Cybercrime has matured dramatically, with large cybercriminal groups now operating as well-organized business syndicates. Under the cover of the Dark Web marketplace they offer cybercrime-as-a-service options such as turnkey ransomware services with round-the-clock customer service lines. They sell stolen enterprise credentials, malware, and other hacking services, and not surprisingly, also scam and hack one another. In this keynote, an expert on cybercrime will explain how this dark ecosystem operates and continues to flourish — and provide tips on how to protect your organization from today’s sophisticated cybercrime syndicates.

China. Russia. Iran. North Korea. These four nations represent some of the most prolific and powerful nations with state-sponsored hacking teams that conduct cyber espionage of all flavors, from geopolitical and diplomatic spying to intellectual property theft. Some now even cross the line into cybercrime with ransomware, extortion, and data-wiping attacks. Other nations are ramping up their hacking teams for their national interests as well, such as India, Pakistan, and Vietnam. In this keynote, an expert on nation-state cyber operations will share the latest trends and operations of nation-state hacking groups and the threats they pose to businesses and organizations of all sizes.

There are various threat intelligence feeds and information about the latest threat groups, campaigns, and their tactics, techniques and procedures (TTPs) coming from security vendors as well as the Cybersecurity and Infrastructure Security Agency (CISA). How do you know which threat intel applies to your organization? How can you map MITRE’s ATT&CK framework to your security architecture? In this panel discussion, experts will provide insight and guidance on how to harness threat intelligence data as well as the ATT&CK framework and weave them into your existing security tools and operations.

Cybercrime and nation-state hacking teams continue to mature, evolve, and pivot to evade detection by security teams. For security operations teams, that means trying to stay a step ahead of the adversaries by ensuring you have visibility into all your devices, identities, and online assets, both in the network and in the cloud. It also calls for proactive security practices such as regular vulnerability scanning and penetration testing, and threat hunting by the security team or your security service provider. In this panel discussion, red team experts share insights on how to execute these practices, the emerging technologies that support them, and how to apply the findings and discoveries to shore up your defenses.

Security teams today juggle dozens or more security tools— many of which are not well-integrated. Often, they don’t have the resources needed to fully realize all the features of the tools, which can impede their ability to respond properly and efficiently to a security incident. How can the cloud and AI be harnessed to streamline and empower security analysis in the age of SaaS and other infrastructure security challenges? What types of processes and tools can help sift through this telemetry to ferret out actual threats or attacks? In this panel discussion, experts will discuss these issues and how SecOps teams can improve their detection and analysis of a security event before it escalates.