Building Resilient Systems: The Power of Listening to Practitioners

In today’s fast-changing world of cybersecurity, building resilient systems isn’t just about technology—it’s about teamwork. When leaders truly listen to their security practitioners, they tap into a well of expertise that can make all the difference. In this session, we’ll explore how collaboration between leadership and practitioners leads to stronger, more adaptable systems. From designing fail-safes to planning for the unexpected, we’ll look at real-world examples where practitioner input shaped success. Join us to learn how fostering open communication can transform resilience from a goal into a reality.

Speaker:
Rebekah Skeete, COO, Black Girls Hack

All Aboard! A Train Ride to Resilient Cybersecurity

The US delegation looks at the path toward the international framework for railway cybersecurity, IEC 63452, which addresses the unique challenges of the rail industry, integrating safety, security, and operational efficiency. With this framework, railway operators, policymakers, and cyber professionals can enhance their cyber posture, protect critical infrastructure, and ensure operational resilience. This session will highlight why, regardless of sector, the effort to develop international frameworks can help any industry build more resilient systems.

Speaker:
Charles Salas, Director, Fleet Cyber Security and Cyber Operations, Amtrak

How to Create a Threat Modeling Process and use ATT&CK

Practical threat modeling experience is often centered in a single organization, and the fish doesn’t see the ocean. Learn from experts serving hundreds of organizations how ATT&CK provides an empirically grounded model that’s been successfully applied across commercial and government customers. 

Speakers:

Adam Shostack, President, Shostack + Associates

Kyle Wallace, Operational Technology Device Security Lead, MITRE Corporation