Agenda
Speakers
Sponsors
Register
A Full-Day Event
December 13, 2022
11:00am – 5:00pm EST
This virtual event will focus on some of the new threats posed by cybercriminals and nation-states.
On December 13, Cybersecurity Outlook 2023 will look at some of the new threats posed by cybercriminals and nation-states, as well as evolving products and technologies that may help mitigate those threats. You’ll hear from some of the cybersecurity industry’s leading experts, as well as researchers who have been studying the next wave of cyber vulnerabilities and exploits.
This free, all-day virtual event hosted by Black Hat, Dark Reading and Omdia will offer expert insight on the cyber-threats and technology trends enterprises will face in the coming year.
Event Topics Include:
- New threats and attack trends to prepare for in the new year
- The evolution of new security operations technologies
- Next-generation approaches to current security problems, such as ransomware and zero-day exploits
- Newly discovered security vulnerabilities in key software systems
- Trends in cybersecurity research and the next wave of security flaws emerging in current enterprise technology
- An overview of trends in malware development, including the ever-persistent ransomware scourge
- Key steps your organization should take to prepare for emerging threats in 2023
AGENDA
Keynote 1
- 11:00 AM – 11:45 AM EST
2023 Outlook: What Trends are on the Near Horizon in Cybersecurity?
Keynote Speaker: Maxine Holt, Head of Omdia’s Cybersecurity Research Practice
Today’s world is digitally dependent and organizations must be resilient to enable continuous operations and leverage digital opportunities. Cyber-resilience is a core component of digital resilience, ensuring that the organization can continually operate despite security incidents or breaches. In this keynote address, Maxine Holt, head of Omdia’s cybersecurity research practice, provides insight into the cybersecurity trends on the near horizon that organizations should be preparing for, and provides advice on next steps.
Keynote 2
- 12:15 PM – 1:00 PM EST
Risk Based Vulnerability Management (RBVM): Learning What To Prioritize And What To Ignore
Keynote Speaker: Andrew Braunberg, Omdia principal analyst
The unrelenting volume of newly discovered software vulnerabilities and the increasing speed and efficiency of attackers in exploiting these weaknesses, requires security practitioners to rethink their vulnerability management strategies. Organizations need to adopt a new generation of products that provide better visibility into distributed assets, support advanced analytics to accurately predict the business risk associated with each vulnerability, and prioritize and orchestrate remediation responses. In this keynote address, Omdia Principal Analyst Andrew Braunberg offers insight on the future of RBVM technology, and recommendations on how enterprises can make the best possible use of emerging proactive technologies.
Keynote 3
- 1:30 PM – 2:00 PM EST
Off The Beaten Path: Web3 Security
Keynote Speaker: Nathan Hamiel, Senior Director of Research, Kudelski Security
Attacks on Web3 projects are all the rage. The exposure of projects and speed at which attackers can make off with millions of dollars have made them attractive targets for attackers and nation – states alike. This trend is only increasing. The stakes for developers are high because you have to get everything right, the first time. After all, there may not be a next time. Web3 projects are experiments playing out in full public view and we haven’t discovered all of the security issues yet. There will be more hacks, more losses, and more negative impacts. How did we get here? Is it all doom and gloom? What can be done?
This keynote is a grounded look at the factors contributing to the security failures we’ve witnessed, free from the hype and hatred associated with the space. We look at the similarities and differences between the development of this new technology and more traditional applications and how some of the attacks manifested. Better testing and tools aren’t enough to solve the problem. We discuss actionable steps projects and chains can use today to address these issues and make the ecosystem safer for projects and users.
Keynote 4
- 2:30 PM – 3:00 PM EST
eBPF ELFs JMPing Through the Windows
Keynote Speaker: Richard Johnson, Senior Principal Security Researcher, Trellix Threat Labs
eBPF tracing is a hot new technology in the EDR and infrastructure space which provides high speed instrumentation and telemetry on events, processes, and network connections. eBPF is natively supported in the Linux kernel and is used in endpoint security products such as Carbon Black and Windows Defender for Linux. Last year, Microsoft released a completely new implementation of an eBPF tracing system for Windows which is destined to become a primary telemetry provider in the near future. eBPF for Windows has a complex architecture that leverages program analysis to verify unsigned user code via abstract interpretation before running it in a kernel context — integrity of the software is paramount. This research will be the first public work to analyze and discover security vulnerabilities in the new eBPF for Windows implementation.
This keynote will discuss the capabilities and security model of eBPF for Windows, followed by details of the design and attack surface which will include the eBPF API, the trusted static verifier and JIT engine, and the kernel implementation of trace hooks and telemetry providers. During our deep dive into the implementation details, we will uncover vulnerabilities at multiple layers and discuss how they were found with demos of fuzzing Windows eBPF components and real-time bug discovery. Join us on this journey as we examine this emerging technology on Windows and the security implications of the new attack surface.
Panel 1
- 3:25 PM – 3:55 PM EST
Managing the New Reality of a Remote & Hybrid Workforce
Sponsored by: Palo Alto Networks
It’s been nearly two years since the global pandemic forced enterprises to pivot practically overnight to digital business and work – from – home computing. While some workers have gone back to their offices, others are sticking with the remote work model, leavings security teams to support what is now the new normal: a combination of remote, hybrid, and office-based users. In this panel, experts will discuss this new reality of this hybrid workforce model in 2023, including the key endpoint and cloud security challenges and technologies security teams need to consider — as well as how it affects their own security operations teams who are now working remotely.
Panel 2
- 4:10 PM – 4:40 PM EST
State of Malware: 2023
Sponsored by: CardinalOps / Immersive Labs
Cybercriminals and nation – state actors are constantly evolving their malicious code and attacks to be more stealthy, efficient, and lucrative financially. What new and emerging characteristics and capabilities of the biggest malware threats should security teams prepare for in 2023? In this panel discussion, top experts will offer insight on what malware and ransomware will look like in the new year and provide recommendations on best practices for defending against this malicious code, and discuss the emerging technologies that can help thwart them.
DEMO
Demo with Zscaler
Sponsored by: Zscaler
Cybercriminals and nation – state actors are constantly evolving their malicious code and attacks to be more stealthy, efficient, and lucrative financially. What new and emerging characteristics and capabilities of the biggest malware threats should security teams prepare for in 2023? In this panel discussion, top experts will offer insight on what malware and ransomware will look like in the new year and provide recommendations on best practices for defending against this malicious code, and discuss the emerging technologies that can help thwart them.
December 13, 2022
11:00AM – 5:00PM EST
SPEAKERS
Phil Neray
VP of Cyber Defense Strategy, CardinalOps
Phil Neray is VP of Cyber Defense Strategy at CardinalOps. With 20+ years of cybersecurity experience, Phil comes to CardinalOps from Microsoft Security, which he joined after the acquisition of CyberX, an early innovator in IoT/OT security monitoring. He previously held executive roles at IBM Security/Q1 Labs, Guardium (acquired by IBM), Veracode, and Symantec. Phil has a BSEE from McGill University, is certified in cloud security (CCSK), and has a black belt in American Jiu-Jitsu.
Jiong Liu Senior Director of Product Marketing, Wiz
Jiong Liu leads the product marketing team for Wiz, working closely with customers to securely accelerate their cloud journeys. Prior to that, Jiong led the GTM strategy and product marketing team for Okta's customer identity products and Business Value practice. Jiong holds bachelor’s degrees in Economics and Interdisciplinary Studies from the University of California, Berkeley, and an MBA from the University of Pennsylvania, Wharton School.
Noah Simon Vice President of Product Marketing, Axonius
Noah Simon is Vice President of Product Marketing at Axonius. Noah is passionate about cybersecurity, and always seeking to understand how new technologies can help companies and individuals protect themselves from the continually evolving risk landscape. Noah has previously held product marketing roles at BitSight, Cybereason, and White Ops.
Mark SangsterVice President, Chief of Strategy, Adlumin Inc.
Mark Sangster is Vice President, Chief of Strategy at Adlumin Inc., a cybersecurity technology firm that focuses on revolutionizing how corporate institutions secure sensitive data and intellectual property while achieving compliance objectives through its managed security services platform. Before joining Adlumin, Sangster established his 20-year sales and marketing career at industry giants like Intel Corporation, BlackBerry, and Cisco Systems. His experience unites a strong technical aptitude and an intuitive understanding of regulatory agencies.
Kev BreenDirector, Cyber Threat Research, Immersive Labs
Kev Breen is the director of Cyber Threat Research at Immersive Labs where he researches new and emerging cyber threats. Prior to his civilian life Kev, spent 15 years in the military serving as a Radio Technician and Trunk Comms Specialist before transitioning to a Cyber Security Analyst, specializing in Malware Analysis. After leaving the military, he continued to work in Cyber Security running a CIRT team for a defense contractor before joining Immersive Labs.
Jason GeorgiGlobal Field CTO, Prisma SASE, Palo Alto Networks
Jason is the Global Field Chief Technology Officer for Prisma SASE at Palo Alto Networks. He is an accomplished technology executive with over 25 years of experience driving innovation and transformation initiatives across global organizations. Jason collaborates with CIOs, CTOs, and other technology leaders on strategies aimed at enabling business outcomes.
Nathan Hamiel Senior Director of Research, Kudelski Security
Nathan Hamiel is Senior Director of Research at Kudelski Security where he leads the fundamental and applied research team. Part of the Innovation group working to define the future of products and services for the company, his team focuses on privacy, advanced cryptography, emerging technologies, and special projects. He is also responsible for the research function at the company, connecting the dots between the various business units and focusing on collaboration both internal and external to the company.
Richard Johnson
Senior Principal Security Researcher, Trellix Threat Labs
Richard Johnson is a computer security specialist with a focus on software vulnerability analysis. Currently Senior Principal Security Researcher at Trellix and Chief Research Officer of Fuzzing IO, Richard offers over 20 years of professional expertise and leadership in the information security industry. Current responsibilities include zeroday vulnerability research and development of advanced fuzzing and automated reverse engineering solutions.
Alberto Yepez Co-Founder and Managing Director, Forgepoint
Alberto is a Co-Founder and Managing Director at Forgepoint. He is a serial entrepreneur with a proven track record of building global businesses and leading them to successful exits.
James Turgal Vice President of Cyber Risk, Strategy, Board Relations, Optiv
James Turgal is the former executive assistant director for the FBI Information and Technology Branch (CIO). He now serves as Optiv Security’s vice president of cyber risk, strategy and board relations. James has personally helped many companies respond to and recover from ransomware attacks and is an expert in cybercrime, cyber insurance, cybersecurity, ransomware and more.
James draws on his two decades of experience investigating and solving cybercrimes for the FBI.
Allen Houchins VP of Information Technology and Facilities, Jamf
Allen Houchins is the Vice President of IT & Facilities at Jamf, where he oversees the Information Technology and Workplace Services teams. He is at the forefront of the employee experience at Jamf, combining technology with the physical and virtual work experiences that help Jamfs support customers and get stuff done. His unique role and experience have allowed for some pivotal thought leadership as companies transitioned to work from home and are now set up to provide leadership in defining the new future of work.
Ryan LeiningerCyber Incident Response & Readiness, Accenture
Ryan Leininger is a Sr. Security Manager at Accenture where he leads a team specialized in responding to complex data breaches and helping organizations better prepare for incidents. His experience as a practitioner has taken him across the globe to help organizations respond to and recover from high impact cyber intrusions.
Huxley Dunsany Sr. Technical Enablement Engineer, Zscaler
Richard Johnson Senior Principal Security Researcher, Trellix Threat Labs
Richard Johnson is a computer security specialist with a focus on software vulnerability analysis. Currently Senior Principal Security Researcher at Trellix and Chief Research Officer of Fuzzing IO, Richard offers over 20 years of professional expertise and leadership in the information security industry. Current responsibilities include zeroday vulnerability research and development of advanced fuzzing and automated reverse engineering solutions.
Alberto Yepez Co-Founder and Managing Director, Forgepoint
Alberto is a Co-Founder and Managing Director at Forgepoint. He is a serial entrepreneur with a proven track record of building global businesses and leading them to successful exits.
James Turgal Vice President of Cyber Risk, Strategy, Board Relations, Optiv
James Turgal is the former executive assistant director for the FBI Information and Technology Branch (CIO). He now serves as Optiv Security’s vice president of cyber risk, strategy and board relations. James has personally helped many companies respond to and recover from ransomware attacks and is an expert in cybercrime, cyber insurance, cybersecurity, ransomware and more.
James draws on his two decades of experience investigating and solving cybercrimes for the FBI.
Allen Houchins VP of Information Technology and Facilities, Jamf
Ryan LeiningerCyber Investigations, Forensics, Response Senior Mgr., Accenture
Kelly Jackson Higgins
Editor-in-Chief, Dark Reading
Kelly Jackson Higgins is the Editor-in-Chief of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, Virginia Business magazine, and other major media properties. Jackson Higgins was recently selected as one of the Top 10 Cybersecurity Journalists in the US, and named as one of Folio's 2019 Top Women in Media. Follow her on Twitter @kjhiggins.
Fahmida Rashid
Features Editor, Dark Reading
As Dark Reading’s managing editor for features, Fahmida Y Rashid focuses on stories that provide security professionals with the information they need to do their jobs. She has spent over a decade analyzing news events and demystifying security technology for IT professionals and business managers. Prior to specializing in information security, Fahmida wrote about enterprise IT, especially networking, open source, and core internet infrastructure.
Tara Seals
Managing Editor, Dark Reading
Tara Seals has 20+ years of experience as a journalist, analyst and editor in the cybersecurity, communications, and technology space. Prior to Dark Reading, Tara was Editor in Chief at Threatpost, and prior to that, the North American news lead for Infosecurity Magazine. She also spent 13 years working for Informa (formerly Virgo Publishing), as executive editor and editor-in-chief at publications focused on both the service provider and the enterprise arenas.
Becky Bracken
Editor, Dark Reading
Becky Bracken is a veteran journalist covering cybersecurity for Dark Reading.
Maxine Holt Senior Director, Cybersecurity (Omdia and Informa Tech)
Maxine Holt leads the Omdia cybersecurity research team and is the lead architect of the Omdia Cybersecurity Ecosystem. Maxine’s team delivers a comprehensive cybersecurity research program to support vendor, service provider, and enterprise clients in the areas of: data security; identity, authentication, access; infrastructure security; security operations; enterprise security management; IoT security; and emerging cybersecurity.
Andrew Braunberg
Principal Analyst, Omdia Cybersecurity
Andrew has been covering, researching, and speaking on topics related to enterprise information technology for approximately 20 years. He supports Omdia's Cybersecurity Operations (SecOps) Intelligence Service research practice, focusing on security operations center (SOCs) technology and trends, with a special focus on the proactive technologies used to avoid breaches such as risk-based vulnerability management (RBVM) and attack surface management (ASM).
Dan Mellen
Global Lead for Security Cloud and Infrastructure Practice, Accenture
Yaniv Bar-Dayan
Co-Founder & CEO, Vulcan Cyber
Frederick “Flee” Lee
CISO, Gusto
Ryan Alban
Sr. Manager of Global Solution Leads, Secureworks
Patrick Grillo
Senior Director, Solutions Marketing, Fortinet
Brad Moldenhauer
CISO – Americas, Zscaler
Nadav Arbel
Co-Founder & CEO, CYREBRO
Matt Mellen
Director, Security Operations, Palo Alto Networks
Mark Guntrip
Sr. Director Cybersecurity Strategy, Menlo Security
Jennifer Ayers
Consultant with NextJen, LLC
SPONSORS
Diamond
Platinum