|
|
Keynote
In the high-stakes world of cybersecurity, where precision and caution are often prized above all else, a silent threat looms within our own organizations: the fear of failure. This fear - deeply embedded in American corporate culture - stifles innovation, discourages risk-taking, and prevents talented professionals from realizing their full potential. As security leaders, we are expected to be infallible. Yet the truth is, our greatest breakthroughs often emerge from our biggest missteps. In this provocative and deeply personal talk, I'll challenge the prevailing mindset that failure is a weakness. Instead, I'll argue that failure is a strategic asset-one that can unlock creativity, accelerate growth, and transform how we lead. Drawing from my own journey-marked by bold decisions, uncomfortable pivots, and lessons learned the hard way - I'll share how embracing discomfort and uncertainty has shaped my career and elevated my impact. Together, we'll explore how to build cultures that reward curiosity, encourage experimentation, and treat failure not as a verdict, but as a catalyst. This is not a talk about perfection. It's a call to arms for every security leader who's tired of playing it safe. If we want to build systems that are resilient, teams that are fearless, and organizations that truly innovate-we must first learn to fail forward. Key Takeaways:
Sessions
Modern attackers don't limit themselves to one domain they combine physical intrusion with cyber exploitation to bypass defenses. In this session, we'll walk through a simulated real-world attack where physical access and digital compromise worked hand-in-hand. Using an interactive "choice point" format, attendees will step into the role of the defender, making decisions at critical moments to stop the breach. We'll then reveal how each defense failed in reality, what the ideal response would have been, and how organizations can close these hybrid security gaps. Attendees will leave with a practical defense blueprint they can apply immediately vendor-agnostic, field-tested, and designed for real-world threats. Key Takeaways:
Cybersecurity professionals often focus on technical growth, governance, and risk maturity-but what happens when the greatest threat isn't a vulnerability in code, but in character? In this deeply personal and practical session, I share my encounter with individuals who exhibited traits of the Dark Triad-narcissism, Machiavellianism, and psychopathy-and how those encounters derailed not just security efforts, but entire teams. These personalities are rarely talked about in our field, but they can cause immense harm to cybersecurity programs, organizations, and people alike. You'll learn how to recognize common behaviors, patterns, and tactics used by Dark Triad personalities, especially those in positions of influence. More importantly, you'll walk away with strategies to detect, manage, and protect yourself and your teams from psychological and organizational harm. This talk blends behavioral science, leadership resilience, and cyber governance for professionals operating at the intersection of risk, trust, and people. Key Takeaways:
AI in security is often more hype than practice. Retrieval Augmented Generation (RAG) changes that. In this talk I will show how RAG can be used in real cybersecurity work. I will walk through how it helps with compliance, investigations, and governance. This is based on real lessons from building and testing these systems in the field. The goal is to make RAG less theory and more practice for security teams. Key Takeaways:
The increasing deployment of Large Language Models (LLMs) and agentic solutions introduces complex security challenges, often due to insufficient integrated governance, proactive threat modeling, dedicated red teaming, and AI-specific detection. Securing this evolving landscape requires foresight and understanding AI's unique attack surface. This talk provides practical insights from a year of securing and attacking AI deployments, revealing common security missteps and critical vulnerabilities in production AI systems. We emphasize proactive measures like AI-specific threat modeling and targeted red team exercises, plus robust governance and response frameworks. Designed for executive leadership and technical professionals, this session offers actionable guidance to navigate AI security complexities and foster resilient AI adoption. Key Takeaways:
The Model Context Protocol, also known as MCP, was designed to serve as the backbone of agentic AI. It links tools, data, and agents into a single ecosystem that can act with autonomy. That same connective tissue has now become a prime target. What was built to create e??iciency is being turned into an attack surface hidden in plain sight. Recent breaches reveal the scale of the risk. A compromised Postmark MCP 1.0.16 server secretly copied every outbound email processed by connected agents, leaking sensitive information such as memos, invoices, and authentication keys. Anthropic's MCP Inspector contained CVE-2025-49596, where default-open settings let attackers take remote control of developer systems. Cursor AI pipelines enabled hidden edits to MCP con?gurations, which triggered malicious code execution. Microsoft's experimental MCP plugin for Teams was found to expose tokens in shared sessions. A Fortinet MCP connector was manipulated to tunnel persistence tra??ic past enterprise ?rewalls. Each incident reveals the same truth: once inside MCP, attackers inherit the trust of every tool, every work?ow, and every identity it interacts with. This is more than a technical ?aw. It is a shift in how compromises unfold. Toolchains become parasitic, preferences are manipulated, and identities are fragmented until the system itself turns against the enterprise. The chilling part is that the compromise begins before most security teams even know where to look. Boards cannot treat MCP as an engineering problem. It is a governance problem. The defenses are clear: enforce least privilege across integrations, consolidate identity across agents, continuously audit MCP endpoints, and deploy runtime interceptors. If these steps are ignored, the breach will not come from outside. It will already be inside the tools that leadership trusts most. Key Takeaways:
Featured Sponsors
As adversaries continuously evolve their tactics, techniques, and procedures (TTPs), static and compliance-driven defenses have proven insufficient to protect modern enterprises. This session delves into the principles and implementation of Threat Informed Defense (TID) - a structured methodology that operationalizes cyber threat intelligence to enhance Security Operations (SecOps) processes. By fusing threat modeling, detection engineering, and adversary emulation, TID enables defenders to measure and strengthen their detection and response capabilities against the techniques that matter most. We'll explore how TID integrates across the SecOps lifecycle - from alert triage and incident response to proactive threat hunting and control validation to drive continuous improvement. The session also demonstrates how Generative AI (GenAI) and Large Language Models (LLMs) can accelerate analyst workflows by contextualizing alerts, correlating telemetry, and providing real-time decision support. Through the fusion of AI-driven summarization, enrichment, and guided remediation, we will show how SOC teams can dramatically reduce mean time to respond (MTTR) and eliminate cognitive fatigue in high-volume environments. Participants will gain practical insight into mapping adversary behaviors to their environment's data sources, quantifying detection coverage, and integrating AI-assisted automation to close intelligence-to-action gaps. Real-world examples and workflow mappings will highlight how leading organizations are evolving their SOCs from reactive monitoring centers into adaptive, intelligence-driven defense ecosystems. By aligning intelligence, operations, engineering, and emerging AI technologies, this talk offers a blueprint for defenders to evolve from passive responders to proactive, AI-augmented operators, capable of anticipating, testing, and neutralizing adversary behaviors before they can cause impact. [ Home ] |