Dallas Cybersecurity Conference

Traditional preventative security models are failing in a world of zero-days, nation-state actors, and credential abuse. History proves one truth: attackers get in. This presentation challenges legacy SOC thinking and outlines an active defense, post-breach strategy focused on detection, validation, threat hunting, and rapid response—because eliminating attackers is impossible, but finding them is not.

AI transformation is not just about deploying new tools; it is about confronting the fact that many of the rules, controls, and assumptions organizations rely on today no longer apply. In this session, Richard Bird explains why familiar mechanisms like identity and access policies, data loss prevention, privacy controls, and acceptable use policies begin to break down when AI systems are introduced into everyday workflows. As AI tools generate, transform, and act on data in ways that are non-deterministic, fast-moving, and increasingly autonomous, organizations discover that “this is how we’ve always done it” becomes a liability rather than a safeguard. Using real-world examples, this talk shows how trying to force AI into legacy governance models creates blind spots, weakens accountability, and gives leaders a false sense of control. AI transformation requires rethinking processes, policies, and governance from the ground up, not simply extending old rules to new tools.

Your team is facing a scalability crisis. Security resources grow only linearly while security work grows exponentially.
Learn 7 crucial strategies/tactics to handle vulnerability management effectively, preventing reactive security practices, staff burnout, and poor outcomes.

For over two decades, “Shift Left” has shaped how organizations build secure software — moving testing earlier in development to catch vulnerabilities before release. It was the right idea at the right time, but today’s application ecosystems are far more complex and constantly under attack. Nation-states and sophisticated cybercrime groups have intensified the threat landscape, and with AI lowering the barrier to entry, even less-skilled actors can launch advanced attacks at scale. This session explores how the original principles of Shift Left must evolve into continuous assurance — where prevention, detection, and protection work together across the entire lifecycle.

AI coding assistants promise massive productivity gains, but recent academic research shows they also introduce instability, security weaknesses, and developer overconfidence. In this talk, I present data from large-scale studies demonstrating how AI-generated code affects delivery performance, vulnerability rates, and developer decision-making. I then outline a practical, end-to-end approach for reducing AI-induced risk while preserving the benefits of AI-assisted development.

We often talk about threats in terms of dollars lost, data stolen, or headlines made. But the real threat lives deeper—in the structure, the strategy, and the growing ambition of the actors behind the screen. Today’s cybercriminals don’t just encrypt files; they build economies, launder, influence, and forge alliances that stretch across borders and industries. In this talk, we’ll peel back the layers of modern cybercrime and explore how loosely affiliated hackers have evolved into organized syndicates. These groups operate more like multinational corporations than rogue disruptors—complete with HR departments, recruitment pipelines, insider relationships, and state protections.