Austin

Join Tim Brown, Chief Information Security Officer of SolarWinds, and J.D. Miller, CyberRisk Alliance, for a candid fireside chat reflecting on one of the most consequential cyber incidents in recent history. In this discussion, Tim delves into the technical, operational, and cultural aftermath of the SolarWinds breach—offering insights into the challenges of securing software supply chains and rebuilding trust in the cybersecurity community. He will share the company’s path to transparency, the implementation of a Secure by Design initiative, and how SolarWinds turned crisis into an opportunity to lead industry-wide reform. Attendees will gain real-world perspective on resilience, collaboration, and the evolving role of the CISO in today’s high-stakes cyber landscape.

Key Topics:

• Building and managing effective incident response plans.
• Detecting and mitigating cyber and physical threats.
• Using real-time data and intelligence for decision-making.

Why It Matters:
Security managers often handle tactical responses. Understanding effective response strategies ensures timely containment and resolution of incidents.

Threat actors are increasingly targeting development pipelines in order to launch software supply chain attacks that have massive downstream impacts. These attacks are successful — the Snowflake breach of 2024 in which an attacker extorted $2.7 million out of customers is proof they work. Governments across the globe have also taken note of this threat, with SBOM mandates and regulations like the Cyber Resilience Act in Europe aiming to mitigate the risks. Open source malware, another name for a malicious open source package, is proliferating — Sonatype alone has observed more than 778,500 pieces of open source malware since 2019, representing more than 200% growth year-over-year.

Attendees will learn about the most prominent types of open source malware including discoveries over the past year, what attributes differentiate open source malware from traditional malware and vulnerabilities, best practices for defending against open source malware, and how the attack vector will evolve in 2025. Join this talk to learn more about:
How and why threat actors are focusing efforts on infiltrating software development via open source
Differentiating attributes between open source malware and traditional malware
The most prominent types of open source malware impacting enterprises today, as well as how enter development pipelines
Best practices for SBOM management and securing the software development lifecycle against open source malware

Key Topics:

• Ransomware, phishing, and advanced persistent threats (APTs).
• Optimizing operations and improving security through Orchestration and Automation.
• Understanding the impact of AI and IoT on security vulnerabilities.
•  

Why It Matters:
Staying informed about the latest threats helps leaders anticipate and prepare for risks that can disrupt operations.

In this presentation, Craig Johnson, Principal Solution Architect for Forward Networks, will demonstrate how to save time with instant, searchable access to all global network information and proactively verify that network behavior matches your intent with network digital twin technology. With network verification, cybersecurity professionals can improve SOC efficiency through attack surface management, vulnerability management, and security posture management. And digital twin technology isn’t just for on-prem networks, now the entire team can gain end-to-end visibility for multi-cloud environments and validate security controls, in a single pane of glass.

Organizations have finally come to grips with the harsh reality that breaches will happen and have begun implementing controls to improve their cyber resiliency. Unfortunately, many are still missing a key piece of the puzzle – implementing proper control around lateral movement to ensure a breach does not go from bad to worse. Learn how organizations are leveraging micro-segmentation to improve their cyber resiliency by:

– Gaining visibility into the critical parts of their attack surface
– Implementing controls to prevent lateral movement and restrict access to systems with sensitive data
– Proactively implementing recovery plans to enable continuity of business operations
– Reducing the stress of reacting to changes within the environment

Key Topics:

• Evaluating and selecting security technologies that align with organizational goals.
• Best practices for integrating new tools into existing security infrastructures.
• Orchestrating technology solutions to maximize their effectiveness and return on investment.

Why It Matters:
Choosing, using, and integrating the right technologies is vital for building a robust cybersecurity infrastructure, and Effective technology management optimizes security investments and enhances overall protection against evolving threats.