Analytics, Intelligence & Response
Analytics, Intelligence & Response covers the application of investigative and analytic techniques that help organizations plan for, identify, contain, investigate, and resolve incidents in the enterprise, manufacturing (OT), and integrated technologies (IOT). It also explores threat intelligence, automating response, and broad information sharing. Finally, AIR covers response to cognitive security attacks (dis-/misinformation) against companies, products, and services.
- Communications - Customer and Business Partner Response
- OT - understanding why detecting, analyzing, and resolving issues in manufacturing is different from IT, including the OT engineering teams
- Ransomware & incident planning and response
- ATT&CK framework to help anticipate what could happen, plan for likely events, build (document and automate) processes to deal with those expected events
- Robotic Process Automation (RPA)
- Pre-planning Response to respond to incidents at machine speed
- How to respond when memes and deepfakes impact your company, executives, and products
The battle against online fraudsters continues to rapidly evolve, with social engineering-based attacks increasing. Leading organizations are deploying new policies, technologies and methodologies to enhance fraud prevention, detection, response and recovery programs. Hear use cases and best practices focused on sharing practical knowledge and lessons learned on how to approach the most pressing challenges of anti-fraud professionals.
- Customer-side malware—attacks and detection latest and greatest
- Social engineering fraud
- Mobile fraud (client device vs fraudster side)
- International Organized Crime—goal of awareness and case study examples
- COVID-19 fraud – goal of sharing lessons learned against specific attack campaigns
- Cryptocurrency in fraud
- New authenticators for 2021
This track focuses on the intersection of business and security. It features experiences and opinions of CXOs, exploring how to assess risk from a business perspective and then communicate cyber-risk to the board. Sessions will explore ways to leverage limited resource to manage and mitigate risk as well as the latest trends and issues in information security that impact the executive suite.
- What/Where/How to measure in a meaningful way
- Navigating cyber liability insurance—perception of coverage vs. what is actually covered
- BEC for the executive audience
- Organizations that have products/services in B2B market and how they bake security into their offerings
- The challenges of being a scapegoat but not being listened to or having authority
- Where are the gaps and how do you deal with those gaps?
- Overcoming the odds: stories from those who have been able to do something they never thought they could
- Scary regulations and how to deal with them
- Focus on CISOs and other executives understanding what boards are actually looking for
Cloud Security & Virtualization
The Cloud Security & Virtualization track includes sessions on the security aspects of using and leveraging cloud services, virtualization technologies/services, segmentation, container technologies, network function virtualization and hybrid architectures. Critical staffing and skills requirements will also be explored as well as business continuity planning related to rapid cloud-native transformations.
- Cloud security architecture and threat modeling
- Cloud native deployments: lessons learned
- Networking for containerization
- Cloud/control plane access
- Cloud deployments and baseline control parity from an engineer’s perspective
- Long term strategic aspects of rapid digital transformation—business continuity planning for things that were stood up to be temporary, but are now baked in
- Multi-cloud: lessons learned
- Skills and staffing gaps
- SaaS and CASB – mobile workforce enablement
DevSecOps & Software Security
DevSecOps & Software Security focuses on the intersection of application, product security and DevOps. Sessions focus on sharing real-world, enterprise-level successes (and failures), covering DevSecOps for risk and compliance and working in step with modern development teams. Expect to see topics on secure software development, SDL, safety engineering, adding resiliency to software, and how-to’s for building security support, compliance, and diagnostics into software and products.
- How a non-elite organization built out its product
- Building a culture of development that is thinking about security first while also celebrating errors
- Brining safety principles into security
- Privacy engineering—case study
- Case study that gives a holistic view of security posture to prioritize areas of investment
- Deception in DevSecOps—how modern teams are defending their home turf
- Effectively communicating security processes
- Data to help prioritize risk and investment
- Mitigation efforts
- Compliance and safety overlaps with DevSecOps and safety
Hackers & Threats (Regular and Advanced)
Hackers & Threats sessions include discussions around the growing underground economy, advanced threats, ransomware, cyber-weapons, new classes of vulnerabilities, exploitation techniques, reverse engineering, and how to combat these problems. Hackers & Threats Advanced features more advanced content, including highly technical live demos, exploit code walk throughs, code dissection and reverse memory analysis.
- New and emerging underground chatter
- Trends from the trenches (a joint effort from law enforcement or someone who has permission to talk about a joint operation would be great)
- How to bring security issues to your larger organization as a whole
- RDP attacks with people working from home
- Growth of very targeted attacks on edge computing
- IoT and IIoT, 5G resurgence
- How SOC teams process data and interoperate in remote settings
- Advanced—hardware hacking that affects something big
- Advanced — how do vulnerabilities create a landscape of pivot points with older vulnerabilities chained together
This track explores how people make trust choices by relying on user behavior analytics data to inform innovative ways of securing the human and foster internal and external security communities. Topics include social engineering, insider threats, information operations, organizational change, building partnerships and how classic attacks and emerging threats now include a human element.
- Social engineering-- Large quantitative analyses
- UX/AI: leveraging analytics for good
- WFH human error
- Why has security training not been working?
- Offensive side
- Information sharing challenges—interesting approaches and modeling for it, particularly across supply chain ecosystem
This track covers the processes, technologies and policies for managing and controlling digital identities for the enterprise and its customers.
- New authentication techniques
- Threat evaluation
- Attack vectors associated with password managers
- Just in time privilege evaluation
- General continuous evaluation techniques for fraud and Identity
- Decentralized ID as an architecture as opposed to trust framework
- Consumer owned identity wallet concept without blockchain magic
- Trusted device networks
- ID verification vs. Privacy
- Effectiveness of behavior biometric capability
- Breaking ID models with browser changes
The Law track explores topics at the intersection of cybersecurity, data protection and the law, including developments and trends in new laws and regulations, cases, liability, risk management, transactions, investigations, governance and related topics.
Machine Learning, Artificial Intelligence & Automation
Sessions examine the practical applications and limitations of machine learning and artificial intelligence in cybersecurity, with an eye on issues of ethics and bias as well as democratizing ML&AI. This track will explore defensibility, fundamentals, real-world examples, potential risks, and future evolution of capabilities. Expect to see topics around automated robots and defensive automation as well as the ways in which ML, AI and automation are enabling humans to do a better job and be more efficient.
- The data hungry nature of ML/AI algorithms and privacy implications
- Bias in ML models with ethics, fairness and accountability as a bigger theme
- ML supply chain
- Federated learning
- Building resilient ML and threat modeling for it
- Using AI for deep fakes
Open Source Tools
This track provides technical case studies of open-source software and highlights new and innovative open source security tools. The track offers attendees exposure to open-source solutions that have been created and utilized by enterprise practitioners to solve real challenges. Sessions will cover the business challenges addressed and how the presenter utilized open source tools to resolve them. Attendees will be able to download the tools to follow along.
- New and noteworthy open source security tools: how they were used to solve business challenges
- Case studies of open source tools used to solve real world business security challenges
- Creative use of open source tools in solving challenges
- Open source tools usage to solve emerging problems: container security, microservices, or other new and emerging problems
- Situations where open source security tools helped solve issues stemming from the COVID-19 pandemic
Policy & Government
This track features sessions on current and proposed government strategies, policies, legislation and standards that could shape the direction of emerging technologies, cyberthreat intelligence sharing, industry standards and security compliance requirements for years to come.
- Will CMMC work?
- Ransomware in state/local government
- New normal for public sector workforce implications to employees and citizens
- What's new in Fed policy
- International changes in policies and regulations
This dedicated track explores the privacy and security of personal data issues related to artificial intelligence, facial recognition, biometrics, surveillance and differential privacy enhancing technologies, as well as state, federal and international laws and regulations, including as CCPA, GDPR and HIPAA. It also focuses on standards and programmatic strategies for compliance.
- Transborder data flows and the strike down of the Privacy Shield
- Non-HIPAA health and monitoring of people in the time of COVID
- Schrems and data transfers
- Employee monitoring in COVID era
- Algorithmic governance
- Will federal privacy legislation pass this year?
- Alternate means of tracking people and the privacy issues/security implications
- DNS over HTTPS
Professional Development & Personnel Management
This track looks at the “you” side of things, with two distinct paths geared toward advancing careers and positively impacting our profession. Professional development is about improving ourselves, expanding our capabilities and skills, soft skills, and increasing our security career possibilities. Personnel Management focuses on those who lead and manage people, build inclusive and diverse teams for 365 visibility, and help our teams mature and develop themselves to achieve even more.
- Communication soft skills
- What D&I can mean and why it’s good for us
- Case studies on overcoming career challenges
- Building a security career
- Developing leadership skills
- Is there really a cybersecurity job shortage—point/counter point?
Risk Management & Governance
This track covers the selection and implementation of risk management methodologies, compliance-related sessions on standards, assurance, and instituting governance across the extended enterprise. This track also contains sessions on metrics and measurements that make a difference in reducing risk.
- Risk governance and how it has changed in the “react to COVID world”
- Effective communication strategies that are not just compliance based
- Proactive assurance approaches
- Open source tools being used for risk, governance and compliance
- Choosing the right tools for governance
- Case studies showing use of standards to increase security and lower risk
- How to motivate people to comply with standards
- Heavy emphasis on case studies and real learnings; enterprise perspectives particularly valued
Securing the Remote Workforce
This track will cover best practices that emerged from organizations that were forced overnight to secure a remote workforce. It will explore next stages of transformation—what projects have been accelerated or decelerated and how organizations are adjusting for quickly made changes as well the normalization of changes that may have been implemented, both technologically and within the workforce. It will also look into the future and deliver concrete ideas around what lies ahead and how organizations can thrive when change is thrust upon them.
- Case studies of organizations 6-12 months post-pandemic and critical lessons learned
- Innovative approaches that rose out of forced change
- Practitioner perspectives: what projects were accelerated or decelerated based on the pandemic and how to achieve prioritization alignment with the executive team
- How do hackers approach the distributed workforce and how can security teams respond
- Cultural component: some of our workforce is very happy working from home; how are we going to retain talent in this new world?
- Prognosticating possible futures—what will things look like 2 years from now, 5 years from now, 10 years from now?
- The Program Committee looks forward to a small number of “rear view mirror” sessions and will focus the track heavily on future forward-looking innovation
Securing All the Things
This track explores the security policies of interconnected devices and the implications of the home network becoming an extension of the corporate network. Securing All the Things demands that we look at the ways in which the architecture, infrastructure, policy and strategy of non-traditional technology affects security. Sessions will cover managing mobile security and emerging threats to mobile platforms as well as the challenges posed by the interconnectivity of everything. Topics will include product security as well as the security of Industrial Control Systems, OT and manufacturing.
- Android & iOS
- Nation state anti-human rights
- ICS— things that control critical infrastructure/manufacturing
- Something that got on a network connection that shouldn’t have
- Video surveillance systems
- Home networking equipment
- Protection of information and supply chain
- Defending against small, well-connect attack platforms
- Disruption in wireless—moving from cellular to satellite
- Retreat from globalism: heightened demand in industrial control and autonomy
- How have the electronic things of the world been impacted by COVID?
Security Strategy & Architecture
Security Strategy & Architecture covers the policy, planning, and evolving areas of enterprise security architecture and the management issues of implementing successful security programs. Sessions will include the structures and tools needed to build a security program that enables and enhances business processes, communication, resiliency and hygiene.
- Architect’s experience in driving a security program thru technology change to better position the business for resiliency
- How architects can work with business to collaborate on new initiatives
- 5G Technology – What is being marketed vs. the risks and the data that needs to be protected
- Architecture lessons learned thru failures
- Managing differentiation between technology life cycles, capabilities, and product life cycles
- Balancing strategy for people, process and technology….and avoiding tool fixation
- How to build more resilient and redundant supply chains, particularly in the face of geopolitical conflicts
- Business continuity
- The Program Committee anticipates a lot of COVID-tinged submissions—reminder to keep them strategic, actionable and case-study based, focused on providing differentiating detail
Technology Infrastructure & Operations
This track focuses on the most interesting and challenging elements of current and emerging security infrastructure. Sessions will include topics on strategic planning and implementation lifecycle for all things network and security infrastructure and operations.
- Intersection with cloud—how does cloud transform what you are doing?
- What traditional enterprises can learn from startups, specifically cloud-native companies
- As a company grows, what are the things from the traditional enterprise world that need to work their way back in?
- New communication paradigms (Slack/Teams)
- Transition—what have we learned? Unanticipated risks?
- CI/CD pipelines—how to move from development into production
- Automation—strategies for manufacturers for security automation
- Development pipeline and where to automate
- Infrastructure as code
- Deploying access infrastructures through scripting (APIs, Python)
- Network infrastructure based—ie data center, wired/wireless