"Building Resilience: Lessons from the Frontlines of Cybersecurity"
Join us for an enlightening fireside chat with Stevan Bernard, the former Executive Vice President of Global Protection Services at Sony/Sony Pictures Entertainment. In this compelling keynote session, Stevan will delve into the critical components of building a resilient security program, sharing his invaluable insights and firsthand experiences.
Drawing from his extensive career, Stevan will take us through the meticulous preparation leading up to a nation state attack, providing a rare glimpse into the strategies and practices that can fortify an organization against sophisticated threats. He will recount the intense moments during a nation state attack, offering a candid look at the challenges faced and the real-time decisions that shaped the response.
The session will explore the profound lessons learned from the attack, emphasizing the importance of adaptive strategies and continuous improvement in security measures. Stevan will also highlight the concept of security convergence, discussing its pivotal role in creating a holistic defense framework that integrates physical and cybersecurity.
Looking ahead, Stevan will share his vision for the future of security convergence, addressing emerging trends and the evolving landscape of global security threats. This keynote is an unmissable opportunity to gain expert insights and practical knowledge from one of the foremost leaders in the field of global protection services.
Whether you are a seasoned security professional or new to the field, Stevan Bernard's experiences and insights will equip you with the knowledge and inspiration to enhance your organization's security posture and resilience.
The Security Industry is full of old, tired mindsets and beliefs which no longer serve us. Maybe they never served us, it was just the easiest way to explain our lack and frustration.
Have you ever been told “If you do security well, you’ll work yourself out of a job”?
How about this one? “Security is a cost center.”
Both of these are 100% untrue, outdated, and no longer compatible with the modern world of business. These are sentiments which affect the very perspective we have of ourselves. These statements of frustration that literally communicate to the organizations we serve: “We offer no value to you whatsoever.”
Tim Wenzel, Associate Managing Director of ESRM at Kroll and the Creator of The Kindness Games is going to tell the story of corporate security, help you understand the genesis of The Insecurity in Security, and build the new value proposition of the Modern Security Organization.
If you’ve ever wondered why you “can’t get your seat at the table” or you don’t understand the simmering anxiety you feel every time you have an important meeting, this presentation will change you and help you see your value in the corporate structure.
In the talk 'Hackers in Jurassic Park: When Attackers Find a Way', Kevin Johnson of Secure Ideas delves into the world of cybersecurity, through the lens of real-life hacking stories. Just as 'Jurassic Park' unveiled the unforeseen consequences of bringing dinosaurs back to life, this presentation uncovers the unexpected and often ingenious methods used by cyber attackers to breach seemingly impregnable digital fortresses. Our journey takes us through a series of true tales from the front lines of cybersecurity, where penetration testers navigate the complex jungle of code and cybersecurity measures.
Each story in the talk is carefully selected to demonstrate a unique aspect of cyber attacks – from social engineering feats that mirror the cunning of a Velociraptor, to sophisticated attacks that target applications and APIs with the ferocity of a T-Rex on the loose. Attendees will not only get an insider view of the tactics and thought processes of attackers but will also grasp the critical importance of proactive defense strategies. This session aims to enlighten, entertain, and educate, offering vital insights into the ever-evolving threat landscape. By the end, participants will have a heightened awareness of the risks lurking in the digital world and be inspired to think like a seasoned hacker to better defend their digital realms.
Daniel Garrie's presentation at the 2024 Converge Security Conference will serve as a crucial guide for technology professionals navigating the new terrain of cybersecurity regulation. This presentation will address the complex interplay between heightened regulatory scrutiny, executive liability, and the strategic response required within organizations.
The discussion will begin with an exploration of the recent developments in cyber regulation, notably underlined by the U.S. Securities and Exchange Commission's (SEC) enhanced enforcement. Garrie will dissect cases like the SEC's action against SolarWinds' CISO, and the profound implications of the SEC's 2023 rules on "Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure". These developments have broadened the accountability scope, affecting not just technology executives but also board members, marking a significant escalation in the liabilities faced at the highest organizational levels.
Garrie will argue for a fundamental change in perspective: cybersecurity must evolve from being a technical issue to an integral aspect of an organization’s strategic planning. He will stress the necessity for cybersecurity to be recognized and managed as a cross-functional, enterprise-wide concern, involving all tiers of an organization.
The presentation will offer actionable strategies for achieving this integrative approach. Garrie will highlight the pivotal role of thorough risk assessments and comprehensive tabletop exercises. These are not just tools for technical analysis; they are essential for testing an organization's overall preparedness and resilience against cyber threats. He will emphasize how these exercises can reveal vulnerabilities and foster a culture of proactive cybersecurity awareness throughout the organization.
Additionally, Garrie will focus on the critical need for consistent and effective communication between security leaders and other senior executives. This communication is key to ensuring that cybersecurity considerations are understood and integrated into the broader business context. He will offer insights into developing these communication channels, bridging the gap between technical and strategic domains.
In conclusion, this talk promises to equip attendees with a nuanced understanding of the current regulatory landscape and its implications for technology leaders and board members. It will provide practical strategies for embedding a holistic approach to cybersecurity within their organizations, emphasizing the importance of comprehensive risk management and strong executive communication. This knowledge is essential for adapting to the evolving landscape of cyber regulations, ensuring organizational compliance, and enhancing overall resilience against cyber threats.
When considering convergence of physical and logical security I get distracted as my employer has things which will never merge like armed security forces. (anti) helicopter wires, seat teams, physical DMZ etc. Used to be we could count on doors, guards and gates as a primary control.
The truth is, cyber has had to take over from physical as speed and variety of what's accessible has increased 100 fold. We seem to be determined to put everything online and accessible without considering if we should or how it's mitigated. No more are systems all in our facilities, nor only used from secure locations.
Let's delve into what I've seen in 40 years of security at a national lab and how it maps to the rest of the world.
We are so focused externally we forget what the insider is doing, except we train them regularly on phishing/attachment security, and sometimes reminding them coffee shop wifi is "bad."
We will delve into Insiders, outsiders, casual to nation states, the threats are all over, the challenge to discuss is how to protect, detect and respond to these across the board.
This session will provide guidance on the process and requirements for achieving compliance with Cybersecurity Maturity Model Certification (CMMC) version 2.0 and emphasize the significance of CMMC v2.0 in enhancing cybersecurity measures, particularly for organizations working with the Department of Defense (DoD) and how to leverage previous NIST 800-171 implementations.
The session will provide a brief history of CMMC, highlighting its evolution from 800-171 to version 1.0 and now 2.0. Will explore the current framework of CMMC v2.0, detailing its levels, domains, capabilities, and practices. Describe the relevance of CMMC v2.0 in securing DoD contracts and its broader impact on improving cybersecurity standards within organizations, even though not engaging with government contracts. And most importantly, the key concepts presented will include steps to prepare for Compliance:
- Assessment and Gap Analysis: Outline the process of conducting a self-assessment to identify current cybersecurity strengths and weaknesses in relation to CMMC v2.0 requirements.
- Developing a Plan of Action: Guidance on how to prioritize actions based on CMMC levels, including setting realistic timelines and milestones for compliance.
- Implementation Strategies: Offer best practices for implementing necessary cybersecurity measures and advice on utilizing existing resources and tools effectively.
- Continuous Monitoring and Improvement: Emphasize the need for ongoing compliance processes, regular reviews, and updates to cybersecurity practices.
- Handling 3rd Party Audits: Prepare for third-party assessments, focusing on documentation and evidence management to demonstrate compliance.
- Leverage cloud-based solutions (GCC and GCC-High)
This session provides a comprehensive guide on understanding, preparing for, and maintaining CMMC v2.0 compliance. It emphasizes the importance of cybersecurity in the context of DoD contracts and offers practical steps for organizations to assess, plan, implement, and sustain compliance. The goal is to equip participants with the knowledge and tools needed to successfully navigate the complexities of CMMC v2.0
SA Bryan Willett will help increase your cyber threat awareness through a discussion of the current state of the cyber threat, current threat actor trends, ideas for how to avoid becoming a victim, and the FBI's cyber investigative role. He will also provide a few digital resources you can access to obtain more information and help decrease your chance of becoming a victim.
Cybersecurity leaders have had it figured out for a while: building resilience is about adapting to threats, adversities, and challenges so a business can continue to meet market demand and stakeholder expectations. Physical security, while a critical piece of the puzzle for businesses with a large physical footprint, has been playing catchup over the years and is finally turning a corner toward building a more resilient presence using cybersecurity principles.
The panel will answer/discuss the following:
How can physical and cyber leaders collaborate to manage risk to an organization?
What are some of the techniques and best practices that cyber pros use (and vice versa) to ensure business continuity?
How can we mitigate against known (and unknown) risks together?
The complexities of physical and cyber security planning through the lens of cyber resiliency and its effect on your business.
Born out of a real-world breach, in 2019 the founders of HiddenLayer led the incident response to a novel attack on Cylance's AI anti-virus engine. They realized in that moment, Machine Learning Models would be the new cybersecurity attack surface. Today, we have entered into an AI arms race with the rapid adoption of artificial intelligence across virtually every industry and business sector. Along with it comes the inherent cybersecurity risks and threats from a new attack vector called Adversarial Machine Learning. Hiep Dang walks us through the evolution of the threat landscape in the new era of AI and offers a primer to cybersecurity professionals on how to start thinking about securing AI.
The Cybersecurity Maturity Model Certification 2.0 (CMMC), released in late 2021, aims to protect Controlled Unclassified Information (CUI) with the evolving nature of contemporary cybersecurity threats in mind. But for organizations who have already been operating in the DIB for some time, questions remain: How is CMMC any different from previous DOD programs? What could be the consequences of noncompliance, and conversely, how can the not insignificant cost of compliance be managed? How can an organization find a trusted partner to navigate the CMMC ecosystem? Designed for an audience already familiar with CMMC or other DIB-related cybersecurity requirements, this talk will answer these questions and more. Audience members will leave armed with tangible steps to guide their organization’s decision-making around compliance and investment.
Chris, one of less than 100 individuals officially certified as both a Certified CMMC Provisional Assessor and Instructor, has led CMMC instruction for more than 500 students. He has centered most of his instruction, course development, and practice exam authoring with one of the only 51 officially recognized Licensed Training Providers to date. Chris was one of the first 200 CPNs registered out of more than 2500 active today and is an active member of many invite-only thought leadership bodies such as the CMMC Industry Standards Council and the C3PAO Forum. His positioning on the front lines of the CMMC 2.0 rollout, and his cumulative 25-plus years in cybersecurity, uniquely qualify him to guide DIB contractors through the certification process.
Congratulations! You have successfully recovered from a cybersecurity incident. Systems are restored, data is available, and business operations are functioning at full capacity. Here come the lawyers...
All too often, an organization that survives a security incident will find itself the defendant in a lawsuit. Matt will explore what triggers these lawsuits, the factors that lead to success in the courtroom, and how organizations can proactively position themselves for victory. He will discuss how we can manage risk using a duty of care framework, why it is important to understand the nature of negligence, and how to operationalize an effective risk management program so we can survive not only the cybersecurity incident, but the legal repercussions that follow.
At Converge 2023, Tim Wenzel asked this question around the evolving role of the CSO. The lively conversation continues this year as we discuss security’s role in enterprise risk.
Managing enterprise risk is like co-parenting with lots of interesting and sometimes dysfunctional partners.
How do you manage the birth and initial management of new risk in your organization?
What happens when that moment of weakness or careless decision created risk that you're just finding out about years later??
No matter your organization’s security goals, challenges, and level of maturity - there is no single, more effective way of proving whether your organization is susceptible to today’s threats or the effectiveness of your security controls than to emulate real-world attacks and see how your program stands up against an attacker’s tactics and techniques. Whether the question is “Can an attacker deploy ransomware in my environment?” or “Can a rogue employee exfiltrate all of my customer data without detection?”, the only definitive way to answer these types of questions is to simulate the attack and see how you stack up.
Enter Red Teaming. Red Teams conduct end-to-end assessments of the full organization (network, physical and social) using the full kill chain to provide insights into the organization’s overall security posture and resilience to realistic attack scenarios.
While Red Teaming is the gold standard for testing defenses, creating an effective program is no small feat. In this talk, Trevin Edgeworth, a former CISO and a Red Team leader for several Fortune 500 companies, shares his personal experience building and leading Red Teams, as well as strategies for setting up your organization for success.
This session will address foundational Red Team concepts and best practices, including:
•What is red teaming (and what is it not)
•Red teaming approaches and methodologies
•Assessing organizational readiness
•Attracting and retaining top talent
•Cultivating a strong Red/Blue Team relationship
•Measuring success and reporting to leadership
With the Proposed Rule being released small to medium size businesses continue to struggle with what does it mean for them. There seems to be misunderstanding of timelines, implementation timelines, and compliance timelines. Through this session small to medium size business owners will be given a clear pictures of timelines, costs, compliance, and what comes next.
In this engaging session, Corey White, CEO of Cyvatar, draws parallels between Prince's iconic album "Sign O’ the Times" and the current cybersecurity landscape. He will delve into how the rapidly changing digital environment mirrors the transformation and challenges highlighted in the album. Focusing on recent cyber threats, White will illustrate how these challenges mirror the themes of adaptation and resilience reflected in Prince's work. The session will cover innovative approaches to cybersecurity, emphasizing proactive and AI-driven strategies. White will provide insights on evolving cyber threats and their impact, paralleling the timeless relevance of "Sign O’ the Times" in music and culture. Attendees will leave with a deeper understanding of modern cybersecurity challenges and practical strategies for safeguarding their platforms in these ever-changing "cyber times."
TBA
Information Security Sucks . . . How to build an Information Security Program that inspires growth, and drives business outcomes
Having worked in the Information Security space for almost 20 years, the biggest challenge by far for any Information Security, yet hardly ever talked about if how to get buy in from the wider organization for your Information Security programs, initiatives and controls.
Information Security is often seen as one of many things...
- 1. Compliance Driven | Box Ticking Exercise
- 2. A Necessary Nuisance | One that needs to be tolerated.
- 3. A roadblock | One that needs to be circumvented where possible.
But Information Security needs to be much more inclusive, understood by all and supported top - down in material ways that drive tangible benefits.
This session will address real areas of opportunity, discuss practical ways for security leaders to drive their security program, and ultimately change the security narrative from being a cost burden to a profit center for the business, driving innovation and business transformation.
Our world is rapidly changing and our reliance on technology to facilitate literally every aspect of our lives, certainly accelerating its complexity. Not surprisingly, our home and business networks have become riddled with cyber threats. Even the smallest and the most innocuous of oversights can lead to irreparable consequences - as evidenced by relentless, targeting of our defense supply chain.
Recently, these cyber-attacks have transcended beyond mere digital skirmishes to become a cornerstone of a much larger geopolitical strategy. Hackers are now forming loose coalitions between their groups to further political strategy - sharing expertise, intelligence, resources, and more to further these interests. As these attacks grow more complex and politically charged, we need to explore and understand the implications to our national security and more specifically, how compliance standards such as the CMMC can support our nation in this challenging battlefield.
Our session will explore recent attacks on our Defense Supply Chain and U.S. Government Agencies, focusing on how attackers gained access to U.S. information systems and exploited vulnerabilities. From Solar Winds and beyond, we'll unravel the strategies employed by hackers, revealing an alarming trend towards more aggressive, state-sponsored cyber warfare. We will also explore how digital strikes are carefully orchestrated to achieve specific political objectives, often leaving a trail of chaos in their wake.
As we confront the challenges of this new era, we must question the adequacy of existing countermeasures - including, the Cybersecurity Maturity Model Certification (CMMC) and supporting legislation. Is compliance alone enough to stave off these rapidly advancing threats?
In a world where the lines between cyber and physical security are increasingly blurred, understanding the convergence of these domains has never been more critical. Join us for a powerful closing keynote led by our C-Suite executives, where we will explore the current state of security across cyber, physical, and the rapidly merging cyber-physical landscape.
This session is designed for both security practitioners and business leaders, offering a comprehensive view of the sophisticated threats we face today. From cyberattacks that can disrupt entire supply chains to physical breaches that can compromise digital infrastructures, our leaders will share their strategic insights and innovative approaches to fortifying defenses in this complex environment.
Expect to walk away with actionable strategies that not only address the current security challenges but also anticipate the future. Whether you're safeguarding digital assets, protecting physical infrastructure, or navigating the convergence of the two, this keynote will provide you with the knowledge and inspiration to lead your organization toward a more secure and resilient future.
Don’t miss this opportunity to hear from the forefront of security leadership and equip yourself with the tools to stay ahead in a rapidly evolving threat landscape!
Copyright ©2023 Converge Security Conference. All rights reserved.
Nahum 1:7