CloudCon
  • Home
  • Sponsors
  • Community
  • Presentations
  • Luxury Suites
  • Schedule
  • Tickets
Select Page

Copyright ©2024 All rights reserved

WKL - Smiling your way past security: Social Engineering in person

4:00PM
MONDAY
JULY 28th

 

 

Smiling your way past security: Social Engineering in person

with Kurt Wieber from White Knight Labs

 

Abstract: Everyone has received a scam phone call or seen a phishing email, but not everyone has come face to face with a hacker that wants direct access to your server room. Learn the tricks of the trade from a red team operator and how to catch them in the act.

WKL - Breaking Badge: Your employee ID system isn't as secure as you think

2:30PM
MONDAY
JULY 28th

 

 

Breaking Badge: Your employee ID system isn’t as secure as you think

with Kurt Wieber from White Knight Labs

 

Abstract: RFID Badges are a long standing and prolific security access system. Join us as we discuss its weaknesses, both from a technological and social engineering standpoint to better understand how attackers exploit these systems.

WKL: Walking through the front door - Why it’s so easy for bad guys to get into your workplace

1:00PM
MONDAY
JULY 28th

 

 

Walking through the front door: Why it’s so easy for bad guys to get into your workplace

with Kurt Wieber from White Knight Labs

 

Abstract: Most physical security is either installed incorrectly or just theatre in the first place. In this talk, Kurt Wieber will be going over some of the most common physical attack vectors used by penetration testers and how to successfully defend against them.

Astrix: Optimizing Identity for Agentic AI: Your Blueprint

3:00PM
MONDAY
JULY 28th

 

10:00AM
TUESDAY
JULY 29th

Optimizing Identity for Agentic AI: Your Blueprint

with Michael Silva, Director of Solutions Engineering from Astrix

 

Abstract: The rise of agentic AI promises transformative automation, yet it simultaneously demands a new frontier in identity management: securing non-human intelligent agent identities at scale.

This session provides CxOs with a definitive strategic framework for architecting robust identity programs, emphasizing that Non-Human Identity (NHI) security is the foundational backbone for trusting autonomous AI.

We will dissect how traditional identity challenges manifest uniquely with NHIs, necessitating new paradigms for detection, rapid response, and lifecycle management. The presentation will focus on managing identities by behavior, posture, and usage at an unprecedented scale, offering insights into advanced techniques for continuous analytics and dynamic access controls.

Attendees will gain a clear understanding of what success entails for an identity program engineered for agentic AI, including key metrics, architectural principles, and strategic considerations for secure, efficient, and compliant autonomous systems.

Astrix: The Untapped Power of Non-Human Identities - Your Gateway to Modern Mayhem

4:00PM
MONDAY
JULY 28th

11:00AM
TUESDAY
JULY 29th

 

 

The Untapped Power of Non-Human Identities: Your Gateway to Modern Mayhem

with Michael Silva, Director of Solutions Engineering from Astrix

 

Abstract: The explosion of Non-Human Identities (NHIs) – APIs, service accounts, tokens, and the burgeoning realm of Agentic AI – has created a sprawling, often unguarded landscape ripe for exploitation. Forget password sprays and phishing campaigns; the real juicy targets lie within these programmatic access points.

This talk peels back the layers of NHI security (or lack thereof) and reveals how you, the offensive security expert, can leverage these overlooked identities to achieve deep access, lateral movement, and ultimately, complete compromise. We’ll explore how the absence of a mature NHI security program is your greatest ally in modern red teaming and real-world attacks. 

We’ll dissect the inherent weaknesses stemming from the lack of focus on NHI security, directly mirroring the vulnerabilities highlighted in the OWASP Top 10 for Non-Human Identities (NHI:2025). Think about it: Improper Offboarding (NHI1) leaves dormant keys and tokens scattered like breadcrumbs. Secret Leakage (NHI2) in code, logs, and configurations is the low-hanging fruit you’ve been waiting for.

Overprivileged NHIs (NHI5) grant immediate god-like access, and Insecure Cloud Deployments (NHI6) expose sensitive credentials. The emergence of Agentic AI amplifies these opportunities exponentially. These autonomous systems, operating with increasing authority, rely entirely on NHIs. Compromise the AI agent’s underlying credentials, and you’ve effectively weaponized the AI itself.

Astrix: AI's Achilles' Heel - Why Trusting Your Agents Starts with Securing their NHIs

2:00PM
MONDAY
JULY 28th

10:00AM
TUESDAY
JULY 29th

AI’s Achilles’ Heel: Why Trusting Your Agents Starts with Securing their NHIs

with Michael Silva, Director of Solutions Engineering from Astrix

 

Abstract: The proliferation of non-human identities (NHIs) – APIs, service accounts, tokens, and the rapid emergence of Agentic AI, where autonomous systems operate with increasing authority – has introduced a vast and often underestimated attack surface.

This talk unveils the hidden dangers inherent in these programmatic access points and equips defenders with the knowledge and strategies to combat them, highlighting how securing NHIs is foundational to trusting your AI agents.

Astrix: NHI & Chill: Build Your Own Infinity Cube

1:00PM
MONDAY
JULY 28th

NHI & Chill: Build Your Own Infinity Cube

with Michael Silva, Director of Solutions Engineering from Astrix

 

Abstract: Need a break from keynotes and chaos? Join us for a laid-back session where you can relax, chat with fellow attendees, and build your very own infinity cube—LEGO-style.

No pitches. No pressure. Just hands-on creativity, casual vibes, and some light conversation around the weird and wonderful world of Non-Human Identities (NHIs). Whether you’re deep into IAM or just here for the bricks, you’re welcome.

AppSec in the Age of AI: The Road to AI Trust Ops - Snyk

10:00PM
TUESDAY
JULY 29th

AppSec in the Age of AI: The Road to AI Trust Ops

by Andrew Gordon, Senior Solutions Engineer from Snyk

Abstract: The craft of software engineering, and thus the organizational risk that accompanies building applications, is always evolving. From mainframes to web and mobile, waterfall to agile, monoliths to microservices, bare-metal to DevOps and cloud, the past several years have seen massive disruptions to the ways software is developed, and the security tools and processes needed to manage emerging threats have often lagged behind.

We are now in the midst of another generational shift in the way applications are created; this time away from human-centered software development and toward a new world of machine-generated code, large language models, prompt engineering, and AI agents writing and managing software autonomously. This new landscape includes an entirely novel set of attack vectors that the application security practices of yesterday are not equipped to handle.

Just as the methodology of DevSecOps evolved to manage the new risks of DevOps-oriented software practice, a new framework is needed to identify, prioritize, remediate and manage the new classes of vulnerabilities being introduced rapidly into AI-native applications.

Join Snyk, the leader in Developer Security and AI Trust, as we…

  • Review the novel risks posed by AI-native software, and why existing application security testing tools and processes are not up to the task.
  • Understand how roles and responsibilities are evolving quickly, and what it means for security that building software no longer requires knowledge of writing code.
  • Discuss the ideal workflows for managing software risk in an agent-centric, machine-first SDLC.
  • Define the pillars and practices of AITrustOps, the security readiness framework necessary to understand and mitigate AI-native software risk.
Netskope: Securing the Flow of Data in the Age of AI

01:00 PM
MONDAY
JULY 28th

Securing the Flow of Data in the Age of AI

with Matt Bianco from Netskope

 

Abstract: Sensitive data movement is often seen as a risk but restricting it outright can create operational and security challenges. In the era of AI, organisations need security frameworks that protect data while ensuring agility.

This session explores how modern security strategies enable secure data flows that defend against AI risk, adapt to real-time risk signals, and turn security into an enabler for innovation with AI.

Key Takeaways:

  • How to enable data flows without introducing escalating security risks
  • Why security must be adaptive to risk, user behavior, and AI-driven interactions
IT Partners: Co-Managed IT: A Strategic Advantage for Your Organization's Digital Growth

VARIOUS
TIMES

Co-Managed IT: A Strategic Advantage for Your Organization’s Digital Growth

with Sean Trudeau, Partner Executive with IT Partners

 

Abstract: In today’s fast-paced digital economy,  organizations are under constant pressure to innovate, secure their systems, and maintain operational efficiency. However, many IT departments are stretched thin due to a shortage of skilled professionals, increasing complexity of technology, and rising cybersecurity threats. Challenges such as vendor fatigue, technician inefficiency, underutilized talent, and budget constraints are slowing progress and increasing risk.

Co-managed IT services offer a powerful solution—enabling businesses to scale their IT capabilities, reduce internal strain, and accelerate digital transformation without compromising control or security.

Abnormal AI: Gate Crashing: How Traditional Email Defenses Fail Against Modern Attacks

10:00am
July 29th

Gate Crashing: How Traditional Email Defenses Fail Against Modern Attacks

with Mick Leach, Field CISO, Abnormal AI

Abstract: Email remains the most common entry point for cyberattacks—and today’s threat landscape has outpaced traditional defenses. In this compelling session, Abnormal AI Field CISO Mick Leach explores how attackers have evolved from generic phishing to highly targeted, AI-generated campaigns that easily bypass secure email gateways.

With insights drawn from real-world attacks and emerging threat trends, Mick will unpack:

  • Why traditional email security tools can no longer keep up

  • How attackers are leveraging automation and social engineering at scale

  • What modern organizations need to do differently to protect their people and data

Attendees will gain a clear understanding of the shifting email threat landscape—and walk away with strategic guidance on how to modernize defenses in a world where even a single email can lead to millions in losses.

Rethinking the Role of Developer in the Age of AI Coding

4:00 PM
MONDAY
JULY 28th

Rethinking the Role of Developer in the Age of AI Coding

A panel discussion led by Aaron Bregg including Zach Trank-Zelewicz, Lead Application Developer from Priority Health and Heath Taylor, Senior Data Engineer from Corewell Health.

 

Abstract: In the past, people associated the term “developer” with software, such as websites or mobile applications. Nowadays, a wide range of people are using R, Python, and other languages to create much more than traditional software. In this track, we will dive into broadening the role by changing from “software developer” to “developer”.

 
Check Point: No More SASE Strikeouts: Secure Access that Hits It Out of the Park

2:00PM
MONDAY
JULY 28th

10:00AM
TUESDAY
JULY 29th

No More SASE Strikeouts: Secure Access that Hits It Out of the Park

with Robert Anderson, Security Engineer from Check Point

Topic: Harmony SASE

Abstract: Lagging VPNs. Frustrated users. A tangled web of tools. If your current secure access solution is striking out, step up to the plate with Harmony SASE.

Robert Anderson—25-year security veteran and former Army Intel pro—will show how Check Point’s SASE platform brings 2x faster connections, full Zero Trust mesh, and smart SD-WAN into one clean, cloud-first package. No more trade-offs. Just security that wins the game.

Check Point: Covering the Infield: Cloud Email Security Before the First Click

1:00PM
4:00PM
MONDAY
JULY 28th

Covering the Infield: Cloud Email Security Before the First Click

with Tim Campbell, Security Engineer from Check Point

Topic: Harmony Email & Collaboration (HEC)

Abstract: Threats don’t wait for the second inning—most emails are opened in under 60 seconds. If your current solution reacts too late, it’s time for a new defense strategy.

In this session, Tim Campbell shows how Check Point’s Harmony Email & Collaboration (HEC) closes the gap between delivery and detection. Learn how a true last-layer solution stops advanced threats across email and SaaS tools before they land—keeping users safe and your team in control.

Arm Yourself for Success with Oak McCulloch

2:00PM
MONDAY
JULY 28th

Arm Yourself for Success

with Oak McCulloch, Retired Lieutenant Colonel, United States Army

Abstract: Retired Lieutenant Colonel Oakland McCulloch has 40 + years of leadership experience, in Combat, Peacekeeping Operations, Disaster Relief and in the Board Room.

His “Arm Yourself for Success” talk is based on his wealth of knowledge andlessons learned in coaching, teaching, and mentoring people during years as a leader. Oak highlights principles that will help you be a more successful person at work and in your personal life.

In this talk we will covers the following areas to help you reach your potential:

  • How to establish and Achieve Your Goals
  • How to establish Good Habits and Self-Discipline
  • The importance of and how to Develop a Winning Attitude
  • How to Overcome Your Fears
  • The importance of and how to Make Good Decisions
  • How to Get Results

Learning Objectives

Learning Objective 1: The participant will be able to describe the importance of Critical Thinking.

Learning Objective 2: The participant will learn techniques to help in making better
decisions in their lives.

Learning Objective 3: The participant will learn techniques to help them set SMART
goals and ways to accomplish those goals.

Learning Objective 4: The participant will learn the importance of having a positive
attitude and techniques to help improve their attitude.

Learning Objective 5: The participant will learn techniques to help overcome fear so
they can become the best version of themselves.

Learning Objective 6: The participant will learn techniques to help them become one
of the best at whatever they choose to do.

Energy Audit: Daily & Weekly Resilience Check-In with Steve Shelton

3:00PM
MONDAY
JULY 28th

Energy Audit: Daily & Weekly Resilience Check-In

with Steve Shelton from Green Shoe Consulting

Abstract: All Cybersecurity Professionals

This session empowers practitioners to take ownership of their mental energy and sustain peak performance in high-stakes environments. You’ll be introduced to a customizable Self-Resilience Check-In framework—three questions each morning and a deeper weekly audit—that links your energy levels to engagement, decision quality, and risk management.

Through a compelling case study, hands-on worksheet practice, and a toolkit of micro-interventions (from 5-minute walks to focused breathing), you’ll craft a personal daily and weekly habit plan designed to keep your “resilience tank” topped off.

Fueling Motivation and Spotting Burnout: A Leader’s Playbook with Steve Shelton

1:00PM
MONDAY
JULY 28th

Fueling Motivation and Spotting Burnout: A Leader’s Playbook

with Steve Shelton from Green Shoe Consulting

 

 

Abstract: Cybersecurity Managers & Directors

In this hands-on session, leaders will explore the three pillars of intrinsic motivation—autonomy, competence, and relatedness—and learn how to embed them into daily team practices to boost engagement and performance. Through real-world examples and interactive role-plays, you’ll discover early warning signs of chronic distress, implement a simple “stress thermometer” for your team, and master a three-question check-in routine that sparks honest dialogue and timely support. Walk away with a week-long action plan that equips you to proactively fuel motivation and catch burnout before it takes hold.​

Bitdefender: Optimized Preventative Approach Towards a Foreseeable Attack Surface

04:00 PM
MONDAY
JULY 28th

Optimized Preventative Approach Towards a Foreseeable Attack Surface

with Yasser Fuentes, Principal Solutions Architect – Bitdefender

Abstract: In this presentation, Bitdefender will outline actionable strategies that you and your organization can implement to minimize your attack surface. Attendees will discover how our cutting-edge solution effectively connects risk identification with mitigation efforts by correlating user access to legitimate administrative tools.

Furthermore, we will explore how monitoring for misuse can help prevent the most prevalent data breaches we’ve investigated historically, empowering your company to strengthen its cybersecurity posture.

The Access Management Restaurant with Cody Steffens

11:00AM
TUESDAY
JULY 29th

The Access Management Restaurant

With Cody Steffens from Corewell Health

Abstract: Cody will share the story of how his team has moved from ad-hoc access requests to a more standardized, process driven approach, which has been oddly similar to ordering and making food at a restaurant.

Risky Business: Privacy, Risk, and Governance in the Age of AI with Leah Voigt and Cortney Schaffer

01:00 PM
MONDAY
JULY 28th

Risky Business: Privacy, Risk, and Governance in the Age of AI

with Leah Voigt, Chief Compliance and Privacy Officer and Cortney Schaffer,  Directory, Information Security Governance, Risk, Compliance and Privacy & Deputy Chief Privacy Officer for Corewell Health

 
 

Abstract: Join us for an engaging and insightful panel discussion on the critical topics of privacy, risk, and governance in the rapidly evolving landscape of generative artificial intelligence (Gen AI). As Gen AI technologies continue to advance, the implications for personal privacy and information governance become increasingly complex and significant.

We will explore how AI can both protect and infringe on individual privacy, and the measures that can be implemented to ensure data is handled responsibly. Additionally, Leah and Cortney will delve into their organization’s risk-focused governance journey with a discussion on key internal partnerships, potential policy developments, and best practices for organizations to navigate risks of Gen AI.

We encourage you to bring your questions for what promises to be a lively and informative discussion. We look forward to seeing you there!

Trust in Humans with Steve Shelton

4:00PM
MONDAY
JULY 29th

Trust in Humans: Building a Resilient Mindset for High-Performing Zero Trust Teams

with Steve Shelton from Green Shoe Consulting

Abstract: We’ve mastered “never trust, always verify” for our systems—now let’s apply that same clarity to how we think, communicate, and collaborate. In this session, you’ll learn three universal mindset principles (perception, choice, and resilience) grounded in our State of Stress research, paired with three simple coaching rituals you can start today.

Through humor (including a “Byte Me” one-liner on digital trust) and a live improv exercise, you’ll walk away with practical steps to transform blame into curiosity, reinforce psychological safety, and unite security, network, and business teams under a shared commitment to both robust defenses and human well-being.

Bizstream - Unlocking AI with Model Context Protocol (MCP)

3:00 PM
MONDAY
JULY 28th

Unlocking AI with Model Context Protocol (MCP)

with Brian McKeiver, Co-Owner | Microsoft Azure MVP from BizStream

 

Abstract: Model Context Protocol (MCP) is quickly becoming the backbone for advanced AI ecosystems. The protocol enables context sharing, agent collaboration, and integration with large language models (LLMs).

In this session, we’ll dive into what MCP is, why it’s gaining traction, and how it addresses the growing complexity of AI workflows. You’ll learn how MCP standardizes communication between AI agents and tools. Whether you’re building AI products, integrating models, or curious about the future of AI this session is for you.​

SentinelOne: Building an Autonomous SOC

11:00 AM
TUESDAY
JULY 29th

Building an Autonomous SOC

with Shane “The Sentinel” Harsch from SentinelOne

 

Abstract: What foundations need to exist for successfully automating your SOC? What skills would the team need to operate in that environment? What organizational support needs to exist in order to succeed in this transformation? Shane will discuss these questions and provide a guide for navigating their challenges.​

Crowdstrike: GRC Discussion with Jim Kuiphof

11:00AM
TUESDAY
JULY 29th

Crowdstrike: GRC Discussion with Jim Kuiphof

with Jim Kuiphof from Corewell Health

Abstract: TBD

ZScaler: Impacts of AI on Cyber Operations

01:00 PM
MONDAY
JULY 28th

Impacts of AI on Cyber Operations

with Ben Corll, CISO in Residence from ZScaler

 
 

Abstract: Artificial Intelligence (AI) is revolutionizing security operations by enhancing efficiency, precision, and scalability in addressing today’s most complex cyber threats. As organizations increasingly adopt AI to bolster their cybersecurity frameworks, this session at CloudCon will delve into the transformative role of AI in modern security practices, with a special focus on real-time threat detection, rapid incident response, and predictive analytics.

Attendees will gain insights into how AI-driven tools empower organizations to detect vulnerabilities faster, identify anomalies, and proactively mitigate risks. The presentation will also address pressing challenges, such as ethical considerations, adversarial machine learning threats, and the critical importance of transparent governance and workforce readiness. Join us to explore how AI is reshaping the cybersecurity landscape, equipping organizations to confidently safeguard their digital and physical assets in an evolving threat environment.

Jeremy Rogers - Defending the Digital Gate

2:00 PM
MONDAY
JULY 28th

Defending the Digital Gate: Combating Adversary in The Middle Phishing Attacks with Passkeys and Conditional Access

with Jeremy Rogers from Acrisure

 

Abstract: Starting this track, we will cover some statistics on increased phishing and account takeover activity. Then, we will discuss why traditional multi-factor authentication methods are becoming less effective at preventing these attacks. In doing so, we will cover how token-based OIDC Authentication works and why it’s vulnerable to AITM Attacks. During this, I’ll demo an attack I conducted against my lab environment to compromise a Microsoft User Account.

Afterwards, we will discuss FIDO2 Authentication protocols, the use of Passkeys, and how they prevent these attacks. Lastly, we will discuss Microsoft Entra conditional access policy controls and how to use them to prevent these attacks using both passkey-focused and non-passkey-focused controls.
SafeSecurity Presentation

10:00AM
TUESDAY
JULY 29th

SafeSecurity

with SafeSecurity

 

Abstract: TBD

TBD Presentation

3:00PM
MONDAY
JULY 28th

TBD

with TBD

 

Abstract: TBD​

AppOmni: Operationalizing SaaS Security

4:00PM
MONDAY
JULY 29th

Operationalizing SaaS Security: Building a Scalable and Resilient Program

with Clint Baker, Strategic Account Executive and Terry Olaes, Senior Solutions Engineer from AppOmni

Abstract:As organizations grow more reliant on SaaS, securing these environments requires more than point-in-time checks. This session explores how to build and operationalize a SaaS security program that delivers visibility, enforces policy, and reduces risk at scale.

Learn how to align security efforts with business goals, streamline response with existing tools, and establish a foundation for continuous protection across your SaaS ecosystem.

Torq: The Future of Security Operations

1:00PM
MONDAY
JULY 29th

The future of Security Operations: Autonomous, Agentic, and Agile

with Patrick Orzechowski (also known as “PO”), Field CISO from Torq

Abstract: Learn how Torq is reshaping the future of security operations by integrating autonomous, agentic, and agile technologies into its Hyperautomation Platform.

Through AI-powered agents, Torq Socrates are able to drastically reduce manual workload. Its agentic framework enables dynamic collaboration between specialized AI agents, ensuring rapid, accurate responses to complex threats.

This agile approach empowers security teams to scale efficiently, improve analyst productivity, and stay ahead of evolving cyber risks.

Bikes & Bytes with Trevor Bidle

3:00 PM
MONDAY
JULY 28th

Bikes & Bytes: Mastering Cyber Risk Management in a Dynamic Landscape

with Trevor Bidle from US Signal

 

Abstract: In today’s fast-paced digital world, where a single misstep can lead to significant repercussions, effective cyber risk management is essential. Join us as we explore acceptable risk, third-party risk, and risk avoidance strategies. This session will equip you with practical insights to navigate the evolving threat landscape and strengthen your organization’s security posture.

Double Vision: Certificate and Public Key Fingerprints with Jason Link

10:00 AM
TUESDAY
JULY 29th

Double Vision: Certificate and Public Key Fingerprints

with Jason Link

 

Abstract: Threat Intelligence is an overused and abused “lingo” like “AI”. Here we talk about the difference between signal intel and actionable intel. Walk up and swing hard on curating your own intelligence specific to your business and score a run through intel sharing and data-driven insights leading to better prioritization, understanding, and application of threats and threat detection.

 
Mind the Gaps: When EDR Isn’t Enough and What to Do Next with Justin Lentz

10:00 AM
TUESDAY
JULY 29th

Mind the Gaps: When EDR Isn’t Enough and What to Do Next

with Justin Lentz from Solis Security

 

Abstract: EDR platforms promise deep visibility and rapid response across endpoints, but the evolving threat landscape and proliferation of cloud workloads have exposed their limitations. This talk takes a candid look at where EDR tools fall short—whether due to technical blind spots, attacker evasion, or organizational missteps.

Drawing on real incident response and threat hunting experience, we’ll map out the most common gaps, from cloud-native assets and ephemeral workloads to lateral movement and credential abuse. We’ll then equip attendees with actionable steps to spot EDR limitations in their own environment, layer additional controls, and, crucially, recognize the signals that mean it’s time to escalate and bring in outside expertise before minor incidents become major breaches.

80s to AI: Self-driving IT Infrastructure

4:00 PM
MONDAY
JULY 28th

80s to AI: Self-driving IT Infrastructure

with Ryan Doon, Sr. Director, Solution Engineering at Tanium

 

Abstract: What does the first internet multiplayer space battle game have to do with modern IT systems management and AI-enabled tooling? Find out in this entertaining story of video game history leading to cybersecurity innovation. Learn something from the past. Learning something for today.

Britive: Achieving Unified Privileged Access

1:00 PM
MONDAY
JULY 28th

Achieving Unified Privileged Access Across Fragmented Cloud Environments

with Clint Pollock, Principal Architect Solutions Engineering – Britive

 

 

Abstract: Cloud transformation has fractured the way identities are managed. Different tools govern humans, service accounts, DevOps pipelines, and SaaS tools. AI agents are adding even more complexity and security gaps.

This session explores how enterprises can reduce operational risk and complexity by managing all privileged access through a unified policy engine. We’ll examine how runtime access decisions, least-privilege enforcement, and zero standing privileges can be applied across identity types without slowing down cloud adoption.

Thales: Implementing Zero Trust and The Real Impact of Bots

2:00 PM
MONDAY
July 28th

The Double Play – Implementing Zero Trust and The Real Impact of Bots

with Glen Roebuck, Senior Solution Architect and Manny Liwang, Principal Security Engineer from Thales

 

 

Abstracts:

Implementing Zero Trust – Leveraging Key Management and Secrets Management for Security

We will be talking about zero trust and how you can get to a layered approach using tools and knowledge available today and understanding where to start.

The Hidden Threat in the Cloud: The Real Impact of Bots

Bots aren’t just annoying, they’re stealing millions. Credential stuffing, price scraping, and fake engagement distort analytics, drain budgets, and erode trust. Traditional tools fail because today’s bots learn, adapt, and disguise themselves as human users. Winning requires AI that spots micro-behaviors, dynamic rate limiting, and deep fingerprinting. See real-world cases where businesses lost millions and how they fought back with next-gen bot mitigation.

Concentric: Data Security - The Missing Context

4:00 PM
Monday
July 28th

Data Security: The Missing Context

with Bob Rabbitt from Concentric AI

 

Abstract: Data security has been around for decades, and yet, it still feels like an unsolvable puzzle. Legacy technologies are typically resource-intensive, find just a small portion of companies’ sensitive data, and produce a ton of false positives. The impact to operations is often so significant that businesses never move their DLP out of monitoring mode.

Attend our session to learn

  • Why traditional approaches to data security have failed
  • How AI and context are revolutionizing data security
  • Where to maximize the value of your existing security investments
  • What you can do to secure your Gen AI rollouts

With the right strategy and technology, you can transform your data from a liability to a well-managed asset.

OnSpring: Breaking Down Silos

1:00 PM
MONDAY
JULY 28th

Breaking Down Silos: A Fireside Chat on Integrated GRC

with Brett Sommers, Director of Products, GRC at Onspring

 

 

Abstract: Join Brett Sommers, Director of GRC Products at Onspring along with local Cyber executives Jeromy Butts (LMCU) Jorel VanOs (Acrisure) and Jim Kuiphof (Corewell Health) for a practical discussion on dismantling GRC silos to foster a more resilient and agile organization. This conversation will explore the real-world challenges of departmental divides, from inconsistent data and reporting breakdowns to cultural resistance and the “that’s not my problem” mentality.

Attendees will learn actionable strategies to initiate change without “boiling the ocean,” focusing on starting small, building consensus, and standardizing risk language across the enterprise. The chat will highlight the importance of executive buy-in and finding internal champions to drive cultural shifts. Discover what the “promised land” of integrated GRC looks like: a state where risk management is no longer a roadblock but a strategic business enabler, allowing leaders to make faster, more informed decisions with confidence.

Leave with a single, powerful piece of advice to begin your journey toward a unified GRC framework tomorrow.

Meeting? Team Huddle? Quick Break?

Monday
1:00PM
2:00PM
3:00PM
4:00PM
Tuesday
10:00AM
11:00AM

Need a room for a meeting or just need to get away for a few?

Reserve your 45 minute time slot in the ExpoPass app.

We know that there’s still work to be done, meetings to be had and hey, sometimes we all just need to get away for a few. You can reserve this Luxury suite for any 45 minute session during the event. You must reserve them in the ExpoPass app

ProofPoint: Feet on the Ground, Head in the Clouds

11:00 AM
JULY 29th

Feet on the Ground, Head in the Clouds

with Yaniv Miron from Proofpoint

 

 

Abstract: As the security landscape continues to evolve, actors progressively look for ways to bypass enterprise defenses by directly compromising end-user accounts. Protecting these users is fundamental to a human-centric security posture. Join Proofpoint’s cloud threat research team as they walk through the stages of attacks centered on account takeover (ATO), from initial access through persistence.

Object First: Securing On-Prem Backups

2:00 PM
MONDAY
JULY 28th

Securing On-Prem Backups: Out-of-the-Box Immutability & Zero Trust by Design

with Mike Janson, Channel Sales Engineer, Object First

 

 

Abstract: In today’s threat landscape, backup infrastructure has become a primary target for ransomware and insider threats. This session explores how modern security-first backup appliances deliver unmatched data protection by bringing security to the forefront of on-premise backup architecture.

Attendees will learn how next-generation backup solutions enforce out-of-the-box immutability, eliminate root-level access vulnerabilities, and incorporate third-party verified Zero Trust principles without requiring deep security expertise or complex configurations. We’ll examine the critical importance of immutable storage, air-gapped architectures, and hardened operating systems in creating resilient backup environments that can withstand sophisticated attacks.

The technical discussion will cover deep integration capabilities with modern backup platforms through advanced APIs, demonstrating how security-focused appliances can scale linearly to meet enterprise-level demands while maintaining security boundaries and delivering high-performance data protection.

Key topics include implementing Zero Trust principles in backup infrastructure, hardware-level security features, network segmentation strategies, automated threat detection, and scalability considerations for enterprise and service provider environments.

Whether you’re an MSP, enterprise IT leader, or backup architect, this session will demonstrate how to radically simplify your on-premise data protection while strengthening your defense posture with verifiable, resilient storage solutions.

The session will conclude with a detailed examination of Object First’s Ootbi appliance and its integration with Veeam environments, including practical implementation of the Smart Object Storage API (SOS API) and real-world deployment scenarios supporting up to 1.7PB per cluster with ingest speeds of up to 8 GB/s.

Digital Employee Experience with Joanna Udo

2:00PM
Monday
July 28th

Digital Employee Experience (DEX)

with Joanna Udo from Corewell Health

 

Abstract: Digital Employee Experience (DEX) is no longer just a “nice-to-have” — it’s a powerful lever for securing data, reducing waste, and delivering measurable value across the enterprise.

In this session, Joanna Udo — unpacks how poor Digital Employee Experience  leads to real-world consequences:
•    Shadow IT and security vulnerabilities
•    Wasted spend from low device utilization
•    Lost productivity and user burnout
•    A broken trust cycle between users and IT

Drawing from real enterprise use cases, Joanna shows how a strategic DEX program improves compliance, reduces costs, and builds tech ecosystems employees actually want to use — not work around.

Whether you manage infrastructure, security, support, or experience — this talk will challenge your team to stop measuring uptime and start measuring impact.

Opening Keynote: Building Effective and Efficient Teams with Oak

12:00PM
Monday
July 28th

Building Effective and Efficient Teams

with Retired Lieutenant Colonel (US Army) Oakland McCulloch

 

Abstract: Retired Lieutenant Colonel Oakland McCulloch has 40 + years of leadership experience, in Combat, Peacekeeping Operations, Disaster Relief and in the Boardroom. His “Building Effective and Efficient Teams” talk, and book, is based on his wealth of knowledge and lessons learned during his career as a leader. Oak highlights team building principles that will allow leaders in any profession or at any level can use to build effective and efficient teams in their organization. There is NO discussion of theory in this talk. We will discuss what every leader can do every day to improve their teams effectiveness and efficiency.

In this talk we will cover the following topics for leaders:

  • What it takes to build 360-Degree Trust in your organization
  • Ways to get to Know the People in your organization
  • Ways to Show Your Appreciation to the people on your team
  • How to establish a Winning Culture in your team
  • How to Build Accountability and Take Responsibility in your organization
  • How to implement Team Building Activities
Ping Identity: Dynamic Fraud Prevention Strategies

3:00PM
MONDAY
JULY 28th

Dynamic Fraud Prevention Strategies: Grow Your Organization’s Bottom-Line Through Dynamic Fraud Prevention

with David Gwizdala, Sr. Sales Engineer, Ping Identity

 

Abstract: New account fraud and account takeover are persistent problems for CIOs and CISOs because fraudsters are constantly evolving their tactics, requiring security teams to adapt rapidly while maintaining user-friendly experiences.

The cost of fraud is high. The fear of data breaches and the potential financial and reputational damage they cause keep CIOs and CISOs awake at night, as does the pressure to balance stringent security measures with smooth customer experiences.

CIOs and CISOs might cite budget constraints, legacy infrastructure complexities, and the potential for negative customer experience impacts as reasons for not fully achieving fraud prevention initiatives. This highlights the tension between security needs and organizational priorities.

Key Takeaways –

At this session we will review how you can differentiate genuine users from potential fraudsters and prevent account takeover attempts while minimizing friction for legitimate users by:

  • Strengthen security during account creation by validating government-issued IDs and using liveness detection to verify user identities.
  • Analyze user behavior, device information, network signals, and more to detect anomalies.
  • Assign risk scores that trigger security measures when necessary.
  • Integrate with existing fraud prevention systems and security tools for a comprehensive approach to fraud detection and mitigation.
Kiteworks: Safeguarding Data Privacy and protecting IP in the Age of AI

3:00 PM
MONDAY
JULY 28th

Safeguarding Data Privacy and protecting IP in the Age of AI

with Craig Pfister from Kiteworks

 

 

Abstract: Kiteworks explores the evolution, impact, and security implications of artificial intelligence (AI), with a focus on safeguarding data privacy and intellectual property (IP) in enterprise environments. Tracing AI’s development from its inception in the 1950s to the present-day proliferation of large language models (LLMs), it highlights key technological milestones, including the rise of machine learning, deep learning, and the explosion of unstructured data.

As AI adoption accelerates across industries, the presentation emphasizes the growing risks associated with unstructured data, data leakage, model theft, and compliance challenges. It introduces Kiteworks ZTAI (Zero Trust AI) as a comprehensive solution for tracking, controlling, and protecting data at rest, in transit, and in use within AI systems. The presentation outlines best practices for encryption, least privilege access, continuous monitoring, and privacy-enhancing technologies such as differential privacy and confidential computing.
 
Through real-world use cases and industry statistics, the session provides actionable insights for organizations seeking to responsibly deploy AI while maintaining data integrity, regulatory compliance, and competitive advantage.