Milwaukee Cybersecurity Conference

For over two decades, “Shift Left” has shaped how organizations build secure software – moving testing earlier in development to catch vulnerabilities before release. It was the right idea at the right time, but today’s application ecosystems are far more complex and constantly under attack. Nation-states and sophisticated cybercrime groups have intensified the threat landscape, and with AI lowering the barrier to entry, even less-skilled actors can launch advanced attacks at scale. This session explores how the original principles of Shift Left must evolve into continuous assurance, where prevention, detection, and protection work together across the entire lifecycle.

What if a single control could eliminate most of your cybersecurity risk—would you use it?

Cyber insurers consistently point to legal liability as your greatest exposure. The best predictor of post-breach legal costs isn’t the breach itself—it’s whether you can prove your cybersecurity program was reasonable.

Reasonableness doesn’t mean perfection. It means showing you made balanced, cost-justified decisions to reduce risks to the public as well as your business. Regulators and litigators evaluate how much you invested relative to the risks you sought to prevent. When a breach happens, they’ll find weaknesses—but what matters is whether your program was built to achieve fair, defensible outcomes.

Today, regulators increasingly define “reasonable” cybersecurity as: Safeguards that reduce risk to the public without being more burdensome than the risk itself.

Chris will walk you through how to break free from compliance checklists and maturity scores—and instead build a defensible risk management program that can withstand attackers, auditors, and attorneys.

Threat actors are weaponizing your organization’s OSINT through AI models to generate personalized and polymorphic phishing attacks and payloads at unprecedented scale and minimal cost. This session exposes how adversaries scrape publicly available data and leverage it to create dynamic phishkits that evade traditional email security defenses. We’ll examine real-world phishing examples that made it into enterprise mailboxes, the data sources that are most often being exploited, and provide actionable strategies to identify, monitor, and reduce your digital footprint and detect and mitigate AI-generated campaigns before they compromise your organization.

As the current threat landscape continues to evolve, we have learned a lot of hard lessons across the cybersecurity industry. This session will study the intersection of risks and threats while studying a collection of examples of high-profile security breaches in the last 3 years. The sophistication and persistence of threat actors and the successes they have had calls for a different approach, one that addresses mitigation of both risks and threats. Finally, we will conclude with an in-depth case study of a recent breach to see how this unique approach could have mitigated the attack

We often talk about threats in terms of dollars lost, data stolen, or headlines made. But the real threat lives deeper—in the structure, the strategy, and the growing ambition of the actors behind the screen. Today’s cybercriminals don’t just encrypt files; they build economies, launder, influence, and forge alliances that stretch across borders and industries. In this talk, we’ll peel back the layers of modern cybercrime and explore how loosely affiliated hackers have evolved into organized syndicates. These groups operate more like multinational corporations than rogue disruptors—complete with HR departments, recruitment pipelines, insider relationships, and state protections.

The Domain Name System (DNS) is often called the “phonebook of the internet”—but beneath its surface lies a complex and increasingly exploited attack vector. In “Behind the Name: Unmasking DNS Threats,” we’ll peel back the layers of this foundational technology to expose how cybercriminals are leveraging DNS for data exfiltration, command-and-control, phishing, and more.

• This session will explore real-world DNS threat scenarios, the latest trends in DNS-based attacks, and the often-overlooked vulnerabilities that can compromise even the most secure environments. Attendees will gain insights into:
• How DNS is weaponized in modern cyberattacks
• Techniques for detecting and mitigating DNS abuse
• The role of DNS security in a zero-trust architecture
• Best practices for securing DNS infrastructure

Whether you’re a security professional, IT leader, or simply curious about the hidden risks behind everyday internet activity, this talk will equip you with the knowledge to better defend your organization.

The age-old complaint in security engineering is that “big ideas die in the backlog.” Lengthy discovery, design, and coding cycles smother urgency—especially when threats are evolving faster than releases. Enter AI-first development, where language models collapse friction at every step of the SDLC and let small teams translate concept into running code in hours, not quarters. This talk tells the inside story of how we built a working Al Assisted Alert Agent & an Insider Threat & Fraud Detection module in a couple afternoons—then generalized the method into a repeatable playbook any security team can copy.

In today’s threat landscape, breaches are no longer rare events—they’re a reality. While preventing every intrusion is unrealistic, limiting its impact is achievable. This session explores how microsegmentation serves as a foundational control in implementing Zero Trust, helping organizations contain attacks and maintain business continuity.

Microsegmentation enables security teams to isolate workloads, users, and devices by creating fine-grained security zones across IT, IoT, and OT environments. When applied correctly, it prevents unauthorized lateral movement and reduces the blast radius of cyberattacks—especially crucial in hybrid and legacy infrastructures.