Security Concerns & Insights 2022

The risk of cyber conflict is on the rise and these threats are detrimental to the wellbeing of organizations in every industry. Therefore, adopting to a more threat-informed defense approach is critical in eliminating vulnerabilities, strengthening security frameworks, and measuring the efficacy of controls to withstand ransomware and other attacks. By focusing on tools and effective frameworks, such as MITRE ATT&ACK, IT teams will be able to successfully map TTPs back to the threat source that deployed them and ultimately eliminate gaps in security.

Join this insightful opening keynote which will discuss:

• How to use a quantitative risk assessment framework to identify which threats pose the biggest risks to your organization
• Developing ways to simulate threats so metrics can be assessed for an organization to properly prepare for a real-life cyberattack
• How to analyze the data to identify any deficiencies and possible changes that could be implemented to improve security

Christopher Frenz

Information Security Officer & AVP of IT Security

Mount Sinai South Nassau

Today, APIs help enable business growth. They are the connective tissue that powers digital transformation. Their adoption is widespread, with businesses continually opening API access to more partners, applications, mobile apps, and IOT devices. But how are organizations expected to protect this ever-changing API estate? How do you know what is good and bad behavior on each API your organization uses? This API blind spot is becoming the biggest security problem for today’s businesses.

In this talk you will learn:

• The scope of the business problem of API abuse
• Where traditional security products fail
• How mature your organization is on understanding API security issues
• How to prepare your organization and adopt API security best practices

Giora Engel

Chief Executive Officer & Co-founder

Neosec

The digital landscape is continuously evolving, including advancements in remote and hybrid work models, which creates more vulnerabilities to ransomware and cyber-attacks. Staying abreast to the newest security trends and implementing improved cloud solutions to protect critical data is essential for businesses looking to increase safe accessibility from anywhere, any time. However, it is crucial that organizations continue to address potential security issues in regard to cloud services prior to implementation.

Join this panel discussion, which will address:

• Cloud security posture management (CSPM) as a top priority for 2022
• How to accommodate remote workers while addressing potential risks and vulnerabilities from unknown threats
• Benefits and challenges of public and private cloud solutions, as well as alternative services

Moderator:

Syed Khan

Senior Director, Information Security Tools, Platforms and Products

Blue Cross and Blue Shield of Illinois, Montana, New Mexico, Oklahoma & Texas

Panelists:

Dr. Angela Davis Dogan

Associate Director IT | Cloud Computing

Kyndryl

Edward Ray

vCISO

NetSec Consulting

Andrew Stone

Chief Technology Officer, Americas

Pure Storage

CISOs are extremely resilient leaders, but a common challenge they may face is social engineering and the inability to decrease these specific scams. Humans are creatures of habit and manual error is bound to happen, especially as cyberthreats increase and cybercriminals target susceptible people. It can be easy to forget not to click that seemingly normal email from your “CEO”, and cybersecurity leaders must be prepared for careless mistakes.

In this keynote presentation, you will learn:

• How cybercriminals are targeting employees through specific attacks and duping them into clicking on dangerous links
• Addressing the potential risk of human error and how to properly educate employees to limit mistakes
• Successful tools to use when training organizations on risk management and cybersecurity protocols

Dr. Jason Gamage

Chief Information Security Officer and Managing Director MEA

Goldilock

Security awareness training remains a top priority for cybersecurity teams. In order to combat cyberthreats, ransomware attacks, and infiltration, organizations must continue to train their employees on how to detect scams and avoid falling for suspicious criminal tactics. Strengthening employee awareness is an ongoing obligation, especially due to the flexibility of remote work and new dangers.

Join this panel discussion, which will address:

• Conducting simulated attacks to train employees on proper security awareness
• How to develop best practices to address threats and strengthen security in a remote-work environment
• The importance of upskilling, reskilling, and continuous development training for all employees to avoid security breaches

Moderator:

Robin Smith

Head of Cyber and Information Security

Aston Martin Lagonda

Panelists:

Terry Griffith

Global Director Counter Threat Unit

Royal Caribbean Group

Erin Logue Smith

Cyber and Compliance Practice - Data Protection Solutions, Global Technology Office

Dell Technologies

Brian Sanders

Network Intrusion Forensic Analyst (NIFA)

United States Secret Service