It is what every CISO fears – a data breach.  Herculean efforts can help stave off attacks, but sooner or later, statistics dictate that even the tightest of defenses can be penetrated and you will be breached.

In this session, we will shift the spotlight from preventing the breach and look at preparing for the breach.  Our practitioner-expert will review:

• What can you do before the breach to minimize the impact after the breach?
• What processes, if put in place today, can benefit you tomorrow?
• How do you balance breach prevention with preparation for breach response?

Monetarily motivated attacks are by far the most prevalent cyberthreats to organizations worldwide, yet vulnerability management techniques have largely failed to adapt to a threat landscape dominated by distributed crimeware. By understanding the commercialization of attack tools and services – particularly the vulnerabilities they use, re-use and share – vulnerability management can focus on the small subset of vulnerabilities that are exploited in the wild and packaged in distributed crimeware. This threat-centric approach improves vulnerability prioritization and focuses remediation on the relatively small number of exploitable vulnerabilities, greatly reducing risk through efficient, intelligent processes. This session will cover what’s been driving the shift to distributed cybercrime, how to align vulnerability management with real-world threat behavior, and what intelligence and tools are needed.

Retailers and financial institutions are dealing with the changing face of customer interactions. For many businesses, mobile logins have surpassed online logins, and consumers are voicing their demands for more mobile services. Consumers expect to bank, pay, buy, transfer and more via their mobile devices – and they want to do all of this with the least number of security steps possible. But these new ways to pay require new ways to secure. The shift toward mobile payments puts extreme pressure on businesses to raise the bar on security, while also providing frictionless environments that deliver positive customer experiences. This session will explore and review specific risks related to mobile payments, wallets and applications, and review how device intelligence and authentication technologies are enabling the mobile device itself to be a trusted and secure token that can mitigate risk and lead to new and enhanced customer and business opportunities.

The pressure is on for all industries to upgrade their cyber-protection policies. New York is the first state to initiate a 180-day grace period for all financial services companies to upgrade both cyber policies and protection. As New York’s new cyber mandates roll out, other states and industries will likely follow. During this session, Arbor Networks’ Principal Security Technologist Paul Bowen will outline the impact of these new regulations, and provide an incident response framework that helps with compliance and preventing an inevitable compromise from turning into a breach.

In the wake of recent of recent ransomware attacks, such as WannaCry, which have plagued healthcare organizations, in particular, for the last year, what lessons do we have yet to learn? Ransomware attacks are nothing new, and while WannaCry was widespread, it was not sophisticated or stealthy, necessarily. So why did it have such an impact?

In this session, our panelists will discuss why the “wartime mindset” has yet to be embraced, and why CISOs need to take charge and lead the way toward developing more effective security action plans.

Experienced CISOs and legal experts will:

• Provide real-world insights into how to create an effective cybersecurity action plan;
• Spell out the core elements of breach prevention, detection and response strategies; and
• Identify security technologies that can play an effective role in supporting a so-called “wartime” strategy