Kaseya Security Live is the latest addition to Kaseya Connect’s pre-day programming. The inaugural event featured workshops packed with expert insights and smart strategies for proactive security. Hands-on simulations and expert-led sessions gave participants the opportunity to sharpen their skills alongside some of the top cybersecurity leaders in the industry. The event’s engaging and highly practical approach left participants better equipped to tackle today’s biggest cybersecurity challenges.
Jim Lippie, Chief Product Officer at Kaseya, and Andrew Morgan, Founder and CEO of Right of Boom, kicked off the day with an energetic opening presentation. Their strong, upbeat introduction framed the importance of the day’s topics against the backdrop of the latest cybercrime statistics. The high-energy start got the audience excited and ready to dive into the day.
The excitement was warranted with the keynote presentation that followed. “Keys to the Kingdom: Safeguarding Identity in Electronic Communications,” led by Patterson Cake, DFIR Consultant at Black Hills Information Technology, provided an inside look at the importance of identity protection. Cake detailed how easily bad actors can gather information that enables them to access networks, steal data and conduct cyberattacks like business email compromise (BEC). Cake provided step-by-step walkthroughs of real-world examples, which added to the power of the session.
One notable case involved an attacker using extensive, believable deepfakes, including a fake Zoom call with an executive the targeted employee knew personally, to attempt to trick an employee into paying a “vendor.” The attack failed only because the fraudsters used the employee’s full name instead of the diminutive her coworkers normally used.
The presentation also covered the rise of deepfakes, conversation hijacking and how bad actors leverage dark web information to bypass even strong security controls. The eye-opening session gave participants a deeper understanding of today’s rapidly evolving identity-based threats.
Workshops designed to engage and teach
Three workshops offering hands-on participation followed.
“Understanding Adversary in the Middle (AiTM) Attacks on Microsoft 365,” led by Benjamin Jones, Director Managed SaaS Alerts at Kaseya, took attendees on a deep dive into how AiTM attacks threaten Microsoft 365 environments. Participants took part in a hands-on attack simulation, seeing firsthand how attackers can intercept authentication processes even when security tools like conditional access, multifactor authentication (MFA) and security keys are in place.
The session also covered best practices like managing token expiration, restricting network access, and allowing only registered, joined and cleared devices. While bad actors may still capture email addresses, strong controls can stop them from moving laterally across the network. This practical session guided participants in strengthening their Microsoft 365 defenses.
“Demystifying EDR,” facilitated by Christopher Gerritz, Director of Kaseya Labs, pulled back the curtain on endpoint detection and response (EDR) technology. Gerritz explained how EDR works, why it’s critical to modern cybersecurity strategies and what to look for when choosing a solution. Gerritz used real-world examples and practical insights to show how EDR empowers businesses to detect threats faster, respond more effectively and strengthen their overall security posture. Attendees also learned how to leverage the MITRE ATTACK framework.
“Incident Response Planning,” the final session of the day, examined the importance of incident response planning. Jeffery Wells, Senior Fellow at the National Security Institute, discussed why MSPs need a strong incident response plan in place for them and their clients. The session covered the wide range of incidents MSPs are likely to face, such as ransomware attacks to data breaches, and highlighted the serious risks of being unprepared. Attendees got expert tutoring in how to build a smart, actionable incident response plan. Wells presented a clear framework attendees could immediately apply to better protect their clients and minimize business disruption when incidents occur.
Wrapping it all up
The Kaseya Security Live pre-day programming track showcased the commitment that Kaseya has made to cybersecurity, combining expert insights with hands-on experiences to strengthen participants’ cybersecurity expertise. The event equipped participants with the tools and strategies needed for long-term success. As cybersecurity threats continue to evolve, the knowledge and connections attendees gained at Kaseya Security Live will help them stay ahead of the curve.
