Cybersecurity Summit: North America Midwest

Congressman Foster will discuss:

• How Congress, through bipartisan collaboration, is navigating the promises and complexities of AI’s transformative use cases.
• The strategic initiatives outlined by the Taskforce, including guiding principles and forward-looking recommendations.
• Bipartisan policy proposals developed in consultation with key committees of jurisdiction.

Join us for a thought-provoking discussion that explores the intersection of technology, governance, and the expanding use of artificial intelligence across public and private sectors alike.

This session focuses on how security leaders can utilize AI technologies to enhance defense capabilities, showcasing AI’s dual potential as both a tool for attackers and a powerful ally in cybersecurity.

Key insights include leveraging machine learning for predictive threat detection, employing AI-driven behavioral analytics to identify subtle anomalies in network activity, and leverage emerging capabilities to improve system robustness. The session aims to provide a strategic blueprint for integrating AI into cybersecurity frameworks, thereby not only countering AI-exploited threats but also setting a new standard for proactive defense.

Key Takeaways:

• Predictive Threat Detection: Implement the optimal AI strategy to forecast and neutralize threats before they manifest, drastically reducing the potential impact of cyberattacks.
• Anomaly Detection through Behavioral Analytics: Utilize AI to monitor network behavior continuously, enabling the detection of deviations that signify potential security breaches, enhancing the speed and accuracy of response.
• Collaborative Data Initiatives: An exploration of the significance of data sharing across organizational boundaries, emphasizing the collective strength derived from collaborative defense efforts.

This session will empower cybersecurity professionals with actionable strategies for leveraging AI to build more resilient and adaptive security infrastructures, ensuring preparedness against the ever-evolving landscape of AI-exploited cyber threats.

Similar to emergency response situations, security incidents require teams to communicate calmly and intentionally to mitigate risk. But every day, security practitioners face high-stakes attacks that can lead to surging adrenaline, emotional reactions and communication breakdowns – slowing down the incident response cycle and potentially harming organizations – and people – in the process. Remaining calm, gathering the right context to make informed decisions, following processes and communicating actions can lead to better, faster outcomes for all involved.

In this discussion, hear leadership strategies for building effective security teams from Expel senior solutions architect and volunteer first responder Tyler Zito. Join this session for a conversation on the unexpected cybersecurity lessons Zito has gleaned from spending six years as an Alpine Rescue Team volunteer and how to turn those lessons into actionable strategies for improving communication – and security operations – in your organization.

Panelists will provide a roadmap for CISOs seeking to fully leverage cyber insurance to safeguard their security, while clarifying its scope and debunking common misconceptions that challenge its effectiveness and sustainability

The discussion will explore the key factors that insurers consider during the underwriting process, illustrating how companies can effectively align their cyber insurance strategy with broader risk management objectives. Special attention will be paid to the strategic benefits of pre-breach services such as risk assessments and vulnerability scans, and post-breach services like incident response and claims support, which are pivotal in minimizing the impact of security incidents.

Key Takeaways:

• Comprehensive Risk Management: Understand how to utilize cyber insurance as a tool for comprehensive risk management, integrating both pre-breach and post-breach services to enhance your cybersecurity posture.
• Underwriting Insights for CISOs: Gain deep insights into the underwriting process, focusing on what insurers assess to help CISOs better prepare their organizations for favorable coverage.
• Navigating Market and Regulatory Changes: Explore how shifts in the cyber insurance market and regulatory landscape affect policy offerings and coverage strategies, empowering CISOs to make informed decisions.
• Optimization of Insurance Procurement: Learn strategies to streamline the cyber insurance acquisition process, improving how your organization approaches risk transfer and coverage optimization.

Organizations spend more than $30 million to combat threats, but traditional methods of identifying, authenticating and authorizing users are fraught with vulnerabilities. It’s time for a more secure and user-friendly model. Join Ping Identity to learn how PingOne Neo, our decentralized identity solution, prevents fraud by proofing and verifying digital identity securely in a shareable way.

Data privacy is no longer just a legal obligation; it is a crucial component of customer trust and corporate integrity. This session explores how security leaders can evolve their security programs to not only meet but exceed the changing regulatory and contractual demands, turning compliance into a strategic advantage.

This session will empower information security leaders to enhance their compliance strategies, embedding regulatory success deep into the fabric of their security practices. As regulations like GDPR, CCPA, and HIPAA continue to evolve, ensuring compliance is critical not just for avoiding penalties but for safeguarding your organization’s reputation and fostering durable relationships based on transparency and trust.

In this detailed discussion, attendees will gain insights into:

• Collaborative Compliance Strategies: How CISOs can effectively collaborate with legal and compliance teams to stay ahead of evolving data protection laws and maintain continuous compliance.
• Robust Data Governance: Setting up comprehensive data governance frameworks that control the lifecycle of data, from collection to deletion, ensuring alignment with regulatory requirements.
• Proactive Compliance Audits and Assessments: The importance of regular audits and assessments to verify adherence to data protection statutes, thereby mitigating risks and refining security posture.
• Employee Training and Engagement: Developing ongoing training programs for employees to understand data privacy best practices and their critical role in protecting sensitive information.

Most breaches are due to defects in design or code; thus, the only way to truly address the issue is to design and build more secure solutions. In this presentation, Tim Chick discusses how security is an integral aspect of the entire software lifecycle because of following deliberate engineering practices focused on reducing security risks using software assurance techniques.

This session will delve into the multifaceted nature of cybersecurity metrics that go beyond mere performance indicators, focusing on how these metrics can be effectively employed to demonstrate strategic maturity, justify security investments, and guide decision-making processes.

This session aims to empower information security practitioners to think expansively about the metrics they track. By integrating these diverse measures, leaders can provide a more comprehensive view of their security operations, advocate more effectively for necessary resources, and implement strategic improvements that align with both security needs and business goals. Join us to explore how you can extend your metric horizon to craft a robust narrative of cyber maturity that supports sustained organizational success.

Key discussion points will include:

• Threat Hunting and Monitoring: Evaluating the effectiveness of proactive security measures and their impact on risk mitigation.
• Education and Awareness Programs: Metrics that measure the change in organizational behavior and culture towards security, highlighting the importance of continuous education.
• Innovation in Metric Application: Exploring emerging metrics and how they can offer deeper insights into security posture, such as user behavior analytics and the integration of AI in security protocols.
• Communicating Value to Leadership: How to translate cybersecurity investments into business-centric metrics that resonate with executive stakeholders, demonstrating ROI and aligning security goals with business objectives.
• Staffing and Upskilling: Analyzing staff competency and training metrics to bolster security, including turnover rates, training effectiveness, and skill gaps.

This interactive session is meticulously crafted to mimic a sophisticated cyberattack. It aims to bolster strategic response capabilities and enhance operational readiness against the backdrop of advanced cyberthreats. The focal point of this exercise is a strategically crafted deepfake incident targeting a corporate executive, weaving together elements of social engineering, financial fraud, and the challenges posed by emerging technological threats.

What you will gain from this experience:

• Enhanced Organizational Readiness: To critically assess and improve organizational preparedness in response to intricate cyber incidents involving deepfake technology and social engineering.
• Interagency Collaboration and Knowledge Exchange: To strengthen the partnership and information sharing between the Secret Service and leaders in the private sector cybersecurity community.
• Strategic Response Development: To create all-encompassing incident response strategies that cover legal, technical and communicational facets, while also identifying and rectifying weaknesses in existing cybersecurity policies and governance.