29 - 31 Mar • America • Online
Building a Positive Security Culture Across the Business
Security Digital Summit
With an increase in online activity due to the pandemic, CISOs are facing a barrage of new challenges.
Join 70+ senior Security leaders on business-critical challenges and disruptive technology and drive your industry forward collaboratively.
70
Attendees100%
Senior Executives9 Hrs
Industry InsightsSpeakers Include
Meredith R Harper
VP & CISO
Erik Thoen
VP, Product Management
Mandy Storbakken
Director Solutions Engineering, Multi-Cloud Security
Jay Kaplan
Co-Founder and CEO
Vishal Gupta
CTO, CIO
Mark Bowling
Vice President, Security Response Services
Andy Ellis
Advisory CISO
John Mayhall
CRO
Barry Hensley
Chief Threat Intelligence Officer
Julie Sautner
ExtraHop
Tracy Vojik
Field & Partner Marketing Manager - Pacific Region
Leonid Belkind
Co-Founder & CTO
Jessica Marty
Sr. Field and Channel Marketing Manager
Why Attend
Connect with 70+ senior Security leaders for a curated agenda focused on tackling your current business critical challenges and driving industry forward. Our summits are designed to help you:
Build new connections with likeminded senior leaders
Stay current with emerging business trends
Understand the impact new technology can make
De-risk new projects by gaining a broad range of insights
Accelerate key projects through meaningful new partnerships
Downloadable and actionable takeaways
Event Agenda
09:00 - 09:20
Opening Remarks
Intro & Challenger Panel
09:20 - 09:50
Keynote
Becoming a Better Leader in a Tech Space
09:55 - 10:35
Workshop
Log4J & Russian Destructive Malware
2022 has brought a wide range of vulnerabilities that organizations are continuing to address. Specifically of note are the rippling effects these vulnerabilities pose to your third-party ecosystem, and with 63% of breaches now occurring through third-parties it's now more important than ever to identify your current TPRM maturity level, and scale to to prevent future breaches. Join CyberGRX CRO, John Mayhall as he discusses:•His introduction into the Third-Party Cyber Risk Management space•Why having a Third-Party Management strategy is key in mitigating risk for your organization•The power behind a true Third-Party Risk Exchange
10:35 - 10:45
Insight Break
10:45 - 11:45
Roundtables
Track 1: Threat Actors Are Using Machine Learning, Learn How and Why Your Teams Should Too
More often than not, new technologies promise to improve the cyber hygiene of a company – although there are some things to be wary of before putting complete trust into a concept. (Looking at you, phone-based MFA.)Technologies like machine learning, and Artificial Intelligence are increasing their capabilities, and with this rise in their complexity comes the desire and need to include it into a security teams’ infrastructure. With threat actors increasingly using AI to rapidly evolve their attacks to evade detection and prevention security teams are using AI in increasing numbers to build automated security systems that replace human intervention, making it possible to analyse massive quantities of risk data at a much faster pace. This is advantageous both for small and medium-sized organizations whose security teams might be under-resourced as well as the other end of the spectrum, large companies dealing with huge amounts of data.•What are the key security processes and technologies where AI is having a beneficial or negative impact•In what ways is AI being used by both threat actors and cybersecurity vendors and teams to accelerate attacks, threat intelligence and detections?•What’s the right balance between human and machine?•Can an autopilot be trusted in the time of an emergency?
Track 2: Risk: More Than a Security Issue
Risk, by its very definition, is something deemed uncontrollable – and it’s fast become realized by organizations the need to invest heavily in security. The only thing we can be certain of however, is that new threats will emerge constantly – and steering to respond to every direction is becoming more costly in both time and dollars. The risk landscape is constantly evolving, and in the current climate it’s changing fast. CISO’s are integral in the communication of cyber risk across the business and must develop a comprehensive strategy for dealing with the latest threats, exploits and vulnerabilities.
Track 3: Avoiding Cloud-Stupid: Keeping your Fears from Being Realized in the Cloud
As organizations become predominantly cloud-first, security leaders often worry that the security practices that kept their organizations mostly safe in the data center either won't be effective–or won't even be followed– in the cloud. Join this roundtable of your peers to explore common concerns among enterprises, and explore ways to reduce your risks by focusing on the threats and controls that matter.
11:50 - 12:20
Closing Keynote
Staying Secure in the Midst of a Talent Crisis
CrisisThe worldwide cyber talent shortage is real and growing. Just in the US, the Labor Department estimates 600,000 more openings than qualified professionals. Globally, the gap is 2.7 million. The lack of skilled practitioners is leaving vulnerabilities unpatched and organizations dangerously exposed. But effective and innovative solutions can bridge the talent gap and address both near term and longer term needs.
In this session, we’ll explore:•Current options to increase the cyber talent capacity required to meet organizations’ current and future security needs•Broadening the diversity of available security skill sets to cover the full scope of vulnerabilities for on-premise, cloud, networking, hosts, mobile, applications, etc•The challenges, and importance, of establishing a continuous testing practice to keep pace with the continuous application development and deployment methodologies•The advantages of leveraging crowdsourcing as part of your security operations.•The importance of standard testing frameworks and operational transparency in leveraging untapped and available security talent
09:00 - 09:10
Opening Remarks
09:10 - 09:40
Keynote
IoT Security: How to Manage Devices on a Corporate Network
Malware, device mismanagement, device misconfiguration – all major issues with a company’s IoT, and all falling at the feet of the CISO. But how best to manage the cyber hygiene of the company? The lack of industry foresight gives little-to-no time to develop a strategical defense plan against unfamiliar threats in growing IoT ecosystems, as well as those we are already accustomed to. The major roll-out of 5G only accelerates the need for improved security in 2022. Escalated cyber-attacks can come as distributed-denial-of-services and these devices being hacked can be used as an entry point to a corporate network.
09:45 - 10:25
Workshop
10:25 - 10:35
Insight Break
10:35 - 11:35
Roundtables
Track 1: Threat Actors Are Using Machine Learning, Learn How and Why Your Teams Should Too
More often than not, new technologies promise to improve the cyber hygiene of a company – although there are some things to be wary of before putting complete trust into a concept. (Looking at you, phone-based MFA.)Technologies like machine learning, and Artificial Intelligence are increasing their capabilities, and with this rise in their complexity comes the desire and need to include it into a security teams’ infrastructure. With threat actors increasingly using AI to rapidly evolve their attacks to evade detection and prevention security teams are using AI in increasing numbers to build automated security systems that replace human intervention, making it possible to analyse massive quantities of risk data at a much faster pace. This is advantageous both for small and medium-sized organizations whose security teams might be under-resourced as well as the other end of the spectrum, large companies dealing with huge amounts of data.•What are the key security processes and technologies where AI is having a beneficial or negative impact•In what ways is AI being used by both threat actors and cybersecurity vendors and teams to accelerate attacks, threat intelligence and detections?•What’s the right balance between human and machine?•Can an autopilot be trusted in the time of an emergency?
Track 2: More Than a Security Issue
Risk, by its very definition, is something deemed uncontrollable – and it’s fast become realized by organizations the need to invest heavily in security. The only thing we can be certain of however, is that new threats will emerge constantly – and steering to respond to every direction is becoming more costly in both time and dollars. The risk landscape is constantly evolving, and in the current climate it’s changing fast. CISO’s are integral in the communication of cyber risk across the business and must develop a comprehensive strategy for dealing with the latest threats, exploits and vulnerabilities.
Track 3: Avoiding Cloud-Stupid: Keeping your Fears from Being Realized in the Cloud
As organizations become predominantly cloud-first, security leaders often worry that the security practices that kept their organizations mostly safe in the data center either won't be effective–or won't even be followed– in the cloud. Join this roundtable of your peers to explore common concerns among enterprises, and explore ways to reduce your risks by focusing on the threats and controls that matter.
11:40 - 12:10
Closing Keynote
In the Fight With You - Choosing the Right Partner
Choosing technology is often about looking for a reliable technology partner. But, in IT Security you need more than that, you need a Partner that will join in the fight with you and turn any unfair fight into a fairer one. This keynote looks at how it’s vital to have Partner that not only helps you technically to even up the playing field between you and your adversaries - but offers some other key support that you should consider with any Partners you chose to be in the fight with you.
09:00 - 09:10
Opening Remarks
09:10 - 09:40
Keynote
Building a CISO Response Strategy to Advanced Threats
Let’s face it: cyberattackers have the advantage. The recent string of advanced campaigns, including those launched against SolarWinds, Colonial Pipeline, and JBL, have made this reality painfully clear for most enterprises. With threats persisting inside the network for months, security teams need a new plan.In this session, Barry Hensley discusses strategies, including revising existing mental models and incident response processes, to build resilience and reclaim the advantage in the fight against advanced threats.
09:45 - 10:25
Workshop
Citizen Security: How Democratization of Security Results in Increased Agility and Improved Protection
The "future of work" is here. Protecting customers, employees and data requires security teams to balance risks across dozens if not hundreds of threat vectors, multitudes of devices, and 'work from anywhere’ users - all while moving at the speed of modern business. Delivering protection at this speed requires re-imagining how security works hand in hand with the broader organization. In this session, Torq CTO Leonid Belkind will share how leading security teams have implemented 'citizen security' - empowering users across the organization to play more active roles in security processes - without increasing friction or slowing down the speed of business.
10:25 - 10:35
Insight Break
10:35 - 11:35
Roundtable Review
11:40 - 12:10
Closing Keynote
Defining Intelligence, and Countering It
To understand Counterintelligence, you need to define Intelligence. Jeffrey Johnson heads the Security of North America for Siemens Healthineers - one of the biggest healthcare organizations on the globe.