Plaintext: How Data Breaches Happen
Welcome to Dark Reading in Plaintext, where each day we focus on one topic or theme important to cybersecurity professionals. In this issue, we digress a moment to talk about the lineup for the Dark Reading Virtual Event this week.
And What to Do When They Happen to You
It’s the burning question that keeps security practitioners awake at night: How should they do if their organization suffers a data breach? During the Dark Reading Virtual Event on June 23, Dark Reading editors, security practitioners, and other experts will drill deep into the question to share recommendations and best practices.
The first step, before we even get to what to do when they happen, is to understand why breaches happen. Matt Gorham, senior managing director at PwC’s Cyber, Risk, and Regulation Practice and former FBI Assistant Director of its Cyber Division will kick off the free one-day event with his keynote, “Common Cybersecurity Missteps That Leave Your Enterprise Open to Attack.”
We won’t try to predict beforehand what Gorham will highlight, but we’ve noted in the past that major data breaches often are the result of an oversight or unknown vulnerability in an IT infrastructure that attackers spot and exploit first:
The second keynote, “Real-World Data Breaches: A Look at the Trends” is by none other than Alex Pinto, principal author of the Verizon Data Breach Investigations Report. Pinto will be highlighting some of the trends from the latest DBIR and going deeper into some of the findings.
We have talked about the DBIR recently –
领英推荐
Past Virtual Event Keynotes. Previous speakers have included Gusto’s Frederick “Flee” Lee and Cyentia Institute’s Wade Baker. Flee focused on the careful balancing act CISOs have to maneuver between next-generation security technologies and legacy security environments. The analogy he used? Buying an old home, or taking an old house and retrofitting it with security features and improvements. Baker took a data-driven approach to discuss the most common compromises and vulnerabilities that are exploited in enterprise attacks. He cited figures and tables from Cyentia’s IRIS and IRIS2020-Xtreme research.
Follow-up Conversations
For those of you unfamiliar with the format of the Virtual Event, there is a short discussion after the keynote between a Dark Reading editor and a security expert about the points raised during the presentation. Dark Reading’s Kelly Jackson Higgins will speak with Preston Miller, a consulting director at Palo Alto Networks about Gorham’s keynote, and Dark Reading’s Fahmida Y Rashid will highlight key points from Pinto’s talk with Perry Carpenter, chief evangelist and strategy officer at KnowBe4.
(Years ago, Carpenter talked to Dark Reading a bit about successfully running phishing simulations.)
Three Panels, Lots of Opinions
The meatiest parts of the virtual event are the three panels. Dark Reading’s Tara Seals will moderate the endpoints discussion for the panel on “How to Protect Your Endpoints From Getting Weaponized by Attackers.” Part of this panel, Omdia’s Fernando Montenegro is no stranger to Dark Reading’s pages. Coalition’s Tiago Henriques recently weighed in on what to think about when considering cyber insurance and CardinalOps’ Phil Neray has written about ways IoT is changing the CISO role. CyberArk Software’s Len Noe told SecTor attendees last fall how he implanted receiver chips and other devices to turn himself “into the attack vector.”
Dark Reading’s Kelly Jackson Higgins tackles vulnerability and patch management as the moderator for “Finding and Fixing Security Vulnerabilities That Put Your Data in Danger.” And Dark Reading’s Becky Bracken rounds out the event with a discussion on incident response, “What to Do in a Cyber Incident: A Guide to Incident Response.”
See you Thursday!
Register for Dark Reading Virtual Event, How Data Breaches Happen and What to Do When They Happen, on June 23, to learn more about defenses and response.?