- This event has passed so registration is closed.
Overview
Insider threats from compromised credentials, leading to lateral movement across the network continues unabated. They are notoriously difficult to spot and require lengthy investigations.
Many security operations metrics are time-driven: time-to-detect, time-to-respond, time-to-answer… Security analysts are up against the clock to review, investigate, and act. Manual processes, manual analysis, manual decision making is borne from the idea that machines cannot always be trusted to understand risk as a human would. But the data haystacks continue to grow exponentially, and the needles ever harder to find.
Humans are struggling.
Understanding where and how to focus your analyst’s efforts will help you better protect your organization from risk.
Attend this session to learn about:
- Insider threat and the risks that organizations face
- The “new breed” of insiders and the dangers they pose
- Best practices for developing an insider risk management program
- Leveraging machine learning and automation in the SOC to combat insider threats
Moderator
Lee Neely – Information Assurance APL, LLNL
Lee Neely is a senior IT and security professional at LLNL with over 30 years of extensive experience with a wide variety of technology and applications from point implementations to enterprise solutions. He teaches cyber security courses, and holds several security certifications including GMOB, GPEN, GWAPT, GAWN, GPYC, GEVA, CISSP, CISA, CISM and CRISC. He is a current ISSA International Board Member and former ISSA International Director, Member of the SANS NewsBites Editorial Board, SANS Analyst, and Security Weekly podcast host. You can keep up with Lee @lelandneely
Speaker/s
Samantha Humphries – Security Strategist, Exabeam
Samantha has 20 years of experience in cyber security, and during this time has held a plethora of roles, one of her favourite titles being Global Threat Response Manager, which definitely sounds more glamorous than it was in reality. She has defined strategy for multiple security products and technologies, helped hundreds of organisations of all shapes, sizes, and geographies recover and learn from cyberattacks, and trained anyone who’ll listen on security concepts and solutions. Sam’s life in IT started much earlier, at age 6, when she had twice as many computers than her school (a ZX Spectrum 48K and a BBC Master), and was conned into QAing educational games on 5¼ inch floppy disks for her mother’s employer. In her current regeneration, she’s thoroughly enjoying being a part of the global product marketing team at Exabeam, where she has responsibility for EMEA, plus anything that has “cloud” in the name. Sam’s a go-to person for data compliance-related questions, and has to regularly remind people that she isn’t a lawyer, although if she had a time machine she probably would be. She authors articles for various security publications, and is a regular speaker and volunteer at industry events, including BSides, IPExpo, CyberSecurityX, The Diana Initiative, and Blue Team Village (DEFCON).
See Samantha Humphries‘s full profile.
Myriah V. Jaworski – Former Department of Justice Attorney and Crisis Response Leader
Myriah leads Beckage’s Privacy Litigation Practice Group where she represents clients in data breach actions, technology vendor disputes, and the defense of consumer class actions and related regulatory investigations. Recognized as a Super Lawyers Rising Star – Litigation, Myriah practices in many jurisdictions throughout the United States in both state and federal courts.
Myriah has represented businesses in defense of claims brought under the federal Telephone Consumer Protection Act (TCPA), website accessibility claims brought under the Americans with Disabilities Act (ADA) and related state laws such as California’s Unruh Civil Rights Act, data breach standards, state law unfair business practices acts, privacy tort claims (invasion of privacy, misappropriation of information), and biometric information acts. Beckage attorneys, including Myriah, are involved in defense of one of the largest consumer privacy class actions in the country.
Myriah has experience representing clients in business disputes relating to technology contracts, including cloud/SaaS and E-commerce and AI or Machine Learning vendor disputes, wherein she has obtained favorable monetary and injunctive relief. Myriah has represented clients in wire fraud and payment diversion matters throughout the country. She also represents clients in response to regulatory inquiries and investigations arising out of data incidents, including before state Attorney General offices and the Department of Human and Health Services -Office of Civil Rights (HHS/OCR).
Myriah is one of Beckage’s dedicated California Consumer Privacy Act (CCPA) attorneys and routinely counsels clients on implementation of CCPA policies and procedures, including assisting businesses to operationalize Data Subject Request (DSR) processes, perform CCPA training and record keeping, manage third party vendor relationships, and make CCPA required breach notifications. Ms. Jaworski also works with clients to evaluate and implement new technologies, including AI and machine learning tools to advance business goals, and to negotiate contractual addendums and vendor management protocols regarding same. Of particular importance, Ms. Jaworski works with clients to mitigate potential privacy risks and ethical biases, and to provide meaningful audit rights to business units for their use of AI and machine learning tools. Her clients include major E-commerce retailers, international news media companies, consumer goods manufacturers and retailers, health care organizations and financial entities.
Myriah is also a Certified Information Privacy Professional, United States (CIPP/US) and a Certified Information Privacy Professional, Europe (CIPP/E) as certified by the International Association of Privacy Professionals (IAPP).
Prior to joining Beckage in 2018, Myriah was a senior attorney with a large regional law firm and a Trial Attorney with the United States Department of Justice (DOJ).
See Myriah V. Jaworski‘s full profile.
Joshua Marpet – Executive Director and Chairman, Risk Management ISAO
After a number of interesting (police, fireman, blacksmith) but unrelated professions, Josh began his security career with the Federal Reserve Bank of Philadelphia as an information security engineer.
He is a current faculty member for IANS, the Institute for Applied Network Security, a co-host of Security and Compliance Weekly, a CMMC author, a member of the SPDX standards committee, and too many other places to list.
Joshua is currently the Executive Director and Chairman of the Risk Management ISAO (RM-isao.org), the only membership organization developed to help small and medium federal contractors be compliant and secure. He’s also a founder and board member of MJM Growth, an equity based incubator and business brokerage.
Joshua is a graduate of MACH37™, the topcybersecuritystart-up accelerator designed to facilitate the creation of the next generation of cyber product companies.
Recent On-Demand Web Conferences
ISSA Webinars and Conference series cover all the continuing education credits to maintain your cyber security certifications. (CPEs, CEUs, ECE, etc). Each hour is equal to one continuing education credit. Certificates of completion are available upon request after completion. For instructions, click here.