RSS:2023 Track 3 (Day 2) :: Rochester Security Summit

RSS:2023 Track 3 (Day 2)

Inside Sales Threat - How to Get Buy In to Grow Your Cybersecurity Program

Paul Robinson
October 26, 2023 10:00 am - 10:50 am

It is clear as day: you see massive vulnerabilities, you see compliances with hefty fines for non-conformities and you see risk to your clients and vendors. However for some reason, organizational buy-in eludes you. It might not be that your company doesn't care, it could be that you can't "sell" the reason why. This talk is to give security professionals tips on how to sell the need internally for improvement on their cybersecurity programs.

It's OK to Make Mistakes: Blame Culture in Infosec

Courtney Bell
October 26, 2023 11:00 am - 11:50 am

We often think of information security as a technical problem to be solved. But social psychology can also contribute to a more or less secure culture. I performed a small social psychology study on the assignment of blame in information security incidents in attackers vs. targets. Let's talk about the results of that study, how blame affects real life organizational incidents, and how solution-focused culture can help us ally with users and stakeholders to create a more secure environment for everyone.

Incident Response Roundtable

Rolin Peets, Mark Milutinovic, and Dave Hadzima
October 26, 2023 1:00 pm - 1:50 pm

In an era marked by escalating security concerns, the support community frequently finds itself in the forefront when news surfaces about potential threats or suspected data breaches within our respective organizations. It is imperative that every organization establishes a comprehensive strategy for handling both potential and confirmed security incidents. Whether you already possess a security plan and seek validation, or if you are yet to develop one and seek guidance on commencing this crucial process, this presents an excellent opportunity for you.

Planning for Success - and to Avoid Failing Before We've Even Begun

Eric Anderson
October 26, 2023 2:30 pm - 3:20 pm

Steinbeck said even "the best laid plans of mice and men often go astray". Going "astray" is all but guaranteed when you have no plan at all. You can spend a fortune on product and solutions and still far too often we see organizations spending good money and intentions on products and solutions that ultimately fail due to a simple lack of planning. Join us to discuss some simple, practical, and even money-saving ways to ensure your initiatives are successful and your purchases deliver actual value - not just unfulfilled promises.

Career Hacking: Going From n00b to Chaos Wrangler

Joe Cicero
October 26, 2023 3:30 pm - 4:20 pm

In the dynamic cyber world, your current skills are valuable but not everlasting. To keep up with its constant changes, envision boarding a speeding 55mph bus – just reading won't cut it. Preparation, practice, and learning from experts are key. I'll share my journey from cybersecurity novice to pro, offering tips for diverse roles like analyst, pen-tester, or AI innovator. In this booming industry, readiness for challenges is vital. Discover accessible training, time-management strategies, and career advice in this interactive session. Let's explore the array of cyber roles and discuss your career in today's landscape.