CyberDefenseCon 2025 Roundtables – Summary List
- A.I. and Machine Learning in Cybersecurity
- Advanced Attack Simulation and Purple Teaming
- API Security and Governance
- Cloud Security and Multi-Cloud Resilience
- Communicating Cyber Risk to Boards
- Continuous Threat Exposure Management (CTEM)
- Cyber Resilience for Critical Infrastructure
- Data Security, Privacy, and Resilience
- Defending Against Evolving Phishing and Social Engineering
- Fraud Prevention in the Age of Deepfakes
- Insider Threat and Privileged Access Management (PAM)
- Navigating Regulatory Compliance and Cybersecurity Frameworks
- Next-Generation Email and Collaboration Security
- Next-Generation Endpoint and Identity Defenses
- Offensive Cybersecurity, Threat Hunting, and Deception
- Operational Technology (OT) and IoT Cybersecurity
- Ransomware Resilience and Response
- Security Strategy and Transformation: From Good Enough to Great
- Supply Chain and Third-Party Risk Management
- Zero-Trust Architecture and Implementation
Day One: Roundtables 1-10
A.I. and Machine Learning in Cybersecurity
Explore the latest applications of artificial intelligence and machine learning in threat detection, response automation, and predictive security. Discuss the potential risks and ethical considerations of AI-driven security.
Advanced Attack Simulation and Purple Teaming
Focus on red team/blue team exercises and collaborative purple team strategies to simulate real-world attacks. Discuss AI-driven simulation tools, attack surface validation, and improving defensive capabilities.
API Security and Governance
Dive into securing APIs against exploitation, managing API lifecycles, and ensuring proper governance. Cover real-world breaches and best practices for API discovery, authentication, and authorization.
Cloud Security and Multi-Cloud Resilience
Explore strategies for securing cloud environments, including multi-cloud and hybrid architectures. Cover identity, access management, data protection, and cloud-native security practices.
Communicating Cyber Risk to Boards
Address effective methods for presenting cyber risks, security budgets, and ROI to boards of directors. Cover storytelling, metrics, and strategies to align cybersecurity with business objectives.
Continuous Threat Exposure Management (CTEM)
Discuss proactive approaches to identifying and reducing attack surfaces. Cover continuous vulnerability assessment, asset discovery, and prioritizing risk based on real-time threat intelligence.
Cyber Resilience for Critical Infrastructure
Explore strategies to protect essential services like energy, healthcare, and transportation from cyber threats. Focus on resilience, threat response, and securing legacy systems in critical sectors.
Data Security, Privacy, and Resilience
Examine methods for protecting data through encryption, anonymization, and backup strategies. Cover privacy regulations (GDPR, CCPA) and ensuring data resilience against breaches and ransomware.
Defending Against Evolving Phishing and Social Engineering
Address new trends in phishing attacks, social engineering tactics, and AI-generated threats. Explore real-time detection, user training, and adaptive defenses.
Fraud Prevention in the Age of Deepfakes
Explore AI-driven fraud threats like deepfakes, synthetic identities, and automated scams. Discuss tools and techniques for detecting and preventing advanced fraud schemes.
Day Two: Roundtables 11-20
Insider Threat and Privileged Access Management (PAM)
Examine strategies for mitigating risks posed by insiders. Cover behavioral monitoring, privileged access controls, and preventing intentional and unintentional insider threats.
Navigating Regulatory Compliance and Cybersecurity Frameworks
Examine key regulations (GDPR, HIPAA, NIST) and industry frameworks. Discuss strategies for maintaining compliance, managing audits, and adapting to new regulatory requirements.
Next-Generation Email and Collaboration Security
Focus on securing email and collaboration platforms (Slack, Teams, Zoom). Discuss defenses against phishing, business email compromise (BEC), and securing cloud-based communication tools.
Next-Generation Endpoint and Identity Defenses
Focus on securing endpoints and identity management solutions. Cover EDR (Endpoint Detection and Response), zero-trust identity, MFA (multi-factor authentication), and modern endpoint security practices.
Offensive Cybersecurity, Threat Hunting, and Deception
Discuss proactive threat hunting, offensive security techniques, and the use of deception technologies. Focus on identifying and neutralizing threats before they impact operations.
Operational Technology (OT) and IoT Cybersecurity
Explore securing industrial control systems, smart devices, and IoT ecosystems. Discuss the unique challenges of protecting operational technology (OT) and connected devices in critical industries.
Ransomware Resilience and Response
Discuss the evolving ransomware threat landscape, incident response strategies, and resilience measures. Cover backup practices, decryption options, and lessons from real-world ransomware attacks.
Security Strategy and Transformation: From Good Enough to Great
Explore building, managing, and transforming security strategies. Focus on aligning security initiatives with business goals, improving resilience, and achieving strategic growth.
Supply Chain and Third-Party Risk Management
Focus on identifying, assessing, and mitigating risks from vendors and supply chain partners. Discuss tools for continuous monitoring, compliance verification, and incident response planning.
Zero-Trust Architecture and Implementation
Discuss practical approaches to adopting zero-trust principles. Cover identity verification, micro-segmentation, continuous authentication, and real-world implementation challenges.