New code turns into tech debt the moment it’s committed. If you don’t fix known issues - security or otherwise - on the way in, they usually don’t get fixed.

The ecosystem makes it worse. New architectures and design patterns are developed, frequently making your shiny new code an antique. Cloud vendors create innovations that alter the definition and scope of an application. Open-source libraries are updated and released constantly, sometimes with additional functionality, sometimes with security fixes and sometimes with malicious code.

Let’s face it. Software ages like milk, not wine. Are you keeping up or falling behind? Do you spend more time deploying fixes or dealing with exceptions to policy? It’s time for a change. Here's what you will learn:

• What the vulnerability landscape looks like currently; 
• The factors from both security and development that are contributing to the problem; 
• Steps to take to get better.  
  

How can you bring security and IT teams together to reduce friction and dramatically improve vulnerability remediation? To help you address this challenge, Jeff Sherman from the HCL BigFix team, will share his experiences doing just that at major US enterprises.

Security leaders do heroic work protecting their people, processes and technology from cyberattack. However, there is one significant gap in enterprise security that CISOs cannot protect, even if they wanted to: the personal digital lives of the C-Suite, Board Members, and senior executives. Join BlackCloak CEO Dr. Chris Pierson as he speaks about the growing problem of cybercriminals attacking executives’ personal lives to attack the company, and why CISOs have limited options to mitigate this risk.

Critical resources need defense in depth beyond validating identity. Certificates provided a method to establish this trust. It is time to remove the calendar reminder for our certificate renewal. Duo’s Device Health Application can verify enrollment into corporate management systems without deploying certificates. Learn how this is done with some common asset management solutions.

Multiple-extortion ransomware, cryptocurrency exchange hacks - these are hallmarks of the new digital battlefield, and the navigation - and negotiations - are more critical than ever. In this panel discussion, two steeped cybercrime experts discuss the legal, privacy and security aspects of real-world situations including:

• Weapons of choice in the new digital battlefield
• The emerging role of cryptocurrency in cybercrime
• Incident response: Step by step when the response clock starts

Are you ready for version 3.0 of the internet and it's implications on security and privacy? In this session Keith will discuss the new iteration of "the web" based on blockchain technology, token based economics and decentralization. He will define what web3 is and kick start your thought process around how this all will be a benefit to security and privacy professionals. In this session Keith will go over: 

• What is web3 and history of web1 and 2 
• Define some components of web3: Blockchain, smart contracts, NFTs, DAO, etc) 
• Security concerns 
• Security and Privacy Benefits 

The cyber-threat landscape continued to evolve and expand in 2021, with attackers finding new vulnerabilities and ways to infiltrate organizations. There was also a significant rise in supply chain attacks in the past year, meaning 100s or even 1000s of organizations are at risk of being breached because of a security flaw in a single third party. In this environment, security teams must shift to a risk-based approach, prioritizing the most important areas of their organization. They should also not be afraid to seek outside help, leveraging the growing number of highly skilled white hat hackers to discover unique types of vulnerabilities across their network.

In this session, Hafizji will discuss:

• The evolving threat landscape and expected trends for 2022
• The importance of adopting a risk-based approach
• The growth of crowdsourced security and how it works 
  

Arming and unleashing your inner skeptic

Hype surrounding artificial intelligence is everywhere, and the AI-ification of everything from beverages to pet care is well underway, with few signs indicating that the hype wave has crested. But despite the obviously transformative effects that artificial intelligence has had across numerous industries and verticals, the value of informed skepticism shouldn’t be discounted. In fact, now more than ever, it is critical that grounded skepticism take a front-row seat for discussions aimed at enterprise technology and security executives.

Join us as Vectra AI, a leader in enterprise security, addresses both the hype and the opportunity at a practical altitude necessary for strategic decision-makers to feel confident about harnessing their inner skeptic to achieve better outcomes for the enterprise.  

Audience members will walk away with the following:

• The foundational perspective necessary to sort hype from transformation;
• A practical approach to focusing on AI outcomes; 
• An appreciation for the AI risks on the horizon.

In this presentation and fireside chat, Brendan “Casey” McGee and Kevin McCleary of the U.S. Secret Service will describe the present situation between cryptocurrency and crime, outline some of the emerging trends related to crypto enabled fraud and what the private sector can do to prevent and protect itself from these types of criminal activity.

Join Brendan “Casey” McGee, Assistant to the Special Agent in Charge, United States Secret Service and Kevin McCleary, Assistant to the Special Agent in Charge, Criminal Investigative Division, United States Secret Service to learn about;

• History of USSS payments systems investigations;
• Crypto enabled fraud trends and cases;
• Proactive defense strategies to combat digital fraud.

Ask any cybersecurity team for nightmare scenarios, and one of the top answers you'll hear is this: having to fend off an attack by a well-resourced nation-state. Now, since Russia has invaded Ukraine, the likelihood of such attacks, or collateral damage, continues to escalate.

Governments across the globe have issued alerts to organizations to take steps to reduce the likelihood of damage and maximize resilience. As a result, how much has the war accelerated or hindered enterprises' security plans?

This expert panel will share insights and strategies, including:

• How security teams are responding to heightened threat activity; 
• How to maintain cyber resilience in wartime; 
• What potential disruptions to prepare for as the war continues.

The Zero Trust framework is based on the principle of "never trust, always verify." Join us to learn about Zero Trust, how to adopt it for applications, and the technologies you need to take control of your environment in the fight against ransomware.

Ransomware and other forms of cyber-attacks are becoming more sophisticated, and new attacks are reported every week.  Every organization needs to strengthen their cyber-defenses with the strongest air-gapped solution possible.  In this session, learn about the latest advances from Quantum for creating immutable data vaults, including the Quantum Ransom Block solution which is the only air-gapped solution that creates a true physical barrier between your data and your network.  We will also cover best practices and recommendations for minimizing your risk.