May 03 2022

9:00 AM – 10:00 AM (PDT) Registration, Expo

Terrace Lounge / Club Room

9:00 AM – 4:30 PM (PDT) Vendor Expo

Garden Terrace

10:00 AM – 10:15 AM (PDT) Welcome address, Raffle Drawing – Richard Greenberg

10:15 AM – 11:00 AM (PDT) Opening Keynote: Human Security Engineering: Stop Relying on the Failed Human Firewall
Ira Winkler, Chief Security Architect – Walmart, Inc.

11:00 AM – 11:25 AM (PDT) Break – Vendor Expo – Book Signing

Sand & Sea Room

11:25 AM – 12:10 PM (PDT) Irrational but Effective – Applying Parenthood Lessons to Cybersecurity
Rafal Los, Vice President, Chief Security Strategist at Lightstream Managed Services

12:10 PM – 1:40 PM (PDT) Lunch,and Vendor Expo

Sand & Sea Room

1:40 PM – 2:25 PM (PDT): Understanding evolving M365 Threats
Aaron Turner, Cyber Security Innovator & Entrepreneur; VP – SSPM, Vectra AI

2:25 PM – 2:40 PM (PDT) Break and Vendor Expo

Sand & Sea Room

2:40 PM – 3:25 PM (PDT) Definition of Insanity
Deb Radcliff, Author, Analyst, Advisor, Writer and Speaker – Cybercrime and Cybersecurity

3:25 PM – 4:10 PM (PDT) Identity is the New Battlefield
Tony Cole, Chief Technology Officer, Attivo Networks Inc.

4:10 PM – 4:30 PM (PDT) Break – Vendor Expo – Book Signing

Garden Terrace

4:30 PM – 5:15 PM (PDT) Closing Keynote : Narco Terrorists and Ransomware Gangs: Lessons from fighting Cartels that can help protect organizations from cyber attacks
Stephen E. Murphy, Aaron Turner

5:15 PM – 5:20 PM (PDT) Closing Remarks & Raffle Drawing, Haral Tsitsivas

5:20 PM – 7:30 PM (PDT) Reception

Talk Descriptions:

“Human Security Engineering: Stop Relying on the Failed Human Firewall”

Ira Winkler

Human Security Engineering: Stop Relying on the Failed Human Firewall While the main perception is that the “user problem” is due to a malicious party trying to trick well intentioned users, users who are unaware, apathetic, careless, etc., are more likely to be the cause of loss. Either way, the cybersecurity industry realizes this and develops tactics such as awareness, MFA, DLP, etc. to mitigate the problem. Despite all of these tactics, 90%+ of all losses result from attacks targeting users. What this talk proposes is a comprehensive strategy to address the insider threat, whether it results from malicious or well meaning insiders.
Ira Winkler, CISSP is Chief Security Architect for Walmart and author of You Can Stop Stupid. He is considered one of the world’s most influential security professionals, and has been named a “Modern Day James Bond” by the media. He did this by performing espionage simulations, where he physically and technically “broke into” some of the largest companies in the World and investigating crimes against them, and telling them how to cost effectively protect their information and computer infrastructure. He continues to perform these espionage simulations, as well as assisting organizations in developing cost effective security programs. Ira also won the Hall of Fame award from the Information Systems Security Association, as well as several other prestigious industry awards. CSO Magazine named Ira a CSO Compass Award winner as The Awareness Crusader. Most recently, Ira was named 2021 Top Cybersecurity Leader by Security Magazine.

“Lessons learned from hunting log4j”

Michael Wylie

Nearly a year after the internet gave us SUNBURST, Log4Shell emerged. This isn’t the first, nor the last CVE that ruins Christmas for security teams. We need to shift the focus from chasing zero-days to detecting high fidelity follow-on activity. This talk will provide lessons learned on Log4Shell from the perspective of a global manager of threat hunting.

“Irrational but Effective – Applying Parenthood Lessons to Cybersecurity”

Rafal Los

It’s pretty amazing how much you can apply from parenthood, into cybersecurity. This talk will explore the things cyber security leaders can learn from being parents, and how to apply these to improve the state of security. Using concrete examples, and humor, I will explore how parenthood perfectly prepares you for working in cybersecurity, and where we go next.

“Law Enforcement Panel: LA County DA, Secret Service and the FBI”

Moderator: Richard Greenberg; Panelists: Rouman Ebrahim, Michael C. Sohn, Jack Furay, David Babcock

Come hear from our friends at the FBI, Secret Service, and LA District Attorney as they share their insights into the latest trends in cyber crime. They will share really interesting war stories and give us a bit more insights into what they are doing to help us all become a bit safer.

“Understanding the Evolving M365 Threats”

Aaron Turner

With 300+ million users per month, the M365 platform is one that nearly every organization has to think about from a security perspective. Join Aaron Turner as he reviews the most-sophisticated attacks that have been directed at organizations using M365 services such as Exchange Online, Teams and OneDrive. Walk away from this session with a clear action plan to improve your M365 security settings and how to best defend the critical identities and data that your organization relies on within M365.

“How do you prepare for the 100 year “cyber” flood, that now happens every month”

Cyber professionals must prepare for the unpredictable event that is beyond what is normally expected of a situation and has potentially severe consequences.
Career military operators in kinetic and cyber operations, and world-class security professionals will share the challenges and successes that helped shape the security posture of large ultra-large-scale organizations. 
This talk will focus on planning, training, organizational culture, and the best practices that are actionable in assisting organizations and CISO prepare for their Black Swan event.

“Definition of Insanity with Deb Radcliff”

Deb Radcliff

In this session, Deb Radcliff explains what it was like, as a non-technical general assignment reporter, to be the first journalist to make cybercrime beat starting in 1996 after assisting on a book about Kevin Mitnick titled The Fugitive Game.
Throughout her career, she has observed how ‘trust’ has been and continues to be exploited at every layer in the stack. She will provide a big-picture view of how we got into this cyber security mess in the first place, and how adding layers of security isn’t working. She also explores future problems that will crop up as we continue down the road of digital transformation, blockchains, NFTs, Meta, drone warfare and even space travel—all on a technology stack that is more than 50 years old.
These and other trends, along with the colorful characters Deb has met during her career, have influenced her top-selling cyber thriller titled Breaking Backbones: Information is Power. She developed the fictional story for the masses to raise awareness and stem off some of this insanity. She will be signing books for attendees who bring their own copies, and she will also have some available for sale during vendor expo and breaks.

“Women in Security Panel”

Come join this panel of women in Information Security as they share their experiences, working in a field that has been dominated by men, and their hopes for the future.

“Identity is the New Battlefield”

Tony Cole

For the last few years, identity platforms and related credentials have been targeted repeatedly and successfully in most attacks. This is one of the reasons that DHS CISA named Identity as the first pillar in their Zero Trust Reference Maturity Model. Microsoft released their inaugural Cyber Signals report and titled it ‘Identity is the New Battlefield’. They’re right, it is a battleground today and one that requires significant focus if we’re to stem the tide of attacks. Join in to better understand how to counter this threat and defend the one of the most important areas of your attack surface.

“Narco Terrorists and Ransomware Gangs: Lessons from fighting Cartels that can help protect organizations from cyber attacks”

Stephen E. Murphy, Aaron Turner

Steve Murphy’s exploits chasing Pablo Escobar inspired the Netflix hit series Narcos. he and Aaron Turner have worked together in the past and they will have a conversation about how his approaches to defeating organized narco criminals can help defeat cyber attackers.