Agenda

Date and Time	Title
Aug 28, 2025 11:00am - 11:44am (Eastern)	[Opening Keynote] The Broken Trust: Securing the IT/OT Boundary Where Attacks Succeed Nearly every major OT security incident we investigate shares a common theme: a failure at the boundary between the corporate (IT) and industrial (OT) networks. This critical chasm, once protected by a physical air gap, is now a highly permeable and poorly monitored digital bridge. Adversaries know this and exploit it as their primary pathway to impacting physical operations. This presentation is a deep dive into the “seven deadly sins” of IT/OT integration that Mandiant consistently observes in the field. Using anonymized case studies, we will expose the common architectural flaws, misconfigurations, and broken trust relationships that allow attackers to pivot from an IT compromise to an OT shutdown. We will cover flawed firewall rules, insecure jump hosts, shared credentials, and unmonitored protocol usage. More importantly, we’ll provide a clear, defensible architecture model—based on Purdue Model principles and a zero-trust mindset—that you can use to build a boundary that is both functional and secure.
Aug 28, 2025 12:00pm - 12:58pm (Eastern)	Improving OT Cybersecurity Programs’ Effectiveness At the operational field, plant or edge level, growing risks like cybersecurity must be managed amid a need to democratize and expand technology within an increasingly connected workplace. Traditional approaches of handling cyber, analytics, edge and others as separate IT projects and not addressing these needs as various pieces of a major holistic change effort (including many non-technology aspects) are causing them to fail outright or have poor results. Operational management frameworks are designed to provide consistency and reliability at the field level for various reasons, including safety and environmental priorities, and can create friction with innovative techniques and large-scale change. Culture clashes between OT, IT, and Operations teams and priorities worsen this situation. It’s important to appreciate how transformative OT cybersecurity programs are in order to integrate those objectives and ways of working into existing frameworks. This also allows you to take advantage of new models and emerging technology which can accelerate progress. Finding and supporting these solutions is not enough though; then, companies need to apply a different approach to leading their internal change to overcome resistance and improve engagement.
Aug 28, 2025 12:00pm - 12:59pm (Eastern)	Zero Trust in Action: A Practical Roadmap for Security Transformation Zero Trust is more than a buzzword—it’s a mindset shift that reshapes how organizations protect assets. In this session, digital transformation and cybersecurity expert Amy Yee presents a clear, actionable roadmap for adopting Zero Trust. You’ll explore foundational principles and organizational drivers, learn how to assess maturity and identify quick wins, and understand common pitfalls—like fragmented identity policies—before they derail your progress. Amy dives into key ingredients: identity security, supply chain resilience, essential cross-team conversations, and navigating blockers/enablers. Packed with real-world examples and practical exercises, this talk will leave CISOs, IT leaders, and security teams equipped to design, implement, and sustain a Zero Trust strategy that scales with business needs.
Aug 28, 2025 12:00pm - 12:40pm (Eastern)	Mind Over Malware: Behavioral Profiling to Safeguard Critical Infrastructure Critical infrastructure cyber-attacks are not just technical events—they are the product of human intent, shaped by motive, tradecraft, and psychological drivers. Mind Over Malware explores how cyber behavioral profiling can reveal the underlying patterns behind nation-state sabotage, criminal campaigns, and ideologically motivated assaults on essential systems. Through recent case studies, we’ll examine how cultural influences, cognitive biases, and personality traits inform attacker decision-making and target selection. Attendees will gain practical strategies for integrating behavioral insights with technical intelligence to better predict, attribute, and defend against the most dangerous threats to the systems society depends on most.
Aug 28, 2025 1:00pm - 1:41pm (Eastern)	Cyber Playbook: How to Train Your Business to Secure Code Attendees will learn how to integrate security into the development process while encouraging a security-driven mindset within the business. The session will explore strategies for training business teams to adopt security best practices and aligning security goals with business objectives. The focus will be on STRIDE, a threat modeling methodology, and Threat Dragon, an OWASP tool that helps developers identify vulnerabilities and security risks early. These tools offer a cost-effective way to promote secure thinking across the business. Attendees will leave with practical knowledge on how to advocate for secure coding practices, collaborate effectively with developers, and meet project deadlines while ensuring robust security.
Aug 28, 2025 1:00pm - 1:58pm (Eastern)	What Data Tells Us About How APTs Really Attack Utilities In the last 18 months, there have been two significant changes in state-sponsored attackers targeting American critical infrastructure. It is not just the significant increase in the volume of breaches in the headlines, but the goals of the attackers have also shifted. Join us for a data-driven look into the most common tactics, techniques, and procedures (TTPs) of APT groups and actionable strategies to defend against these adversaries. What you’ll learn: The most common methods exploited by APT groups Where traditional best practices fall short The most effective detection points and countermeasures to implement now
Aug 28, 2025 1:00pm - 1:47pm (Eastern)	Guardians of the Grid: Navigating the New Era of Cyber Threats to Infrastructure As critical infrastructure systems become more connected and reliant on digital technologies, they also become prime targets for cyberattacks. From power grids and water systems to healthcare networks and transportation, these essential services face a growing array of cyber threats—ransomware, nation-state actors, insider threats, and supply chain vulnerabilities among them. This presentation explores the evolving cyber risk landscape impacting critical infrastructure, highlighting real-world incidents, common attack vectors, and systemic weaknesses. It also outlines the strategic imperatives for resilience, including stronger public-private partnerships, regulatory modernization, workforce readiness, and investment in advanced cybersecurity technologies. Attendees will gain a deeper understanding of the urgency and complexity of defending infrastructure that underpins national security, economic stability, and public safety.
Aug 28, 2025 2:00pm - 2:52pm (Eastern)	[Panel] The Current Threats to Critical Infrastructure Our nation’s critical infrastructure is facing an unprecedented wave of sophisticated cyber threats, targeting everything from industrial control systems to life-saving healthcare networks. This expert panel convenes leading minds from the front lines of ICS/OT security, healthcare, and strategic risk management to dissect the current threat landscape. Join us for a critical discussion on the dangerous convergence of IT and OT, the evolution of ransomware tactics, and the unique vulnerabilities within the healthcare sector. Our panelists will explore proactive defense strategies, the impact of the persistent cybersecurity skills gap, and the future security implications of emerging technologies like AI and 5G. Attendees will leave with a deeper understanding of today’s most significant risks and actionable insights on how to build a more resilient and secure future for our most vital assets.
Aug 28, 2025 2:00pm - 2:50pm (Eastern)	Preventing, Detecting, Responding, and Recovering from a Ransomware Attack Ransomware attacks continue to pose a significant and evolving threat to organizations of all sizes. The potential for operational disruption, data loss, financial damage, and reputational harm is immense. This session will provide a comprehensive overview of a multi-layered strategy to effectively combat ransomware. Join us to explore the critical phases of ransomware defense: Prevention: Discover proactive measures to fortify your defenses, including robust security hygiene, employee awareness training, network segmentation, and vulnerability management. Learn how to minimize your attack surface and make your organization a less attractive target. Detection: Understand the key indicators of an active ransomware attack. We will discuss the tools and techniques for early detection, such as monitoring for unusual file activity, network traffic anomalies, and endpoint-level behavioral analysis, enabling a swift response. Response: Learn how to develop and implement an effective incident response plan specifically tailored for ransomware. This includes crucial steps like containment, eradication, communication strategies, and decision-making regarding ransom demands. Recovery: Explore best practices for restoring encrypted data and systems efficiently and safely. We will cover the importance of reliable backups, an orderly restoration process, and post-incident analysis to strengthen future resilience. This session will equip attendees with actionable insights and best practices to build a resilient cybersecurity posture capable of withstanding, identifying, and quickly recovering from ransomware incidents, ultimately safeguarding your critical assets and ensuring business continuity.
Aug 28, 2025 2:00pm - 2:47pm (Eastern)	Airgapped... but Still Compromised: Adversarial Tactics and Building Defensible Isolation Air-gapped systems are often considered the pinnacle of security, but are they truly untouchable? This talk challenges the myth of absolute isolation, exploring real-world breaches—from Stuxnet to electromagnetic and acoustic attacks. Attendees will gain insight into modern threats, including supply chain risks and social engineering, while learning practical strategies to fortify air-gapped environments. Through physical security, procedural controls, and advanced detection methods, this session will reshape how you think about “unhackable” systems. Whether you secure critical infrastructure or simply love cybersecurity, you’ll leave with a deeper understanding of air-gap vulnerabilities and how to defend against them. Attendees will learn that air-gapped systems are not inherently secure and require continuous vigilance, layered defenses, and proactive threat mitigation to prevent sophisticated breaches.
Aug 28, 2025 3:00pm - 3:53pm (Eastern)	Fireside Chat: Navigating the Digital Frontier with Identity and Zero Trust In an era where the traditional network perimeter has dissolved, identity has emerged as the new cornerstone of digital security. This fireside chat with Arun DeSouza will delve into the transformative power of Zero Trust Architecture, exploring how the principle of “never trust, always verify” reshapes our approach to access, data protection, and risk management. We’ll discuss the critical balance between robust security and seamless user experience, the technologies driving Zero Trust adoption, and its vital role in fortifying critical infrastructure. Join us to understand how organizations can build resilience, ensure compliance, and thrive securely amidst an evolving threat landscape.
Aug 28, 2025 3:00pm - 3:49pm (Eastern)	Navigating Third-Party Risk and Vendor Resilience Session description to come.
Aug 28, 2025 3:00pm - 3:50pm (Eastern)	AI, Quantum, and the Cryptographic Countdown: A Ticking Clock for Security Leaders As quantum computing threatens to undermine classical encryption, security leaders are racing to develop cryptographic models that can withstand its power. But quantum alone isn’t the whole story, and artificial intelligence is now accelerating both the development and the threat landscape of cryptographic systems. In this session, we’ll explore how AI is reshaping the field of quantum cryptography, from enhancing quantum key distribution protocols to automating the discovery of post-quantum vulnerabilities. We’ll examine real-world scenarios where AI accelerates the design of quantum-safe algorithms and how adversaries may weaponize AI to exploit cryptographic transitions. Whether you’re planning a migration to post-quantum cryptography or evaluating the security of your digital infrastructure, this talk provides a forward-looking perspective on how AI is shaping the cryptographic future. The era of AI-driven quantum security has begun. Are we ready for it?
Aug 28, 2025 4:00pm - 5:01pm (Eastern)	Cyber Intel Briefing: Critical Infrastructure This presentation will provide a comprehensive overview of the current cyber landscape, focusing on both global and domestic government-related threats and incidents. We will delve into recent high-profile attacks, explore emerging trends, and discuss the evolving tactics employed by cybercriminals and nation-states. Additionally, the presentation will examine the ongoing challenges faced by governments in protecting critical infrastructure, securing sensitive data, and mitigating the risks posed by cyber espionage. By understanding the latest developments in the cyber threat environment, attendees will gain valuable insights into safeguarding critical networks and systems.