8:15 - 9:00 am Opening Key Note
From Breadcrumbs to Trailblazers: Unlocking a Future of Endless Possibilities Together
Keynote Speaker: JC Vega
Location: Community Room
Effective leadership in cybersecurity is not just about technical know-how; it's about shaping the future through strategic influence. In this keynote, we explore how leveraging influence can lead to transformative changes in cybersecurity practices and culture. This session will guide attendees through the essentials of influential leadership and understanding its forms, from personal impact to positional authority, and applying these to drive effective security strategies that integrate seamlessly with organizational goals. We'll discuss practical methods for enhancing your influence within your organization, focusing on communication, ethical leadership, and strategic decision-making. These techniques not only innovate security approaches but also inspire teams to adopt and champion these changes. By the end of this session, you will be equipped with the tools to not only enhance your leadership skills but also to inspire and enact meaningful changes that strengthen your organization's cybersecurity posture. This is about more than securing systems; it's about leading in a way that fosters innovation and resilience in the face of evolving threats, seamlessly blending new ideas with proven strategies to protect what matters most.
9:00 - 9:50 am (Room 1)
Turning the Tables: Leveraging Adversarial Tactics for Enhanced Security Testing
Presenter: Arpan Abani Sarkar
In this technical session, we will learn how security teams can perform simple, fast, and effective security testing to evaluate their defenses rapidly and continuously. We will introduce Halberd, an advanced open-source attack emulation tool designed to execute attack techniques across multiple surfaces. We will emulate attack paths that span across multiple attack surfaces to effectively evaluate how defenses respond to these complex threats. Additionally, we will explore capabilities that not only facilitate robust security testing but also enable easy sharing of testing information between teams and the broader community.
9:00 - 9:50 am (Room 2)
PIB: The Evolution of PII
Presenter: Osama Nasser Shilbayeh
This presentation revolves around the evolution of PII & the introduction of something new, something that hasn't been shared or discussed on a wider scale, that term is called PIB (Personal Identifiable Behavior). In this presentation, we will dive deeper into the true meaning of PIB and get a better grasp on how it is being collected and used with/without our knowledge. The purpose of this presentation is to introduce the audience to a new group of personal identifiers, a group that must be protected from being exploited by threat actors and highlight the significance of PIB in the future.
9:00 - 9:50 am (Room 3)
Social Engineering - Layer 0 - Hearts & Minds - MeatWare
Presenter: Joshua Taylor
There is a side of cybersecurity that requires almost no technical skills whatsoever, and yet that same side is responsible for every single cyber attack that has ever happened. Social engineering has been around for some time and has evolved into many different facets. From phishing, to vishing, to simply striking up a conversation with someone in the parking lot, this attack vector has become an extremely effective tactic to threat actors all over. My goal is to share my expertise in this particular area with the hopes that those who attend will gain defensive as well as offensive social engineering strategies and methods, as well as to gain motivation to pursue an area of cybersecurity that they are passionate about.
9:00 - 9:50 am (Room 4)
Generative AI for Cybersecurity Awareness Training: Skills, Strategies, and Accountabilities
Presenter: Brian Callahan, Quinn Colognato, and Mary Cotrupi
This presentation dives into a year-long case study on how a team of students and their professor built, delivered, and iterated upon the cybersecurity awareness training program at an R1 university. The goal of the project was to understand the ways in which Generative AI, ChatGPT specifically, could serve both as a help and a hurt, and the development of a workflow and skills necessary to best leverage the tool. We will present actionable results from two experiments untaken in this case study: the first to understand the abilities of individuals receiving training to identify human-made versus AI-made training modules; the second to identify the most critical skills training creators need to possess in order to best leverage ChatGPT as an aid in training module development. Going beyond the precepts of verifying Generative AI output, we provide an outline for how to build your cybersecurity awareness teams to maximize the effectiveness of using Generative AI as part of your broader strategy to create, deliver, and keep fresh and relevant your training program. We will provide a workflow for how to prepare your cybersecurity personnel and organization to most effectively and inclusively innovate and iterate on this critical piece of human-facing cybersecurity practice, and inspire a new generation to get involved in this crucial task.
10:00 - 10:50 am (Room 1)
Exploring API Security: Key Distinctions from Web Application Testing
Presenter: Alberto Wilson
This talk explores the fundamental differences between APIs and traditional web applications, focusing on how these distinctions influence security testing approaches and methodologies. An API, distinct from a typical application backend, serves unique functions and is not necessarily accessed through a web browser. This divergence means that many standard security tests applicable to web applications do not suit APIs. Understanding the purpose of an API and its role within a system is crucial for conducting effective security tests. We will discuss what APIs are at conceptual level, and the various types such as RESTful, SOAP, and GraphQL. The talk will provide an overview of relevant vulnerability classes and methodological approaches to API security testing. Key topics will include the differences between cookie-based and header-based authentication, the implications of long-lived tokens, and why client-side issues like XSS are generally not pertinent to APIs.
10:00 - 10:50 am (Room 2)
BadAI Playbook and Mitigations
Presenter: Jeremy Rasmussen
In this talk, we delve into the seamy underworld of generative artificial intelligence (GenAI) and see how it is being applied for criminal and illicit activities today along with its potential for widespread mischief in the future. For today's threats, we address the following: 1. Use of deepfakes in fraud, bypassing Know Your Customer (KYC) controls, and physical crime (e.g., kidnapping). 2. Use of deepfakes for sextortion, non-consensual distribution of intimate images (NCDII), and child sexual abuse material (CSAM). 3. Use of Generative AI for phishing and social engineering attacks at scale.
For tomorrow's threats, we look at the following:
-
Use of GenAI for developing malware.
-
Threat of GenAI in autonomous code development.
-
Threat of nation-states exploiting GenAI models.
-
Use of AI Agents for large-scale criminal and illicit enterprises (e.g., stock/financial manipulation, election manipulation, mass data theft).
-
Issue of the Scaling Laws for Neural Language Models (i.e., running out of data and risks of using synthetic data).
-
Threat of exploiting GenAI for physical attacks (e.g., self-driving cars, healthcare systems, etc.).
Then, instead of just wringing our hands over these things, we discuss some real countermeasures for mitigating these threats. These include the following:
-
Collaboration / Information Sharing
-
Training and Awareness
-
Use of AI to combat AI
-
Other recommended countermeasures: a. National Research Cloud, b. Efforts to stop AI agents
10:00 - 10:50 am (Room 3)
From Panic to Preparedness: Averting Ransomware Disasters
Presenter: Erich Kron
In the dynamic and ever-changing world of cyber threats, ransomware stands out as one of the most perilous and damaging types of attacks. This session will help organizations navigate the treacherous waters of ransomware and emerge stronger and more resilient. This presentation will take you through the evolution of ransomware, showcasing the latest tactics and techniques used by cybercriminals to infiltrate systems and hold data hostage then delve into real-world examples, analyzing the aftermath of ransomware attacks and the devastating impact they can have on businesses of all sizes. But it's not all doom and gloom. This session is designed to empower you with the knowledge and tools needed to transform fear into confidence. We will explore practical, actionable strategies to prevent ransomware infections, including advanced security measures, employee training, and proactive defense mechanisms. You'll learn how to develop and implement an effective incident response plan to minimize damage and ensure a swift recovery. In this session you will learn:
-
What makes ransomware so popular with bad actors
-
Ransomware attack vectors
-
Defenses against ransomware attacks
10:00 - 10:50 am (Room 4)
Starting Your Own Cyber Company
Presenter: Bryson Bort
So you're not crazy, you just want to start your own company. Which kinda takes a level of crazy to pull it off. We'll talk through what it takes to be an entrepreneur, ideation and the phases of startup, different kinds of companies (service, product, non-profit), how and why (or why not) to raise capital, types of investors, legal requirements, working (or not) with friends, challenges, building total/service addressable market size, back-office administration, employee benefits, equity (what is an RSU?), pricing, Intellectual Property Rights, economics, and resources for more information and networking. Will include anecdotes and insights my experiences starting several companies and from multiple Founders across the spectrum.
11:00 - 11:50 am (Room 1)
Take Back Your Privacy: by Demystifying PGP/GPG
Presenter: Steven Miano
With concerns about digital privacy at an all-time high, PGP/GPG provides individuals and businesses with a robust encryption toolkit. This presentation traces the evolution of PGP, delving into its underlying technology. Explore practical use cases demonstrating how PGP/GPG safeguards sensitive communication and data in real-world situations. Learn best practices for implementation and understand the concept of 'webs of trust' through key signing parties. Whether you're a concerned citizen, student, or professional, this presentation will empower you to take back control of your digital privacy.
11:00 - 11:50 am (Room 2)
Same Game, Different Name: Effectively Managing Vendor AI Risk
Presenter: Chris Honda
When assessing AI-related risk, do we include our vendors' use of AI? We don't have to reinvent the VRM wheel: we just have to consider some new factors. How in the world do we assess AI risk, and where do we start? We will discuss these questions, new tools, and creative approaches such as (and not limited to)the NIST AI RMF, ISO standards 23053 and 42001, contractual considerations, and legislation like the EU-AI Act to help reduce AI risk in the VRM process.
11:00 - 11:50 am (Room 3)
Eye to Eye with AI
Presenter: Doug Cassle
Track: Offensive/Defensive Security
Introduction to Artificial Intelligence (AI):
In this presentation, we will embark on a journey through the basics of Artificial Intelligence (AI), providing a foundational understanding necessary for any security practitioner. We will begin with an introduction to AI, explaining its significance in the modern technological landscape and its impact on various sectors, including security.
Basic Machine Learning (ML) Concepts:
Next, we will delve into the core concepts of Machine Learning (ML), the backbone of AI. We will discuss key terminology such as algorithms, models, training, and testing, and explain how ML enables computers to learn from data without being explicitly programmed. Types of Learning We will then explore the different types of learning within ML: supervised learning, where models are trained on labeled data; unsupervised learning, which involves finding patterns in unlabeled data; and reinforcement learning, where agents learn by interacting with their environment to maximize rewards.
Large Language Models (LLMs) and Generative AI:
Our focus will then shift to Large Language Models (LLMs), a prominent advancement in AI. We will explain how LLMs leverage vast amounts of data to understand and generate human-like text. The discussion will extend to generative AI, highlighting its ability to create new content, from text to images, and its applications in various fields.
​
Common Issues in ML
We will address common issues encountered in ML, such as overfitting, bias, and data quality problems. Understanding these challenges is crucial for developing robust and reliable AI systems.
Adversarial AI:
Finally, we will discuss adversarial AI, focusing on how malicious actors exploit ML models. We will explore techniques such as adversarial attacks, where inputs are intentionally designed to deceive models, and the importance of developing defenses against such threats. By the end of this presentation, you will have a comprehensive overview of AI fundamentals, the workings of ML and LLMs, and the critical security considerations surrounding adversarial AI. This knowledge will equip you with the insights needed to navigate and mitigate the risks in the evolving AI landscape.
11:00 - 11:50 am (Room 4)
Building a High Performing Cyber Team
Presenter: Andy Hanks
Track: Leadership in Cybersecurity:
Elevating Teams and Innovating Standards
The high demand / low supply cybersecurity job market has created a premium for skilled and diverse cybersecurity job seekers. Employers need to build high-performing cyber teams to retain existing employees, recruit additional employees, and to get the most out of their cyber team.
​
The audience will learn how how to build a high performing cyber team and what is required at he Organization, Leadership, Team, and the Employee levels.
12:00 - 12:50 pm Mid-day Key Note
The Influence Hack: Shaping Your Future in Cybersecurity
Keynote Speaker: Candace Williams
Location: Community Room
Effective leadership in cybersecurity is not just about technical know-how; it's about shaping the future through strategic influence.
In this keynote, we explore how leveraging influence can lead to transformative changes in cybersecurity practices and culture. This session will guide attendees through the essentials of influential leadership's understanding its forms, from personal impact to positional authority, and applying these to drive effective security strategies that integrate seamlessly with organizational goals. We'll discuss practical methods for enhancing your influence within your organization, focusing on communication, ethical leadership, and strategic decision-making. These techniques not only innovate security approaches but also inspire teams to adopt and champion these changes.
By the end of this session, you will be equipped with the tools to not only enhance your leadership skills but also to inspire and enact meaningful changes that strengthen your organization's cybersecurity posture. This is about more than securing systems; it's about leading in a way that fosters innovation and resilience in the face of evolving threats, seamlessly blending new ideas with proven strategies to protect what matters most.
1:00 - 1:50 pm (Room 1)
Detections as Code ft. Elastic
Presenter: Eric Forte
Track: Offensive/Defensive Security
Audience members can follow along to deploy and manage custom security rules using a Detections as Code (DaC) approach featuring Elastic Security and the detection-rules repo. You will quickly deploy a local stack using the docker Elastic Container Project (ECP), or use a cloud based stack, and manage the rule lifecycle from development to production.
Various techniques applicable to detection engineers and security researchers alike will be demonstrated including version control, testing and validation, and continuous integration/deployment workflows.
Additionally, we will explore different strategies for utilizing DaC from various end user perspectives. For instance, perhaps as an MSSP you need to manage multiple customers‚ and dev/prod rulesets. Perhaps you have different data sources that require separate or custom schemas for validation. Perhaps you may need automation but you have air gapped networks. Whatever your specific use case, this talk will endeavor to provide the necessary tools and insights to effectively manage your security rules.
1:00 - 1:50 pm (Room 2)
Encrypting Your Infrastructure Without Getting Fired
Presenter: Matt Moen
Track: Innovation in Cybersecurity
As we push things like Kubernetes clusters to edge installations for reduced latency and increased availability, how protected are they against crowbar theft? Encrypting their disks reduces these risks, but then you discover corner case s in production where your servers aren't automatically decrypting, and you've effectively DoSed yourself. Oops.
We'll explore an alternative with network-based decryption without escrow or proprietary hardware using the Open Source Linux tools Tang and Clevis.
1:00 - 1:50 pm (Room 3)
Making AutidD work for you: How to
Presenter: Truvis Thornton
Track: Offensive/Defensive Security
The goal of this talk is to go over the basics of AuditD, how it works, what it does, and how to best tune the service so that it can be best used in any environment without flooding log stores. From there will talk about how to monitor Linux machines for threats and audit changes for specific files and directories.
Once we know the basics, we will shift over with how to build out detections without being over whelmed by all the data and poor parsing and how to parse the data in a way that we can uses it. Once parsed, we can now better utilized the logs and attempt to detect 0days along with suspicious script executions and see what actions they were performing,
1:00 - 1:50 pm (Room 4)
From Patterns to Compliance: Leveraging Generative AI into SOC 2 Auditing
Presenter: Tanvi Nandamudi
Track: Governance, Risk, and Compliance (GRC)
Generative AI introduces a transformative technology in which artificial intelligence systems can learn patterns from existing data, text, images, music, and other media to create new content or ideas. A SOC 2 audit evaluates an organization's controls related to security, availability, integrity, confidentiality, and privacy to align with the trust services criteria established by the AICPA.
This presentation aims to explore the convergence of generative AI and SOC 2 auditing highlighting their roles in enhancing organizational data, security, confidentiality, and compliance. SOC 2 certification plays a crucial role in ensuring the protection and confidentiality of customer data building trust and reducing the risk of breaches. Additionally, it assures data integrity and availability, supporting informed decision-making and compliance with regulatory standards.
As the implementation of AI within organizations has advantages such as risk identification, and automated security patching, organizations face significant challenges in managing AI-based risks. These inherent risks introduce additional complexity to organizations, making these risks even more challenging to manage. The research presented during this talk demonstrates that while these tools improve efficiency, they also present vulnerabilities that can compromise security and privacy.
Incorporating generative AI into a board-level decision-making process enhances strategic planning and risk management. Board members must fully understand AI’s capabilities and proactively address ethical and legal concerns such as data access, policies, and procedures. A rigorous vetting process for AI outputs is crucial for the safe integration of generative AI into SOC operations. Consistent interaction with vendors is vital for ensuring compliance with governance and standards.
In conclusion, coordinating the merger between generative AI and SOC 2 auditing involves a balanced strategy that maximizes benefits while mitigating associated risks promoting innovative solutions for organizational security and regulatory compliance in the digital era.
2:00 - 2:50 pm (Room 1)
SOC 2 Reports for InfoSec Professionals
Presenter: Michael Brown
Track: Governance, Risk, and Compliance (GRC)
As companies are more and more relying upon third party vendors to run their business and provide services to their customers & clients, the concern about these vendors have increased. We rely upon them to host our data, rely upon the systems and services they provide (from Office 365 to various cloud services), and more. If something goes wrong with a vendor, you can be impacted, maybe put out of business. And something that used more and more in this space are the SOC reports: SOC 1, 2, 3 and more. In particular the SOC 2 report.
But what IS this SOC 2 report? What does it contain, how do you as an infosec professional put it to use? And what do you do if your employer says YOU need to get one for the company?
In this presentation, you’ll learn what the AICPA’s suite of SOC reports are all about. What is contained within a SOC 2 report and how to understand it. Then how can you use it as a tool for vendor management, with a discussion of how they are actually used. And if you need to prepare your company for a SOC 2 assessment, what does that entail? What controls will you need to put in place, what evidence you will have to gather, and what is the experience like overall.
The author has both assisted clients in obtaining their first SOC 2 reports and current must ensure his employer obtains theirs annually. If you are confused or daunted about SOC reports, this is the presentation for you!
2:00 - 2:50 pm (Room 2)
Unlocking Security: Embracing Passwordless Authentication and Zero Trust
Presenter: Abrom Douglas III
Track: Innovation in Cybersecurity
Passwords are often the weakest link in cybersecurity, with over 80% of data breaches involving stolen or weak passwords.
In this talk, we'll explore the future of authentication with technologies like FIDO2, WebAuthn, and Passkeys, diving into how they enhance security by eliminating the need for traditional passwords. We'll also touch on the essentials of a zero trust architecture and its intersection with identity and authentication strategies- ensuring robust protection for your critical workloads, data, and infrastructure.
2:00 - 2:50 pm (Room 3)
Threat Hunting: Be the Hunter, not the Hunted
Presenter: Gabriel Simches
Track: Offensive/Defensive Security
The Cyber Threat Landscape is constantly evolving. Defensive tools are constantly being developed and Threat actors are finding new was to stay hidden. Threat Hunting utilizes the Pyramid of Pain (will be explained in talk) to focus on malicious activity that cannot be hidden, TTPs. Focusing on IOC detection is easy and becomes less effective as the threat actor becomes more sophisticated.
This talk will explain Threat Hunting, the benefits, how-to do it, and that every organization can and should be doing it. Responding to a security incident is different than looking for an incident to stop it in it's tracks. Many organizations are still unaware of what Threat Hunting actually is as it's still a bit novel in the Cyber community.
My talk will combine my military experience with my time at Mandiant/Google and how vital threat hunting can be. Free, open-source, and paid resources/tools will be provided in the talk. Everyone who attends should walk away with the following: A firm understanding of what Threat Hunting is, how it can benefit their organization regardless of the size or budget, and how-to do it (with resources for further training/learning).
2:00 - 2:50 pm (Room 4)
Reviewing Xbox & Xbox 360 Security from a Halo Modder
Presenter: Connor Tumbleson
Track: Offensive/Defensive Security
This talk examines the evolution of Xbox modding, focusing on the game Halo from the original Xbox to the Xbox 360. We'll discuss detailed methods like hardware modifications and software modifications using exploits to bypass system protections.
3:00 - 3:50 pm (Room 1)
Passwords.... Your #1 Defense Against Cyber Attacks
Presenter: Joel Sierra
Track: Offensive/Defensive Security
Explore the evolution from traditional passwords to cutting-edge passwordless technology. Uncover the benefits, security features, and how to seamlessly transition to a safer, user-friendly authentication system.
3:00 - 3:50 pm (Room 2)
Educating Your Guesses: How To Quantify Risk and Uncertainty
Presenter: Sarah Anstey
Track: Governance, Risk, and Compliance (GRC)
Asking for budget and justifying spend in cybersecurity departments can be a difficult task due to limited data and high uncertainty of future events. This talk will dive into quantitative risk analysis as it relates to cybersecurity - how to model uncertain events and understand financial risk. Attendees will see a first hand demonstration of how quantitative modeling can be used to communicate risk and understand ROI. Attendees will walk away with the tools needed to present cyber risk as a dollar amount that can be easily understood by other business decision makers at their company.
3:00 - 3:50 pm (Room 3)
The Future of Fear: Social Engineering with an AI Twist
Presenter: Erich Kron
Track: Offensive/Defensive Security
AI has become a very useful productivity tool and a powerful way to come up with fresh ideas and strategies. Unfortunately, cybercriminals are also finding value in how they conduct their elicit business ventures. Social engineering is an incredibly effective tactic for cyber criminals to gain initial network access, and AI is providing them with the tools they need to twist emotions into a weapon against us.
Most social engineering tactics rely on a person's discomfort in pushing back against an attacker or a fear of a negative consequence if they don't perform an action. Generative AI and other modern tools that allow bad actors to spoof phone calls, text messages or emails, are making it much easier to attack organizations and to scale their operations with far less effort.
In this session we will look at how emotions are used against people, where AI is making this easier and more effective, plus some defensive techniques to help counter these advances.
3:00 - 3:50 pm (Room 4)
Navigating Cybersecurity Maturity Model Certification (CMMC)
Presenter: Stacey Oneal
Track: Governance, Risk, and Compliance (GRC)
This presentation addresses the critical and evolving landscape of cybersecurity through a focused exploration of the CMMC. as organization increasingly face sophisticated cyber threats, compliance with CMMC becomes paramount.
Our session will delve into comprehensive strategies, best practices, and real-world case studies to guide attendees in achieving and maintaining CMMC compliance.
From understanding the framework's nuances to implementing effective security measures, this presentation promises valuable insights for professionals seeking to fortify their cybersecurity posture.
Post-Conference Networking and After Party
Closing Remarks & Awards
​Join us at Bayboro Brewing Co. for post-event networking!
2390 5th Ave S, St. Petersburg, FL 33712
We'll head over there to hand out awards and prizes for the Capture The Flag event.
First 100 attendees to show their conference badge will get a free drink ticket. :-)