Agenda

Date and Time	Title
Dec 2, 2021 8:00am - 9:00am (Pacific)	Exhibitor Hall Open Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Virtual booths feature demos, resources downloads, and staff ready to answer your questions. Look for participating Dash For Prizes and CyberHunt sponsors to be entered to win prizes.
Dec 2, 2021 8:15am - 9:00am (Pacific)	Trends in Cybercrime: An Update from the FBI InfraGard Meeting: Washington State Chapter - Open to all attendees Special Agent Kevin Brennan will cover recent trends in cybercrime from the FBI’s perspective. He will also discuss responding to and reporting cyber incidents to the FBI, including business email compromises (BEC) and ransomware.
Dec 2, 2021 8:15am - 9:00am (Pacific)	Aligning with the Business: Where Are We Going Wrong? ISSA Chapter Meeting - Open to all attendees Many in our profession now operate under a “business enablement” mindset. We recognize the fact that we must align security efforts with the needs of the business, or we will continue towards becoming irrelevant. But what does “aligning with the business” really mean? Some believe we may be misunderstanding this concept and applying it incorrectly within our organizations. Attend this panel discussion with the ISSA International leadership for an honest and possibly controversial take on aligning security with the business.
Dec 2, 2021 9:00am - 9:59am (Pacific)	[Opening Keynote] The New Guard: Securing Digital Transformation and a Culture of Security
Dec 2, 2021 9:45am - 10:00am (Pacific)	Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
Dec 2, 2021 10:00am - 10:37am (Pacific)	The Implementation Journey of Zero Trust and SASE: Realizing the Benefits Most organizations have a hybrid implementation of cloud and on-prem services. With the rapid adoption of business digitalization and expanding remote work force, how do we consolidate controls and enhance the security of the systems? In this hybrid mode, enterprises need speed, visibility, security, and reliability without compromise. Enter the secure access service edge, better known as SASE. It’s inevitable that SASE implementations and Zero Trust implementations will provide a more comprehensive security capability to truly support digital transformation. How can your organization best position itself for the transition? In this session, James Christianson will discuss: · How to migrate your security controls to take advantage of SASE · Reducing cost while increasing your security posture · Implementing a road map for SASE / Zero Trust
Dec 2, 2021 10:00am - 10:37am (Pacific)	Securing What You Can't See Can you find all the assets on your network, both those you know about and those you don’t? And once you do, can you see the details of each asset, such as their security and compliance posture? During our session, Qualys will discuss ways to reduce risk, automate asset management processes, and provide a solid foundation for IT Security and Risk Management—because you can’t secure what you can’t see.
Dec 2, 2021 10:00am - 10:38am (Pacific)	How to Survive in the Modern Security World: Automate or Die In this presentation, Karen will cover: Getting the most from your security stack through inter-operability, automation, and orchestration reducing the security stack and extracting value rethinking and pursuing inter-operable security tools
Dec 2, 2021 10:00am - 10:40am (Pacific)	Aligning Third-Party Risk Strategies Across Security, Privacy, Ethics, and ESG Third-party risk management (TPRM) is essential for companies now more than ever amid heightened privacy, security, ethics, and ESG concerns. As a result, businesses are rethinking how to embed these unique risk domains into their TPRM and procurement lifecycles to mitigate risk and drive companies. By collaborating across teams and disciplines, companies can drive long-term value while increasing transparency and accountability. In this session, we’ll outline how companies can align third-party risk strategies across security, privacy, ethics, and ESG to ensure a holistic approach to TPRM. Get actionable guidance to quickly align third-party risk strategies across risk domains and disciplines. Understand long-term changes you can make to set your business up for current and future success. Hear the latest advice and lessons learned from leading third-party risk experts.
Dec 2, 2021 10:30am - 10:45am (Pacific)	Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
Dec 2, 2021 10:45am - 11:33am (Pacific)	Data Protection: Action and Reaction Protecting data is a critical component of any enterprise security strategy. We will discuss trends observed in a survey and presented in the 2021 Thales Data Threat Report. Ransomware has been a topic of significant concern recently, given the increasing number of targeted attacks. We’ll offer some recommendations to address this menace. Finally, we’ll go over the recent Executive Order in response to increasing security incidents, discuss sections of the executive order that pertain to data protection, and present Thales’ perspective to address it.
Dec 2, 2021 10:45am - 11:15am (Pacific)	Managing Insider Risk without Compromising Speed of Business As companies double down on time to innovation, time to market, and time to revenue, they are inherently introducing more risk from the inside. The more cloud-based, collaborative, and fast an organization becomes, the greater the Insider Risks posed to its people, technology, and data. The upside is that cloud collaboration tools make employees more productive. The downside is that these same tools make it easier to exfiltrate data. Adding to the complexities of working from home and off the corporate network, more employees are routinely using unauthorized devices, tools, and cloud-based applications to share files and ideas with colleagues. Join us to discuss the growing Insider Risk problem and how the right data protection methods can set security teams up for success, without slowing down company productivity.
Dec 2, 2021 10:45am - 11:35am (Pacific)	Launching a Privacy Program in 12 Months
Dec 2, 2021 10:45am - 11:18am (Pacific)	The Boulevard of Broken Buckets Are you moving your business processes and mission-critical data to the cloud? If so, you will want to hear what our research team found when they looked at 121 publicly reported data exposure incidents that were disclosed throughout 2020. Join Rapid7’s research team, Tod Beardsley and Bob Rudis, in our latest conversation as we discuss the 2021 Cloud Misconfigurations Report. Expect to hear firsthand about the research that documents the commonalities and patterns associated with the leaks and breaches and discover what you can do to avoid making the same missteps as you move to the cloud.
Dec 2, 2021 11:15am - 11:30am (Pacific)	Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
Dec 2, 2021 11:30am - 12:05pm (Pacific)	(Re)Gaining Control of Your Cybersecurity Program From growing risk introduced by supply chain partners to increased demands from the board and external stakeholders, security and risk leaders are seeking to (re)gain control of their cybersecurity programs and demonstrate effectiveness. What should they prioritize? BitSight’s Evan Tegethoff will share why third party risk management, cyber risk quantification, and data-driven decision making are critical areas for leaders to focus on in the upcoming year.
Dec 2, 2021 11:30am - 12:07pm (Pacific)	What You Need to Know About Security within Modern Application Development (MAD) Today’s software-driven organizations must continue to innovate, and due to the pressures of digital transformation, they agree that their current software development models and release frequencies can no longer keep pace with demand. Clearly, MAD fundamentals and cloud-native approaches are imperative to ensure continued organizational viability. As a result, leadership is now taking considerable measures to support and even promote MAD initiatives due to its benefits. However, most don’t realize the cultural changes and application security challenges that will also likely emerge. Join this session to learn more about MAD and the: Promised benefits and expected outcomes Likely hurdles and bumps along the way Expanding risk landscape that surfaces Solutions and approaches needed to secure modern applications
Dec 2, 2021 11:30am - 12:29pm (Pacific)	Cyber Insurance: Driving the Future of Cybersecurity Improvements What will drive the next big wave of information security improvements at U.S. organizations? Instead of regulation, it may be insurance. A two-pronged evolution is underway. Insurance policies are suddenly becoming more prescriptive for organizations, often requiring companies meet certain cybersecurity benchmarks before a policy can be written. At the same time, “InsureTech” is emerging on the scene. This involves a new breed of insurance company that provides cyber coverage and also scans the insured’s environment to constantly monitor for IT and cyber risk. Join this keynote panel as we discuss this evolution and look at future impacts of cyber insurance on security leaders and their teams. Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)
Dec 2, 2021 11:30am - 12:13pm (Pacific)	3 Different Ways to Consider Cyber Risk Risk, uncertainty, and unpredictability are at the heart of cyber risk. Even as our technologies and tools have become more sophisticated, the coronavirus pandemic has caused significant changes in the manner in which firms operate. This session will consider three different aspects of our current situation: first, the underlying strain that cyber risks from technology platforms designed to accommodate meetings and group work bring to the forefront; second, the complexity of defending computers, servers, mobile devices, electronic systems, data, and networks from malicious attacks in the hybrid environment of Work From Home and Return to Office; and, finally, the hard work being done between CISA and the private sector to get out in front of cyber attacks.
Dec 2, 2021 12:00pm - 12:15pm (Pacific)	Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
Dec 2, 2021 12:15pm - 1:10pm (Pacific)	[Lunch Keynote] Getting Your Security Strategy Right—and Left—from the Start
Dec 2, 2021 1:00pm - 1:15pm (Pacific)	Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
Dec 2, 2021 1:15pm - 2:04pm (Pacific)	Human + Machine: The Future of Passwords Biometrics and other methods promise a passwordless future. But is the future of the password really so simple? How can you prepare for that future, whatever it holds? This session will cover: The passwordless future The rise of secret sprawl Building visibility into your platform Integrating with existing technologies
Dec 2, 2021 1:15pm - 2:09pm (Pacific)	Privacy and Cyber Law Landscape for 2022 Join this session to explore the latest evolutions in cybersecurity and privacy law. This includes the emerging trends and initiatives that are most likely to impact organizations in 2022. Plus, we’ll talk about a strategic approach to cut through the confusion and identify where to focus right now.
Dec 2, 2021 1:15pm - 2:14pm (Pacific)	[Panel] Ransomware: Myths, Pitfalls, and New Insights One thing we have learned over the past 18 months is that ransomware is very lucrative. Backups and cyber insurance have you covered, right? Not so fast. Misinformation abounds around digital extortion. Join our panel of experts as they unpack some of the myths and pitfalls around ransomware and offer valuable insight on how to keep your company out of the headlines!
Dec 2, 2021 2:00pm - 2:15pm (Pacific)	Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
Dec 2, 2021 2:15pm - 3:15pm (Pacific)	[Panel] Cloud: Power and Peril We are making history now, in the cloud. Organizations are utilizing cloud at record levels, revealing its power like never before. However, much of this shift was forced, and fast, which increased risk. And attackers are shifting, too. Join this panel as we unpack the power of the cloud and also its peril: current challenges, threats, and pitfalls.
Dec 2, 2021 2:15pm - 2:51pm (Pacific)	Securing Business Implementations of Blockchain
Dec 2, 2021 2:15pm - 3:11pm (Pacific)	[Panel] Third-Party Risk: Managing Your Partners At any given moment, a company could take a snapshot of its risk and stay busy trying to seal up all of its own holes (or accept them for what they are) in security. But what about the businesses that support you? How do you know that Fred’s band has a secure API for its clients? Does ACME really need access to our HR files? Why do we keep getting old invoices from ABC Parts Company? Dive into third-party risk, networking security with a focus on data exfiltration, and how Zero Trust could eliminate this costly issue.
Dec 2, 2021 3:15pm - 4:05pm (Pacific)	[Closing Keynote] Cybersecurity at a Crossroads: Emerging Threats, Technologies, and Geopolitical Realities for 2022 Fireside Chat with Moderator Bruce Sussman Cybersecurity is at a crossroads as we head into a new year. Join this fireside chat to explore the forks in the road and the technology, threats, and geopolitics that will influence where we go from here. Chuck Brooks has been named a Top 5 Cybersecurity Executive to Watch and a Top Tech Person to Follow by LinkedIn. He currently has close to 100,000 followers on social media platforms and is a subject matter expert on emerging technologies, cybersecurity, and future trends.
Dec 2, 2021 3:15pm - 3:30pm (Pacific)	Networking Break Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.