|
|
| 2020 February Monthly Event |
|
|
|
|
|
|
| Biltmore Hotels & Suites |
| 2151 Laurelwood Rd, Santa Clara, California, 95054, USA |
|
|
|
| Date & Time |
| February 20, 2020 5:00 PM - 8:00 PM |
|
|
|
|
|
|
| Dear Member, |
| You are invited to our monthly event on February 20, 2020. |
| Please Register Now to secure your spot and join us for an evening of learning and knowledge sharing on interesting topics with our member community, which are being presented by our distinguished speakers. |
|
|
|
|
|
|
|
|
| Agenda |
| 5:00 - 5:30 PM - Registration / Check-in |
| 5:30 - 6:30 - Session 1: Implementing Data Governance and Compliance in the Cloud |
| 6:30 - 6:40 - ISACA SV Board Announcements |
| 6:40 – 6:55 - Networking Break (15 minutes) |
| 6:55 - 7:50 - Session 2: Why Active Directory is Crucial for Attackers and “Kicking” the Attacker Out the Network is not Enough Anymore |
| 7:50 - 8:00 - Raffle and Meeting Adjournment |
| PS: Dinner will be served at 5:00 PM. |
|
|
|
|
|
|
| Session 1 - Implementing Data Governance and Compliance In The Cloud |
| This session will focus on the life cycle of data management and data protection in SaaS based applications. Many organizations today consume several tens of SaaS applications in the normal course of business. This results in data being spread all over the cloud both in sanctioned and unsanctioned applications. The talk centers around practical issues surrounding managing and protecting that data thru data classification, data management controls on cloud-based storage and data leakage prevention and monitoring using CASB (Cloud access storage brokers) and Cloud based SIEMs. The talk will mainly center around issues of implementing such a process in a completely cloud based environment. |
| |
|
|
|
|
| |
| Vish Chidambaram |
| Head of Security & Compliance |
| Proteus Digital Health |
|
|
|
|
| Speaker Profile: |
| Vish is a cloud security expert with over 18 years of experience. He is currently the Head of Compliance and Security in a Digital Health startup. He was the CISO at the Rubicon Project and the Head of Security Engineering at Infosys Ltd. He has written courses on AWS Security Governance and Risk and Monitoring for Cloud Academy, which is an online training portal. Proficient in securing global on-prem environments and high-performance SaaS platforms. Has led initiatives to successfully achieve certifications including ISO 27001, HIPAA, SOC2 Type 2 and PCI in large matrix organizations with global presence. Experienced in Ad Exchange, Government, Retail, IT Services and Healthcare market segments. Scoped, sized and conceived best of breed monitoring and compliance solutions for Fortune 500 clients. |
|
|
|
|
|
|
| Session 2 - Why Active Directory is Crucial for Attackers and “Kicking” the Attacker Out the Network is not Enough Anymore |
| This session will focus on the vulnerability of Microsoft’s Active Directory (AD). In an Active Directory environment, the Active Directory database is exposed by design to every endpoint connected to the domain, providing attackers all the necessary information to elevate their privileges to domain admin and control the entire enterprise in less than 7 minutes. In this talk, we will learn how attackers are using AD and turn it against the enterprise to gain Infinite Toxic Control and persistence. |
| |
|
|
|
|
| |
| Roi Abitboul |
| VP, Endpoint Threat Defense For AD |
| Broadcom/Symantec |
| |
|
|
|
|
| Speaker Profile: |
| Roi is Vice President of Endpoint Threat Defense for Active Directory at Symantec (now Broadcom). He is responsible for product management and development of Symantec’s Threat Defense Product which is the only solution protecting Active Directory from the endpoint. Previously, Roi served at OFEK Unit at the Israeli Defense Forces for 7 years and was the CEO and cofounder of Javelin Networks, acquired by Symantec in 2018. |
|
|
|
|
|
|
| Note: We are not responsible for non-delivery of CPE’s due to blocked emails |
|
|
|
|
|
|
|
|
|
|
| Sincerely, |
| ISACA Silicon Valley Chapter |
|
|
|
|
|
|
|
|
| Cancellation / Refund Policy |
| ISACA Silicon Valley Chapter aims to keep the costs minimum for our events. Also, due to prior payments made to event venue, no cash refund will be provided. If you cancel your registration up to one day prior to the event, a credit up to the amount paid will be given to attend any one future event within next 3 months. No credit will be given for cancellations on the day of the event or no shows. |
|
|
|
|
|
|
| ISACA Silicon Valley Job Portal |
| Looking for your next career move? (or) Do you have an opening in your company/team? |
| ISACA helps you reach 3000+ members and non-members including ISACA certified professionals working on Information Security/ Internal Audit/ Risk Management/Governance. Post your job opening at the ISACA Silicon Valley website. |
| Visit our Job Portal |
|
|
|
|
|
|
| ISACA Membership & Certification Renewal |
| If you haven't done already, please log on to www.isaca.org to renew your ISACA annual membership. To complete your certification renewal, visit www.isaca.org/reportCPE to submit CPEs. |
|
|
|
|
| Follow us on social media |
|
|
|
|
|
|
|
|
|
|
|