All Access: Threat Detection and Response 2023
February 21 - 22, 2023
| Free CS Hub Online Event
Agenda Day 1: 21 February 2023
9:00 am - 9:30 am
EST
Discussion panel: Building a successful Detection and Response system and important factors to consider
Yaron Slutzky -
Chief Information Security Officer,
Agoda
Umar Hossain - Senior Director - IT Operations, Staples Canada
Many organisations are noticing that the frequency of attacks is on the rise and the landscape of threats is constantly changing. Therefore, it is important to invest in and re-evaluate your Detection and Response system on a regular basis.
In this session, join our panellists as they will share their thoughts on:
· How to build Detection and Response infrastructure in an organisation and what’s the right way to do it
· Important factors to consider building a successful D&R system
· How to leverage the data and gain accurate real time intelligence
9:30 am - 10:00 am
EST
Regulations and Legislation in Cyber Response: Challenges and Solutions
Vaughan Shanks -
CEO,
Cydarm
Keith Moulsdale - Technology, Cybersecurity & IP Law Partner, Whiteford, Taylor & Preston
Samrah Kazmi - Chief Innovation Officer, RESRG
Kelly McCracken - SVP, Detection & Response, Salesforce
This panel session discusses the challenges associated with the increased (and increasing) legislative and regulatory landscape of cyber incident response. Throughout this session domain experts from law, technology, cyber response management, and enterprise security backgrounds will be available to take live questions from attendees as it relates to these challenges. Main webinar take-aways include:
- A better understanding of the current legal and regulatory landscape and requirements as it relates to cyber incident response.
- Recommendations from experts on what organizations in regulated industries can do to reduce the risk of non-compliance across the people, process, and technology aspects of cyber response
- Solutions to common problems experienced by CISOs, GRC Officers, SOC managers, and Security Analysts due to increased compliance requirements in cyber response.
Sponsored by: Cydarm
10:00 am - 10:30 am
EST
Tracking the actors behind the threats with activity clustering
Josh Davies -
Senior Technical Product Manager Formerly a Security Analyst and Solutions Architect,
Alert Logic
With threat actors constantly evolving their tactics, techniques and procedures (TTPs), it is important that organizations are aware of the latest TTP trends to protect themselves.
Alert Logic has dedicated SOC analysts, data scientists and security researchers to continuously hunt for the latest and emerging threats and campaigns. This human-led process has complimented automated detection and helped stop threat actors from evading.
During this webinar Alert Logic will share understanding of distinctive threat actor groups it has amassed and how it has been keeping track of TTPs used.
John Davies, product manager at Alert Logic, will explore the process and benefits behind activity clustering. The former threat hunter will share information on the favored tactics used by threat groups, uncovered from real-life examples within the Alert Logic customer base.
Join this session to learn:
· The process and benefits behind activity clustering
· Which TTPs are favored by threat groups and what that tells us about them
· Real-life examples of identifying compromises from Alert Logic’s research
Sponsored by: Alert Logic
Josh Davies
Senior Technical Product Manager Formerly a Security Analyst and Solutions ArchitectAlert Logic
10:30 am - 11:00 am
EST
Best Recovery practice to restart your business after the attack
Rani Halimi -
Enterprise Architect,
Dell
Recovery is becoming a major trend in the market in cyber security. Before that people were focusing on Detection & Response, but once you’re attacked, you need to have the best recovery process in order to restart your business. Rani Halimi will be joining this webinar to share his expertise and best practise on:
- How to keep your customer data safe
- Best recovery procedures to follow
- Cloud security environment and how it differs
