Keynote Sessions

  • Steve Stone, Rubrik

    Rubrik is on a mission to secure the world’s data, and they want to let you know how. With cyberattacks being an inescapable reality in today’s technology landscape, how do you guarantee that your organization’s data is secure? This keynote will explore current cyberattack trends and how Rubrik Zero Labs is delivering actionable, vendor-agnostic insights to reduce security risks.

  • Adrian Diaz, Unit 42

    Multiextortion tactics are on the rise. Threat actors are increasingly using data theft and harassment tactics to coerce victims into paying large ransoms. In fact, harassment as an extortion tactic was a factor in about 20% of Unit 42's monthly ransomware cases, on average, up from <1% over 18 months. That's 20X growth.

    As the threat landscape continues to evolve, it's imperative to understand your adversaries, reexamine your security posture and implement a more in-depth incident response plan to boost defenses.

    In the presentation, security expert, Adrian Diaz, Technical Director, Unit 42 will unpack key findings from our 2023 Unit 42 Ransomware and Extortion Report and recently released 2024 Unit 42 Incident Response report. 

    We'll discuss:

    • The rise of multiextortion tactics.

    • The financial impact of ransomware on organizations.

    • The true intentions of nation-states and APT groups.

    • What to expect from extortion groups in 2023.

    • Best practices to protect your organization.

Breakout Sessions

  • Casey Smith, Amazon

    Within Discord there exists a subculture that revolves around stealing user's accounts and selling them. Who are these threat actors? What is their motivation, how deep does the rabbit hole go, do they have a sense of humor and do they have a moral compass? Answer these questions and more as you follow the story of myself and 2 fellow security researchers who embarked on a journey over a year ago tracking down a few of the players that we ran into as well as the combined information war we waged against them. Along the way enjoy some trolling, profanity and loads of memes. During this track we will cover stealers, their prevalence in Discord, two of the larger actors and their infrastructure for distribution and sale of their malware as well as insights gained during the year-long effort 3 curious researchers decided to spend some of their free time with.

  • Joe Hopper, Fracture Labs

    IoT breaches continue to make headlines, with manufacturers often blaming 'sophisticated attacks'. This implies the victims were simply unlucky, but have you ever wondered exactly how these hacks occurred and what could have been done to prevent them? Whether your organization builds IoT devices or you're just an end user, you should be aware of the risks associated with IoT devices on your network and what can be done to reduce your risk.

    Joe Hopper, a professional hacker at Fracture Labs, unpacks how insecure IoT devices could affect you by walking through:

    - Is your organization really at risk?

    - What types of vulnerabilities have we discovered and exploited in IoT ecosystems?

    - What are the real vs theoretical risks?

    - How can you prevent and thwart IoT breaches?

  • Kurt Patz & Russell From AE Business Solutions

    In this session AE Security Team Members Russell From and Kurt Patz will share their thoughts on how making the transition from being the client, to being the technology partner has opened their eyes to a whole new side of the security landscape. What trends begin to emerge when you're working with multiple cybersecurity set ups vs. one? Is navigating these conversations easier now that they've worked on both ends of the aisle? Is the grass greener on the other side? Find out only at Deep608.

  • Dan Vargas, Cloudflare

     How the evolution to Secure Access Service Edge Architectures (SASE) will enable efficiencies, operational agility and improved security posture for your business and why this next industry transformation is key to stay ahead in the advent of AI. Not only will ransomware continue to propagate exponentially, so will other cyber attacks and your network and security stacks will have to work in concert to stay ahead. We'll share insight on partnering with organizations that can scale in performance and speed without a security trade off and discuss industry best practices that can help mitigate cyber risks.

  • David Lennon, FireMon

    The adage "You can't secure what you can't see" has resonated as a guiding principle for over two decades, and its importance has only grown in recent years. This presentation from the team originally tasked with mapping the internet will delve into the foundational role of comprehensive asset visibility in today's cybersecurity landscape, highlighting the complexities and challenges inherent in achieving situational awareness and cyber resiliency, as well as sharing effective strategies learned over the last 20 years.

  • Alex Minster, TraceLabs

    In this engaging presentation designed for DEEP608, a director of TraceLabs, an organization dedicated to improving the state of missing persons location and family reunification through cost-effective and transparent solutions, will introduce the concept of Open Source Intelligence (OSINT). The talk will explain OSINT's applicability across various hacker fields. Attendees will learn how increased information gathering capabilities can make the field more accessible. This is made possible through the contributions of a diverse community, providing content, tools, and techniques for individuals with varying levels of experience. The speaker will also discuss the essential steps for ensuring the accuracy and reliability of crowdsourced information. Real-life examples from TraceLabs' history will be presented to demonstrate the significant impact that crowdsourcing OSINT has had on various initiatives and investigations. The importance of promoting ethical use and the application of OSINT in diverse and constructive ways will be emphasized. Join us to explore the potential of crowdsourcing OSINT and learn how it fosters a collaborative, knowledgeable, and engaged community within the hacker world.

    CONTENT WARNING: Please be aware that this presentation may reference sensitive topics such as missing persons situations, suicide, human trafficking, and sexual abuse of adults and minors. While no explicit or mature content will be displayed, these topics may be mentioned as they are unfortunately related to the missing persons problem and are necessary for a comprehensive understanding of TraceLabs' mission. Attendee discretion is advised.

  • Tyler Petersen, Schellman Compliance

    See how adversaries can crack your user's passwords, and only spend a few dollars to do it! We'll delve briefly into password hashing, the tools and hardware required, and how the cloud is accelerating the speed at which passwords can be cracked. Come prepared with a few passwords in mind and see if they can be cracked! Passwords can be submitted before the talk and will be utilized during the demo.

  • Shane Sax, Racine County

    We will discuss what matters most to your executive leadership team and what should keep your CFO up at night. Your organizations cybersecurity affects who you can do business with, your credit/bond rating, and the value of your company. Learn about the emerging financial and liability implications of failing to protect your organization from cyber threats. We will specifically discuss SEC 8K/10k filings, as well as how a failure to manage and disclose could leave you personally liable.

  • Corey Rockwell, AE Business Solutions

    Dive into essential strategies for advancing your cybersecurity career with this insightful discussion. From acquiring certifications and pursuing ongoing education to avoiding siloing and strategically positioning yourself for desired roles, we'll explore key factors for career growth. Learn effective approaches for navigating job changes, maximizing the value of resources, and setting yourself up for success in the dynamic field of cybersecurity. Gain actionable insights to propel your professional journey forward and achieve your career objectives in the ever-evolving cybersecurity landscape.

  • Shane Harsch, SentinelOne

    AI promises a lot of things, but what can we expect in the coming months? What practical results are we already seeing? What will be experienced by operations and what operational changes will we need to plan and staff for? Is there a timeline for optimum automation vs assimilation? More importantly, should you pack a toothbrush, a torx driver, or both? Talk will be liberally sprinkled with demos and speculations aplenty.

  • Drew Schoeneck, WI Department of Justice

    When you are hit with ransomware or fall victim to a network intrusion, you might be feeling a bit overwhelmed and not sure what to do next.  Reporting the cyber incident might be the last thing on your mind.  You should be aware that there are excellent resources that can be found as soon as you report it to Internet Crime Complaint Center and law enforcement.  The DCI Cyber Crimes Unit and the FBI Milwaukee Cyber Squad routinely assist with and respond to incidents like these, and can likely help you navigate through the cyber-attack and investigate the crime that occurred.  You might even hear from us BEFORE you know you had a cyber incident.  This presentation will share some success stories of investigating and disrupting cyber threat actors like ALPHV/Blackcat, LockBit, and the Genisis Market in addition to providing some technical information found as part of these investigations.

  • Jestin Moe & Blake Standerfer, AE Business Solutions

    Businesses are constantly seeking ways to improve organizational security. One such option is the decommissioning of on-premises Active Directory (AD), a move that offers a multitude of benefits. we will dive into the advantages of this transition, pain points throughout the process, explore the strategies used by AE to achieve it, and provide guidance on navigating the removal of local AD dependencies.

  • Justin Bell, AE Business Solutions & Nathan Brooks, American Family Insurance

    In this session Justin Bell and Nathan Brooks will engage in a Q&A style presentation exploring how the American Family Insurance's journey to data protection unfolded.

  • Casey Cammilleri, Sprocket Security

    Unlock the secrets of modern security testing! Discover why traditional methods fall short in identifying new approaches to tackle challenges in attack surface management and offensive security testing. Learn the new testing strategies being used to help protect infrastructure and web applications.

  • Scott Deluke, Abnormal Security

    With the rise of GenAI and readily available tools to access it, there's been endless questions around how this will be used in our everyday lives for good, and unfortunately, also how the attackers will start leveraging this to create more sophisticated attacks on organizations and the people inside them. Come learn about what makes GenAI so different from what we have seen in the past and walk with me through the day in the life of an attacker and how they are using these tools against us already.

  • Drew Hjelm, Moxe

    Shift Left is the “Go West, Young Man” of DevOps and App Sec, where orgs are looking for the opportunities to build a robust security program to address risk before a breach happens. However, much like The Oregon Trail, the road is hard and requires a lot of skills and tools to make it all the way. We’ll look at how the tools you need to build your “Shift Left Posse” can fit together to make your code, systems, pipelines, and data secure.

  • Josh Colvin, AE Business Solutions

    Being on a blue team and/or working in a SOC is a tough job, regardless of job descriptions or job titles. The stress of the constant threat of cyberattacks is taking it toll on our defenders, and, if the unfortunate occurs and a ransomware attack is successful, the emotional and mental toll on defenders is enough to cause PTSD and make people walk away from cybersecurity as a whole. The best tech money can buy cannot replace the human element in IR scenarios, and we cannot continue to ignore the intangible elements associated with the mental health impact on the first-line defenders in our environments. We need use tech to enable our people to be better – not have them feel suicidal at the thought of dealing with a ransomware outbreak.

  • Justin Barnes, Dean Care

    Artificial Intelligence is emerging as a significant organizational change agent. Are you and your organization prepared for the change? Do you have ways to foster innovation? Are you protecting the organization, people, and sensitive data from risks? Join Justin for a discussion on how to prepare your organization for Artificial Intelligence by establishing guidance, mitigating risks, and experimenting safely.

  • Mike Thompson, Varonis

    See a ransomware attack play out from the attacker’s perspective – from initial intrusion and lateral movement, to data exfiltration and encryption.  This would be followed by an investigation of the attack via the Varonis platform from an Incident Response Analyst’s perspective to uncover the attack path, impacted data, and appropriate remediation items.

Special Sessions

  • This invitation only session will bring together top security executives to discuss today’s most pressing cybersecurity concerns. Interested in attending? Reach out to your AE Account Executive for more information.

  • Through these series of lab exercises, attendees will gain an understanding of the HPE Aruba Networking SSE solution. Lab sessions will be available throughout the day.