Day 1 - 5 October 2022
Presentation: There is No Free Lunch – Securing Third-Party Software Supply Chain
- In this talk, we will present the third party software supply chain attacks and defenses on web and mobile applications, and how ThreatModeling can help identify supply chain threats.
- We will then discuss third party assessments and how Risk Management plans can then be developed to mitigate vulnerabilities presented from the increased threat surface created by third party vendor tools and SDKs.
Presentation: Why Third Party Risk Management Should be Central to Your Cybersecurity Strategy
- Why is it important to assess vendor risk management?
- How to develop effective strategies for addressing higher risk vendors.
- Implementing ongoing oversight utilizing metrics and external alerts.
CISO, VP of Information Security
12:15PM - Day 2
11:15AM - Day 1
Panel: Addressing Cloud Computing Vulnerabilities
- Discussing how to prevent compliance violations.
- Understanding future cloud-based threat vectors; insecure APIs, hijacking, data breaches, malicious insiders & more.
- Recognising the pitfalls of misconfiguring cloud storage.
Presentation: How to Utilize the Public Cloud for the Most Sensitive Data Without Compromise
- Discussing the recent changes in public cloud technology and how Confidential Computing can be used to lock-down data and create a trusted environment, even in an environment shared by other customers, open to third parties, and in a geography that is considered untrusted.
- Discovering how Enterprises can embrace the cloud and protect confidential data like PII, PHI, and more without recoding or refactoring applications.
- Examining the benefits of Confidential Computing for protecting sensitive workloads and applications.
Lunch & Networking
eviewing what we mean by a Smart City.Real Projects Discussed: Innovate Las Vegas.
Presentation: Symbiosis – How to Build and Scale a Data Privacy Team
To Follow Soon…
Presentation: What Every Organization Needs to Know About Using Zero-Trust Architecture to Strengthen their Security Profile
It’s become imperative for organizations from Main Street to the DoD to fundamentally rethink cyber security. It’s not something that any business can ignore; it’s a new operational reality and part of the cost of doing business. Yet too often we hear from organizations that haven’t planned or budgeted for cybersecurity—they aren’t prepared to make the investment or do the hard work.
CISA’s Zero Trust Maturity Model provides an excellent roadmap for organizations with a crawl-walk-run approach to maturing cybersecurity practice.
In this presentation, DTS Director of Cybersecurity Derek Kernus and Managing Principal Edward Tuorinsky will present both the technical thinking around Zero Trust and a leadership perspective as they discuss:
- The key element of zero-trust
- Why it’s the right model to use
- The steps involved in implementing a zero-trust architecture
- The role of culture and leadership in adoption
- Additional benefits gained through robust cybersecurity
Policies and processes are one challenge but any security effort’s success ultimately comes down to people and culture. Zero trust may require a change in an organization’s mindset around cybersecurity, but it’s an essential need for every organization.
Program Manager for Privacy and Compliance
02:05PM - Day 1
Senior Technical Manager, US-West
02:05PM - Day 1
Director - Security
02:05PM - Day 1
Panel: How to Stay Ahead of Insider Threats
- Deterrence is key: ensuring you have appropriate policies, strong encryption, and good access controls.
- Assessing best practice detection and monitoring techniques.
- What to do if you’ve identified an insider attack.
Coffee & Networking in the Exhibition Area
Reviewing what we mean by a Smart City.
Real Projects Discussed: Innovate Las Vegas.
Chief Marketing Officer
03:15PM - Day 1
03:15PM - Day 1
Presentation: Learnings from 25 million Phishing Simulations
Jeff Platon, CMO , shares insights and experiences from a Hoxhunt conducted study with 25 million phishing simulations and attacks seen in the wild. Learn key findings from the study that help transfer away from” just awareness” to effectively reducing risk together with the workforce.
Presentation: Important Considerations When Scaling Your Cloud Security Program
– Understanding the key concepts of a cloud security program.
– Identifying the appropriate responsibility matrix for your program,
– Understanding the importance of centralized governance controls.
– Discussing the benefits of implementing infrastructure-as-code (IaC).
– Examining how vendor relationships help build your program.
Presentation: How To Stay Ahead of Insider Threats leveraging TCG Standards
- To Follow Soon…
Panel: The Power of Cyber in Hybrid Threats and Securing the Global Supply Chain with Help of AI
The emergence of new and disruptive cyber technologies will change the reaches of cyber operations. How do we limit or mitigate the exploitation of the cyber domain by hostile actors in hybrid campaigns? We will also touch on the role of AI in securing the global supply chain as it relates to protecting our critical infrastructure.