West IT & Security Leaders Forum 2023

The world now depends on the digital economy. IT is central to the organization’s successful response and there are four pillars of strength required: re-coding the institutional DNA, treating security as survival, responding to the new relationship with work, and reducing the bureaucratic burden.

Presented by: Info-Tech Research Group

Aggressive attacks on Enterprise computer networks are continuing with increased frequency and threatening economic and national security. Actions like vulnerability reduction and passive defenses on their own simply are not cutting it and there needs to be a functional shift in the way we mitigate this substantial threat. Companies can seek to protect their most sensitive data by implementing an environment of actionable intelligence and detection to bring the fight to the adversaries and ensure a proactive approach to securing data. This session will discuss best practices in managing the constant evolution in the security environment.

Circle back with your Peers on the content so far while grabbing a coffee and a snack

The current “shift-left” mindset to assess, assert, and evidence compliance and to harden the software supply chain are a DevOps antipattern. The impact goes well beyond over-burdening developers with toil that distracts them from innovation, unplanned audits are highly disruptive, and management is left to make decisions without defensible data. We will discuss this impact as a tax and suggest attributes of solutions to do Shift-Left right.

Presented by: Cloudbees

Learn how to harness decentralized technologies to transform your business. Understand how IoT & Blockchain work together to ensure security, and transactional integrity, while reducing total cost of operations to near zero. During this session, you’ll engage in the process of building a Decentralized Autonomous Organization- brining the pieces together to provide a foundation to understand opportunities & risks as your organization drives to Next-Gen business.

With Incident Response as the new normal, ensuring that our systems and processes support that effort and threat hunting are working as expected. We will discuss why and how to establish a Continuous Security Validation (CSV) program within your organization. Specifically, how such a program evolves beyond Breach and Attack Simulation (BAS) and provides teams a continuous feedback loop to understand their posture and identify gaps as they arise.

Presented by: AttackIQ

The software-defined data center (SDDC) is a concept in which all data center infrastructure is virtualized and delivered as a service. Control is fully automated through software, allowing hardware configuration to be maintained through automated policies. SDDC advances virtualization and cloud computing by supporting both legacy enterprise applications and new cloud computing services. It thus provides a solid base for using public, private, and hybrid clouds. By abstracting applications from hardware, SDDC allows apps to run anywhere and even move from place to place. It also allows for greater automation within a data center and faster, simple orchestration across centers.

It is no secret that technology is changing the fabric of business operations and outcomes, and collaboration between IT and the business is more important than ever before. The conversation is no longer about how to align IT with the business, however in many cases technology is still viewed as a commodity rather than an enabler. So what can we do to successfully change this mindset both within our own organizations and across the industry as a whole? During this session, we will discuss the various challenges IT and digital leaders face when undergoing this cultural shift.

Open seating, Buffet-style lunch. Serving food for all tastes, pallets, and preferences. Vegan, vegetarian, and halal options available

Your security team manages risks that affect business units and functions across your entire organization. Security is threaded through every aspect of your business, and your decisions have never mattered more. On a daily basis, you make decisions that affect day-to-day operations, data and system security, executive-level strategy and direction and quite possibly, the future success of your organization. Security leaders straddle the lines of executive, strategic, and tactical decision making, and must be experts at navigating all three of these levels. We’re wearing many hats, often switching between them from meeting to meeting, and it’s imperative that we can effectively communicate and drive decisions that improve and mature our security efforts across the board.

This session will explore ways to enhance engagement with technical teams, business units and executives alike, while still maturing your security program to be more efficient and effective at managing and mitigating risk. Concepts and topics covered will include:

• The 3 levels of decision making you must navigate on a daily basis and how they impact the rest of the organization
• Applying meaningful metrics to demonstrate value to executives and mature program operations for optimal effectiveness
• Finding program gaps where remediation efforts or SLA compliance is lagging, and taking steps to help affected teams improve and succeed
• How Tenable helps to improve operational efficiency, address threats and vulnerabilities faster, and demonstrate tangible business value at all levels of the organization

Presented by: Tenable

Today, the primary CEO priority is growth, with technology as a key enabler. However, vendor policies pose major roadblocks to innovation, growth, and competitive advantage by forcing you to spend limited budget, resources, and time on projects that may not drive your business. ​Learn how you can take control of your IT roadmap by choosing a Business-Driven Roadmap designed around your business objectives and not the vendor’s. Leverage vendor software, but do it on your terms, on your timetable, and with the flexibility, funding, and freedom to focus on initiatives that support growth and competitive advantage.

In the debate over an all-in-one cyber security platform versus best-of-breed solutions, the overwhelming majority lean towards best-of-breed in order to leverage the most impactful technology. However, does true best-of-breed exist? This session will look to explore this debate and how to implement a best-of-breed strategy when tech doesn’t necessarily integrate with other tech.

Enterprises have hordes of data and many opportunities to integrate other data sources. But readying data for AI experimentation is expensive and requires an iterative approach.

This session will focus on finding the best opportunities to experiment with AI and on applying agile practices in machine learning initiatives.

Circle back with your Peers on the content so far while grabbing a coffee and a snack

The definition of work-life balance has changed, and the nature of work has changed. Life, family, and work are all integrated, we need software solutions that allow us the flexibility to live our lives and attract a diverse talent. Solutions that improve experience locally while allowing us to operate globally removing the friction, increasing productivity improving employee experience and in turn positively impacting the customer experience. Focused on retention and customer satisfaction.

Presented by: RingCentral

In most markets, there is an abundance of open IT jobs with fewer people able to fill them – and the positions are getting more expensive. Working remotely is the norm, but not optimal (usually). There is less off-shoring and more resources are focused locally or within the same hemisphere.

Additionally, we are still not recruiting enough women and minorities into the rank and file, especially senior IT roles, and we’re losing talent to major tech hubs.

Join us at the roundtable with your peers as we dive into solutions to tackle the following challenges:

• How do you scale staff/team without losing them to major tech hubs?
• How do you create more diversity – not only among race and gender – but diversity of thought Old vs New Thinking?
• How do we mentor universities to implement actionable steps for supplying more IT talent?

Threat actors, Red-Teams, and Ransomware have been abusing Active Directory for years. In fact, attackers have compromised or leveraged AD in 100% of the successful ransomware attacks over the last 3 years.

This discussion will discuss new technologies to help you visualize the risk in your AD and add a layer of security around this very important part of enterprise infrastructure.

Everyone’s journey to being data-driven is unique. It’s like making an apple pie. It’s easy to get the ingredients, but you need to know how to put together the right recipe for a great apple pie.

In this interactive discussion, I will share insights and lessons learned in leading data modernization initiatives and in sharing the journey with customers. Data literacy, culture, governance, quality, technology stack modernization, and architecture are all ingredients in driving towards the right data-driven recipe. The discussion will include tips and tricks for reducing friction points and how to build the right recipe for your organization.

The result of digital transformation: It’s easier to do business with your customers and partners. But with new architectures, web apps and APIs now deployed from on-prem servers to the cloud, it is harder than ever to get a holistic view of all of these potentially vulnerable assets – never mind defend them.

What are your biggest challenges today in defending these diverse assets? What are the known gaps in your current defenses? What are you seeking in the future to defend your apps and APIs?

Topics covered will include:

• How are adversaries preying upon unprotected web apps and APIs?
• How are traditional web application firewalls deployed, and what are they missing?
• What does the future look like with unified web app and API security solutions?

Circle back with your Peers on the content so far while grabbing a coffee and a snack

To meet the speed and agility demands of digital business, CIOs are transforming their IT departments and shifting a growing share of IT work from projects to products. At the same time, growth in business-led IT has expanded the span of employees across the enterprise who are responsible for technology initiatives.

This session will explore a cost management model and discuss how evolving IT cost management efforts to focus on value over pure cost will reduce (and even eliminate) reactive calls to cut IT costs. This session will provide a model and tactics to elevate the maturity of IT to focus on value over costs, while still meeting the business directives.

You’ve just stepped into your new IT leadership role. Your first 90 days in a new IT leadership role should be focused on learning. Investing this time will help you understand the current state, appreciate the culture and inform your strategy. Prioritize these steps to kickstart improvement:

• Understand your job. Learn the organization and industry you are in
• Define and revise measurements for success
• Articulate your vision and strategy
• Organize people for success
• Build culture
• Revise processes for success & delivery, and suitable for the environment and the times
• Upgrade technologies