SecureWorld New York City 2024

Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

This roundtable discussion is for our Advisory Council members only.

Participating professional associations and details to be announced.

Cyber insurance is no longer a “do I need it?” but a must-have for organizations. This conversation among cybersecurity peers will discusse how to properly assess insurance programs, including a candid look into how the organization should drive what is and is not covered, not the insurance provider.

Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

In the high-stakes world of mergers and acquisitions (M&A), the integration of digital assets poses significant cybersecurity challenges. This session will explore the critical need to protect sensitive information and systems during M&A activities, highlighting the vulnerabilities in cloud platforms, complex data centers, and AI systems. Drawing insights from high-profile cases such as Verizon’s acquisition of Yahoo, which was marred by significant cyber breaches, our expert speaker will delve into strategies for safeguarding digital assets. Attendees will comprehensively understand the risks involved and learn best practices for mitigating these threats to ensure a smooth and secure transition.

The Security Operations Center (SOC) is an organization’s first eyes and ears to security threats and risks. For the SOC to support being an organization’s first response team, the team must have the proper resources for continuous growth and monitoring to keep an organization secure. This discussion focuses on key foundational elements for developing and maturing a SOC. Attendees will learn how to establish processes, procedures, and growth plans for their SOC. Additionally, use metrics to show maturity opportunities within a SOC and identify cyber security risks in a business.

Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

Do you want to discover the best practices and tools for security data program? Do you want some options to help bring value to your security data, make sense of it, and either alert or make analytics on it? Do you want to learn more about data tiering and understanding how to efficiently store security data? If you answered yes to any of these questions, then this session is for you. Join us as we take you on a journey through the Cyber Security Data universe, where you will learn how to monitor, measure, and improve your analytics and observability within security.

Sometimes just having a SOC isn’t enough to address insider threat issues. Security operations teams are managing massive amounts of data across billions of events from on premises to the cloud. Looking for specific needles like insider threats in this complex haystack has special requirements that encompass both searching historic data and seeing evolving credential behavior changes as they happen.

Whether from downsizing or expanding the business, employees, vendors, contractors, and more are moving in and out of your environment. And often, it is during turbulent times that insider threats go unobserved as everything  changes so quickly. Insider threat initiatives require a new, more focused approach.

This presentation will explore:

• The common scenarios that indicate you need an insider threat team, how to build a mission statement, and tools
• Four attributes of a successful insider threat program
• How behavioral analytics baseline “normal” behavior of users and devices – showing risk faster
• An automated investigation experience that replaces manual routines and effectively guides new insider threat teams

In the shadows of our digital world, a clandestine battle is waged against our data, systems, and infrastructure. These hidden threats, much like the villains of comic books, lurk in the shadows, seeking to exploit vulnerabilities and disrupt our digital lives. Join us as we delve into the ever-evolving threat landscape, unmasking the villains of the digital realm and exploring their nefarious tactics.

Our panel of cybersecurity experts unravel the intricate world of cyber threats, shedding light on the latest trends, emerging attack vectors, and the expanding arsenal of malicious tools employed by cyber adversaries. Learn the motivations behind these threats, from profit-driven cybercriminals to state-sponsored actors wielding cyberweapons.

Our panel provides a comprehensive overview of the current threat landscape.

Moderated discussion for SecureWorld Advisory Council members. By invite only.

Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

Measuring one’s cybersecurity framework against others in the same industry, or even outside of their vertical, can provide valuable insights into areas to improve or adjust.

Key take-away: 
How to rethink database security controls in a cloud-first world.

For most organizations, data repositories hold our most sensitive, mission critical assets. As enterprises continue their digital transformation journeys, data repositories and the sensitive assets within are more exposed than ever before for several reasons, including a dramatic rise in the:

• Amount of data created, collected, and stored
• Number of repositories storing sensitive data across clouds
• Number of users and applications that need access to data

In the dynamic realm of cybersecurity, the battle between defenders and digital villains is an ongoing saga. This forward-looking session will explore the evolution of cyber threats, forecasting the next wave of challenges that organizations and individuals may face. We aim to unmask the upcoming generation of digital villains, examining their sophisticated tactics and exploiting vulnerabilities that may become prevalent in the future.

Our distinguished panel of cybersecurity experts will dissect the motivations driving these threats, from the ever-adapting strategies of profit-driven cybercriminals to the evolving techniques employed by state-sponsored actors wielding cyberweapons. As we peer into the future, we will also address the role of emerging technologies in reshaping the threat landscape, providing insights that empower organizations to proactively defend against tomorrow’s cyber challenges.

Join us in this exploration of the unseen, as we strive to anticipate and understand the threats that lie beyond the shadows of the current cybersecurity landscape.

Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

It feels like every day a new privacy law is enacted by the states, new regulations are issued by federal regulators, and then those regulations are overturned by the courts once challenged. This session explores how businesses can roll out sound data privacy practices in a time of so much legal uncertainty.

Artificial Intelligence (AI) coupled with Machine Learning (ML) has tremendous potential to strengthen defenses, but the benefits of ML/AI in cust be contextualized against the risks it poses. The usage of ML/AI has increased exponentially, but security and privacy governance and policies have not expanded at the same rate. Moreover, the pace of instituting AI and privacy regulations varies across the globe, creating a rather complex governance structure for cybersecurity personnel to operate under. This presentation delves into the security and privacy implications of using ML/AI in the organization, whether it is using ML/AI-based security tools or ensuring security of ML/AI-based products developed by the organization.

When a data breach or other cyber incident happens, having a plan in place can mean the difference between a quick recovery and unwanted headlines and irreparable harm to stakeholder trust.

Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

Join your peers for conversation and complimentary hors d’oeuvres and beverages. This is a great opportunity to network with other security professionals from the area, and to discuss the hot topics from the day.

Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) Version 2.0 to understand and actively manage their risk posture.

You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

• What are the components of the framework?

• Why is the framework is valuable?

• What type of organizations can use the framework?
  

Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

The threat of ransomware to global businesses, institutions, and governments has reached pandemic proportions. If you are the victim of a ransomware attack, your business will have a tough choice: either pay the attacker and hopefully gain control of your critical computer systems and information, or don’t pay and hopefully minimize the impact of data loss and recover the critical IT systems with minor damage. Law enforcement agencies recommend not paying, because doing so encourages continued criminal activity. In some cases, paying the ransom could even be illegal, because it provides funding for criminal activity.

Many of today’s ransomware attacks exfiltrate data, which means that attackers could have access to a victim’s confidential data, files, login credentials, and emails. Organizations cannot 100% prevent ransomware attacks. The best thing you can do is assume you will be hit and have plans in place that enable a quick response.

This course helps organizations design, build, operate, and maintain a comprehensive ransomware program. The focus is to: (1) prevent a successful attack (best case scenario); (2) reduce the impact of an attack by protecting critical assets; and (3) recover from an attack with minimal downtime and data loss.