Endpoint

4/14/2017
11:15 AM
50%
50%

10 Questions To Get Practical Answers At Interop ITX

May 15-19 in Las Vegas: How to get solutions and advice from top speakers for the things that you really want to know.

The Interop ITX conference is just around the corner, coming to the MGM Grand in Las Vegas May 15-19. Here's how to get answers to the questions that rattle around inside your noggin every day when you're banging your head against the wall. Questions like: 

1. Can I actually block ransomware attacks, or are good backups and ransom payments my only options? If you don't want to just sit around, tossing your spare change into the "Ransom Fund Jar," waiting to be infected, then there are Interop ITX sessions for you. Don't miss "Ransomware: How to Stop It In Its Tracks and Respond When You Can't," with independent security consultant Gal Shpantzer. Also check out a bonus speed session from WatchGuard Technologies, "Malware on Main Street: How Ransomware and Zero Days Target SMBs." 

2. How can I identify potential malicious insiders and mitigate insider threats without being Big Brother and making everyone I work with hate me? Let Paul Brager, lead associate, cybersecurity architect, ICS/SCADA at Booz Allen Hamilton, guide you through some methods to balance trust with preparedness (keep both your friends and your sensitive data), in "Malicious Insider Threats: Finding Them and Rooting Them Out." 

3. How can I survive this cybersecurity skills shortage now, when everyone wants to steal my best people, I don't have enough to begin with, and I still have to wait 10 years for those 6th-grade STEM program kids? Head to "Surviving the Security Skills Shortage" and get tips from Rob Duhart, DSC Security, Control and Automation Lead/IT Manager for Ford Motor Company, Katherine Fithen, Chief Privacy Officer and Director Global IT Governance & Compliance for The Coca-Cola Company, and Ann Johnson, Vice President of the Enterprise Cybersecurity Group at Microsoft. They'll discuss ways to get by with a small staff, ways to retain the staff you've got, and better places to scout undiscovered talent than middle-school robotics competitions.   

4. Okay I get it, the Internet of Things is full of threats. What am I supposed to do about it? It probably wouldn't do to rip the smart TV off the wall and you might not be able to take down the Mirai botnet all by yourself, but you can go to "Five Ways To Prepare Your Organization To Address The Internet of Things," with John Pironti, president of IP Architects, and learn what adjustments to make to your identity management, risk profile, and more. Also check out the bonus speed session from the Trusted Computing Group "Tackling IoT Security from the Inside Out" and, considering the recent impact of IoT botnets, check out EfficientIP's speed session on "Protect Your DNS Services Against Security Threats."  

5. I can't stop my customers from using the same account logins across sites. I can't stop other sites from having breaches of login data. So how can I protect my customers and my brand from account takeover hacks? You might not be able to stand over the shoulder of every user at the account creation stage and yell "Don't do that!" However, you can let Mike Milner, co-founder and CTO of Immunio, show you an account takeover attack in action and show you countermeasures in "Live Account Takeover Hack and Tips on Preventing Today's Most Dangerous Application Threat." 

6. Hey, all this new threat intelligence data is really nice, but when exactly am I supposed to look at it, how am I supposed to know what's most important for my organization, and how can I figure that out fast enough for it to be of any use? Clearly you need to spend some of your limited time with KPMG's threat intel cyber security consultant Cheryl Biswas and senior consultant Haydn Johnson in their session "Collecting, Correlating, and Analyzing Security Data." They'll give you techniques for finding the jewels in your data (without needing to buy yet another piece of technology to do it). And don't worry; it's only an hour.  

7. Will I ever get my developers to write more secure code, and what exactly is DevSecOps anyway? Developers may speak a different language and even be from a different planet. Learn more about their needs, their motivations, and how to speak their language in "The Security Pro's Guide To DevOps: How to Get Developers to Write Secure Code," with Franklin Mosley, principal application security engineer for Ellucian. (And while you're at it, persuade your company's developers to attend Franklin's complementary session in the DevOps track, "DevSecOps: Minimizing Risk, Improving Security."

8. Am I in for an unhappy surprise the first time I file a cyber insurance claim? Does my policy really cover what I think it covers? You've probably been in cybersecurity longer than most of the companies providing cyber insurance have. If you're planning on trusting them to help your organization in its darkest times, then you'd better let David Bradford, chief strategy officer for Advisen take you through "Cyber Insurance 101" first. 

9. Almost every attack manipulates end users in some way, whether it's through a phishing message or something else. What can I do that actually makes an impact on what users let through the door? Start your week with a workshop by Bikash Barai, co-founder of FireCompass, called "Security Awareness Isn't Enough: Using the Science of Habits To Transform User Behavior." Follow it up with the session "Defeating Social Engineering, BECs and Phishing," with Bishop Fox's managing security associate Rob Ragan and security analyst Alex DeFreese. If calling users "stupid" all these years hasn't worked, surely these speakers can suggest something that will be more effective. 

10. How can I get the people who approve my budget to actually approve it, with less of a hassle?

  • Step 1. Bring them to the Dark Reading Cybersecurity Crash Course. This two-day event is an excellent way for IT generalists to get initiated on the main issues in security, so they better understand your needs, and for security pros to get quickly caught up on the latest security trends. (It even includes a talk on Speaking to Management About Security.) 
  • Step 2. Spruce up your risk management and metrics skills in "The Art of Performing Risk Assessments" by Ali Pabrai, CEO of ecfirst. 
  • Step 3. Take your business game to the next level, and learn how to explain that security might actually make money, not just cost money. Head to "Managing Risks to Reap Rewards: How to Use Security as a Growth Advantage" with Roland Cloutier, SVP and global chief security officer of ADP.

Other questions you might get practical answers to while at Interop? How does the game craps work? Which Cirque du Soleil show is your favorite? Is a "dry heat" really preferable? Register now and learn more.   

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Russia Hacked Clinton's Computers Five Hours After Trump's Call
Robert Lemos, Technology Journalist/Data Researcher,  4/19/2019
Why We Need a 'Cleaner Internet'
Darren Anstee, Chief Technology Officer at Arbor Networks,  4/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-11506
PUBLISHED: 2019-04-24
In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to Expo...
CVE-2019-8991
PUBLISHED: 2019-04-24
The administrator web interface of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Service Grid, TIBCO Silver Fabric Enabler for ActiveMatrix BPM, and TIB...
CVE-2019-8992
PUBLISHED: 2019-04-24
The administrative server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Service Grid, TIBCO ActiveMatrix Service Grid Distribution for TIBC...
CVE-2019-8993
PUBLISHED: 2019-04-24
The administrative web server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Service Grid, TIBCO ActiveMatrix Service Grid Distribution for ...
CVE-2019-8994
PUBLISHED: 2019-04-24
The workspace client of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, and TIBCO Silver Fabric Enabler for ActiveMatrix BPM contains vulnerabilities where an authenticated user can change settings that can theoretically adversely impact oth...