DC Metro

On July 26, 2023, the SEC adopted rules requiring registrants to disclose their cybersecurity risk management strategy and governance, as well as the material impact of cybersecurity incidents. This reflects a larger trend globally of regulators requiring more accountability for incident readiness and response, IRR. As security leaders are increasingly under scrutiny, what proactive measures should they be considering for risk mitigation and incident preparedness? And, how are security leaders planning for incident response to ensure they are containing and eradicating the threat, recovering affected systems, and learning from the incident to improve future security posture? Join this session for new data from a survey of 500 security leaders that sheds light on what they are prioritizing for IRR today and planning for tomorrow. 

What are the biggest threats to your business? What’s changing in the current threat landscape that you need to know about? Is ransomware still the biggest threat or is AI taking the spotlight?

On this panel our lineup of industry experts will discuss the most dangerous and emerging threats to your organization as well as the solutions that go beyond anti-malware/anti-virus to include endpoint security, vulnerability management, Active Directory monitoring, credential protection, DNS security tools, SIEM, DLP and encryption.

Hear data-backed solutions to go beyond the SBOM and dive into the tools open source consumers and maintainers can use to secure their software supply chain, from everyday practices to long-term solutions for enterprises. We’ll explore how SBOMs, when integrated within a full SCA program, can empower teams to identify and fix vulnerabilities more efficiently and protect against potential attacks. We’ll also provide guidance on:

• Preparing for SBOM compliance and liability
• Implementing SBOMs into your workflow
• Best practices for effective SBOM Management
• Determining the best SBOM formats and standards for your organization

Legacy SOAR platforms: overhyped, under-delivered. Rigid playbooks, clunky case management, and limited scope left security teams drowning in complexity Break free from these limitations with a modern, extensible approach to automation that empowers analysts, scales effortlessly, and tackles your toughest security challenges head-on.

Cloud computing solves many problems like flexibility, cost-efficiency & scalability, so it’s no surprise that use of the cloud is consistently growing. 

That said, it also means organizations step into unknown areas where gaps are easy to miss and hackers are quick to exploit. 

Today we will discuss all things cloud so you know what works best for your organization.

Our experts will look at hybrid and multi-cloud environments, adopting the concept of cybersecurity mesh & Zero Trust, the Secure Access Service Edge (SASE) framework, cloud-native tools & platforms, as well as why the future of network security is in the Cloud. 

Every major security incident in the past two decades has one thing in common: stolen data. Tools and techniques that were once only known to state actors have become widely available, and new pathways to valuable data emerge every day. While applications and infrastructure can be rebuilt and restored, data can never be “un-breached.”

In this talk, Justin Wilkins, VP of Engineering at Varonis, will give you a front-row view of the three-way collision course between data growth, cloud adoption, and cyber risk. He’ll explain how the only way to reverse the trend of increasingly catastrophic data breaches is to embrace intelligent automation.

Modern security solutions must defend against increasingly sophisticated malware. A constant battle is being fought between threat actors and security vendors, with a continuous stream of new attacks and corresponding countermeasures being developed. Detecting and preventing the execution of malicious code requires comprehensive analysis in both a static and dynamic context. In this talk we’ll review the benefits and limitations of both static and dynamic analysis using real-world examples and some colorful analogies.

The Cybersecurity Summit will be giving away an InfoSec world VIP pass during the cocktail reception to one lucky winner. (a $2,400 value)