Dallas, TX

Thursday, January 19, 2023

Hybrid

About the Event

FutureCon Events brings high-level Cyber Security Training discovering cutting-edge security approaches, managing risk in the ever-changing threat of the cybersecurity workforce.

Join us as we talk with a panel of C-level executives who have effectively mitigated the risk of Cyber Attacks.

Educating C-suite executives and CISOs (chief information security officers) on the global cybercrime epidemic, and how to build Cyber Resilient organizations.

“Cybersecurity is no longer just an IT problem”

Gain the latest knowledge you need to enable applications while keeping your computing environment secure from advanced Cyber Threats. Demo the newest technology, and interact with the world’s security leaders and gain other pressing topics of interest to the information security community.

The FutureCon community will keep you updated on the future of the Cyberworld and allow you to interact with your peers and the world’s security leaders.

For sponsorship opportunities email sales@futureconevents.com

Agenda

Times are subject to change

8:00 am

Opening Introductions | Check In | Networking

Presentation

9:00 am

White Noise: 2023 Threat Predictions from FortiGuard Labs

While “less is more” is driving the consolidation of networking and security, “more is more” is the mantra that cybercriminals live by and 2023 will be no exception. Not surprisingly, in 2023 threats of all kinds will continue and will become increasingly more sophisticated. In this session, Aamir Lakhani, Senior read more…

While “less is more” is driving the consolidation of networking and security, “more is more” is the mantra that cybercriminals live by and 2023 will be no exception. Not surprisingly, in 2023 threats of all kinds will continue and will become increasingly more sophisticated. In this session, Aamir Lakhani, Senior Threat Researcher with FortiGuard Labs, will discuss some the threat trends that FortiGuard Labs is already seeing for 2023 and how CISOs and security teams can prepare.

In this talk, Aamir will discuss:

  • * 2022 threat review and how they may evolve
  • * New threat trends that FortiGuard Labs is predicting for 2023
  • * How cybercrime is converging with advanced persistent threat methods, enabling cybercriminals to “weaponize” at scale
  • * Actions that CISOs and IT/operational technology security leaders should consider in 2023 and beyond
Bio

Aamir Lakhani

Senior Cybersecurity Researcher FortiGuard Labs, Fortinet

Sponsored by

Presentation

9:30 am

Cameras, Cabinets, & Controllers: xIoT Security Chaos - A Story of Two Million Interrogated Devices

Purpose-built IoT, OT, and network devices that are connected and disallow the installation of EDR software are part of a massive, rapidly growing category of targets that nefarious actors are exploiting. Attackers can use them to evade detection and maintain persistence. Nation-states, cybercriminals, and insiders have discovered that these devices read more…

Purpose-built IoT, OT, and network devices that are connected and disallow the installation of EDR software are part of a massive, rapidly growing category of targets that nefarious actors are exploiting. Attackers can use them to evade detection and maintain persistence. Nation-states, cybercriminals, and insiders have discovered that these devices can be easily compromised and used for a wide variety of malicious purposes.

Countries like Russia have developed tools like Fronton that are specifically designed to attack and control these device types. Some common devices from countries like China have even been banned because they ship with malware preinstalled from the manufacturer.

We’ve been researching IoT, OT and network device security for over five years across millions of devices and hundreds of organizations worldwide. This is unique research that isn’t being conducted by any other organization at this scale. This presentation will share several discoveries across device visibility, vulnerabilities, and exploits. The research calls out the most exploited device types, explores multiple war stories, and illustrates methods to mitigate the risks.

These purpose-built devices are being turned against us and becoming a new cybersecurity frontline across the enterprise, smart cities, buildings, and ships, healthcare providers, manufacturing, defense, our homes, and more. Compromises are impacting the physical world by unlocking our doors, shutting down power, and spying with audio and video surveillance. Attackers can use these devices to mine cryptocurrency, conduct DDoS attacks, and engage in ransomware as well as and move laterally to compromise our IT and cloud-based assets.

We don’t know what devices we have, so we don’t know what to fix. Even if we knew what to fix, it would be impossible to do so manually because of the scale. If we did fix it, we don’t have anything in place to ensure things stay fixed. This is leaving our IoT, OT and network devices at risk along with IT and cloud-based assets. These are our devices, and it’s time to take back control from the attackers.

Bio

Robert Esposito

Director of Security Strategy Phosphorus Cybersecurity

Sponsored by

Presentation

10:30 am

Attack Surface Management: Past, Present & Future

Cyber asset attack surface management (CAASM) is the process of identifying, analyzing, and mitigating potential vulnerabilities in an organization’s systems, networks, and devices. In this presentation, we will discuss: The role of CAASM and attack surface management (ASM) in the future of risk management technologies Key steps including, asset discovery, read more…

Cyber asset attack surface management (CAASM) is the process of identifying, analyzing, and mitigating potential vulnerabilities in an organization’s systems, networks, and devices.

In this presentation, we will discuss:

  • The role of CAASM and attack surface management (ASM) in the future of risk management technologies
  • Key steps including, asset discovery, risk analysis, and implementing controls to reduce the likelihood of a successful attack
  • Different methods of ASM and benefits of automation for continuous management
Bio

James Mignacca

CEO Cavelo

Sponsored by

Presentation

11:00 am

Zero Trust: Modern Security’s Remedy to Today’s Cybersecurity Challenges

Good security requires a defense-in-depth strategy. Ensuring user trust, password managers, MFA, EDR and SSO tools all work together in concert. But, human error is often the weakest link in the security chain, you must ensure that other layers are in place to close this final link in the chain read more…

Good security requires a defense-in-depth strategy. Ensuring user trust, password managers, MFA, EDR and SSO tools all work together in concert. But, human error is often the weakest link in the security chain, you must ensure that other layers are in place to close this final link in the chain and mitigate against all modern attacks. 

This talk will share a practitioner’s hard won insight from real-world implementations at two Fortune 500 enterprises and the journey those companies are on. We will share the vision that led these organizations down the path of a defense-in-depth strategy that included Zero Trust and Security Services Edge (SSE).

Bio

Den Jones

Chief Security Officer Banyan Security

Sponsored by

Keynote

12:00 pm

“You’re a CISO: Can you Hack It? – A One on One with Pat Benoit and David Belanger”

Bio

Pat Benoit

Global Chief Information Security Officer Brink’s Inc
Bio

David Belanger

Chief Security Officer Bestow

Presentation

1:30 pm

Selecting Security Software - Is Best of Breed the Best Approach?

Using a solution based approach to selecting and purchasing security software.

Using a solution based approach to selecting and purchasing security software.

Bio

Chris Tyrrell

Director of Sales Engineering Next DLP

Sponsored by

Presentation

2:00 pm

Clear and Present Danger: Build Resilience to Win the DDoS War

All financial organizations have the challenge of providing the best customer experience possible, and 24/7 online service availability is essential to that experience. As an organization’s digital presence expands, so does its exposure to DDoS threats. Traditional DDoS mitigation services were unable to block many DDoS attacks, and in 2022, read more…

All financial organizations have the challenge of providing the best customer experience possible, and 24/7 online service availability is essential to that experience. As an organization’s digital presence expands, so does its exposure to DDoS threats. Traditional DDoS mitigation services were unable to block many DDoS attacks, and in 2022, there were record-breaking successful DDoS attacks against financial organizations despite having leading DDoS mitigation services in place. In fact, threat actors know that many organizations are exposed because they rely on yesterday’s services and methodologies to combat modern DDoS threats. DDoS attack surface management is the only way to prevent successful DDoS attacks, however, some organizations have lagged in adopting a modern approach to tackle this threat and believe that their leading protection alone is enough; when attacked, they suffer significant losses and damages.

Matthew Andriani, Founder and CEO of MazeBolt, will delve into the dynamic nature and enormity of the attack surface, illustrate how to identify the hundreds or thousands of hidden vulnerabilities in all layers of your existing DDoS protection, and how, with just a few fixes, effectively eliminate the vast majority of vulnerabilities to achieve true DDoS resilience and exceptional customer experience.

Bio

Matthew Andriani

Founder and CEO MazeBolt

Sponsored by

Presentation

2:45 pm

Building Cyber Resilience By Prioritizing 24/7 Threat Detection and Response

 In today’s threat landscape, security leaders must shift their focus to improving their cyber resilience. The ability to anticipate, withstand, recover from, and adapt to the evolving cyber threats will dictate how well-equipped your cybersecurity program is at defending against these threats. However, given the lack of skilled in-house security read more…

 In today’s threat landscape, security leaders must shift their focus to improving their cyber resilience. The ability to anticipate, withstand, recover from, and adapt to the evolving cyber threats will dictate how well-equipped your cybersecurity program is at defending against these threats. However, given the lack of skilled in-house security resources, it can be challenging to balance the number of incoming security alerts with delivering swift response to eliminate known and unknown threats.

In this presentation, Brent Feller, Director, Solutions Architecture at eSentire, will share insights on how you can leverage 24/7 threat detection, investigation, and response capabilities to reduce your cyber risk, build resilience and prevent business disruption.

Key takeaways include:

  • How to assess, understand, and quantify your cyber risks
  • Why you should shift your focus to building cyber resilience in addition to managing your cyber risks
  • How proactive threat hunting, combined with 24/7 threat detection and response, are critical in developing a strong cyber defense strategy
Bio

Brent Feller

Director, Solutions Architecture eSentire

Sponsored by

Presentation

3:15 pm

See risk differently! Surface unseen risk to get ahead of threats!

Many organizations believe that by complying with cybersecurity and compliance regulations, they are safe from attacks and data breaches. No organization is safe. And, being compliant doesn’t mean that you are sufficiently protected.  Attackers are smart, stealthy and focused on profiting from your high value information and ransomware payments.  And read more…

Many organizations believe that by complying with cybersecurity and compliance regulations, they are safe from attacks and data breaches. No organization is safe. And, being compliant doesn’t mean that you are sufficiently protected.  Attackers are smart, stealthy and focused on profiting from your high value information and ransomware payments.  And they’re usually a few steps ahead of you.

How can you reduce complexity and gain better insight into the risk of your strategic business priorities without burdening already taxed InfoSec teams?  You need to see risk differently by taking a different approach!

Join this session and learn how to:

  • Gain insight into your risk posture and how risk impacts your business priorities

  • Surface unseen risks lurking in the silos, disconnects, and gaps of your InfoSec activities

  • Use intelligence and automation to deliver quick wins while freeing  up your team’s’ time

Bio

Meghan Maneval

Director of Technical Product Management Reciprocity

Sponsored by

Panel Discussion

4:00 pm
Discussion of security practitioner and an author, what led them to decide to write a book and what influenced the topic they chose. (Book signing following panel and available during designated times during the day …TBA)

Discussion of security practitioner and an author, what led them to decide to write a book and what influenced the topic they chose.

(Book signing following panel and available during designated times during the day …TBA)

Bio

David Belanger

Chief Security Officer Bestow
Bio

Phillip Wylie

Penetration Tester | Instructor | Keynote & International Speaker | Best Selling Author | Podcast Host Black Hat MEA
Bio

George Finney

Chief Security Officer, Southern Methodist University Bestselling Author of Project Zero Trust and Well Aware
5:00 pm

Closing Remarks