with Craig Pfister from Kiteworks
Abstract: As organizations struggle with a slew of tools for managing their sensitive data (file transfers, email, collaboration, and storage), they leave themselves open to security vulnerabilities, compliance risks, and operational inefficiencies. Attend this session to learn how you can consolidate functions like managed file transfer (MFT), SFTP, secure email, APIs, web forms, collaboration, and file storage into a single, unified platform.
Organizations can now streamline how they securely share, collaborate on, and store sensitive data throughout its entire lifecycle. This unmatched convergence of critical capabilities enables organizations to eliminate security gaps, ensure compliance, reduce costs, and drive productivity across the enterprise – all while benefiting from unparalleled visibility, control and governance over their confidential content.
with Adib Sarakby from Axonius
Abstract: With the Axonius Platform, you don’t have to wonder about what’s hiding in your environment. Gain 100% visibility into everything that matters – all devices, users, SaaS applications, software, vulnerabilities… absolutely everything. No asset will remain unseen.
Book time to learn how Axonius can help you:
1. Get a complete inventory of all assets
2. Identify security coverage and configuration gaps
3. Automate policy enforcement, alert triage, and other manual actions
with Adib Sarakby from Axonius
Abstract: Complexity is the new norm for security. Today, more than ever before, security teams are under pressure to deliver fast, continuous, and reliable services to the business.With so many tools and an abundance of data at their fingertips, you’d think it would be easier for security and operations teams to find and fix issues that could lead to a data breach, network outages, inaccessible systems or data, and much more. But making sense out of sprawling IT ecosystems requires going back to security basics.
In this session, Adib Sarakby with Axonius, will discuss why we have to focus on our foundations — asset hygiene — as a means to meeting today’s business demands. In addition to demos, topics discussed will include:
“Why is network visibility so hard?” How your security team can accurately identify assets and make sense of your IT ecosystem.
“What’s impacting performance?” It is more than what’s communicating on your networks. How you can use the data that’s already available to you to baseline and remediate problems before they become security events.
“How do I create a sustainable program?” How to ensure an effective asset management program that will make you a true business enable
Abstract: Join us for a very candid conversation about the current challenges facing security leadership in the healthcare, insurance and infrastructure industries. We will be discussing topics ranging from advance social engineering threat, the cause of recent cyberattacks, securing AI and how to lead high stress/high burnout teams.
A panel discussion with local CISO rockstars Scott Dresen, Trevor Bidle and Jorel VanOs
with Robert Wagner
Abstract: Small businesses often face significant challenges in defending their organizations with limited budgets. This talk will provide valuable insights into budget-friendly approaches to long-standing cybersecurity issues, helping small and medium-sized businesses (SMBs) improve their security posture without excessive costs. Attendees will learn how to navigate the delicate balance between driving digital innovation and managing the risks of cyber threats and data breaches. We’ll explore the obstacles that prevent smaller companies from accessing affordable security resources and offer practical solutions to overcome these hurdles.
with Mark Carosella from Torq
Abstract: In today’s rapidly evolving cyber landscape, artificial intelligence (AI) has become a double-edged sword, empowering both attackers and defenders in unprecedented ways. This presentation will explore the dynamic role of AI in security operations, focusing on three critical aspects:
AI-Driven Cyber Threats: An Emerging Advantage for Attackers We will delve into how AI is being utilized by cybercriminals to enhance the sophistication and effectiveness of their attacks. By automating reconnaissance, generating evasive malware, and conducting adaptive social engineering, attackers are gaining a significant edge. Understanding these AI-driven tactics is crucial for defenders to anticipate and mitigate advanced threats.
Defensive AI: Leveling the Playing Field The defensive landscape is evolving as security teams increasingly integrate AI into their operations. We will examine how AI is being deployed to detect anomalies, predict potential threats, and automate incident response.
AI-Enabled Hyperautomation: Addressing Modern Threats In the final segment, we will explore the concept of AI-enabled hyperautomation and its transformative potential in security operations. By combining AI with advanced automation technologies, security teams can achieve unprecedented efficiency and agility. We will discuss how hyperautomation can streamline complex workflows, reduce response times, and enhance overall threat management. This high-level overview will provide insights into how security operations can leverage these cutting-edge technologies to stay ahead of attackers and maintain a robust defense posture.
with Jackie McGuire from Cribl
Abstract:The rapid evolution of IT and security demands robust data infrastructure to handle increasing volumes of telemetry and logs, driven further by AI advancements. However, most organizations lack the infrastructure to manage this data surge effectively.
Traditional data collection methods are fragmented and inefficient, creating silos and complicating data integration. Manual parsing and routing of diverse data sources become unsustainable, hampering analytics and data utilization. Moreover, regulatory requirements for prolonged data storage add to the complexity and cost, leaving little budget for modernization. Combining an iterative modernization strategy with a data maturity model provides a clear roadmap.
This approach helps organizations understand their current state, identify urgent modernization areas, and measure progress. Leaders, architects, and operators can systematically enhance data management capabilities, aligning efforts with organizational goals.
What You’ll Learn
-What data modernization is and how it impacts the work IT and security professionals do every day
-What a data maturity model is, what different states of maturity look like, how to determine where an organization is at, and how to measure progress
-Tools and techniques to de-risk the upgrade process
-Strategies for aligning project, department, and enterprise goals
with Kathleen Kuczma from Recorded Future
Abstract: Immerse yourself in security-themed challenges to contend for the top spot on the leaderboard. There will be prizes so be sure to bring the heat!!
Resilience is an organization’s ability to continuously deliver upon their goals, despite adverse events. During this session, uncover how Threat Intelligence can help organizations build resilience against unexpected threats. Test your skills with a CTF as you hunt for indicators of compromise (IoCs) associated with threat actors and investigate leaked credentials.
with Kathleen Kuczma from Recorded Future
Abstract:Join us for an engaging discussion on the Economist’s Word of the Year and essential Gen AI concepts. We’ll review cyber trends from 2023 that have continued into 2024. Our session will also demystify possible logical fallacies in AI, explore the intelligence lifecycle, and illustrate how Gen AI supports intelligence requirements and threat actor research. I’ll share insights into my AI toolset, highlight influential thinkers, and suggest must-read materials. All of this with poll questions and musical references through!
with Yiannis Vassiliades from ZScaler
Abstract:How AI presents challenges, and opportunities, for effective data protection programs
Generative AI platforms like ChatGPT represent yet another opportunity for sensitive data to leak from organizations. This is on top of an expanding roster of remote endpoints, public cloud instances, and SaaS applications in widespread use today that make the practice of data loss prevention seem almost insurmountable. But while AI has in some ways made data protection more difficult, its capabilities can also be put to effective use by defenders. Join this session to learn how AI enables critical data protection capabilities including automated discovery, public cloud configuration, and generative AI governance.
Discussion Topic 1: AI challenges to data protection
Does your organization allow the use of third-party AI tools? If so, how do you ensure sensitive data isn’t an input? If not, how do you ensure GenAI tools aren’t used as shadow IT?
In what applications or functions do you think GenAI could improve your organization’s productivity? How do you plan to do that?
How do you evaluate the data privacy policies of GenAI tools your organization uses or is considering using? Have you updated your own data privacy policies to include GenAI risks?
Discussion Topic 2: How AI can facilitate effective data protection
How would you categorize the maturity of your current data protection program? Do you have a strong sense of what data exists across cloud, endpoint, IoT/OT devices?
How are you currently categorizing data and do these designations apply inline, in the cloud, and on endpoint devices? Do these categorizations cross over?
How are your organization’s DLP rules currently developed and administered today?
Would you say your organization dedicates adequate resources to data protection? Is dedicating adequate resources a likely prospect in the short to medium term?
with Ally Frame from Netskope
Abstract: Ally Frame, Assistant Manager of Security Operations for Netskope will be presenting on automation best practices and tools that you can use in your SOC environment.
Abstract: Threat Intelligence is an overused and abused “lingo” like “AI”. Here we talk about the difference between signal intel and actionable intel. Walk up and swing hard on curating your own intelligence specific to your business and score a run through intel sharing and data-driven insights leading to better prioritization, understanding, and application of threats and threat detection.
with Chris Zimmerman from Wiz
Abstract: As cloud adoption expands, security teams are faced with securing an increasingly complex cloud estate. Keeping pace requires a new approach. Completely agentless, CNAPPs take minutes to set up and enable security teams to unify a fragmented security stack and empower cloud engineers to take action. CNAPPs remove friction and highlight critical risks so that engineering teams have the incentive and context needed to remediate without security team oversight.
with Joe Gonzalez from Cyberhaven
Abstract:In today’s digital world, data moves between endpoints and the cloud, creating security challenges. This session, “Beyond the Cloud: Securing Data Journeys from Endpoint to Cloud and Back,” will explore how endpoint Data Loss Prevention (DLP) and data lineage technology can track and protect data throughout its lifecycle.
Learn how continuous tracking prevents data leaks, ensures compliance, and monitors AI-generated data. We’ll share real-world examples and best practices for maintaining robust data security, ensuring your data stays safe wherever it goes.
with Eric Johnson from Cohesity
Abstract: The age of artificial intelligence (AI) has ushered in a new era where deep insights and learnings can be unlocked from your data. These advancements mean organizations can get augmented information from their business data by using natural language questions instead of data queries.
Cohesity just launched the industry’s first generative AI-powered conversational search assistant to help businesses transform secondary data into knowledge.
Data Insights with Cohesity Gaia enables organizations to make smarter and faster business decisions by bringing the power of retrieval-augmented generative (RAG) AI to unlock deep learnings and novel insights from their data Whether you need more insights into your organization’s compliance posture, need to conduct an eDiscovery exercise, or want to be smarter about prior customer engagements, Cohesity Gaia can unlock value for your organization.
Cohesity Gaia can transform your data into knowledge.
Key Benefits
with Tara Jaques from Tenable
Abstract:This presentation explores the imperative need for a robust Cyber Exposure Management Program as a proactive strategy to mitigate cyber risks and fortify organizational resilience in the cloud and on-prem
with Joe Davolos from Aviatrix
Abstract: Cloud architects, CIOs and CISOs will learn how their peers are reducing the complexity and costs of network security in the cloud. We will show exactly how enterprises are saving tens of thousands to millions of dollars annually by removing expensive licenses, compute, cloud data processing costs tied to using “Last Generation Firewall” architecture in the cloud.
In addition to cost benefits, find out how the convergence of cloud networking and security brings policy inspection and enforcement into the natural path of traffic to improve performance, strengthen compliance, boost cyber resiliency, and accelerate cloud infrastructure automation projects.
with AppOmni
Abstract: After a brief demo attendees will work through multiple challenges to understand risk within SaaS Applications such as:
Please bring your laptop as this will be a hands-on CTF
with AppOmni
Abstract: 78% of organizations store their critical data in SaaS applications, relying on SaaS platforms to conduct business. Consequently, SaaS now represents one of the largest attack surfaces that businesses must safeguard.
Why has SaaS become the new battleground in cybersecurity and how are attacks happening?
with Ashley Bull from ProofPoint
Abstract: Humans accidentally and intentionally expose their organizations to infinite variations of risk, challenging security teams to stop the unknowable. Join Proofpoint to learn how augmenting your threat and data defenses with behavioral AI automatically detects threats in users’ inboxes and prevents sensitive data from ending up in the wrong hands. In this session, we’ll demonstrate how organizations can leverage behavioral AI to prevent costly email security incidents.
with Shane Coleman from Cyera
Abstract: Data is undoubtedly one of the most powerful and valuable commodities that a business owns. How do you manage and secure this data so you can leverage it? The truth is that the explosion in growth and complexity of data we’re seeing today is so massive that manual data security efforts and human involvement simply can not keep pace. In this session, Share will share unique insight on how to significantly improve data security along with strategies you can implement today.
with Amelia Scudamore from Nexum
Abstract: The pros and cons of AI in cloud computing, top uses of AI in cloud computing, and the future of AI in cloud computing.
with Joe Raschke from Saviynt
Abstract: As cybersecurity technologies evolve, so does your attack surface. This session will discuss fixing broken processes and pivoting from network, device, and application security into an identity-based approach.
Joe will show you how to leverage past approaches to risk-based analysis and tie it to program value and specific outcomes—not just outputs.
Topics include:
History of cybersecurity – patching holes!
Standards-based rules of the road
Compliance and audit programs
Devil’s Details: identity is the heart of the matter
Approach and align business enablement through people, processed, and then technology
Document the value of your program
Get engaged – Identity and show value – Show impact – tell a complete story – be a real hero!
with Robert Anderson from Check Point
The internet is the new corporate network, leading organizations to shift to secure access service edge or SASE solutions. However, current SASE solutions break the user experience with slow connections and complex management.
Harmony SASE offers a game-changing alternative by delivering 2x faster internet security combined with full mesh Zero Trust Access and optimized SD-WAN performance—all with an emphasis on ease-of-use and streamlined management.
by Jordan Weiss from Check Point
Managing cyber risk is always complex, and managing risk in the cloud is even more complicated- as cloud-native applications change and scale 100 times faster.
Today’s cloud environment needs more context to provide better security at cloud speed and scale. CloudGuard CNAPP goes beyond simple posture management and workload protection to automate security throughout the software development lifecycle – from code to cloud.
with Jeff Richardson from Checkpoint
Traditional email solutions like Secure Email Gateways (SEG) are not built for the cloud. They are external to the cloud architecture and only cover email, leaving other SAS applications vulnerable. Perhaps you have looked at some Next Gen API solutions but found they only remove attacks Post-delivery of the email.
Statistically, malicious emails are removed after 2.5 minutes, which is too late since a user will open, read, and click links in an email in just over a minute. HEC is a cloud native solution that is API-based and can block threats before they reach the end users inbox. It runs as a last layer to eliminate what the default security or your existing layers miss.
with Laura Thayer
Abstract: Laura Thayer brings her expertise to discuss how you can best partner with your organization to get projects approved, improve overall security and enable your business to move faster and more secure.
with Rob Campbell
Abstract:
with Charles ‘Chip’ Bowden
Abstract:
with Yasser Fuentes from Bitdefender
Abstract: In this presentation we will highlight the importance of Cloud Security from a holistic standpoint. We will also go over the different areas & workload types and share best practices as well as suitable security controls and recommendations.
with Shane Harsch from Sentinel One
Abstract: As cloud visibility matures, how do we pull it all together? What do these acronyms mean, and what promise does complete visibility across your cloud infrastructure look like? How do we keep secrets from leaking? We will explore each of these data sets together, discuss secrets scanning, agentless vulnerability scanning, continuous offensive security testing of your cloud, and more.
with Steve Shelton from Greenshoe Consulting
Abstract: Are you feeling overwhelmed by the demands of your job? Join CloudCon Keynote speaker Steve Shelton to learn effective strategies for managing stress and preventing burnout.
Gain valuable insights and discover practical techniques to maintain a healthy work-life balance. Don’t let stress take a toll on your journey – reserve your spot now!