March TASK: Insider Threat / Application Security Starts With Threat Modelling
Live and in-person at TMU + Live-Streamed on Discord
Date: Wednesday, March 26
Time: 6:00 PM
In-Person Location: DCC 208 Classroom at TMU's Daphne Cockwell Health Sciences Complex - 288 Church Street
Registration: Not required
Live-Stream: Although TASK is always best in-person, we will steam live again on Discord @ https://discord.gg/aXfY76xgVJ.
Topic: Insider Threat
Speaker: Steven Flowers
This presentation will give an updated view on how companies are addressing challenges with what cybersecurity has traditionally labelled the Insider Threat. It will start with a clarifying definition of an Insider Threat, the current vendor industry trends in their approach, what is being seen in the current threat landscape and how that creates visibility and response challenges for organizations to address.
The discussion will go into more details on different insider threat motivations, and techniques and targets commonly used by these rogue agents. There will then be a call to action in managing these threats, putting this into the context of avoiding the cost of waiting, with the ultimate goals to enable organizations to defend against the insider threat agent actions and impacts.
Steve Flowers is currently the Country Manager for Exabeam Canada, and has been assisting Canadian organizations select and implement security tooling for the past 25 years throughout his sales roles. Over the past 9 years with Exabeam he has seen the impact that strong User and Entity Behaviour Analytics platforms have brought to security operations practitioners, enabling organizations to detect and defend against the Insider Threat.
Topic: Application Security Starts With Threat Modelling
Speaker: Max Cizauskas
Whether you're building applications yourself or connecting SaaS and PaaS systems together, the recognized rule for getting applications security into a moderns Software Development Life Cycle has been shifting left. The furthest left we can apply security is at the architectural and design phase, which is where Threat Modelling can be applied to quickly reveal issues, making it cheaper to fix and teaching the developers where controls need to be placed to build in resilience. See your systems, applications and processes through the eyes of an attacker by enabling the experts in organizations to play what-if games to discover where things can break badly.
Max Cizauskas is a security professional with over 20 years of implementing cybersecurity controls and practices for organizations across North America. Max currently works at Optiv Canada as a Client Security Architect with the goal of helping organizations make efficient decisions in how to improve the security of their organization, and make wise investments to achieve their business objectives on a secure foundation. Max started his professional career as a developer and system administrator before breaking into the cybersecurity profession.
We look forward to see you all there!
The TASK Steering Committee