The EU’s General Data Protection Regulation (GDPR) inspired the new California Consumer Privacy Act (CCPA). Also, Congress is seriously exploring federal data protection legislation for the first time. This program will cover the latest US and international security and privacy legal developments. At the same time, advanced technologies such as artificial intelligence are raising concerns for data protection professionals.
Attorney Stephen Wu, a Silicon Valley Law Group shareholder, book author, and ISSA Journal author, will describe the latest compliance challenges posed by GDPR, CCPA, and new laws, as well as how these new laws apply to AI, Big Data, and the Internet of Things. He will also cover the promise and threats of artificial intelligence, robotics, and autonomous and connected vehicles. Takeaways will include strategies for managing data protection and related legal risks caused by these advanced technologies.
Shift RIGHT to Fix Earlier; What Thought-leading SecDevOps Organizations are ACTUALLY Doing Vendors and firms do a lot of DevOps ‘in name only’. Those really changing their culture are fundamentally changing their risk management paradigm – from one of proactive governance through security assurance to one of continuous collection of security telemetry and resilient delivery pipelines. What does that mean in practice?
With today's ever-increasing cyber threat environment, it's more important than ever to take a "Zero Trust" approach to prevention. Learn what common solution providers really do and don't do and why they continue to fail organizations from being breached. Discuss how stakeholders responsible for cybersecurity strategy can take a practical approach to "Zero Trust" prevention.
The agility of DevOps and scalability of the cloud is an incredible combination for the business. New products are brought to market faster than ever before, with infrastructure spun up or down in seconds. However, with this agility and business-created urgency, security is seen as an impediment and often falls by the wayside.
The real cyber battlefield is for ‘hearts and minds’. Our enemies are good at as shown by Russian voter influence and ISIS propaganda. US efforts don’t appear to be nearly as successful, this session explores the fragmentation between cyberspace operations and Psychological Operations (PSYOP).
Many mature and sophisticated security teams are taking a ‘back-to-basics’ approach to security. In this talk, we will discuss what visibility has meant in the past and how it has and will continue to evolve based on technology convergence in the future. As the recent explosion in technology, adoption has created a wave of new security hardware/software purchases many issues faced by security teams are still rooted in a lack of security fundamentals including the basic need to acquire visibility on the activities and assets you are trying to protect.
What: Catch up with colleagues & meet new ones from San Francisco, Silicon Valley
ISSA & OWASP chapters
Reception: Top shelf appetizers and drinks
Venue: Trou Normand @ the Historic Pacific Telephone & Telegraph building; Reserved space for 30: booths
and standing areas
“Exfiltrating data through the Internet of Things (IoT)” provides insights based on research/analysis of data exfiltration vulnerabilities found in IoT protocols (i.e. SSDP, P25, Zigbee, Z-Wave, Wi-Fi, uPnP). With an eye toward mitigating weaknesses in current protocols, this talk addresses future protocol designs to eliminate those weaknesses. This discussion will delve into the details and demo data exfiltration using IoT protocols.