Sponsored by:

Introduction:

Mark LyonsSenior Director of Business DevelopmentProcore Technologies, Inc.

Sponsored by:

This presentation will be recorded and available on-demand (copies of the PowerPoint are not available).

If you would like to ask questions during the presentation, use the chat window located on the bottom panel. We will be answering questions at the end of the presentations.

All the presenters email addresses will be provided to you at the end of the webinar.

?

Record

Sponsored by:

Sponsored by

Why Companies Choose Procore

Sponsored by

The #1 Most Widely Used Construction Management Software

• 1,300+ client accounts, 750,000+ users

• Used in over 92 countries

• 3X increase in engineering over the last 18 months

Sponsored by

Founded in 2003, Procore is a cloud-based construction project management SaaS provider headquartered in Santa Barbara, CA with multiple offices and US-based support.

Who We Are

Sponsored by

Over the last year and a half,

Procore has witnessed a

Procore has taken several steps to improve our products including securing $30M investment from ICONIQ Capital in 2015 and $16M in 2014 from Bessemer Venture Partners.

revenue growth per year since 2010 is a testament to the success of the solutions Procore continues to build.

increase in engineering by more than tripling our engineering headcount.

Recent Growth

Sponsored by

Procore Customers

OWNERS ENG/ARCH

GENERAL CONTRACTOR

COMMERCIAL GOVERNMENT HEALTHCARE RETAIL

COMMERCIAL INDUSTRIAL MULTI-FAMILY INFRASTRUCTURE RESIDENTIAL

SUB CONTRACTORS

Sponsored by

Our strong company culture attracts top talent, making Procore one of the top places to work in the area.

Moderator:

Tom SawyerDeputy EditorEngineering News-Record

Jason T. Burns Vice President, Chief Information Officer Hunter Roberts Construction Group

John JacobsSenior Vice President and Chief Information Officer JE Dunn Construction

Reed Loden Director of SecurityHackerOne

Jason T. Burns Vice President, Chief Information Officer Hunter Roberts Construction Group

Jason T. BurnsVice President, Chief Information Officer

Jason Burns is responsible for Hunter Roberts technology umbrella including core network infrastructure, project site infrastructure, and software and security management. Under Jason’s direction, the Technology department is dedicated to

working with internal and external business partners to align systems with Hunter Roberts’ global strategies. Jason is responsible for creating system, policies, and procedures that will support Hunter Roberts in the years to come, focusing on

efficient processes, systems, and tool sets that keep Hunter Roberts employees well informed. Jason has gained broad experience throughout his 16-year career in the construction industry. He has held a variety of positions in the field and back office, from subcontractor Laborer to Senior Financial Analyst for the nations largest builder. Jason’s Information

Technology, Accounting, and Operations experience allows him to create real-time solutions that brings value to all company. Jason is also widely recognized as an industry expert; he speaks about technology in the construction industry

frequently and is published regularly.

The moment you realize you are vulnerable

Tactile Vest Name badge

“Hacker”

Briefcase of doom The vest may be worse

Capture the flag in eight minutes from

turnstiles to the end users machine

SAY HELLO TO MY FIRST PHYSICAL THREAT

WHAT DID I LEARN?

1 Weakest Link?

2 Personal & Private Information

3 Banking

USB Control

IPS

Port Control Wireless

MDM

Malware / Viruses

Physical Access Control

802.1 XLEM

Two-Factor Authentication

WHAT DID I RESEARCH?

Research…

Low Cost BIG Gain Items

Proxy All Traffic on and Off network

99%99%DROP Malware/Adware in First Four Weeks

Week1 Week2 Week3 Week40

10

20

30

40

50

60

70

80

Incidents

Low Cost BIG Gain Items

File Review Email/Download

100%100%DROP Malware/Virus in first 4 weeks

Week1 Week2 Week3 Week40

2

4

6

8

10

12

14

Incidents

Low Cost BIG GAIN40%40%Less Help Desk Tickets

Great!!! Now you have all this security, now what?

1 Time

2 Knowledge Base

3 Attack Vectors Change Rate

4 Assets

John JacobsSenior Vice President and Chief Information Officer JE Dunn Construction

About JE DunnFounded in 1924 in Kansas City, Missouri

Expanded to 20 offices around the United StatesRanked 12th in the US for General Building Contractors (by ENR)

Family & employee owned

Industry Observations• Internet of Every(Things)• Threat Landscape• Collaboration Demands

Top Security Threats• Insider Misuse (unintentional data access)

• Crimeware/Ransomware (project data access)

• Theft/Loss (workstation theft)

• Web Application Attack (external user access)

• Phishing (financial target, corporate data access)

• Malware (internal efficiency degradation)

What are we doing?

• Define security standards – Corporate & Individual• Security Incident Event Monitoring & Management• Intrusion Detection/Prevention System• Firewall Upgrades• Vulnerability Management • Endpoint Security Remediation• Email Security• Intelligence Analysis

People, price, and period• Level of effort

• Resources (FTEs) • Capital

• How long it took• Planning• Execution

• Expected continuing effort• Resources• Capital

Early Wins

• “Rare Double” – During our firewall upgrade initiative, we increased our security capability while increasing our capacity and productivity.

• Security Analytics – Ignorance is very risky bliss. Analyzing events on our network has brought to light security issues to remediate as well as identified application misconfiguration that we could easily fix prior to them becoming a critical issue.

Case Study – Collaboration, and the effects on Risk and Response

• The Problem - HackingTeam Exploit-Kit Leak (July 5th, 2015)

• The Collaboration – Local FBI, InfraGard, and Threat Intelligence Exchange

• The Result – Within day(s), perimeter defended. Within hours, patches applied as available. Immediate, as intelligence is shared, we update our now existing defenses.

Take-AwaysNo matter the size of the organization, we have found that the following apply across all:

• Fundamentals• Executive Support• Perimeter Security• Data Classification • Corporate and End User Policy

• Operations• Security Monitoring• Incident Management• Security Operations

• Improvement• Security Awareness• Risk Management• Research and Development

Reed Loden Director of SecurityHackerOne

Professional Defender…

I am Reed -- security is what I do

• Director of Security at HackerOne

• Security expert, hacker, and developer

• Previously Lookout Mobile Security, Mozilla, Palantir…

43% of companies have experienced a data breach in the past year71% of security breaches target small businesses

What are criminals looking for?

Real Threats…

Ransomware

Real Threats…

Lax security posture

Real Threats…

Social Engineering Attacks

12 Steps to take today…

• Use a Password Managero 1Password, LastPass

• Always use 2-Factor Authenticationo Critical for VPN and cloud services

• Install/use Malware/Virus Protectiono Microsoft Security Essentials is free!

• Use Chrome or Firefox for Internet browsingo Disable / Use click-to-play for Java and Flash

12 Steps to take today…• Turn on Automatic Software Updates

o Includes OS, browsers, and various software suites such as Adobe and Microsoft Office

• Have a Mobile Devices Management Policyo Encrypted, passwords required, & ability to remote wipe

• Examine Sharing Settingso Who really needs access? Ensure not sharing with world.

• Secure Your Infrastructureo Use SSL/TLS, firewall, and maybe some form of IDS/IPS

• Be prepared for Social Engineering attackso Occur in both the physical and virtual worlds

• Have plans for dealing with an incident / breacho It will happen. Ensure you are prepared for it.

• Define an “off-boarding” processo Stick to it and keep updated; think about sub-contractors

• Switch to Card Readerso Locks are easy to pick; keys offer no accountability

12 Steps to take today…

Q & A

Sponsored by

“Since we started using Procore, over the last year we were able to increase our sales by over 60%. Without Procore we wouldn’t have been able to handle that amount of work.”

- Sylvia Lamas, Wells Construction

Project Management From Bidding to Closeout

Sponsored by

Be up and running in weeks, not months or years

Unlimited users, no per-user fees or seat licenses

Easy to learn, intuitive interface

"Procore ensures we never have to hire additional resources in the office for administrative purposes. That’s a testament to Procore’s ROI––I’m saving 2-3 salaries worth of money.”

- Geoff Bambini, Asturian Group

Unrivaled Time to Value

Sponsored by

Procore offers industry leading

mobile project management on

iOS and Android devices.

• Take photos• Approve RFIs• Close punch list items• Mark up drawings• Record meeting minutes• View schedules• Approve or reject submittals• And more!

The Power of Procore in the Palm of Your Hands

Sponsored by

Client Loyalty

Sponsored by

Thank you!Contact Us

866.477.6267sales@procore.com

Procore’s FREE drawing management app:

Mark Lyons mark@procore.com

Tom Sawyer tom.sawyer@construction.com

Jason T. Burns jburns@hrcg.com

John Jacobs john.jacobs@jedunn.com

Reed Loden reed@hackerone.com

Sponsored by: