Chicago, IL
Wednesday, February 8, 2023
Hybrid
Keynote Speaker
“Leadership Matters: Board Oversight of Cyber Risks in an Ever-Changing Landscape”
Pam Nigro
VP, Security, Medecision Chair, Board of Directors, ISACA
CISO/Industry Leader Panel
“Cybersecurity Leaders and Experts on Current Cyberthreats and Practices”
Darrell Jones
Chief Information Security Officer Tupperware
Elizabeth D. Ogunti
Chief Information Security Officer JBT Corporation
Christopher Clai
Director, Information Security. Engineer. Speaker Green Thumb Industries (GTI)
Pam Nigro
VP, Security, Medecision Chair, Board of Directors, ISACA
Perry Yee
Vice President, Technology U.S. Soccer Federation
About the Event
FutureCon Events brings high-level Cyber Security Training discovering cutting-edge security approaches, managing risk in the ever-changing threat of the cybersecurity workforce.
Join us as we talk with a panel of C-level executives who have effectively mitigated the risk of Cyber Attacks.
Educating C-suite executives and CISOs (chief information security officers) on the global cybercrime epidemic, and how to build Cyber Resilient organizations.
“Cybersecurity is no longer just an IT problem”
Gain the latest knowledge you need to enable applications while keeping your computing environment secure from advanced Cyber Threats. Demo the newest technology, and interact with the world’s security leaders and gain other pressing topics of interest to the information security community.
The FutureCon community will keep you updated on the future of the Cyberworld and allow you to interact with your peers and the world’s security leaders.
For sponsorship opportunities email sales@futureconevents.com
Agenda
Times are subject to change
Opening Introductions | Check In | Networking
Presentation
The State of Cyber Security & The Need for Security Operations
Cyber risk is a business risk. Unfortunately, the cybersecurity industry has been ineffective in reducing cyber risk for organizations.
Every year we witness the innovation of new technologies and solutions—yet high-profile breaches continue to make headlines. This session will outline practical approaches you can take to end cyber risk for your organization.
Sponsored by
Presentation
Leading the Next Era in Data Security & Management
With ransomware attacks becoming more frequent than ever before and it not being a matter of if but when, data management and security should be at the forefront of every business today. In this session, we will highlight the necessity of being able to detect, protect and rapidly recover from ransomware attacks, the importance of having a strong ecosystem of alliance partners by your side and asking those challenging questions to ensure you have the best plan for keeping your data and company secure.
Sponsored by
Presentation
Stories from the Front Lines: SOC Edition
There’s never a dull moment in the Security Operations Center (SOC). In this session, Daniel Smallwood shares some of the most interesting security incidents he’s encountered during his 20-year career as a threat researcher and engineer in the federal and private sectors. These include:
· The Case of the Missing Hard Drive: Lessons Learned from Handling an Insider Threat
· From the UK to Aliens to Pink Floyd: The British Hacker Story
· The Network is Overrun with Coin Miners: How to Approach an Overwhelming Breach
Sponsored by
Presentation
Understanding the 5 areas of the NIST Cybersecurity Framework (NSF)
The NIST Cybersecurity Framework helps businesses of all sizes better understand, manage, and reduce their cybersecurity risk and protect their networks and data. The five areas of the program includes Identify, Protect, Detect, Respond, and Recover. These five NIST functions all work concurrently and continuously to form the foundation where other essential elements can be built for successful high-profile cybersecurity risk management
Sponsored by
Presentation
Cameras, Cabinets, & Controllers: xIoT Security Chaos - A Story of Two Million Interrogated Devices
Purpose-built IoT, OT, and network devices that are connected and disallow the installation of EDR software are part of a massive, rapidly growing category of targets that nefarious actors are exploiting. Attackers can use them to evade detection and maintain persistence. Nation-states, cybercriminals, and insiders have discovered that these devices can be easily compromised and used for a wide variety of malicious purposes.
Countries like Russia have developed tools like Fronton that are specifically designed to attack and control these device types. Some common devices from countries like China have even been banned because they ship with malware preinstalled from the manufacturer.
We’ve been researching IoT, OT and network device security for over five years across millions of devices and hundreds of organizations worldwide. This is unique research that isn’t being conducted by any other organization at this scale. This presentation will share several discoveries across device visibility, vulnerabilities, and exploits. The research calls out the most exploited device types, explores multiple war stories, and illustrates methods to mitigate the risks.
These purpose-built devices are being turned against us and becoming a new cybersecurity frontline across the enterprise, smart cities, buildings, and ships, healthcare providers, manufacturing, defense, our homes, and more. Compromises are impacting the physical world by unlocking our doors, shutting down power, and spying with audio and video surveillance. Attackers can use these devices to mine cryptocurrency, conduct DDoS attacks, and engage in ransomware as well as and move laterally to compromise our IT and cloud-based assets.
We don’t know what devices we have, so we don’t know what to fix. Even if we knew what to fix, it would be impossible to do so manually because of the scale. If we did fix it, we don’t have anything in place to ensure things stay fixed. This is leaving our IoT, OT and network devices at risk along with IT and cloud-based assets. These are our devices, and it’s time to take back control from the attackers.
Sponsored by
Keynote
Leadership Matters: Board Oversight of Cyber Risks in an Ever-Changing Landscape
Enterprises must worry about cyber risks – including ransomware attacks, malware intrusions, software and supply chain problems – as well as concerns brought by rapidly evolving technologies. Pam will discuss cyber implications for adopting tech like the Internet of Things, cloud and artificial intelligence, as well as possible difficulties ahead with quantum computing and the future of cyber risk. Learn the steps you can take to ensure your enterprise is prepared. Learn the questions that a boards should be asking to ensure proper oversight and governance to manage current cyber risk and challenges ahead.
Presentation
Building a Human-Based Defense Readiness Program
Building a Human-Based Defense Readiness Program Abstract: Humans, not technology, are the cornerstone of a robust cybersecurity strategy. But how do you ensure your team is capable of detecting and defending against an ever-changing threat landscape? In this session, learn what a human-based defense readiness program looks like, how to deploy it, and how it can reduce your organization’s cyber risk.
Sponsored by
Presentation
Zero Trust: Modern Security’s Remedy to Today’s Cybersecurity Challenges
Good security requires a defense-in-depth strategy. Ensuring user trust, password managers, MFA, EDR and SSO tools all work together in concert. But, human error is often the weakest link in the security chain, you must ensure that other layers are in place to close this final link in the chain and mitigate against all modern attacks.
This talk will share a practitioner’s hard won insight from real-world implementations at two Fortune 500 enterprises and the journey those companies are on. We will share the vision that led these organizations down the path of a defense-in-depth strategy that included Zero Trust and Security Services Edge (SSE).
Sponsored by
Presentation
Modern Data Protection
Protecting your data in a distributed world. From asset inventory to employee education, everything you need to think about when building or fine tuning your data protection program.