National CISO & Security Leaders Forum

Leveraging AI to transform your data security program so that it enables your business to innovate and grow is today’s reality. Historically though, data security has been the least mature domain in all of security, but due to new innovations now is the time that it can become security’s most mature program. This session will discuss why having a fundamental understanding of what data exists within your environment, where it’s running, its risk level, who has access to it, and how it’s being used are foundational to having a strong security posture – and to driving innovation and growth for your business.

Speakers:

Jason Clark, Chief Strategy Officer, Cyera

Lamont Orange, Global CISO, Cyera

Presented by: Cyera

Aggressive attacks on Enterprise computer networks are continuing with increased frequency and threatening economic and national security. Actions like vulnerability reduction and passive defenses on their own simply are not cutting it and there needs to be a functional shift in the way we mitigate this substantial threat. Companies can seek to protect their most sensitive data by implementing an environment of actionable intelligence and detection to bring the fight to the adversaries and ensure a proactive approach to securing data. This session will discuss best practices in managing the constant evolution in the security environment.

In the past 12 months, 87% of F1000 businesses were affected by significant cyber incidents as a result of a third-party. And yet, most rely on ‘snapshot in time’ questionnaires. While necessary, snapshots are insufficient by themselves, and must be augmented with continuous monitoring in support of ongoing security operations. This requires a different approach, that includes external threat detection capabilities by using AI across Public Data.

• The Public Data opportunity: collect, process, alert across multiple languages / modalities
• Real-time external threat detection on a rapidly evolving threat landscape
• The most advanced AI techniques for automating the collection, processing, delivery, and initial analysis of millions of public data sources

Speaker: Jack Carraway, Field CISO, Dataminr

Presented by: Dataminr

AI is evolving from a mere tool to a transformative catalyst for enterprise innovation. While it unlocks new business models and enhances decision-making through actionable insights, it also poses significant risks related to data privacy, security, and ethics.

Key Points:

• AI as a Catalyst for Change: Understanding how AI can drive business transformation and efficiency.
• Balancing Innovation and Risk: Addressing the dilemma faced by security teams—restricting AI use or risking exposure.
• Tools for Success: Providing CIOs & CISOs with enforcement tools and developers with AI security solutions to promote safe and rapid innovation.
• Future Resilience: Empowering organizations to navigate evolving markets by fostering responsible AI use.

Join us in exploring how to harness AI’s potential while safeguarding your organization’s future.

Circle back with your Peers on the content so far while grabbing a coffee or tea and a snack

Check back for updates on this session.

Presented by: Zafran

Join us as we explore cutting-edge strategies for modernizing infrastructure and applications. In this discussion, we delve into the intersection of AI-powered observability security, emphasizing how organizations can enhance their operations, ensure data protection, and comply with regulations. We will discuss the transformative potential of AI, including Generative AI, in boosting overall productivity.

Speaker: Jason Ostroski, Field CTO, Dynatrace

Presented by: Dynatrace

Open seating, Buffet-style lunch. Serving food for all tastes, Palates, and preferences. Vegan, vegetarian, halal options available

As organizations strive to secure their digital landscapes, building a robust Identity and Access Management architecture is crucial yet fraught with challenges. This panel will bring together industry experts to discuss the complexities and obstacles faced in developing effective IAM systems. Attendees will gain valuable insights into overcoming these hurdles while ensuring security, compliance, and user experience.

Topics to Discuss:

• User Experience vs. Security: Balancing seamless access with stringent security measures—can we really have both?
• Scalability Issues: Preparing IAM solutions for rapid growth and changing business needs.
• Managing Diverse User Identities: Strategies for handling multiple user types, from employees to third-party vendors.
• Compliance Nightmares: Understanding regulations and how to maintain compliance without losing sleep.
• Automation vs. Human Oversight: Finding the right mix of automated processes and manual checks.
• The Threat Landscape: Addressing evolving cyber threats and ensuring IAM remains a proactive defense.
• Cultural Challenges: Fostering a security-first mindset across the organization.
• Mitigating Identity Exposure Holistically: Protecting your business from employees’ and vendors’ personal exposure in breaches—is that even possible?

Join us for a thought-provoking discussion that will equip you with practical solutions and insights into the complexities of building an effective IAM architecture!

Panelists:

Erik Scoralick, Director of Sales Engineering, Delinea

Ted Ross, Chief Executive Officer, SpyCloud

The relentless growth of cyber threats and the increasing complexity of modern IT environments have stretched security teams to their breaking point. Autonomous solutions promise much-needed relief, but CISOs are rightly cautious. This session cuts through the hype, providing a pragmatic roadmap for incorporating autonomous capabilities into your security operations.

We’ll explore the spectrum of autonomy, from basic automation (Level 4) to true AI-driven decision-making (Level 5), clarifying what’s possible today and what lies on the horizon. Discover the compelling reasons driving the need for autonomous alert triage and response and understand the critical role of the “virtual analyst” in this evolution.

This session will equip you with the knowledge to:

• Demystify “autonomous” and its varying levels.
• Grasp the urgency for autonomous solutions in modern security operations.
• Conceptualize the “virtual analyst” and its potential impact.
• Learn key criteria for evaluating virtual analyst solutions.
• Understand the challenges in building and deploying virtual analysts.
• Define the evolving role of human analysts in an autonomous future.

Join us to explore a realistic path toward autonomous security operations and prepare your organization for a more secure tomorrow.

Speaker: Kumar Saurabh, CEO, AirMDR

Presented by: AirMDR

In the last decade, an explosion of AppSec tools has come to market designed to help find and remediate vulnerabilities. However, organizations are still getting breached as attackers have shifted their focus to software pipelines – using exploits such as secrets harvesting and SCM and pipeline misconfigurations – areas that traditional AppSec tools don’t cover. Join us as we walk through some recent supply chain attacks and talk through the weakness that allowed them to happen, and then talk through some areas of focus within your security practices that can help you reduce the risk of a supply chain attack happening in your environments.

Speaker: Joe Nicastro, Field CTO, Legit Security

Presented by: Legit Security

Cyber threats are more prevalent than ever and security teams are faced with the daunting task of optimizing their security posture while balancing budget, risk, and operational efficiency. With even the most sophisticated security stack plagued with coverage gaps and vulnerabilities, security teams are fatigued and don’t want to add yet another security tool.
Sometimes help comes from an unexpected corner. Modern backup and data security can help IT and security come together and solve problems. Learn what a data security and protection partner like Druva can do to help strengthen your security posture and streamline your incident response and recovery workflows. We will cover:

• What typically occurs in each phase of a cyber attack
• Common security coverage gaps in your data infrastructure
• How to work better with your IT and backup teams

Presented by: Druva

Check back for updates on this session.

Speaker: Chris Roosenraad

Circle back with your Peers on the content so far while grabbing a coffee and a snack

In today’s landscape of sophisticated cyber threats, understanding cybersecurity as a critical business risk is essential for CFOs, CEOs and all executive stakeholders. This panel will explore the multifaceted nature of cyber risks—financial, reputational, operational, productivity, and regulatory—and their profound impact on organizational resilience and decision-making.

Join us for an engaging discussion on the challenges of effectively communicating these risks to the Board and fostering collaboration between IT Security and Security Operations teams.

We’ll tackle the following key topics:

• Rapid Threat Detection and Response: Strategies for identifying and addressing cyber threats swiftly.
• Risk Prioritization and Mitigation: Methods for understanding and managing risks to protect business interests.
• Securing a Borderless Workforce: Best practices for safeguarding remote teams in a hybrid work environment.
• Future Security Predictions: Insights on emerging threats and trends for 2024 and beyond.

Equip yourself with the tools and knowledge to articulate cyber risks in a way that resonates with business leaders and drives robust security practices throughout your organization.

Panelists:

Tamika Bass, Cybersecurity Director, Gannett Fleming

Eric Brown, CISO, Metropolitan Council

In the ever-evolving landscape of cybersecurity, staying ahead of threats is imperative. As we reflect on the past, embrace the present, and prepare for the future, the integration of artificial intelligence (AI) into security infrastructure has emerged as a disruptive technology in safeguarding digital assets. Join us at this exclusive event led by Trend Micro as we delve into the dynamic journey of AI’s impact on cybersecurity. From historical insights to current advancements and future projections, discover how AI is reshaping the defense mechanisms against cyber threats, fortifying your infrastructure, and empowering organizations to navigate the digital frontier with confidence.

Speaker: Franz Fiorim, Field CTO, Trend Micro

Presented by: Trend Micro

Check back for updates on this session.

By Master of Ceremonies: Michele Chubirka, Staff Cloud Security Advocate, Google

Circle back with your Peers on the content so far while grabbing a coffee and a snack

The Zero Trust security model, which assumes no implicit trust within or outside an organization’s network, is gaining traction. This session will explore the principles of Zero Trust, its implementation challenges, and the benefits it offers. Participants will learn about key components such as micro-segmentation, continuous verification, and least-privilege access. Case studies will demonstrate successful Zero Trust deployments, providing practical insights for organizations looking to adopt this approach.

Presented by: Seraphic

The growing demand for cybersecurity professionals has highlighted a significant skills gap in the industry. This session will discuss the current state of cybersecurity education, the challenges in developing a skilled workforce, and strategies to bridge the gap. Topics will include training programs, certifications, and partnerships between academia and industry. Attendees will learn about initiatives to attract and retain cybersecurity talent and how to cultivate a culture of continuous learning within their organizations.