2023 Cybersecurity Conference

Day 1 - June 6, 2023

9:00 - 10:30 A.M.

Welcome Address
Keynote: “Cyber Resilience for the Public"

Quiessence Phillips, Amazon Web Services, Security Technical Program Manager
Former Deputy CISO, City of New York and Head of Threat Management, NYC Cyber Command 

11:00 -11:50 A.M.

What is Zero Trust?

Jeffrey Baez, Splunk

Zero trust is a philosophy and practice of network data security that assumes every user, device and service that attempts to connect to an organization’s network is hostile until proven otherwise. The fundamental principle of zero trust is to secure an organization’s data wherever it might live, allowing only legitimate users and entities access to relevant resources and assets. The modern data landscape includes cloud or SaaS deployments, data centers, remote workforces, mobile devices and a myriad of apps, which can no longer be protected by traditional security strategies. Allowing data and workloads to live, operate and be accessed in this expanded attack surface leaves many organizations increasingly susceptible to a host of security vulnerabilities and access issues. This problem was only compounded by industry-wide responses to COVID-19, in which companies moved quickly to support an all-remote work environment.

2023 Verizon Data Breach Investigations Report

Neal Maguire, Verizon Cyber Security Consulting

Based on forensic evidence collected from our partner organizations, as well as the Verizon caseload, the 2023 Verizon Data Breach Investigations Report (DBIR) presents a rare and comprehensive view into the world of corporate cybercrime. Now in its sixteenth year of publication, this research has been used by thousands of organizations to evaluate and improve their security programs. The presentation will discuss the evolution of results over the years, and delve into the people, methods, and motives that drive attackers today. Attendees will learn about the most common attacks that affect their industry. You will learn about the actors who perpetrate these incidents, the techniques they use to carry out their attacks, the assets they prefer to exploit to gain entry into their victim’s systems and networks, and the results of their actions. You will leave this session better equipped to make evidence-based decisions on the risks your organization faces on a daily basis.

Building Cyber Resilience: Why Does It Matter, and How Can You Get Started?

Jim Richberg, Fortinet 

In this talk, we will discuss why building cyber resilience is increasingly necessary for effective cybersecurity and explore how its benefits extend beyond cybersecurity. Building resilience is a focus of the new National Cyber Strategy and of operating principles, such as Zero Trust. The classic ingredients of people, process, and technology can be applied creatively and in multiple ways to solve this problem. This talk will explore some best practices and tips for building — and for funding — greater cyber resilience within organizations.

Download the Building Cyber Resilience: Why Does It Matter, and How Can You Get Started? presentation.

Case Studies Applying Machine-Learning in Cybersecurity

Eric Dull, Deloitte

Jeffery Janies, Deloitte 

Machine-Learning is a toolset that has many applications in cybersecurity, including threat detection, unknown behavior identification, threat intelligence, report generation, and behavior categorization. Using machine-learning isn't simple or easy, and successful application requires use case and tool understanding, broad data visibility, and flexible computing environments. We will share lessons learned successfully applying machine-learning to a variety of cybersecurity use cases. We will also discuss Generative AI and a perspective on where it can help in cybersecurity analysis and automation.

Why a Whole of Government Security Strategy Protects All New Yorkers

Moderator: Maria ThompsonSLG Executive Government Advisor - Cybersecurity, Amazon Web Services


Chris DeSain, CISO State of New York, NYS Office of Information Technology Services (ITS)

Meghan Cook, Director of the Cyber Incident Response Team, NYS Division of Homeland security and Emergency Services (DHSES)

Alyssa Zeutzius, Deputy Chief Cyber Officer for Policy, NYS Governor’s Office

Matt Singleton, Executive Strategist, CrowdStrike

Join us for a panel discussion on enhancing government security strategy through collaboration. Learn how the challenges of government can be mitigated by effective partnerships and the utilization of industry resources.

ASIA: Understanding Security Behavior

Paper: Behavior Development of Gig-Work Deviance Scale

Paper: Creating a Balance between Monitoring Practices and Flexible Work Arrangements

1:00 - 1:50 P.M

Zero Trust Cybersecurity Strategy for Government IT Leaders — How to Stay Ahead of the New Cyber Battleground

Chad Skipper, VMWare

Tommy John, VMWare 

As they contend with growing security challenges and attack vectors increasing in size and scale, today’s government organizations can become victims of malicious infiltration, and they may not even know about it. Though implementing Zero Trust solutions across their systems can often bolster defenses, questions remain on everything from improving visibility across these workloads to making more informed decisions across a broader cybersecurity ecosystem. In this session, we will discuss these issues and more, as well as learn how leading agencies are creating actionable insights for strategies on collaboration, risk mitigation, and everything in between.
Attendees will leave with an understanding of:

  • How to evaluate cybersecurity progress and posture within their organizations.
  • Strategies for eliminating blind spots with lateral security.
  • The ways to prepare your organization to make zero trust or defense-in-depth efforts successful.
Threat Landscape and Resources

Elijah Cedeno, MS-ISAC

Emily Sochia, MS-ISAC

Cybersecurity challenges face all types of organizations. The threats we see impacting the private sector are similar to the threats that the MS-ISAC has seen impacting State-Local-Tribal-and Territorial entities throughout New York State. These threat actors are not only after money, personal information and organization secrets, but they are also looking to damage your organization’s reputation. While no single organization can prevent these threat actors from targeting and infiltrating your network, there are resources provided at no-cost that can help mitigate these risks. Resources ranging from actionable intelligence and passive monitoring of your public information, to actively blocking malicious connections from establishing, are available at no-cost to over 15,000 organizations across the United States. During this presentation we will discuss the current threats impacting New York State and resources are that can minimize and mitigate these threats.

Download the Threat Landscape and Resources presentation.

Beyond Layers: Achieving Holistic Cybersecurity Through Tool Integration

Ryan Young, Vandis 

In today's interconnected world, cyber threats are more prevalent than ever, and businesses need to have a comprehensive approach to security to ensure they are protected against cyberattacks. Defense in depth cybersecurity practices involve multiple layers of defense that can prevent attacks from gaining a foothold in a network. However, having multiple layers of defense is not enough. It is essential to have the right tools in place that integrate with each other, provide the necessary visibility and reporting, and work seamlessly to protect your organization. In this presentation, we will discuss the importance of integrating security tools to interface with each other and ensure proper visibility and reporting from all your tools. We will explore how leveraging an in-house SIEM solution or partnering with a third-party SOC or MDR platform can help you achieve this. We will also provide examples of how this approach can help detect and respond to cyber threats more effectively, reduce risk, and increase overall cybersecurity posture. Join us for this informative and educational presentation on defense in depth cybersecurity practices and the importance of integrating security tools for better visibility and reporting. We will equip you with the knowledge and tools necessary to safeguard your business against cyber threats and ensure a secure and resilient infrastructure.

Download the Beyond Layers: Achieving Holistic Cybersecurity Through Tool Integration presentation.

How AI Embeds Human Bias and Distorts Our Decision Making

Antony Haynes, Albany Law

Leading diverse organizations not only requires consciously engaging human beings and culture but also requires carefully selecting and evaluating what automated systems are employed in all aspects of decision-making. Technologies ranging from resume scanners to language translation, from face recognition to criminal sentencing software, and all encode and perpetuate biases present in human society. These systems show we cannot program away human prejudice by blindly relying on computer code. The purpose of this talk is to raise awareness of the ways computer algorithms reflect the biases of their human designers and to present a call to action for a code of ethics and for benchmarking standards around automated decision-making systems.

How I Learned to Stop Worrying and Love My AI Overlords:  Ethics and AI in Data Protection

F. Paul Greene, Harter Secrest & Emery LLP

The genie is out of the bottle. For better or worse, AI is here and its implications as of yet unknown.  Whether it's used to write a term paper, identify and eliminate a target with a drone strike, or write your next Acceptable Use Policy, AI brings with it questions of agency, authenticity, identity, and ethics, all of which have strong implications for the field of data protection. This session will explore the emerging field of AI, whether it’s algorithmic decision making, machine or deep learning, or any of the various ChatGPT iterations, and its implications for data security and data protection more broadly. In this regard, AI resides at the intersection of privacy, security, authentication and identity, policy, automation, and accountability, offering solutions, and risks, to some of our most pressing data protection concerns. We will discuss approaches to ethical AI, unethical AI use cases (whether intentional or otherwise), and assess real-life risks created by a tool that will soon become ubiquitous. Attendees will leave with a better understanding of what AI can, and likely should, do in relation to data protection under a number of regulatory and ethical regimes.

ASIA: Privacy Breaches

Paper: Investigating HIPAA Cybersecurity & Privacy Breach Compliance

Paper: Privacy Paradox: Is it really a paradox?

2:10 - 3:00 P.M.

How Breaches Should Shape Your Zero Trust Strategy

Jeremiah Salzberg, CDWG

Zero Trust has become the big buzzword in the Information Security industry. However, Zero Trust is MUCH more than just a buzzword. In this talk, we’ll look at some recent breaches and discuss how a zero trust strategy/approach can help to limit the impact of a breach.

Download the How Breaches Should Shape Your Zero Trust Strategy presentation.

Business Email Compromises: An Evolving Attack

Courtney Dayter, Kroll Cyber Risk

Jamie Vendel, Kroll Cyber Risk

Throughout the last decade, cyber crime has continued to evolve and change, bringing many new attacks to the forefront of cybersecurity. While phishing has long been recognized as a significant security issue, Kroll’s investigations show that it is evolving to become an even greater threat. Kroll threat intelligence data that shows that phishing attacks increased by 122% in 2022. With the change of the year came a rise in usage of more advanced tactics, techniques and protocols. Kroll has seen a prevalence of attacker in the middle (AiTM) and advanced phishing emails, including domain name spoofing and multifactor authentication. Kroll’s presentation will explore methods used to gain access to a mailbox, establish persistence, toolkit development and mission execution within Business Email Compromises (BEC). BEC are a leading type of cyber attack that target organizations with the goal of stealing money or information. Kroll will provide guidance on how to improve email hygiene to protect your organization.

Download the Business Email Compromises: An Evolving Attack presentation.

A Brave New World: An Exploratory Look into the Next Century of Hacking and Cybercrime Tactics

Tyler Wrightson, Leet Cyber Security

What it will mean to be human and face the cybercrime challenges of the next century. Deep fakes, artificial intelligence, voice cloning, biometrics, robotics, holograms, cryptocurrency, smart contracts, smart devices, smart homes, smart cities, IOT: how do they all play a part in the safety and security of humans, and what will ransomware, malware, extortion, and kinetic attacks look like in the future? This is not a practical talk about what to do today, but rather an exploration of the crazy things that will happen over the coming years as technology continues to evolve and hackers and cybercriminals look to take advantage of it for their own profit.

AI in Cybersecurity: Navigating the Hype and Making Informed Decisions

Dean Maloney, GreyCastle Security

Hiring and retaining cybersecurity professionals is increasingly more complex, forcing companies to implement artificial intelligence to relieve the burden through automation. While AI offers real benefits today, it requires continued analysis and human expertise to understand cybersecurity's impact and limitations. Join us for a look at new emerging AI technologies, how to navigate the artificial intelligence hype, and how to make informed decisions that help secure you and your customers.     

  • Learning Objective #1: Define artificial intelligence, distinguish its distinct types, and recognize its purpose & common applications in current cybersecurity technologies.   
  • Learning Objective #2: Characterize the new emerging AI technologies that will become commercialized in the next 1-3 years.   
  • Learning Objective #3: Evaluate the efficacy and limitations of artificial intelligence's current commercialized capabilities through a provided scorecard when looking to include or expand them into your existing cybersecurity architecture or plan.    
  • Learning Objective #4: Design a comprehensive plan addressing your organization's top risks and threats that integrates human expertise and artificial intelligence.
Data Security: Common Misconceptions with Immutability & Recovery | Managing Endpoint Risk at Scale

Liam Kearns, Tanium

Shawn McElhinney, Rubrik, Inc.

In Part 1, you will hear how Public Sector customers still find themselves not being able to successfully recover their environments after a cyber attack. This discussion will focus on what constitutes as "immutability" and how that can impact obtaining/lowering cyber insurance and ensuring a successful recovery in a short amount of time. 

In Part 2, you will hear how tool complexity, expanding digital experience initiatives and hybrid working environments are increasing organizational risks today. This technical conversation will focus on how linear chain architecture can simplify the management of today’s risk, no matter where endpoints reside and at any scale.

ASIA: Active Defense

Paper: Honeypots and Honeytokens in Active Defense

Paper: Exploiting hacker biases to Thwart Hackers

3:20 - 4:15 P.M.

An Introduction to Zero Trust Architecture

Richard Conklin, Accenture

In the digital era, security teams are struggling to maintain control of the attack landscape, and it’s going to get harder. Perimeter-based network access was designed in a different time, for a different problem. As the problem is expected to persist, a new approach is required. The Zero Trust Model is changing how access is granted. In this session, attendees will receive an introduction to and a unique perspective of Zero Trust Architecture. You will learn the attributes of the Zero Trust security platform, prevailing client challenges and solutions, typical outcomes with Zero Trust security, as well as various deployment and governance models. You will also review industry frameworks and recommendations, client and vendor responses and common starting points for clients.

Uncover the Online Identity Threat Landscape and Path to Outsmart Risk

George Freeman, LexisNexis Risk Solutions

Discover critical updates on the current online identity threat landscape, learn why your online identity elements are being harvested, understand how Behavioral Biometrics can come to the rescue, gain insight into building a complete Identity Risk Workflow, and learn about the master person index (MPI) use case: the NY initiative for “One ID – NY.gov ID+” 
Digitalization drives fraud losses. Online identity fraud continues to negatively impact government organizations in the United States, increasing financial losses especially in citizen benefits programs. Internet fraud statistics continue to show a significant number of online portal “users” are BOTs, or fake identities. Sophisticated device compromises via social engineering, ‘Zero-day’ exploits, and advanced malware are leading to even more stolen identity data. As digital online identities continue to replace physical identities, government agencies are challenged to provide adequate online identity assurance, identity-proofing, and effective authentication workflows. Attendees will learn real-world best practices and workflows that provide comprehensive digital identity assurance and effective risk management with much needed visibility into the escalating threat of identity fraud. Workflow best practices like this exist and are enabling government agencies in all fifty states to improve equitable access initiatives.

Download the Uncover the Online Identity Threat Landscape and Path to Outsmart Risk presentation.

ChatGPT – Yes, It Generates Code…but Is It Secure? Leveraging Machine Learning and Artificial Intelligence Tools with Application Security Scanning

Chris Wysopal, Veracode

With the evolution of Artificial Intelligence (AI) and the ability to develop an application at the press of a button, attendees will receive key insights into application security, machine learning and ensuring government services are secure. Focusing on speed to deliver secure code, you will hear new techniques, auto remediation based on machine learning and best practices to leverage automation.

AI-Machine Learning-Data Management Governance & Controls Cloud Computing Best Practices: CNY Quantum Valley Pentagon-USAF-USSF Ventures Spanning Air-Space-Cyberspace-Outer Space

Yogesh Malhotra, Global Risk Management Network, LLC

Our CNY Quantum Valley AI-Machine Learning-Data Management (AI-ML-DM) Governance & Control Cloud Computing practices build on a 30-year foundation of sustainable digital systems and networks practices leadership, R&D ranked for impact among AI-Quant Finance Nobel laureates, and applied global industry benchmarks for self-adaptive complex systems and chaos engineering as the digital transformation pioneer profiled in Business Week, Computerworld, CIO Magazine, Fast Company, Fortune, Inc., New York Times, Wall Street Journal, etc. Our Digital CEO-CxO (CEO, CIO, CTO, CISO, CSO, CDO, CRO, CFO) leadership practices in sustainable cloud computing address three interrelated applied problems in an integrated manner: 
(a) Complex systems fail all the time;
(b) Cybersecurity is job zero for AI-agility and cyber-resilience, and
(c) Managing dynamic and adversarial uncertainty is critical for sustainability. 
Solving this ‘trilemma’ is essential for designing, building, and sustaining self-adaptive digital systems and digital networks spanning the world, as well as for CNY Quantum Valley Pentagon-USAF-USSF Ventures spanning air-space-cyberspace-outer space. As sustainable digital systems and digital networks pioneer, we lead risk mitigation of complex systems failures as self-adaptive complex systems and chaos engineering pioneers of human-centered AI systems, human-centered search, and human-centered networks advancing the human-centered world wide web. 
Building on our AI-ML-DM governance and control/risk management cloud computing practices, as well as Pentagon Joint Chiefs guidance ‘Beyond ABMS-JADC2’ spanning Air-Space-Cyberspace-Outer Space, with invited interviews for Pentagon USAF Chief Scientist while serving on Pentagon USAF C4I-ISR CTO-DoD CIO Team as Chief Data Scientist, we will share with you the latest advances in the AI-ML-DM governance and control cloud computing practices advancing on 30-year ‘Big 3-Cloud Computing’ practices leadership.

The Five Essentials of Ransomware Prevention

Chris Jensen, Tenable

To achieve optimal network security, you must implement a proactive and comprehensive approach to make your network a "hard target" capable of defending against ransomware and other damaging cyber attacks. In this presentation, you will learn five essential components of effective cyber defense, including:   

  1. Know your entire network – you cannot protect it if you don't know it is there.  
  2. Implement a dynamic, proactive vulnerability management program based on actual risk.  
  3. Choose the right security tools and use them for their intended purposes.  
  4. Look at your network from the attacker's perspective.
  5. Secure and proactively monitor your Active Directory to enable timely incident response and minimize damage in the event of a cyber attack.
ASIA: Cybercrime and Hacking

Paper: Improving Ethics Surrounding Collegiate-Level Hacking Education

Paper Investigating Cybercrime Using Code Authorship Analysis & 4P Forensic Conceptual Model