Skip to content
A Full-Day Event

Cybersecurity
Outlook 2023

December 13, 2022
11:00am – 5:00pm EST
This virtual event will focus on some of the new threats posed by cybercriminals and nation-states.

On December 13, Cybersecurity Outlook 2023 will look at some of the new threats posed by cybercriminals and nation-states, as well as evolving products and technologies that may help mitigate those threats. You’ll hear from some of the cybersecurity industry’s leading experts, as well as researchers who have been studying the next wave of cyber vulnerabilities and exploits.

This free, all-day virtual event hosted by Black Hat, Dark Reading and Omdia will offer expert insight on the cyber-threats and technology trends enterprises will face in the coming year.

Event Topics Include:
AGENDA
Keynote 1

2023 Outlook: What Trends are on the Near Horizon in Cybersecurity?

Keynote Speaker: Maxine Holt, Head of Omdia’s Cybersecurity Research Practice

Today’s world is digitally dependent and organizations must be resilient to enable continuous operations and leverage digital opportunities. Cyber-resilience is a core component of digital resilience, ensuring that the organization can continually operate despite security incidents or breaches. In this keynote address, Maxine Holt, head of Omdia’s cybersecurity research practice, provides insight into the cybersecurity trends on the near horizon that organizations should be preparing for, and provides advice on next steps.

Keynote 2

Risk Based Vulnerability Management (RBVM): Learning What To Prioritize And What To Ignore

Keynote Speaker: Andrew Braunberg, Omdia principal analyst

The unrelenting volume of newly discovered software vulnerabilities and the increasing speed and efficiency of attackers in exploiting these weaknesses, requires security practitioners to rethink their vulnerability management strategies. Organizations need to adopt a new generation of products that provide better visibility into distributed assets, support advanced analytics to accurately predict the business risk associated with each vulnerability, and prioritize and orchestrate remediation responses. In this keynote address, Omdia Principal Analyst Andrew Braunberg offers insight on the future of RBVM technology, and recommendations on how enterprises can make the best possible use of emerging proactive technologies.

Keynote 3

Off The Beaten Path: Web3 Security

Keynote Speaker: Nathan Hamiel, Senior Director of Research, Kudelski Security

Attacks on Web3 projects are all the rage. The exposure of projects and speed at which attackers can make off with millions of dollars have made them attractive targets for attackers and nation – states alike. This trend is only increasing. The stakes for developers are high because you have to get everything right, the first time. After all, there may not be a next time. Web3 projects are experiments playing out in full public view and we haven’t discovered all of the security issues yet. There will be more hacks, more losses, and more negative impacts. How did we get here? Is it all doom and gloom? What can be done?

This keynote is a grounded look at the factors contributing to the security failures we’ve witnessed, free from the hype and hatred associated with the space. We look at the similarities and differences between the development of this new technology and more traditional applications and how some of the attacks manifested. Better testing and tools aren’t enough to solve the problem. We discuss actionable steps projects and chains can use today to address these issues and make the ecosystem safer for projects and users.

Keynote 4

eBPF ELFs JMPing Through the Windows

Keynote Speaker: Richard Johnson, Senior Principal Security Researcher, Trellix Threat Labs

eBPF tracing is a hot new technology in the EDR and infrastructure space which provides high speed instrumentation and telemetry on events, processes, and network connections. eBPF is natively supported in the Linux kernel and is used in endpoint security products such as Carbon Black and Windows Defender for Linux. Last year, Microsoft released a completely new implementation of an eBPF tracing system for Windows which is destined to become a primary telemetry provider in the near future. eBPF for Windows has a complex architecture that leverages program analysis to verify unsigned user code via abstract interpretation before running it in a kernel context — integrity of the software is paramount. This research will be the first public work to analyze and discover security vulnerabilities in the new eBPF for Windows implementation. 

This keynote will discuss the capabilities and security model of eBPF for Windows, followed by details of the design and attack surface which will include the eBPF API, the trusted static verifier and JIT engine, and the kernel implementation of trace hooks and telemetry providers. During our deep dive into the implementation details, we will uncover vulnerabilities at multiple layers and discuss how they were found with demos of fuzzing Windows eBPF components and real-time bug discovery. Join us on this journey as we examine this emerging technology on Windows and the security implications of the new attack surface.

Panel 1

Managing the New Reality of a Remote & Hybrid Workforce

Sponsored by: Palo Alto Networks

It’s been nearly two years since the global pandemic forced enterprises to pivot practically overnight to digital business and work – from – home computing. While some workers have gone back to their offices, others are sticking with the remote work model, leavings security teams to support what is now the new normal: a combination of remote, hybrid, and office-based users. In this panel, experts will discuss this new reality of this hybrid workforce model in 2023, including the key endpoint and cloud security challenges and technologies security teams need to consider — as well as how it affects their own security operations teams who are now working remotely.

Panel 2

State of Malware: 2023

Sponsored by: CardinalOps / Immersive Labs

Cybercriminals and nation – state actors are constantly evolving their malicious code and attacks to be more stealthy, efficient, and lucrative financially. What new and emerging characteristics and capabilities of the biggest malware threats should security teams prepare for in 2023? In this panel discussion, top experts will offer insight on what malware and ransomware will look like in the new year and provide recommendations on best practices for defending against this malicious code, and discuss the emerging technologies that can help thwart them.

DEMO

Demo with Zscaler

Sponsored by: Zscaler

Cybercriminals and nation – state actors are constantly evolving their malicious code and attacks to be more stealthy, efficient, and lucrative financially. What new and emerging characteristics and capabilities of the biggest malware threats should security teams prepare for in 2023? In this panel discussion, top experts will offer insight on what malware and ransomware will look like in the new year and provide recommendations on best practices for defending against this malicious code, and discuss the emerging technologies that can help thwart them.

Cybersecurity Outlook 2023

December 13, 2022
11:00AM – 5:00PM EST
SPEAKERS

Phil Neray
VP of Cyber Defense Strategy, CardinalOps

Phil Neray is VP of Cyber Defense Strategy at CardinalOps. With 20+ years of cybersecurity experience, Phil comes to CardinalOps from Microsoft Security, which he joined after the acquisition of CyberX, an early innovator in IoT/OT security monitoring. He previously held executive roles at IBM Security/Q1 Labs, Guardium (acquired by IBM), Veracode, and Symantec. Phil has a BSEE from McGill University, is certified in cloud security (CCSK), and has a black belt in American Jiu-Jitsu.
Jiong Liu
Senior Director of Product Marketing, Wiz
Jiong Liu leads the product marketing team for Wiz, working closely with customers to securely accelerate their cloud journeys. Prior to that, Jiong led the GTM strategy and product marketing team for Okta's customer identity products and Business Value practice. Jiong holds bachelor’s degrees in Economics and Interdisciplinary Studies from the University of California, Berkeley, and an MBA from the University of Pennsylvania, Wharton School.
Noah Simon
Vice President of Product Marketing, Axonius
Noah Simon is Vice President of Product Marketing at Axonius. Noah is passionate about cybersecurity, and always seeking to understand how new technologies can help companies and individuals protect themselves from the continually evolving risk landscape. Noah has previously held product marketing roles at BitSight, Cybereason, and White Ops.
Mark Sangster
Vice President, Chief of Strategy, Adlumin Inc.
Mark Sangster is Vice President, Chief of Strategy at Adlumin Inc., a cybersecurity technology firm that focuses on revolutionizing how corporate institutions secure sensitive data and intellectual property while achieving compliance objectives through its managed security services platform. Before joining Adlumin, Sangster established his 20-year sales and marketing career at industry giants like Intel Corporation, BlackBerry, and Cisco Systems. His experience unites a strong technical aptitude and an intuitive understanding of regulatory agencies.
Kev Breen
Director, Cyber Threat Research, Immersive Labs
Kev Breen is the director of Cyber Threat Research at Immersive Labs where he researches new and emerging cyber threats. Prior to his civilian life Kev, spent 15 years in the military serving as a Radio Technician and Trunk Comms Specialist before transitioning to a Cyber Security Analyst, specializing in Malware Analysis. After leaving the military, he continued to work in Cyber Security running a CIRT team for a defense contractor before joining Immersive Labs.
Jason Georgi
Global Field CTO, Prisma SASE, Palo Alto Networks
Jason is the Global Field Chief Technology Officer for Prisma SASE at Palo Alto Networks. He is an accomplished technology executive with over 25 years of experience driving innovation and transformation initiatives across global organizations. Jason collaborates with CIOs, CTOs, and other technology leaders on strategies aimed at enabling business outcomes.
Nathan Hamiel
Senior Director of Research, Kudelski Security

Nathan Hamiel is Senior Director of Research at Kudelski Security where he leads the fundamental and applied research team. Part of the Innovation group working to define the future of products and services for the company, his team focuses on privacy, advanced cryptography, emerging technologies, and special projects. He is also responsible for the research function at the company, connecting the dots between the various business units and focusing on collaboration both internal and external to the company.

Richard Johnson
Senior Principal Security Researcher, Trellix Threat Labs

Richard Johnson is a computer security specialist with a focus on software vulnerability analysis. Currently Senior Principal Security Researcher at Trellix and Chief Research Officer of Fuzzing IO, Richard offers over 20 years of professional expertise and leadership in the information security industry. Current responsibilities include zeroday vulnerability research and development of advanced fuzzing and automated reverse engineering solutions.
Alberto Yepez
Co-Founder and Managing Director, Forgepoint
Alberto is a Co-Founder and Managing Director at Forgepoint. He is a serial entrepreneur with a proven track record of building global businesses and leading them to successful exits.
James Turgal
Vice President of Cyber Risk, Strategy, Board Relations, Optiv

James Turgal is the former executive assistant director for the FBI Information and Technology Branch (CIO). He now serves as Optiv Security’s vice president of cyber risk, strategy and board relations. James has personally helped many companies respond to and recover from ransomware attacks and is an expert in cybercrime, cyber insurance, cybersecurity, ransomware and more.

James draws on his two decades of experience investigating and solving cybercrimes for the FBI.

Allen Houchins
VP of Information Technology and Facilities, Jamf
Ryan Leininger
Cyber Incident Response & Readiness, Accenture
Ryan Leininger is a Sr. Security Manager at Accenture where he leads a team specialized in responding to complex data breaches and helping organizations better prepare for incidents. His experience as a practitioner has taken him across the globe to help organizations respond to and recover from high impact cyber intrusions.
Huxley Dunsany
Sr. Technical Enablement Engineer, Zscaler
Richard Johnson Senior Principal Security Researcher, Trellix Threat Labs
Richard Johnson is a computer security specialist with a focus on software vulnerability analysis. Currently Senior Principal Security Researcher at Trellix and Chief Research Officer of Fuzzing IO, Richard offers over 20 years of professional expertise and leadership in the information security industry. Current responsibilities include zeroday vulnerability research and development of advanced fuzzing and automated reverse engineering solutions.
Alberto Yepez
Co-Founder and Managing Director, Forgepoint
Alberto is a Co-Founder and Managing Director at Forgepoint. He is a serial entrepreneur with a proven track record of building global businesses and leading them to successful exits.
James Turgal
Vice President of Cyber Risk, Strategy, Board Relations, Optiv

James Turgal is the former executive assistant director for the FBI Information and Technology Branch (CIO). He now serves as Optiv Security’s vice president of cyber risk, strategy and board relations. James has personally helped many companies respond to and recover from ransomware attacks and is an expert in cybercrime, cyber insurance, cybersecurity, ransomware and more.

James draws on his two decades of experience investigating and solving cybercrimes for the FBI.

Allen Houchins
VP of Information Technology and Facilities, Jamf
Ryan Leininger
Cyber Investigations, Forensics, Response Senior Mgr., Accenture

Kelly Jackson Higgins
Editor-in-Chief, Dark Reading

Kelly Jackson Higgins is the Editor-in-Chief of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, Virginia Business magazine, and other major media properties. Jackson Higgins was recently selected as one of the Top 10 Cybersecurity Journalists in the US, and named as one of Folio's 2019 Top Women in Media. Follow her on Twitter @kjhiggins.

Fahmida Rashid
Features Editor, Dark Reading

As Dark Reading’s managing editor for features, Fahmida Y Rashid focuses on stories that provide security professionals with the information they need to do their jobs. She has spent over a decade analyzing news events and demystifying security technology for IT professionals and business managers. Prior to specializing in information security, Fahmida wrote about enterprise IT, especially networking, open source, and core internet infrastructure.

Tara Seals
Managing Editor, Dark Reading

Tara Seals has 20+ years of experience as a journalist, analyst and editor in the cybersecurity, communications, and technology space. Prior to Dark Reading, Tara was Editor in Chief at Threatpost, and prior to that, the North American news lead for Infosecurity Magazine. She also spent 13 years working for Informa (formerly Virgo Publishing), as executive editor and editor-in-chief at publications focused on both the service provider and the enterprise arenas.

Becky Bracken
Editor, Dark Reading

Becky Bracken is a veteran journalist covering cybersecurity for Dark Reading.
Maxine Holt
Senior Director, Cybersecurity (Omdia and Informa Tech)
Maxine Holt leads the Omdia cybersecurity research team and is the lead architect of the Omdia Cybersecurity Ecosystem. Maxine’s team delivers a comprehensive cybersecurity research program to support vendor, service provider, and enterprise clients in the areas of: data security; identity, authentication, access; infrastructure security; security operations; enterprise security management; IoT security; and emerging cybersecurity.

Andrew Braunberg
Principal Analyst, Omdia Cybersecurity

Andrew has been covering, researching, and speaking on topics related to enterprise information technology for approximately 20 years. He supports Omdia's Cybersecurity Operations (SecOps) Intelligence Service research practice, focusing on security operations center (SOCs) technology and trends, with a special focus on the proactive technologies used to avoid breaches such as risk-based vulnerability management (RBVM) and attack surface management (ASM).
Dan Mellen
Global Lead for Security Cloud and Infrastructure Practice, Accenture
Yaniv Bar-Dayan
Co-Founder & CEO, Vulcan Cyber
Frederick “Flee” Lee
CISO, Gusto
Ryan Alban
Sr. Manager of Global Solution Leads, Secureworks
Patrick Grillo
Senior Director, Solutions Marketing, Fortinet
Brad Moldenhauer
CISO – Americas, Zscaler
Nadav Arbel
Co-Founder & CEO, CYREBRO
Matt Mellen
Director, Security Operations, Palo Alto Networks
Mark Guntrip
Sr. Director Cybersecurity Strategy, Menlo Security
Jennifer Ayers
Consultant with NextJen, LLC
SPONSORS
Diamond
wiz-2
axonius_logo_stacked_small-3
Untitled-1
Platinum
CardinallOps-Logo--card
zscaler-logo_NEW-2
immersive-labs
palocards

Natalie Silvanovich
Security Researcher,
Google

Natalie Silvanovich is a security researcher on Google Project Zero. Her current focus is messaging applications and video conferencing. Previously, she worked in mobile security on the Android Security Team at Google and as a team lead of the Security Research Group at BlackBerry, where her work included finding security issues in mobile software and improving the security of mobile platforms. Outside of work, Natalie enjoys applying her hacking and reverse engineering skills to unusual targets and has spoken at several conferences on the subject of Tamagotchi hacking.