Join your peers virtually December 4-5th for two days of interactive sessions addressing the cybersecurity challenges facing government entities and the private sector.

Cybersecurity challenges were prevalent in both the public and private sector in 2024. Whether you’re in the public or private sector, we need a united front facing these threats. Learn from industry-leading speakers and collaborate with your peers on topics that will surely be facing all cybersecurity professionals in 2025 at ISC2 SECURE Washington, D.C. on December 4th and 5th.

In this virtual setting, you’ll be able to browse a virtual exhibit hall to connect with top vendors, ask questions of the presenters in real-time, take notes on presentations that will be emailed to you, chat with your peers and receive recordings of the presentations after the event to view on-demand.

Day One of SECURE D.C.

The first day of virtual sessions will kick-off with the Global CISO at Carnival Corporation Devon Bryan, CISSP, who will discuss his approach to hiring the right talent within his organization. He knows that having the right people in the role is important in the evolving cybersecurity industry. He will share how his efforts collaborating with the HR department starts before the job is listed and recruitment efforts begin. This practice of skills-based hiring is in line with the White House’s plan, announced in 2024, to apply skills-based hiring practices toward federal IT management positions rather than focusing entirely on degree requirements.

The day continues as you’ll hear from a panel of experts on the topic of “AI Frameworks: Reducing Risk as Responsibility Rises.” The four-person panel will examine the benefits and challenges of organizations that adopt artificial intelligence security frameworks that promote responsible AI tool creation and usage.

This session will aim to answer questions including:

  • What are the key security and privacy practices that are currently addressed by these frameworks, and where are there still gaps?
  • How can we make these guidelines more enforceable?
  • Will there be a successful effort to consolidate multiple sets of guidelines into a universal framework?
  • And could these frameworks be incorporated into some kind of certification program?

We’ll continue the discussion on AI Risk and Governance Frameworks in an interactive session where you’ll be divided into small group discussions. Attendees will discuss what guidelines, policies and limitations are most important for companies to implement. Bring your real-world experience to this group discussion as you hear from your peers facing similar situations.

The first day continues with an additional AI session, “AI In Your Organization: How to Innovate Securely, Not Recklessly” where Andrew Smeaton, CISSP, CISO at Jamf and Greg Rogers, CISSP, State CISO of Maryland will offer practical recommendations on how to leverage the technology to your advantage while reining in irresponsible usage by employees who could disclose proprietary information.

“Most businesses are utilizing the latest AI tech to attain a business advantage. That comes with risks that need to be understood and addressed appropriately,” Smeaton told ISC2.

Day Two of SECURE D.C.

The second day of ISC2’s SECURE D.C. opens with keynote speaker Anne Marie Zettlemoyer, CISSP, Fellow, National Security Institute, George Mason University’s Antonin Scalia Law School, as she discusses the threat of sabotage and surveillance from certain nation-states and balancing security and business concerns when sourcing hardware and software components from outside of your own country. The U.S. is considering banning products from certain countries; you can join the discussion on whether that is practical or stifles innovation.

The next session of the day addresses the lessons learned from the July 2024 CrowdStrike outage. John Sapp, Jr., CISO, VP of Information Security at Texas Mutual Insurance Company, along with Ben Watson and Robert Woltz, both from Grant Thornton Australia, will discuss what companies can do to mitigate similar outages and disruptions in the future. In the peer group breakout discussion that follows, attendees will be able to discuss how the outage impacted them, their organizations and share what worked in the response and recovery process.

Attendees will also hear from Tammy Moskites, CEO and Founder of CyAlliance and Candy Alexander, CISSP, CISO of NeuEon, who will explore how businesses can better protect themselves against ransomware in a fireside chat session. They’ll address internal vulnerabilities and how to strengthen your resilience. Session attendees will then discuss best practices on how to convince management to sufficiently invest in ransomware awareness, defense and recovery.

Before the day concludes, Joshua Corman, founder of I Am the Cavalry, and Edward Adams, Head of Cybersecurity, North America at Bureau Veritas, will co-lead a closing session on the topic of software bills of materials, or SBOMs.

Learn more about the full agenda and registration information for SECURE Washington D.C.