert with decades of operational experience in NSA, US Navy, FBI Cyber, and other government mission groups, Chase is responsible for Ericom’s overall strategy and technology alignment. Chase was previously VP and Principal Analyst at Forrester Research; Director of Threat Intelligence for Armor; Director of Cyber Analytics for Decisive Analytics; and Chief Cryptologic Technician, US Navy. He’s author of the Cynja series and Cyber Warfare: Truth, Tactics, and Strategies.

Chris Stoel

EU Insider Risk Lead

Booz Allen Hamilton

Insider Risk and the Business Context Imperative

Insider Risk and the Business Context Imperative Effective insider risk management is difficult even for experienced organizations. The pitfalls and challenges that can lead to program failure are so routine, so consistent that they’re documented in SEI CERT’s Common Sense Guide for Mitigating Insider Threats (6th). And even then, many of the cybersecurity teams that do secure funding for a formalized insider program build find that it’s even more difficult to maintain that funding… If a “holistic insider risk management program that’s integrated across the enterprise and aligned with strategic business objectives” is your nirvana, buckle up. Though rocky your path may be… you absolutely CAN reach your organization’s insider nirvana, but you CAN’T get there if you don’t know your organization, it’s people, processes, and technologies. You can’t get there without business context. This presentation will cover strategies that help early-stage programs avoid the most significant impediments in the program lifecycle, define business context and it’s derived value from the insider program perspective, plus provide examples for how developing a deep understanding for (and partnering with) your organization can lead to program growth while providing real value to organizations. This presentation will include: 1. A discussion around common pitfalls / challenges of implementing an insider program with real-world-examples for why are more significant than others. 2. Practical examples for how developing appropriate business context can increase organizational trust and contribute to program success, regardless of where organizations are in their insider journey. 3. An overview of common insider program operating models, with specific examples for translating business context into strategic organizational partnerships. 4. A capstone conversation on using technology to strengthen insider program partnerships and create value for organizations.

About The Speaker

Chris Stoel is EU Insider Risk lead for Booz Allen’s European Commercial Advanced Cyber Defense practice. With nearly a decade of experience across insider threat detection, incident management and investigations, risk and control management, and regulatory affairs, Chris is focused on helping clients build, mature, and advance their insider programs to keep pace with an everchanging cyber threat landscape. In addition to his work with Booz, Chris is an active participant in related industry forums and cross-industry partnerships, including the UK’s Cyber Defense Alliance (CDA), working closely with a wide variety of teams across the financial services sector.

Chrysa Freeman

 Security Awareness Expert

Code42

Improve Incident Response and Decrease User Risk with Behavioral Science

Current research shows that 32% of companies want to completely overhaul their employee security education program. Why? Because their program is ineffective – with irrelevant content that is not timely for users – and boasts an embarrassing track record of leaving company data, IP, trade secrets and source code at far greater risk than should be the case. When the principles of behavior science are combined with a corporate culture rooted in security, incident response rates can be dramatically improved. Deep dive into a case study focused on reducing public sharing of GSuite files. Learn how moving from manual to automated response actions decreased analyst resources needed to investigate events, user repeat offenses and organizational risk.

About The Speaker

Chrysa has been in corporate security for 13 years. She’s built security awareness programs from the ground up in various industries including retail, technology, and healthcare. Chrysa is currently Manager of Security Awareness at Code42. She is passionate about the juncture where security and the science of human behavior intersect. Chrysa enjoys sharing her knowledge on building world class security awareness programs and insider threat issues. Most recently she has spoken at Secure360, the ISC2 Congress, The Wall Street Journal Cybersecurity Forum and the Minnesota Continuing Legal Education Conference.

Claire Moravec

VP, Digital & Human Intelligence

Red Vector

Red Flags, Reimagined

A noteworthy recent development in insider risk mitigation is how advanced insider risk analysis solutions are being fielded to reduce and eliminate threats through the fusion of link analysis, machine learning, and risk modeling. Specifically, how new 'fusion centers' synthesize employee behavior, information technology and cyber security systems, access control, human resources, and open-source intelligence data to perform advanced predictive analysis on key indicators of threat and risk. Two former Intelligence operators from the FBI and CIA have joined forces to discuss how this a good way to aggregate and correlate intelligence previously siloed in individual systems for more confident analysis and less analyst involvement in the data chain.

About The Speaker

Claire Moravec is a career intelligence professional, founding member of the Federal Bureau of Investigation’s first Social Media Exploitation team. Claire was a leader among her peers, driving tactical intelligence operations against bad actors weaponizing digital media, social media, and virtual/augmented reality technologies via covert operations as well as counterpropaganda, misinformation, and disinformation campaigns. In 2017 Claire earned the FBI’s Medal of Excellence in recognition of her work supporting the National Covert Operations Section. A near decade of infiltrating the networks of foreign intelligence, national security, and violent criminal targets, provided her with an intimate understanding of the biopsychosocial world of insiders. Following government service, Claire served as the Senior Leader overseeing Snapchat’s (NYSE: SNAP) Trust & Safety Response Operations Team. She is also an Adjunct Professor, teaching Undergraduate courses in criminal psychopathology, and Graduate courses in clinical social work. She now serves as the VP of Digital and Human Intelligence at Red Vector, Inc. where she develops and drives digital safety solutions via social media, OSINT, and UGC, in conjunction with human behavioral indicators, to identify malevolent insiders. Claire is a graduate of Columbia University in the City of New York, holding a Master of Science in Clinical Social Work. She also holds a Bachelor of Science in Criminology and a Bachelor of Social Work from Loyola University Chicago.

Courtney Adante 

President, Teneo Risk Advisory

Teneo

We Can Do Even Better: A Call for a Scalable, Sector-agnostic Framework to Improve Insider Risk Management

From a rise in foreign adversary espionage, cyber-attacks targeting global businesses, the Great Resignation, and economic headwinds signaling layoffs at scale, insider threat has never been more topical, with certain use cases of particular concern:  departing employees taking proprietary information and files with them, vulnerable employees coerced into IP theft or malicious insiders wittingly stealing information.  Many organizations are not prepared or have not prioritized the ability to manage and mitigate against these types of insider threat, which can have a devastating impact on profitability and reputation. 

While highly regulated sectors such as financial services and defense have led the charge in design, definition and rollout of robust insider threat management programs, many businesses have not focused on or prioritized the topic of insider threat, and if they have, it is largely procurement of an IT solution vs using an integrated approach of technology and human intelligence efforts to combat the issue, and are thus exposed, posing a potential real and existential threat to their businesses.  Although high-level models exist, there is a gap in the actionable ‘how to’ which includes a simple and scalable framework with steps, questions and activities to make the most of tools and human intelligence and workforce behaviors to help inform what the technology surfaces.  Courtney Adante, President of Teneo Risk Advisory will share her reasonable and approachable framework to help any organization jump-start or refine an insider risk management program.

About The Speaker

Courtney is the President of Teneo Risk Advisory, and in addition to managing all aspects of the division, she supports Fortune 500 clients with design and delivery of enterprise security strategy programs, focused on cybersecurity risk management, crisis preparedness and response and cyber crisis communications. Prior to joining Teneo, Courtney worked for Accenture in the capital markets practice, managing global client account teams. Her project work was primarily in trading and investment banking, specifically managing multi-million dollar projects in operational risk, trading supervision, derivatives trading, middle and back office operations, regulatory reform and organizational design. Before joining Accenture, Courtney worked for the electronic trading system division of Instinet (INET), formerly known as Island ECN in New York, where she was an account manager for all Island ECN equity trading for US and European based client groups. Before joining Island ECN, Courtney was a market supervisor for fixed income trading at Eurex in Frankfurt, Germany, the electronic trading division of Deutsche Boerse. Prior to Eurex, Courtney was a trade fraud investigator and open-outcry market supervisor for the futures and options markets. Courtney holds an MS in Cybersecurity Risk & Strategy from New York University, and has completed executive education courses in artificial intelligence and cybersecurity with MIT and Harvard respectively. She also has an MBA from Loyola University in International Business and Finance and holds a BA in Economics and German from Miami University of Ohio.

Dave Bittner

Insider Risk Summit Host & Cyberwire Producer & Host

Cyberwire

About The Speaker

Dave Bittner, is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.

Dr. Deanna Caputo

Chief Scientist for MITRE Insider Threat Capabilities,

Senior Principal Behavioral Psychologist

MITRE Insider Threat Research & Solutions

Unveiling the MITRE Insider Threat Framework Initiative

MITRE is creating an evolving, data-driven Insider Threat Framework that includes psycho-social and cyber-physical characteristics as common and observable indicators for insider risks. MITRE’s framework will help Insider Threat/Risk Programs more accurately target and operationalize their deterrence, detection, and mitigation of insider threats. This session will describe the Framework initiative, how the framework will be created, why it is important, and set expectations on how long it will take to produce. In the session, MITRE’s Insider Threat subject matter experts will describe how your organization can contribute to the Framework development and to the cutting-edge of insider threat science and practice. The session will also describe how existing frameworks of insider threats ignore psycho-social characteristics, focus solely on cyber, and/or are based on minimal or poor quality data. For example, there is currently no data-driven comprehensive threat framework for insider threat. While there have been some attempts to develop conceptual threat frameworks for insider threat, those efforts are generally based on theory or have limited or no utility due to inadequate data quantity and quality. Most existing frameworks fail to account for both behavioral and cyber aspects of insider threat. Threat frameworks for external adversaries are inappropriate for insider threat (e.g., MITRE’s ATT&CK, MITRE PRE-ATT&CK, MITRE CAPEC, Lockheed Martin Cyber Kill Chain). Insider threats simply act differently than Advanced Persistent Threats (APTs). Malicious insiders know how to leverage organizational processes to meet their objectives, they obfuscate malicious activities inside their legitimate work activity, and they take actions that do not require them to directly interact with cyber systems or break rules. Malicious insiders engage in more than just cyber activities, and any credible, effective insider threat framework must account for the cyber, physical, organizational, and human components of insider threat.

About The Speaker

Speaker bio coming soon

Ed Amoroso

Chief Executive Officer, Founder

TAG Cyber

Impact of Zero Trust on Insider Risk

The shift from perimeter-based networks to zero trust-based network access creates a new set of challenges for insider risks. On the one hand, it helps reduce the implied trust on a flat network that has caused so many lateral traversal problems from insiders. On the other hand, it creates a common zero trust access model where insider decisions from employees, partners, and customers will influence risk. In this sense, everyone becomes an insider. This talk will address this emerging new security model.

About The Speaker

Dr. Ed Amoroso is CEO of TAG Cyber. An NYU professor and former AT&T executive, Ed started TAG Cyber in 2016 to democratize research and advisory services and unleash his inner entrepreneur. Business Insider tapped him as one of the country’s 50 leaders “who helped lead the cyber security industry.

Elsine van Os 

 CEO

Signpost Six

Keeping it Right Before it Goes Wrong: Earliest Prevention of Insider Threats in the Workplace

Have you ever felt torn between the direction that your company is taking and the views you are holding yourself? For example, your company has decided to retain its operations in Russia after the war in the Ukraine broke out. And you’re against it. Or you are in complete disagreement with the COVID measures your company is taking. You might be an employee who has strong political views, but you wonder whether you can and should express this, as it could pose significant friction in the workplace. You feel gradually alienated from the workplace. You might become angry or disgruntled. These are examples of the societal pressure cooker we are all in, and the dynamic it could pose in the workplace. A workplace is not a bubble and if we want to stay ahead of the challenges to come, we need to remain aware of what’s going on in society to prevent it becoming a breeding ground for disgruntlement in the office, losing the connection with each other as co-workers. Workplace loyalty is one of the most important mitigators of insider risk. For this, a connection to the workplace, a shared identity, is essential, but how can we ensure this? This question goes to the heart of preventing insider risk at its earliest stages and this presentation will provide some high-level pointers on understanding and addressing these challenges for your organization and yourself.

About The Speaker

Elsine van Os is the founder and CEO of Signpost Six. Elsine is thought leader on insider risk and has an educational and professional background in psychology and intelligence and security. Elsine has worked on high profile assignments for the Dutch Ministry of Defense and Shell International, where she was responsible for security risk assessment at country, asset and individual levels worldwide. Elsine has worked in various capacities in over 50 countries. In her work, she has developed and implemented methodologies to develop safety awareness and risk assessment skills of management team members and employees. Elsine is also the owner of Signpost Film Productions.

Emanuel Tottress

Sales Engineer

LogRhythm

Mitigate Insider Risk and Controls Required

We will be exploring Insider Risk as it relates to the remote workforce. There will be insight on how best to combat these threats through automation, education, and playbooks. We will be covering the criticality of visibility or SOC Triad and how this enables disparate SOC teams. How that is integrated with SOAR and security dynamics of having advanced UEBA analytics. Join this webinar to learn about Insider Risks and the controls needed to combat them. Also, take a snapshot of where we are currently regarding the various kinds of Insider Risk. You’ll learn: · Importance of Visibility, UEBA detection layer, Mitigation and Strategizing using SOAR, and Proactive User Education.

About The Speaker

As an Enterprise Sales Engineer Emanuel has a passion for security. With 10+ years of experience selling and supporting security solutions, he has had the opportunity to advise organizations on the best ways to position their efforts and resources to combat security threats. Emanuel's mission is to fight the good fight against those who look to hurt and take advantage of organizations in the cyber realm. Evangelizing Cybersecurity is what drives him and raising security awareness among all users of technology is his passion.

Eoin Hinchy

 CEO and Co-Founder

Tines

Reimagining Insider Threat Response through Automation

Security teams of all sizes play a vital role in ensuring that their organizations stay safe and secure from insider risk threats. However, 71% of Security Analysts experience burnout while workloads continue to increase and Security teams remain understaffed. In this session, you’ll hear from Tines CEO Eoin Hinchy on the current state of security operations teams, the top issues SOC analysts are facing when it comes to effective incident response, and how you can equip your organization to take a radically different approach when responding to insider risk threats. Tines is on a mission to allow frontline employees to focus on more business-critical tasks and improve their wellbeing by reducing the burden of ‘busy work’ by helping automate any manual workflow and making existing teams more efficient, effective, and engaging.

About The Speaker

Eoin Hinchy is the Co-founder and CEO of Tines, a no-code automation platform that helps the world’s leading security and IT teams automate their manual workloads. Prior to Tines, Eoin spent 15 years working in security at companies like eBay, PayPal, and DocuSign. Eoin has two engineering degrees - a Masters in Security and Forensic Computing from Dublin City University and an MBA from Imperial College London.

Eric Ewald

Data Protection & Insider Risk Lead

Booz Allen Hamilton

Insider Risk and the Business Context Imperative

Insider Risk and the Business Context Imperative Effective insider risk management is difficult even for experienced organizations. The pitfalls and challenges that can lead to program failure are so routine, so consistent that they’re documented in SEI CERT’s Common Sense Guide for Mitigating Insider Threats (6th). And even then, many of the cybersecurity teams that do secure funding for a formalized insider program build find that it’s even more difficult to maintain that funding… If a “holistic insider risk management program that’s integrated across the enterprise and aligned with strategic business objectives” is your nirvana, buckle up. Though rocky your path may be… you absolutely CAN reach your organization’s insider nirvana, but you CAN’T get there if you don’t know your organization, it’s people, processes, and technologies. You can’t get there without business context. This presentation will cover strategies that help early-stage programs avoid the most significant impediments in the program lifecycle, define business context and it’s derived value from the insider program perspective, plus provide examples for how developing a deep understanding for (and partnering with) your organization can lead to program growth while providing real value to organizations. This presentation will include: 1. A discussion around common pitfalls / challenges of implementing an insider program with real-world-examples for why are more significant than others. 2. Practical examples for how developing appropriate business context can increase organizational trust and contribute to program success, regardless of where organizations are in their insider journey. 3. An overview of common insider program operating models, with specific examples for translating business context into strategic organizational partnerships. 4. A capstone conversation on using technology to strengthen insider program partnerships and create value for organizations.

About The Speaker

Eric is Data Protection & Insider Risk lead for Booz Allen’s Commercial Advanced Cyber Defense practice. With over 15 years of professional experience spanning finance & accounting, audit, advanced analytics, and cybersecurity, Eric is focused on helping clients build sustainable, integrated, insider risk management programs.

Gianna Driver

Chief Human Resources Officer

Exabeam

Successful Partnering for Insider Risk Management

Join this session to hear from Exabeam's CHRO, Gianna Driver, and Exabeam's CISO, Tyler Farrar as they discuss: Defining shared objectives and metrics, communicating in a common language, partnering with the wider business, and positive promotion of Insider Risk Management to employees.

About The Speaker

Gianna Driver is Chief Human Resources Officer (CHRO) at Exabeam. As CHRO, Driver manages the strategy and processes related to building, investing in, and retaining top talent at Exabeam, enabling employees to do their best work. She is responsible for architecting the company’s talent strategy, driving corporate culture and diversity, equity and inclusion (DEI) initiatives, and leading the global human resources function. Driver brings nearly 20 years of executive human resources management experience in small, large, private, and public global companies to Exabeam. Prior to Exabeam, Driver was the Chief People Officer at BlueVine, a private fin-tech company based in Redwood City, CA. Before BlueVine, Driver led HR and People functions in high-growth technology, gaming, consumer, and SaaS organizations including Playstudios, Aristocrat, Actian Corporation, Talend, and Balsam Brands. She is passionate about building high-performance cultures, establishing operational excellence, and creating joy at work. Driver is a graduate of The Wharton School of the University of Pennsylvania.

Jadee Hanson

CISO and CIO

Code42

From the Desk of CISOs: The Impacts of Insider Risk

The CISO panel will discuss insider risk impacts to the organization from the C-level. Join this conversation to understand what is on executives’ minds as it relates to Insider Risk and how it poses a significant impact to the organization. During the discussion, panelists will explore trends that are driving up the risk of data loss. We will also dig into large scale changes in the security landscape that have caused Insider Risk to become a growing concern among executives, the C-suite, and the board.

About The Speaker

As CISO and Chief Information Officer at Code42, Jadee Hanson leads global risk and compliance, security operations, incident response, and insider threat monitoring and investigations. To her position, she brings more than 15 years of information security experience and a proven track record of building security programs. Prior to Code42, Jadee held a number of senior leadership roles in the security department of Target Corporation, where she implemented key programs, including compliance, risk management, insider threat assessments and more. Jadee also spearheaded the effort to embed security resources into the development process as well as the security plans behind the acquisition of software development and online retail companies. She was the security lead for the sale of Target Pharmacies to CVS Health. Before joining Target, Jadee worked at Deloitte, where she served as a security consultant for companies across diverse industries, such as healthcare, manufacturing, energy, retail and more. In addition to her day job at Code42, Jadee is the founder and CEO of the non-profit organization Building Without Borders, which serves those in poverty-stricken areas throughout the world through housing services. Since April 2015, Building Without Borders has built 39 homes in areas of the Dominican Republic. In her spare time, you can find Jadee working for her non-profit, enjoying time with her husband and three girls, and spending time on the lake.

Jake Haldeman

Channel Sales Engineer

LogRhythm

Leveraging UEBA to Secure Your Organization

Many organizations are struggling with user focused security incidents. By leveraging UEBA organizations can start to get visibility into user activity and detect when a user breaks out of their normal routine. In this presentation will discuss what UEBA is and what it is not, why UEBA is helpful and what features should be expected of a UEBA product. With this understanding you’ll see how UEBA can be leveraged to protect organizations from user-based attacks.

About The Speaker

As a Channel Sales Engineer at LogRhythm, I work closely with our partners who sell and provide services for LogRhythm. By engaging in training, product updates, issue resolution, feature feedback and general business strategies with our partners they are better able to provide an exceptional level of service to their clients with the LogRhythm products and platform. I studied Computer Science in college and after graduation I focused on System Administration and Networking which naturally lead to a security focus. I recall using Snort to watch for college students that were using BitTorrent to download illegal items on the campus network evolving to using NGFW technologies to not only detect but also rate limit the same activity. This helped me when I started my studies of Information Security and Assurance Master’s Degree which catapulted me further down the IT Security focus. I’ve been at LogRhythm since 2016 and have grown from a single team member to a manager over a small team to further enable Sales Engineers to help solve problems for our customers. I now focus on enabling our partners to represent LogRhythm’s products and services. Outside of computers I love to spend time with my husband and three Great Pyrenees dogs. 

Janel Schalk

Practice Director, Security Enablement & Sales

Trace3

Insider Risk Prevention and Detection is like an Onion – It has Layers

Join Code42, Trace3, Splunk, and Netskope where we discuss insider defense and detection in depth from a technical perspective, and how layering technology will cover the basis of collecting, aggregating, triaging and actioning on data and user activities in the prevention and detection of insider risks. We will discuss open, deep, and dark web monitoring, aggregating user statistics and behavior, reputation monitoring, large scale data transfers, data exfiltration activities, and correlating identity and HR information to provide insider risk defense and detection in depth.

About The Speaker

Strategic security services and sales leader with 21+ years of experience in security and risk.

Jason Hart

Regional Chief Technology Officer

Rapid7

Operationalizing Cybersecurity for Measurable Risk Reduction

Getting a handle on cybersecurity risk can feel like a losing battle, especially when annual budget and data breach numbers are seemingly rising in tandem. As businesses work to transform their processes to meet the latest internal and external threats, operationalizing cybersecurity is key. This presentation discusses a holistic, business-driven approach that delivers security-related inputs to internal stakeholder groups for better decision making and measurable risk reduction.

About The Speaker

A former ethical hacker with nearly 30 years’ experience in the information security industry, Jason Hart has used his knowledge and expertise to found cybersecurity start-ups, craft visions and strategies, disrupt markets, and evangelize the methods and merits of strong security posture management. At Rapid7, Jason serves as Field CTO for the EMEA region, consulting with information security leaders and executives on strategies, processes, and technologies to enable security as part of the business process.

Jim Turgal

 VP, Cyber Security

Optiv

Shifting Focus and Reducing Insider Risk Exposure with Zero Trust

The average cost of Insider Risk related events has increased more than 25% in 2 years, from $11.45M to $15.40M, according to The 2022 Ponemon Cost of Insider Threats Global Report. This isn’t because costs per incident are increasing sharply, but because the number of incidents is growing which is increasing the annualized cost. Some of the most common incident types included employee & contractor negligence, criminal or malicious insiders, and credential theft. Transition to focus on Negligence In our experience, we often see decision makers focusing on the malicious Insider. While important, this is only 26% of Insider Risk incidents, however negligence, being 56% of incidents deserves greater focus and can help greatly reduce overall incidents in an organization. Zero Trust to Enhance Insider Risk Capability To combat these Insider Risks, especially the outsized risk of negligence, organizations must build a robust, holistic Insider Risk program. When building this capability, organizations should consider industry-leading solutions and practices that can help with not only security, but also aid in alleviating compliance concerns. A zero trust architecture (ZTA) enables organizations to achieve both through the following principles: Govern, Protect, Detect, Respond and Recover. Conclusion Insider Risk events and data breaches can be extremely costly to an organization. Building a robust program and capability is critical to reducing risk and mitigating the effects of a breach. A ZTA allows organizations to put strong, industry-leading security at the core of their environment. Gone are the days when organizations can simply put a wall around their network and keep malicious actors out. ZTA relying on “never trust, always verify”, not only serves to reduce the likelihood of malicious behavior in access-granted areas of the environment, but it can also help prevent that malicious behavior from easily spreading throughout the environment.

About The Speaker

Optiv Vice President, specializing in Cyber Risk, Threats, Strategy, Incident Response and Board Relations. Mr. Turgal joined Optiv after spending over three years in the Cyber Risk Practice at Deloitte and after retiring from a distinguished 22-year career with the Federal Bureau of Investigation (FBI). During his FBI career, James served as a Special Agent, Attorney and Pilot in numerous FBI Field Offices, and two years as the Deputy General Counsel for Domestic Terrorism Affairs. His cyber experience began in 2003 working cyber investigations and includes designing a Cyber Crime Taskforce and Computer Forensic Laboratory in the Cincinnati Field Office; served in executive roles as the Special Agent in Charge of the Phoenix Arizona office; and senior executive / C-Suite roles as the Assistant Director – Chief Human Capital Officer (CHCO) and culminated his career as the Executive Assistant Director of Global Information Technology and the FBI’s Chief Information Officer (CIO).

JK Lialias

AVP, Head of Security Product Marketing

Splunk

Insider Risk Prevention and Detection is like an Onion – It has Layers

Join Code42, Trace3, Splunk, and Netskope where we discuss insider defense and detection in depth from a technical perspective, and how layering technology will cover the basis of collecting, aggregating, triaging and actioning on data and user activities in the prevention and detection of insider risks. We will discuss open, deep, and dark web monitoring, aggregating user statistics and behavior, reputation monitoring, large scale data transfers, data exfiltration activities, and correlating identity and HR information to provide insider risk defense and detection in depth.

About The Speaker

JK Lialias is Area Vice President, Security Product Marketing at Splunk. JK joined Splunk from Cisco where he was Director of Product Marketing position for Cisco Security, responsible for SecureX, Advanced Threat Solutions, ISE, and AnyConnect. Prior to Cisco, JK held product marketing leadership roles at McAfee, Forcepoint, Symantec, and Secureworks. Before joining the cybersecurity world, JK worked in various business development and marketing leadership positions at IBM and Intel.

Joe Payne

President and CEO, Code42 and

Chairman, Insider Risk Summit

Code42

Session details coming soon

About The Speaker

Joe is the president and CEO of Code42 and co-author of the book Inside Jobs. He will share his take on why the infosec world must make a fundamental shift in how it plans for, manages and responds to insider risk – which includes both malicious data exfiltration and unintentional data exposure – compared to how it approaches malware risk.

John Boles

Principal, PwC Cyber Security

PwC

10 Steps to Building an Insider Risk Program

This session is designed to walk through the practical steps to establishing an Insider Risk Management program using a Risk First/Then Tech approach. From bringing together key stakeholders to identifying risk, this session will outline how to get started with your program based on real-world examples.

About The Speaker

John is a Principal in PriceWaterhouseCoopers’ Incident and Threat Management practice. His experience from over 27 years in federal law enforcement, national security, and cyber operations has given him a unique perspective on cyber security and risk. John served in the FBI for over 20 years, conducting and leading investigations around the world, including cyber, fraud, terrorism, and violent crimes. As Deputy Assistant Director, in charge of FBI Cyber Operations, he oversaw the federal response to many of the more notorious cyber attacks. He advised the White House and National Security Council on cyber-related issues and policies and has testified before Congress on cyber-crime issues. John also led the National Cyber Investigative Joint Task Force, a 19-agency team of US and allied intelligence agencies dedicated to national security investigations and response. He retired as Assistant Director, responsible for the FBI’s international operations, including offices in 82 embassies covering 120 countries. Prior to joining PwC, John led Navigant’s global incident response teams, assisting clients contain, mitigate, and remediate attacks against their infrastructure.

 

John Schimelpfenig

Director, Business Development & Strategic Partnerships

Code42

Insider Risk Prevention and Detection is like an Onion – It has Layers

Join Code42, Trace3, Splunk, and Netskope where we discuss insider defense and detection in depth from a technical perspective, and how layering technology will cover the basis of collecting, aggregating, triaging and actioning on data and user activities in the prevention and detection of insider risks. We will discuss open, deep, and dark web monitoring, aggregating user statistics and behavior, reputation monitoring, large scale data transfers, data exfiltration activities, and correlating identity and HR information to provide insider risk defense and detection in depth.

About The Speaker

John leads Code42's partnering efforts with the Technology ecosystem, evaluating new partnerships & integration opportunities, and driving go-to-market strategies. He has spent 15 years working in tech, with 8 years in security helping organizations build and scale dynamic strategic alliance programs.

 

JT Mendoza

Director, Corporate Security

CGI Group

Advancing Your Insider Risk Management Program

One of the biggest challenges organization's face today is the risk posed by those with authorized access to their critical/sensitive facilities, information, and people. Each organization approaches the challenge of insider threat/risk differently, but the one thing that can be agreed upon is the need to advance these programs to attempt to prevent incidents as early as possible. In this presentation, JT will provide an overview of three major insider cases and highlight the potential risk indicators that can be integrated into programs to detect potential risk indicators.

About The Speaker

J.T. Mendoza has over 24 years of experience in a variety of senior-level security and intelligence positions within the US government and private industry. He most recently served as Director, Global Insider Risk Management & Investigations for the CGI Group. Prior to joining CGI, JT served as Deputy Director for Insider Threat with the Department of the Air Force; and in multiple senior roles within the Department of Defense. He has led and overseen large, complex security, counterintelligence, and criminal investigative programs and worked collaboratively with interagency partners to address national security challenges.

 

Katie Anderson  

Sr. Product Marketing Manager

Microsoft

Addressing Insider Risks as Part of your End-to-End Data Protection Strategy

Security and compliance teams know that protecting sensitive data, preventing data loss and managing potential insider risks are crucial to a strong security strategy. When it comes to managing insider risks, like malicious data theft or inadvertent data leaks, it can be challenging to know where to start: who should be involved in the design of an insider risk management program? What policies make the most sense for your organization? How can data protection fundamentals, privacy controls and organizational insights help you on your journey? Join Microsoft Security experts as we talk about identifying and managing insider risks, all while protecting user privacy and ensuring the right policies and role-based access controls are in place. In this session, we’ll share six best practices for addressing insider risk that we’ve learned from our experience in Microsoft Security and from conversations with customer and partners.

About The Speaker

Katie Anderson is a Senior Product Marketing Manager at Microsoft, leading Go-to-Market and marketing for Insider Risk Management. She has spent the last five years working at Microsoft across business development, business programming and product marketing roles. Prior to joining Microsoft, Katie was a software consultant helping with state and national tax agencies to build and deploy tax revenue IT systems. She is currently based in Seattle, WA.

 

Kurt Johnson

VP Strategy and Business Development 

Beyond Identity

The Nexus of Identity Management and Zero Trust

Given the overwhelming impact of ransomware and other significant breaches, achieving Zero Trust must be a critical strategy for every organization’s cybersecurity infrastructure. Recognizing "who" and "what" are accessing critical resources and applications is an increasingly important and difficult task leaving organizations exposed to vulnerability and risk. This session will explore how organizations can provide the strongest authentication experience for employees, developers, and 3rd-parties accessing key corporate resources with no user friction. It will discuss how Beyond Identity can combine phishing-resistant MFA and insider risk detection to ensure company data and resources are effectively protected.

About The Speaker

Prior to Beyond Identity, Kurt led Strategic Partnerships for GreatHorn, and was previously SVP of Strategic Partnerships and GM of Emerging Products for FastPay. Kurt came to FastPay via its acquisition of AnchorOps, a provider of electronic payment solutions for the media industry, where he served as SVP Marketing & Corporate Development leading marketing, product management, and strategic alliances. Prior to AnchorOps, Kurt was VP of Strategy & Corporate Development for Courion Corporation, a leader in identity and access management software, where he was responsible for corporate and product strategy, channels and alliances, and M&A activity. Previously Kurt was an industry analyst with META Group (acquired by Gartner) and IDC where he established himself as a leading authority in the areas of IT service management and security. Kurt currently serves on the Board of Cambridge Savings Bank and holds Bachelor of Science degrees in both Marketing and Finance from Boston College.

 

Lee Tschetter  

Director of Technical Strategy

Okta

Responding to Insider Threats with Authentication and Endpoint Data

Breaches most commonly occur with the end user or employee, with each incident costing $4.6 billion. Current solutions that help with blocking incidents aren’t very seamless and interfere with collaboration and the ability for employees to get their work done. With Okta and Code42, you have a comprehensive security solution that embraces the collaboration culture, provides visibility into where your company data is going - including endpoints - and who is moving it. Learn how we work together to ingest user attributes and create an Incydr watchlist and additional workflows to speed investigations and mitigate insider risk.

About The Speaker

Lee Tschetter is Director of Technical Strategy at Okta. He is responsible for defining and expanding strategic technology partnerships in the fast-growing and rapidly evolving identity ecosystem. As a key member of the Business and Corporate Development team, Lee acts as Okta’s technical liaison between product management and tech partners - effectively playing the role of a product manager for many strategic tech partnerships.

Marisa Fagan 

 Head of Trust Culture & Training

Atlassian

Let's Rethink Security Awareness Training

Everyone in the information security industry has trained about security, and that training was so interesting they decided to make a career of it. Maybe it wasn’t a single formal training course…maybe it was more like years of experiences, like that first time they got a script to execute a payload… the satisfaction of solving a crypto puzzle… or their first DEF CON. What ever it was, it worked. So, we know what the tools are to make security knowledge stick, but somewhere along the way we decided as an industry that we wouldn’t share that path with the broader audience of our company coworkers enrolled in Security Awareness Training. Instead, the industry standard for security awareness training was relegated to an afterthought… a checkbox to complete as cheaply as possible.

About The Speaker

Marisa Fagan is the Head of Trust Culture & Training at Atlassian. She works to ensure that every Atlassian employee is empowered to work securely and to protect our customers' trust. Previously, she has worked as a security culture expert at places like Synopsys, Salesforce, Facebook, and Bugcrowd. She has taught at Black Hat Trainings and presented at conferences worldwide on building security culture. She resides in San Francisco, California, USA.

Mark T. Hofmann

Crime and Intelligence Analyst

The Psychology of Cybercrime: Internal & External Threats

What motivates hackers and internal offenders? What are the latest Social Engineering techniques? How can we become a “human firewall”? More than 90% of cyberattacks are caused by human error. Humans are cybersecurity’s weakest link – but something can be done about it. Mark T. Hofmann is a Crime & Intelligence Analyst, Business Psychologist and well-known expert in the field of Behavioral & Cyber Profiling and has appeared on CNN, CBS, Forbes, 60 Minutes Australia. He has met and anonymously interviewed hackers, – including individuals whose crimes remain undiscovered to this day. He takes you on a journey into the mind of these perpetrators – and those perpetrators who operate from the inside. Get a rare glimpse into the Psychology of Cybercrime & Insider Threat.

About The Speaker

Mark is a crime and intelligence analyst (“profiler”) and business psychologist who has specialized in behavioral and cyber profiling and conducted scientific interviews with criminals, psychopaths and hackers to understand the internal perspectives. During the Summit, he will talk about the difference between external and insider cybercriminals and delve into the psychology of malicious, negligent and accidental insiders. He’ll also show how "social engineering" works in 2022 and how we can become a human firewall.

Marty Opthoff

Director, Cyber Security

GE Renewable Energy

Where Do I Start? Building your First Insider Threat Program

You have more security logs than you know what to do with but how do you build an Insider Threat program? With no advanced tools how can you build leadership support and secure budget for a program? It all starts with showing leadership what risks you can detect. You've got to prove what you can do once they give you people and tools to build a respectable program.

About The Speaker

Marty Opthoff is a Director of Cyber Security at GE Renewable Energy. He studied business engineering at Michigan State University and is a CISSP. At GE, he leads a team in defining preventive and detective data protection controls, including Insider Threat for an enterprise of 60k employees. He formed and matured an Insider Threat program over the last 4 years by building executive support and continuous improvement. When he isn’t codding in Splunk, he’s going around Paris on his bike.

Dr. Mary Dziorny

Security Consulting Manager

Accenture

The Secret Recipe to Measuring Impactful Training Programs

As professionals in the human risk reduction space, we know that people join the domain from a variety of backgrounds ranging from marketing and communications to cyber and technology. But rarely—if ever—are those tasked with building training and education programs armed with a formal foundation in measuring those programs. One of the keys to a comprehensive metrics plan is measuring at multiple levels and including both internal-focused and external-focused elements. However, without a good framework, it can be very confusing and overwhelming to effectively select and analyze metrics. The Kirkpatrick model is a popular metric framework that can help manage the chaos and give you the data you need to measure your program effectiveness to both maintain your program and report out to external stakeholders. The trick to effective program measurement is selecting metrics and analysis methods that work for you and your organization. Session attendees will learn: How the multi-level Kickpatrick model can add multi-dimensions to your measurements, how to use what you have instead of re-inventing the wheel, how to design a multi-stage approach to measurement, and what the Kickpatrick model looks like in reality with two very different awareness programs.

About The Speaker

Mary Dziorny is a Security Consulting Manager with over 12 years of experience in the cybersecurity field and over 20 years of experience in the education and training field. She has designed, developed, and implemented 9 training programs over the course of her career, including two comprehensive enterprise wide security awareness programs. Most recently, she lead the overhaul of a 14 yr old security awareness program at a medium energy client and brought the program to full maturity in under 2 yrs. In addition to her industry experience, Mary is also an experienced teacher and instructor with over 10 years of online teaching experience. She has taught for The University of Texas at Dallas, University of North Texas, and currently teaches for Texas A&M- Commerce. Her academic research focuses on online education, games and simulations, and working with students with dyslexia.

Masha Sedova

 Co-founder & President

Elevate Security

Pinpointing Workforce Risk To Strengthen Cyber Defense

Analysis of more than 15 million unique security events identified clear trends in internal workforce risk, including: • 4% of users generate 80% of phishing incidents, some clicking twice a month • 3% of users generate 92% of malware events, 1% average 1 incident every other week • 12% of users are responsible for 71% of secure browsing incidents, 1% will trigger 200 events per week. In the presentation, we'll discuss how security teams can better measure human risk in their organizations, share critical finds from the research, and apply knowledge to reduce incidents. Takeaways • Risk is not uniformly distributed among individuals or organizations • Training and simulation won't solve internal workforce risk • Effective programs require risk measurement and active individualized mitigation.

About The Speaker

Masha Sedova is an award-winning people-security expert, speaker, and trainer focused on helping companies transform employees from a vulnerability into a key element of defense. She is the co-founder of Elevate Security delivering the leading workforce-risk management platform. Before Elevate, Sedova was a security executive at Salesforce. In addition, she has been a member of the Board of Directors for the National Cyber Security Alliance and regular presenter at conferences such as RSAC, Blackhat, OWASP, and SANS.

Mathias Reveraert

PhD Researcher

University of Antwerp

Evaluating Insider Threat Indicators and Mitigation Measures: A Delphi Study

The presentation will elaborate on the results of our Delphi study on insider threat mitigation. The goal of the study was to discover potential ‘red flags’ of insider threat incidents (i.e. factors that may point to imminent insider threat incidents) and good practices on insider threat mitigation. The study used the Delphi technique to iteratively compare the opinions of insider threat experts. A multidisciplinary panel of 25 international experts in a field related to insider threats (corporate security, counterintelligence, insider threat training, …) completed three rounds of online questionnaires that contained questions on four insider threat mitigation phases, namely prevention, detection, pre-emption and the aftermath of an insider threat incident. Round 1 concerned open-ended, level-setting questions with panelists asked to share their expertise on both red flags and good practices. In round 2, experts were presented with a list of all important red flags/good practices shared by the panel in round 1 in the form of a structured questionnaire whereby they were asked to rate each individual red flag/good practice in the list. The questionnaire of round 3, to conclude, provided the experts with a list of high-rated factors, after which they were asked whether they agreed or disagreed with the panel’s decision and to explain their reasoning in case of disagreement. The results of the study provide participants with useful insights on what experts consider to be red flags organizations should be vigilant of, as well as with mitigation measures to better secure organizations against insider threats.

About The Speaker

Mathias Reveraert holds a Master degree in International Relations and Diplomacy obtained at Universiteit Antwerpen (UA), Belgium. After an internship at the Research Group International Politics of the UA, sponsored by the EU Non-Proliferation Consortium, and a function as part-time voluntary research assistant at the University of Antwerp working on the Belgian part of the European Project PoMigra, Reveraert started his PhD on the insider threat problem in February 2019. In the context of his PhD research, he presented his research at international conferences like the Counter Insider Threat Student Symposium in March 2021 or Behavioral Analysis 2022 in June 2022. He also published peer-reviewed articles on the insider threat problem in Security Journal in December 2021 and Information Security Journal in February 2022, both co-authored by his supervisor Professor Tom Sauer.

Matt Gregson

 Director, PwC US

 PwC

10 Steps to Building an Insider Risk Program

This session is designed to walk through the practical steps to establishing an Insider Risk Management program using a Risk First/Then Tech approach. From bringing together key stakeholders to identifying risk, this session will outline how to get started with your program based on real-world examples.

About The Speaker

Speaker bio coming soon

 

Michelle Killian

Senior Director Information Security

Code42

Improve Incident Response and Decrease User Risk with Behavioral Science

Current research shows that 32% of companies want to completely overhaul their employee security education program. Why? Because their program is ineffective – with irrelevant content that is not timely for users – and boasts an embarrassing track record of leaving company data, IP, trade secrets and source code at far greater risk than should be the case. When the principles of behavior science are combined with a corporate culture rooted in security, incident response rates can be dramatically improved. Deep dive into a case study focused on reducing public sharing of GSuite files. Learn how moving from manual to automated response actions decreased analyst resources needed to investigate events, user repeat offenses and organizational risk.

About The Speaker

Michelle is the Senior Director Information Security at Code42, the Insider Risk Management leader. Her team is responsible for the Insider Risk Management, Security Awareness and Training, Threat & Vulnerability Management (TVM), FedRAMP and corporate Governance, Risk and Compliance (GRC) functions. Since joining Code42 in 2016, Michelle has been a critical stakeholder in the Critical Incident Response program, and has also led Product Security and Identity and Access Management (IAM) teams. With over 20 years of experience in the security industry, MIchelle has worked in a variety of industries, but most enjoys the pace and challenges of technology companies.

MJ Knudsen

Cortex Strategic PreSales Engineer

Palo Alto Networks

Automating Insider Risk with Cortex XSOAR & Code42

Code42 Incydr together with Cortex XSOAR enables security teams to scale, standardize and accelerate their overall incident response process for Insider Risk, so they can quickly detect and respond to data risk when employees or contractors leave your organization. See how Cortex XSOAR automates mundane security tasks in this overview product session.

About The Speaker

MJ Knudsen brings over 15 years of enterprise security and SOC experience to his role as a PreSales Engineer for Strategic FinancialsÍ at Palo Alto Networks focusing on Cortex products.

Nathan Hunstad

Deputy CISO

Code42

Reimagine Data Protection - Why IRM Offers More Resilience in a Cloud-Dependent World

Data loss, leak and theft are not new problems, and a number of technologies that have attempted to mitigate insider risk have existed for some time. What has changed, especially in the past few years, is the landscape of insider risk: employees are more distributed, data has moved to the cloud, and old-fashioned security tools are no longer adequate. Our approach to Insider Risk Management takes the best parts of DLP, CASB, UEBA and SEA, and reimagines them in a way that makes them much more effective in today’s world. With this approach, security teams can have a more effective and resilient approach to insider risk, one that scales to protect their data beyond today.

About The Speaker

Nathan is the Deputy CISO at Code42, the Insider Risk Management leader. He leads the Identity and Access Management (IAM) and Platform/Application Security teams. In past roles as a senior leader on the Code42 security team, he led or held roles in security operations, threat and vulnerability management, security engineering, red team, cyber intel, risk assessment, and security consulting. Nathan joined Code42 in 2016, bringing experience from both the private and public sector, and is a graduate of the Masters of Science in Security Technologies (MSST) program at the University of Minnesota.

Pablos Holman

Technology Futurist, Inventor, World-Renowned Hacker & Viral TED Speaker

Paralyzed by Fear

We are living in a renaissance, with the potential to reinvent almost everything humans do using the superpowers of automation, robotics & machine learning. These technologies are getting more accessible everyday, and they are being used to change the way every industry operates, making them faster, more efficient & more humane. At the same time, risks from adopting new technology are in the news every day, hackers, disinformation, surveillance, losing jobs to robots. If we are paralyzed by fear of these possible failures, we will fail to realize the potential in these technologies. Pablos is coming to share his unique perspective on how we can think about these possibilities to make a difference in our own work.

About The Speaker

Pablos is a world-renowned hacker turned technology futurist, inventor and viral TED speaker who possesses a unique ability to articulate practical solutions and visions for the future of technology. He’ll offer an inspirational view of what’s possible in a world of exponential change.

 

Paul Furtado

VP Analyst

 Gartner

A New Look at Insider Risk

Insider Risk Management (IRM) is evolving. It is no longer a technology stack but rather a methodology and framework to build a comprehensive defense against internal cyber risks. Join Gartner Vice President Paul Furtado as he discusses the evolution of insider risk management and the key elements of a strong program.

About The Speaker

Paul Furtado is a veteran in the IT industry. He has held roles such as CIO, VP of IT and CISO in private industry before joining Gartner. Currently he serves as a Vice President, Analyst at Gartner where he is responsible for providing insights into cybersecurity trends, threats, prevention and governance. In his current role, he helps Gartner clients around the world develop and enhance their cybersecurity programs. Paul is regularly called upon for his expertise in Ransomware, Insider Risk and Executive Cyber Risk Awareness.

 

Raj Samani

Senior Vice President & Chief Scientist

Rapid7

Insiders for Hire: How Ransomware Groups Gain a Foothold

The nefarious side of insider risk is a burgeoning business model for threat actors. On the Dark Web, we see posts from disgruntled employees offering to sell access. And, in broad daylight, threat actors are conducting attacks using credentials that appear to be from legitimate employees. Ransomware groups that achieve insider-enabled access can do major damage; in fact, the 2022 Verizon DBIR reports that the median number of records lost due to an insider breach outnumbered that of an outsider breach by more than 10 to one. In his presentation, Raj Samani will discuss the current insider-enabled threat landscape and what happens when ransomware groups achieve access in this manner.

About The Speaker

Raj Samani is a computer security expert responsible for extending the scope and reach of Rapid7’s research initiatives. Immediately prior to Rapid7, Raj was McAfee Fellow and Chief Scientist after serving as the company’s VP and Chief Technical Officer in EMEA. Raj has assisted multiple law enforcement agencies in cybercrime cases, and is special advisor to the European Cybercrime Centre (EC3) in The Hague. In addition to speaking at myriad cybersecurity industry events, Raj is sought after for his commentary on breaking news such as major security breaches and emerging threats.

 

Rob Juncker

CTO

Code42

The Impact of Cultural Drift on Data Protection

Every organization’s culture has a true north, which paints a pretty clear picture of how secure that organization’s data is. We expect users to drift from that true north – it’s simple human nature after all. As security practitioners and business leaders, we have a choice – is it better to correct that drift at the time it happens or give it free reign to establish a new norm? At a time when a wave of hot and nascent technologies yield new vectors for possible data exposure, your valuable IP, source code and product plans could potentially leak and flood the market when you least expect it if user behavior is allowed to drift unchecked. Dive into a discussion about the critical role culture plays in building a security aware organization.

About The Speaker

As chief technology officer, Rob leads our software development and delivery teams. He brings more than 20 years of security, cloud, mobile, and IT management experience to Code42. Prior to Code42, Rob worked as vice president of research and development at Ivanti, where he led and shaped the company's evolution from IT management technologies to security-focused solutions, with projects ranging from cloud-delivered analytics to hybrid cloud security. Prior to Ivanti, Rob served as senior director of research and development at VMware, the leader in virtualization and hybrid cloud. Rob has published several papers on information technology and mobility and co-authored the first published book on wireless application protocol in the United States. His passion for the IT Industry, plotting its tracks and keeping a pulse on its future, and his expertise has made him a high-demand speaker throughout the international IT community.

 

Sam Humphries

Head of EMEA Security Strategy

 Exabeam

I am Root (Cause Analysis)

When an insider threat incident occurs, teams can end up working very long hours, for many days, weeks, or even months. So when the dust settles, it can be painful to revisit the event in any level of detail. Understanding how and why the incident happened is key to learning how to prevent it from reoccuring in the future. RCAs are a crucial step in incident response, yet they are sometimes neglected - poorly completed, missing input from teams outside of security and IT, and the recommended actions aren’t always implemented. During this session, Sam will take your through best practices of how to conduct RCAs, who should be involved, and how to ensure they aren’t left to rot until the next incident becomes a stark reminder of what didn’t get done the last time around.

About The Speaker

Samantha has been happily entrenched in the cybersecurity industry for over 20 years. During this time she has helped hundreds of organizations of all shapes, sizes, and geographies recover and learn from cyberattacks, defined strategy for pioneering security products and technologies, and is a regular speaker at security conferences around the world. In her current regeneration, Sam heads up the Security Strategy team at Exabeam in EMEA. She authors articles and blogs for various security publications, has a strong passion for mentoring, and often volunteers at community events, and is member of the organization team at BSides Newcastle. Sam has won various awards including CSO30 UK, TechWomen100, and the Top 30 Female Cybersecurity Leaders by SC Media.

Sara Lazarus

VP of Trust and Security

 Stavvy

From the Desk of CISOs: The Impacts of Insider Risk

The CISO panel will discuss insider risk impacts to the organization from the C-level. Join this conversation to understand what is on executives’ minds as it relates to Insider Risk and how it poses a significant impact to the organization. During the discussion, panelists will explore trends that are driving up the risk of data loss. We will also dig into large scale changes in the security landscape that have caused Insider Risk to become a growing concern among executives, the C-suite, and the board.

About The Speaker

As the Head of Trust and Security at Stavvy, Sara leads security, site reliability engineering, and corporate IT. She is passionate about building and leading psychologically safe, high performing teams. Sara previously built a world class 24x7x365 Computer Security Incident Response Team at Salesforce. Prior, she led a team protecting client networks as part of a Managed Detection and Response service provider. As an adjunct professor at Johns Hopkins University, Sara taught a course on the foundational elements of cyber security. Sara began her career as a business technology analyst with Deloitte Consulting, subsequently working as a Project Management Professional focusing on portfolio and performance management for US Government clients before joining Raytheon's Cyber Exploitation Unit. Sara is currently a student in the Executive MBA program at Wharton. She is a Magna Cum Laude graduate of the University of Maryland in College Park.

 

Stacey Champagne

Insider Risk Investigations & Management SME

Hacker in Heels

Technical Bias in Insider Risk

Many insider risk programs are formed under the Chief Information Security Officer (CISO). This can lead to challenges in autonomy, authority, and access to non-technical information essential for insider risk identification and investigation. How do you overcome organizational resistance and assure stakeholders of your multidisciplinary expertise? In this session, experienced insider risk practitioners will discuss (1) how they've seen technical bias hinder insider risk programs, (2) the role of non-technical indicators in insider risk investigations, (3) how to successfully collect and integrate non-technical indicators into insider risk monitoring, and (4) strategies for navigating pushback by data owners and stakeholders.

About The Speaker

Stacey is a multi-disciplined expert in insider risk. She has experience conducting insider risk analysis, investigations, and program management at globally recognized Fortune 100 & 500 companies. From 2018 through 2020, Stacey founded and led The Trade Secrets Network, an events and consulting company focused on insider risk management with a niche network of over 70 professionals. She is also the Founder & CEO of Hacker in Heels, a company that helps women launch and grow careers in cybersecurity. Stacey holds multiple certifications including Certified Forensic Computer Examiner (CFCE) and Insider Threat Program Manager (ITPM). She earned her MS in Security and Resilience Studies with a focus on Cybersecurity Policy from Northeastern University, and a graduate certificate in Cybercrime Investigation and Cybersecurity from Boston University. Stacey will complete her second MS in Criminal Justice from Boston University in 2023.

 

Stephen Griegel 

 Data Security Leader

Booz Allen Hamilton

Insider Risk and the Business Context Imperative

Insider Risk and the Business Context Imperative Effective insider risk management is difficult even for experienced organizations. The pitfalls and challenges that can lead to program failure are so routine, so consistent that they’re documented in SEI CERT’s Common Sense Guide for Mitigating Insider Threats (6th). And even then, many of the cybersecurity teams that do secure funding for a formalized insider program build find that it’s even more difficult to maintain that funding… If a “holistic insider risk management program that’s integrated across the enterprise and aligned with strategic business objectives” is your nirvana, buckle up. Though rocky your path may be… you absolutely CAN reach your organization’s insider nirvana, but you CAN’T get there if you don’t know your organization, it’s people, processes, and technologies. You can’t get there without business context. This presentation will cover strategies that help early-stage programs avoid the most significant impediments in the program lifecycle, define business context and it’s derived value from the insider program perspective, plus provide examples for how developing a deep understanding for (and partnering with) your organization can lead to program growth while providing real value to organizations. This presentation will include: 1. A discussion around common pitfalls / challenges of implementing an insider program with real-world-examples for why are more significant than others. 2. Practical examples for how developing appropriate business context can increase organizational trust and contribute to program success, regardless of where organizations are in their insider journey. 3. An overview of common insider program operating models, with specific examples for translating business context into strategic organizational partnerships. 4. A capstone conversation on using technology to strengthen insider program partnerships and create value for organizations.

About The Speaker

Stephen Griegel is the Data Security leader for Booz Allen’s Commercial Advanced Cyber Defense business. Stephen and his team are focused on developing and implementing end-to-end capabilities to govern, protect and monitor data. These capabilities support a client’s vast needs and programs such as Privacy, Insider Risk/Threat, Data Loss Protection, Secured Data Governance and Secured Cloud Data. Over the past 17 years, Stephen has managed large-scale Cyber Security and IT transformation projects across industries while focusing on Communication & Media, High Technology, Pharmaceutical, Travel and Consumer Services.

Steve Riley 

Field CTO

 Netskope

Insider Risk Prevention and Detection is like an Onion – It has Layers

Join Code42, Trace3, Splunk, and Netskope where we discuss insider defense and detection in depth from a technical perspective, and how layering technology will cover the basis of collecting, aggregating, triaging and actioning on data and user activities in the prevention and detection of insider risks. We will discuss open, deep, and dark web monitoring, aggregating user statistics and behavior, reputation monitoring, large scale data transfers, data exfiltration activities, and correlating identity and HR information to provide insider risk defense and detection in depth.

About The Speaker

Steve Riley is a Field CTO at Netskope. Having worked at the intersection of cloud and security for pretty much as long as that’s been an actual topic, Steve offers that perspective to field and executive engagements and also supports long-term technology strategy and works with key industry influencers. A widely-renowned expert speaker, author, researcher, and analyst, Steve came to Netskope from Gartner, where for five years he maintained a collection of cloud security research that included the Magic Quadrant for Cloud Access Security Brokers and the Market Guide for Zero Trust Network Access. Before Gartner, Steve spent four years as Deputy CTO of Riverbed Technology and held various security strategy and technical program management roles at Amazon Web Services for two years and at Microsoft for eleven years. Steve's interest in security began all the way back in 1995, when he convinced his then-employer that it would be a good idea to install a firewall on their brand new internet connection.

Talhah Mir

Principal PM Manager

Microsoft 

Addressing Insider Risks as Part of your End-to-End Data Protection Strategy

Security and compliance teams know that protecting sensitive data, preventing data loss and managing potential insider risks are crucial to a strong security strategy. When it comes to managing insider risks, like malicious data theft or inadvertent data leaks, it can be challenging to know where to start: who should be involved in the design of an insider risk management program? What policies make the most sense for your organization? How can data protection fundamentals, privacy controls and organizational insights help you on your journey? Join Microsoft Security experts as we talk about identifying and managing insider risks, all while protecting user privacy and ensuring the right policies and role-based access controls are in place. In this session, we’ll share six best practices for addressing insider risk that we’ve learned from our experience in Microsoft Security and from conversations with customer and partners.

About The Speaker

Talhah Mir, Principal PM Manager, leads the product management team for Insider Risk Management at Microsoft. Prior to this, Talhah has been working in the information security space at Microsoft for the past 17 years including insider threat, security engineering, education & awareness, security consulting and application security.

Tyler Farrar

CISO

Exabeam

Successful Partnering for Insider Risk Management

Join this session to hear from Exabeam's CHRO, Gianna Driver, and Exabeam's CISO, Tyler Farrar as they discuss: Defining shared objectives and metrics, communicating in a common language, partnering with the wider business, and positive promotion of Insider Risk Management to employees.

About The Speaker

Tyler Farrar is the Chief Information Security Officer (CISO) at Exabeam. In this role, he is responsible for protecting Exabeam – its employees, customers, and data assets – against present and future digital threats. Farrar also leads efforts in supporting current and prospective customers’ move to the Exabeam cloud security operations platform by helping them to address cloud security compliance barriers. With over 15 years of broad and diversified technical experience, Farrar is recognized as a business-focused and results-oriented leader with a proven track record of advancing organizational security programs. Prior to Exabeam, Farrar was responsible for the strategy and execution of the information security program at Maxar Technologies, which included security operations, infrastructure governance, cyber assurance, and USG program protection functions. As a former Naval Officer, he managed multiple projects and cyber operations for a multimillion-dollar Department of Defense program. Farrar earned an MBA from the University of Maryland and a Bachelor of Science in Aerospace Engineering from the United States Naval Academy. He also holds a variety of technical and professional certifications, including the Certified Information Systems Security Professional (CISSP) certification.

Val LeTellier 

Advisor

 Red Vector

Red Flags, Reimagined

A noteworthy recent development in insider risk mitigation is how advanced insider risk analysis solutions are being fielded to reduce and eliminate threats through the fusion of link analysis, machine learning, and risk modeling. Specifically, how new 'fusion centers' synthesize employee behavior, information technology and cyber security systems, access control, human resources, and open-source intelligence data to perform advanced predictive analysis on key indicators of threat and risk. Two former Intelligence operators from the FBI and CIA have joined forces to discuss how this a good way to aggregate and correlate intelligence previously siloed in individual systems for more confident analysis and less analyst involvement in the data chain.

About The Speaker

Val LeTellier ran security, intelligence, and counterintelligence operations as a State Department Diplomatic Security Special Agent and CIA operations officer. Twenty years penetrating foreign intelligence targets and recruiting sources provided him an intimate understanding of the psychology of insiders. Following government service, he co-founded a cyber security firm that combined CIA HUMINT and NSA technical expertise for insider risk vulnerability assessment and countermeasure design. He now helps develop innovative security and intelligence solutions for the new operating environment created by the Fourth Industrial Revolution. He presents nationally on insider risk, and holds an MS, MBA, CISSP, CEH, PMP, RTT and ITVA.

Victoria Darling

Insider Risk and Human Capital Practitioner

Independent Consultant

Technical Bias in Insider Risk

Many insider risk programs are formed under the Chief Information Security Officer (CISO). This can lead to challenges in autonomy, authority, and access to non-technical information essential for insider risk identification and investigation. How do you overcome organizational resistance and assure stakeholders of your multidisciplinary expertise? In this session, experienced insider risk practitioners will discuss (1) how they've seen technical bias hinder insider risk programs, (2) the role of non-technical indicators in insider risk investigations, (3) how to successfully collect and integrate non-technical indicators into insider risk monitoring, and (4) strategies for navigating pushback by data owners and stakeholders.

About The Speaker

Victoria is an accomplished Human Resources and Insider Risk practitioner, and a skilled Manager of People and Culture. She is highly regarded for her progressive leadership and operations management experience, her ability to inspire others to reach their highest potential, savvy in building and improving HRIS and database management systems, and acumen in strategic planning, public speaking, business coaching, and overall process improvement. Victoria is an Army veteran, a LGBTQIA+ inclusion advocate, and actively volunteers her time as a mentor for people representative of our collective military and veteran community.

Virgil Capollari

Founder & President

Adaptive Risk Strategies LLC

Technical Bias in Insider Risk

Many insider risk programs are formed under the Chief Information Security Officer (CISO). This can lead to challenges in autonomy, authority, and access to non-technical information essential for insider risk identification and investigation. How do you overcome organizational resistance and assure stakeholders of your multidisciplinary expertise? In this session, experienced insider risk practitioners will discuss (1) how they've seen technical bias hinder insider risk programs, (2) the role of non-technical indicators in insider risk investigations, (3) how to successfully collect and integrate non-technical indicators into insider risk monitoring, and (4) strategies for navigating pushback by data owners and stakeholders.

About The Speaker

Virgil Capollari is a former U.S. intelligence officer & Counterintelligence Special Agent, who is also the founder of Adaptive Risk Strategies. Virgil spent decades managing and countering internal and external threats in a government context. Today, he leverages his expertise to help security professionals, private companies, and organizations improve their own corporate counterintelligence strategies.

Yaron Levi

CISO

Dolby

From the Desk of CISOs: The Impacts of Insider Risk

The CISO panel will discuss insider risk impacts to the organization from the C-level. Join this conversation to understand what is on executives’ minds as it relates to Insider Risk and how it poses a significant impact to the organization. During the discussion, panelists will explore trends that are driving up the risk of data loss. We will also dig into large scale changes in the security landscape that have caused Insider Risk to become a growing concern among executives, the C-suite, and the board.

About The Speaker

Yaron Levi is the Global CISO for Dolby. Prior to joining Dolby, Yaron was the CISO for Blue Cross and Blue Shield of Kansas City, a Deputy CISO for Cerner Corporation; an Information Security Business Partner for Intuit; an Information Security Architect and Product Manager for eBay; He specializes in Security Strategy, Cyber Defense, DevSecOps and Cyber Evangelism. Yaron is a Research Fellow for the Cloud Security Alliance (CSA). He was the co-chair and lead architect of the Cloud Enterprise Architecture, Contributor to the Consensus Assessments Initiative Questionnaire (CAIQ), and Cloud Controls Matrix (CCM). Yaron serves as a venture advisor for several VCs and Security Startups, and he is the co- founder of the Kansas City CISO forum, and B-Sides Kansas City. Yaron holds a B.A in Social Sciences and Management and is a graduate from the FBI CISO Academy.

Zach Luze

Data Security Practice Lead

Kudelski Security

Better, Faster: Re-thinking Data Security for a New Era

Data security sounds simple enough - find your sensitive data, then protect it. So why is the industry littered with half-baked programs and shelfware? The main culprit lies in the pervading "first, discover all data" approach. Long, resource-intensive data discovery efforts lead to slow ROI, guesswork KPIs, and the inevitable call from leadership asking "what have you actually protected?" It's time for a new approach. Data discovery still has its place, but is subordinated to data security's true objective - controls to actively remediate and respond to data threats, efforts to educate users. Drawing on lessons from actual implementations, Agile, and new innovations, we'll explore a framework to protect data better and faster. 

About The Speaker

Zach Luze leads the Data Security Practice at Kudelski Security. Previously, Zach managed data security efforts for Deloitte US and provided vCISO support to higher education institutions for Ellucian. He helps clients build pragmatic data security programs that increase resiliency with less friction.