Day One | November 10, 2020, Tuesday

9:00 am - 10:00 am Securing & Enabling The Distributed Workforce Through Digital Transformation

Eric Brohm - GVP, CISO, Wyndham Hotels & Resorts

Digital transformation is a journey. The path to digital transformation is littered with vulnerabilities. Securing the cloud is of course a different prospect than securing the perimeter. A distributed workforce needs to be made security aware in different ways than on prem. And the entire prospect of business and security changes with dual a focus on zero trust and business enablement. This session discusses all of the above and more.

  • Cloud Evolution: Delivering security services on the edge
  • Zero Trust: Ease of Use with best in class security
  • User Awareness: Understanding that you’re never done
  • CISO Role: Ensuring the focus is on business enablement
  • Last thing to do in 2020, first thing to do in 2021

Eric Brohm

Wyndham Hotels & Resorts

10:00 am - 11:00 am Hacking Exposed: Learning from the Adversaries

Brian Robison - Senior Director - Product Marketing & Chief Evangelist, BlackBerry

Fileless attacks and fileless malware have grown in sophistication, especially in their ability to obfuscate and hide from both traditional and next-generation anti-virus. Join us to discover the techniques being used by APT32/OceanLotus to attack their victims and learn how to replicate them to better test your defenses. In this very short demonstration, you will learn techniques to make a weaponized document that is designed to not just bypass AV but also human threat hunters through a sophisticated method of obfuscation and the use of built-in trusted tools. The document is capable of allowing the attacker to gain remote access to the victim system and exfiltrate sensitive data. You will get to see, firsthand, the attack compromise both a Windows PC as well as a MacOS.

Attend this session to:

  • Learn the techniques of current real-world adversaries 
  • See how attackers can exfiltrate sensitive data and easily get around traditional AV and through human defenses 
  • Find out how you can better evaluate if your business is properly protected 

Brian Robison

Senior Director - Product Marketing & Chief Evangelist

11:00 am - 12:00 pm How AI Augments Humans: Closing Skills Gaps & Driving Executive Decisions in Cyber Security

Justin Fier - Director of Cyber Intelligence & Analytics, Darktrace

When it comes to securing today’s dynamic workforce, demand eclipses supply for skills & expertise. Moreover, board level executives are grappling with the ongoing challenge of translating technical insights into meaningful decision-making, having to strike the perfect balance between mitigating technical risks and accelerating digital transformation all while maintaining a high level of innovation. 

Join Justin Fier, Director of Cyber Intelligence and Analytics at Darktrace, as he unpacks how AI augments teams by mimicking human thought processes - automating investigation and reporting of cyber incidents in a world-first capability, the Cyber AI Analyst. 


  • How automation reduces time to triage by up to 92% 
  • How AI-driven insights build communication between security experts & executives
  • How human augmentation with AI secures dynamic workforce & facilitates digital acceleration 
  • How AI automated an entire investigation into the sophisticated LeChiffre ransomware 

Justin Fier

Director of Cyber Intelligence & Analytics

12:00 pm - 1:00 pm The Adoption of Emerging AppSec Technology: A Possible Shift to the Right

Nabil Hannan - Managing Director, NetSPI
Travis Hoyt - Head of Cybersecurity Technology, TIAA

Has your organization considered IAST, RASP, etc. solutions as part of your program, and what has your experience been so far? 

Understanding the value provided by different types of vulnerability detection and exploit prevention technologies that are available today is critical to every security organization. This discussion will focus around Interactive Application Security Testing and Real-time Application Self Protection. 

  • What is IAST, and how does it complement Pentesting, DAST, and SAST?
  • What is RASP, and why is it challenging to deploy at scale?

Attend this session to:

  • Better understand capabilities of new emerging technologies that detect security vulnerabilities in software
  • Better understand the strengths and weaknesses of some of the new techniques
  • Learn how organizations are using these techniques at scale
  • Review challenges around adding yet another piece of technology to the ecosystem

Nabil Hannan

Managing Director


Travis Hoyt

Head of Cybersecurity Technology

1:00 pm - 2:00 pm Enlightened Decision Making From Cyber Risk Modeling

Sanjay Nayar - Director, Cyber Risk Analytics and Modeling, Capital One

Join us for this session and learn more on:

  • Quantifying cyber risk using data at scale
  • Gathering qualitative data from disparate sources
  • Building an enterprise risk landscape 
  • Gaining a view of the big picture while drilling into the details 

Sanjay Nayar

Director, Cyber Risk Analytics and Modeling
Capital One