Information Security Leaders Content Week On-Demand Sessions

This virtual event took place from March 15 - 17, 2021

Presentation & Open Discussion – In The Wake of Solar Winds: Personal Reflections

In the wake of SolarWinds, we may have at-last discovered the answer to how it is our adversaries intend to pivot in the face of the prowess AI introduces to the battlespace. During this time together, John McClurg will explore what brought us to this pivotal point and what might yet stand as our best response to it.

John McClurg, SVP & CISO, BlackBerry

Fireside Chat – Lessons Learned: The Journey To Becoming A “Threat-Informed Defense” Organization

How do you operationalize the concept of “cyber excellence” in your organization and move your program from being reactive only to both proactive and preventative? Learn how to evolve your technology stack, team structure, and processes to better understand and share threat intelligence, then act on it. In this fireside chat with Marlys Rodgers, CISO of CSAA Insurance Group, you will learn how her team moved from a defensive to offensive and strategic cybersecurity program. She’ll share how leveraging platforms to automate security control validation, the MITRE ATT&CK framework, and a purple team organizational approach is enabling her team to better assess how mature their tools are, how they stack up against adversaries and discover potential gaps for exploitation. She’ll also discuss how to use data analysis to put a laser focus on specific actions for enhancements, and how insights are shared with the audit team.

Marlys Rodgers, CISO, Head of Technology Oversight, CSAA Insurance Group

Julie O’Brien, CMO, AttackIQ

Presentation & Open Discussion – “Give to Me”

Give me your huddled masses, yearning to breathe free… Welcome to the struggles of the small, medium, and midsize markets, especially given the last 12 months or so of upheaval, the ever-present risks of attacks from the digital realm, and not enough hands, bodies or resources to go around. That’s the current state, now let’s look at what we can, should, and need to do, as well as some thoughts, ideas and ways forward for everyone. This talk lays bare the challenges within the markets and, offers up some practical options for how to communicate, collaborate and effectively understand and manage risk within your organization. We’ll cover the human aspects, the digital and technical resources, as well as the controls necessary for your diverse environments. We’ll talk risk, what to do when it all goes wrong AND how to recover… all in 40 minutes. It’ll be a wild ride, and it’s going to be blunt

Chris Roberts, Chief Security Strategist, Cynet

Presentation & Open Discussion – Becoming a Cyber Resilient Enterprise

Cyber resilience is a shift to enable enterprise resilience and the ability for organizations to thrive despite adversities, crises, and business volatility. Being resilient equips organizations with the ability to “pivot” at scale during adverse cyber events and market conditions (including non-business events such as a global pandemic) and to adapt to customer changes, digital transformation, and hyper-scaled growth.

Rob Aragao, Chief Security Strategist, Micro Focus

Presentation & Open Discussion – Security First As Part Of A Financial Analysis Framework

It is difficult for IT to focus on driving  innovation when 70% of your budget and time is spent Keeping The Lights On. In this session, you’ll learn how you can transform your IT infrastructure with a cloud smart strategy – placing the right workloads on the right cloud whether on-premises private, public, or multi-cloud. We’ll also discuss how to use a financial analysis framework both to evaluate alternative solutions as well as how to build a compelling business case to achieve the funding to deploy the technologies that make sense.

Steve Kaplan, VP Customer Success Finance, Nutanix

Digital (IT) Governance Is Broken!

As cyber-attacks increase in complexity, frequency, and velocity, in our experience, many enterprise organizations are reliant on outdated IT governance. The organizational paradigm is limited by slow-moving bureaucracy and scarce resources. This situation is often the result of a limited understanding of the risks on the part of decision-makers, like board executives who rely on outdated corporate governance frameworks that were developed in response to accounting scandals – e.g., WorldCom, Enron, Tyco, etc. – not cyber risks.

Enterprise executives continue to propagate a compliance check-box mindset that values minimal security control investment to meet audit standards. The focus on audit/compliance misses the costs that may extend beyond regulatory penalties into financial losses that are not always small enough to recover from without significant repercussions.

In this session, we draw from consulting experience, candid conversations with security leaders, and empirical research to define the current issues plaguing enterprise cyber governance, while offering specific remedies for organizational leaders striving for an effective governance model that moves beyond audit compliance to iterative and measurable risk reduction.

Levi Gundert, SVP Global Intelligence & Customer Success, Recorded Future

Presentation & Open Discussion – How Moving to the Cloud has Changed Security Strategy Forever

Organizations have been moving to the cloud for several years now, but in the last year, our world has forced nearly everyone to leverage the scalability and speed of cloud platforms to support a remote workforce. With so many critical business functions running from these providers, it’s imperative to protect our data, systems and assets. But traditional strategies struggle to keep up with the scope and scale of the modern cloud environment, which is forcing a change in how we approach our security assessments and mitigation techniques. In this presentation, we’ll discuss the benefits and challenges presented to many organizations by the sudden move to cloud-based services and a newly remote workforce focused on business continuity, not security. We’ll also talk about some of the new ways we must evolve how we approach security and our internal programs to better align with the fast-paced and ever-changing nature of cloud services and assets and protect our organizations effectively, efficiently and at the speed required by today’s modern attack surface.

Nathan Wenzler, Technical Security Director, Tenable

Presentation & Open Discussion – Increased Efficiency & Effectiveness Across Your Security Organization with Virtual Mobility Service (VMS)

As a Virtual Mobility Service (VMS) provider, Hypori delivers an ultra-secure, centrally managed, reduced-cost BYOD solution that employees want to use. With Hypori Virtual Mobility, you maintain 100% separation of personal and enterprise data with zero device footprint. A mobilized workforce is our present and our future state of work. A virtual mobility solution like Hypori allows employees to use personal devices while maintaining privacy. Hypori provides the highest cybersecurity levels and addresses enterprise-wide technology needs. Come explore Hypori with us and understand how VMS can support your organization.

Philip Goodrich, Partnerships & Alliances, Hypori