Contact us at info@uzado.com
Uzado

Uzado

Uzado is an industry-leading SAAS provider with a strong focus on information security management. The Uzado Platform is designed to help organizations manage areas of incidents, vulnerability, compliance, repository of files that are visible to the rest of the organization, sharing or sending confidential files securely, and more. The core services Uzado offers include IT service management, vulnerability and remediation management, and operations and compliance management.

Author's Posts

5 Talks You Won’t Want to Miss at SecTor 2016

Uzado

5_Talks_You_Wont_Want_to_Miss_at_SecTor_2016.jpgSecTor 2016 is quickly approaching! From October 17 to 19, Toronto will host a number of top information security experts and professionals from around the world at Canada’s largest security expo. Are you planning to attend? If so, pencil these 5 talks into your schedule—you won’t want to miss them!

5. Overwhelmed by Security Vulnerabilities? Learn How to Prioritize Remediation

When it comes to vulnerability remediation, many organizations face an excess of threats and a shortage of team members. That means remediation must be properly prioritized, so that the vulnerabilities representing the greatest risks can be fixed immediately. In this presentation, Amol Sarwate will share with SecTor 2016 attendees some best practices for improving remediation and reducing risk in the age of vulnerability overload.

4. Securing a Cloud-Based Data Center

As interest in cloud computing continues to gain traction in Canada, Peter Cresswell’s SecTor2016 talk about how Trend Micro is delivering security controls in these potentially high-risk environments, using standard management tools, is well timed. Join the panel for a succinct overview of this unique approach to securing your cloud data center.

3. Eliminating the Automation and Integration Risks of the “Security Frankenstein”

The workflow of today’s Security Operations Center (SOC) might be envisioned as a “Security Frankenstein”—where each “limb” represents a disparate solution in the steps of security. The result is an ineffective, costly, and cumbersome approach to security activities, as you are probably all too aware. In this SecTor 2016 session, Chris Pogue will explore how an adaptive security approach to the SOC workflow delivers an integrated, context-aware, endpoint security solution for threat prevention, detection, response, and remediation that continuously monitors all layers of the IT stack.

2. Can Massive Data Harvesting Drive Down the Time to Breach Detection?

It seems as though almost every day, there’s a report of yet another organization’s security being breached. Organizations know they need to remain on their toes about breaches and react to them as soon as they’re discovered. But with the time to breach detection remaining between 100 and 200 days, hundreds of millions of dollars will be lost to ransomware this year. In light of this, suffice it to say that there’s a fundamental flaw in the traditional defense model. Any individual layer, when it receives updated security intelligence, does not look backward at previously analyzed traffic, files, or events. It merely looks forward, inspecting new events in far more detail.

In this interactive SecTor 2016 discussion, Sean Earhard will review time-to-detection data from the last two years and examine the role massive data harvesting plays in fixing the traditional model of security—and how it could help organizations reduce the time it takes to detect security breaches.

1. An Effective Approach to Automating Compliance Activities

Along with keeping organizations on their toes about security, every breach report seems to bring with it a new standard or framework to help handle this cybersecurity crisis and prevent future attacks. What few regulators realize is that most IT and security professionals are already overwhelmed with the responsibilities of performing day-to-day tasks; adding additional compliance activities to the security team’s workload is not an effective, long-term solution.

In this talk, Uzado’s own Dave Millier will present an approach that allows security professionals to quickly review proposed or existing standards and frameworks. The discussion will also present a methodology for systematizing a consistent, reliable, and repeatable approach to managing compliance, which will provide your organization with the ability to automate activities where feasible. The goal is to free up time for you and the members of your organization responsible for compliance activities. This is your chance to get an inside look at how the Uzado platform works!

A Risk-Based Approach  to Vulnerability Remediation

Read More
Topics: Compliance

4 Speakers to See at the Security Education Conference Toronto 2016

Uzado

4_Speakers_to_See_at_the_Security_Education_Conference_Toronto_2016.jpgThe Security Education Conference Toronto 2016 is quickly approaching! From October 17 to 19, Toronto will play host to a number of top information security experts and professionals from around the world at Canada’s largest security expo. Are you planning to attend the conference? If so, be sure to pencil in talks by these 4 speakers—you won’t want to miss them!

4. Dave Millier

Uzado’s own Dave Millier will be presenting a talk at the Security Education Conference Toronto 2016, entitled “An Effective Approach to Automating Compliance Activities.” Dave is a serial entrepreneur, off-road motorcycle rider, and food lover. Dave has been involved in cybersecurity for almost 20 years. He founded the InfoSec company Sentry Metrics, one of Canada’s most successful MSSPs. In late 2014, Dave launched Uzado, a cloud-based InfoSec company focused on helping companies simplify cybersecurity by answering the questions “what now?” or “what next?” Dave is also the CSO of Quick Intelligence, a boutique VAR and cybersecurity consulting company, and is the CEO of MIDAC Solutions, a Managed IT services provider focused on small to mid-size clients.

In this talk, Dave will present an approach that allows security professionals to quickly review proposed or existing standards and frameworks. The discussion will also present a methodology for systematizing a consistent, reliable, and repeatable approach to managing compliance, which will provide your organization with the ability to automate activities where feasible.

3. Chris Pogue

Chris Pogue is the Chief Information Security Officer at Nuix, and a member of the US Secret Service Electronic Crimes Task Force. He is responsible for the company’s security services organization; he oversees critical investigations and contracts, and key markets throughout the United States. His team focuses on incident response, breach preparedness, penetration testing, and malware reverse engineering.

Chris will be delivering two talks at the Security Education Conference Toronto 2016: the keynote “Retaking Surrendered Ground: Making Better Decisions to Fight Cybercrime” and “Eliminating the Automation and Integration Risks of the ‘Security Frankenstein.’” The latter talk will focus on how an adaptive security approach to the Security Operations Center (SOC) workflow delivers an integrated, context-aware, endpoint security solution for threat prevention, detection, response, and remediation that continuously monitors all layers of the IT stack.

2. Amol Sarwate

Amol Sarwate heads Qualys’ worldwide security engineering team, which is responsible for vulnerability and compliance research. His team tracks emerging threats and develops software that identifies new vulnerabilities and insecure posture for Qualys’ VM, PC, PCI, and QBC services. Amol is a veteran of the security industry and has devoted his career to protecting, securing, and educating the community from security threats.

At the Security Education Conference Toronto 2016, Amol is presenting a session entitled “Overwhelmed by Security Vulnerabilities? Learn How to Prioritize Remediation.” The session will focus on best practices for improving remediation and reducing risk in the age of vulnerability overload, with data deriving from a year-long study of various vulnerabilities.

1. Edward Snowden

Edward Snowden has been making appearances at conferences and expos around the world, despite being a fugitive in Russia. Technology has made it possible for Snowden to appear at the Security Education Conference Toronto 2016, and he will be delivering one of the keynote speeches of the conference, entitled “Defense Against the Dark Arts: Examining, Fixing and Fighting for Our Cyber Defenses.” Snowden will discuss what needs to be done to improve and fix cyber defenses. And while the title of the talk may seem to reference the magical world of Harry Potter, the session will surely have real-world application for those involved in the black art of security in the 21st century.

A Risk-Based Approach  to Vulnerability Remediation

Read More
Topics: Compliance

5 Things We’re Looking Forward to at SecTor 2016

Uzado

5_Things_Were_Looking_Forward_to_at_SecTor_2016.jpgSecTor 2016 is quickly approaching! From October 17 to 19, Toronto will host a number of top information security experts and professionals from around the world at Canada’s largest security expo. Are you planning to attend? If so, your schedule will likely be jam-packed with great talks, activities, and maybe even some training sessions. Here are just a few of the great events and activities the Uzado team is looking forward to at SecTor 2016!

5. The Lock Pick Village

While a lot of the security talked about at SecTor 2016 will focus on cybersecurity, there is always a time and a place for some good old-fashioned physical security. Why not get your hands dirty and test your skills at picking locks in the Lock Pick Village? Of course, it won’t be just as simple as picking a lock—there will be other challenges on hand! You may even learn a thing or two about the history of physical security around the world.

4. “Defense Against the Dark Arts”

Edward Snowden has been making appearances at conferences and expos around the world, despite being a fugitive in Russia. Technology has made it possible for Snowden to appear at SecTor 2016, and he will be delivering one of the keynote speeches of the conference. Snowden will discuss what needs to be done to improve and fix cyber defenses. And while the title of the talk references the magical world of Harry Potter, the session will surely have real-world application for those involved in security in the 21st century.

3. The Internet of Things Hack Lab

The Internet of Things Hack Lab, presented by Tripwire, is back at SecTor 2016 for another year. This popular activity allows security professionals the chance to get their hands dirty—and to gain some insight into what’s going on at the other end of the chain when a security breach happens. In the hack lab, you’ll be able to start hacking IoT devices. For those involved in security, that’s a valuable skill—and it’s fun too!

2. The Networking Reception

Following day one of SecTor 2016, all attendees registered for the full conference are invited to a networking reception, hosted at The Hall at Steamwhistle Brewery’s Roundhouse. Steamwhistle is a Toronto staple, so you’ll be able to play tourist in addition to rubbing elbows with some of the world’s top security experts and other professionals like yourself. With plenty of food and drink available, this networking event is sure to be the best way to cap off the first day of the conference. Don’t forget to bring your badge! Expo-only attendees, don’t fret—you can still get in to the reception; Expo Hall sponsors will have a limited number of wristbands to distribute.

1. Dave Millier’s SecTor 2016 Session

Along with keeping organizations on their toes about security, every breach report seems to bring with it a new standard or framework to help handle this cybersecurity crisis and prevent future attacks. What few regulators realize is that most IT and security professionals are already overwhelmed with the responsibilities of performing day-to-day tasks; adding additional compliance activities to the security team’s workload is not an effective, long-term solution. In this talk entitled “An Effective Approach to Automating Compliance Activities,” Uzado’s own Dave Millier will present an approach that allows security professionals to quickly review proposed or existing standards and frameworks. The discussion will also present a methodology for systematizing a consistent, reliable, and repeatable approach to managing compliance, which will provide your organization with the ability to automate activities where feasible. This session is your chance to get an inside look at how the Uzado platform works!

A Risk-Based Approach  to Vulnerability Remediation

Read More
Topics: Compliance

Don’t Miss It! Dave Millier Is Speaking at SecTor 2016

Uzado

Dont_Miss_It_Dave_Millier_Is_Speaking_at_SecTor_2016.jpgThe 2016 edition of SecTor, Canada’s largest information security expo, is quickly approaching. As the conference celebrates its 10th anniversary this year, the stage is set for some of the world’s leading information security experts and professionals to connect in the heart of downtown Toronto. The conference, as always, features a full schedule of activities, seminars, and workshops—including a session hosted by UZADO’s own Dave Millier.

Where and When?

UZADO CEO Dave Millier will be leading a half-hour session on Tuesday, October 18, 2016. Catch Dave at SecTor from 11:30 am-12:00 pm in Tech3 (801B) as he discusses the most effective approach to your compliance management activities. If you’ve been curious about the UZADO platform and what it can do for your company, this talk is your chance to learn more about UZADO and how it can help you manage your compliance activities in the most effective manner possible.

An Effective Approach to Automating Compliance Activities

Dave’s session, “An Effective Approach to Automating Compliance Activities,” will focus on how professionals involved in security and compliance can more effectively manage their compliance activities, with an eye to freeing up time.

Why focus on compliance activities? Compliance is an important issue in a world where it seems that, in the wake of every security breach, governments and agencies move to impose more standards and legislation to govern information. The effort is well-intentioned: It seems that every day brings news of another security breach, and companies, regulators, and other players all realize the importance of keeping the sensitive information of business partners and clients safe.

What often seems to go unnoticed by regulators is the sheer amount of work that compliance entails. Most companies have realized that the members of their organizations involved in compliance management and security are already overwhelmed with their day-to-day tasks. Imposing yet another standard or another set of regulations is not an effective, long-term solution—many firms simply allow compliance to slide because staff is too busy just keeping up with the everyday demands of their firm. In this situation, what can an organization do?

The Solution

In this talk, Dave will present an approach that allows you to quickly review a proposed or existing standard or framework. He’ll also provide a methodology for systematizing a consistent, reliable, repeatable approach to managing compliance—one that also allows you to start automating activities where feasible. This methodology has the goal of freeing up time for you and the members of your organization who are responsible for contributing to or managing compliance activities.

The session will explore some of the key features that make the UZADO approach and platform the most effective way to deal with your compliance management. Dave will introduce the various aspects of what the platform can do for your company in terms of consultation, verification, and ongoing operations and compliance validation. The talk will introduce some of the platform’s key strengths, including automation, the provision of additional services for compliance teams that are overwhelmed, and workflow tools to help your team manage and prioritize their workloads.

About SecTor 2016

SecTor started in 2006 and has since become Canada’s largest information security expo. The world-renowned event occurs this year at the Metro Toronto Convention Centre, from October 17 to 19. Over the course of 3 days, information security professionals will connect with other experts through information sessions, activities, and workshops. Tickets have been selling quickly—the show is over 90% sold—but it’s not too late to register. If you’re interested in attending Dave’s session, visit sector.ca for more information about the conference and how to register.

A Risk-Based Approach  to Vulnerability Remediation

Read More
Topics: Compliance