Agenda

Date and Time	Title
Dec 2, 2021 8:00am - 8:04am (Pacific)	Opening Introductions
Dec 2, 2021 8:00am - 9:00am (Pacific)	Sponsor Networking Time \| Chat with our sponsors for the chance to win a Target, Amazon, or BestBuy Gift Card! Sponsor Networking Time \| Chat with our sponsors for the chance to win a Target, Amazon, or BestBuy Gift Card! Visit Sponsor Booths - find amazing people, information, and prizes! Get updated on the latest technologies! Chat with our sponsors for the chance to win either a Target, Amazon, or BestBuy Gift Card! Your Choice! All you have to do is have a great conversations with our sponsors and you are automatically entered to win! Drawing winners live!
Dec 2, 2021 9:00am - 9:30am (Pacific)	Vectra \| How to stop Ransomware BEFORE it starts \| Kevin Kennedy VP of Product Management Modern ransomware is not like ransomware of the past. In fact, it’s not even ransomware until it’s too late to prevent significant business impact. The good news is that seeing ransomware before it starts IS both possible and your best line of defense. Please join me as I share how ransomware has changed, how to see it before it starts, and what I predict ransomware will exploit next.
Dec 2, 2021 9:30am - 9:50am (Pacific)	SafeBreach \| Information Security Practitioners: Stop Enabling, Start Facilitating! \| Avishai Avivi CISO \| As we think about the evolution of the information security practice, we transitioned from preventing the business from doing things to enabling them. It is time for us to evolve to facilitate the business.
Dec 2, 2021 9:50am - 10:30am (Pacific)	Sponsor Networking Time \| Chat with our sponsors for the chance to win a Target, Amazon, or BestBuy Gift Card! Sponsor Networking Time \| Chat with our sponsors for the chance to win a Target, Amazon, or BestBuy Gift Card! Visit Sponsor Booths - find amazing people, information, and prizes! Get updated on the latest technologies! Chat with our sponsors for the chance to win either a Target, Amazon, or BestBuy Gift Card! Your Choice! All you have to do is have a great conversations with our sponsors and you are automatically entered to win! Drawing winners live!
Dec 2, 2021 10:30am - 10:55am (Pacific)	Pentera \| Am I ready? The Importance of Security Controls Validation \| Jason Mar-Tang Senior Sales Engineer A key challenge for organizations is determining if the investment in detection and response tools are actually performing and making a difference. Security teams need a solution that automates processes effectively, and reduces cyber security risk by focusing on the vulnerabilities that matter most. The Pentera automated penetration testing platform is here to remove these assumptions and show you the true read of your cyber security stack. In this session we will address a new, different approach for security validation, a true shift from a point-in-time test to continuous security validation to discover, prioritize and remediate against the threats that pose the highest risk to the organization before the damage is done.
Dec 2, 2021 10:50am - 11:30am (Pacific)	Illumio \| Crawl, Walk, Run Your Segmentation Approach \| Christer Swartz Principal Technical Marketing Engineer While there are varying definitions of what zero trust actually is, there is one thing everyone can agree on – segmentation is a key pillar. Another thing everyone can agree on? Segmentation is hard. This presentation will highlight a way to begin your zero trust journey leveraging enforcement boundaries which will enable you to protect your digital crown jewels as you work through your end to end zero trust plan.
Dec 2, 2021 11:20am - 11:45am (Pacific)	Sponsor Networking Time \| Chat with our sponsors for the chance to win a Target, Amazon, or BestBuy Gift Card! Sponsor Networking Time \| Chat with our sponsors for the chance to win a Target, Amazon, or BestBuy Gift Card! Visit Sponsor Booths - find amazing people, information, and prizes! Get updated on the latest technologies! Chat with our sponsors for the chance to win either a Target, Amazon, or BestBuy Gift Card! Your Choice! All you have to do is have a great conversations with our sponsors and you are automatically entered to win! Drawing winners live!
Dec 2, 2021 11:45am - 12:15pm (Pacific)	Beyond Identity \| The Past, Present and Future of Strong Authentication \| Jasson Casey CTO Authentication is a foundational element of every cybersecurity program. With more than 80% of data breaches and most ransomware incidents stemming from credential-based attacks (e.g., phishing, credential stuffing, RDP brute, etc.), it has become clear that passwords are a fatally flawed authentication method. Unfortunately, many common solutions are “band-aids” on top of passwords and are lacking from both a security and user experience perspective. Replacing passwords as an authentication factor is finally possible. While eliminating passwords is a critical step in stopping credential-based attacks, it is just a first step on the journey to advanced authentication and access control needed to achieve zero trust.In this talk, we will discuss: A brief history of authentication Changing requirements in the new work from home(or anywhere) business model and cloud-centric architectures Can we gain risk-reduction improvements by converging the traditionally disparate identity and security processes and technologies? A case for continuous user authentication What is device risk and why is the real-time assessment of endpoint security important
Dec 2, 2021 12:15pm - 12:40pm (Pacific)	Rapid7 \| The Boulevard of Broken Buckets \| Tod Beardsley Director of Research \| Bob Rudis Chief Data Scientist Are you moving your business processes and mission-critical data to the cloud? If so, you will want to hear what our research team found when they looked at 121 publicly reported data exposure incidents that were disclosed throughout 2020. Join Rapid7’s research team, Tod Beardsley and Bob Rudis, in our latest conversation as we discuss the 2021 Cloud Misconfigurations Report. Expect to hear firsthand about the research that documents the commonalities and patterns associated with the leaks and breaches and discover what you can do to avoid making the same missteps as you move to the cloud.
Dec 2, 2021 12:40pm - 1:00pm (Pacific)	Sponsor Networking Time \| Chat with our sponsors for the chance to win a Target, Amazon, or BestBuy Gift Card! Sponsor Networking Time \| Chat with our sponsors for the chance to win a Target, Amazon, or BestBuy Gift Card! Visit Sponsor Booths - find amazing people, information, and prizes! Get updated on the latest technologies! Chat with our sponsors for the chance to win either a Target, Amazon, or BestBuy Gift Card! Your Choice! All you have to do is have a great conversations with our sponsors and you are automatically entered to win! Drawing winners live!
Dec 2, 2021 1:00pm - 1:40pm (Pacific)	Keynote \| Smart & Safe Spaces: Connecting and Securing Our World \| Darin Andersen CEO & Co-Founder NXT Robotics
Dec 2, 2021 1:30pm - 2:00pm (Pacific)	Sponsor Networking Time \| Chat with our sponsors for the chance to win a Target, Amazon, or BestBuy Gift Card! Sponsor Networking Time \| Chat with our sponsors for the chance to win a Target, Amazon, or BestBuy Gift Card! Visit Sponsor Booths - find amazing people, information, and prizes! Get updated on the latest technologies! Chat with our sponsors for the chance to win either a Target, Amazon, or BestBuy Gift Card! Your Choice! All you have to do is have a great conversations with our sponsors and you are automatically entered to win! Drawing winners live!
Dec 2, 2021 2:00pm - 2:20pm (Pacific)	AttackIQ \| Continuous Security Validation: Exercise your Environment more than the Adversary \| Jose Barajas Technical Director With Incident Response as the new normal, ensuring that our systems and processes support that effort and threat hunting are working as expected. We will discuss why and how to establish a Continuous Security Validation (CSV) program within your organization. Specifically, how such a program evolves beyond Breach and Attack Simulation (BAS) and provides teams a continuous feedback loop to understand their posture and identify gaps as they arise.
Dec 2, 2021 2:21pm - 2:51pm (Pacific)	Security Innovation \| Why Software Still Stinks \| Ed Adams CEO What do AI, IA&M, Ransomware, Blockchain, Encryption, and the Cloud all have in common? They are all software – both fueling and exposing the modern enterprise. Software no longer operates in isolation, but rather a complex, hostile ecosystem that makes it ripe for attack . Compounding the problem is the reliance on 3rd-party, open source, and commercial off-the-shelf software that introduces risk outside our control, as evidenced by the SolarWinds attack last year. Securing modern software applications means adopting risk-based techniques to build security in and protect in production. Attend this session to learn: Top software risks we’ll face in 2022 Critical mistakes organizations continue to make Why traditional assessments are missing the mark How to get smarter about the cloud
Dec 2, 2021 2:50pm - 3:15pm (Pacific)	Reciprocity \| Achieving New Levels of Efficiency, Automation, & Visibility in Third-Party Risk Management \| Scott McCormick CISO \| Rob Ellis Senior Vice President \| Jenny Victor Vice President of Marketing Whether a start-up or an enterprise, you are probably working with multiple vendors, using their software and reliant on their systems. Yet while these external vendors provide invaluable services, they also introduce significant risk to your company’s information security.How do you know if your vendors are meeting required contractual, security and privacy obligations?If you don’t have processes in place to assess the risks these third parties pose, then your answer is most likely you don’t. And this is critical: You need to know the risks of working with third parties and that you can trust them — because if they go down, your business may, too.Assessing risk, however, can be incredibly complex. Traditional risk management approaches that rely on manual processes, spreadsheets and even survey methods don’t scale well and are not automated enough. And they certainly can’t support a third-party vendor network once it reaches a certain size: spreadsheets and email folders become overwhelming, ad hoc processes and reporting cycles create confusion, and manual reviews lead to missed issues and trends. In fact, the more successful an organization is – and the more third-party vendors they work with – the more automation and continuous monitoring are required.
Dec 2, 2021 3:15pm - 3:30pm (Pacific)	Closing Remarks