Sign Up to be Notified When Registration Opens in Your Area

Event Schedule

Times for this Event are in Eastern Time (CDT/CST).

The Conference will be open August 4th, from 8:30 am to 5:30 pm .

  • DAY ONE
  • Welcome / Introductions
  • Beyond SolarWinds: Supply Chain & Third-Party Risk Management for 2022 9:10 am
    Add to Calendar20220804 9:10 am20220804 9:30 amAmerica/ChicagoBeyond SolarWinds: Supply Chain & Third-Party Risk Management for 2022

    Even before SolarWinds Orion Code Compromise, Supply Chain Attacks were up over 400% in 2020. As we go into 2022, this attack vector will continue to  receive tremendous attention. Along with third-party risk in general, partner organizations and software systems with unfettered, privileged, deep access to infrastructure create a “perfect storm” threat for modern cyber executives.  

    In this session we will discuss these challenges in detail, as well as the multiple approaches to identify the best means of using supply chains while keeping the third-party risks at a minimum.

    .

    Even before SolarWinds Orion Code Compromise, Supply Chain Attacks were up over 400% in 2020. As we go into 2022, this attack vector will continue to  receive tremendous attention. Along with third-party risk in general, partner organizations and software systems with unfettered, privileged, deep access to infrastructure create a “perfect storm” threat for modern cyber executives.  

    In this session we will discuss these challenges in detail, as well as the multiple approaches to identify the best means of using supply chains while keeping the third-party risks at a minimum.

    Click to Expand

    Collapse This Item

  • Managing the Insider Threat 9:40 am
    Add to Calendar20220804 9:40 am20220804 10:00 amAmerica/ChicagoManaging the Insider Threat

    An adversary who attacks an organization from within can prove fatal to the business and is generally impervious to conventional defenses. Social science research has been used to explain why traditional methods fail against these trusted betrayers.  Every company must identify and utilize new management techniques, increase security, and revise workplace strategies for categorizing and defeating insider threats.

    There are key players in positions to either effectively support or undermine the insider threats.  Leadership style can make a difference in the way an institution recognizes and identifies these threats from rethinking background investigations to recognizing deception and using lawful disruption. Join this session to learn about how organizations must circumvent these predators before they jeopardize the workplace and sabotage business operations.

    .

    An adversary who attacks an organization from within can prove fatal to the business and is generally impervious to conventional defenses. Social science research has been used to explain why traditional methods fail against these trusted betrayers.  Every company must identify and utilize new management techniques, increase security, and revise workplace strategies for categorizing and defeating insider threats.

    There are key players in positions to either effectively support or undermine the insider threats.  Leadership style can make a difference in the way an institution recognizes and identifies these threats from rethinking background investigations to recognizing deception and using lawful disruption. Join this session to learn about how organizations must circumvent these predators before they jeopardize the workplace and sabotage business operations.

    Click to Expand

    Collapse This Item

  • Supply Chain & Third Party Risk Management 10:05 am
    Add to Calendar20220804 10:05 am20220804 10:25 amAmerica/ChicagoSupply Chain & Third Party Risk Management

    A supply chain encompasses the entire network of all the individuals, organizations, resources, activities and technology involved in the creation and sale of a product.  The ultimate goal of an effective supply chain is lower costs of doing business thus resulting in higher profits and improved customer satisfaction.  The process of bringing in a third party involves identifying, assessing and controlling all the various risks that can develop over the entire lifecycle of such relationships. 

    Join this session to drive into how sophisticated attackers can live quietly inside even organizations with significant expertise and mature security processes.

    .

    A supply chain encompasses the entire network of all the individuals, organizations, resources, activities and technology involved in the creation and sale of a product.  The ultimate goal of an effective supply chain is lower costs of doing business thus resulting in higher profits and improved customer satisfaction.  The process of bringing in a third party involves identifying, assessing and controlling all the various risks that can develop over the entire lifecycle of such relationships. 

    Join this session to drive into how sophisticated attackers can live quietly inside even organizations with significant expertise and mature security processes.

    Click to Expand

    Collapse This Item

  • Cybersecurity in IOT 10:30 am
    Add to Calendar20220804 10:30 am20220804 11:00 amAmerica/ChicagoCybersecurity in IOT

    The Internet of Things (IoT) poses entirely new challenges. With 35 billion IoT devices expected to be in operation over the next year – weak passwords, insecure network services and a lack of secure update mechanisms concern every organization.

    In this panel discussion industry experts will dive into why is IoT Security so often overlooked, how the pandemic changed the way we look at IoT security, how additional security can add issues in terms of connectivity or updates and how to overcome and so much more.

    .

    The Internet of Things (IoT) poses entirely new challenges. With 35 billion IoT devices expected to be in operation over the next year – weak passwords, insecure network services and a lack of secure update mechanisms concern every organization.

    In this panel discussion industry experts will dive into why is IoT Security so often overlooked, how the pandemic changed the way we look at IoT security, how additional security can add issues in terms of connectivity or updates and how to overcome and so much more.

    Click to Expand

    Collapse This Item

  • 2022 Threat Review: Cyberprotection Starts With Understanding the Latest Attacks, Cybercrimes, and Privacy Breaches 11:25 am
    Add to Calendar20220804 11:25 am20220804 11:45 amAmerica/Chicago2022 Threat Review: Cyberprotection Starts With Understanding the Latest Attacks, Cybercrimes, and Privacy Breaches

    The Malwarebytes 2022 Threat Review is an annual report highlighting internal threat research findings and trends. The report highlights top threats across operating systems, how privacy has shifted, and the ways cybercriminals and crimes are evolving, with the goal of giving readers the tools to make informed cyber protection decisions.

    Presented by Malwarebytes

    The Malwarebytes 2022 Threat Review is an annual report highlighting internal threat research findings and trends. The report highlights top threats across operating systems, how privacy has shifted, and the ways cybercriminals and crimes are evolving, with the goal of giving readers the tools to make informed cyber protection decisions.

    Click to Expand

    Collapse This Item

  • An Adversary-Focused Approach to Cybersecurity Defenses 11:50 am
    Add to Calendar20220804 11:50 am20220804 12:10 pmAmerica/ChicagoAn Adversary-Focused Approach to Cybersecurity Defenses

    Recent years have seen great progress in the enumeration and categorization of adversary TTPs. However, these frameworks and matrices are often cumbersome and unwieldy because they attempt to be “all things for all people”, listing every possible adversary and their TTPs. This presentation will take these frameworks and matrices as inputs and focus them on the specific adversaries and attack types that are relevant to your organization, so that you can be more efficient with your cybersecurity prevention and detection efforts.

    Presented by eSentire

    Recent years have seen great progress in the enumeration and categorization of adversary TTPs. However, these frameworks and matrices are often cumbersome and unwieldy because they attempt to be “all things for all people”, listing every possible adversary and their TTPs. This presentation will take these frameworks and matrices as inputs and focus them on the specific adversaries and attack types that are relevant to your organization, so that you can be more efficient with your cybersecurity prevention and detection efforts.

    Click to Expand

    Collapse This Item

  • Lunch Break
  • Keynote Presentation 12:45 pm
    Add to Calendar20220804 12:45 pm20220804 1:05 pmAmerica/ChicagoKeynote Presentation

    .

    Collapse This Item

  • IAM + WFH - Authentication vs Authorization 1:35 pm
    Add to Calendar20220804 1:35 pm20220804 1:55 pmAmerica/ChicagoIAM + WFH - Authentication vs Authorization

    The “perimeter” concept for organizational security… The castles and moats analogy no longer applies… As we all went to Work From Home quickly – we tested the boundaries of identity and authentication.

    Join this session to discuss the concepts and trends shaping identity and authentication, from IAM to passwordless, and PAM to zero-trust. 

    .

    The “perimeter” concept for organizational security… The castles and moats analogy no longer applies… As we all went to Work From Home quickly – we tested the boundaries of identity and authentication.

    Join this session to discuss the concepts and trends shaping identity and authentication, from IAM to passwordless, and PAM to zero-trust. 

    Click to Expand

    Collapse This Item

  • The Cybersecurity Skills Shortage 2:15 pm
    Add to Calendar20220804 2:15 pm20220804 2:35 pmAmerica/ChicagoThe Cybersecurity Skills Shortage

    There are currently 310,000 unfilled cybersecurity jobs in the United States, and millions around the world. However, there is no shortage of cybersecurity hopefuls – millions of students, career changers, and people from all walks of life hoping to break into cybersecurity. 

    This session will explore the issues around cybersecurity jobs.  Breaking into the field, the relative need for certifications, formal education, on-the-job training and more.  The discussion will explore the supply and demand disconnect that has been created – resulting in both a ton of great candidates looking for roles, and a cybersecurity skills shortage.

    .

    There are currently 310,000 unfilled cybersecurity jobs in the United States, and millions around the world. However, there is no shortage of cybersecurity hopefuls – millions of students, career changers, and people from all walks of life hoping to break into cybersecurity. 

    This session will explore the issues around cybersecurity jobs.  Breaking into the field, the relative need for certifications, formal education, on-the-job training and more.  The discussion will explore the supply and demand disconnect that has been created – resulting in both a ton of great candidates looking for roles, and a cybersecurity skills shortage.

    Click to Expand

    Collapse This Item

  • The Evolution of the Threat: Hunting, Detection, & Response 2:40 pm
    Add to Calendar20220804 2:40 pm20220804 3:00 pmAmerica/ChicagoThe Evolution of the Threat: Hunting, Detection, & Response

    Nation-State attacks are not always focused on political or military adversaries. Recently, below-military-grade action can create havoc or destabilize adversaries, or manipulate markets.  Hard to trace and even harder to convict, they may affect stock price or even influence the outcome of elections. 

    Attend to talk about the problem, and see what US enterprises are doing to prepare themselves for these situations.

    .

    Nation-State attacks are not always focused on political or military adversaries. Recently, below-military-grade action can create havoc or destabilize adversaries, or manipulate markets.  Hard to trace and even harder to convict, they may affect stock price or even influence the outcome of elections. 

    Attend to talk about the problem, and see what US enterprises are doing to prepare themselves for these situations.

    Click to Expand

    Collapse This Item

  • Mobile Device Security 3:05 pm
    Add to Calendar20220804 3:05 pm20220804 3:25 pmAmerica/ChicagoMobile Device Security

    Mobile devices are omnipresent for everyone in our society. Providing email, file access, even physical access and authentication has been made easily accessible via our use of these devices. At the same time, users are five times more likely to click on a phishing email on their smartphone versus desktop, file access and authentication can be exposed via a lost device, and a host of other vulnerabilities exist.  Corporate-provided assets could be one answer, but it’s simply not feasible for every organization, and moreover – users are looking to connect whenever and wherever they are (even as they are at home a lot these days). 

    Our expert panel will contemplate several approaches to this challenge.

    .

    Mobile devices are omnipresent for everyone in our society. Providing email, file access, even physical access and authentication has been made easily accessible via our use of these devices. At the same time, users are five times more likely to click on a phishing email on their smartphone versus desktop, file access and authentication can be exposed via a lost device, and a host of other vulnerabilities exist.  Corporate-provided assets could be one answer, but it’s simply not feasible for every organization, and moreover – users are looking to connect whenever and wherever they are (even as they are at home a lot these days). 

    Our expert panel will contemplate several approaches to this challenge.

    Click to Expand

    Collapse This Item

  • Operational Technology (OT) & Industrial Control Systems (ICS): Cybersecurity Concerns 3:50 pm
    Add to Calendar20220804 3:50 pm20220804 4:20 pmAmerica/ChicagoOperational Technology (OT) & Industrial Control Systems (ICS): Cybersecurity Concerns

    Since the Stuxnet worm was first discovered back in 2010, attacks related to SCADA systems have been of concern. While manufacturing and utility organizations tend to talk about them more, there are wide implications across the cybersecurity landscape that touch on ICS and OT systems of all kinds. 

    This session will talk about why these types of attacks represent a primary concern, and what state-of-the-art looks like in terms of building protections. 

    .

    Since the Stuxnet worm was first discovered back in 2010, attacks related to SCADA systems have been of concern. While manufacturing and utility organizations tend to talk about them more, there are wide implications across the cybersecurity landscape that touch on ICS and OT systems of all kinds. 

    This session will talk about why these types of attacks represent a primary concern, and what state-of-the-art looks like in terms of building protections. 

    Click to Expand

    Collapse This Item

  • The Risk Management “Balance Sheet” 4:15 pm
    Add to Calendar20220804 4:15 pm20220804 4:35 pmAmerica/ChicagoThe Risk Management “Balance Sheet”

    Managing risk has always been a part of the CISO responsibility set; however, the ways in which it is managed has no clear definition. With new ransomware threats, supply chain attacks, and third-party risk in the mix – perhaps a new way to budget risk is required.  Is there an effective way to have a “risk balance sheet” – a way in which the CISO could communicate risk to the rest of the C-suite in a consistent language they would understand? 

    Attend this session to get these questions answered and more.

    .

    Managing risk has always been a part of the CISO responsibility set; however, the ways in which it is managed has no clear definition. With new ransomware threats, supply chain attacks, and third-party risk in the mix – perhaps a new way to budget risk is required.  Is there an effective way to have a “risk balance sheet” – a way in which the CISO could communicate risk to the rest of the C-suite in a consistent language they would understand? 

    Attend this session to get these questions answered and more.

    Click to Expand

    Collapse This Item

  • Cyber Executive Panel 4:40 pm
    Add to Calendar20220804 4:40 pm20220804 5:25 pmAmerica/ChicagoCyber Executive Panel

    Submit your bio for consideration to participate on our Cyber Executive Panel

    to [email protected] or fill out our Call for Speakers form here.

    .

    Submit your bio for consideration to participate on our Cyber Executive Panel

    to [email protected] or fill out our Call for Speakers form here.

    Click to Expand

    Collapse This Item

  • Day One Closing Session 5:25 pm
    Add to Calendar20220804 5:25 pm20220804 5:30 pmAmerica/ChicagoDay One Closing Session

    .

    Collapse This Item

  • Happy Hour Networking Reception 5:30 pm
    Add to Calendar20220804 5:30 pm20220804 6:30 pmAmerica/ChicagoHappy Hour Networking Reception

    .

    Collapse This Item

Partners Register