Real-world AI: Promise and Peril

The AI revolution is real and profound, but also riven with hype and speculation. How can cyber professionals slice through the chatter to understand -- and deploy -- AI technology now and in the near-future? How can we keep pace with adversaries who are embracing AI tools at breakneck speed? And how can we guard the security of our own enterprise AI programs? This full-day summit will equip you and your team to act now, by focusing on the most immediate priorities and practical applications. 

Navigating the AI Frontier: The Rise of Shadow AI

As artificial intelligence continues to transform industries, the emergence of Shadow AI—unauthorized or unsanctioned AI applications and systems—presents new challenges and opportunities for organizations. This presentation explores the dual nature of AI's growth, highlighting the benefits of sanctioned AI while shedding light on the risks posed by Shadow AI. Attendees will gain insights into the factors driving the rise of Shadow AI, including the increasing accessibility of AI tools and the pressure to innovate rapidly. We will also discuss strategies for identifying, managing, and mitigating the risks associated with Shadow AI, ensuring that organizations can harness the power of AI responsibly and securely. Join us as we navigate the AI frontier and uncover the hidden forces shaping the future of technology.

Should I Trust the Next Generation of LLMs to Check My Program?

Primary Speaker:  Mark Sherman, PhD – Technical Director, Carnegie Mellon University/Software Engineering Institute

LLMs like ChatGPT, LaLAMA and CoPilot are among the hottest new machine-learning based systems to appear on the Internet. They can both create and analyze computer source code. Early results using these technologies demonstrated shortcomings in practical use. Since their mass introduction, additional research and improvements have been made to their effectiveness for assisting programmers. In this talk, we share what we measured about the improved capabilities of LLMs in recognizing and fixing security problems in computer source code.

Securing Azure Open AI apps in the Enterprise

Primary Speaker:  Karl Ots, CISSP, CCSP – Head of Cloud Security, EPAM Systems

Session Abstract: In this session, we explore the core security controls for securing usage of OpenAI’s services in an enterprise environment. We cover what controls are available, which are missing, what is their effective coverage, and how to implement them.

Walking out of the session, you will be able to identify and implement security controls that make sense for your organization. You will also be able to identify what is missing and how to mitigate those gaps.

Harnessing AI to Detect Sensitive Data Exfiltration: A Comprehensive Guide

Primary Speaker:  Samuel R. Cameron, CISSP CCSP C|EH CASP – Security Architect, Cisco Systems

As data exfiltration becomes a growing concern in today's shifting threat landscape, conventional security measures often struggle to keep pace. This session introduces an innovative approach using Artificial Intelligence (AI) to identify data exfiltration. We'll discuss the architecture, data, and methodology behind the AI solution, providing insight into how AI can learn to identify data exfiltration patterns.

* Please note: This is not included in the Main Conference registration and requires a separate registration.