Cloud, Mobile & IAM

In recent years there has been a cultural shift supporting an increasingly mobile and flexible workforce enabled by technologies such as Cloud. This has not only made having a robust IAM strategy more essential but also increasingly more challenging. This theater provides tips for best practice when setting your strategy and examples of mistakes to avoid.

Cloud, Mobile & IAM Speakers

Adrejia L. A. Boutté Swafford
Adrejia L. A. Boutté Swafford

Defense Attorney  Christovich & Kearney, LLP

View

Adrejia L. A. Boutté Swafford
Bhavdip Rathod
Bhavdip Rathod

Solution Architect (Identity and Access Management)  Sailpoint Technologies, Inc.

View

Bhavdip Rathod

Bhavdip is an experienced cyber security technologist and architect through combined experience in Identity and Access Management. Bhavdip has strong understanding and in-depth experience of Identity and Access Management (IAM) Frameworks and industry best practices. He has developed various technical IAM frameworks for better automation and efficient execution of corporate Identity and Access Management programs across the industry. Bhavdip served as an SME on the largest and most complex IAM Implementations for various retail, financial, healthcare, education and manufacturing organizations in last 10 years. He is passionate about providing innovative solutions to the companies in the field for their most complex challenges in the IAM and Cyber Security areas.
 
Bhavdip holds a Master of Science degree with Commendation from University of Hertfordshire in UK.

Brian Contos
Brian Contos

CISO & VP Technology Innovation Verodin

View

Brian Contos
Bruce Macdonald
Bruce Macdonald

Sr. IAM Project Architect Hitachi ID

View

Bruce Macdonald
Chris Stoneff
Chris Stoneff

VP, Security Solutions Bomgar

View

Chris Stoneff
Greg Sparrow
Greg Sparrow

Senior Vice President & General Manager CompliancePoint

View

Greg Sparrow
Joe Gray
Joe Gray

Founder, Blogger, & Podcaster Advanced Persistent Security

View

Joe Gray

Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is currently a Senior Security Architect and maintains his own blog and podcast called Advanced Persistent Security. In his spare time, Joe enjoys attending information security conferences, contributing blogs to various outlets, training in Brazilian Jiu Jitsu (spoken taps out A LOT!), and flying his drone. Joe is the inaugural winner of the DerbyCon Social Engineering Capture the Flag (SECTF) and was awarded a DerbyCon Black Badge. Joe has contributed material for the likes of AlienVault, ITSP Magazine, CSO Online, and Dark Reading.

Paul Willard
Paul Willard

Regional Cybersecurity Lead  Cisco Security

View

Paul Willard
Todd Bursch
Todd Bursch

Manager, Solution Architects Forcepoint

View

Todd Bursch
Tony Perri
Tony Perri

CMO Perri Marketing, Inc.

View

Tony Perri
Wes Knight
Wes Knight

CISO Georgia Department of Revenue

View

Wes Knight

Wes has been involved in IT for over 35 years starting out with IBM in Atlanta. After leaving IBM in 1996, Wes started a company doing Network and Network Security consulting and training. This eventually evolved to focus on Security including Assessments and Forensics. Wes remains a certified instructor in Ethical Hacking and Forensic Investigation.

Wes has held several positions in IT and Information Security since joining the DOR eleven years ago. He is currently the Chief Information Security Officer and manages the DOR Office of Information Security. The OIS is responsible for maintaining the security of taxpayer and motor vehicle information and approximately $25 billion in annual taxes received; ensuring that DOR complies with applicable State and Federal regulations, and conducting the forensics needed for criminal investigations.

Wes serves on several Executive Advisory Committees and the Evanta CISO Governing Body. He was awarded the 2018 Information Security Executive Southeast People Choice Award. This award was voted on by his peers and recognizes the ISE® Executive Nominee who exemplifies the attributes of a leader in the information security industry

Wes and his wife Elizabeth have been married for 45 years and have 5 children and 11 grandchildren.

Cloud, Mobile & IAM Seminars

  • Wed 17th Oct 10:10 - 10:40
  • Automated Cyber Defense: Leveraging Identity Management to Get to Acceptable Losses Chris Stoneff  |   Bomgar   |   Cloud, Mobile & IAM

    Cloud, Mobile & IAM Theatre

    Wed 17th Oct 10:10 to 10:40

    Automated Cyber Defense: Leveraging Identity Management to Get to Acceptable Losses

    Today's world of cyber warfare is one of continuous zero-day attacks, targeted phishing scams and malicious insiders. Anyone trying to deal with these threats manually has already lost the game. You can't stop cyberattacks from occurring. But, you can limit the damage when these inevitable attacks strike. When you're under attack, blocking intrusions with automated identity management makes a huge difference in keeping your organization's name out of the data breach headlines. Based on my years of experience I'll cover how to redesign and automate your identity management (especially privileged identities) to achieve acceptable losses, even while under constant cyberattack.

    Speaker

    Photo Speaker Name Profile
    Chris Stoneff Chris Stoneff View Profile
  • Wed 17th Oct 10:50 - 11:20
  • IoT: Internet of Things, or Internet of Threats? Paul Willard  |   Cisco Security   |   Cloud, Mobile & IAM

    Cloud, Mobile & IAM Theatre

    Wed 17th Oct 10:50 to 11:20

    IoT: Internet of Things, or Internet of Threats?

    With the global IoT opportunity predicted to reach nearly $9T by 2020, organizations are under extreme pressure to evaluate IoT and digitation initiatives that can deliver unprecedented customer outcomes and efficiencies.  Move too slow, and be left behind.  Move too fast, neglecting the unique cybersecurity risks IoT devices introduce, and be hit with a crippling security breach.  In this session, Paul will explore how the exponential increase in cyberattacks on IoT and digital assets is forcing the entire cybersecurity industry to evolve, and how this evolution will reshape the way organizations defend against large-scale, coordinated attacks on digital and IoT assets.

    Speaker

    Photo Speaker Name Profile
    Paul Willard Paul Willard View Profile
  • Wed 17th Oct 11:30 - 12:00
  • Adopting an Automation-First Strategy for Identity and Access Management Bruce Macdonald  |   Hitachi ID   |   Cloud, Mobile & IAM

    Cloud, Mobile & IAM Theatre

    Wed 17th Oct 11:30 to 12:00

    Adopting an Automation-First Strategy for Identity and Access Management

    Process automation within an IAM environment can be challenging. Many systems that excel at governance and certification tasks are simply not well suited for automation. Many organizations believe their requirements are simply too unique to be automated and/or their existing home grown solutions will suffice. A thorough data cleanup is often advocated for before automation technologies are deployed however this is the wrong approach as such technologies can actually help with the data cleansing effort. In this session we will explore many aspects of IAM automation and deliver concrete recommendations towards achieving the goal of identity management automation.

    Speaker

    Photo Speaker Name Profile
    Bruce Macdonald Bruce Macdonald View Profile
  • Wed 17th Oct 01:00 - 01:30
  • Develop an Overarching Holistic Risk Management Program: Data Privacy, Data Security and Cyber Insurance Greg Sparrow  |   CompliancePoint  |   Cloud, Mobile & IAM

    Cloud, Mobile & IAM Theatre

    Wed 17th Oct 01:00 to 01:30

    Develop an Overarching Holistic Risk Management Program: Data Privacy, Data Security and Cyber Insurance

    Managing information security, data privacy and risk is often an inconsistent and dispersed process for businesses. Learn how to identify and categorize risk to the organization. This session will provide an overview of industry standards that can be utilized to unify all areas of risk management. Learn how to unify risk management into a core function of the business and operationalize its components.  Finally, Greg will discuss how organizations can perform risk triage and treatment based on business goals. 

    Speaker

    Photo Speaker Name Profile
    Greg Sparrow Greg Sparrow View Profile
  • Wed 17th Oct 01:40 - 02:10
  • The GDPR Effect on North America and the Land Mines Currently Being Planted Tony Perri  |   Perri Marketing, Inc.  |   Cloud, Mobile & IAM

    Cloud, Mobile & IAM Theatre

    Wed 17th Oct 01:40 to 02:10

    The GDPR Effect on North America and the Land Mines Currently Being Planted

    The current national data privacy law was enacted in 1974, long before we had the world wide web. The current General Data Protection Regulation from the European Union is an update to the Data Protection Directive of 1995, another statute made obsolete by the explosion of accessible data from the Internet.

    The GDPR is a monumental piece of legislation out of the EU that is creating a domino effect of state’s legislation in the US. This session will review the GDPR’s affect here in the U.S., what’s on the radar for U.S. legislation and a use case of a breach that spans pre- and post-GDPR, where the fine could be $640k or $22 million. With this new E.U. legislation, data security compliance and auditing will never be the same.

    Speaker

    Photo Speaker Name Profile
    Tony Perri Tony Perri View Profile
  • Wed 17th Oct 02:20 - 02:50
  • Left of Boom Brian Contos   |   Verodin  |   Cloud, Mobile & IAM

    Cloud, Mobile & IAM Theatre

    Wed 17th Oct 02:20 to 02:50

    Left of Boom

    The term “Left of Boom” was made popular in 2007 in reference to the U.S. military combating improvised explosive devices (IEDs) used by insurgents in Afghanistan and Iraq. The U.S. military spent billions of dollars developing technology and tactics to prevent and detect IEDs before detonation, with a goal of disrupting the bomb chain. This is an analog to cybersecurity as we strive to increase the incident prevention capabilities of our security tools and where we can’t prevent attacks, augment prevention with incident detection and response tools. This presentation is all about getting cybersecurity evidence to know, empirically, what’s working, what’s not, how to fix it, how to keep it working, and most importantly, stay left of boom.

    Speaker

    Photo Speaker Name Profile
    Brian Contos Brian Contos View Profile
  • Wed 17th Oct 03:00 - 03:50
  • Break

    Cloud, Mobile & IAM Theatre

    Wed 17th Oct 03:00 to 03:50

  • Thu 18th Oct 09:30 - 10:00
  • Microsoft Office 365 – Make it a Secure Journey for Digital Transformation Todd Bursch  |   Forcepoint   |   Cloud, Mobile & IAM

    Cloud, Mobile & IAM Theatre

    Thu 18th Oct 09:30 to 10:00

    Microsoft Office 365 – Make it a Secure Journey for Digital Transformation

    Office 365 adoption is continuing at a strong pace, and is often the corner stone for a company’s digital transformation journey.  The decision to implement Office 365 is often a top-down decision, resulting in lack of awareness in terms of security and capabilities when the platform is initially rolled out.  However, this rapid change puts pressure on departments to adapt, exposes weaknesses, and creates new security challenges as IT remodels its security posture to protect the new ecosystem.

    This session will provide insights into how only Forcepoint can secure Office 365 and all your other SaaS applications.

    Speaker

    Photo Speaker Name Profile
    Todd Bursch Todd Bursch View Profile
  • Thu 18th Oct 10:10 - 10:40
  • IoT: Internet of Things, or Internet of Threats? Paul Willard  |   Cisco Security   |   Cloud, Mobile & IAM

    Cloud, Mobile & IAM Theatre

    Thu 18th Oct 10:10 to 10:40

    IoT: Internet of Things, or Internet of Threats?

    With the global IoT opportunity predicted to reach nearly $9T by 2020, organizations are under extreme pressure to evaluate IoT and digitation initiatives that can deliver unprecedented customer outcomes and efficiencies.  Move too slow, and be left behind.  Move too fast, neglecting the unique cybersecurity risks IoT devices introduce, and be hit with a crippling security breach.  In this session, Paul will explore how the exponential increase in cyberattacks on IoT and digital assets is forcing the entire cybersecurity industry to evolve, and how this evolution will reshape the way organizations defend against large-scale, coordinated attacks on digital and IoT assets.

    Speaker

    Photo Speaker Name Profile
    Paul Willard Paul Willard View Profile
  • Thu 18th Oct 10:50 - 11:20
  • Cyber Risk Insurance: get it, before they get you Adrejia L. A. Boutté Swafford   |   Christovich & Kearney, LLP   |   Cloud, Mobile & IAM

    Cloud, Mobile & IAM Theatre

    Thu 18th Oct 10:50 to 11:20

    Cyber Risk Insurance: get it, before they get you

    This presentation will address what cyber threat and cyber risk are; cyber risk insurance policies versus standard homeowners and commercial policies; the role of agents/brokers and legal counsel here; and sample litigation on cybercrime related claims. This presentation will also cover the role of organizational compliance on an entity's degree of risk

    Speaker

    Photo Speaker Name Profile
    Adrejia L. A. Boutté Swafford Adrejia L. A. Boutté Swafford View Profile
  • Thu 18th Oct 11:30 - 12:00
  • Dear Blue Team: Proactive Steps to Supercharge Your IR Joe Gray  |   Advanced Persistent Security  |   Cloud, Mobile & IAM

    Cloud, Mobile & IAM Theatre

    Thu 18th Oct 11:30 to 12:00

    Dear Blue Team: Proactive Steps to Supercharge Your IR

    In an age where data breaches and malware infections are quickly becoming the norm, we must prepare for Digital Forensics and Incident Response (DFIR). In doing so, there are many things that Administrator, Enterprise Defenders, and Security Operations Centers can do proactively to not only enhance the security of an organization, but also assist the DFIR personnel in performing their duties in a more expeditious manner. During this presentation, blue teamers and management will be armed with actionable advice as to how to pre-emptively capture artifacts as baselines BEFORE anything ever happens and the actions to take WHEN something happens.

    Speaker

    Photo Speaker Name Profile
    Joe Gray Joe Gray View Profile
  • Thu 18th Oct 01:00 - 01:30
  • Igloo Security. Hard and crunchy on the outside. Soft and chewing on the inside Wes Knight  |   Georgia Department of Revenue  |   Cloud, Mobile & IAM

    Cloud, Mobile & IAM Theatre

    Thu 18th Oct 01:00 to 01:30

    Igloo Security. Hard and crunchy on the outside. Soft and chewing on the inside

    Let’s discuss deploying a new strategy to keep the bad guys out – deception technology. We will discuss how this new set of tools and products are helping detect, analyze and defend against zero-day and advanced attacks. Automated and real-time, deception technology provides a more proactive security posture by deceiving, detecting and defeating attackers. 

    Speaker

    Photo Speaker Name Profile
    Wes Knight Wes Knight View Profile
  • Thu 18th Oct 01:40 - 02:10
  • Break

    Cloud, Mobile & IAM Theatre

    Thu 18th Oct 01:40 to 02:10

  • Thu 18th Oct 02:20 - 02:40
  • Role Based Access Control (RBAC) Best Practices and Tips for Successful Implementation Bhavdip Rathod   |   Sailpoint Technologies, Inc.   |   Cloud, Mobile & IAM

    Cloud, Mobile & IAM Theatre

    Thu 18th Oct 02:20 to 02:40

    Role Based Access Control (RBAC) Best Practices and Tips for Successful Implementation

    One of the main goals of RBAC is to establish the Principle of Least Privileges and grant employees only the access they need to do their jobs. Grouping common access permissions into roles provides a secure and efficient way of managing access and helps keep things simple for administrators the users requesting access. RBAC has become the standard for managing access to IT resources in industry and government. Implementation of RBAC in an enterprise often becomes a major and daunting task. Adopting some of the best practices early in the implementation of RBAC program will ensure successful delivery of the program within the enterprise.

    Speaker

    Photo Speaker Name Profile
    Bhavdip Rathod  Bhavdip Rathod View Profile
Top