ISC2 on Point with Careers: You Can Get There from Here: Achieve Your Cyber Career Goals

Oct 25, 2023 11:35am ‐ Oct 25, 2023 12:30pm

Credits: None available.

Two recruiting executives in this cleared space are ready to assist you in reaching your career goals. They’ll speak from their own personal experiences to share how confidence not only propelled them through stages but made it possible to help others. Neither speaker graduated college and both got through diversity hurdles over time. In this session, we’ll refine job searching and resume creation in cybersecurity. Find out how to connect with organizations after applying by contributing content, volunteering or learning something new.
Learning Objectives:
  • Devise a plan to search strategically for your next career opportunity.
  • Prepare your resume so it stands out and get noticed by hiring managers.
  • Consider moving forward from your current role to your next opportunity.

Global Voices from N. America: On the Road Again – Mapping NIST’s Journey to Cybersecurity Framework 2.0

Oct 25, 2023 11:35am ‐ Oct 25, 2023 12:30pm

Credits: None available.

Join key influencers, policy makers and thought leaders from around the globe to hear their perspectives on regional cybersecurity issues impacting all corners of the world. Seize the opportunity to get answers to your questions from our featured guests. Hear the latest details about the road to the recently released draft NIST Cybersecurity Framework (CSF) 2.0—a document first developed in 2014 to help organizations manage their cybersecurity risk. Gain insights into some of the major changes that were unveiled in NIST’s latest draft publication, discover how to contribute feedback, and get an overview of the international impacts NIST has seen since throughout the years. Attendees will also learn about what’s next along the journey to the CSF 2.0 in the coming years—and what new stops are planned along the way.

Endpoint Security in the Age of Remote Work

Oct 25, 2023 11:35am ‐ Oct 25, 2023 12:30pm

Credits: None available.

Delve into the challenges of securing remote endpoints. This session will cover device management, secure access, data protection and employee training. By analyzing real-world case studies and best practices, you’ll gain actionable insights for protecting remote endpoints. We’ll also touch on long-term strategies and future trends in remote or hybrid work settings. Focusing on practical solutions and lessons learned, this presentation aims to equip cybersecurity professionals with the knowledge and tools necessary to safeguard their organization’s endpoints in a predominantly remote work landscape.
Learning Objectives:
  • Define the unique challenges and opportunities presented by remote work in the context of endpoint security and adapt cybersecurity strategies to address these concerns effectively.
  • Describe the essential technologies and solutions for securing remote endpoints - including device management, secure remote access, data protection and employee training - by examining real-world experiences and best practices.
  • Assess and improve an organization's endpoint security strategy, with a focus on implementing actionable steps for enhanced protection in the age of remote work.

Incorporating User Experience into Enterprise DevSecOps

Oct 25, 2023 11:35am ‐ Oct 25, 2023 12:30pm

Credits: None available.

Cybersecurity has a history of being a black-box activity. Although injecting Sec into DevOps has brought security into a more visible role, cybersecurity is still too often focused on reviews and code scans. Sec fails to consider one of the most important parts of the system: the user experience (UX). Take back best practices to apply UX from a cybersecurity perspective and ensure security is equally represented across enterprise-wide UX activities.
Learning Objectives:
  • Identify the basics of User Experience (UX) and Human Centered Design and their applicability across the full-spectrum of Sec activities within DevSecOps.
  • Apply UX to ensure cybersecurity is equally represented across enterprise-wide UX activities.
  • Adopt the expansion of Sec processes within DevSecOps to address the integration of UX activities.

PII in the Sky: Maintaining Cloud Control when Access Extends Beyond the Service Edge

Oct 25, 2023 11:35am ‐ Oct 25, 2023 12:30pm

Credits: None available.

This session will explore recent innovations that underlie secure, performant solutions answering the need to control data even when it is held, processed or transmitted by other parties. The techniques deployed are infrastructure-agnostic and compatible with cryptographically enforced role- and identity-based access controls, end-user privacy preservation, authorized data recovery, multiparty computation and collusion resistant operations. Complex constructs such as ephemeral blinding and personalized tokenization are now accessible through no-code, low-code and full-code integration models.
Learning Objectives:
  • Assess the risks associated with data traversing beyond the security service edge, as well as those associated with the corresponding parallels to granular internal access controls.
  • Describe the fundamentals of novel techniques enabling federated, distributed access control on externally held data.
  • Apply solutions across adoption models to materially reduce the likelihood of breaches and their adverse impacts.

AI Functionality in Applications: Beware of the Risks

Oct 25, 2023 11:35am ‐ Oct 25, 2023 12:30pm

Credits: None available.

AI technology is being embedded in popular applications from Microsoft, Adobe and Google. As the content you create and store in these applications is data mined to facilitate AI-type creative support, your intellectual property may be at risk. We will examine ways to reduce that risk in this session.

Learning Objectives:
  • Call out the ways AI technology is being embedded in popular applications from Microsoft, Adobe and Google.
  • Recognize how AI leverages content you created to enhance productivity.
  • Recommend ways to reduce risks to your intellectual property from data mining by AI applications

ISC2 Quickfire Talk: ISC2 Chapters

Oct 25, 2023 12:30pm ‐ Oct 25, 2023 12:35pm

Credits: None available.

Introducing the Quickfire 5-Minute Talk – the ultimate power-packed presentation experience! Taking place at the ISC2 booth, our speakers will share information on topics such as Adaptive Learning, Member Benefits, How to get published with ISC2 and more! It's a dynamic, information-packed journey that's perfect for today's fast-paced world. Be captivated, enlightened, and motivated in just 5-minutes!

ISC2 on Point with Careers: How to Get the Penetration Testing Experience You Need

Oct 25, 2023 12:50pm ‐ Oct 25, 2023 1:35pm

Credits: None available.

In this session, you’ll hear from an experienced pentester and educator on how to get the pentesting experience recruiters are looking for and how to demonstrate and document your skills. He’ll share the proven strategies that have helped his former students, mentees and other career advice-seekers obtain a job in pentesting. You’ll learn the importance of networking, personal branding and content creation in landing your ideal job.

Learning Objectives:
  • Gain the hands-on pentesting experience required in a pentesting role.
  • Demonstrate and document your skills and experience for current and prospective employers.
  • Recognize the value of professional networking through social media, conferences and cybersecurity user groups.

ISC2 Quickfire Talk: How to Become an ISC2 Content SME

Oct 25, 2023 1:00pm ‐ Oct 25, 2023 1:05pm

Credits: None available.

Introducing the Quickfire 5-Minute Talk – the ultimate power-packed presentation experience! Taking place at the ISC2 booth, our speakers will share information on topics such as Adaptive Learning, Member Benefits, How to get published with ISC2 and more! It's a dynamic, information-packed journey that's perfect for today's fast-paced world. Be captivated, enlightened, and motivated in just 5-minutes!

Zero Trust and Third-Party Risk: Reduce the Blast Radius

Oct 25, 2023 3:05pm ‐ Oct 25, 2023 4:00pm

Credits: None available.

As the level of incidents, events and breaches continues to grow by double digits year over year, it is now a mathematical inevitability that one or more of your third-parties will be a statistic. Learn how Zero Trust is a strategy and set of principles that assumes a breach will occur and creates architecture and operations around controls. Given the increased likelihood of a vendor breach, adopting a Zero Trust approach focused on third-party risk can greatly reduce risk for your organization.
Learning Objectives:
  • Explain why Zero Trust strategy is ideal in third-party risk and how it lends itself well to the staged journey of most Zero Trust deployments.
  • Utilize an OSI model type to demonstrate the overlap of Zero Trust and third-party risk.
  • Recognize that Zero Trust is a strategy and set of principles that assumes a breach will occur and creates architecture and operations around controls.