Kansas City Cybersecurity Conference

Since the mid-1990s, phishing has evolved into a foundational attack method and remains one of the most common cybersecurity threats organizations face today. It’s also become a key focus of employee training programs across industries. In this session, we’ll explore the history of email security, trace how phishing techniques have adapted over time, and take a closer look at the emerging threat of Phishing-as-a-Service (PhaaS)—a new, scalable model that’s lowering the barrier to entry for cybercriminals.

Specialized threats targeting OT environments have been around since at least 2010, with the reports of Stuxnet. Recognizing the criticality of these devices, Threat Actors have continued evolving, continuing to target OT devices, many of which are inherently insecure-by-design. Research, such as Vedere Labs’ OT:ICEFALL research project and Project Basecamp by Digital Bond from 10 years ago showed how significant the scope of vulnerable devices are that are pervasive in critical infrastructure systems. Today’s SOC needs to not only see those devices and the risks they pose while also ensuring accurate detection of the threats uniquely targeting those OT environments they’re deployed in. This session will explore this unique threat landscape and the capabilities required to combat the threats and automatically mitigate the risks specially targeting Operational Technology environments.

Ransomware attacks continue to grow in frequency and impact—disrupting operations, locking critical data, and putting reputations at risk. And while prevention tools are important, they can’t stop every attack. The question is no longer if an attacker will get through, but what you’ll do when they do.

Join us to learn how to build a ransomware resilience strategy that goes beyond prevention. You’ll learn how containment plays a vital role in limiting damage, maintaining business continuity, and accelerating recovery. We’ll walk through the core elements of a resilient approach—what it looks like in practice, why it matters now, and how you can get started.

The modern workspace is increasingly reliant on cloud-based applications, browser-first access, and AI integration, and faces significant security challenges that outpace the capabilities of traditional tools. Legacy solutions, including VPNs and even early ZTNA implementations, are proving vulnerable to sophisticated attacks, leading to data breaches and operational disruptions. This session will critically examine these gaps – network, identity, endpoint, and cloud security – and demonstrate how a fundamental shift in security focus towards the browser is required.

DevOps is representative of the fundamental cultural shift in coding towards performance: high performing teams, and high performing code. Security was never a primary consideration. DevSecOps represents the reality that DevOps must grow to encompass security. Eventually, performant code will mean secure code by default – but we’re not there yet. The question is, how do we get there? And more importantly, how do you and your organization take steps to get there today?

How to align the traditionally opposing cultures of cybersecurity and software development?

What does “good DevSecOps” really look like?

What requirements DevOps teams should consider when adding security tools to their pipeline and making the shift from DevOps to DevSecOps?