Rubin, who will also be representing his Baltimore-based consulting firm, Independent Security Evaluators, said that he will explain to show attendees how many existing IT products can still be broken by sophisticated hackers.
"It will always be a fact of life that things can be broken and not always by the good guys who will publicize it, so it's important that people examine the way they handle incidents, and it's always good to encourage people to share their stories," Rubin said.
However, the researcher said he will also focus on the process improvements that many companies have been able to appreciate as their security efforts have matured.
"With the experience they've accrued, some companies, including vendors, are doing a better job of handling vulnerabilities and reporting," he said. "However, it's still useful to look at how things can still be circumvented and look at the measures that are being put in place to stop that sort of activity."
Also presenting will be Brian Contos, chief security officer at security management specialists ArcSight and the author of the well-known insider threat tome Enemy at the Water Cooler.
Contos agreed that the political battles that IT security pros needed to fight just to get attention and budget from business leaders have waned over the last several years and said that companies are getting far more aggressive in how they police their users and networks.
However, that shift has also created new challenges, he said.
"People want to monitor almost everything, but by adding more events, they are moving from megabytes of result information to terabytes and also trying to meld IT security efforts with physical security, which will be a long process," Contos said. "The main question we're hearing has become how companies can deal with this flood of data and turn it into something valuable, that's the challenge that many of these enterprise customers face going forward."