RSAC 2021 May 17, 2021 to May 20, 2021, San Franciso, USA

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Adapt to the New, Unstable Normal: How to Secure the Roaring 2020s Laura Koetzle <p>This session will outline the talent, tools, and technology needed to secure and protect a ... DevSecOps & Application Security Mobile & IoT Security Protecting Data & the Supply Chain Ecosystem Risk Management & Governance
Faulty Assumptions: Why Intelligence Sharing Fails Michael Daniel Intelligence sharing fails when treated primarily as a technical matter. Threat intelligence consists of more ... Analytics Intelligence & Response
Sherlock and Watson Fight Deep Social Engineering Erin Rivner Sherlock and Watson face a new mystery. Moving from some of their famous adventures such ... Hackers & Threats Human Element
Attack & Defend: Protecting Modern Distributed Applications and Components Jason Ullrich Today's relatively simple applications are often duct-taped together by hundreds of different libraries with external ... Cloud Security & Virtualization DevSecOps & Application Security
As Worlds Collide: Responding to Cyber Events in a Converged IT/OT Universe John Dobbs Industry 4.0 is forcing IT and OT to integrate. The rise in destructive malware attacks ... Analytics Intelligence & Response Human Element Technology Infrastructure & Operations
The Zero Trust Challenge for Hybrid Cloud: Truths vs Myths Bill Malik The hybrid cloud now handles much that was once performed by in-house IT teams, but ... Cloud Security & Virtualization Technology Infrastructure & Operations
Master Class ICT: A Cyber Case Law Review 2021 Julie Aldrich <p>An interactive snapshot of key issues and holdings of recent court cases, this session will ... Protecting Data & the Supply Chain Ecosystem Law Privacy
Securing Tesla and Mobileye from Split-Second Phantom Attacks Ben Nassi , Dr. Mirsky <p>This session will demonstrate how attackers can apply split-second phantom attacks, causing two commercial advanced ... Mobile & IoT Security Machine Learning & Artificial Intelligence
Why Resilience Has Become A Cybersecurity Superpower Lisa Young <p>A dynamic threat landscape and tech-reliant society demand broad perspectives, situational awareness, and continuous learning. ... Professional Development & Personnel Management
Upskilling, Credentials and Soft Skills: Closing the Cyber Workforce Gap Gregory Touhill , Caitlin Mcgaw , Jonathan Brandt Hear about ISACA’s annual State of Cybersecurity survey and the latest trends in cybersecurity workforce ... Professional Development & Personnel Management
Applied MPC Damiano Abram , Daniele Smart <p>This Cryptography session will cover the following topics: Topic 1) Secure Fast Evaluation of Iterative ...
Total Security: Investigative Perspectives from Public to Private Sector Cj Moses , Mary Henry Hear from three former federal agents who now lead world-renowned cybersecurity investigative teams in the ... Analytics Intelligence & Response Human Element Technology Infrastructure & Operations
How to Prioritize in the New Normal Mark Weatherford , Bobbie Stempfley , Mike Griffith 2020 changed many things in the world; the global pandemic impacted every facet of life. ... Analytics Intelligence & Response C-Suite View
WarezTheRemote? Under the Couch, and Listening to You Jj Ziv This session will explore research into Comcast’s XR11 voice remote and how the WarezTheRemote research ... Mobile & IoT Security Hackers & Threats Product Security
Cloud Threat Modeling - from Architecture Design to Application Development Jon-michael Brooks Threat modeling combats the age-old misconception of architects and developers trying to protect everything from ... Cloud Security & Virtualization DevSecOps & Application Security Security Strategy & Architecture
Understanding Impact of Foreign Influence Activities on Research Programs Allen Phelps Foreign influence activities have been targeting research programs worldwide to steal Intellectual Property (IP) assets ... Protecting Data & the Supply Chain Ecosystem Technology Infrastructure & Operations Human Element
What's New with the CIS Controls v8 Randy Eubanks This session will describe the differences between version 7.1 and version 8 of the Center ... Technology Infrastructure & Operations
How to Ruin your SOC in 5 Easy Steps Ben Smith A security operations center (SOC) is full of (expensive) technology and (even more expensive) people, ... Analytics Intelligence & Response
AI-Powered! Or Is It Just Hype?! Anne Hadjimichael Cut through the hype of artificial intelligence (AI)–enabled cybersecurity tools, and learn about a framework ... DevSecOps & Application Security Machine Learning & Artificial Intelligence
Getting Started With SASE: Connect, Control and Converge With Confidence Meg Diaz Digital business transformation and the shift to a distributed workforce are driving networking and security ... Cloud Security & Virtualization
So You Want to Be an Expert Witness Hoyt Topelsohn <p>Do you want to meet more lawyers? Become an expert witness. All litigation involves technology ... Law Professional Development & Personnel Management
Lessons Learned From Taking Justice Remote During the COVID Pandemic Jack Naseem When the COVID pandemic hit, the New Jersey Courts' security team had an important job: ... Risk Management & Governance Cloud Security & Virtualization
Hunt and Gather: Developing Effective Threat Hunting Techniques Tim Bandos Results-driven threat hunting requires a revolving door of strategies and techniques to stay one step ... Analytics Intelligence & Response Technology Infrastructure & Operations
Tales from the Underground: The Vulnerability Weaponization Lifecycle Mayra Rosario Fuentes <p>There is little, if any, research that follows CVEs from zero-day status until “end of ... Analytics Intelligence & Response Hackers & Threats
WAF Made Easy Micah Brown Deploying a WAF is among the hardest IT security projects. It requires implicit trust and ... Cloud Security & Virtualization DevSecOps & Application Security Technology Infrastructure & Operations
Zero Trust, Zero Pain: A Practical Implementation with Intrinsic Security Pere Bass The pandemic exposed gaps in security for enterprises globally. A Zero Trust approach can be ... Security Strategy & Architecture
Demystifying Decentralized Fair Models for Federated Machine Learning Sharmistha Rana The presentation will unveil the art of incorporating fairness into private federated learning, uncovering key ... Protecting Data & the Supply Chain Ecosystem Privacy Machine Learning & Artificial Intelligence
Transformation of the Digital Leader Scott Howitt How do CIOs need to evolve to keep up with changing business conditions? How should ... Professional Development & Personnel Management
Security: The Hidden Cost of Android Stalkerware Lukas Stefanko We will look at our analysis of dozens of Android stalkerware families, which are often ... DevSecOps & Application Security Mobile & IoT Security Privacy
Cryptanalysis I Chao Niu , Lars Venema This Cryptography session will cover the following topics: Topic 1) Noisy Simon Period Finding; Topic ...
Hacker’s Paradise: Top 10 Biggest Threats When Working From Home Paula Januszkiewicz Privacy and security are always top of mind for IT, but never more so than ... Hackers & Threats Technology Infrastructure & Operations Privacy
A Primer: Getting Started with MITRE Shield Dr. Hill Meet MITRE ATT&CK’s younger cousin: MITRE Shield! MITRE InfoSec leaders will dive into Shield, a ... Analytics Intelligence & Response Technology Infrastructure & Operations
Beyond Living-Off-the-Land: Why XP Exploits Still Matter Jean-ian Hromcova Fighting living-off-the-land tactics is already a challenge for defenders, but are organizations ready to face ... Analytics Intelligence & Response Hackers & Threats
Critical DNS & Domain Name Security Intelligence to Thwart Cyberattacks David Shraim Adopting key security protocols for domain names and DNS has become critical with growth in ... Risk Management & Governance Analytics Intelligence & Response Human Element Technology Infrastructure & Operations
Enemy Inside the Gates: Securing the New Battleground Christopher Gillis Every breach reminds us that no matter the perimeter defense, attackers will find a way ... Technology Infrastructure & Operations
Zero Trust in a Post-pandemic World Bret Lefferts Join this lively conversation between Microsoft CISO Bret Arsenault and CVP of Microsoft 365 Security ... Cloud Security & Virtualization
Me, My Adversary & AI: Investigating & Hunting with Machine Learning Jess Garcia AI is changing the world, and Cybersecurity and DFIR are no exception. This pioneering, first-ever ... Analytics Intelligence & Response Machine Learning & Artificial Intelligence
Project 2030: Scenarios for the Future of Cybercrime Dr. Ferguson In 2012, a project led by Europol’s European Cybercrime Centre and Trend Micro sought to ... Mobile & IoT Security Protecting Data & the Supply Chain Ecosystem Hackers & Threats Machine Learning & Artificial Intelligence
How 2020 Vision Has Blurred Attorney Client Privilege in Incident Response Andrea Hoy , Ashley Taylor , Corey Raether <p>As if a global pandemic and the California wildfires were not enough, 2020 gifted us ... Protecting Data & the Supply Chain Ecosystem Risk Management & Governance Analytics Intelligence & Response Law
End the Battle Between Security and Productivity Andrew Holmes Zero Trust (ZT) framework is the modern security architecture blueprint for enterprises that embraces a ... Mobile & IoT Security Cloud Security & Virtualization Professional Development & Personnel Management
Incident Response – How to Give the Advantage to the Hackers! David Christiansen We all understand the essential need for an incident response plan. But what are the ... Analytics Intelligence & Response Hackers & Threats
Due to Less Pollution, Secrets Stored on the Cloud are Now Clearly Visible Jose Soto Transitioning to the cloud has brought new challenges and threats, one specific threat derived from ... Cloud Security & Virtualization DevSecOps & Application Security
Leveraging Human Risk Data to Strengthen Cyber Resiliency Masha Valdez Lack of data and insights into employees' security decisions has limited organizations' ability to be ... Risk Management & Governance Human Element
Hot Topics in Cyber Law 2021 Lucy Thomson , Catherine Barrett , Michael Wu <p>Hot Topics will deliver a practical snapshot of recent developments in cyber policy, law and ... Protecting Data & the Supply Chain Ecosystem Technology Infrastructure & Operations Law Policy & Government
Zero Trust and Privacy: Moving Security Closer to the Target Wes Gyure Success starts and ends with customer satisfaction. This means delivering services or products that are ... Security Strategy & Architecture
Making Sense of the Landscape of Attacks and Defenses Against AI Dr. Tabassi AI-enabled technology is increasingly finding its way into our trusted systems, and new attacks and ... Risk Management & Governance Hackers & Threats Machine Learning & Artificial Intelligence
Blind Spots: Two Cloud Threats You Didn’t Even Know You Had Matthew Chiodi 65% of cloud breaches are the result of customer misconfigurations. Organizations rapidly moving workloads to ... Cloud Security & Virtualization
Uncovering Covert Channels in Your IoT Networks Chet Raggo We will build upon our previous 2018 RSAC presentation “Exfiltrating Data through IoT” to show ... Mobile & IoT Security Technology Infrastructure & Operations Machine Learning & Artificial Intelligence
Your Metrics Suck! 5 SecOps Metrics That Are Better Than MTTR John Matre Good metrics are elusive in the world of Security Operations. Organizations often fall back on ... Risk Management & Governance Analytics Intelligence & Response
A "Great Equalizer", Until it Isn't: Regional Security in a Global Pandemic Allie Varma In security, regions can impact available technical capabilities, manpower, and other resources. This has been ... Risk Management & Governance Cloud Security & Virtualization Security Strategy & Architecture
ISE-Skating: Lessons Learned in Bypassing Network Access Control Anthony Ralston <p>Network access control (NAC) solutions are leveraged by organizations of all sizes to prevent unauthorized ... Mobile & IoT Security Hackers & Threats Technology Infrastructure & Operations
Multi-Cloud Anomaly Detection: Finding Threats Among Us in the Big 3 Clouds Brandon Evans Attackers are using clouds to attack. Adversaries are learning how to co-opt resources and networks ... Analytics Intelligence & Response Cloud Security & Virtualization
Mirror, Mirror on the Wall, Human Behavior Reveals it All Margaret Cunningham This presentation will demonstrate how human behavior mirrors organizations’ performance and resilience using a unique ... Risk Management & Governance Analytics Intelligence & Response Human Element
OODA Looping in a Turbulent World Ryan Kovar In between threats posed from COVID scams and the SolarWinds cyber attack, we’ve had to ... Analytics Intelligence & Response
AI vs AI: Creating Novel Spam and Catching it with Text Generating AI Younghoo Lee GPT is a powerful text generation model, but its text generation is unconstrained. This session ... Machine Learning & Artificial Intelligence
Better Call Brussels - News on European Cyber Security and eID Regulation Dr. Kim Nguyen <p>This session introduces news on European regulation concerning cyber security, privacy, trust services and digital ... Identity
Building Trust in Supply Chains Asahiko Hane Many reported incidents have stopped business activities and damaged the trust of products and services ... Risk Management & Governance Technology Infrastructure & Operations Protecting Data & the Supply Chain Ecosystem
Managing Privacy and Cyber In A Pandemic: Lessons Learned For 2021 & Beyond Aaron Johnson <p>The COVID pandemic triggered massive health, economic, and societal disruption and loss. It also upended ... Risk Management & Governance Privacy Law C-Suite View
COVID Contact Tracing Apps: Balancing Privacy, Security, and Health Dr. Sokolowski Thus far most COVID contact tracing apps have been plagued by low enrollment and paused ... DevSecOps & Application Security Protecting Data & the Supply Chain Ecosystem Privacy
Multi-Cloud Security Monitoring and CIS Benchmarks Evaluation at Scale Prasoon Pal This presentation will show how insight was achieved on a large scale into the security ... Risk Management & Governance Cloud Security & Virtualization
The Risk You Never Knew Existed: Security and the Gig Economy James Christiansen Gig economy workers are exploding with more than 90% of Americas saying they would consider ... Risk Management & Governance Analytics Intelligence & Response Human Element Cloud Security & Virtualization
Cyber Resilience: Say What? Kristy Westphal Cyber resilience sounds really good, but what does it really mean? The definition is vague ... Technology Infrastructure & Operations Risk Management & Governance
Empowering Hybrid Workforce With Security-driven Networking For All Edges Nirav Shah Dealing with rising remote workforce resulting from ongoing pandemic, as a central part of the ... Cloud Security & Virtualization
Ethical AI: Addressing Bias & Algorithmic Fairness Amanda Mathews AI models can exhibit bias that adversaries can utilize to bypass security measures. It is ... Risk Management & Governance Machine Learning & Artificial Intelligence
Learning from the Enemy: A Look Inside the Techniques of Ocean Lotus /APT32 Brian Robison Cyberattacks are among the most prevalent threats to organizations and individuals today. Understanding how cybercriminals ... Hackers & Threats
Monitoring Strategy for the Coming Space 5G Network Dr. Tsamis Space Policy Directive-5 calls for continuously monitoring the space environment and supporting resiliency of space ... Protecting Data & the Supply Chain Ecosystem Analytics Intelligence & Response Technology Infrastructure & Operations
A Year of Living Dangerously: Resilience After COVID & Killer Hornets Helen Patton , Laura Deaner , Lisa Titus Killer hornets, a pandemic, wildfires. How can organizations plan for the impossible when the impossible ... Protecting Data & the Supply Chain Ecosystem Security Strategy & Architecture Human Element
Partnering with HR to Build a Culture of Cybersecurity Steve Utsey Security professionals at SMBs often struggle to find the required resources to engage their employees ... Human Element Professional Development & Personnel Management
From Zero to Hero at the Edge Steve Winterfeld Frameworks are the best protection from auditors and (if thing go horribly wrong) a class ... Cloud Security & Virtualization Technology Infrastructure & Operations
Why 5G Demands a New Approach to Cybersecurity David Grady 5G will dramatically accelerate the digital transformation of enterprises and the consumer experience. And security ... Technology Infrastructure & Operations
AI: Legal and Policy Considerations and Landmines to Avoid Behnam Dayanim The advent of artificial intelligence as a viable technology warrants rethinking of many of the ... Protecting Data & the Supply Chain Ecosystem Privacy Machine Learning & Artificial Intelligence Policy & Government
Web Attacks and Fraud: Lessons Learned from the Deep End of the Pool Dan Woods , Lori Boddy Digital transformation is accelerating business, and the threat landscape. While security teams adjust to increasing ... Analytics Intelligence & Response
Research on New Vectors of UDP-Based DDoS Amplification Attacks of IoT Dr. Wenmao Liu In recent years, more and more protocols that may cause UDP-based DDoS amplification attacks have ... Mobile & IoT Security Analytics Intelligence & Response
It's Been a Privilege to Serve You–a Mock Hearing Hoyt Ii , April Doss , Hon. Laurel Beeler , Julie Peretti <p>A company’s plan to sell a set of Ruth Bader Ginsburg action figures during the ... Protecting Data & the Supply Chain Ecosystem Analytics Intelligence & Response Law
Cybersecurity Operations Center Technology Taxonomy Christopher Crowley This session will boldly propose a technology taxonomy based on available information and mapped to ... Analytics Intelligence & Response Technology Infrastructure & Operations
Who You Gonna Call: The Quest for a National Data Breach Reporting Law Adam Hickey , Aruna Viswanatha , Luke Ugoretz Consumers, businesses, and public officials have long agreed on the need for a single national ... Protecting Data & the Supply Chain Ecosystem Risk Management & Governance Analytics Intelligence & Response Policy & Government
Malware Reverse Engineering with PE Tree—OSS Inspired by COVID Tom Bonner Reverse engineering of malware is an extremely time and labor-intensive process which can involve hours ... Hackers & Threats Security Strategy & Architecture
How Risky Is Cybersecurity Insurance? Benjamin Pescatore Cyber-insurance policies that can reduce (but not eliminate or fully transfer) the financial impact of ... Risk Management & Governance
Leveraging Suricata in the Enterprise: Shifting from Events to Insights Eric Manev Suricata is known as a high-performance signature-based open source IDS/IPS. As with all signature based ... Analytics Intelligence & Response Hackers & Threats Open Source Tools
Three Ways to Manage Risk and Digital Transformation During a Pandemic Michael Jabbara COVID has catapulted digital transformation to the forefront of business initiatives. With e-commerce on the ... Risk Management & Governance Anti-Fraud
What Was I Thinking?: Bungled Breach Responses Ann Marie Mortimer , Brian Hauser <p>Learn from one of America's busiest breach litigators, former DoJ lead cyber prosecutor, and former ... Risk Management & Governance Analytics Intelligence & Response Law
The State of the Union of DevSecOps Shannon Lietz <p>Across the industry there are many questions—and some skepticism—around newer security concepts such as DevSecOps. ... DevSecOps & Application Security
Protecting What Matters Most – Tools for Managing Risk Greg Witte , John Manchester , Leilani Conkle <p>It’s easy to get overwhelmed & lose sight of what matters most. In this session, ... Risk Management & Governance
How to Guide: Using ISSA/ESG Research Data For Your Benefit Candy Oltsik <p>ISSA/ESG’s annual research study “The Life and Times of the Cyber Security Professional “is full ... Professional Development & Personnel Management
Authentication and Key Exchange Jacques Traoré , Magnus Rösler This Cryptography session will cover the following topics: Topic 1) SoK: Game-based Security Models for ...
Responding to Disinformation and Influence Campaigns Jd Work , Mark Aysta , Melissa Inskeep Misinformation has become more pervasive, more sophisticated, and more impactful on a global basis. In ... Analytics Intelligence & Response
The UDS Security Model of the Tesla CAN Bus and Battery Management System Patrick Kiley Tesla has a history of increasing power available to its vehicles after they are released ... DevSecOps & Application Security Security Strategy & Architecture Hackers & Threats
Through the Zoom Dimly: A Year of Remote Audits Jacob Ansari In this talk, we will look back at a year of entirely remote assessments, including ... Risk Management & Governance Cloud Security & Virtualization
Analyzing Windows Malware on Linux: Getting Started Tips and Examples Lenny Zeltser How can the nature and capabilities of a suspicious file be determined? Incident responders, SOC ... Analytics Intelligence & Response Open Source Tools
How the BEC Threat Landscape is Evolving and What We Can Do About It Crane Hassold According to the FBI, Business Email Compromise (BEC) attacks were responsible for 40% of all ... Human Element Anti-Fraud
The Scientific Method: Security Chaos Experimentation & Attacker Math Kelly Shortridge Security Chaos Engineering presents a new approach that harnesses the scientific method and attacker math ... DevSecOps & Application Security Security Strategy & Architecture
Optimizing Operations: Simplification, Visibility, Response and Automation Joakim Lialias <p>Simplification through integration investment makes integration easier for customers. Investigation workbench centralizes and streamlines to ... Analytics Intelligence & Response
Escalation from Heist to Hostage: Modern Bank Heists 4.0 Tom Kellermann As predicted in last year’s 3.0 report, bank heists are transitioning to hostage situations. Hear ... Hackers & Threats
An Existential Crisis for Global Data Flows: Privacy and Security Issues Alexandra Ross , Bret Zanfir-fortuna <p>In July 2020, Europe's highest court invalidated the EU-US Privacy Shield data transfer agreement, throwing ... Protecting Data & the Supply Chain Ecosystem Risk Management & Governance Law Privacy
Top Active Directory Attacks: Understand, then Prevent and Detect Jeff Mcjunkin Today's enterprise depends on security professionals having an understanding of Active Directory? This talk will ... Analytics Intelligence & Response Technology Infrastructure & Operations Hackers & Threats Cloud Security & Virtualization
Cybersecurity Controls: It Isn't Just Technical Controls That Need Testing Glauco Sampaio This session will show how to use the continuous control monitoring approach to test not ... Risk Management & Governance Analytics Intelligence & Response
My Phishing Kit Burnbook Zack Allen Phishing kits are a new clique in the cybercrime economy hallways. These products have entire ... Analytics Intelligence & Response DevSecOps & Application Security Hackers & Threats Open Source Tools
Taking Back Your Brand: New Techniques to Stop Robocallers Josh Rudolph The session will focus on new methods to disrupt the illegal robocall campaigns impersonating brands ... Human Element Anti-Fraud
Building Secure and Reliable Systems at Scale Heather Adkins Can a system be considered secure if it isn’t fundamentally reliable? Can it be reliable ... DevSecOps & Application Security Technology Infrastructure & Operations Security Strategy & Architecture
Identity Resilience: What Doesn’t Kill You Makes You Stronger Dr. Zulfikar Ramzan As organizations tackle the risks associated with a remote (and returning) workforce, growing supply chain ... Identity
From Zero to Hero – How Cisco Deployed Zero Trust in Five Months Brad Arkin <p>Cisco's transformational culture was a key driver in deploying Zero Trust to over 100,000 global ... Technology Infrastructure & Operations
Tool Time: Building Your Cybersecurity Architecture Planning Toolbox Diana Moyle Getting any job done is easier with the right tools. But what are the right ... DevSecOps & Application Security Technology Infrastructure & Operations Security Strategy & Architecture
Shuffling and Friends Giuseppe Vitto , Tjerand Krips This Cryptography session will cover the following topics: Topic 1) Lattice-Based Proof of Shuffle and ...
The Cyber Solarium Commission: What is Left to Be Done? Catherine Lotrionte , Frank j. Cilluffo , Paul Corcoran The Cyber Solarium Commission made a number of recommendations intended to improve the cybersecurity posture ... Hackers & Threats Policy & Government
His Power Level is Over 9000! Vulnerabilities in Solar Panel Controllers Waylon Grange Embedded device security has come a long way since the days of telnet and default ... DevSecOps & Application Security Product Security Hackers & Threats
Three’s Company: Unpacking and Settling in with Three NIST Frameworks David Snyder , Christina Sames The National Institute of Standards and Technology Risk Management, Cybersecurity, and Privacy Frameworks share a ... Privacy Risk Management & Governance
Evolution of AppSec: Perspectives from a Decade of Building OWASP ZAP Simon Bennetts The open source ZAP project was born from the need to have a view into ... DevSecOps & Application Security Open Source Tools
Reducing Payment Fraud with SWIFT Customer Security Controls Framework Bill Hoffman , Brett Lancaster , Cheri Legault This session will provide an overview of the SWIFT Customer Security Program (CSP) standards framework ... Anti-Fraud
Nurture vs. Nature in AppSec: Data-Driven Measurement of DevSecOps Ben Jacobs Can good development practices make a bad app good? In this talk, we will examine ... DevSecOps & Application Security Product Security
Ransomware: New Recipe For An Old Dish John Samani Many assumed that ransomware peaked five years ago, but 2020 proved otherwise. Just like it ... Analytics Intelligence & Response Hackers & Threats
Is Your Organization’s Confidential Data Really Confidential? Anne Ekstrom <p>Data breaches can have far-reaching operational, financial, and reputational impacts. This presentation will provide attendees ... Protecting Data & the Supply Chain Ecosystem Analytics Intelligence & Response Security Strategy & Architecture
Building Privacy-Resilient Identity Ankur Buchner Organizations have many requirements to safeguard customer and employee privacy. Learn how decentralized identity technology ... Privacy
From the Fry Pan to the Fire—Personal Liability for CISOs and InfoSec Pros Aravind Weatherford <p>This presentation will offer real-time analysis of current regulatory investigations targeting individual employees, and draw ... Protecting Data & the Supply Chain Ecosystem Risk Management & Governance Analytics Intelligence & Response Hackers & Threats Law
Beyond Public Buckets: Lessons Learned on Attack Detection in the Cloud Alfie Jones The cloud has changed the nature of both offensive and defensive security. Leveraging experiences with ... Analytics Intelligence & Response DevSecOps & Application Security Cloud Security & Virtualization
Ransomware: Creation, Detection, and Response Aaron Rosenmund Ransomware is one of the fastest growing categories of malware, and one of the most ... Analytics Intelligence & Response Hackers & Threats
Building a Global Cyber Rating - How to Objectively Rate Cyber Capabilities Derek Freund This presentation will propose a global model for cyber ratings to serve as an input ... Risk Management & Governance
Open Source as Your Career Catapult Doug Burks , Bernard Brantley , Fatema Wala , Gregory Rodriquez Participating in open source communities can transform a career! Open source projects can help professionals ... Professional Development & Personnel Management Open Source Tools
Pinata Time: Why We Should All Start Bashing Mules! Andy Collins , Paul Gardner , Stacie Rivner With fraud patterns changing rapidly, catching mules has never been more important. What financial crimes ... Anti-Fraud Business Perspectives
Defend Forward: Moving Toward Coordinated Active Cyber Response Kimberly Peretti , Anand Shah , Andrew Epstein , Randy Mcgee <p>Defend forward, the unclassified and publicly communicated cyber policy of the US Government that involves ... Analytics Intelligence & Response Law Policy & Government
Beyond Endpoints: A Case for Open XDR Lauren Horaist Security teams have an ever changing, complex mix of infrastructure that attackers are constantly targeting. ... Analytics Intelligence & Response
A Review of the Ransomware Threat Landscape Michael Daniel , Jen Miller-osborn , Phil Vavra From 2019 to 2020, cybercriminals got greedier and richer with ransomware. The average ransom payment ... Hackers & Threats
How CISA Is Charting a Path Toward Defensible Infrastructure Joshua Yu Much of our technology infrastructure is indefensible, requiring us to continuously rely on eroding countermeasures ... Risk Management & Governance Cloud Security & Virtualization Technology Infrastructure & Operations Security Strategy & Architecture
MDR: Making Sense of the Veg-o-Matic Buzzword Blender Diana Lee It slices! It dices! It makes julienne fries! Some vendors tout MDR (managed detection and ... Analytics Intelligence & Response Technology Infrastructure & Operations
New Face, Who Dis? Protecting Privacy in a World of Surveillance Mike Kiser Facial recognition is eroding privacy and other human rights. Industry and government have ethical responsibilities ... Hackers & Threats Privacy Machine Learning & Artificial Intelligence
A Case Study of the Capital One Data Breach Anchises Neto Are existing compliance requirements sufficient to prevent data breaches? This session will provide a technical ... Risk Management & Governance Analytics Intelligence & Response Cloud Security & Virtualization
Confidential Computing Across Multiple Clouds and Platforms: Project Enarx Mike Mccallum How fully can organizations trust the host on which they run their applications? Not just ... Cloud Security & Virtualization DevSecOps & Application Security Open Source Tools
Get Rich or Get Hunted Trying: Uncovering Large Scale Fraud Operations Danna Darsan As digital transformation accelerated because of COVID, adversaries developed customized fraud operations to automate the ... Analytics Intelligence & Response Hackers & Threats Anti-Fraud
Applying Artificial Intelligence to the Incident Response Function Roy Yavo Security analysts have specialized skills in short supply. We will discuss what AI models can ... Analytics Intelligence & Response
Work Smarter Not Harder: Tips to Approach Cloud Security the Easier Way Erin Sindelar To improve cloud security, stop doing the typical job. Don't think about cloud security in ... Cloud Security & Virtualization
Cybersecurity for Future Extreme Computing Dr. Anne Fitzpatrick Unlike general purpose computers, HPCs are used mostly for distinct mathematical and scientific purposes and ... Hackers & Threats Human Element Security Strategy & Architecture
Hooked By Phisherman: Quarterbacking Breach Response with Law Enforcement Justin Daniels , Catherine Lyle , Jodi R. Daniels , Marc Sangster <p>It’s hard to imagine losing $2 million to the phisherman. What happens next? Will law ... Analytics Intelligence & Response Law
Forecasting Threats is Way Easier Than You Think Chris Cronin Innovations by cybersecurity attackers intimidate managers into thinking that they cannot forecast attacks, but publicly ... Risk Management & Governance Analytics Intelligence & Response
Windows Kernel Patch Protection - Achilles Heel: PatchGuard Arush Agarampur This session will look at a critical flaw in the design of Windows Kernel Patch ... DevSecOps & Application Security Hackers & Threats
Evasion, Poisoning, Extraction, and Inference: Tools to Defend and Evaluate Abigail Buesser Adversaries of AI applications continuously advance their tools for evasion, poisoning, extraction, and inference against ... DevSecOps & Application Security Machine Learning & Artificial Intelligence Open Source Tools
What are Faster Payments and Why Should a Security Practitioner Care? Peter Tapling , Reed Peaston The US is experiencing the introduction of the first new payment systems in 40 years. ... Anti-Fraud Identity
Security Champions: Drive Innovation by Creating Future Cyber Workforce Tanvi Bali The presentation will provide an alternative view to Security Champions Programs, not only addressing the ... DevSecOps & Application Security Human Element Professional Development & Personnel Management
Into the Mind of an IoT Hacker | How to Protect IoT Networks & Devices Itzik Sowder Attendees will gain insight into how IoT hackers hit various organizations with simple cyber-attacks which ... Mobile & IoT Security
How to Build a Long-term XDR Architecture Strategy Jared Phipps , Allison Clelan , Lisa Shah Extended Detection and Response (XDR) solutions help provide organizations with effective and efficient threat detection ... Security Strategy & Architecture
How You Can Ask the Right Questions to Succeed with Your Security Projects Lenny Zeltser Security professionals are often in situations where crucial details are missing, yet may hesitate to ... Risk Management & Governance Professional Development & Personnel Management Security Strategy & Architecture
Adversary Simulation: Close the Gaps in Your Security Posture Don Murdoch Need to validate a security posture and assess network resilience against an adversary? Looking for ... Analytics Intelligence & Response Technology Infrastructure & Operations
Android Rootkits: Analysis from Userland and Kernelland Aditi Venkatesan Our session will cover an introduction to Android Rootkits, looking at how to use live ... Mobile & IoT Security Hackers & Threats Machine Learning & Artificial Intelligence
Who Stole My 100,000 Dollars’ Worth Bitcoin Wallets - Story of HoneyTokens Tan Kean Siong Is it possible to easily create a 'tailor-made' deceptive file, let it get stolen on ... Protecting Data & the Supply Chain Ecosystem Open Source Tools
Super Apps and Digital Wallets: Securing the Unstoppable Force Julie Conroy , Lee Cookman , Loren Campbell <p>The greatest factor for the adoption of digital payments and identity requires a cultural shift ... Anti-Fraud
Developers Dislike Security: Ten Frustrations and Resolutions Chris Romeo Developers dislike security and won't always admit it. In a DevSecOps world, devs become security ... DevSecOps & Application Security Human Element
Digital Identities - 21 PKI Pitfalls and How Best to Avoid Them Jason Callan When implementing Digital Identities using PKI technologies, there are many ways it can go wrong. ... Identity
Supply Chain Resilience in a Time of Techtonic Geopolitical Shifts Andrea Little Limbago The geopolitical winds of change are upending global supply chains at an unprecedented pace and ... Security Strategy & Architecture Protecting Data & the Supply Chain Ecosystem
Security Policy Management in the Hybrid Cloud Sattwik Gavli <p>Protecting critical assets in the cloud requires securing access to cloud environments. Too often breaches ... Cloud Security & Virtualization
Navigating the Biometric Anatomy Chris Hydak <p>How can organizations enable biometric solutions in a compliant and responsible manner? This session will ... Risk Management & Governance Law Privacy
DevOps Connect: DevSecOps Alan Krebs <p>DevOps Connect: DevSecOps has been part of RSA Conference for six years. <strong>This year, we ...
The Game of Cyber Threat Hunting: The Return of the Fun Dr. Shu <p>Threat hunting works like scientific discovery in the cyber world, yet the excitement of its ... Analytics Intelligence & Response Hackers & Threats
Knowledge Glaciers in the Age of Automation and Cloud Native Emily Fox The commoditization of innovation reduces the learning curve to use new capabilities and technology while ... Cloud Security & Virtualization Security Strategy & Architecture
Traveler’s Protection Guide: Low Tech Physical OPSEC for a High Tech Job Dan Preuss Potential threats could impact all travelers. Join this session with two well-travelled security researchers who ... Privacy Human Element
Extreme Makeover: Privacy Edition Angelique Carson , Ron De Jesus , Ruby Hintze Come listen to seasoned privacy professionals tell stories and give tips and tricks on how ... Privacy Risk Management & Governance
Building Cyber Resilience - Considerations for CISOs Arwa Alhamad , Abeer Khedr , Biju Hameed , Dr. Charife In this panel, critical industry leaders will come together to discuss ways to build effective ... Technology Infrastructure & Operations C-Suite View Business Perspectives
All Your LAN are Belong to Us. Managing the Real Threats to Remote Workers. Charl Ross If Secure Remote Access is the logical extension of a private network to another location, ... Hackers & Threats Product Security
One Step Ahead: Keeping Security at the Forefront Dr. Kelley Misata , Anna Wheeler , Michael Zafirakos While accessibility was a top priority when COVID-19 hit, security was not. Lack of secure ... Security Strategy & Architecture
Symmetric Design Lin Jiao , Louiza Zhao This Cryptography session will cover the following topics: Topic 1) FAN: A Lightweight Authenticated Cryptographic ...
Inside the Mind of the SUNBURST Adversary Marco Figueroa <p>When looking at the Sunburst attack and the effect that the supply chain attack on ... Analytics Intelligence & Response Product Security Hackers & Threats
MITRE ATT&CK® as a Framework for Cloud Threat Investigation Jasdeep Kaushik Cloud security remains a continuously evolving landscape. This session will discuss our research on cloud ... Analytics Intelligence & Response Cloud Security & Virtualization
Picking Winners: How the Pandemic Changed Cybersecurity Investing Dino Boukouris , Dr. Chenxi Wang , Rob Motamedi This session will cover how cybersecurity investors responded to the pandemic and what has changed ... Risk Management & Governance Protecting Data & the Supply Chain Ecosystem
What is New in California Privacy and What Does it Mean for the Company? Carla Determann This session is meant to cover the new developments in California Privacy Law, in addition ... Protecting Data & the Supply Chain Ecosystem Law Privacy
New Normal, New Security? Five Security Trends to Watch in 2021 and Beyond Nicolai Fischbach The new normal isn’t normal at all. Security must change. How we protect data must ... Security Strategy & Architecture
Zero Trust: Regaining Trust in a Remote Work World Macy Cronkrite Remote work shifted the security perimeter out of known networks into unknown networks. With Zero ... Security Strategy & Architecture
Measuring the Ethical Behavior of Technology Cam Levasseur This session will share the results and learnings of the creation and development of an ... DevSecOps & Application Security Human Element Privacy
Your Breached Controls May Have Been Reasonable After All David Cohen , James Lee , Chris Cronin , Bill Sampson An influential team of litigators, regulators, judges, and information security experts have created a test ... Risk Management & Governance Analytics Intelligence & Response C-Suite View
Attacking Kubernetes Clusters Through Your Network Plumbing Nir Chako Attackers are increasingly targeting Kubernetes clusters. Network plugins are an essential part of these clusters ... Cloud Security & Virtualization DevSecOps & Application Security Technology Infrastructure & Operations
Modern Identity Hacking: Have Hackers Really Adjusted to Constant Remote? Mike Jankowski-lorek Modern identity management is crucial for organizations faced with remote working and relying upon cloud ... Hackers & Threats Technology Infrastructure & Operations
Jill and the BeenSTALKed Chloé Messdaghi , Joe Olsen This presentation will discuss stalkerware fundamentals, its impact on victims, how victims can be assisted ... Mobile & IoT Security Analytics Intelligence & Response Privacy Hackers & Threats
Who Owns Your Data? Steve Black The law of data ownership is far from settled. Google, Facebook, and governments collect petabytes ... Protecting Data & the Supply Chain Ecosystem Law Privacy
The Skeptic's Guide to Using XDR to Get Zero Trust Greg Young I’ve been in security decades and am skeptical because Zero Trust and XDR almost seem ... Analytics Intelligence & Response
Justified Insomnia – Protecting against Lazy and Sophisticated Cyber Criminals Charles Eagan In today’s digital economy, trust is threatened. High-profile data breaches have made trust a topic ... Security Strategy & Architecture
Smart IoT: IoT Botnet Attacks on Power Grids Exploiting Their Weak Points Dr. Shekari This session will discuss how data privacy issues in modern power grids can be leveraged ... Technology Infrastructure & Operations Mobile & IoT Security
Cryptanalysis II Karen Klein , Lenka Vaudenay This Cryptography session will cover the following topics: Topic 1) Mesh Messaging in Large-scale Protests: ...
ComPriSec: A Weird Word for a New World Lisa Mckee , Robert Lamagna-reiter , Ron Fish Compliance, Privacy, and Security (ComPriSec) professionals struggle in their role with competing priorities and responsibilities. ... Risk Management & Governance C-Suite View
Ticking ‘Cyber Bomb’: Is There a Global Response to Fix Value-Chain Risks? Craig Jones , Anastasiya Kazakova , Jon Droz Within the all-round digital transformation, every company relies on a multitude of third-party vendors, adding ... Protecting Data & the Supply Chain Ecosystem Technology Infrastructure & Operations Policy & Government
Telehealth Cybersecurity: Secure Remote Patient Monitoring Ecosystem Axel Wirth , Nakia Grayson , Steven Wang Remote patient monitoring (RPM) is a subset of telehealth that allows healthcare providers to monitor ... Cloud Security & Virtualization Privacy
Doing the Safety Dance: Will Trusted Execution Environments Protect Us? Mike Bursell , Aeva Black , Nelly Novotny Confidential computing is a breakthrough technology that protects application integrity and privacy through the use ... Cloud Security & Virtualization Technology Infrastructure & Operations Security Strategy & Architecture
Cyber’s Past, Present, and Future: The Truth is Stranger than Fiction Joseph Menn , Dan Hubbard , Andy Greenberg , Kevin Perlroth <p>This session will look at cyber’s past, present, and future through the eyes of journalists ... Protecting Data & the Supply Chain Ecosystem
Protests, Pandemics, and Privacy: The Rise of Surveillance States David Howe Crises such as the pandemic test core social principles that strain against the need for ... Privacy
Your Fraud Metrics Suck, Losing Money and C-Suite Ignoring You – Now What? Jim Ducharme A company cannot afford to lose money or customers - are the fraud metrics sacrificing ... Anti-Fraud
Ditching Run-To-Failure as Part of a Winning ICS Strategy Marty Edwards Instead of the traditional run-to-failure mindset, organizations must evolve to more proactive and predictive approaches ... Technology Infrastructure & Operations
Strengthening Resilience of Positioning, Navigation, and Timing Services James Mccarthy Our nation’s critical infrastructure relies on PNT data from GPS and other systems. Disruptions to ... Risk Management & Governance Technology Infrastructure & Operations Protecting Data & the Supply Chain Ecosystem
Biohacking: The Invisible Threat Len Noe <p>Security professionals are trained to protect against digital threats, but how can they secure against ... Hackers & Threats Human Element
Building Resilience Standards, Resiliently Jessica Boyle As network architectures grow in size and complexity, resilience must be baked into network functions ... Security Strategy & Architecture Policy & Government Mobile & IoT Security
What’s Old is New: Hybrid Security for Microsoft Azure and On-Premises Tech Matthew Burns This talk will provide a mapping of traditional on-premises security best practices and demonstrate how ... Cloud Security & Virtualization Technology Infrastructure & Operations Security Strategy & Architecture
DHS CISA Strategy to Fix Vulnerabilities Below the OS Among Worst Offenders Boyden Ruoff Join this session to hear DHS announce its national program to mitigate vulnerabilities below the ... Technology Infrastructure & Operations Security Strategy & Architecture Risk Management & Governance
The Road to End-to-End Encryption Max Krohn In 2020, hundreds of millions of people turned to video communications to stay connected, introducing ... Security Strategy & Architecture Protecting Data & the Supply Chain Ecosystem
Lessons Drawn From Cybersecurity In The Rise of Privacy Tech Lourdes Turrecha , Melanie Dennedy Privacy tech is on the rise. But what exactly is it? And how does it ... Privacy
Fighting Where They Aren't: How Attackers Avoid Endpoints in Modern Attacks Brian Ben-shimol Cybercriminals are constantly evolving their tactics. In this session, we'll show how attackers sidestep endpoints ... Hackers & Threats
Multi-Front War: Mitigating Cyber Risk and Maximizing Security Allison Pan , Matthew Bailey , Scott Davy <p>Security leaders are fighting a multi-front war. Defending against threats and improving security posture is ... Risk Management & Governance
Post-Quantum Corentin Jeudy , James Howe , Thijs Prest This Cryptography session will cover the following topics: Topic 1) SoK: How (not) to Design ...
Discord, Generation Z’s Hacking University Brook Chelmo Discord is a gaming chat service and the home of Generation Z's IT security attackers ... Hackers & Threats Human Element
Municipal Cybersecurity: Building the "Last Mile" of Resiliency Curtis Wood , Jeanne Benincasa Thorpe , Mike Helm Secure and robust state networks do not necessarily mean local communities are equally protected. This ... Risk Management & Governance Policy & Government
Visible Figures: Bridging the Skills Gap With Inclusion and Equal Opportunity Jenai Marinkovic , John Rides Today’s evolving cybersecurity landscape provides an opportunity to look in different places for innovative solutions ... Professional Development & Personnel Management
WPA3 – Advancements in Wireless Security Stephen Orr In 2018 the Wi-Fi Alliance announced two new programs to advance wireless security: Wi-Fi CERTIFIED ... Technology Infrastructure & Operations Mobile & IoT Security
Death to CIA! Long live DIE! How the DIE Triad Helps Us Achieve Resiliency Sounil Yu The DIE Triad (Distributed, Immutable, Ephemeral) serves as an alternative to the CIA Triad (Confidentiality, ... DevSecOps & Application Security Privacy Security Strategy & Architecture
A Year Spent Virtually: The Lasting Effect of the COVID Pandemic on Privacy Danielle Citron , Jules Brill The COVID pandemic and the events of 2020 gave urgency to an already pressing issue: ... Privacy Protecting Data & the Supply Chain Ecosystem
A Data Protection Problem: Insider Risk Mark Wojtasiak Reaffirming what industry analysts have reported in the early months of 2021, findings from the ... Human Element
Building a CISO Response Strategy to Advanced Threats Jeff Costlow SUNBURST was a rude awakening for many security teams, and it won't be the last ... Analytics Intelligence & Response
How I Hacked Your Website and You Didn’t Even Know Siddhesh Yawalkar With website attacks on the rise and the spotlight on Solarwinds-style supply chain hacks, the ... Protecting Data & the Supply Chain Ecosystem Hackers & Threats
Cyber Risk Management Programs: Bringing Clarity to Cybersecurity Alma Cole , Boyden Rohner , Lisa Khalfan This session will help attendees learn root cause of cyber failure and how risk management ... Risk Management & Governance Policy & Government
Quantum Computing: One Weird Trick to Break RSA Encryption Anastasia Marchenkova What are the security implications of a large, coherent, fault-tolerant quantum computer? Breaking RSA would ... Technology Infrastructure & Operations
Displacing the Dollar: Is Crypto Robust Enough to be the New Reserve Currency? Dr. Simi Wang Cryptocurrency has universal ambition but first must conquer the US dollar as planet Earth’s reserve ... Protecting Data & the Supply Chain Ecosystem Policy & Government Anti-Fraud
Personal Threat Models and, Speculatively, Privacy Governance Bethan Cantrell Personal threat modeling can be a simple and informative self-assessment, and can be contextualized to ... Risk Management & Governance Privacy Identity
CVSS Scores Are Dead. Let’s Explore 4 Alternatives Allan Liska If a picture is worth a thousand words, then a CVSS score is worth two ... Analytics Intelligence & Response
Public Health Cyber War Games: How Hackers are Exploiting Healthcare Caleb Ford As hospitals care for COVID patients, pharma races toward a vaccine, and officials scramble to ... Protecting Data & the Supply Chain Ecosystem Hackers & Threats Product Security
Blockchain Security Guarantees and Exploits Adrian Bednarek The uniqueness of a private key is all that protects assets on a blockchain. With ... DevSecOps & Application Security Protecting Data & the Supply Chain Ecosystem Hackers & Threats
Liberal Democratic Values and the Geopolitics of Technology Tobias Feakin Technologies are increasingly concerning vectors of geostrategic competition. Australia’s world first International Cyber and Critical ... Technology Infrastructure & Operations Policy & Government
Beyond Endpoint Security Using Osquery at Scale Prasoon Nischal Securing an environment should be simple and robust and not require expensive tools. This talk ... Risk Management & Governance Cloud Security & Virtualization Technology Infrastructure & Operations
Through Your Mind’s Eye: What Biases Are Impacting Your Security Posture? Lynda Grindstaff While people may have the best intentions, we all have biases that have formed us ... DevSecOps & Application Security Risk Management & Governance Human Element
Compliance Made Easy—Simplify Your Approach to Privacy Kelly Green In the wake of new privacy regulations, companies are being forced to evaluate their privacy ... Privacy Protecting Data & the Supply Chain Ecosystem Risk Management & Governance
Lessons From Our Zero Trust Journey: Successes, Failures & Dodging Pitfalls James Carder A lot of vendors are jumping on the Zero Trust bandwagon, toting potential benefits and ... Technology Infrastructure & Operations
Ransomware Threat Landscape Adam Meyers Ransomware remained a dominant threat to enterprises in many different geographic regions and business verticals ... Hackers & Threats
Trusted Internet of Things Device Onboarding and Lifecycle Management Eliot Symington Current methods for provisioning IoT device credentials can leave networks vulnerable to unauthorized devices and ... Product Security Mobile & IoT Security
Are You Really You? Higher Assurance Identity Proofing to the Rescue! Lorrayne Auld Account takeover and identity theft continue to rise as the labor force continues to work ... Risk Management & Governance Anti-Fraud Identity
Election Security: Lessons from the Front Lines Bryson Bort , Cynthia Kaiser , Geoff Godsey Public trust in election infrastructure and results rests on a transparent approach by government at ... Technology Infrastructure & Operations Policy & Government
Using Threat Modeling to Improve Compliance Adam Shostack Compliance checklists inhibit thinking, and make it hard for security to influence across the organization. ... Risk Management & Governance Analytics Intelligence & Response
Invisible Security: Protecting Users with No Time to Spare Dr. Josiah Dykstra Average users can’t afford to devote time to security. Invisible security, which occurs automatically and ... Risk Management & Governance Human Element
AppSec’s Future and the Rise of the Chief Product Security Officer Chris Corman As the world increasingly depends on digital infrastructure, it increasingly depends on product security. Classic ... Mobile & IoT Security DevSecOps & Application Security Technology Infrastructure & Operations Product Security C-Suite View
Your Cyber Journey – You Ain’t Seen Nothin’ Yet Aimee Larsen Kirkpatrick , Lisa Lee , Michelle Titus For females working in cybersecurity or privacy, career paths are not often straight lines. This ... Privacy Professional Development & Personnel Management
Gula Tech Foundation Data Care Grant Competition Awards: $1M at Stake Cyndi Gula Join Gula Tech Foundation’s virtual award ceremony for the top cybersecurity nonprofits that are expanding ... Business Perspectives
Cryptography in Distributed Systems Hamidreza Khoshakhlagh , Roman Kondi This Cryptography session will cover the following topics: Topic 1) Multi-Party Revocation in Sovrin: Performance ...
WebAuthn 201: How to FIDO Christiaan Brand For organizations running websites or services, protecting against phishing with stronger user authentication is a ... Human Element Identity
Operational Collaboration: Enhancing Cyber Readiness Erica D. Borghard , Christopher Button , Greg Daniel Building cyber resilience for critical infrastructure requires much deeper public-private operational collaboration than currently exists. ... Technology Infrastructure & Operations Policy & Government
Getting Cybersecurity Funding from Your CEO: the 5 Critical Steps Cynthia James CEOs are notoriously under educated on cybersecurity while representing the biggest vulnerabilities a company has ... Risk Management & Governance
Under the Unfluence: the Dark Side of Influence Ron Woerner Unfluence is the negative side of influence. It’s a common form of manipulation used to ... Hackers & Threats Human Element
Navigating the Unknowable: Resilience through Security Chaos Engineering Aaron Dicken When applied to cybersecurity, Chaos Engineering is advancing the ability to reveal objective information about ... Analytics Intelligence & Response DevSecOps & Application Security Technology Infrastructure & Operations Security Strategy & Architecture
Breaking the Box: How Emerging Technology Can Close the Cyber Skills Gap Deveeshree Kelley We all know there’s a skills gap; what we need is a better way to ... Professional Development & Personnel Management
Managing Access Entitlements & Their Lifecycle in a Multi-Cloud Environment Anmol Almazova A shift to multi-cloud strategy renders the long-established IAM controls for managing access entitlements ineffective ... Risk Management & Governance Cloud Security & Virtualization Identity
Creating the Next Cyber Generation - Lessons Learned from the NSA and UWF Diane Janosek , Dr. Morton This session will highlight best practices in cybersecurity education for youth in the United States ... Hackers & Threats Policy & Government Identity
One 1st Responder to Another - Lessons on Managing Stress from the Trenches Carol Vasko The stress and burnout of 1st Responders and cybersecurity professionals is associative across industries with ... Human Element Professional Development & Personnel Management
Infosec Makeover: Love it or Leave it, Product Security is Here to Stay Jen Szymański In the last couple years we have seen the construction of a new trend called ... DevSecOps & Application Security Security Strategy & Architecture Business Perspectives
The Resilience Business Case: Three Case Studies Wolfgang Goerlich Security strategy is marshaling people and resources toward a single goal. This session will cover ... DevSecOps & Application Security Protecting Data & the Supply Chain Ecosystem Security Strategy & Architecture
Implementation Da Lin , Michael Khairallah This Cryptography session will cover the following topics: Topic 1) A Framework to Optimize Implementations ...
How Governments Can Promote a Secure 5G Ecosystem Danielle Kriz , Courtney Lang , Scott Merchant Governments around the world seek to deploy 5G securely. Yet government actions aimed at improving ... Protecting Data & the Supply Chain Ecosystem Policy & Government Mobile & IoT Security
How the Identity Portions of CCPA Regs Put Consumers and Businesses at Risk Jeremy Grant CCPA created a new legal right for consumers to access, correct, or delete their data, ... Privacy Law Identity
Hot Topics in Misinformation: Election 2020, COVID 19, and More John Schneider , Emily Frye , Isabella Garcia-camargo 2020 brought an unprecedented crisis of fact and truth. 2021 shows every sign of being ... Hackers & Threats Human Element
Serverless Architecture Security Patterns for Securing the Unseen Jabez Abraham Serverless Architectures bring the ability to independently scale, deploy, and heal based on workloads while ... Cloud Security & Virtualization DevSecOps & Application Security Security Strategy & Architecture
A Sustainable Security Workforce Starts at the Local Coffee Shop Alyssa Miller The skills gap gets a lot of press but does it exist? This session will ... Professional Development & Personnel Management
Patterns for Encryption in Hybrid Cloud Mark Buckwell Many encryption solutions fill a tick box but do not meet the intent of the ... Protecting Data & the Supply Chain Ecosystem Cloud Security & Virtualization Security Strategy & Architecture
Purple Team Auth: Hacking & Bypassing MFA Systems, and How to Armor Up Dan Houser We will discuss failure modes of advanced authentication and show exploit bypasses of multifactor auth ... Risk Management & Governance Hackers & Threats Identity
FAIR Controls: A New Kind of Controls Framework Jack Jones There’s an old saying in marketing that, “Half of your marketing dollars are wasted. You ... Risk Management & Governance Analytics Intelligence & Response
We’re All in this Together: Technology Abuse and Design Erica Olsen , Jennifer Landhuis , Natalie Ristenpart Gender-based violence service providers, technology experts, & clinic service providers who work directly with survivors ... Risk Management & Governance Privacy Human Element
Cybersecurity Metrics Development for Board and Risk Committee Reporting Richard White This session will cover how to create and report customized cybersecurity metrics as related to ... Risk Management & Governance C-Suite View Business Perspectives
Burnout—The Greatest Threat to Your Organization’s Security Chloé Messdaghi Several trends are now colliding to make burnout among security professionals a greater threat to ... Human Element Professional Development & Personnel Management
Top Seven AI Breaches: Learning to Protect Against Unsafe Learning Davi Ottenheimer AI for decades promised great gains in productivity. However many groups accounting for risks in ... Mobile & IoT Security Machine Learning & Artificial Intelligence Security Strategy & Architecture
Lessons Learned from Diverse Paths to Successful Cybersecurity Careers John Pescatore , Inno Eroraha , Lodrina Olsen This session will give voice to three skilled cybersecurity professionals with diverse jobs, backgrounds and ... Professional Development & Personnel Management
Weak Links in Cloud IAM - Never Trust. Always Verify! Dr. Quist Pen testers poke at misconfigured IAM policies, cloud users open their environments to attack, and ... Analytics Intelligence & Response Hackers & Threats Cloud Security & Virtualization Identity
Ten Things to Include in Remote Work IT Risk Assessments Alyssa Pugh As the world continues to respond to the effects of COVID, many are now asking ... Risk Management & Governance Cloud Security & Virtualization
Are Password Managers Improving our Password Habits? David Schechter Password manager adoptions are becoming the norm these days, but are they also encouraging best ... Risk Management & Governance Human Element
How Digitizing the Workers Advances the CISO's Goals Chris Callahan Many industries struggle to achieve benefits of digital transformation because it’s difficult to integrate active ... C-Suite View Identity
Rebels & Resilience—Why It Pays Off to Break Your Patterns! Daniel Fuehrer The security industry often throws new technologies and tools at established problems, sometimes achieving success, ... Risk Management & Governance Analytics Intelligence & Response Professional Development & Personnel Management
A Punch to the Supply Chain: Fighting Back to Resilience Edna M. Conway , Jennifer Bisceglie , Phil Brese After a year of global disruption, enterprises find themselves ill-equipped to ensure supply chain resilience. ... Risk Management & Governance Security Strategy & Architecture Protecting Data & the Supply Chain Ecosystem
The Attacker’s Guide to SSO and Passwordless Technologies Asaf Hecht Passwordless and SSO solutions have become extremely popular, mostly due to their ability to balance ... Cloud Security & Virtualization Hackers & Threats Identity
When Your Dashboard Explodes – Do You Care Enough to Send the Very Best? Elliott Franklin We have all attended sessions on creating captivating security dashboards for the executive team. But ... Risk Management & Governance Cloud Security & Virtualization Professional Development & Personnel Management
Security-as-Code to Accelerate DevSecOps, a Practical Guide to Get Started Cindy Blake Automation can be used to define and apply security policies throughout the lifecycle of an ... DevSecOps & Application Security Protecting Data & the Supply Chain Ecosystem Risk Management & Governance Product Security
The Rise of the BISO Role Manuel Chowrimootoo The role and importance of a business security office/practice within companies is of growing importance. ... Security Strategy & Architecture C-Suite View Business Perspectives
CISO Leadership: Building Your Personal Action Plan Frank Kim Having challenges building security teams? Worried about taking a more senior position? Come hear about ... Human Element Professional Development & Personnel Management C-Suite View
Thank You, Next! Protecting Next-Generation OT Networks Chris Williams This session will provide a detailed explanation of next-generation OT networks and describe why traditional ... Technology Infrastructure & Operations Security Strategy & Architecture
Securing Your Direct to Consumer Identity Strategy Sarah Bertocci Many companies have recognized the power of bringing products and services direct to consumers rather ... Risk Management & Governance Cloud Security & Virtualization Identity
DBOM and SBOM: New Options For Better Supply Chain Cybersecurity Chris Blask , Jennifer Bisceglie , Mark Alrich The global supply chain includes a mystifying accumulation of digital and software components that generate ... DevSecOps & Application Security Protecting Data & the Supply Chain Ecosystem Risk Management & Governance
Flying to DevSecOps with a USAF Cyber Weapon System - Year 1 Dr. Mark Peters DevSecOps transformations challenge everyone. Making a transformation for highly regulated industries creates even more challenges. ... DevSecOps & Application Security Risk Management & Governance
"S"ecurity Convergence of Cyber, Fraud, and Physical Specialties Susan M. Koski "S"ecurity convergence from traditional siloed cyber, fraud, and physical is necessary to defend against threats ... Analytics Intelligence & Response C-Suite View
Analyst View: How To Manage Info/Cybersec Careers in a Pandemic Recession David Foote This session will feature latest insights and data on ‘best bet’ pandemic/recession job and career ... Mobile & IoT Security Machine Learning & Artificial Intelligence Professional Development & Personnel Management
Culture Matters—Put People at the Heart of Security Jinan Budge Whether the human element means creating a toxic-free environment for employees, navigating the maze of ... Risk Management & Governance Security Strategy & Architecture Human Element