Raleigh ISSA February 4, 2016 Chapter Meeting
5:00 – 6:00pm B2B AT&T- Tony Tortorici "Email Security"
6:00 – 6:45pm ISSA Career Services (Executive conference room)
6:00 – 7:30pm Randys Pizza, beer & wine
7:00 – 7:15pm Chapter Updates from the Board
7:15 – 8:30pm Main Presentation -Proofpoint - Sandria Tran "Advanced Threats don’t target systems – they target users"
Presentation Title: "Email Security"
Principle Technology - Security Manager
Speaker Bio: Tony Tortorici is a Principle Technology Security Manager for AT&T with focused on; email security, anti-virus technology, malware vectors and social engineering tactics. Tony works closely with various groups building awareness and performs malware research.”
With all of the advances being made in the world of security, email remains one vector that is consistently causing trouble. This is not because of code exploits but in what this vector does. It carries data directly to people. This talk will cover a back-to-the-basics overview of email security, including specific strategies that can help from both a corporate and personal aspect. A brief coverage of topics such as reputation, securing data, malicious behavior and awareness, will help participants better understand the email threat landscape and how it can be maneuvered.
Main Presentation 7:15-8:30
Title: Advanced Threats don’t target systems – they target users
Abstract:There are only a few ways that you can reliably target a person, and attackers do so by targeting the ways people work – email, social media, and mobile app downloads being the primary ones. That said, email remains the dominant vector, as it’s the most reliable way to reach nearly every person in every organization around the world. People will always be the weakest link in the security chain, but they also create all the value that we need to protect. The average user not only creates terabytes of data per year, they have access to much more on shared systems. Human-created data is the bulk of what we defend, and powers the majority of business processes in most organizations.
The right tools can successfully protect your users from their attack vectors that target them, but of course, that by itself is not enough as no prevention/detection tool can ever be 100% effective against 100% of attacks 100% of the time. That means the right strategy is to proactively protect your organization by minimizing the impact of human mistakes, and by protecting the sensitive information your people create as it travels and is stored and archived. In parallel, you can enable your security teams with the intelligence to know what to do and the tools that help them do it faster, because some form of compromise is inevitable for the vast majority of organizations.
Sr. Product Marketing Manager
Bio: Sandria Tran is a Senior Product Marketing Manager for Proofpoint focused on information security and compliance solutions. She has previous experience working in computer hardware and mobile workforce management, and will be presenting materials based on research done by the Proofpoint security team as well as leveraging field experience interacting with Fortune 1000 companies.