Event Schedule

Times for this Event are in Eastern Time (CDT/CST).

The Conference will be open from 8:00 AM to 6:00 PM Thursday, September 15th.

• Welcome / Introductions
• IAM + WFH - Authentication vs Authorization 8:30 am
  Add to Calendar20220915 8:30 am20220915 8:50 amAmerica/New_YorkIAM + WFH - Authentication vs Authorization

  The “perimeter” concept for organizational security… The castles and moats analogy no longer applies… As we all went to Work From Home quickly – we tested the boundaries of identity and authentication.

  Join this session to discuss the concepts and trends shaping identity and authentication, from IAM to passwordless, and PAM to zero-trust. 

  .

  The “perimeter” concept for organizational security… The castles and moats analogy no longer applies… As we all went to Work From Home quickly – we tested the boundaries of identity and authentication.

  Join this session to discuss the concepts and trends shaping identity and authentication, from IAM to passwordless, and PAM to zero-trust. 

  Click to Expand

  Collapse This Item

• Securing the Modern API Ecosystem 8:50 am
  Add to Calendar20220915 8:50 am20220915 9:10 amAmerica/New_YorkSecuring the Modern API Ecosystem

  APIs are central to digital transformation. Public cloud adoption, modern application architectures, and cloud-native designs capitalize on APIs as a foundational building block. Meanwhile, Gartner predicts that APIs will become the most frequently targeted attack vector by 2022.Attendees of this presentation will learn modern API strategies for security and risk management, including how to perform:

  • API discovery and inventory management
  • continuous vulnerability identification and testing
  • runtime prevention and detection

  Importantly, we will focus on orchestration across business, technology, and security teams to empower API-centric business and technology strategies with a shared, complete picture of API risks from code to production.

  Presented by Noname Security

  APIs are central to digital transformation. Public cloud adoption, modern application architectures, and cloud-native designs capitalize on APIs as a foundational building block. Meanwhile, Gartner predicts that APIs will become the most frequently targeted attack vector by 2022.Attendees of this presentation will learn modern API strategies for security and risk management, including how to perform:

  • API discovery and inventory management
  • continuous vulnerability identification and testing
  • runtime prevention and detection

  Importantly, we will focus on orchestration across business, technology, and security teams to empower API-centric business and technology strategies with a shared, complete picture of API risks from code to production.

  Click to Expand

  Collapse This Item

• Managing Risk: Seek Forward Accountability and Assume a Stormy Seas 9:30 am
  Add to Calendar20220915 9:30 am20220915 9:50 amAmerica/New_YorkManaging Risk: Seek Forward Accountability and Assume a Stormy Seas

  While managing risk has always been a part of the CISO office, most resources turn to stopping new ransomware threats, managing supply chain attacks and mitigating third-party vulnerabilities. How can CISOs truly move to managing risk? And by extension, how can they clearly communicate risk, and measure the efficacy of mitigation activities? 

  Join this session to learn how to facilitate the risk conversation with non-technical leaders, determine priorities, and counterbalance cybersecurity considerations against business requirements. This session will also address risk quantification, accounting, budgeting and resourcing, and building more resilience rather than taller walls.

  .

  While managing risk has always been a part of the CISO office, most resources turn to stopping new ransomware threats, managing supply chain attacks and mitigating third-party vulnerabilities. How can CISOs truly move to managing risk? And by extension, how can they clearly communicate risk, and measure the efficacy of mitigation activities? 

  Join this session to learn how to facilitate the risk conversation with non-technical leaders, determine priorities, and counterbalance cybersecurity considerations against business requirements. This session will also address risk quantification, accounting, budgeting and resourcing, and building more resilience rather than taller walls.

  Click to Expand

  Collapse This Item

• The Evolution of the Threat: Hunting, Detection, & Response 9:50 am
  Add to Calendar20220915 9:50 am20220915 10:10 amAmerica/New_YorkThe Evolution of the Threat: Hunting, Detection, & Response

  Nation-State attacks are not always focused on political or military adversaries. Recently, below-military-grade action can create havoc or destabilize adversaries, or manipulate markets.  Hard to trace and even harder to convict, they may affect stock price or even influence the outcome of elections. 

  Attend to talk about the problem, and see what US enterprises are doing to prepare themselves for these situations.

  .

  Nation-State attacks are not always focused on political or military adversaries. Recently, below-military-grade action can create havoc or destabilize adversaries, or manipulate markets.  Hard to trace and even harder to convict, they may affect stock price or even influence the outcome of elections. 

  Attend to talk about the problem, and see what US enterprises are doing to prepare themselves for these situations.

  Click to Expand

  Collapse This Item

• Protecting Against Cyber Attacks 10:10 am
  Add to Calendar20220915 10:10 am20220915 10:35 amAmerica/New_YorkProtecting Against Cyber Attacks

  We’ve seen the real-world consequences of cyberattacks – from the shutdown of the Colonial Pipeline to the slowing of care for hospital patients, to major disruptions in the food supply lines. The impact of a single attack can be far-reaching and devastating to all those affected. When paired with unprecedented geopolitical uncertainty, it’s never been more important for organizations to be vigilant against bad actors.

  Learn the latest techniques for developing your security posture with this expert panel discussion. Come prepared with your thoughts and questions and gain an insider’s perspective on the latest threats and most effective security strategies during this thoughtful, interactive session.

  .

  We’ve seen the real-world consequences of cyberattacks – from the shutdown of the Colonial Pipeline to the slowing of care for hospital patients, to major disruptions in the food supply lines. The impact of a single attack can be far-reaching and devastating to all those affected. When paired with unprecedented geopolitical uncertainty, it’s never been more important for organizations to be vigilant against bad actors.

  Learn the latest techniques for developing your security posture with this expert panel discussion. Come prepared with your thoughts and questions and gain an insider’s perspective on the latest threats and most effective security strategies during this thoughtful, interactive session.

  Click to Expand

  Collapse This Item

• Moving Beyond Password to Delight & Secure Users 10:55 am
  Add to Calendar20220915 10:55 am20220915 11:15 amAmerica/New_YorkMoving Beyond Password to Delight & Secure Users

  Passwords have been a constant throughout the internet era. As we’ve moved from desktops to smartphones, from on-premises infrastructure to cloud services, we’ve all relied on passwords to access and safeguard our data and resources across the applications we use on a daily basis.

  But in this new digital age where data breaches are rampant, passwords are no longer good enough. Not only are they insecure, they are expensive and offer a poor user experience. Fortunately, there’s a better way to protect your applications and stop account takeover incidents.

  In this session, we’ll discuss the benefits of passwordless authentication and explain how eliminating the password can help improve user experience, admin visibility and control, and scalability. We’ll also walk through key considerations and first steps as you embark on your passwordless journey.

  Presented by Okta

  Passwords have been a constant throughout the internet era. As we’ve moved from desktops to smartphones, from on-premises infrastructure to cloud services, we’ve all relied on passwords to access and safeguard our data and resources across the applications we use on a daily basis.

  But in this new digital age where data breaches are rampant, passwords are no longer good enough. Not only are they insecure, they are expensive and offer a poor user experience. Fortunately, there’s a better way to protect your applications and stop account takeover incidents.

  In this session, we’ll discuss the benefits of passwordless authentication and explain how eliminating the password can help improve user experience, admin visibility and control, and scalability. We’ll also walk through key considerations and first steps as you embark on your passwordless journey.

  Click to Expand

  Collapse This Item

• Cloud Clarity in 2022: Strategy, Execution & Alignment 11:15 am
  Add to Calendar20220915 11:15 am20220915 11:35 amAmerica/New_YorkCloud Clarity in 2022: Strategy, Execution & Alignment

  Securely optimizing the cloud for better business outcomes is the product of clear communication of terms and expectations, alignment with business processes and functions, and partnerships among multiple internal and external stakeholders. “Activity” does not equal “progress.”  In this session, attendees will hear about creating definitional clarity, building adaptability, and creating cross-functional, business-wide alignment. 

  .

  Securely optimizing the cloud for better business outcomes is the product of clear communication of terms and expectations, alignment with business processes and functions, and partnerships among multiple internal and external stakeholders. “Activity” does not equal “progress.”  In this session, attendees will hear about creating definitional clarity, building adaptability, and creating cross-functional, business-wide alignment. 

  Click to Expand

  Collapse This Item

• Lunch Break
• Keynote Presentation 12:10 pm
  Add to Calendar20220915 12:10 pm20220915 12:50 pmAmerica/New_YorkKeynote Presentation

  .

  Collapse This Item

• Windows 11: Adapt Early or Follow Cautiously? 1:10 pm
  Add to Calendar20220915 1:10 pm20220915 1:30 pmAmerica/New_YorkWindows 11: Adapt Early or Follow Cautiously?

  6 years after the release of Windows 10, Microsoft introduced their new Operating System Windows 11. That fact is causing a lot of IT Departments to evaluate their decision whether it is worth it to make the transition now or not. Especially with a lot of companies still having remote work and older machines in place this decision comes with a few new challenges companies need to be aware of. On the other hand Windows 11 opens up new possibilities with regards to security and efficiency. 

  baramundi will tackle the big questions that IT departments have regarding Windows 11: Should I start planning deployment now or sit tight for a while? How does Microsoft’s latest OS affect endpoint management? And how will it affect endpoint security?

  Presented by baramundi

  6 years after the release of Windows 10, Microsoft introduced their new Operating System Windows 11. That fact is causing a lot of IT Departments to evaluate their decision whether it is worth it to make the transition now or not. Especially with a lot of companies still having remote work and older machines in place this decision comes with a few new challenges companies need to be aware of. On the other hand Windows 11 opens up new possibilities with regards to security and efficiency. 

  baramundi will tackle the big questions that IT departments have regarding Windows 11: Should I start planning deployment now or sit tight for a while? How does Microsoft’s latest OS affect endpoint management? And how will it affect endpoint security?

  Click to Expand

  Collapse This Item

• The Risk Management “Balance Sheet” 1:30 pm
  Add to Calendar20220915 1:30 pm20220915 1:50 pmAmerica/New_YorkThe Risk Management “Balance Sheet”

  Managing risk has always been a part of the CISO responsibility set; however, the ways in which it is managed has no clear definition. With new ransomware threats, supply chain attacks, and third-party risk in the mix – perhaps a new way to budget risk is required.  Is there an effective way to have a “risk balance sheet” – a way in which the CISO could communicate risk to the rest of the C-suite in a consistent language they would understand? 

  Attend this session to get these questions answered and more.

  .

  Managing risk has always been a part of the CISO responsibility set; however, the ways in which it is managed has no clear definition. With new ransomware threats, supply chain attacks, and third-party risk in the mix – perhaps a new way to budget risk is required.  Is there an effective way to have a “risk balance sheet” – a way in which the CISO could communicate risk to the rest of the C-suite in a consistent language they would understand? 

  Attend this session to get these questions answered and more.

  Click to Expand

  Collapse This Item

• 2022 Trends & Directions 1:50 pm
  Add to Calendar20220915 1:50 pm20220915 2:15 pmAmerica/New_York2022 Trends & Directions

  If 2022 has taught us anything so far, it’s that cybercriminals are still coming up with new ways to cash in. But with nearly half the year behind us, what can we anticipate for the rest of the year? Following a Shields Up warning from the Cybersecurity and Infrastructure Security Agency (CISA) in February, organizations and individuals have been encouraged to be more vigilant than ever. 

  Get insights on the latest in security from experts who live on the leading edge of cybersecurity technology. You’ll hear from industry luminaries on some of the newest tactics for defending against unprecedented attacks. Get a better sense of how your organization can spend the rest of 2022 with a security strategy that will set you up for success during this insightful discussion. 

  .

  If 2022 has taught us anything so far, it’s that cybercriminals are still coming up with new ways to cash in. But with nearly half the year behind us, what can we anticipate for the rest of the year? Following a Shields Up warning from the Cybersecurity and Infrastructure Security Agency (CISA) in February, organizations and individuals have been encouraged to be more vigilant than ever. 

  Get insights on the latest in security from experts who live on the leading edge of cybersecurity technology. You’ll hear from industry luminaries on some of the newest tactics for defending against unprecedented attacks. Get a better sense of how your organization can spend the rest of 2022 with a security strategy that will set you up for success during this insightful discussion. 

  Click to Expand

  Collapse This Item

• An Adversary-Focused Approach to Cybersecurity Defenses 2:35 pm
  Add to Calendar20220915 2:35 pm20220915 2:55 pmAmerica/New_YorkAn Adversary-Focused Approach to Cybersecurity Defenses

  Recent years have seen great progress in the enumeration and categorization of adversary TTPs. However, these frameworks and matrices are often cumbersome and unwieldy because they attempt to be “all things for all people”, listing every possible adversary and their TTPs. This presentation will take these frameworks and matrices as inputs and focus them on the specific adversaries and attack types that are relevant to your organization, so that you can be more efficient with your cybersecurity prevention and detection efforts.

  Presented by eSentire

  Recent years have seen great progress in the enumeration and categorization of adversary TTPs. However, these frameworks and matrices are often cumbersome and unwieldy because they attempt to be “all things for all people”, listing every possible adversary and their TTPs. This presentation will take these frameworks and matrices as inputs and focus them on the specific adversaries and attack types that are relevant to your organization, so that you can be more efficient with your cybersecurity prevention and detection efforts.

  Click to Expand

  Collapse This Item

• 2022 Threat Review: Cyberprotection Starts With Understanding the Latest Attacks, Cybercrimes, and Privacy Breaches 2:55 pm
  Add to Calendar20220915 2:55 pm20220915 3:15 pmAmerica/New_York2022 Threat Review: Cyberprotection Starts With Understanding the Latest Attacks, Cybercrimes, and Privacy Breaches

  The Malwarebytes 2022 Threat Review is an annual report highlighting internal threat research findings and trends. The report highlights top threats across operating systems, how privacy has shifted, and the ways cybercriminals and crimes are evolving, with the goal of giving readers the tools to make informed cyber protection decisions.

  Presented by Malwarebytes

  The Malwarebytes 2022 Threat Review is an annual report highlighting internal threat research findings and trends. The report highlights top threats across operating systems, how privacy has shifted, and the ways cybercriminals and crimes are evolving, with the goal of giving readers the tools to make informed cyber protection decisions.

  Click to Expand

  Speaker:

  Adam Kujawa

  Adam Kujawa

  Director of Malwarebytes Labs

  Collapse This Item

• Guest Keynote Presentation 3:15 pm
  Add to Calendar20220915 3:15 pm20220915 3:45 pmAmerica/New_YorkGuest Keynote Presentation

  .

  Collapse This Item

• Operational Technology (OT) & Industrial Control Systems (ICS): Cybersecurity Concerns 4:05 pm
  Add to Calendar20220915 4:05 pm20220915 4:25 pmAmerica/New_YorkOperational Technology (OT) & Industrial Control Systems (ICS): Cybersecurity Concerns

  Since the Stuxnet worm was first discovered back in 2010, attacks related to SCADA systems have been of concern. While manufacturing and utility organizations tend to talk about them more, there are wide implications across the cybersecurity landscape that touch on ICS and OT systems of all kinds. 

  This session will talk about why these types of attacks represent a primary concern, and what state-of-the-art looks like in terms of building protections. 

  .

  Since the Stuxnet worm was first discovered back in 2010, attacks related to SCADA systems have been of concern. While manufacturing and utility organizations tend to talk about them more, there are wide implications across the cybersecurity landscape that touch on ICS and OT systems of all kinds. 

  This session will talk about why these types of attacks represent a primary concern, and what state-of-the-art looks like in terms of building protections. 

  Click to Expand

  Collapse This Item

• Managing the Insider Threat 4:25 pm
  Add to Calendar20220915 4:25 pm20220915 4:45 pmAmerica/New_YorkManaging the Insider Threat

  An adversary who attacks an organization from within can prove fatal to the business and is generally impervious to conventional defenses. Social science research has been used to explain why traditional methods fail against these trusted betrayers.  Every company must identify and utilize new management techniques, increase security, and revise workplace strategies for categorizing and defeating insider threats.

  There are key players in positions to either effectively support or undermine the insider threats.  Leadership style can make a difference in the way an institution recognizes and identifies these threats from rethinking background investigations to recognizing deception and using lawful disruption. Join this session to learn about how organizations must circumvent these predators before they jeopardize the workplace and sabotage business operations.

  .

  An adversary who attacks an organization from within can prove fatal to the business and is generally impervious to conventional defenses. Social science research has been used to explain why traditional methods fail against these trusted betrayers.  Every company must identify and utilize new management techniques, increase security, and revise workplace strategies for categorizing and defeating insider threats.

  There are key players in positions to either effectively support or undermine the insider threats.  Leadership style can make a difference in the way an institution recognizes and identifies these threats from rethinking background investigations to recognizing deception and using lawful disruption. Join this session to learn about how organizations must circumvent these predators before they jeopardize the workplace and sabotage business operations.

  Click to Expand

  Collapse This Item

• Cyber Executive Panel 4:45 pm
  Add to Calendar20220915 4:45 pm20220915 5:30 pmAmerica/New_YorkCyber Executive Panel

  Submit your bio for consideration to participate on our Cyber Executive Panel

  to [email protected] or fill out our Call for Speakers form here.

  .

  Submit your bio for consideration to participate on our Cyber Executive Panel

  to [email protected] or fill out our Call for Speakers form here.

  Click to Expand

  Collapse This Item

• Conference Closing Session 5:20 pm
  Add to Calendar20220915 5:20 pm20220915 5:30 pmAmerica/New_YorkConference Closing Session

  .

  Collapse This Item

• Happy Hour Networking Reception 5:30 pm
  Add to Calendar20220915 5:30 pm20220915 6:30 pmAmerica/New_YorkHappy Hour Networking Reception

  .

  Collapse This Item