Skip to content
Cybersecurity Outlook 2022
Virtual Event
December 8, 2021
11:00 AM – 5:00 PM EST
(8:00 AM – 2:00 PM PST)
Cybersecurity Outlook 2022 Virtual Event

Join Omdia, Black Hat and Dark Reading at this free, all-day virtual event offering expert insight on the cyber-threats and trends enterprises will face in the coming year.

On December 8, Cybersecurity Outlook 2022 will look at some of the new threats posed by online attackers, as well as evolving products and technologies that may mitigate those threats. You’ll hear from some of the cybersecurity industry’s top thinkers, as well as researchers who have been studying the next wave of cyber vulnerabilities and exploits.

Among the topics that will be covered at Cybersecurity Outlook 2022:

  • New threats and attack trends that will emerge in the new year
  • The evolution of new security operations technologies, including XDR and DNS security
  • Next-generation approaches to current security problems, such as ransomware and zero-day exploits
  • Newly-discovered security vulnerabilities in the industry’s most prevalent computing systems, including Active Directory
  • Trends in cybersecurity research and the next wave of security flaws emerging in current enterprise technology
  • An overview of trends in malware development, including ransomware and database attacks
  • Key steps your organization should take to prepare for emerging threats in 2022

And much more!

December 8, 2021
11:00 AM – 5:00 PM EST
(8:00 AM – 2:00 PM PST)
AGENDA
OMDIA KEYNOTE 1
2022 Outlook: Threats and Trends Every Enterprise Should Watch For
Speaker: Maxine Holt, Senior Director, Omdia

In 2021, enterprises saw a variety of new cyber threats arriving at their gates, including new supply chain vulnerabilities exposed via the late 2020 SolarWinds attack, and a direct attack on water systems in Florida. At the same time, a variety of new technologies emerged for cyber defense, including new detection and response (XDR) systems and a plethora of tools for protecting remote systems and home workers.

In this keynote address, Maxine Holt, head of Omdia Research’s cybersecurity practice, offers a forward-looking view on the threats, technologies and trends expected for 2022, and provides advice on how to prepare for them.

Sponsored by

Speakers

Maxine Holt
Senior Director, Omdia
Eric Parizo
Principal Analyst, Security Operations, Omdia
Fireside Chat
Speaker: Jason Dobbs, Chief Technology Officer, PKWARE

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Sponsored by

Speaker

Jason Dobbs
Chief Technology Officer
PKWARE
SPOTLIGHT VIDEO
Spotlight Video
Presented by: Presented by…

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Sponsored by
Presented by
Presenter Name
Presenter Title
Presenter Company
Presenter Name
Presenter Title
Presenter Company
NETWORKING BREAK
Networking Break

Sponsored by: Fortinet

OMDIA KEYNOTE 2
XDR: The Nexus for Tomorrow’s Security Operations
Speaker: Eric Parizo, Principal Analyst, Security Operations, Omdia
Moderator: Tanner Johnson, Principal Analyst, Omdia

The unprecedented volume and sophistication of cyberattacks in 2021 has highlighted the critical need for enterprises to step up their game in detecting, correlating, and responding to online compromise. One of the most critical trends expected to hit security operations centers in 2022 is the emergence of XDR – the set of tools needed to swiftly analyze cyber data and stop online attacks before they do damage to critical data.

In this insightful keynote address, Omdia principal analyst Eric Parizo offers insight on the future of XDR technology, and recommendations on how enterprises can make the best possible use of emerging detection technologies.

Sponsored by
Speaker
Eric Parizo
Principal Analyst, Security Operations,
Omdia
Tanner Johnson
Principal Analyst, Omdia
Fireside Chat
Speaker: Thomas Clavel, Director of Product Marketing, ExtraHop

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Sponsored by
Speaker
Thomas Clavel
Director of Product Marketing,
ExtraHop
SPOTLIGHT VIDEO
Spotlight Video
Presented by: Presented by…

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Sponsored by
Presented by
Presenter Name
Presenter Title
Presenter Company
Presenter Name
Presenter Title
Presenter Company
NETWORKING BREAK
Networking Break

Sponsored by: Fortinet

BLACKHAT SESSION 1
Can You Hear Me Now? Remote Eavesdropping Vulnerabilities in Mobile Messaging Applications
Speaker: Natalie Silvanovich, Security Researcher, Google
Moderator: Eric Parizo, Principal Analyst, Security Operations, Omdia

On January 29, 2019, a serious vulnerability was discovered by multiple parties in Group FaceTime which allowed an attacker to call a target and force the call to connect without user interaction from the target, allowing the attacker to listen to the target’s surroundings without their knowledge or consent. While this remarkable bug was soon fixed, it presented a new and unresearched attack surface in mobile applications that support video conferencing.

This presentation covers my attempts to find similar bugs in other messaging applications, including Signal, JioChat, Mocha, Google Duo, and Facebook Messenger.

Sponsored by
Presented by
Natalie Silvanovich
Security Researcher,
Google
Eric Parizo
Principal Analyst, Security Operations,
Omdia
Fireside Chat
Speaker: Patrick Carey, Sr. Director of Product Marketing, Synopsys

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Sponsored by

Speaker

Patrick Carey
Sr. Director of Product Marketing
Synopsys
SPOTLIGHT VIDEO
Spotlight Video
Presented by: Presented by…

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Sponsored by
Presented by
Presenter Name
Presenter Title
Presenter Company
Presenter Name
Presenter Title
Presenter Company
NETWORKING BREAK
Networking Break

Sponsored by: Fortinet

BLACKHAT SESSION 2
ERROR: BadAlloc! – Broken Memory Allocators Led to Millions of Vulnerable IoT and Embedded Devices

Speaker: Omri Ben-Bassat, Security Researcher, Section 52 at Azure Defender for IoT, Microsoft and Tamir Ariel, Security Researcher, Section 52 at Azure Defender for IoT, Microsoft

Moderator: Tanner Johnson, Principal Analyst, Omdia

“BadAlloc” is our code name for a class of integer-overflow related security issues found in popular memory allocators’ core functions such as malloc and calloc. BadAlloc vulnerabilities affect 17 different widely used real time operating systems (i.e., VxWorks, FreeRTOS, eCos), standard C libraries (i.e., newlib, uClibc, Linux klibc), IoT device SDKs (i.e., Google Cloud IoT SDK, Texas Instruments SimpleLink SDK) and other selfmemory management applications (i.e., Redis).

Some of these vulnerabilities go as far back as the early 90’s and all of them collectively impact millions of devices worldwide, mainly IoT and embedded devices as this was out of focus.

In this talk, we’ll present some of the most interesting findings and discuss how we found them. We’ll do a quick root-cause analysis for each of the selected cases and show, in high depth technical level, how this specific kind of vulnerability could be leveraged to a full-blown remote code execution exploit on affected systems. We’ll discuss possible mitigation techniques and propose a method to check whether your application is affected by BadAlloc or similar vulnerability.

Finally, a demo of a working RCE exploit will be presented.

Sponsored by

Speakers

Omri Ben-Bassat
Security Researcher, Section 52 at Azure Defender for IoT,
Microsoft

Tamir Ariel
Security Researcher, Section 52 at Azure Defender for IoT,
Microsoft

Fireside Chat
Speaker: James “ec0” Hebden, Backend Engineer at Assetnote

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Sponsored by
Speaker
James Hebden
Backend Engineer,
Assetnote
SPOTLIGHT VIDEO
Spotlight Video
Presented by: Presented by…

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Sponsored by
Presented by
Presenter Name
Presenter Title
Presenter Company
Presenter Name
Presenter Title
Presenter Company
DARK READING PANEL SESSION
Rebuilding Remote Access Security for the Long Haul
Moderator: Kelly Jackson Higgins, Executive Editor, Dark Reading
Speakers: Alert Logic | Joshua Cigna, Solutions Architect, Yubico | Chenxi Wang, Managing General Partner, Rain Capital | Eric Thomas , Information Security Analyst, HD Supply
Panel: Tom Gorup, Vice President, Security Operations, Alert Logic

In 2020, the global pandemic forced enterprises to make overnight shift to digital business and work-from-home computing. After a year of holding security together with temporary fixes, many security teams are preparing for a new year and a new operating model that will likely combine both in-person and remote computing. In this panel, experts will discuss the outlook for enterprise computing in 2022, and the longterm steps security teams will need to make to support the “back to normal” computing model.

Sponsored by
Moderator
Kelly Jackson Higgins
Executive Editor,
Dark Reading
SPOTLIGHT VIDEO
Spotlight Video
Presented by: Presented by…

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Sponsored by
Presented by
Presenter Name
Presenter Title
Presenter Company
Presenter Name
Presenter Title
Presenter Company
SPOTLIGHT VIDEO
Spotlight Video
Presented by: Presented by…

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Sponsored by
Presented by
Presenter Name
Presenter Title
Presenter Company
Presenter Name
Presenter Title
Presenter Company
NETWORKING BREAK
Networking Break

Sponsored by: Fortinet

DARK READING PANEL SESSION
Ransomware, Zero Days, and Other Scary Things: A Look at Malware In 2022
Moderator: Kelly Sheridan, Staff Editor, Dark Reading
Speaker: Joseph (Joe) Carson, Chief Security Scientist & Advisory CISO

The past year brought a new wave of malware to enterprise security teams, including database attacks such as Meow and a new round of ransomware that affected well-known businesses and local schools alike.

What new and emerging malware should cyber defenders prepare for in 2022?

In this panel discussion, top experts will offer insight on new threats that may rear their heads in the new year, as well as holdover exploits that will roll over from 2021.

Sponsored by
Moderator
Kelly Sheridan
Staff Editor
Dark Reading
SPOTLIGHT VIDEO
Spotlight Video
Presented by: Presented by…

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Sponsored by
Presented by
Presenter Name
Presenter Title
Presenter Company
Presenter Name
Presenter Title
Presenter Company
SPOTLIGHT VIDEO
Spotlight Video
Presented by: Presented by…

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Sponsored by
Presented by
Presenter Name
Presenter Title
Presenter Company
Presenter Name
Presenter Title
Presenter Company

Prizes & Interaction

Attend the live conference on December 8th, 2020 and win! The more you participate, the more points you earn! It’s that simple. You’ll earn prize points for each activity you participate in throughout the virtual conference. Points will be calculated at the end of the live event day.
*Giveaways are limited to North American residents only. Winners are limited to one prize per calendar year for Informa Tech sponsored events.

Explorer Giveaway

30 Points

Session Viewed

25 Points

Zone Visits

20 Points

Location Chat Attended

10 Points

Documents Viewed

5 Points

Exchanged vCards

Diamond Sponsors
ExtraHop
PKWARE
hackerone
synopsys
Platinum Sponsors
ReliaQuest
thycotic
AlertLogic
yubico
Cybersecurity Outlook 2022
December 8, 2021
11:00am – 5:00pm EST
(8:00am – 2:00pm PST)

Natalie Silvanovich
Security Researcher,
Google

Natalie Silvanovich is a security researcher on Google Project Zero. Her current focus is messaging applications and video conferencing. Previously, she worked in mobile security on the Android Security Team at Google and as a team lead of the Security Research Group at BlackBerry, where her work included finding security issues in mobile software and improving the security of mobile platforms. Outside of work, Natalie enjoys applying her hacking and reverse engineering skills to unusual targets and has spoken at several conferences on the subject of Tamagotchi hacking.

Maxine Holt
Senior Director,
Omdia

Maxine leads Omdia’s cybersecurity research, building and developing a comprehensive research program in this area to support vendor, service provider, and enterprise clients. Topics include infrastructure security, security operations, identity, authentication, and access, data security, IoT cybersecurity, and enterprise security management. Having worked with enterprises across multiple industries in the world of information security, Maxine has a strong understanding of enterprise security management – the Office of the CISO, the security challenges faced and how organizations can look to overcome these challenges, with a particular interest in how all the component parts of security combine to make up an organization’s security posture.

Eric Parizo
Principal Analyst, Security Operations,
Omdia

Eric supports Omdia’s Cybersecurity Accelerator research practice, guiding vendor, service provider, and enterprise clients. He provides thought-leading analysis and contributes to custom research. His specializations include enterprise security operations (SecOps) and enterprise infrastructure security technology, with a focus on enterprise network security and security architecture integration. 

Eric has been covering, researching, or speaking on topics related to enterprise information technology for approximately 20 years.

Prior to joining Omdia (formerly Ovum) in 2019, Eric spent four years at GlobalData, where he was responsible for tracking and analyzing the enterprise network security product segment as well as the top-tier enterprise security vendor technology and strategy. 

Eric previously spent approximately 15 years as a technology journalist and a multimedia editor at leading B2B publisher, TechTarget, most recently serving as executive editor for the Security Media Group. He is a nine-time ASBPE award winner, the B2B publishing industry’s most prestigious award for excellence

Jason Dobbs
Chief Technology Officer,
PKWARE

Jason Dobbs, Chief Technology Officer PKWARE, boasts more than 20 years’ experience in software and product development. He is responsible for driving the product roadmap execution, overseeing software development, and leading lifecycle management for PKWARE’s entire software catalog. Prior to joining PKWARE, Dobbs held multiple leadership roles with SafeNet, most recently as a Managing Partner focused on corporate strategy and revenue generation.

Dobbs has been a vital part of several development teams, from launching software with startup Vesuvius Technologies to consulting on interactive technologies with Centare Group. His wide range of expertise and experience includes technology, IT, sales leadership, and management.

When he is not working on software development, Dobbs enjoys coaching youth robotics teams in his community and is an avid curler. He holds a BB in Information Systems from the University of Wisconsin.

Orin Thomas
Cloud and Datacenter Expert

Orin Thomas has written more than 3 dozen books for Microsoft Press on topics including Windows Server, Windows Client, Azure, Office 365, System Center, Exchange Server, Security, and SQL Server. He has authored Azure Architecture courses at Pluralsight, has authored multiple Microsoft Official Curriculum and EdX courses on a variety of IT Pro topics, speaks at conferences around the world, and is completing a Doctorate of Information Technology on cloud computing security and compliance at Charles Sturt University. You can follow him on twitter at twitter.com/orinthomas

Thomas Clavel
Director of Product Marketing,
ExtraHop

Tom Clavel is director of security products and solutions at ExtraHop. His insights into the evolution of enterprise security and cyber threats draw from 20 years of experience in the networking and security industry, having led organizations at AWS, Cisco, Gigamon, CommScope (then Ruckus Wireless), and Thales Digital Identity & Security (then Schlumberger Smart Cards). Tom has a Master of Business Administration and a Master of Engineering on product design and supply chain, both from Northwestern University.

Patrick Carey, Sr.
Director of Product Marketing,
Synopsys

Patrick Carey is Sr. Director of Product Marketing for Synopsys Software Integrity Group where he is laser focused on bringing solutions to market that help development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity.

James Hebden
Backend Engineer,
Assetnote

By day, James is a multi-disciplinary hacker, with experience in software engineering, DevOps, systems & network engineering, and application & infrastructure security. By night, James dabbles with hardware design, coding in Rust and security research, including Internet-wide recon and network & IoT device hacking. James is also a member of the OWASP DevSlop show’s Australian host crew and has spoken at & designed electronic badges for BSides Canberra.