Chicago

Most organizations believe their risk assessment programs are effective—until a real attacker proves otherwise. In this session, Ellen Sundra will challenge conventional security approaches by shifting the focus from theoretical risk to real-world exploitability. Drawing from insights gained across 100,000+ pentests, she’ll share compelling war stories that expose hidden attack paths, misconfigured defenses, and critical gaps that traditional security tools miss. Attendees will walk away with a deeper understanding of how an offense-driven defense—thinking like an attacker and continuously testing security—can uncover weaknesses before adversaries do. Discover why organizations that “hack themselves” first are the ones best equipped to defend against today’s relentless cyber threats. Key Takeaways: Risk Assessments That Matter – Move beyond check-the-box security to focus on exploitable risk. Attacker’s Perspective – Learn how real attackers chain weaknesses together to achieve critical impact. Resilience Through Offense – Build a security strategy that continuously finds, fixes, and verifies vulnerabilities. Don’t miss this opportunity to rethink your security approach and learn why “go hack yourself” is the best way to stay ahead of the next breach.

As organizations rapidly adopt generative AI and emerging technologies, security leaders face a critical challenge: enabling innovation while managing risk. Traditional approaches to security and risk management are being tested by AI’s unique characteristics and far-reaching business impact. The solution may not lie in complex new organizational structures like “fusion centers,” but rather in a more fundamental reimagining of how we approach security governance. Enter the Five Cs framework – a pragmatic approach that bridges the gap between innovation and security without creating additional organizational complexity. Join LevelBlue, a global leader in security services, as we share field insights from helping organizations navigate AI adoption. Learn how the Five Cs framework can help you.

Organizations have finally come to grips with the harsh reality that breaches will happen and have begun implementing controls to improve their cyber resiliency. Unfortunately, many are still missing a key piece of the puzzle – implementing proper control around lateral movement to ensure a breach does not go from bad to worse. Learn how organizations are leveraging micro-segmentation to improve their cyber resiliency by: Gaining visibility into the critical parts of their attack surface Implementing controls to prevent lateral movement and restrict access to systems with sensitive data Proactively implementing recovery plans to enable continuity of business operations Reducing the stress of reacting to changes within the environment.

Key Topics:

• Building and managing effective incident response plans.
• Detecting and mitigating cyber and physical threats.
• Using real-time data and intelligence for decision-making.

Why It Matters:
Security managers often handle tactical responses. Understanding effective response strategies ensures timely containment and resolution of incidents.

In today’s fast-evolving threat landscape, gaining visibility and context into threats is essential to staying ahead of cyber adversaries. In this session, Scott Dowsett, Global Field CTO, will discuss modernizing your security to detect, investigate, respond and remediate threats at lightning speed.

The Gap Between Productivity and Protection is Expanding.

Users demand seamless access to business apps from any device, anywhere. Traditional network-based access methods pose inherent risks and leave you blind to user activity. The risk? Problems with BYOD, unmanaged third-party access, and even some insider threats go unnoticed. Some of these network-based approaches include:

• VPNs: A gateway to over-privileged access, sluggish performance, and no visibility
• ZTNA: Often too complex and costly to implement effectively.
• The result? A frustrated workforce, and an IT/Security team that cannot address exposures.

Ready to close the gap? Join this session to discover a modern approach to secure app access that empowers your users and provides detailed visibility to protect your business. No compromises required.

Key Topics:

• Ransomware, phishing, and advanced persistent threats (APTs).
• Optimizing operations and improving security through Orchestration and Automation.
• Understanding the impact of AI and IoT on security vulnerabilities.
•  

Why It Matters:
Staying informed about the latest threats helps leaders anticipate and prepare for risks that can disrupt operations.

Modern Privileged Access Management (PAM) has been defined as an evolution in identity and user management for the most sensitive accounts within an organization. As we look forward to the future of PAM, we realize that the discipline is expanding to manage and mitigate not only privileged access, but also assets, accounts, and attacks against modern identity security threats. In this presentation, we will explore the journey to a successful PAM implantation and what mitigation strategies you should consider as a defense for your organization.

Key Topics:

• Evaluating and selecting security technologies that align with organizational goals.
• Best practices for integrating new tools into existing security infrastructures.
• Orchestrating technology solutions to maximize their effectiveness and return on investment.

Why It Matters:
Choosing, using, and integrating the right technologies is vital for building a robust cybersecurity infrastructure, and Effective technology management optimizes security investments and enhances overall protection against evolving threats.

As cybersecurity threats grow more sophisticated and regulatory scrutiny tightens, cybersecurity leaders must go beyond risk mitigation to drive business resilience and strategic growth. In 2025, security is no longer just an IT function—it is a core business imperative requiring executive alignment and cross-functional collaboration.

In this exclusive fireside discussion, Jigar Shah, Global Head of Cybersecurity at Tenet Healthcare, will join moderator J.D. Miller to explore the key priorities shaping cybersecurity leadership in 2025, including:

• Balancing Innovation with Stability: Optimizing security investments while maintaining operational efficiency.
• Operational Acumen: Positioning cybersecurity as a business driver rather than a reactive function.
• AI-Powered Threats & Defenses: Navigating AI’s dual role as both an attack vector and a defensive tool.
• Boardroom Communication: Demonstrating cybersecurity’s financial impact and shifting from a cost center to a value creator.
• Scaling Cyber Resilience: Addressing IAM modernization, cloud security, third-party risk, and regulatory challenges.

This candid conversation will provide high-level insights into how cybersecurity leaders can navigate emerging threats, strengthen organizational resilience, and redefine the role of security in the enterprise.