Pittsburgh Cybersecurity Conference

Thursday, June 5, 2025

Pittsburgh Marriott City Center

Parking/Directions

Hybrid

Join Us in Pittsburgh for the Futurecon Cybersecurity Event!

Hear from our esteemed speakers while gaining up to 10 CPE credits. Immerse yourself in the latest cybersecurity developments to gain valuable insights in today’s dynamic threat landscape. Learn how to effectively manage risk, demo the newest technologies from an array of different sponsors, and network with your local community.

Don’t miss our special ceremony recognizing our honorary attendees receiving an Award of Excellence!

Join us live for breakfast, lunch, and a wrap up cocktail happy hour!

 

Sponsors

Premier Platinum Sponsors

Platinum Sponsors

Gold Sponsors

Silver Sponsors

Partner

“Cybersecurity is no longer just an IT problem”

Photo of a panel discussion.

FutureCon Events brings high-level Cyber Security Training to C-suite executives and CISOs (chief information security officers).

Join us for a day with multiple illuminating presentations and a panel discussion featuring C-level executives who have effectively mitigated the risk of Cyber Attacks, demo the newest technology, and discover the cutting-edge security approaches to prepare you for the future of the Cyber World.

You will gain the latest knowledge you need to enable applications while keeping your computing environment secure from even the most advanced Cyber Threats. Interact with the world’s security leaders and your peers to gather details on other pressing topics of interest to the information security community.

Photo of people mingling at a conference.

Have questions? Check out the FAQ.

Agenda

Times are subject to change

8:00 am

Opening Introductions | Check In | Networking

Presentation

8:45 am

Weaponizing DNS to Defend the Enterprise

DNS is trusted by default in the enterprise. Threat actors continually exploit this to gain access or initiate command & control.  Learn how DNS can go from being a connectivity oriented zero trust nightmare to the first line of defense in the enterprise. 

DNS is trusted by default in the enterprise. Threat actors continually exploit this to gain access or initiate command & control.  Learn how DNS can go from being a connectivity oriented zero trust nightmare to the first line of defense in the enterprise. 

Bio

Colby Hoefer

Cybersecurity Specialist Infoblox

Sponsored by

Presentation

9:15 am

Rebuild Your Software Security Program from the Breach Up

Current security models are failing to keep up with the speed, complexity, and scale of modern software. Security professionals are doing their jobs—and yet, attacks still get through. In this session, hear the story of four people caught in the aftermath of a breach: a developer, a SecOps lead, an read more…

Current security models are failing to keep up with the speed, complexity, and scale of modern software. Security professionals are doing their jobs—and yet, attacks still get through. In this session, hear the story of four people caught in the aftermath of a breach: a developer, a SecOps lead, an AppSec engineer, and a compliance officer. All working in good faith. All stuck in a broken system.
This talk will introduce a new blueprint for modern software defense, modeled on the smartest of cities that have instrumented infrastructure to see, adapt, and respond in real time. Walk away with a prescriptive framework – based on context, coordination, and culture – that teams can use to stop guessing and start defending.

Bio

Naomi Buckwalter

Senior Director of Product Security Contrast Security

Sponsored by

Presentation

9:45 am

Rapid AI Prototyping

The age-old complaint in security engineering is that “big ideas die in the backlog.” Lengthy discovery, design, and coding cycles smother urgency—especially when threats are evolving faster than releases. Enter AI-first development, where language models collapse friction at every step of the SDLC and let small teams translate concept into read more…

The age-old complaint in security engineering is that “big ideas die in the backlog.” Lengthy discovery, design, and coding cycles smother urgency—especially when threats are evolving faster than releases. Enter AI-first development, where language models collapse friction at every step of the SDLC and let small teams translate concept into running code in hours, not quarters. This talk tells the inside story of how we built a working Al Assisted Alert Agent & an Insider Threat & Fraud Detection module in a couple afternoons—then generalized the method into a repeatable playbook any security team can copy.

 

Highlights:

– Rethink Development Cycles – AI-assisted competitive analysis, ROI modeling, architecture drafting, and test generation—each shaved from weeks to minutes.

– Vibe Coding in practice – how “prompt-to-prototype” workflows boost individual throughput 30–40 % and democratize coding to non-developers Business Insider.

– Model Context Protocol (MCP) – an open standard that plugs LLMs into live telemetry and knowledge bases, turning context wiring from weeks of API work into minutes of config Home.

– Multi-model evaluation on AWS Bedrock – side-by-side scoring that lets you A/B test foundation models, RAG pipelines, and guardrails before a single line hits main Amazon Web Services, Inc.

Bio

Seth Williams

Field CTO - Partners Sumo Logic

Sponsored by

10:15 am

Sponsor Networking Time

Visit Sponsor Booths – find amazing people, information, and prizes! Get updated on the latest technologies!

Visit Sponsor Booths – find amazing people, information, and prizes! Get updated on the latest technologies!

Presentation

10:45 am

Trust but Verify? The Risks Lurking in AI-Generated Code

As AI-powered coding assistants become more prevalent, developers are increasingly incorporating AI-generated code snippets into their projects. But the last Dora report made it clear: there is a 7.2% drop in delivery stability for every 25% increase in AI use. In this session, we’ll explore the risks AI-generated code has read more…

As AI-powered coding assistants become more prevalent, developers are increasingly incorporating AI-generated code snippets into their projects. But the last Dora report made it clear: there is a 7.2% drop in delivery stability for every 25% increase in AI use.

In this session, we’ll explore the risks AI-generated code has on development environments. From quality issues to outright security vulnerabilities, we’ll break down real-world examples of how AI-generated code can introduce security flaws, compliance issues, and reduce overall code quality.

Key takeaways include:

• The pitfalls of AI-generated code regarding code quality and security.

• How blind implementation of GenAI code can lead to increased technical and security debt.

• Why traditional reviews often fail to catch AI-induced issues.

• Best practices for validating, securing, and integrating AI-generated code responsibly.

Join us for an engaging session where we go beyond the hype and take a critical look at the risks, while offering actionable strategies to mitigate them—without stifling innovation.

Bio

Jerome Robert

Chief Executive Officer Symbiotic Security

Sponsored by

Presentation

11:15 am

Today’s Threat Landscape Requires a Unique Solution

The convergence of IT and OT networks has significantly broadened the cyber threat landscape, exposing critical infrastructure to new vulnerabilities. Legacy OT systems, often lacking modern security controls, are now accessible through interconnected networks, increasing risk. To counter these threats, organizations must achieve full visibility of all networked assets using read more…

The convergence of IT and OT networks has significantly broadened the cyber threat landscape, exposing critical infrastructure to new vulnerabilities. Legacy OT systems, often lacking modern security controls, are now accessible through interconnected networks, increasing risk. To counter these threats, organizations must achieve full visibility of all networked assets using advanced discovery and monitoring tools. Equally vital is the implementation of automated threat response system- that enable rapid detection, containment, and mitigation of cyber incidents, enhancing overall resilience and security.

Bio

Eric Vanderbur

Solutions Architect, Global Alliances and Partners Forescout Technologies, Inc.

Sponsored by

11:45 am

Sponsor Networking Time

Visit Sponsor Booths – find amazing people, information, and prizes! Get updated on the latest technologies!

Visit Sponsor Booths – find amazing people, information, and prizes! Get updated on the latest technologies!

12:00 pm

Lunch

Keynote

12:15 pm

Can you secure it all? How protecting a University from cyberattacks can educate others!

Bio

Tom Dugas

Associate Vice President/Deputy CIO/Chief Information Security Officer Duquesne University
1:15 pm

Sponsor Networking Time

Visit Sponsor Booths – find amazing people, information, and prizes! Get updated on the latest technologies!

Visit Sponsor Booths – find amazing people, information, and prizes! Get updated on the latest technologies!

1:45 pm

Building a Response Strategy

Presentation

2:15 pm

Cyber Resiliency: Going Beyond Backup

Cyber resiliency is a multifaceted approach that goes far beyond the simple act of backing up data. While backups are a crucial component, they are only one piece of a comprehensive strategy. To truly achieve cyber resiliency, organizations must integrate a range of advanced practices and technologies. This includes not read more…

Cyber resiliency is a multifaceted approach that goes far beyond the simple act of backing up data. While backups are a crucial component, they are only one piece of a comprehensive strategy. To truly achieve cyber resiliency, organizations must integrate a range of advanced practices and technologies. This includes not only backup and backup recovery but also primary snapshot orchestration, which ensures that critical data is consistently protected and can be quickly restored. Additionally, services such as Threat Scan and Air Gap systems provide an extra layer of protection by isolating sensitive data from potential threats. Clean room environments and forensic tools are also essential, as they enable organizations to investigate and respond to security incidents effectively. By understanding and implementing these various elements, attendees will gain a deeper appreciation of what it takes to build a robust and resilient cyber defense.

Bio

Jules Thomas

Sr. Solutions Engineer and Tech Evangelist Commvault

Sponsored by

2:45 pm

Sponsor Networking Time

Visit Sponsor Booths – find amazing people, information, and prizes! Get updated on the latest technologies!

Visit Sponsor Booths – find amazing people, information, and prizes! Get updated on the latest technologies!

Presentation

3:00 pm

Understanding Insider Threats through Human-Centric Analytics

Learn how to defend your organization against insider threats using the latest AI and Psycholinguistics. Insider threats from trusted individuals with legitimate access can cause serious harm through negligence or intent. UEBA, powered by machine learning, helps detect such threats by analyzing behavior and spotting anomalies like privilege abuse or read more…

Learn how to defend your organization against insider threats using the latest AI and Psycholinguistics. Insider threats from trusted individuals with legitimate access can cause serious harm through negligence or intent. UEBA, powered by machine learning, helps detect such threats by analyzing behavior and spotting anomalies like privilege abuse or data theft. Motivations include financial, personal, and geopolitical pressures, but detection is hindered by limited intelligence and context gaps. Enhancing analysis with psycholinguistics and language AI improves accuracy by revealing intent. A proactive, behavior-driven strategy is critical to mounting an effective insider threat defense.”

Bio

Shaun Marken

Senior Sales Engineer Securonix

Sponsored by

Presentation

3:30 pm

Breaking Down Silos: Unify Assets and Minimize Attack Exposure

Fragmented asset visibility creates dangerous security blind spots. This presentation explores how breaking down silos to unify control over managed, semi-managed, and unmanaged assets is crucial for minimizing your attack surface. Learn how to gain comprehensive visibility, prioritize risks, and build confidence in your security posture by establishing a unified read more…

Fragmented asset visibility creates dangerous security blind spots. This presentation explores how breaking down silos to unify control over managed, semi-managed, and unmanaged assets is crucial for minimizing your attack surface. Learn how to gain comprehensive visibility, prioritize risks, and build confidence in your security posture by establishing a unified approach to asset management.

Bio

Adib Sarakby

Channel Sales Engineer Axonius

Sponsored by

4:00 pm

Sponsor Networking Time

Visit Sponsor Booths – find amazing people, information, and prizes! Get updated on the latest technologies!

Visit Sponsor Booths – find amazing people, information, and prizes! Get updated on the latest technologies!

Panel Discussion

4:15 pm

"Securing the Future: CISO Insights and Industry Leaders Discussing Current Cyber Threats and Strategic Defense Practices"

Bio

Jessica Hoffman

Deputy Chief Information Security Officer & HIPAA Security Officer City of Philadelphia
Bio

Steve Rocco

VP, Chief Information Security Officer & Head of IT Infrastructure Matthews International
Bio

John O'Rourke

Global IT Director - IT Security (CISO) PPG Industries
Bio

Jerome Robert

Chief Executive Officer Symbiotic Security
Bio

Naomi Buckwalter

Senior Director of Product Security Contrast Security
5:15 pm

Closing Remarks