RH-ISAC’s Cyber Intelligence Summit, taking place this year in Dallas, TX, on September 20-21, is the premier event for cybersecurity practitioners in the retail, hospitality, and travel industries. The two-day conference features keynote speakers, breakout sessions for peer-to-peer learning, and plenty of opportunities for networking during nightly happy hours and dinners.
This year’s agenda was built by RH-ISAC’s Summit Working Group based on feedback we received from members to showcase the topics most relevant to the retail and hospitality industry. Here are a few of the top presentations our members are most looking forward to:
1. Human Security Engineering – A Holistic Approach to Addressing Human Incidents
The opening keynote from Walmart’s Chief Security Architect, Ira Winkler, is a can’t miss for all attendees. Winkler is known as the “James Bond of cybersecurity” because of his work hacking some of the top companies in the world. He is also the author of the best-selling books “You Can Stop Stupid” and “Security Awareness for Dummies.” His keynote presentation highlights some of the key concepts from his books, as he focuses on the risk that human behavior poses to your security posture. No matter how much we try to automate, more often than not, a breach comes down to human error through a lack of security awareness or simple oversight. In this session, learn:
- Why traditional security awareness programs fail
- The nature of the most common cybersecurity attacks
- How to really address the people problem in cybersecurity
- Ideas to adopt other sciences to cybersecurity to address the user problem
2. Preparing for Ransomware – Preventing Disruption Through Resiliency
A dramatic rise in high-publicity ransomware cases over the last few years has made ransomware a hot button topic for leadership teams. In fact, ransomware resilience was ranked as the top priority for CISOs in RH-ISAC’s 2021 CISO Benchmark Survey. This session by Target’s cyber defense team will share best practices for other enterprises to identify their most critical assets, perform threat models based on generalized and specific tactics observed in ransomware attacks, and deliver actionable outcomes for your infrastructure, engineering, security, and leadership teams.
3. Monitoring and Responding to ATO
Account Takeover (ATO) is not just a security problem that incurs financial loss for the company, but also a business problem that negatively impacts the company’s reputation. This session by Tae Kim, senior. manager, cyber threat intelligence and hunting at Albertsons, will discuss how security leaders can identify the scope and size of the ATO problem against their company and how they can help their company leadership make the best decisions to mitigate the problem. We’ll also discuss how security leaders can balance implementing a robust security program without negatively impacting the customer experience.
4. New Risks Information Security Programs Face In The Next 5 Years
As partners to the business, information security leaders must stay abreast of future technologies and innovations, while also exploring the potential risks they may bring. This keynote panel features Wayfair’s Marnie Wilking, McDonald’s Shaun Marion, and Target’s Rich Agostino discussing technologies and innovations they are facing in the near, medium, and more distant future, as IoT, blockchain, cryptocurrency, and the metaverse become a part of everyday business.
5. Understanding Supply Chain Threats from a CTI Perspective
Supply chain threats have continued to occur with regular frequency in the past few years and can cause catastrophic domino effects on the tourism industry, as global travel attempts to ramp up in the wake of pandemic-related restrictions. Advanced state-affiliated groups and cyber-criminal gangs have demonstrated capabilities to execute supply chain attacks against myriad companies and software assets, leaving the retail/hospitality industry susceptible to compromise as enterprise networks often require the use of externally developed software and hardware. In this session, members of Expedia’s expert CTI team will share findings on threat actors’ growing sophistication to dissect, identify, and execute operations against vulnerable midpoint software solutions and technologies, and will discuss how leveraging CTI can help security teams make informed decisions, vet products, and identify trends.
The RH-ISAC Summit is open to both RH-ISAC members, as well as non-member companies that qualify for RH-ISAC membership. Learn more about this year’s agenda on the Summit website.