SecureWorld Denver 2023

Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

Participating professional associations and details to be announced.

This roundtable discussion is for our Advisory Council members only.

Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

Session description coming soon.

Over the last few years, the workforce, and the way we work, has entirely shifted focus. Between hybrid work models, attracting and retaining diverse talent, forced digital migrations/transformations, cybersecurity succession planning, and overall mental fatigue, the future of work has dramatically changed. We will discuss how to navigate the “new normal” and lessons learned along the way. This discussion is followed by a Q&A, so come prepared to ask your burning workforce questions!

Sometimes just having a SOC isn’t enough to address insider threat issues. Security operations teams are managing massive amounts of data across billions of events from on premises to the cloud. Looking for specific needles like insider threats in this complex haystack has special requirements that encompass both searching historic data and seeing evolving credential behavior changes as they happen.

Whether from downsizing or expanding the business, employees, vendors, contractors, and more are moving in and out of your environment. And often, it is during turbulent times that insider threats go unobserved as everything  changes so quickly. Insider threat initiatives require a new, more focused approach.

This presentation will explore:

• The common scenarios that indicate you need an insider threat team, how to build a mission statement, and tools
• Four attributes of a successful insider threat program
• How behavioral analytics baseline “normal” behavior of users and devices—showing risk faster
• An automated investigation experience that replaces manual routines and effectively guides new insider threat teams

Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

Like the main character in the 1981 horror movie, An American Werewolf in London, cybercriminals continue to morph into something evil, lurking in the night (and day) to cause harm to people, organizations, and governments. Cue the Creedence Clearwater Revival song, Bad Moon Rising.

The cybersecurity community is smart and more than capable of thwarting bad actors, fangs and all. They have tools, technologies, partnerships across private and public entities, and solution vendors to help them along the way. Don’t forget about the consultants working hard to stay ahead of those wanting to do harm, as well.

Hear our panelists’ views on the current threat landscape, solutions they have to offer, and ideas they have for turning a bad moon into a harvest moon.

With the accelerated use of Microsoft 365, we are shooting more sensitive and confidential data into the cloud than we are aware of. Keeping track of what files users are sharing among each other in Teams and OneDrive and knowing who else has access to seems an impossible task. What can you do about it? Find out in this talk.

Topics covered include:

• What goes on in the background when we share data in Teams & OneDrive.
• Why more people have access to shared files than we think.
• How tenfold helps you keep track of permissions and shared files once and for all

Advisory Council – VIP / INVITE ONLY

Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

In today’s rapidly evolving digital landscape, APIs have become integral components of business operations, propelling innovation and interconnectivity. However, they also pose unique security challenges that must be managed strategically. This talk provides a CISO’s perspective on API security, exploring the balance between technological advancement and robust protection. The session examines the risks associated with APIs, current best practices in API security, and strategies that a CISO can employ to mitigate threats, ensuring the secure and effective utilization of APIs within an organization. This session aims to provide insights into creating a strong security culture that can adapt to the dynamic nature of API technologies while protecting valuable business assets.

How are CISOs and security leadership developing API security and incident response readiness governance?

Key questions addressed include:

• How are APIs tied to business success?
• Why having an API strategy is essential?
• How to develop API lifecycle management?

Can you “imagine” if The Beatles, when first starting out, had to deal with having their catalog of music hacked, stolen, and held for ransom simply because it was in an unsecure cloud setting? While it is possible for that to happen with their hit-laden collection of songs today, it’s merely a tiny example of how businesses operate at a minimum in a hybrid cloud environment—many in a cloud-only platform.

With that comes security issues and another major area which cybersecurity professionals must work diligently to protect.

Our panel of experts share the good, the bad, and the ugly of operating in a cloud environment, what it takes to make the move to hybrid or multi-cloud successful, how to protect data from insider and outsider threats, and what it takes to provide the support DevOps teams need.

Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

As the nation’s cyber defense agency, CISA leads the national effort to understand, manage, and reduce risk to our cyber and physical infrastructure. Since the majority of our nation’s critical infrastructure is privately owned, ensuring the nation’s cybersecurity posture requires continued collaboration between government and the private sector. During this fireside chat, CISA will discuss the current cyber threat landscape, the agency’s latest initiatives to help critical infrastructure owners and operators protect and defend their networks, and the catalog of CISA services available to organizations to become more cyber resilient.

Measuring one’s cybersecurity framework against others in the same industry, or even outside of their vertical, can provide valuable insights into areas to improve or adjust.

Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

Join your peers for conversation and complimentary beer, wine, soda, and hors d’oeuvres. This is a great opportunity to network with other security professionals from the area, and to discuss the hot topics from the day.

Generously sponsored by Uptycs. A drink ticket is included on your attendee badge.

Topic(s) and instructor to be announced.

Our PLUS courses provide 6 hours of in-depth training onsite the day before the conference. Learn in a small group of your peers from an instructor with subject matter expertise on a critical, timely security issue.

Includes a Conference Pass; earn 12 CPE credits total!