Archives: Seminar

[1 CPE] Proving Cyber Resilience: Measuring Outcomes, Not Effort

  Presented by Tony Taylor, Sales Engineer • Horizon3.ai

Most security programs measure effort — not outcomes. Organizations patch thousands of vulnerabilities, deploy dozens of tools, and run annual tabletop exercises… but when an attacker shows up, none of that matters.

What matters is whether they can prove their defenses actually work.

In this talk, Horizon3.ai shares how leading organizations are using autonomous pentesting to see their environment through the attacker’s eyes — continuously, safely, and at scale. By shifting from assumptions to proof, they’ve learned to:

  • Prioritize what’s exploitable. Focus limited resources on the weaknesses that truly put the business at risk that are known to be abused by threat actors.
  • Quickly fix what matters. Close the loop from find → fix → verify and reduce your exploitable attack surface.
  • Reduce attacker dwell time. Use pentest results to precisely deploy honeyTokens to detect compromise early, and to continuously prove your EDR and SIEM are tuned and working as intended.

Cyber resilience isn’t about being perfect — it’s about getting better over time. And the only perspective that truly matters is the attacker’s.

Advisory Council Roundtables

Join us during the lunch hour for Advisory Council Roundtables, an interactive opportunity to connect with council members and peers on a variety of timely industry topics. Move freely between tables, share your perspective, and gather practical insights you can take back to your organization. These conversations are informal, high-value, and designed to spark ideas and connection.

Topics:

  • Data Protection in the Age of AI
  • Ensuring Security and Compliance with 3rd Parties
  • IT Staffing: Onboarding for Success
  • Get More Out of Your IT Spending
  • Managing Infosec for the Small/Medium Business
  • Security Approach in Public Sector
  • Security Awareness: What Methods Work to “Secure the Human”
  • Zero Trust Strategy: Challenges & Lessons Learned

[1 CPE] Bridging Zero Trust and SASE: A Unified Approach to Modern Cybersecurity

  Presented by Fortinet

This will be a panel discussion on how organizations can effectively bridge Zero Trust and SASE to create a unified, adaptive cybersecurity architecture that meets the demands of today’s hybrid workforce and threat landscape.

Key Takeaways:

  • Understand the core principles of Zero Trust and SASE, and how they complement each other.
  • Learn practical strategies for implementing a unified approach without adding complexity or disrupting operations.
  • Gain insights into real-world use cases and lessons learned from organizations successfully integrating these frameworks.

[1 CPE] AI: Cybersecurity’s Double-Edged Sword

  Presented by Daniel Navarro, Sales Engineer • ESET

This session explores how artificial intelligence is reshaping the modern cyber threat landscape by empowering both attackers and defenders. It examines how adversaries use AI to scale attacks, evade detection, and increase their effectiveness. The presentation also highlights how organizations can leverage AI to build proactive, adaptive defenses that detect and respond to threats more efficiently. Finally, it showcases how ESET applies AI-driven technologies to protect against evolving cyber-attacks and strengthen overall security resilience.

[1 CPE] State of the Union: Annual Information Security Report

  Presented by Oscar Minks, President • FRSecure

The result of over 100 incident cases handled by the FRSecure response team in the last two years, President Oscar Minks will dive into the latest threats and response techniques you need to know—and what you can do to minimize the risk and impact of similar events. The breakdown will cover Business Email Compromise, Ransomware, and Internal Compromise. You can’t afford to miss it!

[1 CPE] Identity: The Target and The Weapon

  Presented by Jeffrey Kongswangwongsa, GTM Tech Lead, Identity • Rubrik

Identity infrastructure has quietly become the most critical — and most targeted — attack surface in the enterprise. In this session, we’ll explore why today’s cyberattacks have fundamentally shifted from malware to identity, and what that means for how organizations need to think about protection and recovery.

The session covers the growing threat landscape around Identity Providers (IdPs) like Active Directory, Microsoft Entra ID, and Okta, including why detection is no longer the hard part — removal and recovery are. We’ll dig into real-world case studies, the dangerous “”domino effect”” that happens when identity systems fail during recovery, and how AI is accelerating the speed and scale of identity-based attacks.

Attendees will walk away with a clearer picture of what modern identity resilience looks like: from protecting IdPs with immutable, air-gapped backups to orchestrating clean recovery in hours instead of weeks — without losing legitimate changes or reintroducing attacker persistence.

[1 CPE] How (Not) To Build a Fire Department

  Presented by Tom Simonis, Sr Sales Engineer, Enterprise US • Arctic Wolf

This presentation uses the analogy of building a fire department to explore the realities, risks, and misconceptions organizations face when attempting to build and operate an in-house cybersecurity function or Security Operations Center (SOC). Grounded in global research from over 1,000 security and IT professionals, the session highlights persistent trends such as rising data breaches, increasing ransomware attacks, growing attack surfaces, and the ongoing shortage of skilled cybersecurity talent. It demonstrates why cybersecurity—while mission-critical to business continuity—is not a core business function for most organizations, and why treating it as such often leads to inefficiency, burnout, wasted spend, and increased risk.

Through real-world data and practical examples, the presentation walks through what “state-of-the-art” cyber defense actually entails: 24×7 coverage, specialized skills, integrated tools, continuous improvement loops, and proactive threat intelligence. It contrasts this ideal with the common reasons in-house SOCs fail, including limited operating hours, lack of authority, underestimation of integration and tuning efforts, overreliance on point solutions, and the misconception that technology or AI alone can solve structural gaps. The session concludes with actionable insights on measuring and improving cybersecurity maturity, emphasizing the importance of people, process, and operational discipline—and reinforcing why many organizations achieve better outcomes by focusing on preparedness, resilience, and strategic partnerships rather than trying to “build their own fire department.”

Key themes addressed include:

  • Current cybersecurity and ransomware trends impacting organizations globally
  • The true cost and complexity of building and maintaining an in-house SOC
  • Why talent shortages and burnout continue to undermine security operations
  • Characteristics of mature, state-of-the-art cyber defense programs
  • Common pitfalls that cause in-house SOCs to fail
  • Practical guidance for measuring, optimizing, and continuously improving security posture

[1 CPE] Data Resilience in the Age of Attack: Protect What Matters

  Presented by Landra Pierce, Product Strategy Technologist • Veeam

Cyberattacks are no longer a distant threat; they are a reality every IT team must be prepared for. When an attack occurs, your data becomes both the primary target and the key to recovery. Many organizations still rely on backup strategies that are designed for hardware failures or accidental deletions, rather than today’s threats, like ransomware, insider risk, and automated attacks. This disconnect creates vulnerabilities, especially when backups become an overlooked entry point in your security strategy. In this session, we will address these challenges to help you better protect your organization.

This session is ideal for IT professionals who want greater confidence in safeguarding their data and peace of mind. We will examine the most common oversights that leave organizations, including those in government, education, healthcare, and other sectors, exposed to cyberthreats. You’ll discover how teams are advancing beyond basic backup to adopt a cyber-ready approach, including topics like immutability, threat awareness, rapid recovery, and intelligent automation.

Our focus will be practical and grounded in real-world scenarios, and what truly works when pressure is high and time is limited. Because when every minute counts and trust is at stake, data resilience means more than surviving an attack. It’s about protecting what matters most and emerging even stronger.

[1 CPE] Proving Cyber Resilience: Measuring Outcomes, Not Effort

  Presented by Jake Mickley, Sr Solutions Architect • Horizon3.ai

Most security programs measure effort — not outcomes. Organizations patch thousands of vulnerabilities, deploy dozens of tools, and run annual tabletop exercises… but when an attacker shows up, none of that matters.

What matters is whether they can prove their defenses actually work.

In this talk, Horizon3.ai shares how leading organizations are using autonomous pentesting to see their environment through the attacker’s eyes — continuously, safely, and at scale. By shifting from assumptions to proof, they’ve learned to:

  • Prioritize what’s exploitable. Focus limited resources on the weaknesses that truly put the business at risk that are known to be abused by threat actors.
  • Quickly fix what matters. Close the loop from find → fix → verify and reduce your exploitable attack surface.
  • Reduce attacker dwell time. Use pentest results to precisely deploy honeyTokens to detect compromise early, and to continuously prove your EDR and SIEM are tuned and working as intended.

Cyber resilience isn’t about being perfect — it’s about getting better over time. And the only perspective that truly matters is the attacker’s.

[1 CPE] From Known-Bad to Known-Normal: The Future of Threat Detection

  Presented by Patricia Titus, Field CISO • Abnormal

As email-based threats continue to evolve in speed and sophistication, traditional “known-bad” detection methods are no longer enough to protect modern organizations. This session explores the shift toward a “known-normal” security model, where behavioral AI establishes a dynamic baseline of trusted activity to identify anomalies, detect emerging threats, and stop attacks before they escalate.

Designed for executive and security leaders, this presentation will examine how behavioral-based threat detection strengthens resilience against advanced phishing, business email compromise, and AI-driven attacks. Attendees will leave with practical guidance for evaluating their current email security stack, adopting modern AI-powered defenses, and implementing key strategies to stay ahead of today’s rapidly changing threat landscape.