Central IT & Security Leaders Content Week Agenda

Cybersecurity is a priority for businesses in every sector, but budget constraints and the shortage of talent make it challenging for organizations to maintain a consistent and proactive security posture. Vendor security patching, which requires regression testing and system downtime, is both labor and time-intensive, sometimes forcing companies to delay patching. This can leave them exposed or behind schedule in implementing their own best practices or software security guidelines.

Learn how companies have solved for these budget and resource constraints and deployed a holistic, layered security model across the enterprise, providing actionable security intelligence designed to reduce potential exposure.

Anne Plese, Sr. Director Product Marketing, Rimini Street

The smart approach to Digital Transformation is bridging existing and emerging technologies by modernizing core business systems.  Such an approach allows organizations to achieve the balance of running and transforming their business at the same time.  This ultimately allows IT professionals to leverage existing investments and processes, lower risk of disruptions, and achieve a faster return on investment – ultimately allowing executives to run IT like a business.  We call that smart digital transformation.

In the midst of rapid market shifts, the temptation exists to chase technological “shiny objects.” In a race to adopt the latest digital innovations, we can’t lose sight of the importance of comprehensive solutions and unified architecture. Join this interactive roundtable to discuss the key objectives for CIOs and CISOs looking to filter out the noise surrounding innovation and stay on track with solid IT and digital strategies.

Make sure you sign up early! This intimate roundtable session will be capped at 50 participants.

It is difficult for IT to focus on driving innovation when 70% of your budget and time is spent Keeping The Lights On. In this session, you’ll learn how you can transform your IT infrastructure with a cloud smart strategy – placing the right workloads on the right cloud whether on-premises private, public, or multi-cloud. We’ll also discuss how to use a financial analysis framework both to evaluate alternative solutions as well as how to build a compelling business case to achieve the funding to deploy the technologies that make sense.

Modernizing IT starts with deploying an efficient, agile hybrid cloud architecture – but this is easier said than done. Legacy status quo bias alongside a frequently imprecise public cloud strategy lead to lengthy and costly migration journeys.

Which applications should be in public, and which in private cloud? This roundtable discussion is a great opportunity to learn what type of challenges and opportunities your peers have encountered in their IT modernization journeys.

Make sure you sign up early! This intimate roundtable session will be capped at 50 participants.

Organizations have been moving to the cloud for several years now, but in the last year, our world has forced nearly everyone to leverage the scalability and speed of cloud platforms to support a remote workforce. With so many critical business functions running from these providers, it’s imperative to protect our data, systems and assets. But traditional strategies struggle to keep up with the scope and scale of the modern cloud environment, which is forcing a change in how we approach our security assessments and mitigation techniques. In this presentation, we’ll discuss the benefits and challenges presented to many organizations by the sudden move to cloud-based services and a newly remote workforce focused on business continuity, not security. We’ll also talk about some of the new ways we must evolve how we approach security and our internal programs to better align with the fast-paced and ever-changing nature of cloud services and assets and protect our organizations effectively, efficiently and at the speed required by today’s modern attack surface.

As cyber-attacks increase in complexity, frequency, and velocity, in our experience, many enterprise organizations are reliant on outdated IT governance. The organizational paradigm is limited by slow-moving bureaucracy and scarce resources. This situation is often the result of a limited understanding of the risks on the part of decision-makers, like board executives who rely on outdated corporate governance frameworks that were developed in response to accounting scandals – e.g., WorldCom, Enron, Tyco, etc. – not cyber risks.

Enterprise executives continue to propagate a compliance check-box mindset that values minimal security control investment to meet audit standards. The focus on audit/compliance misses the costs that may extend beyond regulatory penalties into financial losses that are not always small enough to recover from without significant repercussions.

In this session, we draw from consulting experience, candid conversations with security leaders, and empirical research to define the current issues plaguing enterprise cyber governance, while offering specific remedies for organizational leaders striving for an effective governance model that moves beyond audit compliance to iterative and measurable risk reduction.

A CISO is hired to optimize organization-wide security and to improve the security posture. Using pen testing, vulnerability assessments, and other traditional testing methods, the security team can evaluate the organization’s security posture. However, a quarterly pen-test does not allow the CISO to know on a daily basis if the organization is protected at that moment. A CISO’s security posture program should include:

  • Continuous testing and security controls validation
  • Prioritizing and removing controls which are overlapping or not performing well
  • Knowing the risks and gaps across the full kill chain
  • Receive recommended remediation in a prioritized list

As enterprises rapidly adopt SaaS applications, blind spots have developed as traditional security policies, controls guidance, and tools don’t provide the benchmarks or visibility IT and security teams need to protect them. While some have looked at cloud access security broker (CASB) solutions to fill the need, these solutions only broker the access based on the perimeter and don’t provide a continuous, holistic approach into risk and compliance.

In this session, we will discuss the importance of SaaS security and the value provided by security guidelines like the CIS Benchmarks, consensus-developed secure configuration guidelines for hardening operating systems, servers, cloud environments, and more.