Recently, IBM Quantum demonstrated error mitigation techniques using 100+ qubit processors that enabled calculations not achievable with classical computing techniques. This faculty for "quantum utility" with noisy qubits, well in advance of fully fault-tolerant quantum processors, opens the prospect of applying quantum computing to more real use cases sooner than previously considered possible. What does this shift mean in practical terms, and what ramifications might it have, including the prospects for quantum-safe cryptography?
Mike Skurko will lead a panel on ISSA-SV panel on Cybersecurity & AI. Most of us have kicked down the barriers to cloud adoption, at scale. Many of us may have been involved in the revolution. The fear, uncertainty, and doubt plagued the enterprise and that FUD was perpetuated by most of the major enterprise packaged software companies. In the end, we all won. Responsible adoption was realized. AI brings us all the way back to the FUD. Fear, mystery, scale, controls, policy, compliance are all front and center.
Synopsis: Minor oversights in public-facing web applications can lead to major security disasters. This talk will highlight real-life cases where such vulnerabilities, including logic flaws, insecure direct object references (IDOR), and API security lapses, could have resulted in massive data breaches and financial losses. Through interactive hacking demos, the session will illustrate the potential for millions in losses from retail giants and sensitive data exposure, such as passport information leaks.
Mike Skurko will lead a panel discussion consisting of a maximum four people with an all inclusive Q&A to get the audience talking about what they see as crucial to their success in 2024. This includes what they would like to learn and the types of topics at the Silicon Valley ISSA meetings for 2024
Cloud has a value problem. Cloud’s value is perceived to come from the speed of deployment and security. Then why do cloud journeys take weeks if not months? Or generate a whole host of security and compliance issues, a leaky ship problem? Cloud security, compliance and expertise are at the heart of it. Security risks are high when cloud environments are not deployed properly. We will begin by level setting on current processes, practices and tools that address these risks. We will then discuss the potential future scenarios and practices that will move the needle on cloud security.
We're coming back yet again to do another live show at the ISSA-SV/SF monthly chapter
David Spark, host of CISO Series will be joined by my co-host Mike Johnson, CISO, Rivian and Kurt Sauer, CISO, DocuSign to do a live audience recording of CISO Series Podcast in from of a live audience.
The cloud and digital transformation have fundamentally changed the way organizations build and run business applications. Companies are running massive amounts of critical workloads while storing personal and sensitive information in their cloud-native environments, making them valuable targets for bad actors. Attackers are using stolen credentials, supply chain attacks, and other forms of advanced attacks to gain access to data and applications in the cloud.
We're all headed to BlackHat / DEFCON in Las Vegas, so no local chapter meeting. If you're planning to be there, please reach out to us on slack - we'd love to see you.
Formal methods play a crucial role in raising the security and safety level of firmware, which is an essential component of modern computing systems. Firmware, being the low-level software responsible for controlling hardware devices, presents unique challenges due to its direct interaction with critical system functionalities. This talk highlights the importance of employing formal methods as a means to enhance the security and safety aspects of firmware development.