MONDAY MORNING KEYNOTE
INSIDE THE MIND OF AN ATTACKER
Social engineering is king. Email is the primary delivery vector. It’s easier to find someone who will click than to find an exploit for an operating system. The attacker simply needs to know who has access to the data they want, then get creative. The org chart is the new zero-day—and today it’s publicly available on social media. Most security teams don’t have the same perspective that the threat actors do—they think of their attack surface in terms of VLAN and IP address, instead of department, or job title. By enriching email threat data, from multiple organizations, with names, job titles and functions; we will paint a picture of the current threat landscape and bridge the gap between what the attacker targets, and what the security team assumes they must defend.
MONDAY LUNCH KEYNOTE
DEFENDING THE 9TH LARGEST ECONOMY IN THE WORLD - IN CYBERSPACE
Often backed by Russia, China, and other nation-states, adversaries are now using cyberattacks as an element of national power. Cyber is an existential economic and military threat. Since Texas is the home of some of the most strategically important critical infrastructure for the U.S., we must protect the state in cyber. Building resilience is not just a state-wide priority; it is a national urgency. Now is the time for action. The public sector can drive Texas’s role as a national leader in the digital economy, modeling best practices for other states to follow. General Alexander will highlight ways public-sector organizations throughout Texas can work alongside private-sector companies, through Collective Defense, to defend as a unified front against cyber threats such as ransomware, phishing attacks, malware, and other attack campaigns.
Sherrod DeGrippo
Sherrod DeGrippo is the VP, Threat Research and Detection for Proofpoint. She leads a worldwide malware research team to advance Proofpoint threat intelligence and keep organizations safe from cyberattacks. With more than 15 years of information security experience, DeGrippo successfully directs her 24/7 team to investigate advanced threats, release multiple daily security updates and create scalable threat intelligence solutions that integrate directly into Proofpoint products.
Prior to Proofpoint, she led Nexum’s information security professional services practice for penetration testing, web application assessment, risk assessment and security consulting. Before Nexum, DeGrippo served as a senior solutions engineer for Symantec and was responsible for managed security solutions. Along with these positions, she has created internal services offerings for top secret government facilities and is a former Georgia Tech Linux Users Group officer.
A frequent incident response and forensics speaker across user groups, DeGrippo holds numerous certifications including SANS GCFA - GIAC Certified Forensics Analyst, SANS GCIH - GIAC Certified Incident Handler, and NSA INFOSEC Assessment Methodology (NSA-IAM). DeGrippo was named Cybersecurity Woman of the Year in the 2022 Cybersecurity Excellence Awards.
Founder and Co-CEO of IronNet, Inc., General (Ret) Keith Alexander is reinventing how industries approach cybersecurity.
General Alexander is a four-star general with an impressive 40-year military career, culminating in his role of the Director of the National Security Agency (NSA) and Chief of the Central Security Service (CSS) from 2005-2014. While serving as the NSA Director, General Alexander was appointed by Congress to be the first Commander to lead the U.S. Cyber Command (USCYBERCOM). He held this role from 2010-2014, establishing and defining how our nation is protected against cyber attacks.
Today, General Alexander is a sought-after thought leader who speaks regularly on the state of the nation in cyber, appearing on Bloomberg News, “Meet the Press,” Washington Post LIVE, among others.
TUESDAY MORNING KEYNOTE
STATE AND LOCAL GOVERNMENT INCIDENT RESPONSE PANEL
AGENDA
| Monday, May 16, 2022 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 7:30 AM - 8:30 AM | Breakfast in Exhibit Hall 7:30 AM - 8:30 AM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 7:30 AM - 4:30 PM | Registration Open 7:30 AM - 4:30 PM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 8:30 AM | Welcome Remarks 8:30 AM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 9:00 AM - 10:00 AM | Monday Morning Keynote INSIDE THE MIND OF AN ATTACKER 9:00 AM - 10:00 AM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 10:00 AM - 10:30 AM | Break in the Exhibit Hall 10:00 AM - 10:30 AM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 10:30 AM - 11:30 AM | Handling Open-Source Code: Log4Shell, Shellshock, Heartbleed, and more 10:30 AM - 11:30 AM | Building a K12 InfoSec Program and What Security Vendors Can Do to Help 10:30 AM - 11:30 AM | Securing and Enabling Your Cloud Journey 10:30 AM - 11:30 AM | We Need to Talk About Ransomware 10:30 AM - 11:30 AM | Texas: Let's get SASSY! 10:30 AM - 11:30 AM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 11:30 AM | Monday Lunch & Keynote DEFENDING THE 9TH LARGEST ECONOMY IN THE WORLD - IN CYBERSPACE 11:30 AM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 1:00 PM - 2:00 PM | Beneath the Surface - Keeping Up with Modern Application Security 1:00 PM - 2:00 PM | How Texas Government Organizations Should be Maturing Endpoint Management and Security 1:00 PM - 2:00 PM | How Build Situational Awareness into Your Third-Party Risk Program 1:00 PM - 2:00 PM | Tales from Your Friendly Incident Responders 1:00 PM - 2:00 PM | CIS Controls in the Real World 1:00 PM - 2:00 PM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 2:00 PM - 3:00 PM | Building a Zero Trust Plan 2:00 PM - 3:00 PM | The Five Pillars of Cybersecurity 2:00 PM - 3:00 PM | Preparing Your School District for Cybersecurity Attacks 2:00 PM - 3:00 PM | Empowering Modern Security Architecture with IGA and PAM as the Foundation to Zero Trust. 2:00 PM - 3:00 PM | Top Ten Steps to Defeating Ransomware 2:00 PM - 3:00 PM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 3:00 PM - 3:30 PM | Break - Exhibit Hall Open 3:00 PM - 3:30 PM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 3:30 PM - 4:30 PM | AI Vs AI- Future of Cyber Security 3:30 PM - 4:30 PM | Enhancing Cybersecurity with the MS-ISAC 3:30 PM - 4:30 PM | Validating Security Configuration Against MITRE Attacks 3:30 PM - 4:30 PM | Thinking About the Day After, Before the Day After 3:30 PM - 4:30 PM | 15 years of Risk Focused Security at UT Austin 3:30 PM - 4:30 PM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 4:30 PM | Conference Ends for the Day 4:30 PM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Tuesday, May 17, 2022 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 7:30 AM - 8:30 AM | Breakfast in Exhibit Hall 7:30 AM - 8:30 AM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 7:30 AM - 3:00 PM | Registration Open 7:30 AM - 3:00 PM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 8:30 AM | Welcome Remarks 8:30 AM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 9:00 AM | Tuesday Morning Keynote State and Local Government Incident Response Panel 9:00 AM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 10:00 AM | Break - Exhibit Hall Open 10:00 AM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 10:00 AM - 3:00 PM | Capture the Flag 10:00 AM - 3:00 PM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 10:30 AM - 11:30 AM | The Next Big Attack: How Texas State Government Can Protect Against Evolving Cyber Attacks 10:30 AM - 11:30 AM | How to Survive a Ransomware Attack and Live to Tell About It 10:30 AM - 11:30 AM | Using the NIST CSF to Develop Controls for Operational Technology 10:30 AM - 11:30 AM | Emerging Threats 10:30 AM - 11:30 AM | Play a Game for Your Brain 10:30 AM - 11:30 AM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 11:30 AM | Tuesday Lunch 11:30 AM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 1:00 PM - 3:00 PM | IR Redbook Training 1:00 PM - 3:00 PM | Play a Game for Your Brain 1:00 PM - 3:00 PM | Response Preparedness -Developing & Delivering a Quality Tabletop 1:00 PM - 3:00 PM | Live Simulated Cyber Attack on the UTSA Cyber Range 1:00 PM - 3:00 PM | Cyber Resilience Workshop 1:00 PM - 3:00 PM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 3:00 PM | Conference Ends 3:00 PM | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||