Vancouver

In today's complex threat landscape, organizations face a constant barrage of emerging threats. This session will delve into the top cyber attack vectors and how organizations can combine proactive and reactive defenses for a robust, multi-layered cybersecurity strategy to combat them. We'll delve into the importance of a layered approach, proactive measures like threat intelligence, reactive measures like threat hunting and incident response, and how to integrate these approaches effectively.

In this engaging session, Tom Fitzgerald will recount the story of how he successfully stole millions of dollars' worth of corporate secrets from a major international airline during a penetration test. Through this captivating narrative, Tom will share the exact methods he used—highlighting social engineering, physical access, and exploitation of weak security practices. He'll then discuss how he would approach it today, with updated techniques that exploit the same vulnerabilities many companies still overlook. Attendees will leave with a new understanding of just how vulnerable organizations can be to social engineering and physical attacks. Tom encourages everyone at the conference to ask themselves, and the vendors they meet, one critical question: How are you going to protect against people like me?

Protecting today’s complex systems across 100s or thousands requires better overall observability. MySQL built-in Telemetry can • Emit up to 400 different metrics • Link together trace data from a browser through apps and micro servers, to the mysql driver down into the server itself. • Provide the telemetry data need to see who made what call from where and more up the stack • Cross reference data from traces, to metrics, to logs. • And more MySQL did this by leveraging the CNCFs OpenTelemetry libraries by building them directly into the MySQL product. In this talk I’ll dive into the MySQL Telemetry data to show what exactly MySQL can emit that can be used to improve security • Trigger events that indicate attacks • Provide data for attack analysis • Find the attack trail and track down the bad guys • Proactively spot and flag weaknesses and deficiencies I’ll show how simple MySQL Telemetry is to set up and configure. All while avoiding data leakage via that data and avoiding usage of privileges accounts typically needed by polling agent methods, removing yet another surface area that can be attacked.

With cybersecurity, success is not solely determined by technological fortifications but by the collaboration, synergy, and unified efforts of an organization. This keynote delves into the strategic imperative of treating cybersecurity as a “team sport.” Hear insights into the CISO’s playbook, exploring the vital role of cross-functional collaboration, organizational culture, and effective communication in achieving cybersecurity triumphs. Learn how fostering a united front can elevate your organization’s resilience and position it as a formidable force against evolving cyber threats.

In an era dominated by digital disruption, the evolving threat landscape has forced organizations to reevaluate their cybersecurity posture. The surge in ransomware attacks, with their unpredictable patterns, has underscored the urgent need for a resilient data protection strategy by costing organizations both big and small millions of dollars in downtime and data loss. In this presentation, join Shariq Aqil in discussing the importance of deploying Cyber Vaults as a linchpin in fortifying your data's defenses. This presentation will address the current trends and challenges encountered by many organizations in cyber recovery, uncover the best practices related to the design and architecture of on-premises Cyber Vaults, and how to integrate the essential elements of an Isolated Recovery Environment (IRE) and Immutable Data Vault (IDV) to create a cohesive approach to remaining resilient against cyber threats. Explore the imperative of Cyber Vaults in the modern cybersecurity landscape, shedding light on proactive measures to safeguard data and stand resilient against the rising tide of ransomware.

In today's cloud security landscape, Cloud Detection and Response (CDR) plays a pivotal role in safeguarding enterprise environments against sophisticated cyber threats. Interestingly, the classic game "Guess Who?" offers a surprisingly apt metaphor for understanding the principles and processes underpinning CDR. "Guess Who?" involves players deducing their opponent's chosen character through a series of yes-or-no questions, systematically narrowing down possibilities based on observable characteristics. Similarly, CDR involves identifying and responding to security threats by continuously monitoring cloud environments, analyzing data in real time, and employing investigative techniques to filter out benign activities from potential security incidents. Both rely on a process of elimination, pattern recognition, and strategic questioning to reach a conclusive identification.

Most IT and technical professionals overlook their foundational people skills. The ability to inspire, to lead, to rally a team. These are skills that most technical professionals do not take the time to develop and strengthen. This talk will identify the hidden leadership traits (authenticity, vulnerability, empathy, and kindness. This talk will provide practical and actionable ways for you to start unleashing your hidden inner leader!

Cyber threats are a daily occurrence, it’s easy to feel overwhelmed by the sheer volume of incidents and data flooding your systems. But what if every hack, breach, or phishing attempt held the key to smarter decision-making and stronger security?