Agenda:

2:30 - 3:00, Check in and Networking

3:00 – 3:15, Opening Remarks

3:15 – 4:00, Speaker 1:  Dan Ayala, Cyber Leader for 30 years at ABN AMRO, Abbott Labs, ProQuest, Michigan State University, etc. Host of: The Great Security Debate Podcast: https://distillingsecurity.com/author/daniel/ and https://www.youtube.com/@greatsecuritydebate

4:15  - 4:45, Speaker 2:   Joshua Knox, Principal Cybersecurity Strategist, Horizon3.AI, formerly with Reversing Labs, VMware, Carbon Black and elsewhere. Joshua’s videos, demos and interviews are here:  https://www.youtube.com/channel/UC3za3NzBO4XNsLmcGSxs9AA

4:45 – 5:00, Q &A

5:00 - 7:00, Networking

Speaker 1: Dan Ayala, Cyber Leader for 30 years at ABN AMRO, Abbott Labs, ProQuest, Michigan State University, etc. Host of: The Great Security Debate Podcast: https://distillingsecurity.com/author/daniel/ and https://www.youtube.com/@greatsecuritydebate

Description of Talk: Over the past three decades information security has evolved from being seen as a cost center into a core element of every business. Boards list it as a top concern and risk for their organizations, its impact is included in public 8-K and 10K corporate filings, and it is part of nearly every customer procurement process. As information security has become more integral to revenue and growth, it is increasingly vital for security practitioners and leaders to understand the increased level of impact and influence they now have. This is compounded by an origin story rooted in a culture of striving for perfect security. Consequently, it is imperative that InfoSec professionals continually evolve to remain relevant. How and why does modern business depend on security for growth? What happens if we don’t advance our mindset and approaches to play in the broader business game? Why is it critical that we stop viewing information security as separate from "the business" but rather as a core part of it? How can we encourage our enterprise colleagues to fully embrace the benefits of technology risk management and learn from their needs to ensure mutual success?

Speaker 2: Joshua Knox, Principal Cybersecurity Strategist, Horizon3.AI, formerly with Reversing Labs, VMware, Carbon Black and elsewhere. Joshua’s videos, demos and interviews are here: https://www.youtube.com/channel/UC3za3NzBO4XNsLmcGSxs9AA

Title of Talk: Proving Cyber Resilience: Measuring Outcomes, Not Effort

Description of Talk: Most security programs measure effort — not outcomes. Organizations patch thousands of vulnerabilities, deploy dozens of tools, and run annual tabletop exercises… but when an attacker shows up, none of that matters. What matters is whether they can prove their defenses actually work. In this talk, Joshua Knox, Principal Cybersecurity Strategist at Horizon3.ai, shares how leading organizations use autonomous pen testing to see their environment through the attacker’s eyes — continuously, safely, and at scale.

By shifting from assumptions to proof, they’ve learned to:

• Prioritize what’s exploitable. Focus limited resources on the weaknesses that truly put the business at risk and are known to be abused by threat actors.
• Quickly fix what matters. Close the loop from find → fix → verify and reduce your exploitable attack surface.
• Reduce attacker dwell time. Use Pen Test results to precisely deploy HoneyTokens to detect compromise early, and to continuously prove your EDR and SIEM are tuned and working as intended.