Frontline threat intelligence, expertise and AI-powered
cloud innovation

mWISE™ Conference 2023
September 18-20 in Washington, DC or online

mwise Logo

Meet us at mWISE

Google Cloud is proud to be a Platinum Sponsor of mWISE Conference 2023, taking place in Washington, DC and online, Sept. 18-20.

mWISE is the destination of choice for top security leaders and practitioners addressing today’s threat landscape. Get exclusive insight, quiz thought leaders, and share knowledge in more than 80 timely sessions.

New Launch:

A blueprint for modern, proactive security operations

Security teams find value in a fresh approach to today’s increasingly sophisticated cyber attacks. See how Google Cloud is reimagining modern, proactive security operations and delivers an advantage by combining reactive and proactive techniques, applying threat intelligence, and leveraging AI as a force multiplier.


Nimmy Reichenberg, Head of Security Operations Product Marketing, Google Cloud

Tuesday, September 19, 2023 | 11:30am-11:50am
Expo Hall Theater or live online

Free Expo Pass

Get a free Expo+ Pass, on us

The Expo+ Pass gives you access to the Expo, where you can watch the keynote session live stream, meet and connect with sponsors, and enjoy a Monday evening Welcome Reception.

Use code GCS100EXPO for a free Expo+ badge, or MandiantFULL625 for 10% off a Full Conference badge.

Explore our solutions

Google Cloud’s security teams help transform your cyber defenses with leading products and services to protect your organization from the adversaries targeting you every minute of the day.

Threat Ready with Mandiant

Threat Ready with Mandiant

Security posture knowledge before, during, and after an incident

Threat Detection Image

Threat Detection, Investigation, and Response

Continuous awareness, proactive defense, and risk-based outcomes

Anti-Fraud Solutions

Anti-Fraud Solutions

Frictionless fraud and abuse detection at scale

See our solutions in action

Talk to an expert virtually. Schedule an in-person demo at mWISE Conference in advance, or stop by our booth and an expert will give you a tour.

Our speakers at mWISE

Hear perspectives and insights from our experts. See Session Catalog


Kevin Mandia

Monday, September 18

2023 Trends
Kevin Mandia: CEO, Mandiant, Google Cloud


Monday, September 18

Threat Intelligence Panel
Sandra Joyce: VP, Mandiant Intelligence, Google Cloud

Charles Carmakal

Tuesday, September 19

Breach Panel
Charles Carmakal: CTO, Mandiant Consulting, Google Cloud

John Hultquist

Monday, September 18

Threat Intelligence Panel
John Hultquist: Chief Analyst, Mandiant Intelligence, Google Cloud

Phil Venables

Tuesday, September 19

AI Panel
Phil Venables: VP, CISO, Google Cloud


Monday, September 18

Threat Intelligence Panel
Maddie Stone: Security Engineer, Threat Analysis Group, Google

Breakout sessions

  • Cloud Security
  • Intelligence
  • Security Engineering
  • Security Operations
  • Third Party & Cyber Risk
  • Threats & Exploits

Cloud Security

From the Soil Come the Spoils - (re)building security at UKG

The presenters will explore the path to recovery from UKG's weeks long system outage it took following the 2021 ransomware attack. We'll explore the long-tail impacts, what was learned and what UKG is now doing, rebuilding in the cloud.


Taylor Lehmann, Google Cloud

Mustapha Keppah, Google Cloud

Leadership in the Defending the Planets Healthcare System

Learn from two former global CISOs what it takes to protect and defend our healthcare systems from threats to patient safety, care delivery, new treatment development, and the global healthcare supply chain.


Taylor Lehmann, Google Cloud

Brian Cincera - Pfizer

Bridging the Gap between On-Prem and Cloud Security

This session covers the five most common tactics, techniques, and procedures (TTPs) that attackers are using to abuse hybrid and cloud environments. It will also provide front-lines experience and actionable recommendations on securing cloud-based systems, workloads, and environments.


Will Silverstone, Mandiant, Google Cloud

Omar ElAhdan, Mandiant, Google Cloud

Securing the Multi-Cloud IoT: Strategies for Effective Incident Response


Natalia Semenova - Google Canada

Related Resources


High Volume and Low Sophistication: DPRK's Social Engineering Techniques

North Korea’s cyber crime continues to accelerate its development of nuclear weapons, but threat groups - particularly APT43 - are constantly finding new ways to reduce North Korea’s fiscal strain and increase the DPRK’s intel gathering operations.


Michael Barnhart, Mandiant

Jenny Town, Stimson Center

The Missing Ingredient: Narrative and Storytelling in Cyber Threat Intelligence

This panel will explain why storytelling matters in CTI and offer actionable advice to help those in the industry to leverage the power of narrative. We will hear from experts in the field on how they use storytelling to communicate CTI across multiple contexts.


Jamie Collier, Mandiant, Google Cloud

Winonna DeSombre, Atlantic Council / Harvard Belfer Center

Andy Greenberg, Wired

Michael Raggi, Proofpoint

Andrew Kopcienski, Mandiant, Google Cloud

Addressing Cognitive Bias in AI Systems for Enhanced Cyber Threat Analysis

This session explores cognitive biases in AI cyber threat analysis, their origins, and their effects on threat detection. It presents a framework to mitigate these biases, combining machine learning techniques, diverse data collection, and enhancing algorithmic transparency.


Thom Kenney, Google

How AI is Changing the Malware Landscape


Vicente Diaz - Virus Total, Google Cloud

Related Resources

Security Engineering

Stronger Than All: Enforcing Modern Authenticators

The goal of the session is to provide a journey and roadmap as to how the concept of “Authentication” has evolved over the years – with alignment to the core components of building a modern and resilient authentication strategy.


Matthew McWhirt, Mandiant

Security Operations

SOC Meets Cloud: What Breaks, What Changes, What to Do?

Cloud changes everything (does it though?), including how we do threat detection and incident response in the SOC. As we continue to transform our organizations, how do we make sure our D&R is done "the cloud way"? How should a SOC born before cloud deal with cloud?


Anton Chuvakin, Google

Artificial Intelligence and the Security Practitioner: The Good, The Bad, and The AI

For years we have been told that Artificial Intelligence will greatly benefit Security Operations. It appears that recent developments in AI will finally drive this reality. Are security practitioners ready to embrace AI? What should the practitioner know before starting the inevitable journey?


Mike Epplin, Google

The Deep Blue End: Innovating cyber defense from the trenches

Innovation in cyber security defense learned from in the trench work. How hard lessons have driven unexpected innovations in teams defending the largest healthcare networks in the world.


Taylor Lehmann, Google

TJ Bean, HCA Healthcare

Lisa Ackerman, GSK

Mike Leven, 3M

Related Resources

Third Party and Cyber Risk Management

Intelligence-led Cyber Resiliency Strategy – A Business Approach

To withstand the risks of cyber attacks, organizations have to design a pragmatic and holistic cyber resilience strategy. This presentation discusses how to design a cyber strategy to insure organizations take an intelligence led approach to ensuring organizations are focusing on what matters.


Sylvain Hirsch, Mandiant

Ryan Malfara, Mandiant

How to Win Friends, Influence People, and Actually Inform your Business about Cybersecurity Risks

Cyber security is important to security professionals but too often there is a gap between security professionals and “the business.” This talk will give tips on how to discuss security risks with executives and enable the business to make informed decisions on security risks.


Lyle Sudin, Mandiant

Tim Ramsay, Mandiant

Next-Generation Insider Risk Management - From AI to Zero-trust

This session aims to navigate the evolution from traditional cybersecurity practices towards a proactive approach, focusing on Insider Risk Management (IRM) and Artificial Intelligence (AI) and the Zero-Trust framework.


Shawn Thompson, Mandiant

Related Resources

Security Threats and Exploits

Out with the New, in With the Old: State-sponsored SOGU intrusions via USB

UNC53 is a China based actor tracked since 2014. The presentation details a recent campaign observed in frontline data, where UNC53 utilized infected USBs to deliver SOGU malware to infect victims in unexpected locations. We’ll dive into the TTPs, malware, and techniques to detect this activity.


Raymond Leong, Google

Brendan McKeague, Google

A Dive into UNC3886 Chinese Espionage Operations

Mandiant has been tracking a Chinese Espionage group dubbed UNC3886 across multiple cases since early 2022. This session covers the full lifecycle observed in across multiple cases while highlighting EDR evasion and multiple 0-day vulnerabilities across products to conduct operations.


Alexander Marvi, Mandiant

Brad Slaybaugh, Mandiant

Bank Heist: UNC2891 Case Study

A bank was suffering from repeated incidents where criminals were somehow successfully withdrawing cash from ATMs using fake bank cards. This presentation covers how they achieved this operation through a cyber attack, and how Mandiant investigated the incident.


Takahiro Sugiyama, Google

Related Resources

Our sponsored events

Elevate Image

Elevate Keynote and Lunch

Host: Executive Sponsor Erin Joe
Keynote Speaker: Caroline Wong
Tuesday, September 19 | 12:15 – 1:00 PM ET
Marriott Marquis Washington, DC | Shaw, Floor M3

Google Cloud’s Mandiant team is proud to host a lunch for Elevate, an initiative designed to inspire diversity in cybersecurity. This event features keynote speaker Caroline Wong, Chief Strategy Officer at Cobalt. Caroline will talk about her 20+ years in security, and share insights about how we can care for ourselves, be better at our jobs, and live happier, healthier lives.

Partner Image

Partnership Reception

Host: Mandiant and Google Strategic Technology Partnership Team + Partners
Sunday, September 17 | 6:30 - 8:30 PM ET
Vue Rooftop, Washington Hotel

From where we stand, the view of our impact to cybersecurity looks stunning, especially thanks to our technology partners. Join us in celebration of our accomplishments so far this year, and toast to our future. We look forward to renewing acquaintances and meeting new friends at one of the evening events at mWISE Conference.

Perched above the Hotel Washington, experience VUE Rooftop, an artfully designed destination that brings the outside world in. Offering unparalleled views of the White House and Washington Monument, VUE pairs the effervescent energy of D.C.'s skyline with seasonal cocktails, elegant plates, and a stylish ambiance like no other.

News and resources

Sandra Joyce

What you need to know about the ‘zero-day summer’ threat landscape

Sandra Joyce, VP of Mandiant Intelligence at Google Cloud, explains how recent major incidents are rooted in larger trends.

Read the article from Cloud CISO Perspectives newsletter.

Even if we aren’t in the midst of a record-breaking “zero-day summer,” the factors behind these recent high-impact cybersecurity events are taking their toll on defenders.

Sandra Joyce, VP, Mandiant Intelligence, Google Cloud

Zero-day vulnerability in MOVEit Transfer exploited for data theft

Mandiant observed wide exploitation of a zero-day vulnerability in the MOVEit Transfer secure managed file transfer software for subsequent data theft. Read updates on threat actor exploitation, containment strategies and rapid response best practices.

Identify your exposure risks

Take a proactive, risk-based approach to cybersecurity. Contact us for expert guidance on enhancing your cyber defense strategies.

Cyber Snapshot Issue 4

5 critical topics in cyber defense today

Gain insight on cyber defense topics of growing importance based on Mandiant frontline observations and real-world experiences. This new report includes these topics and more:

  • Building security into AI systems
  • Best practices for effective crisis communications during an incident,
  • How to mitigate risks to IoT and edge network infrastructure

Hear from our customers

Penn State

Penn State Health invests in critical cyber security improvements

Learn how Penn State Health boosts security defenses by augmenting its centralized security operations, understanding relevant threats, and identifying gaps in security to bolster its ability to protect critical systems and patient and employee data.

We know what could happen if our networks were compromised. We know how severely it could impact operations and our ability to treat and protect our patients. That’s what keeps us up at night.

—Cyber Operations Leader, Penn State Health

Google Cloud and Chronicle allow Vertiv to conduct thorough security investigations

Vertiv, a provider of equipment and services for data centers, upgraded to the cloud-native Chronicle Security Operations suite and scaled up logging by 220%, close to three-times as many cases, and reduced investigation time by 50%, while maintaining the same level of internal resources. Watch Mike Orosz, Vertiv's CISO, tell their SIEM success story.

GoFundMe: Securing donations from fraud with reCAPTCHA Enterprise

Financial fraud, fake accounts, and fake campaigns represent some of the most pressing challenges for GoFundMe.

reCAPTCHA Enterprise Fraud Prevention helps GoFundMe mitigate those challenges, improve donor trust, and drive enhanced security. Watch video

Let’s work together

Contact us for expert guidance on enhancing your cyber defense.

As industry leaders, Google Cloud's security teams are focused on improving cybersecurity, not just for our customers, but for all.

Jump To