SecureWorld Denver 2022

Come to the Registration desk in the lobby to check-in and get your badge.

This roundtable discussion is for our Advisory Council members only.

Participating professional associations and details to be announced.

Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

It’s no secret that many organizations abruptly shifted to a remote workplace model when the COVID-19 pandemic swept the globe. As leaders cope with the aftermath of the strangest time of their lives, they now consider what the workforce of the future looks like. Although the long-term answer will vary, one thing is certain: more organizations are embracing a dispersed workforce. Some leaders are concerned how they will continue to build and lead effective teams when many of our tried-and-true tactics are obsolete. While many have overcomplicated remote leadership, all we really need are four basic principles for success.

Cloud security is hard, not least because cloud platforms change so quickly.  This talk presents several lessons learned from security teams struggling to get their arms around the sprawl of modern infrastructure, using practical analogies from pandemics and earthquakes.

This presentation offers a fundamental approach to creating a foundation for an application security program that holistically addresses findings by creating a conduit between the information security teams—who often discover the issues—and the development teams, who know the application better than anyone and can re-mediate issues in the best possible fashion.

2020 was the year of ransomware and the pandemic, and many organizations realized their IR wasn’t up to snuff, and others did not listen to external professionals helping and were re-compromised. Have you really tested your Incident Response processes? How about having a detailed post-mortem after an event? Have you looked at your cyber insurance policy to see who you are supposed to be using for assistance? This session will review going through an actual incident and what was good and what was missing in the recovery, alerting (oops, the customers are involved), and finding the root cause, and whether cyber insurance was worth it.

This presentation presents a practical approach to incident command for managers at all levels, irrelevant of cyber expertise. Managers of all types are asked to take charge in critical situations and can benefit from leveraging proven crisis management processes during ransomware response.

Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

The cloud saved many businesses when the pandemic hit. Some were already there and found new ways to thrive. For others, it was their first jump. It’s been almost two years now. Our panel will share what we’ve learned in this journey to the cloud—from doing more with less, to the ever-present insider threat risk, to supporting our DevOps teams like never before.

If we’ve learned one thing from the pandemic it’s that cybercriminals do not take breaks. They are constantly retooling and trying new approaches. They collaborate—often better than we do. It is time for us to join forces, identify the most likely of risks to our organizations, and strengthen our networks. We’ve got to get our developers on board, as well, as it’s got to be secure before it goes to market. And what about all the careless clicking from employees?

It’s a huge task, but we don’t have to do it alone. Join our panel of experts as they unpack the current threat landscape and offer ideas on how to start making effective changes within your organization.

Key Takeaway:
Learn the essential elements of crisis communications and reputation control for the cybersecurity team and the elements not exercised in most Incident Response plans.

The ability to control the narrative during a cyber event will shape public perception of the company’s preparedness for a cyber event. In a cyber crisis, for everyone outside of the technical teams, perception is reality, and that reality may affect the company’s reputation long after the incident is over. Businesses have a significant reliance on technology; a breach of customer trust can be just as devastating as a network breach. Employees who are unsure of the circumstances will not hesitate to share on social media. Does the Incident Response plan account for reputation control? How will the company handle crisis communications during a cyber incident?

How to build an effective security awareness program and help your team recognize phishing and BEC.

Are your internal customers tired of passwords? Are you tired of easily breaking their passwords? Well, look no further. Passwordless authentication is upon us and can be achieved for multi-factor authentication (MFA), while making our internal customers happy. How is this possible? Come and listen with your colleagues as I share how we rolled it out, describe the lessons learned, and share who the players are.

Passwords are one of the most loathed controls in the wild. If you can’t beat ’em, join ’em. Learn who the passwordless alphas are and the lessons learned to achieve a win-win strategy within your company.

Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)

Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

Industrial Control Systems are everywhere and have an impact on our lives every day.  If they are not protected properly, we could lose access to electricity, oil & gas, and even food.  This presentation will look at what an Industrial Control System is, what the possible dangers are, and how to best protect them.

Organizations can often struggle to identify and address vulnerabilities in their environment, whether for network devices, servers, workstations, IoT devices and other hosts. This presentation covers a number of “quick wins” in vulnerability management for the wide range of devices seen on corporate and home networks today.

User IDs, long, complicated passwords, data breaches, internal audits, external audits, compliance assessments, hackers, and the list goes on and on. These are just a few things that access management professionals worry about. How do you set up your access management controls to limit the organization’s exposure and decrease the odds something bad will happen?  Come learn proven techniques to control the access management environment.