Live! 360 Call for Papers

The Call for Presentations for Cybersecurity & Ransomware Live! VirtCon 2025 is now OPEN.
Proposals are due: Friday, October 25th, 2024 11:59 PM PST
Submit your proposal here:  https://sessionize.com/cybersecurity

Cybersecurity & Ransomware Live! VirtCon
May 13-15, 2025
Virtual Conference

Cybersecurity & Ransomware Live! VirtCon will bring together some of the best content and speakers on Cybersecurity worldwide to help guide attendees in Architecture/Design, Deployment, Operationalization, and Certification. This conference provides attendees with the knowledge they need to succeed with: cloud-native security, how to defend against modern threats, how to communicate imminent security threats with executive teams, how to design and deploy applications in hardened environments, Ransomware, Backup and Recovery Strategies, and so much more.

Cybersecurity & Ransomware Live! Virtual will offer a combination of in-depth and interactive sessions including workshops, hands-on labs, 75-minute breakouts, and 20-minute fast focuses. We invite you to submit sessions in any and all of these categories, and you may also submit across multiple topic areas.

To help you in creating successful submissions, we want to share some of the considerations that go into our process of selecting our speakers and sessions for this event. First, each speaker will typically be selected to deliver two presentations. That means that it is in your best interest to submit at least three breakout sessions in addition to any Fast Focus topics you may be submitting. This ensures that the conference chairs have more than two options per speaker, particularly if the topic you are submitting is popular and is being submitted by a number of people for the same conference. Next, please make sure that your title is clear and appropriate to the track you are submitting it to, and that your description includes enough detail to understand what audience members will walk away from your sessions having learned. Again, many speakers often provide submissions on the same topics, meaning it comes down to a meaningful title and a quality abstract.

Wanting to dig in even deeper and offer hands on experience and learning? We are also looking for speakers willing to deliver two-day workshops and two-day hands-on labs that will be offered as part of the 2025 Virtual Seminar Training Course series.

Session, workshop, and hands-on lab proposals are welcome in the following topic areas:

Ransomware Industry
Ransomware is a complicated industry with attackers ranging from individuals to highly organized syndicates. Some operators have Service Desks with better SLA than us. We might face standard opportunistic criminals or nation level threats. The industry runs with affiliate programs and credential harvesting auctions. This track is dedicated to the higher-level descriptive sessions on how the industry works.

  • How Ransomware works
  • How Ransomware groups operate
  • Cyber-insurance
  • How Ransomware gets into a network
  • Teaching End-Users how to identify threats (like Phishing)
  • Other (If you have other topics to suggest not in the list above, we welcome your ideas)

Threat Intelligence
One of the most important aspects of securing your environment is to understand who you are against. Threat Intel tries to identify, analyze, understand and predict what we are facing.

  • Keeping up-to-date in securing environments
  • Identifying Vulnerabilities to Patch
  • Identifying Threats (Internal / External)
  • Ransomware Groups
  • Other (If you have other topics to suggest not in the list above, we welcome your ideas)

Human Intelligence
It's unfair to say that the biggest threat in security is the person between the chair and the keyboard, but we do need to understand the human factor.

  • Recruiting in Cybersecurity
  • Human mind
  • Human factor in Security
  • Soft skills in cybersecurity
  • Other (If you have other topics to suggest not in the list above, we welcome your ideas)

Security Operations Center
Cyberattacks don't happen during office hours but mostly during nighttime. 24/7 surveillance is mandatory for companies. A Security Operations Center tries to detect and isolate threats before they escalate to incidents. There are different kinds of, different levels, different sized, and different priced SOCs.

  • What is a Security Operations Center, and how do we get one?
  • Establish or Outsource a SOC?
  • What makes an effective SOC
  • SIEM solutions
  • Building a SOC
  • Running a SOC
  • Other (If you have other topics to suggest not in the list above, we welcome your ideas)

Incident Response
When an incident happens it's the IR-teams job to jump in, identify the threat and restoring operations. IR-teams gather evidence, expel the enemy, fixes vulnerabilities, and restores company operations.

  • Incident Response in general
  • Preparing for Incident Response and Recovery
  • Building a Cyber Security War Room with Microsoft Teams
  • Recovering from Cyberattacks
  • Disaster Recovery
  • Building a secure fabric
  • Backup and Restore
  • Microsoft 365 recovery
  • Other (If you have other topics to suggest not in the list above, we welcome your ideas)

Blue Team
Blue Team is the proactive defensive side of security operations. They aim to prevent breaches or at least slow down the enemy. Red Teaming is very popular, especially for young people, as it gives you the permission to attack someone. People should remember that for every one Red Team job offering, there are six offerings in the Blue Team side. Red Teams find vulnerabilities – Blue Team blocks/fixes them.

  • Encryption
  • Patching
  • Effective Hardware and Software Inventory
  • Protecting On-Prem Infrastructure
  • Protecting Azure Infrastructure
  • Microsoft Defender for ***
  • Microsoft Entra
  • Securing Microsoft Teams
  • So, you don't know where to start – A beginners guide to hardening hybrid Windows infrastructure
  • Protecting Microsoft 365 Infrastructure
  • Multi-Factor Authentication deployment made easy
  • Microsoft Baselines and CIS
  • Properly configuring Microsoft Attack Surface Reduction Rules
  • Securing Linux Systems
  • Zero Trust
  • Anti-Malware
  • EDR and XDR
  • How to build secure code
  • How to prevent supply chain attacks
  • Secure CI/CD pipeline
  • Firewalls
  • Effective Patching
  • Password Managers
  • Privileged Access Management
  • Privileged Identity Management
  • Privileged Access Workstations
  • Principle of Least Privilege
  • Allow-Listing (Binary Control)
  • VPN or not to VPN
  • What makes a great Blue Teamer
  • Tabletop exercises
  • IAM – Identity and Access Management
  • Protecting your home network
  • Other (If you have other topics to suggest not in the list above, we welcome your ideas)

Red Team
Red Team is the offensive side of security operations. Red Team uses tools and techniques that aim to find vulnerabilities and bypass the defenses companies have in place.

  • Penetration Testing
  • Hacking Windows Servers - can it be that easy?
  • Hacking Linux
  • Hacking Mac OSX
  • Hacking Mobile OS's
  • Hacking Tools
  • Hacking Techniques
  • What makes a great Red Teamer
  • Hacking Physical Hardware
  • Physical Security – Getting through the door
  • Hacking a bank
  • Hacking Networks
  • Reconnaissance
  • How to find vulnerabilities in code
  • Other (If you have other topics to suggest not in the list above, we welcome your ideas)

Purple Team
Purple Teams that perform both Blue and Red Team duties. They might be an external provider that analyses and audits the whole environment, both identifying vulnerabilities and fixing or mitigating them.

  • Are you Blue, Red or Purple?
  • What makes a great Purple Teamer
  • Security Audits
  • Threat Impact Analysis
  • Other (If you have other topics to suggest not in the list above, we welcome your ideas)

OT & IoT Security
Operational networks, like in factories, are usually operated very different from Office networks. They might not have Internet access so Cloud Services are not usable. Defenses have to designed accordingly. Internet of Things, smart devices connected to and managed by Cloud Services, are an increasing attack vector to networks. Almost every home appliance now has a version with Wifi. Identifying, inventorying and protecting these new smart devices is vital.

  • The S in IoT, stands for Security
  • Protecting Smart Homes
  • Protecting Air gapped Networks
  • Microsoft Defender for IoT
  • Network Detection and Response (NDR)
  • Travelling over the airgap
  • Other (If you have other topics to suggest not in the list above, we welcome your ideas)

Security in Education Institutions
Not only are education institutions prime targets for cyberattacks, but they also face a unique combination of security challenges: lack of resources (budgetary and personnel), strict privacy regulations, sensitive research data, a culture of open access to information, impermanent user roles, and a complex decision-making structure, to name just a few. This track will provide practical instruction on a wide range of security topics specifically for K-20 education IT professionals.

  • Ransomware
  • Threat Intelligence
  • Human Intelligence
  • Security Operations
  • Incident Response
  • Red/Blue Teaming
  • IoT Security
  • Artificial Intelligence