West IT & Security Leaders Forum 2024

As the digital economy continues to expand, institutions must adapt to remain competitive and relevant. This session will explore the key trends shaping the future of the digital economy and how institutions can effectively enable their digital transformation. Topics will include advancements in digital infrastructure, the integration of artificial intelligence and machine learning, the importance of data analytics, and the shift towards digital-first business models. Experts will discuss the challenges and opportunities presented by these trends, providing practical insights on how institutions can leverage technology to enhance efficiency, innovation, and customer engagement. Attendees will gain a comprehensive understanding of the strategic steps necessary to thrive in the digital economy.

Moderator: Shawnna DelHierro, Chief Technology Officer, STG Consulting
Senior Advisor & Executive Consultant

Panelists:

Jack Satterfield, CTO, Pima Community College

Mary Lorkowski, Global Director, IT Infrastructure and Unified Collaboration, Dyno Nobel

Rob Strickland, Interim CIO, InfoVista

The overall business transition to the Cloud is happening far faster than many experts predicted. That speed has left most companies reliant on security platforms built for a bygone world dominated by on-premises data centers. The covid pandemic further accelerated and complicated the situation, stressing CISOs and CIOs who are responsible for protecting a work-from-home staff that may not ever fully return to the office. Organizations are rapidly adopting SASE to safeguard data wherever it moves, support digital transformation efforts, and realize better efficiency and ROI from their technology. Come hear how Netskope’s converged SASE platform provides AI-driven zero trust security and simplified, optimized connectivity to any network location or device, including IoT.

Speaker: Damian Chung, Business Information Security Officer, Netskope

Presented by: Netskope

It’s 2024 – why do you still rely on manual pen testing to validate your security posture? It’s labor-intensive, doesn’t reveal real-time vulnerabilities at scale, and typically happens only once or twice a year. This lack of automation combined with infrequent testing windows makes it impossible to have a clear and up-to-date understanding of the high-risk attack paths, vulnerabilities and misconfigurations happening inside your IT environment right now.

There’s got to be a better way. And there is. But first, it’s time to stop waiting for Red Teams to take the first step when it comes to validating an organization’s security posture. Blue Teams can take matters into their own hands. By using their own managed security controls, they can do things like create rules in their EDR and WAF to block exploitation attempts from a known vulnerability.

In this session, we’ll talk about the benefits and practical application of automatic, continuous security control testing. And how shifting the power dynamic between Blue and Red Teams can lead to a more optimized approach to security. One that can be automatically built into an existing environment and yield results such as automated testing, continuous validation and coverage at scale.

Finally, we will show real-world examples of threats vs. actual attack paths, vulnerabilities vs. controls, and practical steps to remediation.

Session highlights:

• The problem with traditional pen-testing (it’s expensive, not accurate and can no longer stand alone) and a look at common offensive testing tools.
• Overview of different approaches to continuous offensive testing and security validation (BAS, PTAAS) including advantages and limitations.
• A blueprint and best practices for Blue Teams to take control and optimize their approach to security.
• How continuous testing tools, like BAS, can help with compliance as regulations, standards and requirements become more stringent.
• Examples of real-world exploitations, attack paths and control gaps – and how to solve them.

Speaker: Brian Moran, Sr. Director of Product Marketing, Cymulate

Presented by: Cymulate

In today’s digital landscape, the traditional network perimeter has dissolved. Identity has emerged as the new security perimeter, representing the most critical attack surface for adversaries. As organizations increasingly adopt cloud-based services, remote workforces, and interconnected applications, managing identities and Identity Providers (IDPs) has become central to ensuring security. However, these same identities are also being targeted, manipulated, and abused by cybercriminals to gain unauthorized access to valuable data and resources.

This session will explore the evolving role of identity in cybersecurity, providing a deep dive into how identities and IDPs are leveraged—both legitimately and maliciously. Attendees will gain a comprehensive understanding of the Zero Trust model and why it is essential for today’s security strategy. We will discuss common security failures, such as over privileged access, poor password hygiene, and inadequate monitoring, and identify tools and best practices that can help organizations strengthen their identity security posture.

Participants will walk away with actionable insights on how to better protect identities, implement effective Zero Trust principles, and adopt identity-focused security strategies that mitigate risks in an ever-evolving threat environment. Armed with these best practices, security leaders will be well-equipped to build resilient defenses against today’s most sophisticated cyber threats.

Speaker: Patrick Ramseier, Global Security Specialist Engineering, Tenable

Presented by: Tenable

Join us as we explore cutting-edge strategies for modernizing infrastructure and applications. In this discussion, we delve into the intersection of AI-powered observability security, emphasizing how organizations can enhance their operations, ensure data protection, and comply with regulations. We will discuss the transformative potential of AI, including Generative AI, in boosting overall productivity.

Speaker: Asad Ali, VP of our Global Center of Excellence, Dynatrace

Presented by: Dynatrace

Circle back with your Peers on the content so far while grabbing a coffee or tea and a snack

As most recent studies have confirmed, adversaries are using AI to improve their tactics to launch targeted cyberattacks on organizations. This talk will analyze how Adversaries are using AI in their attack methods and what has changed from before, in their operations. The second part of the session will delve into how security teams can leverage AI to counterattack threat actors and use AI to build and improve their defenses.

Speaker: Mani Keerthi Nagothu, Americas Field CISO Associate Director, SentinelOne

Presented by: SentinelOne

Attend this session to learn how enterprise cyber security teams reduce cyber exposure and vulnerability risk across all attack surfaces.

Speaker: Tal Morgenstern, Co-Founder & CSO, Vulcan

Presented by: Vulcan

As organizations adapt to technological advancements, remote collaboration tools, and changing workforce dynamics, the CIO emerges as a key strategist, orchestrating digital transformation initiatives and ensuring seamless integration of technology into the fabric of the modern workplace. This Panel will discuss how CIOs can drive innovation, enhance cybersecurity measures, and foster a flexible and inclusive work environment to meet the challenges and opportunities presented by the future of work.

Moderator: Shawnna DelHierro, Master of Ceremonies

Panelists:

John Jiang, CTO, VESS

Jason Frame, CIO, Southern Nevada Health District

Rob Strickland, Interim CIO, InfoVista

Scott Wibirt, Global Supply Chain – Chief Security Architect, Costco Wholesale

Open seating, Buffet-style lunch. Serving food for all tastes, pallets and preferences. Vegan, vegetarian, halal options available

In this presentation we will provide insights around the inherent risks related to using Generative AI, self-trained LLMs and AI workloads. With data at the heart of any AI usage, we will cover efficient methodologies for identifying and mitigating your own risk to safely enable AI, making your workforce more productive and driving toward the innovation AI promises. Specifically the topic will engage the audience to consider how understanding the data set, its sensitivity, the access to it from internal employees to third parties, and how data will be used and created. Protecting data wherever it goes and ensuring compliance through the AI journey.

Learning Objectives: In this presentation the audience will learn about the inherent risks surrounding AI and therefore data within the enterprise. Marrying key objectives around cloud security, governance risk and compliance, risk management and threat detection/prevention through the AI lifecycle.

Speaker: Dubie Dubendorfer, Strategic Evangelist, Varonis

Presented by: Varonis

Cyber risk scoring and quantification provide a practical framework that connects technical details with business needs, helping leaders understand and act on complex security data. By combining financial modeling, threat intelligence, real-world examples, and AI-powered monitoring, this approach clarifies risk, enabling informed, strategic decisions. As digital threats grow more sophisticated, effective cyber risk management becomes critical to maintaining resilience, compliance, and a competitive edge.

Speaker: Jason Dablow, Principal Engineer, Trend Micro

Presented by: Trend Micro

Studies show that employees who are vigilant about cybersecurity in their personal lives tend to bring that same caution to their professional activities, resulting in fewer security breaches. In this session, we’ll focus on ways security professionals can make security more relevant to our end users and give them a greater reason for caring.

Speaker: Emily Cellar, VP of IT Security & Infrastructure, iFIT

In the age of AI, cybersecurity must balance the strengths of AI with the irreplaceable human element. While AI excels at rapidly analyzing data and detecting threats, it lacks the intuition, adaptability, and ethical judgment of human experts. Effective risk mitigation requires blending AI’s speed and precision with human oversight, ensuring cybersecurity remains agile, ethical, and resilient in the face of evolving threats. Join this session to explore how to strike the right balance and build a future-proof cybersecurity strategy.

Speaker: Tina Lampe, Director – IT Software Engineering, DirecTV

Circle back with your Peers on the content so far while grabbing a coffee and a snack

Delve into the flaws of the traditional cybersecurity landscape and how a modern SOC should focus on outcome-based services without relying on logs or the cost and complexity of a SIEM.

Speaker: John Minasyan, Chief Operations Officer, LMNTRIX

Presented by: LMNTRIX

Who loves a good audit? Well, you should! Think of them as a helpful nudge to fix what’s weak, make sure you’re playing by the rules, and get your systems running smoother than ever. You’ll see how these check-ups are less of a headache and more like a secret weapon for keeping your tech game strong and secure.

Speaker: Rob Strickland, Interim CIO, InfoVista

Aggressive attacks on Enterprise computer networks are continuing with increased frequency and threatening economic and national security. Actions like vulnerability reduction and passive defenses on their own simply are not cutting it and there needs to be a functional shift in the way we mitigate this substantial threat. Companies can seek to protect their most sensitive data by implementing an environment of actionable intelligence and detection to bring the fight to the adversaries and ensure a proactive approach to securing data. This session will discuss best practices in managing the constant evolution in the security environment.

Moderated by: James Christiansen, Data Security Leader, Cyera

Panelists:

Ray Lipps, CISO, Broadcom

Deborah Enright, CISO, West Coast University

Gary Eckman, VP of Cyber Security & Governance, Dyno Nobel

Chris Stoneley, CISO, Cathay Bank

Cyber threats are more prevalent than ever and security teams are faced with the daunting task of optimizing their security posture while balancing budget, risk, and operational efficiency. With even the most sophisticated security stack plagued with coverage gaps and vulnerabilities, security teams are fatigued and don’t want to add yet another security tool.

Sometimes help comes from an unexpected corner. Modern backup and data security can help IT and security come together and solve problems. Learn what a data security and protection partner like Druva can do to help strengthen your security posture and streamline your incident response and recovery workflows. We will cover:

• What typically occurs in each phase of a cyber attack
• Common security coverage gaps in your data infrastructure
• How to work better with your IT and backup teams

Speaker: Mohammad Al-Tumimi, Sales Engineer, Druva

Presented by: Druva

Circle back with your Peers on the content so far while grabbing a coffee and a snack

AI is evolving from a mere tool to a transformative catalyst for enterprise innovation. While it unlocks new business models and enhances decision-making through actionable insights, it also poses significant risks related to data privacy, security, and ethics.

Key Points:

• AI as a Catalyst for Change: Understanding how AI can drive business transformation and efficiency.
• Balancing Innovation and Risk: Addressing the dilemma faced by security teams—restricting AI use or risking exposure.
• Tools for Success: Providing CIOs & CISOs with enforcement tools and developers with AI security solutions to promote safe and rapid innovation.
• Future Resilience: Empowering organizations to navigate evolving markets by fostering responsible AI use.

Join us in exploring how to harness AI’s potential while safeguarding your organization’s future.

Speaker: David Ho, Senior Director – AI, Cybersecurity, and Technology Assurance, Salesforce

In a world where the pace of change equals the pace of expectation, building trust is more important than ever. As innovation speeds ahead, ensuring users feel secure and valued is paramount.

Picture this: tech rockets ahead, and our expectations chase right behind. When tech changes at breakneck speed, people’s expectations leap to keep up. Trust isn’t just a buzzword; it’s the bedrock of any thriving relationship between tech companies and their users.  If leaders and companies don’t foster trust, everything is at risk—think data breaches, algorithm biases, human asset loss or fake news & misinformation. Building trust becomes the cornerstone because it’s the only way to keep users loyal and assured that their privacy, data, and well-being are protected. Trust is the invisible glue binding users and customers to the tech they depend upon.

As technology barrels forward, expectations of stakeholders, investors, customers, and onlookers, rise just as fast. Trust is the backbone that keeps everything steady amidst the whirlwind. When data breaches and misrepresentation are lurking at every corner, companies need to earn and keep trust by being transparent, ethical, and reliable. It’s not just about surviving the next innovation or living beyond this phase of transformation; it’s about making sure users feel secure and valued, ensuring they stick around for the ride.  Join me as we talk about the key tenets, and challenges, to immerse trust in every step of your transformation journey.

Speaker: Shawnna DelHierro, Master of Ceremonies, Chief Technology Officer, STG Consulting