Sign Up to be Notified When Registration Opens in Your Area

Event Schedule

Times for this Event are in Central Time (CDT/CST).

The Conference will be open from 11:00 AM July 13th to 5PM and 8:30 AM July 14th to 3PM.

  • DAY ONE
  • Welcome / Introductions
  • The Cybersecurity Skills Shortage 12:10 pm
    Add to Calendar20220713 12:10 pm20220713 12:30 pmAmerica/ChicagoThe Cybersecurity Skills Shortage

    There are currently 310,000 unfilled cybersecurity jobs in the United States, and millions around the world. However, there is no shortage of cybersecurity hopefuls – millions of students, career changers, and people from all walks of life hoping to break into cybersecurity. 

    This session will explore the issues around cybersecurity jobs.  Breaking into the field, the relative need for certifications, formal education, on-the-job training and more.  The discussion will explore the supply and demand disconnect that has been created – resulting in both a ton of great candidates looking for roles, and a cybersecurity skills shortage.

    .

    There are currently 310,000 unfilled cybersecurity jobs in the United States, and millions around the world. However, there is no shortage of cybersecurity hopefuls – millions of students, career changers, and people from all walks of life hoping to break into cybersecurity. 

    This session will explore the issues around cybersecurity jobs.  Breaking into the field, the relative need for certifications, formal education, on-the-job training and more.  The discussion will explore the supply and demand disconnect that has been created – resulting in both a ton of great candidates looking for roles, and a cybersecurity skills shortage.

    Click to Expand

    Collapse This Item

  • The State of Secure Identity 12:40 pm
    Add to Calendar20220713 12:40 pm20220713 1:00 pmAmerica/ChicagoThe State of Secure Identity

    Digital identities control access to an ever-growing number of applications, services, and critical systems. This makes identity an interesting attack vector for threat actors, and highlights the importance of authentication and authorization in preserving trust and security. The 2021 Auth0 State of Secure Identity report highlights the latest trends in identity security, including what types of attacks Auth0 has observed, the characteristics of these attacks, what industries are most affected, and the adoption rates for identity protection technologies. 

    During this session, we’ll provide greater insight into which industries are: 

    – Most highly targeted by credential stuffing attacks 

    – Most highly targeted by SQL injection attacks 

    – Leading the way in MFA adoption to improve overall security posture 

    We’ll als0 shed light on: fake account creation, MFA bypass attacks, and what defensive measures are being adopted to combat these identity security threats.

    Presented by Auth0

    Digital identities control access to an ever-growing number of applications, services, and critical systems. This makes identity an interesting attack vector for threat actors, and highlights the importance of authentication and authorization in preserving trust and security. The 2021 Auth0 State of Secure Identity report highlights the latest trends in identity security, including what types of attacks Auth0 has observed, the characteristics of these attacks, what industries are most affected, and the adoption rates for identity protection technologies. 

    During this session, we’ll provide greater insight into which industries are: 

    – Most highly targeted by credential stuffing attacks 

    – Most highly targeted by SQL injection attacks 

    – Leading the way in MFA adoption to improve overall security posture 

    We’ll als0 shed light on: fake account creation, MFA bypass attacks, and what defensive measures are being adopted to combat these identity security threats.

    Click to Expand

    Collapse This Item

  • The Evolution of the Threat: Hunting, Detection, & Response 1:05 pm
    Add to Calendar20220713 1:05 pm20220713 1:20 pmAmerica/ChicagoThe Evolution of the Threat: Hunting, Detection, & Response

    Nation-State attacks are not always focused on political or military adversaries. Recently, below-military-grade action can create havoc or destabilize adversaries, or manipulate markets.  Hard to trace and even harder to convict, they may affect stock price or even influence the outcome of elections. 

    Attend to talk about the problem, and see what US enterprises are doing to prepare themselves for these situations.

    .

    Nation-State attacks are not always focused on political or military adversaries. Recently, below-military-grade action can create havoc or destabilize adversaries, or manipulate markets.  Hard to trace and even harder to convict, they may affect stock price or even influence the outcome of elections. 

    Attend to talk about the problem, and see what US enterprises are doing to prepare themselves for these situations.

    Click to Expand

    Collapse This Item

  • Will the Real Zero Trust Please Stand Up? 1:25 pm
    Add to Calendar20220713 1:25 pm20220713 1:55 pmAmerica/ChicagoWill the Real Zero Trust Please Stand Up?

    Beyond the potential, beyond the hype, zero trust is a strategy that organizations of all sectors and sizes are employing today.  It is a complex concept that unifies many different facets of cybersecurity.  Even the most seasoned cybersecurity professionals can be overwhelmed when attempting to take on Zero Trust architectures.  As efforts now shift to the long-term strategic view of the ‘new normal’, organizations are questioning how they will ensure business resiliency in 2021 and act more quickly against new and evolving cyber threats.

    Our experts will discuss the various aspects of a zero trust approach including users, identity management, access, and network configuration concepts.

    .

    Beyond the potential, beyond the hype, zero trust is a strategy that organizations of all sectors and sizes are employing today.  It is a complex concept that unifies many different facets of cybersecurity.  Even the most seasoned cybersecurity professionals can be overwhelmed when attempting to take on Zero Trust architectures.  As efforts now shift to the long-term strategic view of the ‘new normal’, organizations are questioning how they will ensure business resiliency in 2021 and act more quickly against new and evolving cyber threats.

    Our experts will discuss the various aspects of a zero trust approach including users, identity management, access, and network configuration concepts.

    Click to Expand

    Panel Participants:

    Craig Moringiello
    Craig Moringiello

    Craig Moringiello

    Assistant Special Agent in Charge at FBI

    Collapse This Item

  • The Risk Management “Balance Sheet” 2:20 pm
    Add to Calendar20220713 2:20 pm20220713 2:40 pmAmerica/ChicagoThe Risk Management “Balance Sheet”

    Managing risk has always been a part of the CISO responsibility set; however, the ways in which it is managed has no clear definition. With new ransomware threats, supply chain attacks, and third-party risk in the mix – perhaps a new way to budget risk is required.  Is there an effective way to have a “risk balance sheet” – a way in which the CISO could communicate risk to the rest of the C-suite in a consistent language they would understand? 

    Attend this session to get these questions answered and more.

    .

    Managing risk has always been a part of the CISO responsibility set; however, the ways in which it is managed has no clear definition. With new ransomware threats, supply chain attacks, and third-party risk in the mix – perhaps a new way to budget risk is required.  Is there an effective way to have a “risk balance sheet” – a way in which the CISO could communicate risk to the rest of the C-suite in a consistent language they would understand? 

    Attend this session to get these questions answered and more.

    Click to Expand

    Collapse This Item

  • Operational Technology (OT) & Industrial Control Systems (ICS): Cybersecurity Concerns 2:45 pm
    Add to Calendar20220713 2:45 pm20220713 3:05 pmAmerica/ChicagoOperational Technology (OT) & Industrial Control Systems (ICS): Cybersecurity Concerns

    Since the Stuxnet worm was first discovered back in 2010, attacks related to SCADA systems have been of concern. While manufacturing and utility organizations tend to talk about them more, there are wide implications across the cybersecurity landscape that touch on ICS and OT systems of all kinds. 

    This session will talk about why these types of attacks represent a primary concern, and what state-of-the-art looks like in terms of building protections.

    .

    Since the Stuxnet worm was first discovered back in 2010, attacks related to SCADA systems have been of concern. While manufacturing and utility organizations tend to talk about them more, there are wide implications across the cybersecurity landscape that touch on ICS and OT systems of all kinds. 

    This session will talk about why these types of attacks represent a primary concern, and what state-of-the-art looks like in terms of building protections.

    Click to Expand

    Collapse This Item

  • Windows 11: Adapt Early or Follow Cautiously? 3:20 pm
    Add to Calendar20220713 3:20 pm20220713 3:40 pmAmerica/ChicagoWindows 11: Adapt Early or Follow Cautiously?

    6 years after the release of Windows 10, Microsoft introduced their new Operating System Windows 11. That fact is causing a lot of IT Departments to evaluate their decision whether it is worth it to make the transition now or not. Especially with a lot of companies still having remote work and older machines in place this decision comes with a few new challenges companies need to be aware of. On the other hand Windows 11 opens up new possibilities with regards to security and efficiency. 

    baramundi will tackle the big questions that IT departments have regarding Windows 11: Should I start planning deployment now or sit tight for a while? How does Microsoft’s latest OS affect endpoint management? And how will it affect endpoint security?

    Presented by baramundi

    6 years after the release of Windows 10, Microsoft introduced their new Operating System Windows 11. That fact is causing a lot of IT Departments to evaluate their decision whether it is worth it to make the transition now or not. Especially with a lot of companies still having remote work and older machines in place this decision comes with a few new challenges companies need to be aware of. On the other hand Windows 11 opens up new possibilities with regards to security and efficiency. 

    baramundi will tackle the big questions that IT departments have regarding Windows 11: Should I start planning deployment now or sit tight for a while? How does Microsoft’s latest OS affect endpoint management? And how will it affect endpoint security?

    Click to Expand

    Collapse This Item

  • Leading Across the Aisle: Achieving DevSecOps Through and Across Teams 3:45 pm
    Add to Calendar20220713 3:45 pm20220713 4:05 pmAmerica/ChicagoLeading Across the Aisle: Achieving DevSecOps Through and Across Teams

    As technology advances to achieve new levels of efficiency, Security and Engineering leaders alike are taking a fresh look at the processes they have in place. “Shifting security left” means making fixes earlier in application development where less time is required from developers and software becomes more secure before it even goes out the door. But for decades, AppSec has evolved around slow and siloed tools.  As automation takes over and AppSec becomes an integrated part of DevOps, a new culture of collaboration and enablement between Security and Engineering is necessary for success.

    Presented by ShiftLeft

    As technology advances to achieve new levels of efficiency, Security and Engineering leaders alike are taking a fresh look at the processes they have in place. “Shifting security left” means making fixes earlier in application development where less time is required from developers and software becomes more secure before it even goes out the door. But for decades, AppSec has evolved around slow and siloed tools.  As automation takes over and AppSec becomes an integrated part of DevOps, a new culture of collaboration and enablement between Security and Engineering is necessary for success.

    Click to Expand

    Collapse This Item

  • Cyber Executive Panel 4:05 pm
    Add to Calendar20220713 4:05 pm20220713 4:50 pmAmerica/ChicagoCyber Executive Panel

    Submit your bio for consideration to participate on our Cyber Executive Panel

    to [email protected] or fill out our Call for Speakers form here.

    .

    Submit your bio for consideration to participate on our Cyber Executive Panel

    to [email protected] or fill out our Call for Speakers form here.

    Click to Expand

    Collapse This Item

  • Day One Closing Session 4:50 pm
    Add to Calendar20220713 4:50 pm20220713 5:00 pmAmerica/ChicagoDay One Closing Session

    .

    Collapse This Item

  • Networking Reception and Happy Hour 5:00 pm
    Add to Calendar20220713 5:00 pm20220713 6:00 pmAmerica/ChicagoNetworking Reception and Happy Hour

    .

    Collapse This Item

  • DAY TWO
  • Welcome / Introductions
  • The Next Class of Browser-Based Attacks 9:30 am
    Add to Calendar20220713 9:30 am20220713 9:50 amAmerica/ChicagoThe Next Class of Browser-Based Attacks

    There are two distinct characteristics that all threat actors tend to share. First, they focus on avoiding detection by any means. Second, while some go after specific targets, many opt to aim their tactics on vectors that will reap the greatest rewards. After all, a big pond with many fish increases everyone’s chances at success. 

    Today, given that a majority of business users spend 75% of their working day in a web browser, it’s quickly become the prime target for cyber swindlers. While malware once had to be downloaded to pose a real risk, now, it’s a dynamically generated threat toolkit built in the web where employees are productive. 

    During this insightful discussion, prepare to learn about the next class of browser-based attacks, but most importantly, share how organizations can protect that productivity. Key takeaways include: 

    • The anatomy of recent browser-based attacks 
    • Exposing why network security today is broken 
    • The technology approach proven to eliminate these threats

    Presented by Menlo Security

    There are two distinct characteristics that all threat actors tend to share. First, they focus on avoiding detection by any means. Second, while some go after specific targets, many opt to aim their tactics on vectors that will reap the greatest rewards. After all, a big pond with many fish increases everyone’s chances at success. 

    Today, given that a majority of business users spend 75% of their working day in a web browser, it’s quickly become the prime target for cyber swindlers. While malware once had to be downloaded to pose a real risk, now, it’s a dynamically generated threat toolkit built in the web where employees are productive. 

    During this insightful discussion, prepare to learn about the next class of browser-based attacks, but most importantly, share how organizations can protect that productivity. Key takeaways include: 

    • The anatomy of recent browser-based attacks 
    • Exposing why network security today is broken 
    • The technology approach proven to eliminate these threats
    Click to Expand

    Collapse This Item

  • Managing the Insider Threat 9:55 am
    Add to Calendar20220714 9:55 am20220714 10:15 amAmerica/ChicagoManaging the Insider Threat

    An adversary who attacks an organization from within can prove fatal to the business and is generally impervious to conventional defenses. Social science research has been used to explain why traditional methods fail against these trusted betrayers.  Every company must identify and utilize new management techniques, increase security, and revise workplace strategies for categorizing and defeating insider threats.

    There are key players in positions to either effectively support or undermine the insider threats.  Leadership style can make a difference in the way an institution recognizes and identifies these threats from rethinking background investigations to recognizing deception and using lawful disruption. Join this session to learn about how organizations must circumvent these predators before they jeopardize the workplace and sabotage business operations.

    .

    An adversary who attacks an organization from within can prove fatal to the business and is generally impervious to conventional defenses. Social science research has been used to explain why traditional methods fail against these trusted betrayers.  Every company must identify and utilize new management techniques, increase security, and revise workplace strategies for categorizing and defeating insider threats.

    There are key players in positions to either effectively support or undermine the insider threats.  Leadership style can make a difference in the way an institution recognizes and identifies these threats from rethinking background investigations to recognizing deception and using lawful disruption. Join this session to learn about how organizations must circumvent these predators before they jeopardize the workplace and sabotage business operations.

    Click to Expand

    Collapse This Item

  • Ransomware: Prevention & Preparation 10:20 am
    Add to Calendar20220714 10:20 am20220714 10:50 amAmerica/ChicagoRansomware: Prevention & Preparation

    Unless you’ve been under a rock, you’ve seen some big ransomware headlines. Moreover, ransomware-as-a-service changes the way many cyber leaders think about this topic, and changes some of the economics related to it. In this panel, our experts will talk about best practices, tactics and tricks for prevention and preparation. Sensitive data is put at risk, huge sums of money are in the balance, and organizations must struggle between expediency and the bottom line. 

    .

    Unless you’ve been under a rock, you’ve seen some big ransomware headlines. Moreover, ransomware-as-a-service changes the way many cyber leaders think about this topic, and changes some of the economics related to it. In this panel, our experts will talk about best practices, tactics and tricks for prevention and preparation. Sensitive data is put at risk, huge sums of money are in the balance, and organizations must struggle between expediency and the bottom line. 

    Click to Expand

    Collapse This Item

  • AI & ML in Cybersecurity: Can We ‘Science the Heck’ Out of Trouble? 11:25 am
    Add to Calendar20220714 11:25 am20220714 11:45 amAmerica/ChicagoAI & ML in Cybersecurity: Can We ‘Science the Heck’ Out of Trouble?

    We get it, Artificial Intelligence (AI) with particular focus on Machine Learning (ML) is one way to overcome advanced threats with particular attention to scale. That said, those terms are thrown at our executives to delight, amaze and confuse them. How do we really discern between them as tools in our kit versus ‘Weapons of Mass Distraction’? 

    .

    We get it, Artificial Intelligence (AI) with particular focus on Machine Learning (ML) is one way to overcome advanced threats with particular attention to scale. That said, those terms are thrown at our executives to delight, amaze and confuse them. How do we really discern between them as tools in our kit versus ‘Weapons of Mass Distraction’? 

    Click to Expand

    Collapse This Item

  • Managing Cloud Risk Without Slowing App Delivery 11:50 am
    Add to Calendar20220714 11:50 am20220714 12:10 pmAmerica/ChicagoManaging Cloud Risk Without Slowing App Delivery

    As organizations move workloads to the cloud they realize their software development approach needs to radically change. Securing the cloud requires a total re-think as well. Although security teams still need to manage access rights, fix vulnerabilities, and detect runtime threats, the techniques have evolved. Learn how the largest financial services, media and software companies address cloud security. You will gain insight into the top security challenges and pragmatic techniques to manage cloud risk without slowing down application delivery. 

    Presented by Sysdig

    As organizations move workloads to the cloud they realize their software development approach needs to radically change. Securing the cloud requires a total re-think as well. Although security teams still need to manage access rights, fix vulnerabilities, and detect runtime threats, the techniques have evolved. Learn how the largest financial services, media and software companies address cloud security. You will gain insight into the top security challenges and pragmatic techniques to manage cloud risk without slowing down application delivery. 

    Click to Expand

    Collapse This Item

  • Lunch Break
  • Keynote Presentation 12:45 pm
    Add to Calendar20220714 12:45 pm20220714 1:05 pmAmerica/ChicagoKeynote Presentation

    .

    Collapse This Item

  • Cloud Clarity in 2022: Strategy, Execution & Alignment 1:50 pm
    Add to Calendar20220714 1:50 pm20220714 2:10 pmAmerica/ChicagoCloud Clarity in 2022: Strategy, Execution & Alignment

    Securely optimizing the cloud for better business outcomes is the product of clear communication of terms and expectations, alignment with business processes and functions, and partnerships among multiple internal and external stakeholders. “Activity” does not equal “progress.”  In this session, attendees will hear about creating definitional clarity, building adaptability, and creating cross-functional, business-wide alignment. 

    .

    Securely optimizing the cloud for better business outcomes is the product of clear communication of terms and expectations, alignment with business processes and functions, and partnerships among multiple internal and external stakeholders. “Activity” does not equal “progress.”  In this session, attendees will hear about creating definitional clarity, building adaptability, and creating cross-functional, business-wide alignment. 

    Click to Expand

    Collapse This Item

  • Managing Risk: Seek Forward Accountability and Assume a Stormy Seas 2:15 pm
    Add to Calendar20220714 2:15 pm20220714 2:35 pmAmerica/ChicagoManaging Risk: Seek Forward Accountability and Assume a Stormy Seas

    While managing risk has always been a part of the CISO office, most resources turn to stopping new ransomware threats, managing supply chain attacks and mitigating third-party vulnerabilities. How can CISOs truly move to managing risk? And by extension, how can they clearly communicate risk, and measure the efficacy of mitigation activities? 

    Join this session to learn how to facilitate the risk conversation with non-technical leaders, determine priorities, and counterbalance cybersecurity considerations against business requirements. This session will also address risk quantification, accounting, budgeting and resourcing, and building more resilience rather than taller walls.

    .

    While managing risk has always been a part of the CISO office, most resources turn to stopping new ransomware threats, managing supply chain attacks and mitigating third-party vulnerabilities. How can CISOs truly move to managing risk? And by extension, how can they clearly communicate risk, and measure the efficacy of mitigation activities? 

    Join this session to learn how to facilitate the risk conversation with non-technical leaders, determine priorities, and counterbalance cybersecurity considerations against business requirements. This session will also address risk quantification, accounting, budgeting and resourcing, and building more resilience rather than taller walls.

    Click to Expand

    Collapse This Item

  • Managing Risk in Today's Cybersecurity Landscape 2:40 pm
    Add to Calendar20220714 2:40 pm20220714 3:10 pmAmerica/ChicagoManaging Risk in Today's Cybersecurity Landscape

    Risk comes from all angles. Users, vendors, partners, systems.  What can security teams improve when attempting to convey ‘risk’ to executive and board level people within an organization?

    In this panel, we will discuss some of the many facets encountered by security leaders in organizations of all sizes, with particular focus on the threat landscape seen across the region. 

    .

    Risk comes from all angles. Users, vendors, partners, systems.  What can security teams improve when attempting to convey ‘risk’ to executive and board level people within an organization?

    In this panel, we will discuss some of the many facets encountered by security leaders in organizations of all sizes, with particular focus on the threat landscape seen across the region. 

    Click to Expand

    Collapse This Item

  • Guest Keynote Presentation 3:35 pm
    Add to Calendar20220714 3:35 pm20220714 3:55 pmAmerica/ChicagoGuest Keynote Presentation

    People often don’t do things they know they should, even when they can benefit. What’s the reason behind this? New research from the National Cybersecurity Alliance reveals the public’s attitudes and beliefs about security, and potential drivers and barriers towards the adoption of secure data security habits. We will share the highlights of this revealing research, and how we can apply such behavioral science insights to develop more effective awareness and behavior change initiatives. In this session, National Cybersecurity Alliance Executive Director Lisa Plaggemier will explore the findings from the organization’s annual survey and outline what can be learned when creating awareness programs.

    .

    People often don’t do things they know they should, even when they can benefit. What’s the reason behind this? New research from the National Cybersecurity Alliance reveals the public’s attitudes and beliefs about security, and potential drivers and barriers towards the adoption of secure data security habits. We will share the highlights of this revealing research, and how we can apply such behavioral science insights to develop more effective awareness and behavior change initiatives. In this session, National Cybersecurity Alliance Executive Director Lisa Plaggemier will explore the findings from the organization’s annual survey and outline what can be learned when creating awareness programs.

    Click to Expand

    Speaker:

    Lisa Plaggemier
    Lisa Plaggemier

    Lisa Plaggemier

    Interim Executive Director at National Cyber Security Alliance (NCA)

    Collapse This Item

  • Beyond SolarWinds: Supply Chain & Third-Party Risk Management for 2022 4:05 pm
    Add to Calendar20220714 4:05 pm20220714 4:25 pmAmerica/ChicagoBeyond SolarWinds: Supply Chain & Third-Party Risk Management for 2022

    Even before SolarWinds Orion Code Compromise, Supply Chain Attacks were up over 400% in 2020. As we move through 2022, this attack vector will continue to  receive tremendous attention. Along with third-party risk in general, partner organizations and software systems with unfettered, privileged, deep access to infrastructure create a “perfect storm” threat for modern cyber executives.  

    In this session we will discuss these challenges in detail, as well as the multiple approaches to identify the best means of using supply chains while keeping the third-party risks at a minimum.

    .

    Even before SolarWinds Orion Code Compromise, Supply Chain Attacks were up over 400% in 2020. As we move through 2022, this attack vector will continue to  receive tremendous attention. Along with third-party risk in general, partner organizations and software systems with unfettered, privileged, deep access to infrastructure create a “perfect storm” threat for modern cyber executives.  

    In this session we will discuss these challenges in detail, as well as the multiple approaches to identify the best means of using supply chains while keeping the third-party risks at a minimum.

    Click to Expand

    Collapse This Item

  • Conference Closing Session 5:25 pm
    Add to Calendar20220714 5:25 pm20220714 5:30 pmAmerica/ChicagoConference Closing Session

    .

    Collapse This Item

  • Networking Reception and Happy Hour 5:30 pm
    Add to Calendar20220714 5:30 pm20220714 6:30 pmAmerica/ChicagoNetworking Reception and Happy Hour

    .

    Collapse This Item

Partners Register