San Diego Event: Account Takeover 101 and Strategies to Defend Your Enterprise

Name: San Diego Event: Account Takeover 101 and Strategies to Defend Your Enterprise — ISACA San Diego
Start: 2020-02-20T12:00:00-0800
End: 2020-02-20T13:15:00-0800
Location: Amazon

Thursday, February 20, 2020
12:00 PM 1:15 PM 12:00 13:15

Amazon 10300 Campus Point Drive Ste. 200 San Diego, CA, 92121 (map)

Google Calendar ICS

Topic: Account Takeover 101 and Strategies to Defend Your Enterprise

Description: Protecting your enterprise from breaches and account takeovers (ATO) has never been a bigger challenge. New tools make it possible for even unsophisticated actors to perform advanced, widespread attacks that put your organization at risk. According to the 2019 Verizon Breach Report, stolen credentials are the leading attack vector—yet in a recent study by Symantec, only 7% of respondents rated account takeover as a top threat to their enterprise.

The hard truth is that regardless of the thoughtful measures and policies you have in place, from MFA to password managers, nothing can protect you from human behavior, and that is the weakest link when it comes to ATO. Your employees may be reusing compromised passwords to access corporate systems or signing up for 3rd party services like LinkedIn or Fantasy Football using their work credentials. When these services are breached, your organization is at risk.

In this session, we’ll cover how ATO happens—the attack timeline and the surprisingly unsophisticated criminal tactics bad actors are using today—as well as attack vectors you may not be considering (vendors and other 3rd parties who have access to your systems), and finally how to defend your enterprise despite employee and consumer bad password hygiene.

Learning Objectives: Come away from this session with an understanding of

The anatomy of an account takeover attack
Real-world examples of how employee password reuse can threaten your enterprise
Potential holes in your account takeover plan
What you can do to strengthen your security posture

Please note: If you have not previously submitted a signed NDA, please print, sign and bring this new Amazon NDA for visitors with you to the meeting.

Speaker:

Chip Witt, Head of Product Strategy at SpyCloud

Chip Witt has nearly twenty years of diverse technology experience, including product management and operations leadership roles at Hewlett Packard Enterprise, Webroot, VMware, Alcatel, and Appthority. He is currently the Head of Product Strategy and manages the Customer Success Program at SpyCloud, which provides cloud-based security services to help businesses of all sizes prevent data breaches and account takeover attacks by alerting when employee or company assets have been compromised. Chip works closely with field intelligence teams specializing in OSINT and HUMINT tradecraft, actor attribution and underground monitoring.