Date & Time:
Tuesday, June 17
09:30 - 17:00
Venue:
Ambient + Studio
585 Wells St SW
Atlanta, GA 30312
Agenda
Registration & Breakfast
09:30 - 10:20
Opening Remarks
10:20 - 10:25
Tabletop Exercise
10:25 - 11:25
Omni-channel threat response: A Tabletop Exercise for Business Resilience
Organizations are global engines with many disparate systems and critical moving parts. The threat landscape is vast and the attack surface is growing in complexity. Your customers look to you, to lead in times of disruption and crisis. This exercise will challenge traditional thinking and disrupt the approach to incident and crisis management.
11:30 - 12:00
Workshops
Session #1: Building Cultures for Mental Wellbeing and Resilience
In this interactive workshop, participants will explore approaches for building cybersecurity team cultures that prioritize mental wellbeing to prevent burnout. Drawing from organizational psychology and industry best practices, we'll examine the factors - both expected and unexpected- that impact mental health in security operations. Participants will develop practical strategies for cultivating team cultures that proactively prioritize mental wellbeing rather than waiting to react to mental health crises and burnout.
Session #2: Beyond Detection…Or Not: The New Frontier in Social Engineering & Deepfakes
Imagine a scenario where your client’s CEO joins a call—and it turns out to be a deepfake. With GenAI making fakes nearly undetectable, social engineering attacks are escalating, as seen in multimillion-dollar losses across industries. The quality, frequency and complexity of these attacks are growing exponentially—leaving traditional content-based defenses struggling to keep pace.
You are probably all familiar with some of the recent high-profile incidents: the MGM attack that cost about $30 million and up, a video-based deepfake assault on Arup's Hong Kong finance team, resulting in a $25 million loss, and impersonation schemes posing as candidates or new hires to compromise critical systems. As GenAI evolves, the challenge is clear: how do we effectively block these advanced threats from the get-go?
Session #3: Cloud-Native Detection and Response: Advancing Security in a Dynamic Landscape
As organizations rapidly transition to cloud-native environments, the traditional methods of detection and response are increasingly inadequate. This session will explore the unique challenges and opportunities presented by securing cloud-native infrastructures. Attendees will gain an understanding of how to leverage modern tools and techniques for continuous monitoring, threat detection, and automated response within dynamic cloud environments.
Networking Lunch
12:00 - 12:55
Roundtable Exercise
13:00 - 14:00
What are the most significant challenges we're facing with non-human identities, and how can we make this a strategic priority?
Non-Human Identities (NHIs) are growing exponentially faster than human identities as organizations create ever more API keys, access tokens, traditional service accounts, and vaulted secrets. Do you know how many times people in your organization have clicked “authorize” to let an app access your systems and data? Do you know how your suppliers are using the access you’ve granted to deliver their promised value? As AI agents increasingly leverage NHIs to interact with your data, is this trend a passing fad, or is NHI here to stay—powering AI and shaping the future of your organization?
Workshops
14:05 - 14:35
Session #1: Let’s explore the convergence of the CISO and CIO
Traditionally, security has fallen under IT, with the CISO reporting to the CIO. However, we’re now seeing a growing trend of CISOs becoming CIOs and taking over IT. This session will delve into various aspects of this topic, including the reasons behind this shift, the circumstances in which it occurs, and how CISOs can determine if this is the right career move for them. We’ll also explore the benefits and challenges of this convergence, strategies for approaching the transition, and key factors that contribute to a CISO’s success in a CIO role.
Session #2: Through the Hacker's Eyes
For years, security teams have focused on defensive measures—reacting to threats instead of anticipating them. But attackers don’t play by the rules. They adapt, innovate, and exploit unknown weaknesses. To stay ahead, organizations must think like hackers and continuously test their external attack surface.
This session will explore how automation and offensive security strategies uncover real-world vulnerabilities before they can be exploited.
Session #3: Telemetry sprawl is eating your budget, time – and peace of mind.
Like most security teams, you’re probably grappling with an expanding attack surface and deluge of security log data (cloud, SaaS, etc.). The consequences? Greater noise and complexity, increased ingestion costs, and a heightened risk of missing critical security events.
So let’s fix it!
Roundtable Exercise
14:40 - 15:40
How can we create a viable defense strategy against zero days and supply chain risks?
As cyber threats continue to evolve, two of the most insidious risks that keep CISOs up at night are zero-day vulnerabilities and supply chain attacks. Zero-day exploits, which take advantage of unpatched vulnerabilities, and supply chain risks, which involve compromises within third-party vendors, pose significant threats to enterprise security.
This session will delve into how organizations can proactively defend against these increasingly sophisticated and evolving risks.
15:40 - 15:50
Refreshment Break
Workshops
15:55 - 16:25
Session #1: Buying Down Risk Through Strategic Technology Investments
Today’s CISOs are increasingly called upon to communicate in terms of business risk, bridging the gap between cybersecurity and executive decision-making.But what if you could extend that clarity to your technology purchasing decisions as well? Let’s explore a fresh perspective that empowers you to achieve exactly that.
Session #2: How do we create cross-team collaboration to reduce SaaS security risk?
You just discovered that your business is leveraging critical SaaS applications like NetSuite and Salesforce—but security has no governance over them. Business teams have adopted these tools outside of IT oversight, integrating third-party applications and sharing sensitive data with external partners—all without security monitoring. How do you regain control without disrupting business operations?Join Valence Security for an interactive, scenario-based workshop on bridging the gap between security, IT, and business teams. We’ll explore the operational challenges of distributed SaaS administration and showcase how real customers leverage Valence to foster collaboration and streamline risk remediation. Learn how to gain visibility, operationalize security findings, and empower business teams to take an active role in securing SaaS—without slowing them down.
16:30 - 17:00
Anti-Keynote
16:30 - 17:00
To be announced….
18:00 - 21:00
After-Summit Dinner
Time to unwind and enjoy some great company after a successful day. No more work related discussions, just good food and good people. Perfect.
Discussion Guides
Steve Hindle
Sabrina Patel
Larry Whiteside
Olivia Rose
Felicia Hedgebeth
Renee Guttmann-Stark
Timothy Youngblood
Evelin Biro
Jonathan Sander
Rogier Fischer
Noam Awadish
