Track 2 Speakers
May 27, 10:40-11:30
AI in a Healthcare Setting: Opportunities and Risks
Join Lia Sana, Senior Information Security Architect and Mahtab Rae, Information Security Architect, Fraser Health Authority, as they delve into the application of Artificial Intelligence (AI) in healthcare settings, with a particular emphasis on its governance and control. They will discuss the transformative potential of AI in revolutionizing healthcare delivery, diagnosis, and patient care, as well as, explore the critical aspect of governance and control mechanisms necessary to ensure the ethical and responsible use of AI in this sensitive sector.
This presentation will illustrate the Healthcare AI applications with real-world use cases, demonstrating how AI can be leveraged to improve patient outcomes, streamline operations, and enhance decision-making processes in healthcare. These examples will provide a practical perspective on the integration of AI in healthcare, making the discussion more relatable and comprehensible. In addition, the presentation will address the associated risks of AI application in healthcare, such as data privacy concerns, potential bias in AI algorithms, and the need for human oversight. It will underscore the importance of robust internal control systems to mitigate these risks and ensure the safe and effective use of AI.
Drawing from industry standards and generally accepted responsible AI practices, the presentation will provide a comprehensive overview of the current best practices in AI governance. It will offer insights into how these practices can be adopted and adapted in a healthcare setting to ensure that AI is used responsibly and ethically.
Mahtab rae
Mahtab worked in many capacities through her professional life. She holds a B.Sc. and M.Sc. in Biomedical Engineering, focused on clinical data modeling and R&D. She worked as Neuroscience researcher, designing clinical experimentations and trials, clinical data collection, data analysis, system modelling, and machine learning. She also holds a B.Sc. in Computing Science - AI major, and worked as an Agile Software Developer in tech industry prior joining Fraser Health as an Information Security Architect, leading Medical Devices Security and security of AI driven projects.
lia sana
Lia is an information security professional with more than 10 years of experience in governance, risk management and compliance, cloud security, Identity and access management, and security audits. In her current role as the Senior Information Security Architect at Fraser Health Authority, Lia leads a team of dedicated security experts focused on defining and building layers of security to protect sensitive patient information and integrate security standards into business processes across the organization.
May 27, 11:40-12:30
The Fault in Our Metrics: Rethinking How We Measure Detection and Response
Your metrics are boring and dangerous. Recycled slides with meaningless counts of alerts, incidents, true and false positives… SNOOZE. Even worse, it’s motivating your team to distort the truth and subvert progress. This talk is your wake-up call to rethink your detection and response metrics.
Metrics tell a story. But before we can describe the effectiveness of our capabilities, our audience first needs to grasp what modern detection and response is and its value. So, how do we tell that story, especially to leadership with a limited amount of time?
Measurements help us get results. But if you’re advocating for faster response times, you might be encouraging your team to make hasty decisions that lead to increased risk. So, how do we find a set of measurements, both qualitative and quantitative, that incentivizes progress and serves as a north star to modern detection and response?
Metrics help shape decisions. But legacy methods of evaluating and reporting are preventing you from getting the support and funding you need to succeed. At the end of this talk, you’ll walk away with a practical framework for developing your own metrics, a new maturity model for measuring detection and response capabilities, data gathering techniques that tell a convincing story using micro-purple testing, and lots of visual examples of metrics that won’t put your audience to sleep.
allyn stott
Allyn Stott is a senior staff engineer at Airbnb on the information security technology leadership team where he spends most of his time working on threat detection and incident response. Over the past decade, he has built and run detection and response programs at companies including Delta Dental of California, MZ, and Palantir. Allyn has previously presented at Black Hat, Kernelcon, The Diana Initiative, Texas Cyber Summit, and BSides around the world. Red team tears are his testimonials. In the late evenings, after his toddler ceases all antics for the day, Allyn writes a semi-regular, exclusive security newsletter: meoward.co.
Twitter/X @whyallyn
May 27, 1:30-2:20
Cybersecurity Attack and Defense with the Rise of AI
As businesses increasingly rely on AI for innovation and efficiency, cyber threats leveraging AI capabilities have become more sophisticated and pervasive than ever before. In this talk, Michael Argast, Co-founder and CEO of Kobalt.io, will delve into the dynamic realm of Cybersecurity Attack and Defense amidst the Rise of AI, and will go through common and popular attack trends and compromises. Ideal for staff, IT, and technical teams, this session aims to empower you with essential knowledge and practical strategies to safeguard your digital assets effectively.
Michael Argast
Michael Argast is an experienced cybersecurity professional with over 20 years of industry experience. He is the co-founder and CEO of Kobalt.io, a rapidly growing cloud-focused security services provider. Kobalt.io works with over 500 cloud-focused technology companies to help develop their cyber security programs and ensure the security of their organization.
May 27, 2:30-3:20
Deep Dive into Transformers Architecture
Transformers architecture powers most of the recent developments in AI space, especially the recent wave of LLMs. However, the transformers architecture is quite complex and not very well understood. I want to take a deep dive into the architecture and explain how it works. From security point of view, if more security practitioners understand the architecture better, it will help in finding security loopholes.
Japneet Singh
I am a Software Engineer, currently working with Lacework, a leader in Cloud security. In the past 20 years, In my past life, I have had the honor of working on product development at companies including Microsoft, FireEye, McAfee, on their flagship cybersecurity products. I have worked on detection and protection technologies which protect the customers against Malware threats, Cyber attacks on the premises and on the Cloud. On the technical front, I have worked on building sensors/agents, kernel drivers, ML based malware detection, cloud workloads monitoring, etc. My current interests include utilizing Generative AI for cybersecurity use cases.
May 27, 3:30-3:50
Beyond Blacklists: Security in the Age of AI
As Artificial Intelligence (AI) and Large Language Models (LLMs) diffuse into everyday business use, these new technologies present novel challenges for IT Staff, Security, Compliance and Development Teams. How can practitioners ensure AI is used securely and follows company and industry guidelines? This session will present an overview of AI usage in the enterprise and how companies can safely control and harness this new power that AI can provide.
Feynman Liang
Dr. Feynman Liang is the Chief Technology Officer for Blueteam AI with a PhD from UC Berkeley and 10+ years of AI experience. He develops products which enable businesses to confidently adopt GenAI technologies while continuing to meet their security compliance requirements. As @feynman, he can be found at network security CTFs, packet hacking villages, and your local SPAN port.
May 27, 4:00-4:20
De-anonymizing the Blockchain: What Cybersecurity Experts Should Know About Cryptocurrency Investigations
Cryptocurrencies were once primarily associated with illicit activities due to their decentralized and seemingly anonymous nature. However, most of them operate on a pseudonymous basis, making crypto investigations a crucial aspect of modern cybersecurity. This involves a detailed analysis of blockchain transactions to trace the movement of funds. In this talk, we will explore the latest advances in crypto forensics and how to unveil the real-world entities behind cryptocurrency-related crimes. The goal is to equip the audience with the knowledge and skills needed to navigate the complex landscape of cryptocurrency investigations.
Artem Ponomarov
Artem is a cryptocurrency security expert, with over 4 years of experience in crypto investigations. He has developed and utilized various blockchain analytics tools to assist victims of crypto-related hacks and scams. Artem holds PhD in Physics and several cryptocurrency security certifications (e.g. from Chainalysis). Before his role as CISO at Gftd Japan, he held management positions in crypto AML compliance and smart contract audits. As a member of the Cryptocurrency Security Standard (CCSS) group, he significantly contributes to the field of blockchain security.
May 27, 4:30-5:20
Ransom Meets Random: A Brief Analysis of Security and Privacy in Generative AI
The advent of Generative Artificial Intelligence (AI) has ushered in a new era of creativity and innovation, but with it comes the imperative to address the pressing security and privacy concerns. This presentation, titled "Ransom Meets Random," delves into a concise analysis of the intricate relationship between security, privacy, and Generative AI technologies.
The talk commences by exploring the dynamic landscape of generative models, shedding light on their transformative capabilities in content creation, text generation, and image synthesis. As these AI systems continue to evolve, it becomes crucial to understand the inherent risks and vulnerabilities associated with their deployment. The discussion emphasizes the potential exploitation of generative models in the context of ransom attacks, where malicious actors may leverage AI-generated content to manipulate or compromise sensitive information.
Furthermore, the presentation examines the unpredictable nature of generative AI, discussing its challenges to maintaining user privacy. The talk navigates through the blurred lines between authentic and AI-generated content, unraveling the implications for individuals and organizations. Ethical considerations and regulatory perspectives are also addressed to foster a comprehensive understanding of the societal impact of generative AI.
Attendees will gain insights into the current state of security measures within generative technologies and explore potential strategies to safeguard against emerging threats. By the end of the session, participants will be equipped with a nuanced understanding of the delicate balance between the innovative potential of generative AI and the imperative to fortify security and privacy frameworks in this rapidly evolving landscape.
Sourabh Aggarwal
Sourabh Aggarwal, Senior Consultant of iTED Consultant Inc., is a visionary leader who harnesses technology and innovation to drive sustainable business strategies. He is pursuing a Ph.D. in management from IAE Business School, focusing on innovation and entrepreneurship.
With an extensive background in academia, consulting, and cybersecurity education, Sourabh's impact is truly multi-dimensional. He has been actively teaching cybersecurity and developing curricula for over five years, leaving a lasting impression on learners in Canada and the USA. His students have excelled in renowned companies like Meta, Google, Amazon, and GeoComply.
Sourabh's holistic portfolio showcases his commitment to fostering innovation, nurturing collaboration, and championing forward-looking approaches. His deep-rooted comprehension of technology and his unwavering dedication to empowering individuals and organizations with essential cybersecurity knowledge positions him as a prominent influencer in navigating the ever-evolving cybersecurity landscape.