Scaling Enterprise Threat Detection And Response Is The Theme Of Cyber Security Hub’s Digital Summit May 5-7Add bookmark
Like many global events, the COVID-19 pandemic has created fodder for cyber attackers who are taking every opportunity to use the virus as fresh ammunition to prey on people.
On Monday, the International Association of IT Asset Managers (IAITAM) warned that breaches of corporate and government data appear to be running at a level even higher than experts had feared going into stay-at-home orders due to COVID-19.
“We anticipated that things would get bad,’’ said IAITAM President and CEO Dr. Barbara Rembiesa, in a statement. “Companies and agencies may be hoping and praying they are safe, but the work-from-home environment has created a multitude of opportunities for leaks. Too many organizations have left themselves wide open for attack.”
Rembiesa said organization need to understand the pathways for access within their network to avert leaking their own assets. The biggest problems the IAITAM sees is assets left unsecured; the creation of new devices for employees working from home; assets now unsecured in a home environment; and employees unwittingly inviting in intrusions by clicking on emails and inadvertently downloading malware.
“Even companies that do not make a mistake themselves could still find themselves the victim of a coronavirus-related breach,’’ Rembiesa said. She noted that earlier this month, The Small Business Administration experienced a glitch with a coronavirus loan relief fund platform that publicly leaked the personally identifiable information of business owners across the nation.
Security firm Barracuda concurs that attacks have been on the rise since the start of the pandemic. There were 467,825 spear phishing email attacks between March 1 and March 23, and 9,116 of those detections were related to COVID-19, the firm said.
There were three main types of phishing attacks using coronavirus COVID-19 themes: scamming, brand impersonation and business email compromise, according to Barracuda. Of the coronavirus-related attacks detected by security firm through March 23, 54% were scams, 34% were brand impersonation attacks, 11% were blackmail, and 1% were business email compromise (BEC).
Some examples of how cybercriminals are trying to capitalize on the coronavirus pandemic include ransomware-delivering phishing emails purporting to be from the World Health Organization; websites offering phony coronavirus "vaccine kits;" requests for donations from fake charities; phony sites looking to sell coronavirus cures and face masks; and cyberattacks on testing labs and health departments.
The Enterprise Security Team Must Scale To Ward Off Cyberattacks
For these and other reasons, it’s never has it been a more compelling time to keep cyber security at the forefront, and the theme of this year’s Cyber Security Digital Summit is “Scaling Enterprise Threat Detection and Response.”
The summit will take place between May 5 and 7.
This year’s theme will include:
- Cyber-attackers are utilizing new technology and automation to discover more vulnerabilities more rapidly
- What are practical ways for the enterprise security team to match the scope and scale of cyberattacks?
- How does the cyber ecosystem enable detection and response value beyond enterprises scaling personnel?
Artificial intelligence, behavioral analytics and autonomous solutions are giving security teams a full arsenal against new threats. However, innovative tools that can be used to detect and respond to attacks can similarly be used by criminals against enterprise defenders, meaning that understanding and harnessing cutting-edge technology is vital to surviving.
Cyber Security Hub has gathered experts from every aspect of this space to present their most compelling case studies and real-world advice on subjects ranging from artificial intelligence, threat detection and response, critical communications, secure enterprise mobility, phishing, behavioral analytics, identity & access management and more. By the end of the event, you will have the tools necessary to build a “360° plan” for your enterprise.
World-class infosec experts and will share best practices with peers to help build a more robust cyber security network -- without you having to leave your desk.
For example, in a session on threat hunting and detection, Dennis Leber, CISO at the University of Tennessee Health Sciences Center, will discuss the differences between threat hunting and threat detection. Leber will share some lessons learned and what’s next for the center’s security program.
Topics will include how to optimize intelligence throughout the vendor lifecycle.
Implementing A Layered Approach To Phishing and Whaling
Phishing and whaling are causing significant financial fraud, loss of intellectual property and compromised sensitive business and personal information. Security teams need to take a layered approach of preventive, detective and corrective controls based on an
organization's risk appetite.
Suresh Chawdhary, head of security and privacy at Nokia, will discuss the elements of a comprehensive approach, which include additional controls such as targeted training to vulnerable section of employees and senior leadership, email encryption, two-factor authentication for certain authorizations, deployment of network sensors, a honeypot for traffic anomaly detection and strengthening incident response process.
Best Practices For Thriving In An Ambiguous Cyber World
Making an impact is essential in securing a company in an ambiguous cyber world. Christine Vanderpool, CISO of Florida Crystals, will speak on how to build an effective cyber security program. In this session, you’ll discover how to:
- Develop a vision based on a framework
- Focus on addressing the right things
- Build the right service pillars and team
- Put it all together to drive toward a mission
In other sessions, Jim Brady, CIO of the Los Angeles County Department of Health Services, will discuss how to isolate and contain an incident -- and keep your executives out of the news. Jothi Dugar, CISO of NIH Center for Information Technology, Office of the Director, will speak on the high stakes of CISO burnout. Dugar will address the importance of mental health and wellness during a major incident -- both personally and within cyber security – and how to develop employee wellness programs for the health and safety of you and your enterprise.
Click here for a full list of attendees and sessions visit and to register.