InfosecWorld2020Digital 2020 June 22, 2020 to June 24, 2020, Virtual, Virtual

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Opening Keynote: Leaders Needed: Preventing the Next Big Breach Jamil Farshchi The roster of companies suffering massive cyber breaches keeps growing and the headlines are almost ...
Technical Session: Migrating Legacy Applications to Containers Paul Asadoorian N/A
Case Study: 7 Layers of Container Insecurity - Ben Tomhave N/A
Panel: Container Security in a Serverless World Paul Asadoorian , John Kinsella , Manish Gupta , Jason Curtis N/A
Case Study: Scanning Containers for Open Source Vulnerabilities Jason Curtis N/A
Technical Session: Overcoming the Challenges to Insert Security into Every Pull Request Manish Gupta N/A
Technical Session: How Do You Orchestrate Security? John Kinsella N/A
Tales from the Trenches: A First-Hand Look at the Cybersecurity Landscape Kevin Ricci Cybersecurity strengths and weakness by industryThe percentage of businesses that have met their compliance requirementsHow ...
Everything You Wanted to Know About Security Evangelism But Were Afraid to Ask James Mcquiggan This structured and detailed framework shares how to become an effective security evangelist. Breaking down ...
Threat Modeling: Start Early Letitia Davis In this session we will take a look at the Threat Modeling process and how ...
How to Stop Fearware: Using Cyber AI to Defend the Inbox Dan Fein As organizations around the world have shifted to remote working, security teams are struggling with ...
Cyberlaw Year in Review: The Human Element Becomes Critical Steve Black At the root of all cybersecurity issues is the human element -- whether you’re talking ...
Cybersecurity Controls: Keeping Enterprise Risk on Track Tony Holmes If we are ever going to make large-scale progress in cyberdefense, we must recognize that ...
Increasing Efficiency and Effectiveness with One-Off Tools and Scripts Tim Krabec Non-IT professions use standard tools, masters of these professions use one off and custom tools ...
You’ve Been Pwned… But Your Customers are the Target Christopher Hickernell In January 2019, the Wall Street Journal published an article that reconstructs what it called ...
Security Awareness How-To’s: Building an Enterprise Security Awareness Program from the Ground Up Rex Sarabia Rex SarabiaProviding context: details of unique organization and/or challengesMVP: the minimum needed for an effective ...
Security Driven Networking & Getting Security Right Jonathan Nguyen-duy The pandemic has accelerated and compounded security and digital transformation challenges. The shift to contactless ...
Developing an Effective Insider Threat Program: Automating the Detection of Risk Indicators Randall Trzeciak Developing an effective enterprise-wide security program must include the mitigation of the risk posed by ...
Stop Ransomware with Speed and Precision Eric Mccarty Ransomware attacks cause major business disruptions resulting in significant time expenditures, technical resources, and related ...
Ransomware and Extortion Incidents: Understanding the Legal Landscape Will Daugherty As ransomware and extortion incidents become more frequent and complex, it’s critical to understand the ...
Information Security Frameworks and Control Catalogs: Differences, Selection, Implementation Troy Delung In today’s environment we have multiple Information Security Frameworks (ISO/IEC 27001, NIST CSF, COBIT, etc.) ...
The Assumption of Compromise Paradox: A Focus on Exfiltration Detection & Prevention Gabriel Gumbs CISOs have rightfully assumed a worldview which includes assuming that a determined and well-resourced attacker ...
Live Attack Response: Calculating the Human Cost of Security Anthony Fox Over the past five years, organizations like yours have made enormous investments in cybersecurity. Yet ...
Great Application Security Requires Mind(set) Over Matter Manish Gupta We are at an inflection point in the practice of application security. DevOps, the conjoining ...
Beyond the Dark Web: What Will They Think of Next? Rachael Mastovich This session will talk about the newest trends on the dark web, and what, if ...
5G, Apps, Bots, IoT, AI, the Cloud & the Upcoming Cyberwars! Eddie Doyle N/A
Bringing Cybersecurity & Privacy Together through NIST Frameworks Kelly Hood NIST recently released the draft Privacy Framework to help organizations manage risk imposed by holding ...
Hacking Firmware: The Unprotected Attack Surface of the Enterprise John Loucaides Hackers are using firmware implants and backdoors to compromise enterprise security with attacks that are ...
When MFA Goes Wrong, And How To Set It Right Zoe Lindsey With more than three decades of use, MFA is a proven method to reduce the ...
Managing Cybersecurity and Privacy Risks in IoT Paul Rohmeyer The Internet of Things (IoT) is rapidly extending on a global scale via applications that ...
Digital Certificates 101 Julie Bergh Do terms like public/private keys, HTTPS, authorization tokens, and signing authorities confuse you? You don't ...
Cybersecurity... Past, Present, and Future… Josh Novak Cybersecurity is fast and constantly evolving. The threat actors have been targeting the theft of ...
Cracking the Cyber Liability Code Sean Thomas Recent incidents emphasize how CISOs can be held accountable for cyber-related events, which may be ...
Security Orchestration Is Not About Tools Wilson Bautista Establishing a cyber intelligence capability is not an easy feat to achieve, as many organizations ...
Gathering of the Vulnerability Wranglers 2.0 (PANEL) Jake Kouns , Jonathan Cran , Adrian Sanabria , Mark Arnold , Alex Moss As vulnerabilities scale, the art of vulnerability wrangling in response has been forced to evolve. ...
An Anatomy of a Targeted Persistent Attack (TPA) on Commercial Routers and Means to Mitigate Yoni Kahana Routers are notorious for their vulnerability and susceptibility to attack; there’s been a 539% increase ...
Panel: How Our Boards Measure Our Security Programs Robb Reck , Sam Masiello , Kenneth Brothers , Stephanie Goetz , Carol Quillen This panel will have practitioners sharing their achievements with different methods of measuring their security ...
Risk Exchanges: The Key to Vendor Risk Management Efficiency Randy Ferree Your vendors often handle your most sensitive data. This presents new challenges as third-party risk, ...
How PKI and SHAKEN/STIR Will Fix the Robocall Problem Mark Cooper The Federal Communications Commission (FCC) estimates robocalls will constitute more than half of all phone ...
Beyond the Curve: Visualizing Tomorrow Jimmy Sanders Rapid change is happening in every sector of the technology industry. The security industry is ...
Protecting Your Blindside Tim Callahan The most dangerous thing for an organization and the CISO is what you don’t know: ...
Raising the Red Flags in Cyber Risk and Keeping Ahead of the Competition Rob Clyde You know the scenario: you have allotted agenda time to explain complex cyber risk to ...
Cybersecurity Metrics and the Balanced Scorecard Keyaan Williams The best way for security to align with the business is to speak their language. ...
Developing the Leader Within You! Joshua Washington Learn how to influence your team to follow your lead and achieve results. This session ...
Creating a Results Oriented Culture: By Measuring What Matters Jack Pollock Execution is everything. How simple goal setting with clear objectives and key results that are ...
Overcoming Day-to-Day Challenges for Security, IT Risk and Privacy Workers Jari Desai Workers in the area of Security, IT Risk and Privacy have extremely important roles that ...
Running a Remote SOC Neelima Rustagi As our workforce transitions to remote work, we know this is a critical time for ...
Can We Really Change Security Culture? Kelly York The buzz phrase of the day seems to be “changing culture through awareness and education.” ...
Colliding Worlds: Strategies for IT, OT, and IoT Convergence N/a The processes and technologies of IT, OT, and IoT emerge from very different worlds, with ...
Hacking Your Security DNA J.j. Thompson When we’re talking about the cyber threat landscape, there’s really only one prediction that is ...
How to Patch "Stupid" Ira Winkler Whenever a user makes a mistake and causes damage, security professionals declare the user naive, ...
Exposing Speculative Execution Side Channel Methods: What You Should Know and What You Should Do Antonio Maña Gomez Speculative execution side channel methods have received significant attention from the media, security professionals, computing ...
Malware and Machine Learning: A Dangerous Combination? Nicholas Takacs Viruses and malware continue to evolve at an increasing pace, forcing security practitioners to try ...
The Psychology of Social Engineering – The “Soft” Side of Cybercrime Diana Kelley The psychology behind Cialdini’s 6 Principles of PersuasionTips and recommendations that leverage the power of ...
To Design Securely, You Have to be Able to Measure Your Security Winn Schwartau To design security environments and to defend our networks, we must be able to measure ...
The Modus Operandi of EV Certificate Fraudsters: Findings from the Field David Maimon New research results show the prevalence and value of SSL/TLS certificates on the dark web, ...
ISSA/ESG’s 4th Annual Research Survey on the Cybersecurity Profession – Is It Getting Better? N/a In this session, the ISSA International President will review the challenges faced in 2019 in ...
An Offensive Approach to Managing Your Third-Party Risk Tim Callahan Most organizations have a third-party risk problem. Learn how Aflac redesigned its Third-Party Management Program ...
Getting the Most Out of Your Covert Physical Security Assessment: A Client’s Guide Brent Roberts As physical penetration testers, it's important to have that discussion with clients to help them ...
Keynote: History Doesn’t Repeat, It Rhymes – Operationalizing Security in the DevSecOps Era Badri Raghunathan Every technology transition is unique, exciting and different. Yet, what is common is that security ...
Cyber + Traditional Security Program Integration Ed Kaufhold Organizational principles to support Cyber + Traditional (C+T) security integration objectivesCommon indicators revealing a lack ...
BEC Isn’t A Security Issue, It’s a Social Engineering Issue – That AI Can Solve Ken Liao Business Email Compromise is often thought of as an inevitable security issue, and employees viewed ...
Delivering Secure Code Faster David Lindner As application security professionals we are commonly coming up with new approaches to help secure ...
Training Your Employees on Safeguarding Your Organization Ana Roldan Cyber security awareness training is essential knowledge that enterprises can’t afford to overlook. Security awareness ...
Five Things That Matter David Kennedy This session dives down into the five things that matter when it comes to information ...
Case Study: Performing a Global IT Risk Assessment Rolando Negron-nieves Over one year ago, Party City embarked on conducting a global top-down IT Risk Assessment ...
New Attack Patterns: Targeting the Keys to the Kingdom Derek Melber Attackers are changing their attacks and organizations are not prepared. As many organizations are still ...
Rise of the Machines – The Importance of Security Automation Laurence Pitt Every day we are woken up by a connected alarm, perked up by the automated ...
Security Awareness and the Landscape of Emerging Threats Maritsa Bogan Three years ago, our security awareness program consisted of a few videos on a website ...
Mitigating at Design Time Shaun Lamb A secure application architecture not only prevents vulnerabilities in the initial release but also reduces ...
Foes, Fixes, & Foundations: Trending Threats and Proper Responses for 2020 Neil Wyler N/A
Level Up! Business Communications Strategies to Advance and Lead Projects with Precision Shakira M. Brown Being an information technology security practitioner comes with a myriad of communication responsibilities throughout the ...
The vCISO Journey: So You Want to be a vCISO? Dominic Vogel Ever wondered what value a vCISO brings? When does it make sense to leverage a ...
Protect Your Data and the Air Gapped Network Thad Wellin Learn how to protect data that organizations can't afford to lose. This session will share ...
Real World Intelligence and Global Cybersecurity Threats Mark Brooks In an age where the emerging connectivity of the global system is accelerating access for ...
Stranger Things in the Cloud: How Do We Stop Breaches? Roger Ofarril The race to the cloud is on full force. As enterprises fast-track their cloud adoption, ...
CSS2 Enabling a Cloud Security & Operating Model Rob Lamagna-reiter Organizations have also realized they need to realign their IT skillsets & culture to take ...
A Live Simulation of an Advanced Cloud Misconfiguration Exploit Josh Stella The leading cause of data breaches in the cloud aren’t application or OS vulnerabilities--it’s cloud ...
Cloud and Container Audit-Compliance Considerations Trip Hillman What is a containerWhat is OrchestrationHow is it differentWhy does that matterTop 5 considerations for ...
Internal Controls in the Cloud Ryan Mackie Moving to the cloud, whether it is IaaS, or SaaS, is nearly inevitable in the ...
Securing your Cloud and Your SaaS: 6 Practices to Beat Hackers and Satisfy Regulators Tony Pietrocola Cybercriminals have expanded every company’s attack surface by attacking networks, cloud, SaaS, chips, IoT, mobile ...
East vs West: How the Coasts Approach Information Security Differently Sourya Biswas In my experience as an information risk and security consultant, I've had the opportunity to ...
People are the Perimeter: Understanding How All of Us Affect Cyber Risk Malcolm Harkins Based upon Malcolm Harkins book Managing Risk and Information Security he will delve into one ...
Agile Security Patching Michael Hoehl Security Patch Management is one of the biggest cybersecurity and compliance challenges for IT organizations ...
Challenging Insider Threats: Cyberspace Insider Threat Triage (CITT) Plan Velma Latson A systematic review of a research study explored crisis management in cyberspace where crises occur ...
Risky Business: Is Your Cybersecurity on Cruise Control Brittany George This session discusses cyber security risks and mitigation strategies to improve management’s security position. Learn ...
How to Implement the “Triangle” of Network Security Management Ryan Rodrigue As a Cybersecurity professional you spend a lot of time on the persistent threats, but ...
Closing Keynote: CISO Perspectives: Developing A Cyber Strategy for Post Quarantine Return To Work Todd Fitzgerald , Joseph Johnson , Annette Harris , Benjamin Corll The COVID-19 Pandemic caused IT departments to scramble as they were forced to move large ...