Cyber:Secured Forum 2019 Topics

Securing Cybersecurity Talent

Finding qualified physical security talent is as difficult as ever, with many security integrators reporting finding and/or developing valuable technicians as their highest current business priority. Add to that the increasing demand for project managers and technicians that speak the language of cybersecurity, and it becomes an uphill battle on two fronts. How can security integrators upskill their workforce, augment their talent pool with cybersecurity specialists and determine when outsourcing or finding partners makes the most business sense? How much cybersecurity expertise is enough in an organization’s workforce portfolio? Leading cybersecurity certification and accreditation organizations will address these concerns.

Partner Responsibility

Often, the first response to a cyber breach is finger pointing. How do manufacturers ensure that all aspects of their products, the software layer, the advanced chipsets and the cloud-based add-on services won’t end up being the reason their brand is damaged because of a vulnerability? How do security integrators assess the cyber accountability of a supplier and hold them responsible throughout the duration of a partnership? Hear from industry leaders how codification, cooperation and transparency around cybersecurity can be baked into partnerships.

Responding to a Breach

Your customer calls and says they saw on the nightly news that a component in your security solution has been compromised. What now? What steps do you take to make sure that the threat is contained? How do you launch damage control? Is there a plan that can turn this perceived threat to company reputation into an opportunity for your cybersecurity brand? Hear from experts involved in these scenarios and how they persevered through the chaos.

How Cyber-Physical Hackers Think

Hackers follow a methodology to evaluate options, plan and execute their attacks. While connected devices are still being implemented, dynamic attacks can leverage disconnected systems and processes to gain trust to other systems and processes – going from one seemingly innocuous system to a critical one they couldn’t access directly. Only focusing on hardening IP cameras, strengthening network defenses or “air-gapping” your network won’t help you from skilled attackers. Explore the world of how hackers think, the process they go through and how different elements of the attack surface affect one another.

What CISOs Want

Offices of the chief information security officer (CISO) and the chief security officer (CSO) are increasingly being intertwined in leading organizations. As security devices have become indistinguishable from commercial Internet of Things (IoT) devices and the data captured and stored are used more and more for non-security purposes, the CISO and CSO risk profiles are converging.  It is now on the security solutions provider to speak the language of information security risk mitigation as new characters begin appearing in the sales pitch room. A diverse sampling of CISOs offer their thoughts on what means the most to them in a security deployment.

Technologies Empowering Cyber-Physical Convergence

Artificial intelligence, blockchain and quantum computing have all been mentioned in trade and general business press as the next big disruptor. But how quickly do implementors of security need to understand and weave these technologies in their solutions? Technology evangelists from leading technology platform organizations discuss these technologies and others including the security problems that they solve as well as the new attack surfaces and risk that they contribute.

Protecting an Organization’s IP From International Espionage

Over the past decade, hundreds of millions, if not billions, of dollars of valuable data and the future opportunity it embodies has been stolen from American industry. Despite huge investments in cybersecurity, breaches and data thefts continue to increase. How can technology and simple governance practices remove the financial motivation for breaches by rendering the ultimate targets of the attack useless, even if successfully stolen? How can security integrators make these solutions part of their product portfolio? Security researchers will discuss “deterrence by denial” and how it can protect your customer’s crown jewels.

Insuring and Protecting Yourself From Liability

How does cybersecurity insurance protect an organization from liability and damages in this climate where a breach is imminent? Moreover, what steps and monitoring activities can an organization take to protect themselves from having a devastating threat occur in the first place? Cyber-focused legal minds will walk you through cases from very well-known organizations and how they have navigated the legal landmines inherent in the cyber-physical landscape.

Securing Cloud Deployments and Their IoT Endpoints

Cloud based security solutions have resulted in efficiencies in security operations. However, deploying an application in the cloud is not without cybersecurity challenges. The National Institute of Standards and Technology framework, right-sizing your provider, active system monitoring, multi-factor authentication, updating and patching and using secure APIs are all considerations that any solution provider must give important thought to to have a secure deployment. Seasoned cloud security experts will navigate these challenges.

Identifying the Right Person to Lead Your Cybersecurity Program

How do you know that the right person is leading your cybersecurity program? Just because a person is a high-performing engineer or technical systems architect doesn’t necessarily mean they are the right person to lead your cybersecurity operations. However, with a strong plan and capable team in place, even inexperienced leaders can communicate the mission of cybersecurity across an organization.  Professionals with experience building high-functioning cybersecurity teams will walk us through the pitfalls with an eye toward success stories for the industry.

Past Agenda (2018 Conference)

The complete 2019 agenda will be released soon. To help you understand the scope and depth of content presented by speakers at Cyber:Secured Forum, view the 2018 conference agenda published below.

June 4th, 20185:00pm7:00pm
June 5th, 20187:00am8:00am
June 5th, 20187:00am7:00pm
June 5th, 20188:00am9:00am

Join Suneeta Hazra, Chief of the Criminal Division and Judy Smith, Chief of the Cybercrime and National Security Section of the Colorado U.S. Attorney’s Office, as they discuss cybercrime trends and developments. They will discuss the cyber threat landscape nationally as well as locally, including cyber threats that you may not know about that impact your daily routines. They will also share the motivation behind the creation of the office’s Cybercrime and National Security Section and provide insight into how the U.S. Attorney’s Office can assist private and government partners.

Suneeta Hazra
Chief of the Criminal Division
U.S. Attorney’s Office for the District of Colorado
Judy Smith
Cybercrime and National Security Section Chief
United States Attorney's Office, District of Colorado
June 5th, 20189:15am10:15am

Join our panel of cyber-physical technology experts as they analyze how the internet of things (IoT), blockchain, mesh networks and other “smart” technologies promise to disrupt the security of cyber-physical systems. Learn how the physical security industry can and should prepare to incorporate these technologies securely within their product offerings.

Ray Coulombe
Founder and Managing Director
Jeff Crume
Distinguished Engineer & Security Architect
Donal Keating
Director Innovation & Research
Microsoft Corporation
Matthew Rosenquist, Intel Corporation
Cybersecurity Strategist

What does it mean for a vendor/manufacturer to be a good cyber partner? Listen to leaders from security-industry vendors discuss what they feel is critical to the cyber success of the security integrator and the end-user client. Learn what they are doing to make themselves and their products cyber hardened to provide you viable options for your business.

David Brent
Network Video and Cyber Security Training Engineer
Bosch Security Systems
Jake Cmarada
National Business Development, Enterprise Sales Manager
Dahua Technology
Mike Sherwood
Director, Technical Operations, Americas
Rob Sloan
Cybersecurity Research Director
The Wall Street Journal
June 5th, 201811:30am1:00pm
June 5th, 20181:00pm2:00pm

Findings from the industry’s first detailed physical security threat model have revealed that the security industry is at a crucial crossroads. With end-users building and deploying their own security solutions to circumvent the shortfalls of traditional industry solutions, the industry urgently needs take a collective action regarding cybersecurity. Explore what gaps exist on the road toward cyber maturity and what specific practices the industry will need to adopt to preserve the confidence of their customers and partners.

Terry Gold D6 Research
D6 Research
June 5th, 20182:15pm3:15pm

Regardless of whether you are a multinational company or a small business, today’s global business environment involves vast, interconnected networks – with critical business information being shared across companies and geographies. How can your company ensure it is effectively protecting your own confidential information and that of customers and other stakeholders? How do you know if your suppliers and third parties have the business processes and protections in place for strong cybersecurity? This session provides practical ways to navigate the risks, regulations and guidance for protecting confidential corporate information and addressing cyber risk management.

Pamela Passman
CREATe Compliance Inc.

As physical security sprints faster and faster toward becoming indistinguishable from the larger internet of things (IoT), it is important to recognize how traditional physical security will interact securely as part of a system of smart application domains such as smart buildings, smart cities and smart grids. The forthcoming NIST Cyber-Physical Systems Framework, scheduled for release in May 2018, further expands upon the current NIST Cybersecurity Framework to focus on the nexus of the cyber and physical worlds. Get a first look at the revised framework and the tools needed to apply it to projects.

Marcello Balduccini
Assistant Professor, Department of Decision & System Sciences
Saint Joseph's University
Ed Griffor of NIST
Associate Director, Smart Grid and Cyber Physical Systems Program Office
National Institute of Standards & Technology (NIST)
Christos Papadopoulos
Program Manager
Department of Homeland Security
Dr. Thomas Roth, NIST
Electronics Engineer, NIST Smart Grid & Cyber-Physical Systems Program Office
National Institute of Standards and Technology (NIST)
June 5th, 20185:00pm7:00pm
June 6th, 20187:00am8:00am
June 6th, 20187:00am12:00pm
June 6th, 20188:00am9:00am

What do CISOs look for when selecting solution partners for their business? How can the physical security industry meet the cybersecurity requirements of organizations that cannot afford to be impacted by cyber threats? Find out what it takes to properly assess the cyber risk of third-party vendors and what some of the best strategies and practices are that CISOs should employ to make the process as mature and efficient as possible.

Randall Frietzsche
Chief Information Security Officer
Denver Health

Explore how industry standards can be a part of an organization’s cybersecurity strategy to assess software vulnerabilities and weaknesses, minimize exploitation, address known malware, review security controls and increase security awareness. Find out what work has been done and what’s on the horizon when it comes to advancing a standards-based approach for testable cybersecurity criteria for network-connectable products and systems.

John Savarese, Underwriters Laboratories (UL)
Senior Cybersecurity Advisor
Underwriters Laboratories (UL)

Whether you call them “white hat” or “ethical”, hackers are providing value to organizations by improving the cyber resiliency of connected products and services. Learn what terms like red-teaming and penetration testing mean, and how the security industry can benefit from them and other initiating programs offering bounties to hack their systems before malicious actors do.

Casey Ellis
Founder & CTO
Katie Moussouris
Founder and CEO
Luta Security
Greg Otto, Managing Editor, CyberScoop
Managing Editor
Valerie Thomas
Executive Information Security Consultant

Cyber:Secured Forum 2019 will be held July 29-31 at The Westin Dallas Park Central in Dallas, Texas.