April TASK: Safeguarding Sensitive Data in the era of LLMs + The Vendor Dance
Live and in-person at TMU!
Date: Wednesday, April 24
Time: 6:00 PM
Location: Room 208, Daphne Cockwell Complex, 288 Church St
Registration: Not required
Topic: Safeguarding sensitive data in the era of LLMs
Speaker: Kellman Meghu
Personally and professionally we are challenged to protect sensitive data from an onslaught of Large Language Models on our phones, hidden in websites and apps, and soon as a part of the Operating System. To what extent can we afford to let LLM’s ingest and learn from our most sensitive data? There are customer loyalty, legal, financial and even political ramifications of information leaking out. At the same time, we can’t put a stranglehold on new innovations that make us and our organizations more effective. I don’t pretend to have all the answers and I don’t think the industry does yet either. This talk is less about using LLMs for better security and more about solving the security issues LLMs create. Expect some philosophy, planning and vision, with pointers to a range of technology solutions.
After working with LLM focused teams to build private models; tested private and public training, my organization is cautiously moving forward, not because we feel we have good answers, but because we have no choice in the matter. So here are the challenges I have had (so far) and will discuss openly where I think this is all going.
How do I make the thing, that by design is supposed to answer all questions, keep a secret? Will there be secrets?
Across data, application, identity and so on, what are some considerations at different points of exploitation and remediation regarding the use of LLMs?
New startups are applying LLMs to solve problems with LLMs, what could possibly go wrong? Let’s discuss…
Kellman Meghu has 25+ years experience planning, architecting and deploying application protection and cyber security solutions for the fortune 100 across North America. Oh wait, here’s the real bio: Raised my children with a firewall; shamed a large airline into using SSL for check-in; front line for the security as some of the biggest corporations went online for the first time; 20 years of helping every sector define, deploy, and defend their infrastructure; Thinks learning a new programming language is a great way to relax on holiday; Dreams in key/value pairs; Obsessed with putting everything in containers; Loving every minute of it.
Past keynotes have included SecureWorld, BSides, RSA, DattoCon, SecTor, Atlantic Security Conference, GrrCon, Black Hat and Hackfest.
Topic: Vendor Engagement: A Collaborative Dance
Speaker: Evgeniy Kharam
In the world of cybersecurity, the relationship between buyers and sellers is like a dance. My session, "Vendor Engagement: A Collaborative Dance," delves into this dynamic. I address common challenges like communication gaps and differing priorities. From the buyer's view, I discuss identifying needs, vendor selection, and contract negotiation, highlighting key tactics and strategies. On the seller's side, I uncover motivations, sales strategies, and managing expectations. The goal is seamless collaboration. In conclusion, I offer tips for enhancing engagements. Post-session, a networking opportunity allows attendees to share experiences. My aim is to foster productive relationships between cyber security professionals and vendors.
Evgeniy Kharam (EK Cyber and Media Consulting, Security Architect) boasts 15 years in cybersecurity, dedicating over 40,000 hours to pre and post-sales technical support for enterprises ranging from 500 to 100,000 employees. Specializing in cybersecurity technology, architecture, and vendor relationships, he underscores the importance of integrated security infrastructure and information sharing. He's well-acquainted with Endpoint Security, Network Security, SIEM/SOC/SOAR, and Cloud Security. Evgeniy is a prolific content creator, with 200+ podcasts, webinars, and trainings under his belt. As the former VP of Security Architecture at Herjavec Group, he worked intimately with vendors and clients. Currently, he advises vendors on optimizing sales strategies in cybersecurity. Central to Evgeniy's ethos is building and nurturing relationships in all professional interactions.
We look forward to see you all there!
The TASK Steering Committee