Agenda

Date and Time	Title
Dec 13, 2023 9:00am - 9:55am (Pacific)	[Opening Keynote] Privacy Update: Sorting Surveillance Benefits from Harms in an IoT World Tracking technologies are proliferating at an increasingly high rate in apps, IoT devices, websites, and in a wide range of files. They are not only impacting privacy in wider and more harmful ways, but they have also extended far beyond the digital world and are also impacting physical safety. Such tools can certainly be very beneficial, when used responsibly and with informed awareness of the cybersecurity and privacy risks. However, when they are used without establishing technical and non-technical boundaries, and without taking risk mitigation actions, the associated surveillance activities can, and have, brought physical harms. I was an expert witness for a case a couple of years ago involving a stalker’s use of his victim’s smart car to find and almost fatally assault her. I’m currently an expert witness for two separate cases involving the use of Meta Pixels, Conversion APIs, cookies, and other types of tracking tech for surveillance of online activities. Virtually daily there are news articles reporting privacy invasions by digital trackers, drones, security cameras, and more. I will provide several real-life use cases, and provide discussion for the technical and non-technical capabilities that possibly could have been identified through risk assessment activities prior to making such products publicly available and informed the needed associated security and privacy capabilities, that would have supported privacy and cybersecurity protections and physical safety.
Dec 13, 2023 10:00am - 10:52am (Pacific)	Threat Intelligence: Industrialization of Cyber Fraud and AI The presentation will cover the Secret Service’s view on current cybercrime trends to include the emergence of AI/ML in the cybercrime world. Investigator Dougherty will frame it in the lens of BEC (Business Email Compromise) and discuss the new and emerging advancements cybercriminals are using to victimize businesses in 2023 and beyond. Investigator Dougherty may even share a a deepfake of himself.
Dec 13, 2023 10:00am - 10:54am (Pacific)	PAM Back to Basics With so many high-profile breaches accomplished through compromising passwords on privileged accounts, PAM is a top priority for organizations of all sizes. Join Delinea’s Chief Security Scientist Joseph Carson, as he takes you on a brief journey through the PAM lifecycle to get you quickly up to speed and understand the PAM matrix of all the different types of privileged accounts that exist across all your different IT domains, often referred to as your privileged account attack surface.
Dec 13, 2023 11:00am - 11:40am (Pacific)	Insider Threat: Clever Tactics Your Adversaries Use to Infiltrate Your Organization The insider threat landscape continues to evolve and change. Organizations can expect to see increases in volume and severity. To achieve their goals, threat actors will use complex activities and recruitment strategies to achieve their goals. In order to anticipate and prevent insider threat, you need to know their activities and recruitment strategies!
Dec 13, 2023 11:00am - 11:38am (Pacific)	Secure by Default: Evolving Security Expectations CISA recently released their paper on “Secure by Design, Secure by Default” software that has support from seven major governments. It is meant to make significant, achievable improvements in software security. We will discuss the Secure by Default concept, why it is important, and what customers and vendors can do about it today.
Dec 13, 2023 12:00pm - 12:55pm (Pacific)	Safeguarding Ethical Development in AI and Other LLMs A Comprehensive Approach to Integrating Security, Psychological Considerations, and Governance
Dec 13, 2023 12:00pm - 12:57pm (Pacific)	[Panel] Security on the Horizon: Current Threats and Future Projections With the rapid advancement of technology, the ever-expanding digital footprint, and the sophistication of cyber adversaries, understanding current threats is crucial for developing proactive defense strategies. This panel will bring together experts and thought leaders to discuss the state of cybersecurity, analyze prevalent threats, and forecast potential cyber threats and trends for the coming year. By examining the latest tactics, techniques, and procedures used by threat actors, and leveraging collective expertise, the panel endeavors to provide actionable insights to bolster cyber resilience and safeguard critical digital assets in the face of evolving cyber threats. Join our panel and get actionable items that you can start doing now!
Dec 13, 2023 12:00pm - 12:31pm (Pacific)	Debate: Does the Profit Motive of Vendors Make Security Harder for CISOs? In the intricate landscape of cybersecurity, the role of vendors cannot be overstated. Undoubtedly, they play a crucial role in advancing technology to fortify our digital defenses. However, the looming question persists: are these advancements driven solely by the pursuit of security, or is there an ulterior motive at play? Delve into the complexities as our esteemed panelists share their candid opinions on whether the profit motive may compromise cybersecurity’s very essence. Does the industry’s financial agenda hinder those who should be at the forefront of safeguarding our digital realms? Don’t miss this insightful dialogue that promises to unravel the dynamics between profit motives and the challenges CISOs face in their mission to ensure robust cybersecurity.
Dec 13, 2023 1:00pm - 1:35pm (Pacific)	Emerging Human Risk Trends of 2023 Keeping up to date on real-world cyber threats is an important part of understanding the evolving landscape of cyber-attacks and preventing your next big breach. In this webinar, the Hoxhunt Threat team recaps some of the biggest threats they’ve seen so far in 2023 and showcases the results of a recent QR phishing experiment. Then, experts explain how to shape your cybersecurity agenda based on threat insights.
Dec 13, 2023 1:00pm - 2:00pm (Pacific)	Mitigating AI Risks: New Solutions to Address AI/ML Liability 2023 has seen the emergence of class action lawsuits filed against businesses for their use of AI/ML technologies. Other actions are sure to follow as plaintiffs firms find novel ways to fit the use of AI tools into existing legal regimes prohibiting discrimination and requiring product safety, transparency and fairness. This presentation will give an overview of some of the litigations and enforcement actions seen in the AI/ML space to date, with legal strategies for how businesses can work to develop a legally defensible compliance program, including AI assessments, in line with emerging AI regulatory and risk management frameworks. The presentation will feature Philip Dawson from Armilla Assurance, the first company to offer a warranty product backed by major insurers that seeks to verify and warrant certain features of an AI tool.
Dec 13, 2023 2:00pm - 2:40pm (Pacific)	Lessons from a CISO: Increasing Your Cybersecurity Footprint Despite Worn Soles In a time of decreasing budgets, CISOs are increasingly faced with the challenge of doing more with less. In this informative keynote, Michael Gregg discusses how he grew his state’s cyber coverage from 25,000 to 250,000 endpoints. Learn how he optimized SOC operations and embraced AI to increase efficiencies and improve response times while reducing costs.
Dec 13, 2023 2:00pm - 2:35pm (Pacific)	A Whole Lotta BS (Behavioral Science) About Cybersecurity Let’s be honest: people can frustrate us. They don’t always do the things we’d like, and they often do some things we’d rather they didn’t. New research from the National Cybersecurity Alliance reveals insights about the public’s attitudes and beliefs about security. We’ll explore the 2022 “Oh Behave! Cybersecurity Attitudes and Behaviors Report,” and some of the findings may surprise you! We’ll also give you practical, actionable advice on how you can better communicate to influence the behavior change you want to see.
Dec 13, 2023 2:00pm - 2:30pm (Pacific)	Triad of Trust: Executive, Vendor, and Team Dialogue in Risk Management Explore the intricacies of what it takes to achieve risk-resilient communication within your organization’s framework. Learn how a collaborative dialogue between executive leadership, cybersecurity teams, and vendors fosters a unified front against emergent security risks. Expand your knowledge towards attack surfaces and the pivotal role of XDR technologies and Zero Trust Architecture in managing and mitigating risks.
Dec 13, 2023 3:00pm - 3:55pm (Pacific)	[Closing Keynote] Cyber Intel Briefing