June 14 2023

9:30 AM – 10:20 AM Registration, Vendor Expo and Networking

9:30 AM – 6:20 PM: Vendor Expo

12:20 PM – 1:35 PM Lunch – Vendor Expo

1:35 PM – 2:20 PM, Talk:
Human vs AI: How to ship secure code

Xavier Rene-Corail

2:25 PM – 3:10 PM, Panel:
Innovation and Regulation in Healthcare

Moderator: Mikhael Felker
Panelists: Sascha Schleumer, Todd Felker, Adam Brand

3:10 PM – 3:30 PM Break – Vendor Expo

3:30 PM – 4:15 PM, Talk:
Using Molecular Communication Systems to Activate In Vivo Bio-Nanorobotic Malicious Code

Greg Carpenter

5:05 PM – 5:25 PM Break – Vendor Expo

6:20 PM – 8:30 PM: Happy Hour and Raffle Drawing

Talk Descriptions:

Opening Keynote:
How Generative AI Is Changing Cybersecurity…And Your Career

Mark Weatherford

Since its public release last November, ChatGPT has dominated the media landscape with the resulting acknowledgment of generative AI’s value is setting the stage for a technology revolution. Importantly for cybersecurity professionals, with the ability to learn from vast amounts of data, generative AI that can predict, detect, and respond to threats and vulnerabilities in real-time has created an almost unimaginable shift in the cybersecurity industry.
Cybersecurity professionals are increasingly relying on generative AI to augment their decision-making processes and automate routine tasks, resulting in a rapid evolution in both cybersecurity tools and the skills necessary to operate them. This talk will explore how generative AI is transforming cybersecurity technologies and how that transformation is changing the cybersecurity profession.

Keynote: Cybersecurity – Past Present Future

Cleve Adams

5 time Cybersecurity CEO Cleve Adams enlightens us with the Past, Present and his Predictions for the Future of Cyber in a way only he can tell it.
Headline grabbing breaches, ransomware incidents and other attacks continue to heighten cybersecurity concerns and accelerate spending. Cleve speaks about how the beginning of Cyber to the present predicts what has to happen in the future.

Three Tips to Mitigate Cognitive Biases and the Impacts of AI Within Your Security Program

Dutch Schwartz

The cybersecurity industry is intimately familiar with Black Swan events, but did you know there are also Gray Rhinos and Pink Elephants? Leveraging new learning from behavioral psychology, we can identify cognitive biases that creep into decision-making and spot signals where AI may present new challenges. You’ll leave the session with three concrete tips you can implement before your next board meeting.

Human vs AI: How to ship secure code

Xavier Rene-Corail

Artificial intelligence (AI) is already acting as a copilot in our daily lives, acting as a digital assistant or providing personalized experiences. Despite progress in many other areas, AI has historically stopped short of improving software development practices. Enter GitHub Copilot: the software industry’s first artificial intelligence solution that distills the collective knowledge of the world’s developers into an editor extension that suggests code in real time. ChatGPT then took the world by storm with its conversational capabilities and public reactions have been quite telling.
This makes the process of building great software easier and faster, but what about more secure? In this session, we’ll demonstrate how GitHub Copilot and ChatGPT can help developers write more secure code through real-world use cases. The audience will come away with tips and best practices from the lessons we learned from experimenting with the tools.

Healthcare Panel

Moderator: Mikhael Felker
Panelists: Sascha Schleumer, Todd Felker, Adam Brand
Over the last 60 years healthcare as a percent of US GDP has increased from 5% to 20%. With that growth we’ve seen significant increases in innovations, especially during the pandemic as well as increased regulation (e.g., telehealth, wearables, etc.). This panel will focus on how healthcare technology and security plays into these trends. Our panel consists of public sector, private providers and security services bringing together a multi-stakeholder approach to issues. One area of focus is the balance for enterprises to adopt technologies while meeting regulatory requirements.

The War for Truth: The Threat of Disinformation-as-a-Service, Deepfakes, and AI to Companies

Charity Wright

Disinformation-as-a-service is offered by organized crime groups, cybercriminals, fraudsters, and fake marketing/PR firms. While these organizations operate in the dark web or hidden spaces on the web, their work is becoming more prominent and detrimental to organizations around the world. Deepfake videos, photos, false headlines, and manipulated narratives have the potential to destroy a company’s reputation, damage the world’s view of company executives, and tank a company’s value in financial markets. In this presentation, Charity will demonstrate the danger of disinformation and fake news with real-life case studies from the past few years, and provide security practitioners and leaders with the knowledge they need to counter these threats.

The Practicalities of Pentesting at Scale

Caroline Wong

Manual pentesting is critical for security, providing action-oriented vulnerability information to companies testing their people, processes, and technologies. But how can teams build in proactive, preventive measures when strapped for talent and time? In this session, attendees will learn about a brief history of pentesting, its importance in the SDLC, and how to achieve pentesting at scale. Caroline will also share data from the 2022 State of Pentesting Report and preview data from the (not yet released) 2023 State of Pentesting Report.

Using Molecular Communication Systems to Activate In Vivo Bio-Nanorobotic Malicious Code

Gregory Carpenter

​The practice of unconventional cyber warfare remains uncommon among its practitioners, who continue to rely on outdated defense protocols established over a decade ago. Despite the growing variety of options available for computer attacks, we remain bound by ingrained behaviors and procedures that fail to address the evolving threat landscape. Our dependence on the very structures meant to protect us can leave us vulnerable to attack.
This presentation seeks to challenge traditional thinking by demonstrating the potential of non-traditional assets, including in vivo bio-nanorobotic devices, which are rapidly advancing in the medical field. These tiny computers, embedded in molecular communication systems or near metal implants, can pass undetected into secure areas and execute their code upon activation from natural communication activities. By harnessing the power of synthetic and actual DNA, an ad hoc in vivo bionetwork can be established to deliver a computer attack in an innovative and undetectable manner. This represents a new battlefield in cyber warfare that demands innovative approaches to defense.

How are we interacting with AI today?

Richard Greenberg

Join us in this session to share your experience with AI! From virtual assistants to facial recognition, AI is already impacting our daily lives in so many ways. We want to hear from you about how you use AI in your daily routine and how it has changed your life. Share your insights and learn from others in this engaging discussion. Don’t miss this opportunity to be a part of the conversation about the future of AI and its impact on our society.

SOAR Galore: Looks cool, sounds cool. What’s really beyond the canned demo?

Gal Shpantzer

Depending on who you ask, SOAR has been around for at least a decade now, and yet many orgs are just starting down the automation and orchestration journey, or are revisiting SOAR after the first couple of hype waves receded. Now with AI hype reaching a fever pitch, where does SOAR and “AI Ops” come into play in your Blue Team operations?

In this talk we will discuss the above and also answer these common questions:
What are some popular use cases for SOAR?
What are some prerequisites for a successful SOAR selection process?
What does a successful implementation project look like?
What are some political, technical and process obstacles to understand before going down this path?
How do you plan for a pragmatic deployment of this kind of tooling across the organization (beyond the security org)?

Closing Keynote: AI with a Conscience: Navigating the Ethical Landscape

John Johnson, Aaron Turner

As AI continues to evolve and become more ubiquitous, it is crucial that we consider the ethical implications of its development and use. In this presentation, we will explore the use of AI as a force multiplier to better defend against cyber adversaries who will also be using AI offensively.
We will cover topics such as transparency, accountability, bias, and privacy, and provide examples of how these issues can manifest in AI systems. By the end of this presentation, attendees will have a better understanding of the ethical landscape surrounding AI and be better equipped to navigate it.