Atlanta Cybersecurity Conference

Security must improve to protect our enterprises. The old-way of buying “point security solutions” is not working, as these solutions are not integrated, don’t correlate, use different risk scoring, etc. The new and improved method of securing an enterprise is to use a unified and continuous threat exposure management solution, which solves the issues that plague organizations trying to work with their disparate solutions. In this workshop, 19X Microsoft MVP Derek Melber will guide you through the specifics of what a typical exposure management platform includes, focusing on the details so you can immediately update your existing solutions. The workshop will show you how to verify existing security settings, using scripts and PowerShell, to verify that your current solutions are not functioning the way you would expect. This exposure to the reality of your existing security will be eye-opening and become the foundation for moving to a unified exposure management platform! Come prepared to learn a ton, have a list of action items to perform when you get back to the office, and overall learn about:

• What security settings you need to verify today, to ensure you are secure TODAY!
• How you alter your security mindset to secure your network from attacks
• What is included in a unified continuous threat exposure management platform
• What should you look for in a unified CTEM platform

This workshop will be “demo driven” and “action item driven”. Meaning, you will see the scripts and PowerShell commands in action, live (No pathetic recordings!). You will have explanations of each and every setting discussed, so you know the “why” of what you need to verify. 

AI might be all the hype for consumers and “Business Transformation “experts” but we security professionals know that AI and ML is not just an arms race but perhaps the essential ingredient in your stack to stay ahead of the next attack. 

In this talk Tom Ertel, SEVP, Technical Sales & Strategic Accounts at Seceon, shares an anatomy of the MGM attack of September 2023. He will dig in and share the details of the attackers techniques and tactics. You’ll see how by combining social engineering, tools, 3rd party applications all failed what MGM thought was sophisticated reconnaissance.

You will learn: 

• AI vs. AI - How to determine real AI vs. a “veneer of AI” and LLMs vs. AI in the cybersecurity threat detection context.
• Why tools and time work against most teams.
• The most common failure point - people - how AI can break through biases and be a valuable indicator of behaviour.

Is your cloud deployment a time bomb? Discover how DevSecOps is evolving to eradicate application misconfigurations before they trigger a devastating breach. Learn best practices and see a real-world case study that exposes the hidden risks in your open-source IaC. The future of secure development is here – are you ready?

Becoming an intelligence-driven security organization is key to defending against the volume and veracity of modern cyber actors: In this presentation we'll dig into the Dark Web, in particular the cybercriminal underground, to explore real-world examples of how dark web threat intelligence can be used to stop breaches before they even happen.

Navigating the challenges and requirements facing a CISO in today's complex business environment.

This educational key note will offer leadership training and techniques to more effectively manage teams. This methodology will offer insight into holistic security practices and help to develop self awareness.

In the cybersecurity world, Red, Blue, and Purple teams have established their roles in fortifying defenses and improving organizational resiliency. However, the spotlight often bypasses a crucial player—the Yellow Teams—operating at the intersection of development, IT, and the cloud. 

Using the familiar color wheel analogy, this insightful discussion describes the yellow team’s pivotal role in fortifying software and infrastructure by seamlessly integrating Red and Blue techniques – improving tech resiliency. Key topics include: 

• Unveiling the essentials for tech-savvy professionals to integrate security 
• Crafting a vibrant palette: transforming Yellow Teams into dynamic orange and green forces 
• The collective advantage: reducing risk via confident, resilient teams

Book Signing by Keynote Speaker and Author Ed Adams: In See Yourself in Cyber: Security Careers Beyond Hacking, information security strategist and educator Ed Adams delivers a unique and insightful discussion of the many different ways the people in your organization—inhabiting a variety of roles not traditionally associated with cybersecurity—can contribute to improving its cybersecurity backbone. You’ll discover how developers, DevOps professionals, managers, and others can strengthen your cybersecurity. You’ll also find out how improving your firm’s diversity and inclusion can have dramatically positive effects on your team’s talent.

Addressing the role Infosec teams take as protective parent to their organization and the importance of sticking to security fundamentals.

Data protection is not enough. Data resilience planning and design are necessary in the Ransomware world we currently live.

All too often, InfoSec leaders are in an uphill battle, armed with inadequate budgets and understaffed teams. They also must contend with stressed-out staff, and stakeholders resisting their efforts and excluding them from pivotal discussions. Fighting off external threats while struggling with these internal challenges is stressful and perilous. It increases risk to the organization, causes burnout on the team, and limits opportunities for advancement.In this talk, we will share essential strategies for getting your message heard and understood so you can gain the resources, compliance, and respect you and your team need to be able to thrive.