Los Angeles

Generative AI is poised to become one of the most disruptive technologies of our time. There is no shortage of emerging applications that promise increased productivity, new levels of automation and innovation. But there is also a growing risk in applying this technology to the wrong use cases or, worse, of the technology being exploited by bad actors for nefarious purposes.

Join Konnor Andersen, Global VP of Growth for Darktrace, to cut through the Generative AI hype. Nicole will break down how applying the right type of AI to the right security challenge can transform the workflow of your security team and help you stay ahead of a rapidly evolving threat landscape. Nicole will also provide actionable advice for fostering a productive and trusted relationship between your security team and AI so that you can use it responsibly and effectively to protect your business.

Legacy SOAR (Security Orchestration, Automation and Response) technology promised to revolutionize the practice of security operations. Unfortunately, the first generation of these platforms have gained a reputation for rigid playbooks that require extensive development resources, poor case management features, and limited use cases. That’s why Swimlane developed a more modern and extensible approach to security automation.

Despite having distinct differences, data privacy and compliance are deeply intertwined with cyber security. As focus on data privacy and compliance increases, business leaders can expect to see vast changes related to how consumer data is managed, shared, and secured. Policy & laws on data privacy and compliance continue to expand and become increasingly stringent, so it is important for companies and their respective business leaders to consider these areas as they develop & evaluate their cyber security strategies. For instance, last year the SEC proposed amendments to its rules on cyber security, risk management, strategy, governance, and incident disclosure by public companies.

At a more granular level, there are various initiatives to protect specific consumer data and ensure enterprises are compliant in doing so – particularly health data and children’s personal information. The American Data Privacy and Protection Act (ADPPA) if passed could greatly impact health data beyond the scope of HIPAA by establishing a national framework to protect & preserve the privacy of consumer data collected by entities not covered by HIPAA. In an American Medical Association survey, about 75% of surveyed patients expressed concern and confusion related to the privacy of their health data and how it is handled. The ADPPA could help clear up some of this confusion by establishing clear expectations. Another critical area is the collection of personal information of children. The Children’s Online Privacy Protection Act (COPPA) helps put parents in control of how their children’s data is handled and ensures that all entities in possession of this data sustain its confidentiality, security, and integrity.

Maintaining strong data privacy and compliance practices is imperative in preventing sensitive personal data from becoming compromised. This information is extremely valuable to cyber criminals, who seek to utilize compromised data to steal others’ identities or resell such PII.

This panel will look at the latest data privacy policies and implications for what this means for business leaders in the future. Our lineup of experts will lend their insights and offer best practices relating to privacy, compliance, and identity protection.

We may be biased, but Penetration Tests are the Swiss Army knife of information security. There is no more effective way to find your gaps, gauge your ability to detect and respond, or protect your crown-jewels than by running a live-fire exercise. However, don’t just buy the penetration test and wait for the results; there are numerous things you can do to ensure you wring out every last drop of value.

Data is the lifeblood of business and other organizations in this digital age. Yet that data and the applications running the business are under constant attack. Nation states create cyber weapons that lock up data centers, sophisticated criminals employ the latest capabilities to gain access and encrypt data for ransom while destroying backups, and the threat of insiders becomes more critical as the stakes grow higher.

In this session, learn the details about how sophisticated cyber attacks occur; why cyber insurance isn’t enough and paying a ransom has to be the option of last resort; and techniques and capabilities you must have to ensure your organization’s ability to recover safely and efficiently from a sophisticated cyber disaster.

“Pay Up, or Else”. The number of organizations who have been faced with this scenario has been steadily increasing over the past several years as ransomware attacks continue to rise — both in numbers and the size of payouts.

The clear and present danger of a ransomware attack looms large among cyber executives and business leaders as the number of vulnerabilities increases daily. According to a 2022 CRA Business Intelligence survey, nearly one in four respondents reported that their organization experienced one or more ransomware attacks in the past 12 months, and almost one out of three of these organizations said the attacker succeeded in gaining access to their systems, encrypting files, and demanding a ransom

According to this survey, many believe that the worst is yet to come and that they are at a significantly higher risk of a cyberattack than ever before – it’s not a matter of “if,” but “when.”

Preparing for the inevitable and defending against the threat of a ransomware attack requires constant evaluation and assessment, and then making the necessary adjustments.

On this panel, our lineup of industry experts will discuss the key security measures enterprises must take, going beyond backup and recovery and anti-malware/anti-virus solutions to include endpoint security, vulnerability management, Active Directory monitoring, credential protection, DNS security tools, SIEM, DLP and encryption, and cloud security software.

EMs have evolved over the past few decades due to the evolving threat landscape, increasingly complex architectures, and ever-increasing data volume and velocity. In this session, we will cover the history of SIEMs and introduce a new strategy leveraging the concept of detection-as-code to optimize detections and threat hunting.

Taking a detection-as-code approach will show how to use a language most already know — Python and SQL. Leveraging the detection-as-code approach, we will also show how to write detections, test them, and introduce software development lifecycle best practices that can be used for version control, collaboration, and integration with your CI/CD pipeline.

Use of the cloud is continuously growing, not surprisingly so due to its perceived lower costs, greater agility, and ability to increase computing power with increased demand & continuously deploy new applications and software features.

Despite the appeal of cloud, there are many security risks and vulnerabilities and managing these risks has proven to be a big challenge as cyber criminals shift their tactics to cloud data and systems in responses to this increased use of the cloud. According to a CRA Business Intelligence’s September 2022 Cloud Security Survey, misconfigurations, lack of oversight, and little visibility across the organization are among their chief concerns regarding cloud deployments.

If organizations are going to successfully adopt/transition to the cloud, they must ensure security is part of their program. An effective cloud security program includes various process and technology capabilities to effectively keep up with the current threat landscape and vulnerabilities.