Preview Available
Identification: SNA2203
To understand the future of privacy, we must examine the history of privacy. By exploring the interplay throughout history between emerging technologies and the human truth of privacy, this session will provide a broad view of the critical importance of the issue in society today.
Speaker(s):Preview Available
Preview Available
Identification: SNA22NS01
Preview Available
Identification: SNAA2206
“Does my cybersecurity insurance cover intrusions related to the Russia/Ukraine war?” “What are my reporting requirements under the Strengthening American Cybersecurity Act of 2022?” “How do recent presidential executive orders impact my data protection program?” “How do I prepare for the upcoming California Privacy Rights Act?” Information security professionals are asking these and many more questions about their duties under the law. In this presentation, a cybersecurity attorney will review current hot topics in information security and data privacy law and answer your questions. At its conclusion, attendees will be able to:
· Understand the cybersecurity legal implications of “hot” and “cold” conflicts around the world
· Appreciate subtleties in complying with new and upcoming data protection laws
· Justify asking for the resources needed to meet cybersecurity legal challenges
Preview Available
Identification: SNA2205
The latest (ISC)2 research reveals how cybersecurity hiring managers are finding talent for entry- and junior-level roles, how long and how much money it takes to train them, and what tasks you can entrust them to tackle on their own and when.
Speaker(s):Preview Available
Identification: SNAA2207
Speaker(s):Preview Available
Identification: SNAA2208
Most cybersecurity technologies deal with the past (logs, forensics) or the present (network monitoring, intrusion detection, anti-virus). Although necessary, these approaches are inherently reactive. Attack tree-based threat risk analysis deals with the future. Customers working in critical defense and aerospace applications have long used attack tree analysis to ensure that their systems' architectures will withstand both present day and future attacks. In the attack tree analysis process, the analyst builds a graphical, mathematical model of the system they wish to protect, and descriptions of the system's adversaries. Analysis reveals the attacks the adversaries are most likely to use and the best countermeasures. It is especially applicable to industrial control system (ICS) security and an ICS example will be presented.
Learning Objectives:Preview Available
Identification: SNA22NS02
Preview Available
Identification: SNAA2209
This session will discuss Security Office services and roadmaps as inputs to strategically targeting Security Awareness and Training (A&T) activities. The overall A&T goal is intentionally designed to drive enterprise security culture shift and maximize training effort rather than focus on a security compliance framework. We'll highlight initiatives – SimPhishing program, Ambassador program, Security Academy, Self-service security portal, topical videos, etc. - that are used to achieve this goal, with examples of metrics of success
Speaker(s):Preview Available
Identification: SNAA2210
Statistics show that an increase diversity and inclusion within cyber is imperative to securing diverse communities across the globe. Yet, how does that diversity truly impact and create a more sustainable cyber profession? In this fireside chat, we’ll discover how elevating and creating space for more diverse voices leads to that sustainability. We’ll talk with Anthony Hannon, CISSP, CISM—a leading voice in DEI in cyber—and discuss his journey in the profession and how he has navigated his own sense of belonging in cyber.
Speaker(s):