Solutions & Demonstrations Track
SD01 – Security Fabric – Broad, Automated and Powerful Protection for Today’s Advanced Threats
Doug Manger | SE Director, New/Penn/Del Region
Matt France | SE Engineer
For your enterprise to be successful, your network must be secure. But we can no longer focus on securing simple connections or application content. It’s impossible to secure today’s dynamic IT ecosystem with solutions created decades ago. Similarly, we no longer live in a world where data is contained within the network; it’s now virtually everywhere.
The Fortinet Security Fabric builds upon over 20 years of industry-defining innovation. The technology represents the first-ever architectural security approach designed to dynamically adapt to today’s evolving IT infrastructure. This multi-layered approach segments the entire network, from Internet of Things (IoT) to the cloud, to provide broad, powerful, and automated protection against sophisticated threats.
SD02 – Securing Your Data
Sam Cattle | MSIA Norwich, C|CISO, CISM, CRISC, CISSP
Securing Your Data is an exploration of Data Security controls, as seen through the lens of the five core security functions of the NIST Cybersecurity Framework: Identify, Protect, Detect, Respond, and Recover. Applicable to any use case or infrastructure, in this presentation, we explore procedural controls, technical controls, both on-premise and in the cloud, for both structured and unstructured data.
Mr. Cattle is a security leader focused on Security Governance, Compliance Management, and Security Solutions Development. Mr. Cattle has over 20 years of Security professional, consulting, and management expertise. He has held roles as CISO and director of national Security/Splunk practices, with an emphasis on security for cellular and wireless technologies. Mr. Cattle currently leads the Security Practice of AdvizeX Consulting and Rolta AdvizeX.
SD03 – Security as a Puzzle
Craig Coolidge | Principle Field Solutions Architect
Security as a Puzzle will take a fun, educational and entertaining look at the many parallels that can be drawn between addressing your organization’s information security and solving puzzles.
We’ll look at things like: What determines the size of your security puzzle? How do you approach your security puzzle? We’ll also take a look at a few of the common security puzzle pieces, for instance: Network Segmentation, Accountability/Responsibility, Data Classification and more.
Craig Coolidge joined CDW as a Wireless Solutions Architect in June of 2007. Determined for CDW to achieve and retain #1 wireless partner status for Cisco and Aruba, Craig took on the Wireless Technical Architect role. As the Wireless Technical Architect, he helped with the creation of the Technoliner and CDW’s Stadium Team. Craig helped to sell and deliver some of the most prominent projects in CDW’s history, including the Arizona Cardinal’s University of Phoenix Stadium, home to Super Bowl XLIX. He then transitioned into the Enterprise Networking Practice Lead where he helped kickstart CDW’s IOT offerings focused on the Manufacturing space. Craig is now a Principal Field Solutions Architect for CDW’s Information Security Services and hopes to leverage his CDW experience to continue to build an unstoppable InfoSec team.
SD04 – Network and Security Virtualization: Demo & Discussion
Scott Caruthers | Security and Cloud Practice Lead, SMP
Brian Roets | Infrastructure Practice Lead, SMP
John Statt | Senior Solutions Architect, SMP
Local IT and CyberSecurity experts, SMP, will address network & security virtualization and VMware solutions. VMware NSX is the platform for Network Virtualization providing Logical Switching, Distributed Logical Routing, Dynamic Routing, Distributed Firewall and Logical Network Services. This demo introduces the core security capabilities of VMware NSX in vSphere environments via:
- Distributed Logical Switching Demonstration and Discussion
- Distributed Firewall Demonstration and Discussion
Scott joined SMP following a decade of focus on Cisco, Palo Alto, and VMware security portfolios. Scott’s previous roles include lead technical engineer for a managed service Unified Communications team and solutions architect. Scott’s cyber security and Unified Communications experience began with implementation responsibilities in the year of 2002 for a consulting firm in southern California. Following relocation to New York, Scott was involved predominantly with managed services organizations. Scott acted in the lead roles for engagement on countless Fortune 500 accounts as part of managed services and implementation support of security, collaboration, and contact center lines of business.
With over 18 years of experience in the Information Technology, BPO and Telecommunications industries, Brian joined SMP in 2012 to develop and lead their Infrastructure Practice. Under Brian’s leadership, SMP obtained the VMware EUC Elite specialization, which demonstrates the highest level of expertise in selling, designing, deploying and supporting highly-sophisticated VMware End-User Computing solutions. Brian currently advises many of SMP’s technology partners representing SMP on the VMware Partner Technical Advisory.
John has 33 years of experience designing and implementing network, security and datacenter technologies. John is a certified professional in networking and security with multiple vendors including Cisco and VMware. John is the subject matter expert on Cisco ACI and VMware NSX along with several other technologies.
SD05 – Transforming IoT Security Through Visibility
Brendan O’Connell: ForeScout VP of Product Management
The Internet of Things (IoT) phenomenon brings many benefits to today’s organizations, along with many challenges and threats. With today’s constrained IT resources and budgets, managing these challenges can be difficult without visibility into the IoT devices connected to your network and the potential vulnerabilities these devices can present. While organizations have put in place the common defense systems, IT teams face challenges getting these defense mechanisms to interoperate while executing a solid IoT security strategy. Learn how you can transform your approach to IoT security through gaining visibility and control of devices connecting to your campus network and to your data center and cloud environments.
Brendan O’Connell serves as ForeScout’s VP of Product Management and is responsible for the global PM team driving business strategy. He has more than 20 years of networking and security industry experience, deep experience in security visibility, and served exclusively in product management leadership roles since 2005. Prior to Forescout Brendan co-founded FactorChain, a startup in the security operations space with a focus on investigations and incident response. Brendan was also a long time Cisco employee with responsibilities ranging across business development, internal startup R&D, and twice led product management for Cisco’s NAC offerings.
SD06 – Why the General Data Protection Regulation is an Opportunity, Not a Nuisance
Forsythe Technology, Inc
Steve Vinsik | Sr. Director Security Solutions for Forsythe
The passing of a new European Union (EU) data protection framework — the General Data Protection Regulation (GDPR) — is having a tremendous impact on enterprises that collect data on Europeans. The May 25, 2018 compliance deadline, which from an IT planning and management perspective is right around the corner, has organizations in the United States scrambling. According to PwC (https://www.pwc.com/us/en/increasing-it-effectiveness/publications/assets/pwc-gdpr-series-pulse-survey.pdf), 77 percent of U.S. multinational companies are planning to spend $1 million or more on GDPR readiness this year, and 68 percent are earmarking between $1 million and $10 million. Companies looking to maintain a European presence should assess their overall data protection capabilities to identify gaps and compliance risks.
Don’t miss this informative session with Forsythe’s Senior National Director of Security Solutions, Steven Vinsik to learn:
- How businesses should respond to GDPR immediately and into the future
- Why it’s critical to implement a data centric security strategy
- How data discovery and data classification can be your most useful tools
- Why enterprises should consider GDPR — and regulations like it — an opportunity, not a nuisance
As the senior director of security solutions, Steve has responsibility for the strategic direction and development of Forsythe’s security solutions to address the dynamic security threats, challenges, and regulatory requirements facing our clients. Steve has over 20 years’ experience leading global technology and consulting organizations in the delivery of enterprise security solutions in the areas of security strategy, data protection, identity management, cloud security, and managed security services.
SD07 – Security Monitoring for the Hybrid Enterprise
Josh Huston | VP Engineering & Marketing
Most organizations are embracing cloud services as part of their IT strategy. However, many security teams that we work with are not keeping pace with security control and monitoring solutions for cloud deployments.
In this talk we will look at gathering security data from your cloud (PaaS, IaaS, and SaaS) providers. We will explore open source options along with commercial platforms for gathering, storing, and analyzing your security data.
Josh has an extensive background in technology design, implementation, operation, and training. He has spent 20 years in the industry with more than a decade focused on information security and resilience.
At Netanium, Josh’s engineering team specializes in cybersecurity. This includes architecture/design, operations, and ongoing analysis of data (SOC services.) With the Netanium team, Josh helps companies implement the processes and technology needed to mature their resilience and cybersecurity programs.
Josh is an active member of the information security community and is a lead organizer for MassHackers, BeanSec, and BSides Boston. Twitter: @stonhu
SD08 – Using Machines to Combat Hackers
Emil Anestam | Sales Engineer
Cylance sees 500,000 new suspicious computer files every single day. Malware is out of control and laying siege to economies, governments and businesses around the world. Learn how recent advancements in cloud computing, data science and machine learning are helping combat the ever increasing war waged in cyberspace!
SD09 – Empowering “Smart”-SecOps with Security Platforms
Lee Waskevich |, VP Security Solutions – CCIE 7764 , CISSP, ePlus
Tom Allen | Principal Consultant / GRC Lead – CCSP, ISO 27001 LA, CISA, CISSP, HCISPP, QSA, Foresite Security Specialist, Palo Alto Networks
Charles Sterner | Product Manager, Palo Alto Networks
Smartphone, Smart-Fridge, Smart-Car… It’s time for more intelligent security operations. The heart of security operations resides in the data. Security platforms focused on network, endpoint, and cloud along with available logging plane integrations can greatly increase the value and context in the data provided to security operations teams. The muscle of security operations resides in the intelligence driven choices that can make or break your response to security events. In this lively security panel we will explore a more intelligent approach to security operations. We will be joined by multiple industry experts to provide their insights and experience on how to achieve a more effective security operations experience. We will explore such topics as:
- How increased threat context improves prevention efficacy?
- How managed security operations can help accelerate gains from security platform investments
- How intelligent platforms and managed security operations help companies accelerate security program maturity
The ePlus Security practice helps build and deliver security programs in organizations that mitigate risk and empower innovation. Lee’s primary focus is on setting overall strategy and developing effective solutions to combat todays latest cyber threats. In parallel, integration with emerging areas of technology such as cloud, mobility, IoT, analytics and programmability help to ensure that all solution areas within ePlus are designed to be secure. Additional responsibilities include building relationships with customers & business partners that center on tackling complex issues in cyber security, cloud, and digital infrastructure. During his tenure at ePlus he attained a second and third CCIE in Security & Wireless, respectively, along with the CISSP certification.
Tom Allen leads the Governance, Risk and Compliance team for Foresite, a National cybersecurity firm. In this role, Tom is at the forefront of changing cybersecurity standards and compliance requirements, and is responsible to develop work products for assessing clients and for directing audits. Tom’s background includes over 20 years in technology consulting across many business sectors and as a Security Architect in the education field. Among Tom’s many certifications are CISSP, ISO 27001 LA, CISA, PCI QSA, HCISPP, and CEH.
SD10 – Hand to Hand Combat with a Targeted Attacker
Charles Ahart | CISSP, Sales Engineer
Today’s breaches are not malware-based and many are targeted at the endpoint. Being able to detect, investigate, and prevent these attacks within seconds is critical to stopping a breach. Join us as we show how to defend against sophisticated attacks, without traditional malware. Learn how CrowdStrike’s Falcon Platform stops breaches by preventing and responding to these and other attacks that your existing security tools cannot stop.
As a Sales Engineer at CrowdStrike, Charles Ahart focuses on helping customers better identify threats where the adversaries exist, one the end point. Charles acts as an advocate for customers and liaisons between customers and the CrowdStrike sales and product teams, providing hands-on real-world perspective with the deployment and management of advanced detection controls. Prior to joining CrowdStrike in 2016, Charles held engineering and consulting positions with IBM Security and Sirius Computer Solutions. With over 13 years of experience in Cyber security Charles has architected and deployed products and integrated solutions in Identity Management, SIEM, and End Point Detection. Twitter: @cahart3367 Email:firstname.lastname@example.org
SD11 – Securing The Privileged Pathway – The Most Travelled Cyber Attack Route
Barak Feldman | National Director for Privileged Account Security
Traditionally, much of the focus of a corporation’s InfoSec efforts have been placed on ensuring that the perimeter is secure. Recent attacks have shown an alarming shift from perimeter-based attacks to ones that originate inside the corporate network using privileged accounts. Once hackers establish a privileged foothold, they gain unfettered access to elevate privileges and move about the network freely without detection. Understanding this widely used method of attack is essential to developing ways to mitigate the risk. In this session, we’ll
- Review a case study demonstrating abuse of privileged credentials
- Discuss how privilege is used in these attacks
- Discuss effective prevention and detection strategies
Barak Feldman is a National Director for the Privileged Account Security solution portfolio at CyberArk Software. Barak joined CyberArk in 2001 and has held several sales and technical roles including managing the system engineering group in the Americas. He brings deep technical and business background to his role at CyberArk, with over 16 years of experience in designing and implementing security and compliance solutions at many of the Fortune 500 and at various federal agencies. He has an in depth technical knowledge related to the most crucial areas of information security including Regulatory Compliance, Policy Management, Access Management and specifically the current threats surrounding privileged access to the highest risk assets within the enterprise.
SD12 – The Industry Need for Cloud Generation Security
Seamus Hartmann | CISSP, CCNP, JNCIP-Sec, Palo Alto ACE
The unprecedented power of cloud applications has opened up amazing new possibilities for IT organizations, lines-of- business, and users to empower their work needs. Whether sanctioned or not, these cloud applications can have a dark side. The rapid pace of adoption has left most security and compliance teams behind.
Users, devices and data are now interacting with a variety of new cloud services while entirely circumventing the control of the organization. This has introduced new risk factors for organizations already struggling under the duress of the traditional threat landscape. However, it doesn’t have to be this way; Cloud applications and services can be adopted rapidly and securely as Info Security teams proactively build in security for users, devices and data. Please join Symantec as we discuss these new challenges and provide practical advice on how these issues can be safely overcome.
Seamus has 25 years of Security and Enterprise Solutions experience across enterprise, banking, education and hospital verticals.
Seamus comes from a technical and compliance background, with experience in conducting compliance and technical security implementation. He has expanded this into policy driven security architecture implementation including development of IT policy and procedures, technical system assessments, security, enterprise mobility architecture and information risk management.
He is equally comfortable in dealing with non-technical business customers and pure technical solutions and utilizes a Policy Driven Security Architecture approach based on the Sherwood Applied Business Security Architecture (SABSA) framework. He most recently managed the architecture and deployment of the global cloud network for IBM using best of breed solutions for security, mobility, connectivity and routing.
SD13 – Security & Risk
Sirius Computer Solutions
Dr. James Rice | Director of Security Consulting Services
Traditional security programs have often focused on information technology protection strategies. In the evolving digital economy, an increase emphasis on identification, detection, response, and recovery are required to deliver balanced enterprise security and business risk programs to organizations. This presentation will provide an overview of a balanced security and risk program. It will include examples, such as IBM security’s threat intelligence sources and emerging machine learning technologies, are helping to realize this balance and help business leaders keep up with the evolving threat landscape without over burdening the human resources or security budgets of the organization. It is through balanced security and risk programs that organizations can build effective cyber deterrence.
Dr. Rice joined Sirius in 2000. He is responsible for leading a team of certified and highly experienced professionals who consult with clients to reduce enterprise risk. Jim studies and applies information technology governance processes. He has consulted with clients in a variety of industries, including healthcare, financial services, insurance, higher education, and retail. His goal is to improve client business efficiency and reduce enterprise risk through development of security programs, developing compliance capabilities, improving enterprise governance, and developing efficient information technology capabilities. In addition to supporting Sirius client initiatives, Jim is an Adjunct Faculty member for the University of Phoenix, School of Advanced Studies and a Senior Research Fellow in the Center for Global Business and Information Technology Research where he studies and publishes work on enterprise governance practices for business in the digital economy.