Cyber Security Summit
8 CPE/CEUs with full attendance
Wed, October 4, 2023
7:30AM - 6:00PM EDT
The Westin Charlotte
601 South College Street
Charlotte, NC 28202
C-Suite/Sr. Level Executives Only (Directors, Managers, Heads of IT, etc). Sales/marketing professionals & students will not be admitted.
or call 212.655.4505 ext. 247
The Fifth Annual Charlotte Cyber Security Summit connects C-Suite & Senior Executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. Admission is $195 each, giving you access to all Interactive Panels, Discussions, Catered Breakfast, Lunch & Cocktail Reception.
Our conferences have been rated as one of The Top 5 Must Attend Conferences for the last 5 years. Learn from renowned experts from around the globe on how to protect & defend your business from cyber attacks during interactive Panels & Fast Track Discussions.2
Evaluate & See demonstrations from dozens of cutting-edge solution providers that can best protect your enterprise from the latest threats.3
Time, Travel & Money
Many senior executives simply don’t have the time to travel for up to a week to the large cyber trade shows. Our mission is to bring the cyber summit to the executives in the nation’s top cities. Our events are always for just one day only and are produced within first class hotels, not convention centers.4
Engage, Network, Socialize & Share
Engage, Network, Socialize & Share with hundreds of fellow Powerful Business Leaders, C-Suite Executives & Entrepreneurs.
CEUs / CPE Credits
By attending a full day at the Cyber Security Summit, you will receive a certificate granting you 8 Continuing Education Units or Continuing Professional Education Credits. To earn these credits you must participate for the entire summit & confirm your attendance at the end of the day.6
By investing one day at the summit, you may save your company millions of dollars, avoid stock devaluation and potential litigation.7
Each Cyber Security Summit is “By Invitation Only” and all attendees are pre-screened & approved in advance. On-site attendance is limited to approx. 300 Sr. Level Executives to maintain an intimate, non-trade show like environment.8
Did Uber, Facebook, Microsoft, Equifax, and thousands of other businesses that were hacked do everything within their power to avoid being victimized? Is your company next? Learn the latest defensive measures at the Cyber Security Summit from your peers and from thought leaders in the industry.
This educational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.
Meet, Engage & Enjoy Breakfast with fellow Business Leaders, Cyber Experts, Government Officials & Thought Leaders.
Generative AI is proving to increase productivity and augment humans in new ways. To seize the opportunities AI presents, organizations must first be aware of and manage its risks. That includes understanding how generative AI has changed the threat landscape and the security concerns that come with it – access control, cyber risk and compliance, data privacy, governance, and security. In this session, learn how applying Self-Learning AI across your organization’s digital environment will help your security team prevent, detect, respond, and heal from incidents, including those augmented by generative AI, through every stage of the attack lifecycle. These defensive capabilities share AI outputs with each other to strengthen autonomous insights and actions, giving your teams greater visibility, impact, and control to stay ahead of evolving threats.
For far too long, the role of the security analyst, charged with investigating, validating and responding to attacks amidst the noise of alerts from multiple tools, has been a frustratingly fragmented and inefficient one. The hours spent on manual triage, threat hunting and research across many tools and data sources, not only extends the time taken per incident, but also distracts valuable resources away from higher risk attacks. Data shows that despite deploying more great tools and getting more alerts, we are not getting much better at this, if at all, over the past several years. The industry needs to focus on the analyst experience. How can these tools and data sources be better connected? How can AI and machine learning best be employed to unburden teams of the error prone repetitive tasks while providing rapid and valuable insights into the specifics of an attack, and even provide focused recommended actions? This can and does, dramatically improve the overall analyst experience and efficacy, helping to prevent burn out while simultaneously sharpening response capabilities. Join us to discuss what we have learned and how we and other members of a growing, open community are building and delivering in this space.
The current economic crisis poses a double threat to organizations: they must protect their digital assets from cyberattacks while coping with budget cuts, layoffs, and workforce reductions. How can organizations achieve both goals without compromising their security or performance? The answer lies in automation and AI. These technologies can help organizations enhance their cybersecurity capabilities while saving time, money, and human resources. In this presentation, you will discover best practices and strategies for implementing automation and AI in your cybersecurity operations. Don’t miss this opportunity to find out how you can use automation and AI to secure your organization’s future.
Despite having distinct differences, data privacy and compliance are deeply intertwined with cyber security. As focus on data privacy and compliance increases, business leaders can expect to see vast changes related to how consumer data is managed, shared, and secured. Policy & laws on data privacy and compliance continue to expand and become increasingly stringent, so it is important for companies and their respective business leaders to consider these areas as they develop & evaluate their cyber security strategies. For instance, last year the SEC proposed amendments to its rules on cyber security, risk management, strategy, governance, and incident disclosure by public companies.
At a more granular level, there are various initiatives to protect specific consumer data and ensure enterprises are compliant in doing so – particularly health data and children’s personal information. The American Data Privacy and Protection Act (ADPPA) if passed could greatly impact health data beyond the scope of HIPAA by establishing a national framework to protect & preserve the privacy of consumer data collected by entities not covered by HIPAA. In an American Medical Association survey, about 75% of surveyed patients expressed concern and confusion related to the privacy of their health data and how it is handled. The ADPPA could help clear up some of this confusion by establishing clear expectations. Another critical area is the collection of personal information of children. The Children’s Online Privacy Protection Act (COPPA) helps put parents in control of how their children’s data is handled and ensures that all entities in possession of this data sustain its confidentiality, security, and integrity.
Maintaining strong data privacy and compliance practices is imperative in preventing sensitive personal data from becoming compromised. This information is extremely valuable to cyber criminals, who seek to utilize compromised data to steal others’ identities or resell such PII.
This panel will look at the latest data privacy policies and implications for what this means for business leaders in the future. Our lineup of experts will lend their insights and offer best practices relating to privacy, compliance, and identity protection.
Charlotte Chapter of Blacks in Technology
Leader of Solution Engineering
Outshift by Cisco
Cyber Security Expert
Director of Cybersecurity Strategy
Sr Director Product Management
Regional Vice President of Sales - East
David Van Heerden
Manager, IT Operations
Advisory Solutions Consultant
This session will demonstrate how an attacker uses off the shelf security tools, API calls, and scripting to discover secrets in a public repository, leading to user impersonation in Okta, privilege escalation and sensitive data discovery in Salesforce, and ultimately data exfiltration from AWS. The session will also show attendees how to detect and defend against these types of attacks at every step.
CISO’s and Executives need to immediately understand and deal with the latest Artificial Intelligence-based tools, risks and benefits.
CISOs need to be very aware of all the issues and risks related to their business and the entire corporate and personal ecosystems. With this awareness, they need to provide ongoing guidance and leadership in addressing these new opportunities and their risks. Many CISOs are including AI-based issues in their weekly staff meetings and giving initial guidance as well as updates to Executive Staff. For example: Chat GPT and other AI-based tools are lowering the bar for hackers to create very targeted phishing emails based on previous hack info combined with social media information that are fooling many end users. Staff members in Security, IT, Network and Development, as well as Marketing and Sales, are all using ChatGPT and that must be shared and discussed during CISO-led meetings!
CISOs need to review and embrace the significant amount of good guidance that has recently been released. NIST just released the “AI Risk Management Framework” The AI Risk Management Framework (AI RMF) is intended for voluntary use and to improve the ability to incorporate trustworthiness considerations into the design, development, use, and evaluation of AI products, services, and systems. CISOs need to give good guidance to other executives that are needing to leverage AI tools to ensure their business innovates and beats the competition!
We’ll discuss all the appropriate steps that CISOs can use: Framing the Risk, your Audience, AI Risks and Trustworthiness, Effectiveness of the Benefits, the Risk Management Core that describes “Govern, Map, Measure, and Manage” and describes the Risk Management Profiles.
Key Take Aways:
1. Awareness of current AI tools and the benefits and risks that are happening now
2. Some new ideas on how to leverage AI tools safely.
3. How to ensure your team and company do not have incidents based on AI tool attacks and misuse.
4. Lots of links to the most current tools, research, countermeasures and the future
Join Snehal Antani, CEO of Horizon3.ai, for an eye-opening session where he’ll discuss real-world examples of what NodeZero discovered in networks just like yours. You’ll hear about how fast and easy it is to compromise some of the largest networks in the world – with full domain takeover – often in minutes, and sometimes, without even exploiting a CVE. Discover how autonomous pentesting helps find unknown weaknesses in your infrastructure that could quickly result in ransomware exposure.
During this session, you’ll learn how attackers:
• Use OSINT and password spraying to takeover systems without ever targeting CVEs.
• Land and expand with legitimate credentials, then poison assets to take over domains.
• Find cloud credentials and use them to compromise cloud services.
“Pay Up, or Else”. The number of organizations who have been faced with this scenario has been steadily increasing over the past several years as ransomware attacks continue to rise — both in numbers and the size of payouts.
The clear and present danger of a ransomware attack looms large among cyber executives and business leaders as the number of vulnerabilities increases daily. According to a 2022 CRA Business Intelligence survey, nearly one in four respondents reported that their organization experienced one or more ransomware attacks in the past 12 months, and almost one out of three of these organizations said the attacker succeeded in gaining access to their systems, encrypting files, and demanding a ransom
According to this survey, many believe that the worst is yet to come and that they are at a significantly higher risk of a cyberattack than ever before – it’s not a matter of “if,” but “when.”
Preparing for the inevitable and defending against the threat of a ransomware attack requires constant evaluation and assessment, and then making the necessary adjustments.
On this panel, our lineup of industry experts will discuss the key security measures enterprises must take, going beyond backup and recovery and anti-malware/anti-virus solutions to include endpoint security, vulnerability management, Active Directory monitoring, credential protection, DNS security tools, SIEM, DLP and encryption, and cloud security software.
Senior Cybersecurity Engineer
Center for Internet Security (CIS)
Cyber Security Expert
Senior Services Sales Account Manager
Cyber Security Expert
Cybersecurity & Compliance Manager
VP, Infrastructure & Operations
Cyber Security Expert
During the past 10 years I’ve participated in many security incidents, received confidential readouts of other company incidents, collaborated with top well-known incident response firms as well as government agencies. It’s with these experiences and learnings I’ve applied an overlay of Zero Trust to the problem. Having also delivered Zero Trust strategies at two globally-recognized enterprises we can speak to the reality of the problem and solution.
In 2022 I presented how my Enterprise Security teams delivered Zero Trust at Adobe and Cisco. So, let’s talk about why we prioritized the initiative; a forward thinking strategy that really defended against the attacks we were seeing. During this session we’ll discuss some high-profile security incidents from the past year, reviewing the themes, kill chain, and how or where a Zero Trust strategy might help prevent the attack, slow them down, or reduce risk.
As an example, many high profile hacks all started similarly. Related to an employee or contractor credential theft (or purchase) and an MFA fatigue or bypass. These are NOT highly sophisticated attacks and there are strategies that can save your bacon.
Extended Detection and Response (XDR) is on-trend now, which often results in terms being overloaded to mean things they weren’t intended to represent. Beyond the hype cycle, XDR represents evolution in Cybersecurity defense capability. In this Keynote, you will review the history and issues surrounding detection and response in common domains such as Network, Email, Identity, and Endpoint. You will learn how XDR differs from earlier attempts at cross domain correlation including SIEM, SOAR, and EDR. You will then learn how REST APIs have enabled cross vendor integrations and capabilities, enhancing more than just detection, creating the capability of highly scalable orchestrated and automated response. After reviewing these elements, you will learn how XDR pulls them together into a platform, and what good should look like. Finally, you will learn about some emerging capabilities based on XDR that are likely to become available in the near future.
Use of the cloud is continuously growing, not surprisingly so due to its perceived lower costs, greater agility, and ability to increase computing power with increased demand & continuously deploy new applications and software features.
Despite the appeal of cloud, there are many security risks and vulnerabilities and managing these risks has proven to be a big challenge as cyber criminals shift their tactics to cloud data and systems in responses to this increased use of the cloud. According to a CRA Business Intelligence’s September 2022 Cloud Security Survey, misconfigurations, lack of oversight, and little visibility across the organization are among their chief concerns regarding cloud deployments.
If organizations are going to successfully adopt/transition to the cloud, they must ensure security is part of their program. An effective cloud security program includes various process and technology capabilities to effectively keep up with the current threat landscape and vulnerabilities.
Tristan L. Sumpter
Specialist, Enterprise Business Development
Cyber Security Expert
Enterprise Sales Engineer
Cyber Security Expert
Insider Risk Advisor
Sr. Sales Engineer
Cyber Security Expert
To be eligible to earn your Full 8 CPE Credits, delegates must be in attendance for the full day. In order to claim any raffle prizes, you must be present during the cocktail reception.
Discuss and share the latest in cyber protection with our renowned security experts during interactive Panels & Round Table discussions. View our Security Content Sharing portal for past Cyber Security Summit solutions to protect your business from cyber attacks.
Cyber Security Coordinator,
Cybersecurity and Infrastructure Security Agency (CISA), U.S DHS
Global Chief Information Security Officer - Americas,
Check Point Software Technologies
The Cyber Security Summit connects cutting-edge solution providers with Sr. Executives to analyze & diagnose cybersecurity flaws through interactive panels & roundtable discussions. View the latest presentations given at the Cyber Security Summit through our Security Content Sharing portal.
The Cyber Security Summit is proud to be in partnership with some of the industry’s leading organizations in technology, information security, and business leadership.
If your media outlet or association is interested in becoming a strategic industry partner with The Cyber Security Summit, please contact Megan Hutton at MHutton@CyberSecuritySummit.com or call at 212.655.4505 ext 241.
Thank you for registering for the Cyber Security Summit. Our networking breakfast will start promptly at 7:30 AM. To receive your full CEU / CPE credits, you must attend for the entire day. We look forward to seeing you soon!
|cookielawinfo-checkbox-analytics||11 months||This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".|
|cookielawinfo-checkbox-functional||11 months||The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".|
|cookielawinfo-checkbox-necessary||11 months||This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".|
|cookielawinfo-checkbox-others||11 months||This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.|
|cookielawinfo-checkbox-performance||11 months||This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".|