Information Security Leaders Content Week Agenda

Cyber resilience is a shift to enable enterprise resilience and the ability for organizations to thrive despite adversities, crises, and business volatility. Being resilient equips organizations with the ability to “pivot” at scale during adverse cyber events and market conditions (including non-business events such as a global pandemic) and to adapt to customer changes, digital transformation, and hyper-scaled growth.

Rob Aragao, Chief Security Strategist, Micro Focus

As cyber-attacks increase in complexity, frequency, and velocity, in our experience, many enterprise organizations are reliant on outdated IT governance. The organizational paradigm is limited by slow-moving bureaucracy and scarce resources. This situation is often the result of a limited understanding of the risks on the part of decision-makers, like board executives who rely on outdated corporate governance frameworks that were developed in response to accounting scandals – e.g., WorldCom, Enron, Tyco, etc. – not cyber risks.

Enterprise executives continue to propagate a compliance check-box mindset that values minimal security control investment to meet audit standards. The focus on audit/compliance misses the costs that may extend beyond regulatory penalties into financial losses that are not always small enough to recover from without significant repercussions.

In this session, we draw from consulting experience, candid conversations with security leaders, and empirical research to define the current issues plaguing enterprise cyber governance, while offering specific remedies for organizational leaders striving for an effective governance model that moves beyond audit compliance to iterative and measurable risk reduction.

Levi Gundert, SVP Global Intelligence & Customer Success, Recorded Future

Organizations have been moving to the cloud for several years now, but in the last year, our world has forced nearly everyone to leverage the scalability and speed of cloud platforms to support a remote workforce. With so many critical business functions running from these providers, it’s imperative to protect our data, systems and assets. But traditional strategies struggle to keep up with the scope and scale of the modern cloud environment, which is forcing a change in how we approach our security assessments and mitigation techniques. In this presentation, we’ll discuss the benefits and challenges presented to many organizations by the sudden move to cloud-based services and a newly remote workforce focused on business continuity, not security. We’ll also talk about some of the new ways we must evolve how we approach security and our internal programs to better align with the fast-paced and ever-changing nature of cloud services and assets and protect our organizations effectively, efficiently and at the speed required by today’s modern attack surface.

Nathan Wenzler, Chief Security Strategist, Tenable

As a Virtual Mobility Service (VMS) provider, Hypori delivers an ultra-secure, centrally managed, reduced-cost BYOD solution that employees want to use. With Hypori Virtual Mobility, you maintain 100% separation of personal and enterprise data with zero device footprint. A mobilized workforce is our present and our future state of work. A virtual mobility solution like Hypori allows employees to use personal devices while maintaining privacy. Hypori provides the highest cybersecurity levels and addresses enterprise-wide technology needs. Come explore Hypori with us and understand how VMS can support your organization.

Brian Kovalski, Senior VP, Hypori

In the wake of SolarWinds, we may have at-last discovered the answer to how it is our adversaries intend to pivot in the face of the prowess AI introduces to the battlespace. During this time together, John McClurg will explore what brought us to this pivotal point and what might yet stand as our best response to it.

John McClurg, SVP & CISO, BlackBerry

Give me your huddled masses, yearning to breathe free… Welcome to the struggles of the small, medium, and midsize markets, especially given the last 12 months or so of upheaval, the ever-present risks of attacks from the digital realm, and not enough hands, bodies or resources to go around. That’s the current state, now let’s look at what we can, should, and need to do, as well as some thoughts, ideas and ways forward for everyone. This talk lays bare the challenges within the markets and, offers up some practical options for how to communicate, collaborate and effectively understand and manage risk within your organization. We’ll cover the human aspects, the digital and technical resources, as well as the controls necessary for your diverse environments. We’ll talk risk, what to do when it all goes wrong AND how to recover… all in 40 minutes. It’ll be a wild ride, and it’s going to be blunt

Chris Roberts, Chief Security Strategist, Cynet

How do you operationalize the concept of “cyber excellence” in your organization and move your program from being reactive only to both proactive and preventative? Learn how to evolve your technology stack, team structure, and processes to better understand and share threat intelligence, then act on it. In this fireside chat with Marlys Rodgers, CISO of CSAA Insurance Group, you will learn how her team moved from a defensive to offensive and strategic cybersecurity program. She’ll share how leveraging platforms to automate security control validation, the MITRE ATT&CK framework, and a purple team organizational approach is enabling her team to better assess how mature their tools are, how they stack up against adversaries, and discover potential gaps for exploitation. She’ll also discuss how to use data analysis to put a laser focus on specific actions for enhancements, and how insights are shared with the audit team.

Fireside chat with Marlys Rodgers, CISO and Head of Technology Oversight at CSAA Insurance Group, and Julie O’Brien, CMO at AttackIQ

It is difficult for IT to focus on driving innovation when 70% of your budget and time is spent Keeping The Lights On. In this session, you’ll learn how you can transform your IT infrastructure with a cloud smart strategy – placing the right workloads on the right cloud whether on-premises private, public, or multi-cloud. We’ll also discuss how to use a financial analysis framework both to evaluate alternative solutions as well as how to build a compelling business case to achieve the funding to deploy the technologies that make sense.

Steve Kaplan, VP Customer Success Finance, Nutanix

In the debate over an all-in-one cybersecurity platform versus best of breed solutions, the overwhelming majority lean towards best of breed in order to leverage the most impactful technology. However, does true best of breed exist? This session will look to explore this debate and how to implement a best of breed strategy when tech doesn’t necessarily integrate with other tech.

Make sure you sign up early! This intimate roundtable session will be capped at 50 participants.