The cloud can be tricky to navigate because of its many components and potential obstacles. This presentation is designed to start a conversation about the challenges of securing cloud-native applications. We’ll explore the strategies we can use to tackle them.

Learning Objectives:

1. Identify the challenges of cloud-native applications.

1. Discuss strategies that address these challenges.

1. Implement solutions to cloud-native application challenges.

As organizations increasingly rely on third-party and outsourcing providers for products and services, maintaining cyber resilience requires robust governance frameworks, control structures and oversight mechanisms. Complicating matters, third-party services today are often remote, cloud-based, globally sourced and more challenging to manage effectively end-to-end. Recent cyber incidents and data leaks have been linked to third-party services. Failing to assess, understand and plan for the risks presented by third-party providers could lead to significant organizational impacts and jeopardize cyber resilience. Through an interactive discussion of emerging security and governance challenges, we’ll explore the importance of end-to-end visibility and effective management in third-party governance to improve cyber resilience.

Learning Objectives:

1. Assess the risks presented by third-party providers.
2. Identify emerging security and governance challenges.
3. Explain the importance of end-to-end visibility in third-party governance.

Join ISC2 members as they consider artificial intelligence (AI) from a variety of security perspectives. As AI becomes mission-critical technology, it will be inevitably targeted by malicious actors. Explore how attacks on AI systems are likely to occur and what cybersecurity professionals should be doing in defence. We'll address how security professionals can enable AI adoption, while addressing emerging risks like how the use of AI tools affects intellectual property. When you use AI to create content, is it your intellectual property, or does it belong to someone else?

Learning Objectives:

1. Recognize the risk of attacks from bad actors and their potential to undermine acceptance of AI technology.

1. Reinforce the importance of information system security by design in AI development.

1. Encourage research and debate around addressing the inherent vulnerabilities of an emerging technology before it becomes mission-critical.

"Network-less attacks" will become the new normal. It's possible to compromise a company without touching the network to remain undetected. 

The number of SaaS apps in use in modern enterprise is vastly underestimated. Employees sign up for these apps themselves, skipping the usual security checks and procedures. Identities are the new perimeter, one that can be actively targeted by malicious actors. We’ll discuss the risks to modern enterprise and walk through some novel attacks that can be conducted in the SaaS-first world, as well as how to approach security in the age of self-service. 

Learning Objectives:

1. Learn how attacker's gain access to employee-adopted SaaS and use that to compromise an organization
   
2. Techniques to discover SaaS apps used in modern enterprise
   
3. How to approach security in the age of self-service

Join a panel of security leaders as they share their insights on leadership, cloud security and governance, risk and compliance. 

Learning Objectives:

1. Explain the role of leaders today in cloud security and governance, compliance and risk.
2. Identify the most critical concerns impacting cyber leaders.
3. Apply leadership best practices to enhance your current role.