Where CISOs Collaborate
Breakout Sessions
Breakout Rooms A and B
9:30am Sessions
10:05am Sessions
10:45am Sessions
11:20am Sessions
1:15pm Sessions
2:00pm Sessions
2:45pm Sessions
3:15pm Sessions
4:05pm Sessions
9:30 Session
Breakout Room A
Title: CISO Roundtable - Talking to the board
Discussion Leader: Eric Svetcov
Session Info: Roundtable discussion on what is working and what is not when it comes to communicating with the board.
10:05 Session
Breakout Room A
Title: CISO Roundtable - Managing Shadow IT
Discussion Leader: Eric Svetcov
Session Info: Roundtable discussion on managing Shadow IT in your organization
10:45 Session
Breakout Room A
Title: CISO Roundtable - Ask CISOs
Speaker Info: CeciltheCISO and CISO XC Advisors
Session Info: Come ask one of our founders, Cecil Pineda, and our team of CISO advisors the questions you have always wanted to ask.
11:20 Session
Breakout Room A
Title: Q & A - Cybersecurity Careers, Job Search Hacks, & Workforce Challenges
Speaker Info: Jessie Bolton
Session Info: Q&A based around starting and furthering your career in security
1:15-3:15 Session
Breakout Room A
.jpeg)
Title: Jumpstarting your pentesting career with The Pentester Blueprint
Speaker Info: Phillip Wylie -
Phillip Wylie is a Security Solutions Specialist for CYE, with over 25 years of industry experience in IT and cybersecurity. He is also a former Dallas College Adjunct Instructor and the founder of both The Pwn School Project and DEFCON Group 940. Phillip has a diverse range of experience in multiple cybersecurity disciplines, including system administration, network security, application security, and pentesting. As a pentester with over 10 years of experience, he has conducted pentests of networks, Wi-Fi networks, and applications, as well as red team operations and social engineering.
Phillip's contributions to the cybersecurity industry extend beyond his work as a pentester. He is the concept creator and co-author of “The Pentester BluePrint: Starting a Career as an Ethical Hacker,” a highly regarded book that was inspired by a lecture he presented to his class at Dallas College and later became a conference talk. Phillip is the host of The Hacker Factory Podcast, where he interviews guests on how they got started in cybersecurity and their advice for aspiring cybersecurity professionals. Additionally, he is a frequent conference speaker, workshop instructor, and mentor.
Session Info: Jumpstarting your pentesting career with The Pentester Blueprint -
3:15-4:35 Session
Breakout Room A
Title: Veterans in Cyber Session
Speaker Info: Eric Svetcov
Session Info: Breaking into cybersecurity and how to progress in security, specifically focused on veterans
Register here
Morning
Sessions
Breakout Room B
.png){kind=logo}
9:30am Session
Title: Communicating Value: Leveraging Partnerships and Resources
Speaker Info: Joe Paul
Session Info: Communicating Value: Leveraging Partnerships and Resources
10:00am Session
Breakout Room B
Title: Decoupling Cybersecurity policies from the infrastructure
Speaker Info: Julio Casablanca is the Field CISO at World Wide Technology with over 20 years of experience in Network, Network Security, and Cyber Security engineering. Julio spends most of his time helping customers improve their Cyber Security posture.
Session Info: Every year the CISO office struggles with the implementation and operationalization of new security frameworks, compliance regulations and the never-ending integration of point products. Today, we are changing the conversation. By utilizing either technology we already own or have acquired through small tactical investments, we (the Cybersecurity professional community) are taking control by decoupling the security policy from the infrastructure.
10:45am Session
Breakout Room B
Title: Cybersecurity is Expensive and it’s your fault
Speaker Info: Patrick Arvidson, retired NSA SES, Chief Strategy Officer at Interpres will lead the conversation and share stories from the trenches countering malicious activity, driving down cyber related costs, and why he likes Godzilla. Pat served 36 years as Chinese Linguist and Information Security Executive within NSA and the Department of Defense - including time as Technical Director for the Office of the National Manager for National Security Systems, Executive Director for the Principal Cyber Advisor in the Office of the Secretary of Defense (OSD) Policy, and Chair of the joint DoD Cybersecurity Analysis and Review (DoDCAR) program.
Session Info: Come listen and challenge Pat on his premise that we are to blame on why cybersecurity is expensive. Engage in lively discourse, exchange controversial ideas, and challenge the status quo.
11:20am Session
Breakout Room B
Title: Cybersecurity is failing – and it’s time to win
Speaker Info: Patrick Arvidson, retired NSA SES, Chief Strategy Officer at Interpres will lead the conversation and share stories from the trenches countering malicious activity, driving down cyber related costs, and why he likes Godzilla. Pat served 36 years as Chinese Linguist and Information Security Executive within NSA and the Department of Defense - including time as Technical Director for the Office of the National Manager for National Security Systems, Executive Director for the Principal Cyber Advisor in the Office of the Secretary of Defense (OSD) Policy, and Chair of the joint DoD Cybersecurity Analysis and Review (DoDCAR) program.
Session Info: Come listen and engage with Pat Arvidson on a discussion on why the cybersecurity is failing, how to create unity of effort, and start to win.
Afternoon
Sessions
Breakout Room B
Nudge Security helps IT and security teams get a handle on shadow IT by proactively discovering all cloud & SaaS assets and automating workflows to ensure secure access and limit SaaS sprawl.
Join one of our breakout sessions and you’ll be entered to win a supercar racetrack driving experience!
1:30-2:00pm
Title: Debunking the “stupid user” myth in cybersecurity
Speaker Info: Danielle Russell, Head of Product Marketing and Garrett Gross, Head of Product Management
Session Info:
With 82% of data breaches involving the human element, people are considered the weakest link in cybersecurity still today. We often blame poor security behaviors on a lack of security awareness training or blatant disregard for corporate security policies. But, what if there's something else at play? How can human psychology help to explain people’s security behaviors at work? And, what can we learn from it to overcome the “stupid user” myth in cybersecurity?
In this session, we’ll present the findings of research Nudge Security conducted in consultation with leading psychology experts at Duke University and discuss how any organization can drive toward desired security outcomes with a research-based approach to addressing the human element of cybersecurity.
2:00-2:30pm
Title: Product demo: How to nudge your employees toward practicing safe SaaS
Speaker Info: Danielle Russell, Head of Product Marketing and Garrett Gross, Head of Product Management
Session Info:
While it can be tempting to block access to unapproved SaaS apps, our research shows this is likely to push employees toward more shadow-y workarounds. What if you could instead engage employees with timely, friendly nudges to help them practice safe SaaS? In this 30-minute product demo, we’ll show exactly how Nudge Security works to automate just-in-time employee engagement to help guide employees towards desired security behaviors, such as enabling MFA, enrolling apps in SSO, and helping to curb SaaS sprawl by using already-approved apps. See how Nudge Security can help you stop the endless game of “whack-a-mole” in response to poor user behavior and start proactively helping your workforce to practice safe SaaS.
2:45-3:15pm
Title: Your attack surface is bigger than you think. How to assess and protect the modern SaaS supply chain.
Speaker Info: Danielle Russell, Head of Product Marketing and Garrett Gross, Head of Product Management
Session Info:
Recent high-profile breaches at Circle CI, Okta, and Slack reflect a growing trend in attackers targeting enterprise SaaS tools to infiltrate not just the targeted organization’s environment, but that of their customers as well. This new reality requires security teams to expand how they define the modern attack surface, and how they approach monitoring and securing it.
In this session, we’ll analyze recent SaaS provider attacks and discuss ways organizations can protect and defend themselves from such threats with greater visibility of their always-changing SaaS attack surface and digital supply chain.
3:15-3:45pm
Title: Product demo: Monitoring the SaaS attack surface and supply chain risk with Nudge Security
Speaker Info: Danielle Russell, Head of Product Marketing and Garrett Gross, Head of Product Management
Session Info:
When a data breach at a SaaS provider makes headlines, it often creates a frenzy for IT and security teams trying to assess whether or not anyone within their organization uses the service—or uses another service that may have been impacted by the initial data breach.
Nudge Security can help with continuous SaaS asset discovery, breach notifications, SaaS vendor risk profiles and digital supply chain insights. Join this product demo to see exactly how Nudge Security helps you manage the modern attack surface, including SaaS supply chain attacks.
4:00-4:30
Title: Product demo: Discover and secure all SaaS apps with Nudge Security
Speaker Info: Danielle Russell, Head of Product Marketing and Garrett Gross, Head of Product Management
Session Info:
SaaS applications are making work faster, easier, and more collaborative for teams scattered all over the globe. It's pretty great…unless you're the person who has to manage and secure all those apps.
Join this breakout session to see how Nudge Security helps you:
-
Discover all SaaS & cloud accounts
-
View first user, privileged users, and all users
-
Audit SSO & MFA status along with OAuth grants
-
Identify accounts of former employees for deactivation
-
Review vendor breach histories and get alerted of new incidents