The Official Cybersecurity Summit Detroit 2023 - Sponsored by Fortinet and CISCO Secure

I was very honored to be able to represent Turnkey Linux as head of cybersecurity at this year's Official Cybersecurity Summit at the GMRenCen in Detroit. The city is and will always be beautiful to me, I love being by the water. I'd also like to thank Red Canary for providing me with the ticket voucher as I enjoyed my time and learned a lot about new and emerging trends in information security.

I was amazed at the venue and the overall turnout. The event was structured in a way so that there was a place for vendors to have their booths and demo instances running. There was also a separate conference room where the day's speakers were set up with their presentations.

Art Thompson, CIO at the City of Detroit kicked everything off with some opening remarks. I liked that he loosened things up at the beginning of the day by giving us some insight of the issues his team's had to deal with being understaffed and overwhelmed with information security threats to the City of Detroit. Closing out by giving us some backstory on the Grow Detroit Internship program, I really enjoyed his introduction and the room seemed to feel likewise.

My overall favorite presentation of the day was from Fortinet. They went into a deep dive of how to use deception and honey pots for OT and IT environments. It stood out to me that they were integrating their product with AI and machine learning. Their Fortinet Cybersecurity Mesh Architecture (CSMA) has the ability to utilize an AI Analyst to handle first level incidents and investigations. This would help information security teams to automate responses to honey pots, mitigating ransomware and lateral movement attacks, and threat hunting. Overall, this presentation was very forward thinking, and I loved that this company was "fighting fire with fire" to keep up with new emerging AI threats by utilizing AI-driven security operations.

The main highlights of the event seemed to shine with each speaker's presentation and was definitely shown with the vendors as well. The first key takeaway from the event is for organizations to be proactive about AI and implementing it into IT and IS operations. By starting to draft up company policies and procedures of how this technology should be used, companies can then begin to look into use cases for integrating AI into operations to help automate processes and workflows. The next main theme that was reflected throughout the speakers and vendor presentations in this summit is ensuring companies are focused on their employees and environment being cyber secure. With new machine learning technology like ChatGPT coming up with more personalized phishing schemes, the responsibility falls more on end users to be cyber aware and secure. This approach paired with a zero-trust environment proved to be the best practices for mitigating ransomware attacks on an organization. Lastly, organizations should be ensuring that their tools and solutions are effective at responding to cyber-attacks by conducting red team tests and exercises and then updating their IRP and DRP accordingly. By practicing infiltrating the network, the organization can have a better idea of what to do if and when the organization is hit with a ransomware attack.

As well as getting to hear some amazing talks, I was able to connect with and learn from other senior executives about how they've been protecting their companies’ critical infrastructures with innovative solutions. I am happy to report that everything was smooth and professional from start to finish.

The best part about being able to attend this conference was being able to security to see some of the transformational themes our industry is facing. There was a good combination of technical talks with actionable tips real-life experiences, and lessons learned. Overall, I believe summits are a great way to meet and talk to the other individuals who each in their own way help shine a light for the rest of the community and are extremely valuable.