Improved breach detection and threat response are good reasons to up level your security operations center (SOC) from basic monitoring and response to advanced analytics and threat hunting. Automation and orchestration of tedious steps and workflows can increase SOC incident capacity, focus resources, and shorten time to resolution. Effective strategies reduce false positives, blind spots, and data silos to create headroom for more proactive SOC activities — the elusive next-gen SOC. Learn ways to apply automation to the NIST 800 framework from better preparation using dynamic discovery, automated classification of critical assets, and behavioral baselining to anomaly-driven threat detection and real-time investigations.

Today 86% of organizations are in the process of building or already have an existing system in place to prevent/defend against insider attacks; if this statistic proves anything it is that more and more business are coming to terms with the hostilities of our world. Expected or unexpected, an employee with access to company-wide systems, no matter their intentions is a great threat to any organization. An employee with malicious intentions is dangerous, but according to a recent IBM survey, 95% of all breaches involved someone making a mistake. The Insider Threat panel at the Cyber Security Summit will show you how your organization is at risk, as well as showing you innovative & necessary steps to take in order to prevent attacks and increasing your defense systems.

From insiders to sophisticated external attackers, the reality of cyber security today is that the threat is already inside. Legacy approaches to cyber security, which rely on knowledge of past attacks, are simply not sufficient to combat new, evolving attacks, and no human cyber analyst can watch so much or react quickly enough. A fundamentally new approach to cyber defense is needed to detect and respond to these threats that are already inside the network - before they turn into a full-blown crisis.
Self-learning systems represent a fundamental step-change in automated cyber defense, are relied upon by organizations around the world, and can cover up to millions of devices. Based on machine learning and probabilistic mathematics, these new approaches to security can establish a highly accurate understanding of normal behavior by learning an organization’s ‘pattern of life,’. They can therefore spot abnormal activity as it emerges and even take precise, measured actions to automatically curb the threat.
Discover why autonomous response and machine learning is the future of defense and how the ‘immune system’ approach to cyber security provides complete network visibility and the ability to prioritize threats in order to better allocate time and resources.

In this session, learn: 

• How new machine learning and mathematics are automating advanced cyber defense
• Why full network visibility allows you to detect and autonomously respond to threats
• How smart prioritization and visualization of threats allows for better resource allocation and lower risk
• Real-world examples of unknown threats detected by ‘immune system’ technology

In this presentation we’ll discuss a number of issues contributing to the increasing number of breaches and how we can leverage the latest advances in AI/ML to turn this trend around.

The issues that we’ll discuss are: Conventional tools only combat known attacks. The incredible increasing volume of data. Outsourced Managed Security Service Providers (MSSP) Operations are mostly failing at preventing breaches. Alert Overload. Lack of Security Professionals. Lack of subscribing to and managing environments to a Security Framework. Average time to fully contain a breach is lengthening. The cost of a breach remains very expensive. The length of time to identify a breach is barely improving. Efficacy of Conventional Security tools averages only 85%. Almost every company needs more money for cybersecurity but won’t get it. Web Sites and Servers are not kept up with patches.

For each of the above challenges there are new approaches that need to be understood and potentially leveraged to reduce risk.

For many organizations they are looking at over half of their IT spending being related to cloud, whether infrastructure, services or other tools in the near future. As a CISO, this movement to the cloud can fill you with dread. Furthermore, one of the risks corporate boards understand best is third party risk, and now your entire network is in someone else’s hands. This transition is the subject of a lot of concern and a lot of mixed signals. It doesn’t have to be that way though, especially as moving to the cloud can be a security improvement, if managed appropriately. This panel will talk about the security issues CISO’s and IT leaders need to be aware of as they move further and further over to the cloud, what best practices and services they should consider or utilize, and how they can fully leverage the cloud resources to bring their organization to the next level of security.

Organizations process and store huge volumes of sensitive information that belong to their customers and employees – from financial information to medical records to personal identifiers, like social security numbers and birthdates. Inadequate controls in IAM processes and technology can lead to breach, involuntary exposure of this data, and non-compliance issues. But you cannot correct what you don't know, so the first step in any IAM program is assessment.

IDMWORKS CEO & Chief Strategist, Todd Rossin, will address the most common questions around IAM Assessments & Roadmaps - Why Should We Assess? What Should We Assess? and When Should We Reassess?

IBM Security has helped 1000’s of clients with everything from small scope engagements through to building and managing complete, global, security programs. From these experiences, we are constantly updating our perspective on where organizations should focus their limited resources to reduce risk while facilitating business innovation. Please join us at this session to hear about what we see on a daily basis and discuss our recommendations in these three critical areas - Strategy and Risk, Threat Management and Digital Transformation.