Chicago, IL

Do your cybersecurity presentations leave Executives saying “Why do we need to do these projects” or “I don’t get it, do we need to spend this much”?

In this session, Dr. Glenn Stout, Ph.D. will provide a way to communicate to your Executives answering their questions of “Are we ok?”, and “If we are not ok, how do we get to ok?

In today’s rapidly evolving business landscape, the expansion of our technical ecosystems pose both unprecedented opportunities and considerable challenges.

The proliferation of interconnected systems, emerging technologies, and the increasing interdependence among them have given rise to multifaceted system risks that organizations must navigate. These risks encompass cybersecurity threats, regulatory compliance (old and new), data privacy concerns, interoperability issues, and the potential for disruptive system failures.

Through collaborative insights and shared experiences, this discussion aims to equip the attendees with proven actionable strategies to include:

• Understanding the dynamic nature of these risks
• Aligning technological initiatives with overarching business objectives.
• Blending innovation with a comprehensive understanding of organizational goals and market demand
• Real world case studies highlighting successful alignment between business objectives and our InfoSec programs

Specialized threats targeting OT environments have been around since at least 2010, with the reports of Stuxnet. Recognizing the criticality of these devices, Threat Actors have continued evolving, continuing to target OT devices, many of which are inherently insecure-by-design. Research, such as Vedere Labs’ OT:ICEFALL research project and Project Basecamp by Digital Bond from 10 years ago showed how significant the scope of vulnerable devices are that are pervasive in critical infrastructure systems. Today’s SOC needs to not only see those devices and the risks they pose while also ensuring accurate detection of the threats uniquely targeting those OT environments they’re deployed in. This session will explore this unique threat landscape and the capabilities required to combat the threats and automatically mitigate the risks specially targeting Operational Technology environments.

As more threats emerge and adversaries’ TTPs increasingly change, the ability to rapidly assess relevant coverage across the defensive stack becomes increasingly important.

As more threat reports & repositories now contain detections around recently observed indicators & behaviors (a positive trend), it’s tempting to think that deploying only those detections means successful implementation of “threat-informed defense”. However, our research suggests adversaries are evolving their tactics, techniques, & procedures with increasing frequency and in ways that specifically target parts of the attack surface that are especially challenging to defend.

Layering (and distributing) defensive capabilities against today’s threats is essential but making a quick assessment of coverage – that is both deep and wide – for each new threat is near-impossible if using traditional approaches. This talk will review recommendations for speeding up coverage assessments through threat & defensive prioritization, using two real examples as walkthroughs.

This presentation aims to tell the story of the dynamic landscape of cyber threats by delving into the Tactics, Techniques, and Procedures (TTPs) employed by cybercriminals, along with an exploration of the diverse file types used in these malicious activities. Some of these include:

• SVG files
• Use of WebDav
• Internet Shortcut (.URL) files

Based on Proofpoint’s telemetry of billions of messages per day, we show how Cybercriminals are are constantly trying old and new tricks in response to defenders. The presentation also illustrates how techniques are quickly identified by the security community to continue to keep our users safe from evolving threats.

With the increasing complexity of applications and rapid development, traditional approaches to AppSec struggle to keep up. Application Security Posture Management (ASPM) is the new future of managing risk holistically. With ASPM, organizations can efficiently manage their application risk posture, collaborate effectively between development and security teams, and enforce application security policies and controls. This talk will cover what ASPM is, what benefits it will bring to organizations, and how your security team can best prepare for it.