We invite proposals from practitioners who want to have real conversations about security: security analysts, engineers, and administrators, developers, testers, results-focused QA researchers of all kinds, chief security officers, leaders in risk and audit, and security data scientists. If you’re on the front lines of defense with stories of great success and worthy failure, especially if they provide clear ideas for what to do next, let us hear from you. And while people need a sense of what’s possible, bring concrete technical solutions above all else.

Security is not done for its own sake—it’s a business necessity. How can we break down the insularity of security teams and communicate effectively with other departments and decision-markers?

The wisdom or folly of creating a separate risk-management cycle
The true cost of security problems in both time and resources
Secure vs. cheaper vs. faster – what are the tradeoffs, and how do you work with the business side of your organization to discuss these?
Balancing security and privacy
What language can defenders use to reach leaders and decision-makers in their organization?
External factors vs. internal controls: Competitive influences, innovation, regulation, international considerations