HexCon23 day 3 Highlights: Until we meet again!

Lizzie Warren

Sep 22, 2023

15 min read

As we bid a fond farewell to HexCon23, the excitement for what’s in store is nothing short of exhilarating. Our distinguished speakers delivered insights on fortifying the safety and security of individuals, devices, and networks in every organization. The three day event had everything from cybersecurity and data protection to the crucial realm of API security. Here’s a quick sneak peek into the thrilling highlights that unfolded on the last day of HexCon 23:

The future of IAM in the modern workplace

Andrew Wilder, Vice President and Chief Information Security Officer at Hillenbrand, covered 3 main sections in HexCon23:

  • The history of Identity and Access Management
  • The evolution of Privileged Access Management
  • The future of Identity and Access Management

He grabs the audience’s attention and explains the history of IAM (Identity and Access Management) using easy-to-understand terms. His terminology includes:

  • “Baby crawl” phase, referring to the early stages of Active Directory (AD) and Lightweight Directory Access Protocol (LDAP).
  • “Adult crawl” phase, characterizing the initial iterations of IAM and Role-Based Access Control (RBAC).
  • “Walking” phase, describing the era of IDaaS (Identity as a Service) and Multi-Factor Authentication (MFA).
  • “Running” phase, denoting the advanced stages of Zero Trust and APIs.

Andrew Wilder session
Andrew Wilder explaining about LDAP and its working

In the evolution of Privileged Access Management (PAM) section, Andrew explains about the Wild West, PAM vaults, Password rotation and Machine learning (ML) & Behavioral analytics (BA).

The most recent PAM solution now incorporates Machine Learning (ML) to assess whether an account is being used in an unusual or typical manner. Additionally, the Behavioral Analytics (BA) tool aids in identifying and addressing such irregular activities.

Andrew wishes for a future of Identity and Access Management where it’s a world without PASSWORDS1! Relying solely on passwords is an ineffective approach to safeguarding access to resources.

Truths – Myths – Maybes

Merlin Namuth, Chief Information Security Officer, offers a thorough exploration of commonly accepted notions in cybersecurity, providing a comprehensive understanding of these concepts. According to him, HR departments often craft job descriptions that set unrealistic expectations, such as demanding 10 years of experience in a field when the technology itself has existed for only 5 years. This mismatch between expectations and reality is a contributing factor to the shortage of cybersecurity professionals.

The organization’s security awareness training has the potential to mitigate risks effectively. Equipping the organization with the necessary tools and knowledge allows them to safeguard themselves and maintain compliance. According to Merlin, the primary focus of awareness should be on educating employees about

  • the dangers of phishing
  • the responsible use of removable media and
  • proper password practices

Merlin also underscores that security represents an additional cost for the organization. Security programs are centered around preserving the confidentiality, integrity, and availability of data. Furthermore, ensuring the security of your organization also enhances the stability of its systems and environment.

Unlocking 5G’s Potential: Safeguarding Against Cyber Threats

Sunil David (Digital Technology Consultant, Ex- Regional IOT – Director, AT&T India) starts his section with the key trends to watch out for in 2023.

hexcon23 day 3 highlights
Sunil David elaborating on the nine major cybersecurity trends to keep an eye on in 2023

He explains the key features of 5G networks, which include:

  • Ultra-low latency
  • Ultra reliability
  • Massive IoT connectivity
  • Ultra-high speeds

Notably, 5G networks are designed with security in mind, which makes them instrumental in propelling the adoption of IoT (Internet of Things). Enterprises can seamlessly connect all their devices to the internet using 5G, due to its exceptional data rates and capacity. Moreover, enterprises can harness the network’s reliability and resilience while prioritizing security.

The impact of 5G on various industries is extensive and includes:

  • Connected cars
  • Gaming
  • Enhanced data connectivity
  • Industrial automation
  • Healthcare
  • Smart cities
  • Agriculture

However, there are also several security concerns associated with 5G networks. The top four among them are:

  1. Expanded attack surface due to the significant increase in connectivity
  2. A greater number of devices accessing the network
  3. Extending security policies to cover new types of IoT devices
  4. Authenticating a larger number and wider variety of devices.

Sunil wraps up the section by emphasizing the significant role of AI in countering cybersecurity threats during the 5G era. In the present landscape, organizations must shift from merely detecting cyber threats to forecasting them, and AI can play a pivotal role in this transition.

By incorporating AI into their cybersecurity strategies, organizations can deliver the following benefits:

  • Accelerated threat detection
  • Enhanced network security
  • Improved phishing detection
  • Robust secure authentication
  • Effective behavioral analytics
  • Prevention of online fraud incidents

Curiosity killed the hack

T.J. Preyear, a Security Analyst at ISE, captivated the audience’s interest by commencing with his personal exploration of hacking tools. He also provided an explanation of how hackers utilize these tools, discussed the primary hacking tools commonly found in the modern digital landscape, and highlighted the benefits they bring.

As per his perspective, the key attributes essential to becoming an ethical hacker include:

  • Exceptional problem-solving abilities
  • Solid technical expertise
  • Curiosity

He also pointed out that hackers consistently strive to discover novel methods for exploiting vulnerabilities in digital systems, driven by their contrarian mindset, dedication to research and curiosity. He wraps up the section by detailing the specific tools that hackers incorporate into their toolkit, which encompass:

  1. Google
  2. Glue
  3. A doll
  4. Amazon Echo
  5. Flipper Zero

T.J. Preyear effectively engaged the audience’s interest by explaining how these tools are employed, providing insight through various scenarios and real-life anecdotes. This demonstrates the idea that numerous factors can potentially pose threats, emphasizing the need for consumers to maintain vigilance. While it is reasonable to place trust in our surroundings, verifying their authenticity is crucial to prevent falling victim to deception.

Cloud Security Resilience: Anticipate, Withstand, Recover, and Adapt

Art Ocain, Strategic Alliances and Incident Response Product Management at Airiam, initiated the section by outlining the key objectives of cyber resilience: Anticipate, Withstand, Recover, and Adapt. These phases are integral components of the Cyber Resiliency Engineering Framework (CREF), a toolkit designed by MITRE to engineer resilient systems.

hexcon23 day 3 highlights
Art Ocain providing insights into the concept of cyber resilience and its primary goals

He then delved into strategies for ensuring an organization’s continuous operation during an attack and, in the event of a disruption, how to swiftly recover and regain stability. The primary significance of cyber resilience encompasses:

  • Business continuity
  • Preserving reputation
  • Safeguarding sensitive data
  • National security
  • Adapting to evolving threats

BYOD and the Agile Workforce: Enhancing flexibility without compromising security

Ilias Mavropoulos began the session by addressing three key questions:

  • What is BYOD (Bring Your Own Device)?
  • Why is it important?
  • Why is BYOD security critical?

BYOD entails employees using their personal devices at work to access organizational networks and sensitive data, potentially improving employee retention, comfort, and task efficiency. However, unregulated BYOD can pose significant security risks.

hexcon23 day 3 highlights
Ilias Mavropoulos discussing the positive impacts of BYOD

To mitigate BYOD risks, organizations should:

  • Develop a robust BYOD policy with clear Acceptable Use Policies (AUPs) and approved device types.
  • Continuously educate employees.
  • Enforce secure connections.
  • Implement Mobile Device Management (MDM) solutions.
  • Conduct routine security audits.
  • Mandate Multi-Factor Authentication (MFA).
  • Establish remote wipe capabilities.
  • Restrict certain activities based on roles and device usage.
  • Provide IT support for BYOD-related issues.

API Security in 2023

APIs, or Application Programming Interfaces, are sets of rules and protocols that enable different software applications to communicate and interact with each other. Alex Olsen, Security Content Creator at TCM Security, delivered an engaging session on API security risks and strategies to prevent them.

In recent times, APIs have gained significant popularity due to factors such as the separation of frontend and backend, the proliferation of microservices, and opportunities for API monetization. However, alongside these advantages, numerous security risks have emerged, including issues like Broken Object Level Authorization and Server-Side Request Forgery.

hexcon23 day 3 highlights
Alex Olsen demonstrating security vulnerabilities of APIs

Alex Olsen also provided insights into how to mitigate these API vulnerabilities at each stage of the software development lifecycle.

  • Early in the SDLC:
    • Clear requirement/ user stories
    • Good documentation
    • Access controls matrix
    • Threat modelling
  • During development:
    • Unit testing
  • Pre-release:
    • Test access controls as part of QA

How to stand out in the crowded Cyber hiring market

For any organization, the hiring team is well aware of the woes of shortlisting candidates to fill a job position. The skill gap is a very real and very present issue. Now, imagine the effect of this skill gap in as competitive an industry as cybersecurity. So, how do you stand out in the heavily crowded cyber hiring market? Gerry Gadoury, Founder and MD of RedBeard Solutions, took to the HexCon23 platform to address this very issue.

The session started off by mentioning the two-pillar approach to team growth:

  • Retention
    • Culture
    • Compensation
    • Career growth
  • Recruiting
    • Plan
    • Proactive
    • Presence

Recruiters can differentiate themselves and excel in their roles by adopting effective strategies and demonstrating exceptional qualities. Here are ways recruiters can stand out:

  • Communication: Strong communication, transparency, and active listening are essential.
  • Industry knowledge: Stay updated on industry trends and market demands.
  • Networking: Build and maintain a professional network.
  • Tech proficiency: Embrace recruitment technology for efficiency.
  • Candidate-centric: Prioritize a positive candidate experience.
  • Client alignment: Understand and tailor recruitment to client needs.
  • Problem-solving: Find creative solutions to recruitment challenges.
  • Time management: Efficiently manage tasks and responsibilities.
  • Personal brand: Cultivate a reputation for excellence and integrity.
  • Adaptability: Stay flexible in the dynamic recruitment landscape.
  • Emotional intelligence: Empathize with candidate and client needs.
  • Continuous learning: Keep updated on best practices and trends.
  • Data-driven: Utilize data for informed decisions.
  • Transparency: Be clear about job expectations and culture.
  • Cultural fit: Assess alignment with company culture.
  • Feedback: Gather feedback for ongoing improvement.

Four Dimensions of Building a Security Program

Andy Ellis, Advisory CISO at Orca Security, provided insights into the two standard methods commonly used to measure the effectiveness of vulnerability management programs. In vulnerability management, organizations typically assess how well they meet their Service Level Agreements (SLAs) for patch management.

He also emphasized the importance of structuring security programs to align with potential adversary tactics. Defenses should be designed to counteract attackers effectively. Creating a security program without considering how adversaries might breach is similar to building a “Cyber Maginot Line.”

Andy detailed an approach to this challenge by emphasizing four dimensions Width-Height-Depth-Time:

  1. Width: Defenders must ensure comprehensive coverage of all assets, particularly those that may not be well-maintained.
  2. Height: Defenders should understand the extent and synergy of their defensive measures.
  3. Depth: Defenders require context regarding what is accessible to their front-end systems.
  4. Time: Defenders need to ensure the continuity and effectiveness of all defensive controls.

Cybersecurity: Hackers, Scams, Breaches, Cyberwar and Our future in a Digital World

Christian Hyatt and Cory Wolff from Risk3Sixty talked about hackers, scams, breaches, and, of course, our future in the digital world. The two speakers kicked off the session with an interesting hook:

More data has been created in the last two years than all of the human history

The session was the perfect blend of nostalgia (they mentioned the old Oregon trail game), stats, and interesting questions. The experts raised and answered four main questions throughout the session.

  • How big of a problem is ransomware?
  • Should I prioritize this risk for my company?
  • Who are the bad guys?
  • What can I do to stop them?

While a major part of the session was answering these questions, the last portion saw the speakers recommend some tips for better protection of data.

  • Enforce a strong password policy across the organization.
  • Use 30-character or more passwords for service accounts.
  • Strong EDR that protects lsass.exe memory.
  • Do not use passwords in Group Policy Preferences.
  • Remove affected/compromised Group Policy Preferences.
  • Access controls should be based on ‘need to know.’

Psst, here’s what lsass.exe is…

The “lsass.exe” (Local Security Authority Subsystem Service) is a legitimate Windows system process responsible for handling various security-related functions on a Windows computer. It is an essential component of the operating system.

Regarding memory usage, lsass.exe typically consumes a certain amount of system memory (RAM) as it performs its functions. The amount of memory it uses can vary depending on the system’s configuration, the number of user accounts, and the security policies in place. Typically, if you notice unusually high memory usage by lsass.exe, it could be an indication of a problem, such as a memory leak or a malware infection. In such cases, it’s essential to investigate further to ensure the security and stability of your system.

Enterprise Readiness – Role of Privacy in Climate Tech

Building and evolving a business is always a continuous challenge. But how can a business ensure its privacy while striving for growth? Sawan Joshi, founder of, explains this in his session at HexCon23.

He also directs the audience’s focus toward the challenges faced by Software as a Service (SAAS) providers within a high-risk supply chain. He states that:

Privacy leader is a business leader

hexcon23 day3
Sawan Joshi discussing the difficulties SAAS faces in a risky supply chain

Privacy serves as a catalyst for business success when:

  • Clear and concise communication is maintained.
  • Regular collaboration is fostered.
  • Alignment with common goals is consistently pursued.
  • The cultivation of accurate knowledge is an ongoing endeavor.

Behind the Login: The Crucial Role of IAM in Cybersecurity

Pratyusha Vemuri, Founder & CEO of, provided insights into the extensive topic of Identity & Access Management (IAM) and its pivotal role in cybersecurity. She initiated the session by clarifying common IAM-related terms such as identity, authentication, and authorization, highlighting the nuances of each.

Authentication, as Pratyusha explained, is the process of verifying the identity of a user, system, or entity, typically employing usernames, passwords, or other credentials. Authorization, on the other hand, involves determining the actions or resources that an authenticated user can access based on their permissions or privileges.

Pratyusha also addressed the evolving cyberthreat landscape that organizations face today and underscored the importance of adopting a multi-layered approach to safeguarding digital identities. She emphasized that while building a highly secure IT infrastructure is essential, it shouldn’t compromise the user experience.

Here are a few features of IAM that help enhance user experience:

  • Single Sign-On (SSO)
  • Self-service
  • Reduced login times
  • Consistent experience
  • Secure yet simple

Additionally, Pratyusha provided expert advice on the challenges that IT administrators should tackle to ensure a seamless IAM experience. Her recommendations included continuous monitoring for unsanctioned apps, session monitoring of high-risk accounts, and regular credential rotation.

The Cyber Road Trip…who’s coming?

Deepa Bradley, a global leader in cybersecurity strategy, reeled in the audience for a refreshing session on the current cyber standing. The session hooked us all in with a catchy question,

Why a career in cyber?

  • High Demand:

    There is a significant and growing demand for cybersecurity professionals. With the increasing reliance on technology and the internet, organizations across all industries need skilled cybersecurity experts to protect their data and systems from cyber threats.

  • Job Security:

    The cybersecurity field offers strong job security. Cyber threats are constantly evolving, and organizations must continually invest in cybersecurity measures, creating a stable job market for professionals in this field.

  • Diverse Career Paths:

    Cybersecurity is a broad field with diverse career paths. You can specialize in areas such as network security, ethical hacking, incident response, risk management, and more, allowing you to find a niche that aligns with your interests and skills.

  • Continuous Learning:

    Cybersecurity is a dynamic field that requires continuous learning and adaptation. This makes it intellectually stimulating and ensures that you are always on the cutting edge of technology and security trends.

  • Competitive Salaries:

    Cybersecurity professionals often earn competitive salaries. The demand for skilled experts means that organizations are willing to pay well for top talent.

  • Global Opportunities:

    Cybersecurity is a global concern, and professionals in this field can find job opportunities around the world. This opens the possibility of working in different countries and experiencing diverse cultures.

  • Constant Challenge:

    If you thrive in a challenging and ever-changing environment, cybersecurity is a field where you’ll always encounter new threats and puzzles to solve. It’s a career that keeps you on your toes.

To put it in a nutshell, a career in cybersecurity can be highly rewarding due to its high demand, job security, diverse career paths, continuous learning, competitive salaries, global opportunities, and the opportunity to make a significant impact in safeguarding the digital world. So, if you have an interest in technology, problem-solving, and ethics, cybersecurity may be an excellent career choice for you.

Until next time!

As the curtains fall on Day 3 of HexCon23, we can’t help but marvel at the insights and knowledge that have enriched this event. From cutting-edge cybersecurity trends to practical solutions, today has been a treasure trove of knowledge. To wrap up HexCon23, Apu Pavithran, the Co-founder and CEO of Hexnode, took the stage for the closing keynote. He extended his heartfelt gratitude to all those who joined us from around the globe, making this event truly remarkable.

As we bid adieu to HexCon23, we eagerly await the opportunities, connections, and breakthroughs that future HexCon events will bring. Until then, stay vigilant, stay curious, and stay secure!

Lizzie Warren

A lil clumsy and a whole lot smiley, I'll bump into you with a smile...

Share your thoughts