|18:00 – 20:00||Welcome Reception in Expo|
November 29 – MPOWER
* Agenda subject to change
Designing a Safe Journey to Web and Cloud
Access to the web is getting more and more important and enterprises need to maintain consistent protection wherever a user travels, as well as stop zero-day malware from the internet before it reaches an endpoint system. However, access to the web is no longer just a matter of browsing to the internet. It is much more.
It means accessing your cloud based corporate email and storage like O365 or GMail from anywhere and from any device. It means using cloud tools for rapid collaboration and cloud-to-cloud document sharing, accessing your cloud enterprise applications like Salesforce, ServiceNow, Workday, Slack and many others.
And with traditional datacenters moving to an Infrastructure as a Service model, whereby your IT loses elements of control of the infrastructure there’s also a high risk that the overall level of security is lessened.
With this new internet access model and usage, you need to refocus your security approach to:
- Automate the integration of a strong hybrid web protection solution that protects your users wherever they are with a flexible CASB solution in a closed-loop remediation
- Understand cloud services in use and their risk profile
- Implement a strong gateway antimalware to provide proactive 0-day antimalware protection
- Enforce Data Loss Prevention (DLP) policies across data in the cloud
- Prevent unauthorized sharing of sensitive data with the wrong people
Join us to learn how McAfee Skyhigh Security Cloud and McAfee Web Protection can work together to provide you with the safest access to the cloud experience.
Meeting the Challenges of the SWIFT Directive
In an effort to improve the resilience of critical Financial Sector infrastructure, SWIFT has published new cyber security requirements for banks that connect to the SWIFT network. Attend this session to understand the threat landscape to the Financial Sector, gather more details on the guidelines and understand how McAfee security solutions and architecture can simplify compliance and improve Financial Sector resilience.
Three Ways Customers Are Achieving Predictable Security Outcomes
The cybersecurity talent shortage, increased daily threats, and limited time for education adds to the CISO’s growing list of challenges. Aneel Jaeel, McAfee SVP of the Customer Success Group (CSG), will interview James Bruckel, Chief Security Officer, UK Intellectual Property Office (IPO). During this interview, Mr. Bruckel will share personal stories of how IPO is tackling the growing challenges head-on. He will also share their experience in partnering with McAfee to help them achieve predictable security outcomes, gain better product adoption and consumption and improve security posture with:
- Customer success plans to accelerate time to value of the McAfee solutions
- Tailored services to strengthen security strategy and security posture
- Self-service tools and education to improve staff knowledge
SOC Zero to SOC Hero - The Journey of Building McAfee's new SOC
McAfee has been around for 30 years, and most wouldn’t think of us as a startup. However, when we spun out from Intel in early 2017, we had to standup every system, process, and program as part of the new McAfee, including our Security Operations Center (SOC). Now called the McAfee Security Fusion Center, we will share highlights of our journey over the past 18 months as we moved from a reactive to a proactive mature SOC. This talk will cover: how we designed the Fusion Centers, how we attract, develop, enable, and retain our analysts, effective playbooks, automation and orchestration, meaningful metrics your executives will care about, and our Customer Zero program. Bill Woods is the global Sr. Director for the Fusion Centers and will lead this discussion.
Designing a Cloud Threat Defense Lifecycle Strategy
Protecting cloud services and infrastructure requires a well architected security architecture that combines provider capability with other exetrnal security services. Amazon (AWS) has created a reference architecture that defines the key security capabilites needed to architect secure cloud infrastructure and services. Attend this session to get more details on the framework, understand how McAfee cloud security solutions match against the reference architecrure and see how proper implementation of the framework will protect, detect and correct against real attacks.
5 Easy Ways to Leverage Threat Intelligence Inside the McAfee Security Architecture
This Session will demonstrate how you can leverage your internal and external threat feeds to improve your Security Operations. We will show 5 easy options you can leverage for a quicker Incident Response or Threat Hunting process, based upon our technologies, like McAfee SIEM (ESM, ACE and ELS), McAfee ATD, McAfee ENS, as well as Open Source solutions like MISP and TAXII. The possibilities discussed will be based upon real-life implementations from our customers. After the session you will be able to identify what threat feeds you already have in your environment, how you can manage Threat Intelligence and how you can use utilise it to improve your security effectiveness and efficiency.
McAfee and Infoblox Unified Security – a DXL Integration Story
According to the latest research 40% of enterprises have more than 26 different security tools in their infrastructure. Individually they may all be adding value but for many businesses the net effect of having so many tools is a sprawl of complexity, leading to a waste of precious resources and ultimately a highly unoptimized solution. In this session we will be examining how Infoblox and McAfee have jointly used the open source information sharing capabilities of OpenDXL to quickly and easily deliver the ability to respond to network events, prioritize threats, identify necessary policy actions and improve operations efficiency.
The Road to IOT & 5G Security
We have probably all heard of the term “Smart” being placed in front of everyday objects like Wearables, TVs, Fridges, Cars, Locks, Air Conditioners, Medical Equipment and more. That’s because we have managed to integrate them over the web and control them via App’s/API’s with Smart hand held devices or connected “things”. The Internet of Things (IoT) is playing a larger role in our everyday lives, is being applied to more and more industries each day and is changing both the way we interact with clients and the way we do business.
Of course, all of this drives a massive increase in internet traffic and we are about to see a major technology shift to support this – the adoption and proliferation of 5G, offering more bandwidth, lower latency and faster speeds.
With this improvement comes many opportunities, but also new threats and an expansion of the attack surface that requires Service Providers to demonstrate holistic security thinking spanning new business models, technology, standards, and regulations. These risks call for end-to-end solutions protecting the entire IoT value chain and in this session we will be discussing how you can position your business to avoid the pitfalls and take advantage of the possibilities offered by 5G.
Combatting Powershell Exploits and Other Fileless Malware
Fileless malware is on the rise and traditional signature-based defenses as well as many ‘Next-Generation’ machine learning based approaches to endpoint security are powerless to defend against it. But all is not lost.
This session will investigate numerous custom approaches that can be used to detect and prevent fileless malware based around the exploitation of PowerShell and other mechanisms. It will look at how different capabilities within Endpoint Security can implement these techniques, & show this custom configuration in action against some recent PowerShell malware to prove the effectiveness of the solutions.
Macro malware analysis for n00bs
Have you ever stumbled across a macro-virus within your environment and wondered what it actually does? How about how long has it been there and what did it steal? If this is you, please join us on an introduction to the basic techniques of macro-based malware analysis, and practical tips that could help you answer all of these questions and more!
Hunting Malware Through the Sandbox
Sandboxes for malware analysis are more commonplace today, but not all sandboxes are created equal, and the quality of the analysis very much depends on the quality of the analysis environment. Through various steps, execution probability can be improved. This can provide the valued Indicators of Compromise, which are essential for threat hunting. In this talk, we will go through best practice approaches to sandboxing as well how to use those analysis insights for security operations in investigation and orchestrated response.
Endpoint Security Architecture for Advanced Threat Protection and Detection
The endpoint is a critical component of the overall enterprise security strategy. A modern endpoint security architecture must prevent threats and protect data in the modern workplace which spans device to cloud. But how do you measure your real security capability? Attend this session to understand how McAfee Endpoint Security Solutions and Integrated Security Architecture powered by OpenDXL can protect the modern workplace by disrupting complex attacks, providing visibility for detection and integration for speed of response. This session will feature attack prevention and detection demonstrations at multiple stages of the MITRE Att&ck Framework.
Enhancing Your SOC with Machine Learning and AI
Machine Learning and Artificial Intelligence are two hot topics at the moment in the Cyber Security industry. But how can they be utilised to truly enhance your Security Operations? In this session we will examine:
- How AI and machine learning can be applied to cybersecurity
- How to deploy and test mathematical models for cybersecurity use cases
- How McAfee solutions can enhance your SOC
Enhancing DLP and Web Gateway Solutions with McAfee MVISION Cloud
With McAfee’s acquisition of Skyhigh Networks, customers can now expand their investments in a variety of DLP and web gateway solutions via the McAfee Skyhigh Security cloud, now called McAfee MVISION Cloud. This session explains how customers can extend DLP policies to the cloud, providing consistent data protection policies and enforce cloud security policies with McAfee Web Gateway
During this session you will learn how to:
- simply extend Enterprise DLP policies to the Cloud
- deliver consistent data protection policies across End Points and Cloud
- gain insight into sensitive data and systems-of-record both on-device and in-cloud
- implement a single pane of glass for all incident management and reporting
- reduce SOC analyst overload by delivering user-centric remediation
- enhance McAfee Web Gateway to discover all cloud services in use and assess their risk against the comprehensive Skyhigh Cloud Registry
- enforce acceptable use cloud governance policies based on cloud service security risk
- upload and enforce security policies to McAfee Web Gateway
- gain granular visibility into user activity and block high risk activities
- detect and remediate policy enforcement gaps arising from proxy leakage.
Unified Data Protection from Enterprise to the Cloud
As applications and infrastructure move from traditional on-premise approaches to the cloud, often via a hybrid-cloud route, so data security needs to move as well, remaining in lock-step at all times. Easier said than done – as many data-breach victims will attest.
In this presentation we will examine best practice approaches to data security transformation, examining many of the common challenges faced during the cloud adoption process, and looking at how to leverage hybrid and full-cloud infrastructure to protect data across all vectors – delivered with a single policy and incident view approach.
Enterprise Databases and the Hybrid Cloud
This brings one inherent problem – Policies and how to secure the enterprise database with the same rigor in the cloud as previously done on premise.
This session will spend some time going over the most common challenges organizations face when migrating Enterprise Databases to the cloud and on how McAfee Database Security can help to span across the hybrid environment and allow organizations to apply the same data protection and monitoring policies across both environments.
How to Reduce MTTR with an Integrated Sec Ops Architecture
It’s a well accepted fact that there 3 fundamental challenges faced by most Security Operations practitioners:
- Discovering an Incident
- Investigating an Incident
- Containing an Incident
Of course there are many other day to day concerns, but addressing one or more of these areas will deliver the quickest improvement in the key metric areas of reducing attacker dwell time and speeding up Mean Time To Response.
This session will be an interactive discussion and presentation looking at how use Threat Intelligence and security automation to reduce the Mean Time To Respond.
Securing the Hybrid Datacenter: A Game Changer - McAfee Cloud Workload Security
Discover and defend your elastic workloads and Docker containers in minutes. McAfee Cloud Workload Security automates these processes across multiple cloud providers to eliminate blind spots, deliver advanced threat defense, and simplify hybrid cloud management. This session will focus on four key business and technical requirements many organizations have when utilizing cloud technologies:
- Automating discovery and secure deployment of new and existing workloads
- Visualizing and controlling ‘North-South’ and ‘East-West’ network threats
- Defending workloads against advanced attacks
- Simplifying cloud security management
Make Your Existing Multi-Vendor Technologies Smarter Through Integration
Leveraging Security Controls and Visibility to Deliver Quick Wins and Demonstrate Business Value
Providing Continuous Compliance for AWS and Azure
Detection Methods in ENS 10.6
The Journey From VSE 8.8 to ENS 10.5
There are so many benefits in having the latest versions of software that vendors sometimes assume that all customers simply must want to upgrade. But that, of course, overlooks the challenges that the upgrade process can sometimes bring. In this presentation we will be examining a combination of the benefits of ENS when compared to VSE but also the tools and support that is available to help you get there, in addition to providing some real world experience and advice on how to avoid any pitfalls along the path.
Integrating Mobile Security Into Your Overall Security Posture
Endpoint Security is device agnostic because threats are device agnostic. With McAfee MVISION Mobile, we are bringing essential controls to mobile devices and delivering on our Device to Cloud vision for security. In this presentation we will show you how easy it can be to leverage mobile devices as part of a targeted attack and how to protect your mobile devices, users and data using MVISION Mobile. You will learn:
- Why Mobile Security is still a key factor in overall endpoint security
- What MVISION Mobile is and how it complements McAfee’s other Device Security technologies
- Best practices for deploying and securing mobile devices with MVISION Mobile
ePrivacy Panel Discussion
- What is the potential impact of new privacy rules – the EPR – on cyber security players ability to innovate and to respond to threats?
- What does it mean for the finance and telecoms industry?
- How GDPR compliance can be best achieved through a culture of security and process alignment?
- And what this means for your business
ATOS: Hybrid Cloud Security for the Digital Enterprise
While the benefits of hybrid cloud are clear, there is an important cyber security challenge to protect systems and data within and across multiple cloud environments. Organizations everywhere are using cloud services to drive a transformation in the way they operate. Many are well underway with their digital journey and investing in hybrid cloud as the best way to optimize their IT.
For hybrid cloud, integrating all security controls into one overall security posture is essential. And as the cyber threat evolves, cyber security must also evolve while acting as an enabler for digital transformation and innovation.
Operationalising Threat Intel using DXL
Threat Intelligence is a key part of any maturing security infrastructure. There is a lot of ‘Threat Intelligence’ out there but leveraging it effectively is another matter. Challenges exist with context, relevance and effective operation of threat data. In this talk we will show you how to leverage the ThreatQ Threat Intelligence Platform (TIP) in conjunction with DXL to improve Threat Intelligence usage within your organisation from the network through to the endpoint.
Demo: Mind the Gap in Your Security
This session will look at how hackers can exploit vulnerable S3 buckets and how good security governance and MVISION Cloud can close the gaps in your cloud security posture. Live hack and defend demonstration.
Demo: Uncover Hidden threats in the Enterprise
Insider Threats are consistently reported as the most costly incidents but remain extremely difficult to detect. This session will demonstrate how analytics-driven sec ops can provide insights into user behavior and reduce the dwell time to insider threats.
The Evolution of ePO: Your Management Needs Covered
There once was a time when ePO was a staple for product deployment and management, but did not hold critical importance. An evolving threat landscape has changed this and the requirement for ePO availability as a critical application, as well as the need for visibility and management across all devices regardless of where they reside, has altered expectations of ePO functionality and architecture.
In this session we will explore how ePO has evolved into an important part of one’s security infrastructure, allowing you to manage devices of multiple operating systems and types which reside within your network or outside of your network – including your cloud environments – and how McAfee has created multiple form factors for ePO to support your deployment needs.