“The Four Tribes of Security Champions” is a framework to describe successful security champion programs. The tribes include: The Apprentices, The Fan Club, The Learners, and The Sentinels. We’ll explore a benchmarking tool for each tribe to pick which approach is right for you!
We established Stanford's product security clinic in 2023 to help community organizations secure the software services they offer, diverging from traditional university cybersecurity clinics that focus on corporate security. Here's what we learned from our first two years of operation.
Quantum computing is breaking RSA/ECC, your PKI is at risk !. This session delivers a live demo on quantum-safe PKI upgrades: discover certificate weaknesses, map hybrid replacements, and align with NIST PQC standards. Learn to secure cryptographic resilience for the post-quantum era.
Operational Technology (OT) describes devices that control things in the real world like factories and generators. This talk discusses the security implications of the convergence of IT and OT, with deep dives into OT protocols and device discovery -- even behind legacy protocol gateways.
Privacy-Enhancing Technologies (PETs) are transforming data handling by ensuring privacy and security throughout the data lifecycle. This talk explores the latest advancements in PETs, focusing on Secure Multiparty Computation (MPC), Homomorphic Encryption (HE), and their real-world applications.
Being the first security leader at a startup is a wild ride. This talk explores "Trust Engineering," a hands-on approach to earn trust, navigate chaos, and build a security foundation with limited resources. Learn how to handle executive expectations and support fast-paced growth.
GRC teams can be more than just gridlock, red tape, and checklists. By prioritizing a risk-first approach, leveraging both quantitative and qualitative methodologies, and adopting principles-based compliance, GRC becomes a proactive force that empowers organizations to effectively combat security.
