Schedule Builder

View, browse and sort the ever-growing list of sessions by pass type, track, and format. With this Session Scheduler, you can build your schedule in advance and access it during the show via export or with the Mobile App, once live.

Sessions do fill up and seating is first come, first serve, so arrive early to sessions that you would like to attend. Please note that adding a session into your agenda does NOT guarantee you a seat to the session.

No CISO, No SOC, No Problem: Blocking Bigger Threats with Smaller Teams

Jack Danahy (CTO and Co-Founder, Barkly)

Jason Thomas (Chief Information Officer , Cole, Scott & Kissane)

Date: Thursday, May 23

Time: 9:00am - 9:45am

Pass type: All Access, Conference - Get your pass now!

Track/Topic: Security, IT Strategy

Audience: Intermediate

Format: Conference Session

Vault Recording: TBD

Audience Level: Intermediate

In this presentation, 20 year security veterans Jason Thomas, CIO of Cole, Scott & Kissane and Jack Danahy, CTO of Barkly, share real-world successful strategies implemented by Cole, Scott & Kissane to achieve ransomware and zero-day attack readiness.

Cole, Scott & Kissane, one of the nation's largest law firms, holds and shares highly sensitive client data, making them an attractive target to cyber criminals. Faced with the additional challenge of managing growing cybersecurity risks with a small security team, it was critical for Cole, Scott & Kissane to leverage security tools that would enable their IT team to easily block today's advanced threats and optimize their limited security resources.

Within weeks of implementation, Cole, Scott & Kissane blocked Emotet, one of today's most costly and destructive malware strains, before it was able to execute ransomware or cause any damage to data and systems. Cole, Scott & Kissane saw immediate ROI, as Emotet victims have spent up to $1 million dollars to remediate not to mention the softer-costs of reputation damage.

This success was the outcome of a multi-phase process that began with Jason's plan to protect CSK from just this sort of attack. In this presentation, Jason will discuss the following 4 real-world strategies implemented by Cole, Scott & Kissane

1) Evaluating the threats to CSK, resulting in the strategy to strengthen endpoints against attacks while minimizing increased workload on Jason's team.

2) Prioritizing prevention-based controls to block attacks over later-stage detection techniques to supplement existing successful end-user awareness and behavior training.

3) Integrating IT resources within the security umbrella to increase available headcount for managing and responding to endpoint security threats using simpler, more intuitive controls.

4) Designing a multi-layered endpoint security stack to include the right balance of protection, detection and response.

The presentation will conclude with 6 proven steps that catalyze management to invest in cybersecurity. Jack will present a concrete example and template, walking attendees through the creation of their own compelling case, including the use of real data, identifying timely and relevant examples, describing known vulnerable areas, and perhaps most importantly, educating management about a path to cost savings and ROI.