June 26th @5:30 PM – Greg Crabb on What If They’re Already In? Operationalizing Assumed Breach

Register: This is a Hybrid meeting. A dinner meal will be served (Meal menu TBD). REGISTER HERE for IN PERSON & ONLINE Zoom. Location: Magnet Forensics: 8401 Greensboro Dr #100, McLean, VA 22102. Metro Station Accessible via Spring Hill Metro and free parking is available in the parking garage. Registration closes on Wednesday 06/25/2025.

Abstract: This presentation explores the practical implications of the “assumed breach” principle and reframes the cybersecurity mission around real-time resilience. Drawing on actual attacks and tactical insights, we’ll focus on proactive measures left of boom that materially enhance your organization’s survivability and continuity.
Key topics include:

• Application Visibility: How to baseline and continuously map your application ecosystem to expose soft targets.
• Attack Simulation: Leverage adversary emulation to test resilience and inform controls engineering.
• Risk-Based Restoration: Prioritize recovery based on criticality, data sensitivity, and business impact.
• Business Continuity Environments: Designing safe fallback zones for operational continuity under active attack conditions.
• Predetermined Response Workflows: Automating decision-making under duress by linking controls to policy-driven response actions.

This session is designed for seasoned professionals and will go beyond the basics—expect war stories, lessons learned, and actionable ideas.

About the Speaker: Gregory Crabb is known for his deep expertise and strategic approach in fortifying institutions against advanced cyber threats. With over 30 years of experience, Crabb has a distinguished career that spans a wide range of pivotal roles, transforming the cybersecurity landscape of the US Postal Service as its CISO and spearheading global cybercrime operations as a US law enforcement officer.

He currently serves as Field CISO at Mimic, a cybersecurity company redefining ransomware resilience through real-time deception, deflection, and recovery technologies. In this role, Crabb bridges deep technical insight with executive engagement, supporting go-to-market strategies and helping CISOs understand how to operationalize resilience.

Crabb holds the role of CISO in Residence at Ballistic Ventures, a cybersecurity-focused venture capital firm. He advises portfolio companies on product development, go-to-market strategy, and engagement. His work accelerates the maturation of startups by shaping offerings that meet real-world operational needs and align with the risk management expectations of enterprise and government buyers.

A seasoned cybersecurity consultant and founder of 10-8, LLC, Crabb also offers advisory services across sectors. His expertise spans information assurance, cyber investigations, and advanced threat intelligence—particularly in combating Russian nation-state cyber aggression. His storied work with Russian, Belarusian, and Ukrainian law enforcement provides an entertaining, practical perspective on today’s threats. Crabb holds patents in identity verification and has published research with Carnegie Mellon University.
His recent collaborations showcase his ability to handle sensitive security matters with the utmost discretion and effectiveness. These engagements include:

• Revamping the cybersecurity strategy for a SaaS company post-security breaches, including NIST and secure software development assessments.
• Leading the cybersecurity practice for a private organization, aiding in CISO recruitment and conducting NIST Privacy Framework-aligned workshops.
• Serving as an interim CISO for a FinTech firm, tackling nation-state threats, internal security challenges, and guiding the cybersecurity roadmap
• Crabb’s ability to articulate complex security concepts to C-level executives and boards—combined with his grounded, action-oriented solutions—make him an invaluable partner in navigating the evolving cybersecurity landscape.