Data Security Forum

From our private lives, to the business world, to national security, cybersecurity is more important than ever, and the threats are evolving rapidly. In the first half of 2016 alone, over 900 data breaches were publicly disclosed, and those are just the ones we know about. The demand for data security skills in the job market has increased drastically. At the same time, the protection of our data and systems from theft and disruption has become a crucial undertaking where everyone plays a key role, IT and business professionals alike. To equip you with the knowledge to succeed, we are bringing together the leading industry experts for a two-day immersion into the leading cybersecurity threats, strategies and technologies that every organization should know about.

What we’re talking about:

  • Understanding the Data Security Threat Landscape
  • Identifying Your Vulnerabilities
  • Safeguarding Mobile and IoT Applications
  • The Rise of DevSecOps
  • Data-Driven Security: The Role of Analytics
  • Best Practices: On-Premises vs Cloud
  • Protecting Databases: Inside and Out
  • The Ransomware Epidemic
  • Data Privacy and the Future

Interested in sponsoring the Data Security Forum? Find out more below:

2017 Data Security Forum Invitation to Sponsor

2017 Exhibit & Sponsor Agreement


Tuesday, May 16, 2017
8:00 a.m. - 9:00 a.m.
  • Continental Breakfast
9:00 a.m. - 9:45 a.m.
  • WELCOME & KEYNOTE: The Human Side of the Data Revolution
  • For more than a decade “data” has been at or near the top of the enterprise agenda. A robust ecosystem system has emerged around all aspects of data—collection, management, storage, exploitation and disposition. And yet, more than 66% of Global 2000 senior executives are dissatisfied with their data investments/capabilities. This is not a technology problem. This is not a technique problem. This is a people problem. Futurist Thornton May, in a highly interactive session, shares research results of his multi-institution examination of the human side of the data revolution.

    Thornton A May, CEO, FutureScapes Advisors, Inc.
9:45 a.m. - 10:00 a.m.
  • SPONSORED KEYNOTE: Architecting Business Disruption with Machine Learning
  • "Data" is the new differentiator and companies who can successfully adapt their businesses based on insights gleaned from data will have a significant advantage. In this session, Rob Thomas will provide a brief overview of Machine Learning and the use case patterns that clients are using to disrupt their industry.

    Rob Thomas, General Manager, IBM Analytics
10:00 a.m. - 10:45 a.m.
  • COFFEE BREAK in the Data Solutions Showcase
10:45 a.m. - 11:45 a.m.
  • D101: The Emerging Threat Landscape
  • Data breaches can have wide-reaching implications for a range of organizations spanning healthcare, financial services, government, and manufacturing— and more. Find out how the threat landscape has changed and what you need to do to defend your organization.

  • Securing Your Data From Emerging Cyber Threats

    The relentless pace of IT innovation is unfortunately matched by the speed of innovation in the ranks of hackers, cyber thieves, and other bad actors in the digital world. This talk looks at some of the emerging cyber threats likely facing enterprises in the near future.

    Robert Pearl, President, Pearl Knowledge Solutions
  • Preventing Cyberattacks by Leveraging Streaming Data to Understand SIEM Alerts

    As hackers become more sophisticated, they are better able to capitalize on the gaps between enterprise SIEM systems to orchestrate an attack. Join this session to learn how companies are turning to streaming data integration, analytics, and pattern matching to provide an aggregated overview across siloed SIEMs and a deeper understanding into the flood of alerts to prevent cyberattacks. Several real-world case studies will be shared.

    Cy Erbay, Senior Director of Technology, Striim
12:00 p.m. - 12:45 p.m.
  • D102: Managing Data Vulnerabilities
  • Managing data vulnerabilities both internally and externally to prevent data breaches from happening is a key concern in the enterprise today.

  • Data Breaches: Protecting Your Enterprise’s Reputation

    Exposure of private and sensitive data is making headlines. Affected organizations suffer severe costs and damage to their reputations. This presentation reviews ways to facilitate forensic analysis when data has been compromised and methods for prevention to ensure that vulnerability and loss do not happen (or happen again). Learn how to identify the “who, when, and where” of your private and sensitive data. It’s not just about ensuring data security; it’s about trust and traceability and the appropriate level of data governance. All data assets do not need to be managed to the same degree. Learn how you can focus on your critical data elements.

    Donald Soulsby, VP, Sandhill Consultants
12:45 p.m. - 2:00 p.m.
  • ATTENDEE LUNCH in the Data Solutions Showcase
2:00 p.m. - 2:45 p.m.
  • D103: Security in the IoT World
  • We all want devices to be smarter. The benefits of IoT across industries, such as healthcare, manufacturing, oil and gas, and others, are gaining greater appreciation, but the security implications of all these connected things are also becoming better understood.

  • Things Gone Wild: Assessing IoT Risks

    How long can we continue to place trust in the everyday devices we rely on? In an age of growing connectedness for everything from manufacturing robots to toothbrushes, the Internet of Things has the potential to morph from a helpful productivity enhancer into a cover for malicious infiltration of your home and office. Learn how makers can build secure “things” as well as the security controls that operators can implement. Milan Patel presents a simple model for assessing threats to the IoT ecosystem relevant to your industry and products. Security practitioners can learn how to be effective early adopters without being victims of “things.”

    James Murphy, Manager, IBM Watson IoT Platform
2:45 p.m. - 3:15 p.m.
  • COFFEE BREAK in the Data Solutions Showcase
3:15 p.m. - 4:00 p.m.
  • D104: Database Security Today
  • With data increasingly seen as an important asset whose value is enhanced when it is made more widely accessible to internal users and outside partners, the risk of cyberattacks is increasing at the hands of bad actors as well as from unintentional lapses by trusted employees

  • Core Strategies for Improving the Security of Your Databases

    This session presents the threat mechanisms that commonly result in data breaches and lays out the core strategies for improving the security of your databases, including encrypting data at rest and in transit, key management, user and service authentication, secure data sharing, protecting against injection attacks, and configuration changes. The specific challenges and tactics for implementing these strategies vary between relational databases and NoSQL. It looks at the tools, processes, and practices you can put in place regardless of where you are storing your data, including tools that check for vulnerabilities in the code that accesses your data and blocks attacks. It also surveys leading database products and identifies product-specific tools provided by leading database vendors.

    Tom Spitzer, VP, EC Wise, Inc.
4:15 p.m. - 5:00 p.m.
  • D105: Building Security Into Your Data Architecture
  • The challenges to data security keep coming. Find out how to build security into your data architecture.

  • Embedding Security in Current Data Architecture
    Mark W Lynch, Information Governance, IBM Analytics
Wednesday, May 17, 2017
8:00 a.m. - 8:45 a.m.
  • CONTINENTAL BREAKFAST
8:45 a.m. - 9:30 a.m.
  • OPENING KEYNOTE: Information Governance Meets Big Data Analytics
  • Big Data presents challenges and opportunities for a wide range of activities, enterprises, and individuals. From complex data architectures, cloud storage, data analysis, and overall database management to the legal implications, information governance underpins Big Data analytics. The innovative uses of Big Data are exciting, but questions about data retention policies, securing your data (both big and small), ransomware, and compliance with legal systems in the U.S. and other countries shouldn’t be ignored.

    Linda G. Sharp, Associate General Counsel, ZL Technologies
  • Bennett B Borden, Chief Data Scientist & Chair of the Information Governance Group, Drinker Biddle & Reath
9:30 a.m. - 9:45 a.m.
  • Lightspeed Primer to AWS Managed Database Services
  • In this session, we review all the AWS database service offerings and share some of the benefits our customers are experiencing by allowing AWS to manage their databases.

    Dan Zamansky, Principal Product Manager, AWS Database Services
9:45 a.m. - 10:00 a.m.
  • Data Capital in the 21st Century
  • Only a small fraction of global firms increase productivity year after year, according to the Organization of Economic Cooperation and Development (OECD). Creating and using unique stocks of data capital is one of the key tactics these firms use to widen their lead. Come learn how two new ideas – data trade and data liquidity – can help all companies, not just superstars, take advantage of the data revolution, and hear examples of firms already putting these ideas into practice.

    Paul Sonderegger, Senior Data Strategist, Oracle
10:45 a.m. - 11:30 a.m.
  • D201: Security in the Hadoop World
  • Awareness of data security has increased at many organizations due to the number of recent high-profile breaches. Understanding how to ramp up security is critical in this era of Hadoop and Big Data.

  • Delivering Secure BI in the Age of Hadoop

    No industry is immune to a security breach. A recent report claimed that the most common cyber incidents are actually data breaches, “dwarfing rates of all other cyber events.” For enterprises the world over, data security, both internal and external, is of paramount importance. However, IT departments are faced with a difficult challenge. They need to ensure that internal business users have access to the data they need to make decisions and do their jobs and they also have to enforce appropriate controls to prevent unauthorized users from viewing or modifying sensitive data.

    Josh Klahr, VP, AtScale
11:45 a.m. - 12:30 p.m.
  • D202: Security in the NoSQL World
  • With the rise of Big Data and NoSQL technologies, what are the implications for data protection and security?

  • Preventing Injection Attacks Against NoSQL Databases

    The terms “SQL injection” and “cross-site scripting attack” are well known to the application security community. With NoSQL databases, pure SQL injection attacks are no longer possible, but different types of injection attacks, occurring at all levels of the application stack, more than make up for them. This session looks at several strategies an attacker might use to perform parameter and even command injection in applications running against a NoSQL database such as MongoDB. It then looks at various strategies for eliminating these vulnerabilities, which mainly involve input validation and sanitization. In this context, the Open Web Application Security Project (OWASP) is discussed, along with some of the work being done under the OWASP banner in this area. Finally, methodologies are discussed for testing your applications to verify that they are (relatively) hardened against these types of attacks.

    Tom Spitzer, VP, EC Wise, Inc.
12:30 p.m. - 2:00 p.m.
  • ATTENDEE LUNCH in the Data Solutions Showcase
2:00 p.m. - 2:45 p.m.
  • D203: Data-Driven Security
  • The opportunities for cyberattacks, mistakes by trusted insiders, and fraud are broad—and constantly growing. Today, organizations must adopt a data-driven security stance.

  • Preventing Millions of Dollars in Fraud Losses Through Data Sharing

    When we think of fraud today, our minds go first to stolen credit card credentials, but fraudsters have developed new and innovative approaches to monetizing data about companies and individuals. Among these efforts has been synthetic small business fraud, in which a small business may appear on any given day with no records of incorporation, no recorded credit history among bureaus, and no employees to vouch for its legitimacy. XOR Data Exchange has formulated its Small Business Risk Exchange to help service providers determine both legitimacy and ability to pay for services, even with little or no recorded credit history or employees. And it’s all driven by data.

    Greg Bonin, Chief Operating Officer, XOR Data Exchange
3:00 p.m. - 3:45 p.m.
  • D204: The Great Cloud Security Debate
  • From private, to public, to hybrid, the adoption of all cloud types is growing, driven by the need for organizations to increase the efficiency and availability of their databases and applications, while reducing costs and complexity. However, security remains a contentious issue, especially in discussions around the public cloud. While some IT leaders do not trust moving any sensitive data off-premises, others believe that public cloud providers can provide better security than they can achieve on their own. The fact is it all depends on your requirements and how the public cloud provider can meet them. Join us for a special, no-holds-barred panel that explores the public cloud landscape, pitfalls to avoid and successful strategies for ensuring the protection of your data.

    Michael Corey, Co-Founder, LicenseFortress
  • Don Sullivan, Product Line Manager, Broadcom (VMware)
4:00 p.m. - 5:00 p.m.
  • CLOSING KEYNOTE: Architecting Data for the Modern Enterprise
  • The “Big Data era” has ushered in an avalanche of new technologies and approaches for delivering information and insights to business users. What is the role of the cloud in your analytical environment? How can you make your migration as seamless as possible? This closing keynote, delivered by a prominent consultant who has helped many global enterprises adopt Big Data, provides the inside scoop you need to supplement your data warehousing environment with data intelligence—the amalgamation of Big Data and business intelligence.

     

    Everyone attending the closing keynote is entered into a drawing to win a pair of Beats headphones. One winner will be announced at the conclusion of the event and must be present to win.

     

    Joe Caserta, Founding President, Caserta

Don’t Miss These Special Events

BROUGHT TO YOU BY

ASSOCIATION PARTNER