28 - 30 Jun • America • Online
Building a Positive Security Culture Across the Business
Security Digital Summit
With an increase in online activity due to the pandemic, CISOs are facing a barrage of new challenges.
Join 70+ senior Security leaders on business-critical challenges and disruptive technology and drive your industry forward collaboratively.
70
Attendees100%
Senior Executives9 Hrs
Industry InsightsSpeakers Include
Dr. Nida Davis
Director of Security Architecture
Dov Goldman
Director of Risk and Compliance
Les Correia
Executive Director, Enterprise Cybersecurity & Risk
Christy Emma Peel
Director, Security & Compliance
Jeffrey Moore
Chief Product Security Officer
Josh Copeland
Security Operations Center (SOC) Director
Why Attend
Connect with 70+ senior Security leaders for a curated agenda focused on tackling your current business critical challenges and driving industry forward. Our summits are designed to help you:
Build new connections with likeminded senior leaders
Stay current with emerging business trends
Understand the impact new technology can make
De-risk new projects by gaining a broad range of insights
Accelerate key projects through meaningful new partnerships
Downloadable and actionable takeaways
Event Agenda
09:00 - 09:15
Opening Remarks
Intro & Diamond Commentary
09:15 - 09:45
Keynote
How Cloud Integration Increases Supply Chain Resilience
Many companies today are accelerating their digital transformation initiatives so they can be better prepared for the next disruption. The Covid-19 pandemic has been labeled as a “black swan” event where organizations are being forced to restructure supply chains and accelerate investments in new cloud-based enterprise solutions. Moving from an on-premises, legacy integration environment to a modern cloud first environment can appear quite daunting. You may be struggling to find new resources to adopt cloud-based technologies or find you must prioritize other IT projects such as deploying a new ERP environment. So, how do you get started?
09:45 - 10:25
Panel Discussion
Best Practices for Effectively Addressing Third-Party Security Risk
InfoSec, IT risk and digital supply chain management professionals know the key to minimizing the risk of third-party breaches is to implement a comprehensive and efficient third-party security risk management (TPRSM) process. This panel will discuss the increasing challenges surrounding third-party security as well as ways to efficiently and effectively manage the TPSRM process.
10:25 - 10:35
Insight Break
10:35 - 11:25
Roundtables
Track 1: Compliance Frameworks - How SOCs and Risk Teams are using the framework to communicate externally - to the C-Suite, Board and Insurance organizations.
While many mature SOC’s have been adopting the MITRE ATT&CK framework since its launch in 2015 to provide a global knowledge base of threat activity, techniques and models, it’s the outside of the SOC frameworks that business leaders, compliance and risk teams, risk insurers and industry are placing their emphasis on.The session will discuss the link between compliance and the SOC and whether or not your organization is using these frameworks to protect your organizations against modern threats while providing evidence outside of the SOC to demonstrate adherence to the framework’s controls.•What are the clear links between compliance and your organizations SOC?•How is your business using these frameworks to protect the organization?•Is it important to provide evidence outside of your SOC?
Track 2: Cyber & The Board: You had their Curiosity, Now you have their Attention
Boards have always found it simple to appreciate and justify the use of locks, keys, and cameras to protect essential infrastructure. However, as security risks have migrated deeper into cyberspace and become more complicated, it has become more difficult for boards to determine how effective information security officers are.All of this is changing. Following the pandemic, boards are mandating organisational resilience and attempting to establish a brand that promotes an effective security culture. There are currently security committees that are monitored by qualified board members. Most importantly, cybersecurity risk as a fundamental determinant in third-party transactions and commercial engagements such as M&A, where security is increasingly becoming a competitive advantage desired by investors.
Track 3: Response Learning - Improving Security Post Incident
• What opportunities do you see for organisations to improve how they learn from cybersecurity incidents?
11:25 - 11:30
Short Break
11:30 - 12:10
Masterclass Breakouts
12:11 - 12:41
Headline Keynote
Geo-Politics
Geopolitical conflicts are rapidly manifesting themselves in the technology and digital world, with ramifications felt across regions and industries, and it's the security teams' role to keep it all in check. At the same time, COVID-19's rapid expansion in connectivity has heightened the importance of concerns over reliance on foreign technology and its impact on national security. Organizations will have to keep up with the increasingly complicated regulatory and cyber threat settings in which they operate in this climate.
09:00 - 09:10
Opening Remarks
09:10 - 09:40
Keynote
The Journey to Building API Security
APIs are a crucial enabler for digital transformation and microservices. This session will delve into the API threat landscape and provide actionable tasks in taming these challenges. The presentation plan will include “Why API Security is on every CISO’s mind,” “Typical API Security Challenges,” “Best Practices for Tackling API Security,”
09:42 - 10:22
Panel 2
DE&I in Security: We CAN do more, but what more can we do?
Our hackers are diverse, so shouldn't we be? Improving diversity and inclusion in the cyber security profession will be critical to closing the industry's well-documented skills gap. The industry presents a complex picture, showing diversity with higher levels of representation than the wider technology industry in some cases, such as LGB and female representation and cyber professionals feeling confident in being themselves in the workplace.
10:22 - 10:32
Insight Break
10:35 - 11:25
Roundtables
Track 1: Compliance Frameworks - How SOCs and Risk Teams are using the framework to communicate externally - to the C-Suite, Board and Insurance organizations.
While many mature SOC’s have been adopting the MITRE ATT&CK framework since its launch in 2015 to provide a global knowledge base of threat activity, techniques and models, it’s the outside of the SOC frameworks that business leaders, compliance and risk teams, risk insurers and industry are placing their emphasis on.The session will discuss the link between compliance and the SOC and whether or not your organization is using these frameworks to protect your organizations against modern threats while providing evidence outside of the SOC to demonstrate adherence to the framework’s controls.•What are the clear links between compliance and your organizations SOC?•How is your business using these frameworks to protect the organization?•Is it important to provide evidence outside of your SOC?
Track 2: Cyber & The Board: You had their Curiosity, Now you have their Attention
Boards have always found it simple to appreciate and justify the use of locks, keys, and cameras to protect essential infrastructure. However, as security risks have migrated deeper into cyberspace and become more complicated, it has become more difficult for boards to determine how effective information security officers are.All of this is changing. Following the pandemic, boards are mandating organisational resilience and attempting to establish a brand that promotes an effective security culture. There are currently security committees that are monitored by qualified board members. Most importantly, cybersecurity risk as a fundamental determinant in third-party transactions and commercial engagements such as M&A, where security is increasingly becoming a competitive advantage desired by investors.
Track 3: Response Learning - Improving Security Post Incident
• What opportunities do you see for organisations to improve how they learn from cybersecurity incidents?
11:26 - 11:56
Innovation Exchange Keynote
Securing Innovation
Your organization is implementing new technology, some of it may be extremely innovative. It's so modern in fact, that the business has never come across such tech before - metaverse, blockchain, NFT. How do you work with the CIO to make sure the roll out and usage of said tech is secure?
11:58 - 12:30
Closing Prime Keynote
09:00 - 09:10
Opening Remarks
09:10 - 09:40
Keynote
Going on the offensive in a democratised age
The need for security leaders to be proactive and on the offensive has often been seen as the best way to take on cyber risk which is growing every day. Yet how is this meant to be achieved as organisational seek to accelerate digital transformation where risk and compliance issues slow progress. The world of Hybrid work and accessing global talent pools demand that ever more distributed workers are given access to key data and tools and demand their employers trust them in the process. At the same time different functions who are desperate to take control of their digital destinies to create better customer solutions faster. How can security leaders meet the future of Cyber war head on as organisations seek to build a culture of trust, democratisation and customer centric responsiveness.
09:41 - 10:21
Panel 3
Zero Trust
10:22 - 10:32
Insight Break
10:32 - 11:22
Roundtable Leaders Panel
11:22 - 11:30
Ad Break slot
11:30 - 12:00
Innovation Exchange Keynote
Information Security and Reputational Impact of Social Media
Social media is no longer just another means by which to communicate with one another, it has become a source of cybersecurity intelligence as well as a threat vector unto itself. The threat is just not cyber but one of brand and reputation. In the age of mis and disinformation all organizations, all organizations cannot continue to ignore the impact that social media has on brand, reputation and trust.
12:01 - 12:31
Closing Keynote
Adaptive Security
The adaptive security model is a cybersecurity strategy that focuses on prevention, detection, and response. The adaptive approach ignores standard perimeter concepts and believes that there is no distinction between safe and unsafe. This is a critical paradigm shift, especially in light of the move to cloud services and ubiquitous computing outside of the company.
12:31 - 12:41