San Diego

On July 26, 2023, the SEC adopted new rules requiring registrants to disclose their cybersecurity risk management strategy and governance, as well as the material impact of cybersecurity incidents. This reflects a larger global trend of regulators requiring more accountability for incident readiness and response, or IRR. As security leaders come under more and more scrutiny, what proactive measures should they be considering for risk mitigation and incident preparedness? And how are security leaders planning for incident response to ensure they are containing and eradicating threats, recovering affected systems, and learning from incidents to improve their security posture? Join this session for new data from a survey of 500 security leaders on IRR that sheds light on what they are prioritizing today and planning for tomorrow.

When looking at how to best protect your business, cybersecurity readiness should be top priority, but what is it?

Cybersecurity readiness is the ability to identify, prevent, and respond to cyber threats. Can proper data governance, risk management (including managing 3rd party risk and supply chain risk) and compliance provide a framework to always being ready?

Let’s discuss GRC & the best steps to take when quantifying cyber risk, developing your incident response plan, creating a data security policy & more.

In this informative session, we will step into the eye of the cybersecurity storm in a session that exposes the profound shift in the cyber battleground brought by Generative AI. Last year witnessed record losses to phishing and ransomware attacks, but as they say in show business, “you ain’t seen nothing yet!” Learn how the incredible power of Generative AI, that helps fortify cybersecurity defenses, is also arming cybercriminals with formidable new capabilities. This transformation will make them much more dangerous digital adversaries increasing the threat to every type and size of organization across every industry. Attendees will see the tools that cybercriminals use, and they will gain an understanding of the impact of generative AI on the most dangerous and destructive attack methods. The session will also present the next-generation defense strategies that will become necessary.

As we step into 2024, it’s clear that Software Bill of Materials (SBOMs) are finally evolving beyond a buzzword, becoming indispensable for security and legal compliance in software development. The U.S. government and regulatory bodies around the globe have incorporated SBOMs into new cybersecurity legislation and software supply chain protections – and with good reason. Without an SBOM, companies risk being blind to known-vulnerable open source components being shipped in their software applications, and much like Equifax did in 2017, will struggle to respond to new zero day vulnerability disclosures in open source components. Join Sonatype as we explore how SBOMs can enhance resilience in the face of evolving threats, discuss best practices for effective SBOM management, and provide guidance for easily integrating SBOMs into your workflow.

There seems to be a new article every day covering the intersection of artificial intelligence (AI), machine learning (ML), and the security industry. Vendors are suggesting that AI has the potential to act as a team member, replace missing expertise, and reduce headcount for detecting, investigating, responding to, and predicting new cyberthreats. The concept of a fully computerized SOC may be a dream in a world lacking cybersecurity professionals, but can it be realized?

Increasing the autonomy of the SOC is a noble goal, especially for smaller organizations struggling to hire and retain the necessary cybersecurity skills. However, the need for self-learning and self-repairing capabilities in an autonomous SOC raises an important concern: If your IT and security system becomes self-referential and self-healing, how can you investigate to ensure it’s getting it right? Who watches the watchers?

This discussion will explore:

• The history of AI, ML, and automation already in your security stack
• The dangers and challenges of unrestricted GPT and other chat bots as information sources
• Ways humans and AI can work together

Our lives, both personal and professional, are intertwined with Wi-Fi. Everyone is online everywhere, be it a cafe, office, or at home. With AI doing most of our tasks in seconds, we rely on generative AI tools to get work done faster. Two questions: 1. What are we losing by connecting to high-speed free Wi-Fi at any place? 2. What are we losing by getting work done using AI tools?

Let’s get straight answers and staggering security concerns out of the way in my session. See you there!

What are the biggest threats to your business? What’s changing in the current threat landscape that you need to know about? Is ransomware still the biggest threat or is AI taking the spotlight?

On this panel our lineup of industry experts will discuss the most dangerous and emerging threats to your organization as well as the solutions that go beyond anti-malware/anti-virus to include endpoint security, vulnerability management, Active Directory monitoring, credential protection, DNS security tools, SIEM, DLP and encryption.

Getting past the hype of AI and ChatGPT, there are huge benefits to practical (and less sexy) applications of AI. And despite all the buzzwords and overpromises coming from our industry today, there actually are real and meaningful ways AI tools will help security professionals make better risk decisions, faster and more accurately. In this talk, we’ll show some examples of how AI can help predict risk, cut through complexity when making risk decisions and even help to retain senior staff while keeping them focused on the tasks that matter most.

2024 will mark the pivot point when software security finally gets the attention it has been lacking. The impetus for transformation will be driven by the innovation opportunities of AI and the rise of regulation focused on creating better security outcomes for customers. Join Francis Ofungwu, GitLab Global Field CISO, in this high-level overview. He will examine standards and regulations your software and application security programs should care about, the impact of non-conformance on your business, and recommendations on how to prepare for this sea change.

Cloud computing solves many problems like flexibility, cost-efficiency & scalability, so it’s no surprise that use of the cloud is consistently growing. 

That said, it also means organizations step into unknown areas where gaps are easy to miss and hackers are quick to exploit. 

Today we will discuss all things cloud so you know what works best for your organization.

Our experts will look at hybrid and multi-cloud environments, adopting the concept of cybersecurity mesh & Zero Trust, the Secure Access Service Edge (SASE) framework, cloud-native tools & platforms, as well as why the future of network security is in the Cloud.